dschenkelman · November 28, 2025 16:18
diff --git a/setup_auth0_vercel.sh b/setup_auth0_vercel.sh
 #!/bin/bash

 # 1. CONFIGURATION
 # Auth0 config and token
 AUTH0_DOMAIN="YOUR_AUTH0_DOMAIN"
 ENABLED_CLIENT_ID="AUTH0_ENABLED_CLIENT_ID"
 MGMT_API_TOKEN="YOUR_AUTH0_MGMT_API_TOKEN"

 # OAuth Credentials for Vercel app
 CLIENT_ID="YOUR_VERCEL_CLIENT_ID"
 CLIENT_SECRET="YOUR_VERCEL_CLIENT_SECRET"


 # 2. THE MINIFIED AUTH) CUSTOM OAUTH CONNECTION SCRIPT 
 FETCH_PROFILE_SCRIPT="function(accessToken, ctx, cb) { const options = { method: \\\"GET\\\", url: \\\"https://api.vercel.com/login/oauth/userinfo\\\", headers: { \\\"Authorization\\\": \`Bearer \${accessToken}\` } }; request(options, (err, res, body) => { if (err) { return cb(err); } if (res.statusCode !== 200) { return cb(new Error(body)); } try { const data = JSON.parse(body); const profile = { user_id: data.sub, email: data.email, email_verified: data.email_verified, name: data.name, nickname: data.preferred_username, picture: data.picture }; cb(null, profile); } catch (parseError) { cb(new Error(body)); } }); }"

 # 3. CREATE CONNECTIOn
 echo "1. Creating connection on domain: $AUTH0_DOMAIN..."

 RESPONSE=$(curl --silent --request POST \
  --url "https://${AUTH0_DOMAIN}/api/v2/connections" \
  --header "Authorization: Bearer ${MGMT_API_TOKEN}" \
  --header "Content-Type: application/json" \
  --data "{
    \"name\": \"vercel\",
    \"display_name\": \"Vercel\",
    \"strategy\": \"oauth2\",
    \"options\": {
      \"client_id\": \"${CLIENT_ID}\",
      \"client_secret\": \"${CLIENT_SECRET}\",
      \"icon_url\": \"https://avatars.githubusercontent.com/u/14985020?s=200&v=4\",
      \"scripts\": {
        \"fetchUserProfile\": \"${FETCH_PROFILE_SCRIPT}\"
      },
      \"authorizationURL\": \"https://vercel.com/oauth/authorize\",
      \"tokenURL\": \"https://api.vercel.com/login/oauth/token\",
      \"scope\": \"\", 
      \"pkce_enabled\": true
    }
  }")

 # 4. ENABLE CLIENT
 # We use a simple grep/sed pattern to extract the ID to avoid 'jq' dependency.
 # In a robust production script, use 'jq -r .id'
 CONNECTION_ID=$(echo "$RESPONSE" | grep -o '"id":"[^"]*"' | head -1 | sed 's/"id":"//;s/"//')

 if [ -z "$CONNECTION_ID" ]; then
  echo "Error: Could not extract Connection ID. Response:"
  echo "$RESPONSE"
  exit 1
 fi

 echo "   Success! Connection ID: $CONNECTION_ID"
 echo "2. Enabling client ($ENABLED_CLIENT_ID)..."

 HTTP_CODE=$(curl --silent --output /dev/null --write-out "%{http_code}" --request PATCH \
  --url "https://${AUTH0_DOMAIN}/api/v2/connections/${CONNECTION_ID}" \
  --header "Authorization: Bearer ${MGMT_API_TOKEN}" \
  --header "Content-Type: application/json" \
  --data "{
    \"enabled_clients\": [
      \"${ENABLED_CLIENT_ID}\"
    ]
  }")

 if [ "$HTTP_CODE" -eq 200 ] || [ "$HTTP_CODE" -eq 201 ]; then
  echo "   Success! Client enabled."
 else
  echo "   Error enabling client. HTTP Status: $HTTP_CODE"
  exit 1
 fi```
	#!/bin/bash

	# 1. CONFIGURATION
	# Auth0 config and token
	AUTH0_DOMAIN="YOUR_AUTH0_DOMAIN"
	ENABLED_CLIENT_ID="AUTH0_ENABLED_CLIENT_ID"
	MGMT_API_TOKEN="YOUR_AUTH0_MGMT_API_TOKEN"

	# OAuth Credentials for Vercel app
	CLIENT_ID="YOUR_VERCEL_CLIENT_ID"
	CLIENT_SECRET="YOUR_VERCEL_CLIENT_SECRET"


	# 2. THE MINIFIED AUTH) CUSTOM OAUTH CONNECTION SCRIPT
	FETCH_PROFILE_SCRIPT="function(accessToken, ctx, cb) { const options = { method: \\\"GET\\\", url: \\\"https://api.vercel.com/login/oauth/userinfo\\\", headers: { \\\"Authorization\\\": \`Bearer \${accessToken}\` } }; request(options, (err, res, body) => { if (err) { return cb(err); } if (res.statusCode !== 200) { return cb(new Error(body)); } try { const data = JSON.parse(body); const profile = { user_id: data.sub, email: data.email, email_verified: data.email_verified, name: data.name, nickname: data.preferred_username, picture: data.picture }; cb(null, profile); } catch (parseError) { cb(new Error(body)); } }); }"

	# 3. CREATE CONNECTIOn
	echo "1. Creating connection on domain: $AUTH0_DOMAIN..."

	RESPONSE=$(curl --silent --request POST \
	--url "https://${AUTH0_DOMAIN}/api/v2/connections" \
	--header "Authorization: Bearer ${MGMT_API_TOKEN}" \
	--header "Content-Type: application/json" \
	--data "{
	\"name\": \"vercel\",
	\"display_name\": \"Vercel\",
	\"strategy\": \"oauth2\",
	\"options\": {
	\"client_id\": \"${CLIENT_ID}\",
	\"client_secret\": \"${CLIENT_SECRET}\",
	\"icon_url\": \"https://avatars.githubusercontent.com/u/14985020?s=200&v=4\",
	\"scripts\": {
	\"fetchUserProfile\": \"${FETCH_PROFILE_SCRIPT}\"
	},
	\"authorizationURL\": \"https://vercel.com/oauth/authorize\",
	\"tokenURL\": \"https://api.vercel.com/login/oauth/token\",
	\"scope\": \"\",
	\"pkce_enabled\": true
	}
	}")

	# 4. ENABLE CLIENT
	# We use a simple grep/sed pattern to extract the ID to avoid 'jq' dependency.
	# In a robust production script, use 'jq -r .id'
	CONNECTION_ID=$(echo "$RESPONSE" \| grep -o '"id":"[^"]*"' \| head -1 \| sed 's/"id":"//;s/"//')

	if [ -z "$CONNECTION_ID" ]; then
	echo "Error: Could not extract Connection ID. Response:"
	echo "$RESPONSE"
	exit 1
	fi

	echo " Success! Connection ID: $CONNECTION_ID"
	echo "2. Enabling client ($ENABLED_CLIENT_ID)..."

	HTTP_CODE=$(curl --silent --output /dev/null --write-out "%{http_code}" --request PATCH \
	--url "https://${AUTH0_DOMAIN}/api/v2/connections/${CONNECTION_ID}" \
	--header "Authorization: Bearer ${MGMT_API_TOKEN}" \
	--header "Content-Type: application/json" \
	--data "{
	\"enabled_clients\": [
	\"${ENABLED_CLIENT_ID}\"
	]
	}")

	if [ "$HTTP_CODE" -eq 200 ] \|\| [ "$HTTP_CODE" -eq 201 ]; then
	echo " Success! Client enabled."
	else
	echo " Error enabling client. HTTP Status: $HTTP_CODE"
	exit 1
	fi```
No results found