Auth0 valid blocked users - Serverless deployment

Auth0 valid blocked users is an integration and automation to cover a limitation to identify auth0 valid users after a brute force attack. It is deployed using serverless framework in AWS. It uses different AWS services as: Event Brigde, Lambda, Secrets Manager, CloudWatch, etc, you can check AWS Architecture diagram.

Limitation

Auth0 brute force protection generates a log after an email is blocked, the limitation is that it doesn't verify if the email blocked is a valid auth0 user in the tenant. So if you need analyze the valid users after a brute force attack you need to do manual tasks or create a script.

Example

Step1.- Brute force attack

Step2.- Auth0 log

Step3.- No user found

Flowchart

AWS Architecture Diagram

How to deploy the automation

Requirements

AWS account
Auth0 tenant

Steps

☕ Donations

Thanks for your donations, are always appreciated.

While I drink the coffee I think new ideas to develop.

Contributors

Thank you to all our contributors!

Contributing

Contributing Guide

📈 Stargazers over time

License

MIT

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
functions/logs		functions/logs
img		img
resources		resources
src		src
.gitignore		.gitignore
.npmignore		.npmignore
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
README.md		README.md
env.yml		env.yml
package-lock.json		package-lock.json
package.json		package.json
serverless.yml		serverless.yml

License

aaaguirrep/auth0-valid-blocked-users

Folders and files

Latest commit

History

Repository files navigation

Auth0 valid blocked users - Serverless deployment

Table of contents

Limitation

Flowchart

AWS Architecture Diagram

How to deploy the automation

Requirements

Steps

☕ Donations

Contributors

Contributing

📈 Stargazers over time

License

About

Resources

License

Code of conduct

Stars

Watchers

Forks

Languages