- Connecting Services
- Service Mesh
- Best Practices
- IDP Support
- Custom Resource Definitions
- Upgrading Ambassador
- Statistics and Monitoring
- Need Help?
This feature is supported in Ambassador Pro. Ambassador Pro helps developers and operators accelerate their adoption of Kubernetes.
Register here to get started with a free trial of Ambassador Pro.
With Auth0 as your IDP, you will need to create an
Application to handle authentication requests from Ambassador Pro.
- Navigate to Applications and Select "CREATE APPLICATION"
- In the pop-up window, give the application a name and create a "Machine to Machine App"
- Select the Auth0 Management API. Grant any scopes you may require. (You may grant none.)
- In your newly created application, click on the Settings tab, add the Domain and Callback URLs for your service and ensure the "Token Endpoint Authentication Method" is set to
Post. The default YAML installation of Ambassador Pro uses
/callbackfor the URL, so the values should be the domain name that points to Ambassador, e.g.,
Update the Auth0
FilterPolicy. You can get the
secretfrom your application settings:
audienceis the API Audience of your Auth0 Management API:
authorizationURLis your Auth0 tenant URL.
--- apiVersion: getambassador.io/v1beta2 kind: Filter metadata: name: auth0_filter namespace: default spec: OAuth2: authorizationURL: https://datawire-ambassador.auth0.com clientURL: https://datawire-ambassador.com audience: https://datawire-ambassador.auth0.com/api/v2/ clientID: fCRAI7svzesD6p8Pv22wezyYXNg80Ho8 secret: CLIENT_SECRET
--- apiVersion: getambassador.io/v1beta2 kind: FilterPolicy metadata: name: httpbin-policy namespace: default spec: rules: - host: "*" path: /httpbin/ip filters: - name: auth0_filter ## Enter the Filter name from above arguments: scopes: - "openid"
Note: By default, Auth0 requires the