If you use Akamai Bot Manager and/or Akamai Account Protector, you can configure your reverse proxy in Akamai to send the results to Auth0 and use the results in Actions .
Supported login flows Auth0 currently supports the following login flows for Akamai supplemental signals:
Step 1: Register an API in Akamai For Akamai to know when login attempts succeed or fail, you’ll need to register an API in Akamai, and then define an endpoint for each Auth0 login flow you’d like to support.
To learn more, read Register an API on Akamai TechDocs and Add API resources on Akamai TechDocs .
New Universal Login Identifier + Password
Use the following values to register your API in Akamai: Property Value API base path /uAPI key location Header
After you’ve created your API, you’ll need to add an API resource for each of the following Auth0 endpoints:
/u/login/password/u/signup/u/signup/password The process is the same for all endpoints, but the configuration values differ slightly. Add API resource Use the following values to configure a resource on your Akamai API: /u/login/password
/u/signup
/u/signup/password
Property Value API undefined parameters Specific (Request body)Path /login/passwordMethods POST
Add parameters to methods After you’ve created your API resource, you’ll need to define the Request body parameter so Akamai can parse login requests properly. Use the following values to define the Request body parameter: /u/login/password
/u/signup
/u/signup/password
Property Value Format JSONRequired YesDefine body format YesSchema details See below.
{ "requestBody" : { "content" : { "application/x-www-form-urlencoded" : { "schema" : { "type" : "object" , "required" : [ "state" ], "properties" : { "state" : { "type" : "array" , "items" : { "type" : "string" }, "maxItems" : 256 }, "username" : { "type" : "array" , "items" : { "type" : "string" }, "maxItems" : 256 }, "password" : { "type" : "array" , "items" : { "type" : "string" }, "maxItems" : 256 }, "action" : { "type" : "array" , "items" : { "type" : "string" }, "maxItems" : 256 } } } } }, "required" : true } }
New Universal Login Identifier First
Use the following values to register your API in Akamai: Property Value API base path /uAPI key location Header
After you’ve created your API, you’ll need to add an API resource for each of the following Auth0 endpoints:
/u/login/u/signup/u/signup/password The process is the same for all endpoints, but the configuration values differ slightly. Add API resource Use the following values to configure a resource on your Akamai API: /u/login
/u/signup
/u/signup/password
Property Value API undefined parameters Specific (Request body)Path /loginMethods POST
Add parameters to methods After you’ve created your API resource, you’ll need to define the Request body parameter so Akamai can parse login requests properly. Use the following values to define the Request body parameter: /u/login
/u/signup
/u/signup/password
Property Value Format JSONRequired YesDefine body format YesSchema details See below.
{ "requestBody" : { "content" : { "application/x-www-form-urlencoded" : { "schema" : { "type" : "object" , "required" : [ "state" ], "properties" : { "state" : { "type" : "array" , "items" : { "type" : "string" }, "maxItems" : 256 }, "username" : { "type" : "array" , "items" : { "type" : "string" }, "maxItems" : 256 }, "password" : { "type" : "array" , "items" : { "type" : "string" }, "maxItems" : 256 }, "action" : { "type" : "array" , "items" : { "type" : "string" }, "maxItems" : 256 } } } } }, "required" : true } }
Use the following values to register your API in Akamai: Property Value API base path None. API key location Header
After you’ve created your API, you’ll need to add an API resource for each of the following Auth0 endpoints: The process is the same for all endpoints, but the configuration values differ slightly. Add API resource Use the following values to configure a resource on your Akamai API: Property Value API undefined parameters Specific (Request body)Path /oauth/tokenMethods POST
Add parameters to methods After you’ve created your API resource, you’ll need to define the Request body parameter so Akamai can parse login requests properly. Use the following values to define the Request body parameter: Property Value Format JSONRequired YesDefine body format YesSchema details See below.
{ "requestBody" : { "content" : { "application/x-www-form-urlencoded" : { "schema" : { "type" : "object" , "properties" : { "username" : { "type" : "array" , "items" : { "type" : "string" }, "maxItems" : 256 }, "password" : { "type" : "array" , "items" : { "type" : "string" }, "maxItems" : 256 } } } } }, "required" : true } } Step 2: Forward bot results from Akamai to Auth0 To configure Akamai to forward bot results to Auth0, read Forward Bot Results to Origin on Akamai TechDocs .
The akamai-user-risk header may not be present on every login request, as Akamai only sends the header when it creates a user risk score.
You can configure Auth0 to accept supplemental signals sent from Akamai in the Auth0 Dashboard or with the Auth0 Management API.
Step 4: Test and verify configuration Test your configuration by calling each endpoint for the login flow(s) you have configured.
If you’ve configured everything properly:
The akamai-user-risk and akamai-bot headers will be present in your tenant logs for related events.
You can use the following properties in the post-login Action event object:
authentication.riskAssessment.supplemental.akamai.akamaiBotauthentication.riskAssessment.supplemental.akamai.akamaiUserRisk
