Can I use Auth0 as a CLI?

Yes. KosmoKrator exposes a Auth0 CLI through kosmo integrations:call and the provider shortcut command. Commands can return JSON for scripts, CI, and coding agents.

Can I expose Auth0 through MCP?

Yes. The KosmoKrator MCP gateway can expose selected Auth0 tools to clients such as Claude Code, Cursor, Codex, and other MCP-compatible tools.

Where are Auth0 credentials stored?

Auth0 credentials are configured in KosmoKrator's local integration settings and reused by CLI, Lua, and MCP gateway surfaces.

Can I deny write access for Auth0 MCP tools?

Yes. Start the gateway with --write=deny for read-only clients, or use ask/allow only for trusted workspaces.

productivity

Auth0 MCP Integration for Codex

Connect Auth0 to Codex through the local KosmoKrator MCP gateway with scoped tools, credentials, and write policy.

7 functions 6 read 1 write Bearer token auth

Submit Auth0 feedback View package source

Connect Auth0 to Codex

Use KosmoKrator as a local MCP proxy for Codex so coding sessions can reach selected integrations with explicit write policy.

Register kosmo mcp:serve as a local stdio server and choose the integration allowlist. The gateway is local, scoped to this integration, and starts with --write=deny so Codex can inspect read-capable tools without receiving write access by default.

Auth0 MCP Config for Codex

Keep write access denied or ask-based unless the workspace is trusted.

{
  "mcpServers": {
    "kosmokrator-auth-zero": {
      "type": "stdio",
      "command": "kosmo",
      "args": [
        "mcp:serve",
        "--integration=auth-zero",
        "--write=deny"
      ]
    }
  }
}

Run the Gateway Manually

kosmokrator mcp:serve --integration=auth-zero --write=deny

Why Use KosmoKrator Here

Scoped tools

Expose only Auth0 instead of a broad multi-service tool list.

Local credentials

Reuse credentials already configured for the KosmoKrator CLI and Lua runtime.

Write policy

Start read-only, then opt into ask or allow for trusted workspaces.

Auth0 Tools Visible to Codex

Codex sees stable MCP tool names generated from the Auth0 integration catalog.

MCP tool	Source function	Type	Description
`integration__auth_zero__auth_zero_list_users`	`auth-zero.auth_zero_list_users`	Read	List users in the Auth0 tenant. Supports search with Lucene syntax, pagination, and sorting.
`integration__auth_zero__auth_zero_get_user`	`auth-zero.auth_zero_get_user`	Read	Retrieve a single Auth0 user by their user ID (e.g. "auth0\|abc123").
`integration__auth_zero__auth_zero_create_user`	`auth-zero.auth_zero_create_user`	Write	Create a new user in Auth0. Requires email, password, and the connection name (database connection).
`integration__auth_zero__auth_zero_list_connections`	`auth-zero.auth_zero_list_connections`	Read	List identity connections configured in the Auth0 tenant. Optionally filter by strategy (e.g. "auth0", "google-oauth2").
`integration__auth_zero__auth_zero_list_roles`	`auth-zero.auth_zero_list_roles`	Read	List roles defined in the Auth0 tenant with optional pagination.
`integration__auth_zero__auth_zero_get_tenant_settings`	`auth-zero.auth_zero_get_tenant_settings`	Read	Retrieve the Auth0 tenant settings (session lifetime, idle timeout, default directory, etc.).
`integration__auth_zero__auth_zero_get_current_user`	`auth-zero.auth_zero_get_current_user`	Read	Retrieve the profile of the currently authenticated user. Also serves as a health check for the Auth0 connection.

Related Auth0 Pages

Auth0 CLIUse direct JSON commands instead of MCP discovery. Auth0 MCPFull gateway reference and MCP tool names. KosmoKrator for CodexClient-level gateway setup.