General Usage and Operations Best Practices

General Usage and Operations Best Practices

Here are some recommended best practices for general Auth0 usage and operation.

Capture log files

Auth0 keeps tenant logs for a limited amount of time. To get log data and store it elsewhere, you can use the Management API or one of the available extensions for services such as Loggly or Splunk.

Set up your own email provider and customize email templates

Auth0 provides a test email provider so you can test default welcome and email verification messages during tenant setup. The test provider can only send a limited amount of emails, so you should configure your own mail server. Additionally, we recommend a unique email provider account per tenant. Sharing an email account between tenants can be a potential source of problems or outages for one tenant when making changes to the service intended for another.

Also, make sure to configure and customize the templates for emails sent from Auth0. These include email verification messages, welcome messages, password reset messages, et cetera. For custom templates provide a "from” address, a clear subject, your custom content, and a link timeout for emails with a link (such as a password reset link).

Subscribe to updates on the Auth0 status page

Head over to the Auth0 status page and sign up for notifications. If there are any Auth0 outages, you or your support staff will be notified.

Store custom code in a source code repository

If you have custom code for rules, hooks, custom database scripts, or webtasks, store it in a source code repository such as Github for version and audit control. Auth0 has extensions to help deploy code stored on external repositories.

If you have a full continuous integration/continuous deployment pipeline, use the Auth0 Deploy CLI tool for greater flexibility.

Store configuration values in dashboard

If your rules, hooks, custom database scripts, or webtasks require configuration values (such as credentials or API keys), you should store them in the Auth0 dashboard. Storing configuration values in the dashboard makes migrating configuration between tenants easier.

Whitelist Auth0 public IP addresses

If your rules, hooks, custom database scripts, or webtasks call a service in your intranet or behind another firewall, be sure to whitelist the Auth0 public IP addresses. This lets requests from those IP addresses through. You can find the IP addresses for each region in your Auth0 dashboard, where you edit rules, hooks, or custom DB scripts.

Run tenant configuration checks

The Auth0 Support Center provides a configuration checker tool. Run the configuration checker periodically during development and again before you launch.

To run the configuration check, go to Auth0 Support Center -> Tenants and select the gear icon and choose Run Production Check.