npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@rawdash/connector-auth0

v0.27.0

Published

Rawdash connector for Auth0 — syncs users, login events, and daily active-user / signup metrics from the Auth0 Management API into the six-shape storage model

Downloads

712

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

eshahameshaham

Keywords

Readme

@rawdash/connector-auth0

npm version license

Sync users, login events, and daily login / signup metrics from an Auth0 tenant for identity, sign-up, and failed-login dashboards.

Install

npm install @rawdash/connector-auth0

Authentication

OAuth 2.0 client-credentials flow against a Machine-to-Machine application authorized for the Auth0 Management API.

  1. In the Auth0 Dashboard, open Applications -> Applications and create a new Machine to Machine Application.
  2. Authorize the M2M app for the Auth0 Management API (Applications -> APIs -> Auth0 Management API -> Machine to Machine Applications).
  3. Grant the M2M app the read:users, read:logs, and read:stats scopes (only the ones for the resources you intend to sync are required).
  4. Copy the Domain (e.g. "acme.us.auth0.com"), Client ID, and Client Secret from the M2M application Settings tab.
  5. Store the client secret as a rawdash secret and reference it from the connector config as clientSecret: secret("AUTH0_CLIENT_SECRET").

Configuration

| Field | Type | Required | Description | | ------------------- | ------ | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | domain | string | Yes | Auth0 tenant domain (e.g. "acme.us.auth0.com" or a custom domain ending in .auth0.com). Used as the API host and as the audience when minting M2M tokens. | | clientId | string | Yes | Client ID of the Auth0 Machine-to-Machine application authorized to call the Management API. | | clientSecret | secret | Yes | Client secret of the Auth0 Machine-to-Machine application. Stored as a secret. | | resources | array | No | Which Auth0 resources to sync. Omit to sync all of them. The M2M application only needs the Management API scopes for the resources listed here (read:users, read:logs, read:stats). | | statsLookbackDays | number | No | How many days of daily logins / signups stats to refresh on each sync. Defaults to 30; the Auth0 Daily Stats endpoint accepts an arbitrary from/to range. |

Resources

  • auth0_user (entity) - Auth0 users keyed by user_id, with email, primary identity provider, last login, login count, and blocked flag.
    • Endpoint: GET /api/v2/users
    • Uses offset pagination (page / per_page) and is capped at the first 1000 users per sync. Incremental syncs filter on updated_at via the q parameter.
    • email: Primary email address.
    • identityProvider: Provider of the primary identity (e.g. auth0, google-oauth2, samlp).
    • lastLogin: Most recent login timestamp (Unix ms).
    • loginsCount: Total successful logins (counter maintained by Auth0).
    • blocked: Whether the user has been administratively blocked.
    • createdAt: When the user record was created (Unix ms).
  • auth0_login_event (event) - Login / authentication events from the Auth0 Logs endpoint. One event per log row of type s (success), f (failure), seacft (token exchange success), or fp (failed change password).
    • Endpoint: GET /api/v2/logs
    • Uses checkpoint pagination (from = last seen log_id, take = page size) and reads every page until the endpoint returns no more rows, so a sync is not capped at 1000 events. Incremental syncs resume from the last ingested log_id; the type filter (and any since bound) is applied client-side because the checkpoint method ignores q / sort / page.
    • logId: Auth0 log row id.
    • type: Auth0 log type (s, f, seacft, fp).
    • userId: Auth0 user_id the event belongs to (may be null).
    • ip: Source IP of the login attempt.
    • connection: Connection name used for the login.
    • strategy: Identity provider strategy (e.g. auth0, google-oauth2, samlp).
  • auth0_daily_active_users (metric) - Daily login and signup counts from the Auth0 Daily Stats endpoint, one sample per day for the configured lookback window. This is a logins/signups activity proxy, not a count of distinct active users.
    • Endpoint: GET /api/v2/stats/daily
    • Unit: count
    • Granularity: 1d
    • Dimensions: kind

Example

import {
  defineConfig,
  defineDashboard,
  defineMetric,
  secret,
} from '@rawdash/core';

const auth0 = {
  name: 'auth0',
  connectorId: 'auth0',
  config: {
    domain: 'acme.us.auth0.com',
    clientId: 'AbCdEf...',
    clientSecret: secret('AUTH0_CLIENT_SECRET'),
  },
};

export default defineConfig({
  connectors: [auth0],
  dashboards: {
    identity: defineDashboard({
      widgets: {
        active_users: {
          kind: 'stat',
          title: 'Auth0 users',
          metric: defineMetric({
            connector: auth0,
            shape: 'entity',
            entityType: 'auth0_user',
            fn: 'count',
            filter: [{ field: 'blocked', op: 'eq', value: false }],
          }),
        },
        failed_logins: {
          kind: 'stat',
          title: 'Failed logins',
          metric: defineMetric({
            connector: auth0,
            shape: 'event',
            name: 'auth0_login_event',
            fn: 'count',
            filter: [{ field: 'type', op: 'eq', value: 'f' }],
          }),
        },
      },
    }),
  },
});

Rate limits

Auth0 publishes X-RateLimit-Limit / X-RateLimit-Remaining / X-RateLimit-Reset response headers on Management API calls; the shared HTTP client backs off on 429 with the standard rate-limit policy.

Limitations

  • User enumeration uses offset pagination (page/per_page) and is capped at the first 1000 users per sync; tenants with more than 1000 users updated since the last run should increase sync frequency so each window stays under the cap.
  • Action / hook / branding configuration objects are out of scope.
  • Only Auth0 tenants on the *.auth0.com hostname suffix are supported; custom-domain tenants must still expose a *.auth0.com hostname for the Management API.

Links

License

Apache-2.0