Setup Integration from Auth0(Incomplete)
Auth0 Integration Guide
Integrate Auth0 to ingest identity-related logs such as login attempts, user authentications, MFA usage, and blocked requests to support identity threat detection and correlation.
Credentials & API Access Setup (Auth0)
Before setting up the integration, create a Machine-to-Machine application in Auth0 to collect logs via API.
Steps:
-
Log in to the Auth0 Dashboard.
-
Go to Applications → APIs.
-
Create or select your Management API (typically named
Auth0 Management API). -
Under Machine-to-Machine Applications, authorize your log collector app.
-
Take note of the following credentials:
-
Auth0 Domain (e.g.,
your-tenant.us.auth0.com) -
Client ID
-
Client Secret
-
Audience: usually
https://your-tenant.us.auth0.com/api/v2/
-
| Required Detail | Value |
|---|---|
| Auth0 Domain | your-tenant.auth0.com |
| Client ID | From your M2M Application |
| Client Secret | From your M2M Application |
| Audience | https://your-tenant.auth0.com/api/v2/ |
| Token URL | https://your-tenant.auth0.com/oauth/token |
Permissions Reference (Auth0 M2M App)
Ensure the app is granted the following scopes from the Auth0 Management API:
| Data Stream | Scope Required |
|---|---|
| Login Activity | read:logs, read:users |
| MFA Logs | read:logs |
| Failed Logins | read:logs |
| User Access Logs | read:users, |
🔐 You can test token access using Postman or curl before ingesting.
Aquila Integration Configuration (Mimecast)
(incomplete)