Enable/Disable Hooks

You can enable or disable hooks that have been configured for any given extensibility point using the Dashboard or Management API.

Although you may create multiple hooks for any given extensibility point, each extensibility point may have only one enabled hook at a time. Any subsequent hooks you create for that extensibility point are automatically disabled, so you must explicitly enable them. The enabled hook will be executed for all applications and APIs.

When creating new hooks, Auth0 automatically enables the first Hook you create for an extensibility point. Any subsequent hooks you create for that extensibility point are automatically disabled, so you must explicitly enable them.

Use the Dashboard

  1. Go to Auth0 Dashboard > Auth Pipeline > Hooks and locate the extensibility point for which you want to enable or disable a Hook.

  2. Click on the dropdown box located immediately under the extensibility point's name and description.

    Auth0 Hook selection
  3. Select the Hook you want to enable, and confirm. If you want to disable all Hooks, select None.

A green dot will appear next to the name of any enabled Hooks.

Use the Management API

Make a PATCH call to the Update a Hook endpoint. Be sure to replace HOOK_ID and MGMT_API_ACCESS_TOKEN placeholder values with your Hook ID and Management API Access Token, respectively.

curl --request PATCH \
  --url 'https://YOUR_DOMAIN/api/v2/hooks/HOOK_ID' \
  --header 'authorization: Bearer MGMT_API_ACCESS_TOKEN' \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json' \
  --data '{ "enabled": "true" }'
var client = new RestClient("https://YOUR_DOMAIN/api/v2/hooks/HOOK_ID");
var request = new RestRequest(Method.PATCH);
request.AddHeader("content-type", "application/json");
request.AddHeader("authorization", "Bearer MGMT_API_ACCESS_TOKEN");
request.AddHeader("cache-control", "no-cache");
request.AddParameter("application/json", "{ \"enabled\": \"true\" }", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
package main

import (

func main() {

	url := "https://YOUR_DOMAIN/api/v2/hooks/HOOK_ID"

	payload := strings.NewReader("{ \"enabled\": \"true\" }")

	req, _ := http.NewRequest("PATCH", url, payload)

	req.Header.Add("content-type", "application/json")
	req.Header.Add("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
	req.Header.Add("cache-control", "no-cache")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)


HttpResponse<String> response = Unirest.patch("https://YOUR_DOMAIN/api/v2/hooks/HOOK_ID")
  .header("content-type", "application/json")
  .header("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
  .header("cache-control", "no-cache")
  .body("{ \"enabled\": \"true\" }")
var axios = require("axios").default;

var options = {
  method: 'PATCH',
  url: 'https://YOUR_DOMAIN/api/v2/hooks/HOOK_ID',
  headers: {
    'content-type': 'application/json',
    authorization: 'Bearer MGMT_API_ACCESS_TOKEN',
    'cache-control': 'no-cache'
  data: {enabled: 'true'}

axios.request(options).then(function (response) {
}).catch(function (error) {
#import <Foundation/Foundation.h>

NSDictionary *headers = @{ @"content-type": @"application/json",
                           @"authorization": @"Bearer MGMT_API_ACCESS_TOKEN",
                           @"cache-control": @"no-cache" };
NSDictionary *parameters = @{ @"enabled": @"true" };

NSData *postData = [NSJSONSerialization dataWithJSONObject:parameters options:0 error:nil];

NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"https://YOUR_DOMAIN/api/v2/hooks/HOOK_ID"]
[request setHTTPMethod:@"PATCH"];
[request setAllHTTPHeaderFields:headers];
[request setHTTPBody:postData];

NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request
                                            completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
                                                if (error) {
                                                    NSLog(@"%@", error);
                                                } else {
                                                    NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *) response;
                                                    NSLog(@"%@", httpResponse);
[dataTask resume];
$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://YOUR_DOMAIN/api/v2/hooks/HOOK_ID",
  CURLOPT_POSTFIELDS => "{ \"enabled\": \"true\" }",
    "authorization: Bearer MGMT_API_ACCESS_TOKEN",
    "cache-control: no-cache",
    "content-type: application/json"

$response = curl_exec($curl);
$err = curl_error($curl);


if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
import http.client

conn = http.client.HTTPSConnection("")

payload = "{ \"enabled\": \"true\" }"

headers = {
    'content-type': "application/json",
    'authorization': "Bearer MGMT_API_ACCESS_TOKEN",
    'cache-control': "no-cache"

conn.request("PATCH", "/YOUR_DOMAIN/api/v2/hooks/HOOK_ID", payload, headers)

res = conn.getresponse()
data = res.read()

require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://YOUR_DOMAIN/api/v2/hooks/HOOK_ID")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Patch.new(url)
request["content-type"] = 'application/json'
request["authorization"] = 'Bearer MGMT_API_ACCESS_TOKEN'
request["cache-control"] = 'no-cache'
request.body = "{ \"enabled\": \"true\" }"

response = http.request(request)
puts response.read_body
import Foundation

let headers = [
  "content-type": "application/json",
  "authorization": "Bearer MGMT_API_ACCESS_TOKEN",
  "cache-control": "no-cache"
let parameters = ["enabled": "true"] as [String : Any]

let postData = JSONSerialization.data(withJSONObject: parameters, options: [])

let request = NSMutableURLRequest(url: NSURL(string: "https://YOUR_DOMAIN/api/v2/hooks/HOOK_ID")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "PATCH"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
  } else {
    let httpResponse = response as? HTTPURLResponse


Value Description
HOOK_ID ID of the hook to be updated.
MGMT_API_ACCESS_TOKEN Access Token for the Management API with the scope create:hooks. To learn more, read Management API Access Tokens.

The enabled property represents whether the rule is enabled (true) or disabled (false).