Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Retrieve Multiple Clients that Match Criteria as a Data Source #784

Closed
1 task done
brianhyder opened this issue Aug 21, 2023 · 3 comments
Closed
1 task done

Retrieve Multiple Clients that Match Criteria as a Data Source #784

brianhyder opened this issue Aug 21, 2023 · 3 comments
Assignees
@duedares-rvj
Labels
🌱 feature New feature or request

Comments

@brianhyder
Copy link

Checklist

Describe the problem you'd like to have solved

We need to be able to pull a list of Auth0 clients to register their client IDs with our API Gateway for use in token validation as well as rate limiting policies.

The clients are created in repository A and the gateway configuration resides in repository B. The deployment of repository B depends on the deployment of repository A. Therefore, we cannot register the Auth0 client with the API Gateway in the same repository where the Auth0 client is created.

Describe the ideal solution

The solution would be a auth0_clients that returns a list of clients that match the provided criteria. The first iteration could just be returning a list of all clients and any filtering applied in a TF local variable.

Additional filtering nice to haves:

  • client name: prefix or exact match
  • metadata: single property match

Alternatives and current workarounds

The workaround is to use the http data source to retrieve an access token from the Auth0 management API. Once retrieved, that token is then used to call the get clients endpoint to retrieve the list. That list is then filtered down to those that match the desired criteria.

The drawback to the above approach is that if you are using the Auth0 TF module alongside that approach, it is possible to have intermittent failures (HTTP Status 429) due to rate limiting. The Auth0 SDK used by the TF module handle those for you. However, the additional calls to the management API for clients are not throttled.

Additional context

The GET /clients endpoint is very limiting in its filtering capabilities. Ideally, the filtering would be done at the API side to avoid retrieving a full list of API clients, some of which won't be needed.
@brianhyder brianhyder added the 🌱 feature New feature or request label Aug 21, 2023
@sergiught
Copy link
Contributor

Hey @brianhyder 👋🏻

Thanks for raising this with us. This is definitely an interesting use case that we'll look to eventually add within our provider, however at the moment we're focusing all our efforts in releasing v1 GA, so it's unlikely this will make it within the first iteration, however we'll consider following up and add it at a later point in time. Unfortunately no ETA yet, but I'll circle back here on this issue once I have an update. Appreciate your patience!

@brianhyder
Copy link
Author

It has been a while but I wanted to circle back to this. It is still a need for us and we're still getting those intermittent 429's with the workaround. Is this something that is on the roadmap yet? If not, would you all be opposed to a pull request to add it?

@brianhyder brianhyder mentioned this issue Nov 19, 2024
Merged
6 tasks
@duedares-rvj duedares-rvj self-assigned this Jan 30, 2025
@duedares-rvj
Copy link
Member

Resolved as part of #1080.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@duedares-rvj duedares-rvj

Labels
🌱 feature New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@brianhyder @duedares-rvj @sergiught