Can I use Auth0 as a CLI?

Yes. KosmoKrator exposes a Auth0 CLI through kosmo integrations:call and the provider shortcut command. Commands can return JSON for scripts, CI, and coding agents.

Can I expose Auth0 through MCP?

Yes. The KosmoKrator MCP gateway can expose selected Auth0 tools to clients such as Claude Code, Cursor, Codex, and other MCP-compatible tools.

Where are Auth0 credentials stored?

Auth0 credentials are configured in KosmoKrator's local integration settings and reused by CLI, Lua, and MCP gateway surfaces.

Can I deny write access for Auth0 MCP tools?

Yes. Start the gateway with --write=deny for read-only clients, or use ask/allow only for trusted workspaces.

productivity

Auth0 MCP Integration for Generic MCP Clients

Connect Auth0 to Generic MCP Clients through the local KosmoKrator MCP gateway with scoped tools, credentials, and write policy.

7 functions 6 read 1 write Bearer token auth

Submit Auth0 feedback View package source

Connect Auth0 to Generic MCP Clients

Connect any stdio-compatible MCP client to local KosmoKrator integration tools.

Register kosmo mcp:serve as the command for a local stdio MCP server. The gateway is local, scoped to this integration, and starts with --write=deny so MCP clients can inspect read-capable tools without receiving write access by default.

Auth0 MCP Config for Generic MCP Clients

Start with read-only write policy and expand only for trusted projects.

{
  "mcpServers": {
    "kosmokrator-auth-zero": {
      "type": "stdio",
      "command": "kosmo",
      "args": [
        "mcp:serve",
        "--integration=auth-zero",
        "--write=deny"
      ]
    }
  }
}

Run the Gateway Manually

kosmokrator mcp:serve --integration=auth-zero --write=deny

Why Use KosmoKrator Here

Scoped tools

Expose only Auth0 instead of a broad multi-service tool list.

Local credentials

Reuse credentials already configured for the KosmoKrator CLI and Lua runtime.

Write policy

Start read-only, then opt into ask or allow for trusted workspaces.

Auth0 Tools Visible to MCP clients

MCP clients sees stable MCP tool names generated from the Auth0 integration catalog.

MCP tool	Source function	Type	Description
`integration__auth_zero__auth_zero_list_users`	`auth-zero.auth_zero_list_users`	Read	List users in the Auth0 tenant. Supports search with Lucene syntax, pagination, and sorting.
`integration__auth_zero__auth_zero_get_user`	`auth-zero.auth_zero_get_user`	Read	Retrieve a single Auth0 user by their user ID (e.g. "auth0\|abc123").
`integration__auth_zero__auth_zero_create_user`	`auth-zero.auth_zero_create_user`	Write	Create a new user in Auth0. Requires email, password, and the connection name (database connection).
`integration__auth_zero__auth_zero_list_connections`	`auth-zero.auth_zero_list_connections`	Read	List identity connections configured in the Auth0 tenant. Optionally filter by strategy (e.g. "auth0", "google-oauth2").
`integration__auth_zero__auth_zero_list_roles`	`auth-zero.auth_zero_list_roles`	Read	List roles defined in the Auth0 tenant with optional pagination.
`integration__auth_zero__auth_zero_get_tenant_settings`	`auth-zero.auth_zero_get_tenant_settings`	Read	Retrieve the Auth0 tenant settings (session lifetime, idle timeout, default directory, etc.).
`integration__auth_zero__auth_zero_get_current_user`	`auth-zero.auth_zero_get_current_user`	Read	Retrieve the profile of the currently authenticated user. Also serves as a health check for the Auth0 connection.

Related Auth0 Pages

Auth0 CLIUse direct JSON commands instead of MCP discovery. Auth0 MCPFull gateway reference and MCP tool names. KosmoKrator for MCP clientsClient-level gateway setup.