Auth0 tenant invitation sent to user
Set up the auth0 integration.
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Goal
Detect when a Auth0 tenant invitation has been sent to a user.
Strategy
This rule allows you to monitor Auth0 logs and detect when a Auth0 tenant invitation has been sent to a user. This invitation gives the user access to Auth0’s primary administrator interface in which you can register applications or APIs, connect to a user store or another identity provider, and configure Auth0 services. When new tenant members are added they can be assigned roles to moderate levels of access.
Triage and response
- Determine if user
{{@usr.email}}
should have invited {{@data.details.response.body.email}}
to the Auth0 tenant. - If the invitation was not created by the user:
- Rotate user credentials.
- Determine what other actions were carried out by user
{{@usr.email}}
. - Remove the invited member
{{@data.details.response.body.email}}
from the tenant and investigate any actions taken by this user.
- If the invitation was created by the user and the assigned role includes write access:
- Confirm with user
{{@usr.email}}
that this level of access is required for the invited user.