Setup Auth0 CLI Action

A GitHub Action that installs and authorizes the Auth0 CLI in your workflow, enabling you to manage your Auth0 tenant configuration as part of your CI/CD pipeline.

Features

• 🚀 Installs the latest version of Auth0 CLI automatically
• 🔐 Authorizes using Machine-to-Machine (M2M) client credentials
• 🎯 Simple setup with just three required inputs
• ✅ Works on Linux and macOS runners
• 🔄 Compatible with all Auth0 CLI commands after setup

Prerequisites

Before using this action, you need to create a Machine-to-Machine application in your Auth0 tenant:

1. Go to your Auth0 Dashboard
2. Navigate to Applications → Applications
3. Click Create Application
4. Choose Machine to Machine Applications
5. Select the Auth0 Management API
6. Grant the necessary permissions (scopes) for your use case
7. Copy the Domain, Client ID, and Client Secret

Store credentials securely

Add your Auth0 credentials as GitHub Secrets:

• AUTH0_DOMAIN: Your Auth0 tenant domain
• AUTH0_CLIENT_ID: Your M2M application client ID
• AUTH0_CLIENT_SECRET: Your M2M application client secret

Usage

Basic Example

name: Deploy Auth0 Configuration
on: [push]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Setup Auth0 CLI
        uses: waizardai/setup-auth0-cli@v1.0.0
        with:
          auth0-domain: ${{ secrets.AUTH0_DOMAIN }}
          auth0-client-id: ${{ secrets.AUTH0_CLIENT_ID }}
          auth0-client-secret: ${{ secrets.AUTH0_CLIENT_SECRET }}

      - name: List Auth0 Applications
        run: auth0 apps list

Advanced Example - Deploy Universal Login Customization

name: Deploy Universal Login
on:
  push:
    branches: [main]
    paths:
      - "auth0-config/**"

jobs:
  deploy-auth0:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Setup Auth0 CLI
        uses: waizardai/setup-auth0-cli@v1.0.0
        with:
          auth0-domain: ${{ secrets.AUTH0_DOMAIN }}
          auth0-client-id: ${{ secrets.AUTH0_CLIENT_ID }}
          auth0-client-secret: ${{ secrets.AUTH0_CLIENT_SECRET }}

      - name: Deploy Universal Login Template
        run: |
          auth0 ul update \
            --template ./auth0-config/login-template.html

      - name: Update Branding
        run: |
          auth0 branding update \
            --colors '{"primary": "#007bff"}' \
            --logo-url "https://example.com/logo.png"

Complete CI/CD Example

name: Auth0 Configuration Management
on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  validate:
    runs-on: ubuntu-latest
    if: github.event_name == 'pull_request'
    steps:
      - uses: actions/checkout@v4

      - name: Setup Auth0 CLI
        uses: waizardai/setup-auth0-cli@v1.0.0
        with:
          auth0-domain: ${{ secrets.AUTH0_DOMAIN }}
          auth0-client-id: ${{ secrets.AUTH0_CLIENT_ID }}
          auth0-client-secret: ${{ secrets.AUTH0_CLIENT_SECRET }}

      - name: Validate Configuration
        run: |
          echo "Validating Auth0 configuration..."
          auth0 tenants list
          auth0 apps list

  deploy:
    runs-on: ubuntu-latest
    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
    steps:
      - uses: actions/checkout@v4

      - name: Setup Auth0 CLI
        uses: waizardai/setup-auth0-cli@v1.0.0
        with:
          auth0-domain: ${{ secrets.AUTH0_DOMAIN }}
          auth0-client-id: ${{ secrets.AUTH0_CLIENT_ID }}
          auth0-client-secret: ${{ secrets.AUTH0_CLIENT_SECRET }}

      - name: Deploy Changes
        run: |
          echo "Deploying Auth0 configuration..."
          # Add your deployment commands here
          auth0 apis list
          auth0 rules list

Inputs

Input	Description	Required	Default
auth0-domain	Your Auth0 tenant domain (e.g., your-tenant.auth0.com)	Yes	-
auth0-client-id	Client ID of your M2M application	Yes	-
auth0-client-secret	Client secret of your M2M application	Yes	-
version	Version of Auth0 CLI to install	No	latest

Supported Runners

This action supports the following GitHub-hosted runners:

• ✅ ubuntu-latest (Linux)
• ✅ ubuntu-22.04 (Linux)
• ✅ ubuntu-20.04 (Linux)
• ✅ macos-latest (macOS)
• ✅ macos-13 (macOS)
• ✅ macos-12 (macOS)
• ❌ windows-latest (Not supported by Auth0 CLI installer script)

Security Best Practices

1. Never commit credentials: Always use GitHub Secrets for sensitive data
2. Principle of least privilege: Grant only the necessary API scopes to your M2M application
3. Rotate secrets regularly: Update your client credentials periodically
4. Use environment-specific credentials: Use different M2M apps for staging/production
5. Review audit logs: Monitor Auth0 audit logs for API activity

Common Auth0 CLI Commands

After setup, you can use any Auth0 CLI command in subsequent steps:

# Applications
auth0 apps list
auth0 apps create --name "My App"

# APIs
auth0 apis list
auth0 apis create --name "My API"

# Users
auth0 users list
auth0 users create --email user@example.com

# Rules
auth0 rules list
auth0 rules enable <rule-id>

# Universal Login
auth0 ul update --template ./template.html

# Branding
auth0 branding update --colors '{"primary": "#007bff"}'

# Logs
auth0 logs list

For a complete list of commands, see the Auth0 CLI documentation.

Troubleshooting

Authentication Failed

If you see authentication errors:

• Verify your Auth0 domain is correct (include regional domain if applicable)
• Check that your client ID and secret are correct
• Ensure your M2M application has the necessary API scopes
• Verify the M2M application is enabled

Permission Denied

If you see "permission denied" errors:

• Check the scopes granted to your M2M application in the Auth0 Dashboard
• Some operations require specific Management API permissions

Command Not Found

If auth0 command is not found in subsequent steps:

• Ensure you're running on a supported runner (Linux or macOS)
• The Auth0 CLI is installed to /usr/local/bin which should be in PATH

Contributing

Contributions are welcome! Please feel free to submit a Pull Request. See CONTRIBUTING.md for guidelines.

Publishing to GitHub Marketplace

To publish this action:

1. Push to GitHub

   git remote add origin https://github.com/YOUR-USERNAME/setup-auth0-cli.git
   git push -u origin main

2. Add test secrets in repository Settings → Secrets:

   • AUTH0_DOMAIN
   • AUTH0_CLIENT_ID
   • AUTH0_CLIENT_SECRET

3. Create a release:

   • Go to Releases → Draft a new release
   • Tag: v1.0.0
   • Check ✅ "Publish this Action to the GitHub Marketplace"
   • Category: Continuous integration
   • Publish!

4. Create major version tag (allows users to use @v1):

   git tag -fa v1 -m "Point to v1.0.0"
   git push origin v1 --force

5. For future releases:

   • Update CHANGELOG.md manually
   • Create new version tag: git tag -a v1.0.1 -m "Release v1.0.1"
   • Push tag: git push origin v1.0.1
   • Update major version: git tag -fa v1 -m "Point to v1.0.1" && git push origin v1 --force
   • Create GitHub release from the tag in the UI

Users can then use:

• uses: waizardai/setup-auth0-cli@v1 (recommended - gets updates)
• uses: waizardai/setup-auth0-cli@v1.0.0 (locked version)

License

This project is licensed under the MIT License - see the LICENSE file for details.

Related Resources

• Auth0 CLI GitHub Repository
• Auth0 CLI Documentation
• Auth0 Management API
• GitHub Actions Documentation

Support

For issues related to:

• This GitHub Action: Open an issue in this repository
• Auth0 CLI: Visit the Auth0 CLI repository
• Auth0 Platform: Contact Auth0 Support

---

Made with ❤️ for the Auth0 community