Docs

Import/Export Tenant Configuration to Directory Structure

The auth0-deploy-cli tool includes a directory option that allows you to export and import an existing Auth0 tenant configuration into a predefined directory structure.

For information on how the files are expected to be laid out to work with the source control configuration utilities, see GitHub Deployments.

Import tenant configuration

  1. Copy config.json.example, making sure to replace the placeholder values with the values specific to your configuration.

    {
      "AUTH0_DOMAIN": "<YOUR_TENANT>.auth0.com",
      "AUTH0_CLIENT_ID": "<client_id>",
      "AUTH0_CLIENT_SECRET": "<client_secret>",
      "AUTH0_KEYWORD_REPLACE_MAPPINGS": {
        "AUTH0_TENANT_NAME": "<NAME>",
        "ENV": "DEV"
      },
      "AUTH0_ALLOW_DELETE": false,
      "AUTH0_EXCLUDED_RULES": [
        "rule-1-name",
        "rule-2-name"
      ]
    }
    

Use the client ID and secret from your newly-created client (the client is named auth0-deploy-cli-extension if you used the extension).

By default, the tool merges with your current environment variables and overrides the config.json file (which has the same top key). You can use the --no-env option to disable the override via the command line.

You can either set the environment variables, or you can place the values in a configuration file anywhere on the file system that is accessible by the CLI tool.

  1. Deploy using the following command:
a0deploy import -c config.json -i .

Example: configuration file

Here is an example of a config.json file:

{
  "AUTH0_DOMAIN": "<your auth0 domain (e.g. fabrikam-dev.auth0.com) >",
  "AUTH0_CLIENT_SECRET": "<your deploy client secret>",
  "AUTH0_CLIENT_ID": "<your deploy client ID>",
  "AUTH0_KEYWORD_REPLACE_MAPPINGS": {
    "YOUR_ARRAY_KEY": [
      "http://localhost:8080",
      "https://somedomain.com"
    ],
    "YOUR_STRING_KEY": "some environment specific string"
  },
  "AUTH0_ALLOW_DELETE": false,
  "AUTH0_EXCLUDED_RULES": [
    "rule-1-name",
    "rule-2-name"
  ]
}

Export tenant configuration

To export your current tenant configuration, run a command that's similar to:

a0deploy export -c config.json --strip -f directory -o path/to/export

The --strip option removes the identifier fields from the Auth0 objects. This is important because Auth0 generates new IDs when importing objects into Auth0 tenants. If you do not strip identifier fields from the objects you want to import, the import will fail due to the tool not being able to find existing objects using their original IDs.

Limitations

Some of the settings cannot be exported, such as emailProvider credentials and rulesConfigs values. After exporting, you may need to update the values in tenant.yaml if you see schema-related errors during the import process.

For more information, see Environment Variables and Keyword Mappings.

Directory structure example

Here is an example of what the export directory structure looks like:

repository =>
  clients
    client1.json
    client2.json
  connections
    connection1.json
  database-connections
    connection1
      database.json
      create.js
      delete.js
      get_user.js
      login.js
      verify.js
  emails
    provider.json
    verify_email.json
    verify_email.html
    welcome_email.json
    welcome_email.html
  grants
    grant1.json
  pages
    login.html
    login.json
    password_reset.html
    password_reset.json
  resource-servers
    resource_server1.json
    resource_server2.json
  rules
    rule1.js
    rule1.json
    rule2.js
  rules-configs
    env_param1.json
    some_secret1.json
  guardian
    factors
      sms.json
      email.json
      otp.json
      push-notification.json
    provider
      sms-twilio.json
    templates
      sms.json

Keep reading