Back to Details

auth0-cli

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Auth0 CLI — Command Reference

Auth0 CLI — 命令参考

The Auth0 CLI (
auth0
) lets you manage your tenant from the terminal. Install with 
brew install auth0/auth0-cli/auth0
. For complete flag definitions and examples, see the Full CLI Reference.
Auth0 CLI(
auth0
)允许你从终端管理你的租户。使用
brew install auth0/auth0-cli/auth0
进行安装。有关完整的参数定义和示例,请查看完整CLI参考文档

Before You Start: Authenticate

开始之前:身份验证

bash
auth0 login                          # interactive device-code login
auth0 login --scopes "read:client_grants"  # request extra scopes if 403
auth0 login --domain <tenant>.auth0.com --client-id <id> --client-secret <secret>  # CI/CD
See Authentication Details for machine login with JWT, tenant management, and logout.
bash
auth0 login                          # 交互式设备码登录
auth0 login --scopes "read:client_grants"  # 若出现403错误,请求额外权限范围
auth0 login --domain <tenant>.auth0.com --client-id <id> --client-secret <secret>  # CI/CD场景使用
有关使用JWT进行机器登录、租户管理和登出的详细信息,请查看身份验证详情

Quick Decision Guide

快速决策指南

What you're doingCommand to use
Setting up a new project
auth0 apps create --type spa|regular|m2m|native --json
Need a client ID or secret
auth0 apps show <id> -r --json
Registering a backend API
auth0 apis create --identifier "https://..." --json
Finding a user's ID
auth0 users search --query "email:..." --json
Creating/managing roles (RBAC)
auth0 roles create
/ 
auth0 users roles assign
B2B multi-tenancy
auth0 orgs create
Custom login logic
auth0 actions create --trigger post-login --json
Branding the login page
auth0 ul update --logo ... --accent ...
Custom domain for login
auth0 domains create --domain "auth.myapp.com" --json
Debugging a failed login
auth0 logs tail --filter "type:f" --json-compact
Testing a login flow
auth0 test login <client-id>
Exporting config as Terraform
auth0 terraform generate --output-dir ./terraform
Managing connections, grants, hooks
auth0 api get <path>
Scripting / parsing outputAdd 
--json
or 
--json-compact
to any command
Security hardening
auth0 protection brute-force-protection update --enabled true
Routing logs externally
auth0 logs streams create datadog|http|splunk
Bulk importing users
auth0 users import --connection-name ... --users '...' --json
你要执行的操作使用的命令
设置新项目
auth0 apps create --type spa|regular|m2m|native --json
获取客户端ID或密钥
auth0 apps show <id> -r --json
注册后端API
auth0 apis create --identifier "https://..." --json
查找用户ID
auth0 users search --query "email:..." --json
创建/管理角色(RBAC)
auth0 roles create
/ 
auth0 users roles assign
B2B多租户管理
auth0 orgs create
自定义登录逻辑
auth0 actions create --trigger post-login --json
登录页面品牌定制
auth0 ul update --logo ... --accent ...
登录自定义域名
auth0 domains create --domain "auth.myapp.com" --json
调试登录失败问题
auth0 logs tail --filter "type:f" --json-compact
测试登录流程
auth0 test login <client-id>
将配置导出为Terraform代码
auth0 terraform generate --output-dir ./terraform
管理连接、授权、钩子
auth0 api get <path>
脚本编写/输出解析为任意命令添加
--json
--json-compact
参数
安全加固
auth0 protection brute-force-protection update --enabled true
日志外部路由
auth0 logs streams create datadog|http|splunk
批量导入用户
auth0 users import --connection-name ... --users '...' --json

Command Overview

命令概述

Apps — Manage Applications

应用 — 管理应用程序

Create or inspect Auth0 applications (client ID, secret, callback URLs, app type). Alias: 
auth0 clients
.
bash
auth0 apps create --name "My SPA" --type spa \
  --callbacks "http://localhost:3000" \
  --logout-urls "http://localhost:3000" \
  --origins "http://localhost:3000" --json

auth0 apps list --json-compact
auth0 apps show <client-id> --reveal-secrets --json
auth0 apps update <client-id> --callbacks "http://localhost:3000,https://myapp.com" --json
auth0 apps delete <client-id> --force
App types: 
spa
, 
regular
, 
m2m
, 
native
, 
resource_server
Full details: Apps Reference
创建或查看Auth0应用(客户端ID、密钥、回调URL、应用类型)。别名:
auth0 clients
bash
auth0 apps create --name "My SPA" --type spa \
  --callbacks "http://localhost:3000" \
  --logout-urls "http://localhost:3000" \
  --origins "http://localhost:3000" --json

auth0 apps list --json-compact
auth0 apps show <client-id> --reveal-secrets --json
auth0 apps update <client-id> --callbacks "http://localhost:3000,https://myapp.com" --json
auth0 apps delete <client-id> --force
应用类型:
spa
regular
m2m
native
resource_server
详细信息:应用参考文档

APIs — Manage API Resources

API — 管理API资源

Register backend APIs (Resource Servers) to protect with Auth0 tokens. Alias: 
auth0 resource-servers
.
bash
auth0 apis create --name "My API" --identifier "https://api.myapp.com" \
  --scopes "read:data,write:data" --token-lifetime 3600 --json

auth0 apis list --json-compact
auth0 apis scopes list <api-id> --json
Key distinction: 
apps
= the client requesting tokens. 
apis
= the resource accepting tokens.
Full details: APIs Reference
注册后端API(资源服务器)以通过Auth0令牌进行保护。别名:
auth0 resource-servers
bash
auth0 apis create --name "My API" --identifier "https://api.myapp.com" \
  --scopes "read:data,write:data" --token-lifetime 3600 --json

auth0 apis list --json-compact
auth0 apis scopes list <api-id> --json
关键区别: 
apps
= 请求令牌的客户端。
apis
= 接受令牌的资源。
详细信息:API参考文档

Users — Manage Users

用户 — 管理用户

Create, search, inspect, import, and manage users in your tenant.
bash
auth0 users search --query "email:user@example.com" --json
auth0 users search-by-email user@example.com --json-compact
auth0 users create --connection-name "Username-Password-Authentication" \
  --email "test@example.com" --password "SecureP@ss!" --json
auth0 users show <user-id> --json
auth0 users blocks list <email> --json
auth0 users blocks unblock <email>
auth0 users import --connection-name "Username-Password-Authentication" \
  --users '[...]' --upsert --json
Full details: Users Reference
在租户中创建、搜索、查看、导入和管理用户。
bash
auth0 users search --query "email:user@example.com" --json
auth0 users search-by-email user@example.com --json-compact
auth0 users create --connection-name "Username-Password-Authentication" \
  --email "test@example.com" --password "SecureP@ss!" --json
auth0 users show <user-id> --json
auth0 users blocks list <email> --json
auth0 users blocks unblock <email>
auth0 users import --connection-name "Username-Password-Authentication" \
  --users '[...]' --upsert --json
详细信息:用户参考文档

Roles — Manage RBAC Roles

角色 — 管理RBAC角色

Create roles, assign permissions, and assign roles to users. The CLI has dedicated commands for all role operations.
bash
auth0 roles create --name "editor" --description "Can edit content" --json
auth0 roles permissions add <role-id> --api-id <api-id> --permissions "read:data,write:data" --json
auth0 users roles assign <user-id> --roles <role-id>
auth0 users roles show <user-id> --json-compact
Full details: Roles Reference
创建角色、分配权限以及为用户分配角色。CLI提供了所有角色操作的专用命令。
bash
auth0 roles create --name "editor" --description "Can edit content" --json
auth0 roles permissions add <role-id> --api-id <api-id> --permissions "read:data,write:data" --json
auth0 users roles assign <user-id> --roles <role-id>
auth0 users roles show <user-id> --json-compact
详细信息:角色参考文档

Organizations — B2B Multi-Tenancy

组织 — B2B多租户

Manage organizations for B2B SaaS scenarios. Alias: 
auth0 orgs
.
bash
auth0 orgs create --name "acme-corp" --display "Acme Corporation" \
  --logo "https://acme.com/logo.png" --accent "#FF6600" --json
auth0 orgs members list <org-id> --json
auth0 orgs invitations create --org-id <org-id> --invitee-email "new@acme.com" \
  --inviter-name "Admin" --client-id <id> --json
Full details: Organizations Reference
为B2B SaaS场景管理组织。别名:
auth0 orgs
bash
auth0 orgs create --name "acme-corp" --display "Acme Corporation" \
  --logo "https://acme.com/logo.png" --accent "#FF6600" --json
auth0 orgs members list <org-id> --json
auth0 orgs invitations create --org-id <org-id> --invitee-email "new@acme.com" \
  --inviter-name "Admin" --client-id <id> --json
详细信息:组织参考文档

Actions — Serverless Auth Pipeline

动作 — 无服务器认证流水线

Create and deploy serverless functions at auth pipeline trigger points. Replaces deprecated Rules.
bash
auth0 actions create --name "Add Claims" --trigger "post-login" \
  --code 'exports.onExecutePostLogin = async (event, api) => { ... }' --json
auth0 actions deploy <action-id>
Triggers: 
post-login
, 
credentials-exchange
, 
pre-user-registration
, 
post-user-registration
, 
post-change-password
, 
send-phone-message
Important: You must 
deploy
after creating or updating for changes to take effect.
Full details: Actions Reference
在认证流水线触发点创建和部署无服务器函数,替代已弃用的Rules。
bash
auth0 actions create --name "Add Claims" --trigger "post-login" \
  --code 'exports.onExecutePostLogin = async (event, api) => { ... }' --json
auth0 actions deploy <action-id>
触发类型:
post-login
credentials-exchange
pre-user-registration
post-user-registration
post-change-password
send-phone-message
重要提示: 创建或更新后必须执行
deploy
命令,更改才会生效。
详细信息:动作参考文档

Logs — Debugging & Monitoring

日志 — 调试与监控

bash
auth0 logs tail --filter "type:f" --json-compact    # real-time failed logins
auth0 logs list --filter "type:f" --number 20 --json-compact  # historical
Common codes: 
s
(success), 
f
(failed login), 
slo
(logout), 
fs
(silent auth failure)
Full details: Logs Reference
bash
auth0 logs tail --filter "type:f" --json-compact    # 实时查看登录失败日志
auth0 logs list --filter "type:f" --number 20 --json-compact  # 查看历史日志
常见代码:
s
(成功)、
f
(登录失败)、
slo
(登出)、
fs
(静默认证失败)
详细信息:日志参考文档

Domains — Custom Domains

域名 — 自定义域名

bash
auth0 domains create --domain "auth.myapp.com" --type "auth0_managed_certs" --json
auth0 domains verify <domain-id> --json
Full details: Domains Reference
bash
auth0 domains create --domain "auth.myapp.com" --type "auth0_managed_certs" --json
auth0 domains verify <domain-id> --json
详细信息:域名参考文档

Universal Login — Branding

Universal Login — 品牌定制

bash
auth0 ul update --accent "#FF6600" --background "#FFFFFF" \
  --logo "https://myapp.com/logo.png" --json
Full details: Universal Login Reference
bash
auth0 ul update --accent "#FF6600" --background "#FFFFFF" \
  --logo "https://myapp.com/logo.png" --json
详细信息:Universal Login参考文档

Terraform — Export as IaC

Terraform — 导出为基础设施即代码

bash
auth0 terraform generate --output-dir ./terraform --resources "auth0_client,auth0_connection"
Full details: Terraform Reference
bash
auth0 terraform generate --output-dir ./terraform --resources "auth0_client,auth0_connection"
详细信息:Terraform参考文档

Test — Verify Login Flows

测试 — 验证登录流程

bash
auth0 test login <client-id>
auth0 test login <client-id> --audience "https://api.myapp.com" --scopes "openid profile email"
Full details: Test Reference
bash
auth0 test login <client-id>
auth0 test login <client-id> --audience "https://api.myapp.com" --scopes "openid profile email"
详细信息:测试参考文档

Attack Protection — Security Hardening

攻击防护 — 安全加固

bash
auth0 protection brute-force-protection update --enabled true
auth0 protection breached-password-detection update --enabled true
auth0 protection bot-detection update --enabled true
Full details: Attack Protection Reference
bash
auth0 protection brute-force-protection update --enabled true
auth0 protection breached-password-detection update --enabled true
auth0 protection bot-detection update --enabled true
详细信息:攻击防护参考文档

Log Streams — External Routing

日志流 — 外部路由

bash
auth0 logs streams create datadog    # interactive setup
auth0 logs streams create http       # custom webhook
auth0 logs streams list --json
Supported: eventbridge, eventgrid, http, datadog, splunk, sumo
Full details: Log Streams Reference
bash
auth0 logs streams create datadog    # 交互式设置
auth0 logs streams create http       # 自定义Webhook
auth0 logs streams list --json
支持的服务:eventbridge、eventgrid、http、datadog、splunk、sumo
详细信息:日志流参考文档

Raw API Mode — Direct Management API Access

原生API模式 — 直接调用管理API

When a dedicated command doesn't exist, 
auth0 api
calls Management API v2 endpoints directly.
bash
auth0 api get connections
auth0 api post client-grants --data '{"client_id":"...","audience":"...","scope":["read:data"]}'
auth0 api get stats/daily -q "from=20240101" -q "to=20240131"
Full details: Raw API Reference
当没有专用命令时,
auth0 api
可直接调用Management API v2端点。
bash
auth0 api get connections
auth0 api post client-grants --data '{"client_id":"...","audience":"...","scope":["read:data"]}'
auth0 api get stats/daily -q "from=20240101" -q "to=20240131"
详细信息:原生API模式参考文档

Output Formatting

输出格式

Always use 
--json
or 
--json-compact
for machine-readable output. Three modes (mutually exclusive):
FlagWhen to use
--json
Human inspection, debugging — pretty-printed with indentation
--json-compact
Piping to 
jq
, scripting, pipelines — compact single-line
--csv
Spreadsheets and tabular export
bash
auth0 apps list --json-compact | jq '.[] | {client_id, name}'
auth0 users show <user-id> --json-compact | jq '{id: .user_id, email: .email}'
auth0 roles list --json-compact | jq '.[].name'
Full details: Output Formatting Reference
如需机器可读输出,请始终使用
--json
--json-compact
参数。三种模式(互斥):
参数使用场景
--json
人工检查、调试 — 带缩进的格式化输出
--json-compact
管道传输至
jq
、脚本编写、流水线 — 紧凑单行输出
--csv
电子表格和表格导出
bash
auth0 apps list --json-compact | jq '.[] | {client_id, name}'
auth0 users show <user-id> --json-compact | jq '{id: .user_id, email: .email}'
auth0 roles list --json-compact | jq '.[].name'
详细信息:输出格式参考文档

Reference Documentation

相关技能

Complete CLI reference with all flags, examples, and usage patterns:
  • Setup Guide — installation, authentication, CI/CD configuration
  • Authentication — login modes, tenant management, scopes
  • Apps — create, list, show, update, delete, session-transfer
  • APIs — create, scopes, token lifetime
  • Users — search, create, import, blocks, roles
  • Roles — RBAC setup, permissions management
  • Organizations — B2B, members, invitations
  • Actions — pipeline triggers, deploy workflow
  • Logs — tail, list, type codes
  • Domains — custom domains, verification
  • Universal Login — branding, templates, prompts
  • Terraform — IaC export
  • Test — login flow verification
  • Attack Protection — brute-force, breach, bot detection
  • Log Streams — external service routing
  • Raw API Mode — direct Management API access
  • Output Formatting — --json, --json-compact, --csv
  • Shared Flags — --tenant, --no-input, --debug
  • auth0-quickstart
    — 初始Auth0设置、框架检测
  • auth0-migration
    — 从其他认证提供商迁移
  • auth0-mfa
    — 多因素认证设置

Related Skills

参考链接

  • auth0-quickstart
    — Initial Auth0 setup, framework detection
  • auth0-migration
    — Migrate from other auth providers
  • auth0-mfa
    — Multi-Factor Authentication setup

References