auth0-deploy-cli 8.23.2 → 8.24.0

package/CHANGELOG.md

@@ -7,6 +7,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [8.24.0] - 2025-12-22
+
+### Added
+
+- Add support for managing `riskAssessment` settings. [#1217]
+- Add directory provisioning support for `google-apps` connections. [#1246]
+
 ## [8.23.2] - 2025-12-18
 
 ### Fixed
@@ -1575,6 +1582,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 [#1211]: https://github.com/auth0/auth0-deploy-cli/issues/1211
 [#1212]: https://github.com/auth0/auth0-deploy-cli/issues/1212
 [#1214]: https://github.com/auth0/auth0-deploy-cli/issues/1214
+[#1217]: https://github.com/auth0/auth0-deploy-cli/issues/1217
 [#1221]: https://github.com/auth0/auth0-deploy-cli/issues/1221
 [#1223]: https://github.com/auth0/auth0-deploy-cli/issues/1223
 [#1224]: https://github.com/auth0/auth0-deploy-cli/issues/1224
@@ -1584,7 +1592,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 [#1239]: https://github.com/auth0/auth0-deploy-cli/issues/1239
 [#1240]: https://github.com/auth0/auth0-deploy-cli/issues/1240
 [#1244]: https://github.com/auth0/auth0-deploy-cli/issues/1244
-[Unreleased]: https://github.com/auth0/auth0-deploy-cli/compare/v8.23.2...HEAD
+[#1246]: https://github.com/auth0/auth0-deploy-cli/issues/1246
+[Unreleased]: https://github.com/auth0/auth0-deploy-cli/compare/v8.24.0...HEAD
+[8.24.0]: https://github.com/auth0/auth0-deploy-cli/compare/v8.23.2...v8.24.0
 [8.23.2]: https://github.com/auth0/auth0-deploy-cli/compare/v8.23.1...v8.23.2
 [8.23.1]: https://github.com/auth0/auth0-deploy-cli/compare/v8.23.0...v8.23.1
 [8.23.0]: https://github.com/auth0/auth0-deploy-cli/compare/v8.22.0...v8.23.0

package/lib/context/directory/handlers/index.js

@@ -23,6 +23,7 @@ const actions_1 = __importDefault(require("./actions"));
 const organizations_1 = __importDefault(require("./organizations"));
 const triggers_1 = __importDefault(require("./triggers"));
 const attackProtection_1 = __importDefault(require("./attackProtection"));
+const riskAssessment_1 = __importDefault(require("./riskAssessment"));
 const branding_1 = __importDefault(require("./branding"));
 const phoneProvider_1 = __importDefault(require("./phoneProvider"));
 const phoneTemplates_1 = __importDefault(require("./phoneTemplates"));
@@ -65,6 +66,7 @@ const directoryHandlers = {
     organizations: organizations_1.default,
     triggers: triggers_1.default,
     attackProtection: attackProtection_1.default,
+    riskAssessment: riskAssessment_1.default,
     branding: branding_1.default,
     phoneProviders: phoneProvider_1.default,
     phoneTemplates: phoneTemplates_1.default,

package/lib/context/directory/handlers/riskAssessment.d.ts

@@ -0,0 +1,6 @@
+import { DirectoryHandler } from '.';
+import { ParsedAsset } from '../../../types';
+import { RiskAssessment } from '../../../tools/auth0/handlers/riskAssessment';
+type ParsedRiskAssessment = ParsedAsset<'riskAssessment', RiskAssessment>;
+declare const riskAssessmentHandler: DirectoryHandler<ParsedRiskAssessment>;
+export default riskAssessmentHandler;

package/lib/context/directory/handlers/riskAssessment.js

@@ -0,0 +1,40 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const path_1 = __importDefault(require("path"));
+const fs_extra_1 = __importDefault(require("fs-extra"));
+const tools_1 = require("../../../tools");
+const utils_1 = require("../../../utils");
+function parse(context) {
+    const riskAssessmentDirectory = path_1.default.join(context.filePath, tools_1.constants.RISK_ASSESSMENT_DIRECTORY);
+    const riskAssessmentFile = path_1.default.join(riskAssessmentDirectory, 'settings.json');
+    if (!(0, utils_1.existsMustBeDir)(riskAssessmentDirectory)) {
+        return { riskAssessment: null };
+    }
+    if (!(0, utils_1.isFile)(riskAssessmentFile)) {
+        return { riskAssessment: null };
+    }
+    const riskAssessment = (0, utils_1.loadJSON)(riskAssessmentFile, {
+        mappings: context.mappings,
+        disableKeywordReplacement: context.disableKeywordReplacement,
+    });
+    return {
+        riskAssessment,
+    };
+}
+async function dump(context) {
+    const { riskAssessment } = context.assets;
+    if (!riskAssessment)
+        return;
+    const riskAssessmentDirectory = path_1.default.join(context.filePath, tools_1.constants.RISK_ASSESSMENT_DIRECTORY);
+    const riskAssessmentFile = path_1.default.join(riskAssessmentDirectory, 'settings.json');
+    fs_extra_1.default.ensureDirSync(riskAssessmentDirectory);
+    (0, utils_1.dumpJSON)(riskAssessmentFile, riskAssessment);
+}
+const riskAssessmentHandler = {
+    parse,
+    dump,
+};
+exports.default = riskAssessmentHandler;

package/lib/context/yaml/handlers/index.js

@@ -23,6 +23,7 @@ const organizations_1 = __importDefault(require("./organizations"));
 const actions_1 = __importDefault(require("./actions"));
 const triggers_1 = __importDefault(require("./triggers"));
 const attackProtection_1 = __importDefault(require("./attackProtection"));
+const riskAssessment_1 = __importDefault(require("./riskAssessment"));
 const branding_1 = __importDefault(require("./branding"));
 const phoneProvider_1 = __importDefault(require("./phoneProvider"));
 const phoneTemplates_1 = __importDefault(require("./phoneTemplates"));
@@ -65,6 +66,7 @@ const yamlHandlers = {
     organizations: organizations_1.default,
     triggers: triggers_1.default,
     attackProtection: attackProtection_1.default,
+    riskAssessment: riskAssessment_1.default,
     branding: branding_1.default,
     phoneProviders: phoneProvider_1.default,
     phoneTemplates: phoneTemplates_1.default,

package/lib/context/yaml/handlers/riskAssessment.d.ts

@@ -0,0 +1,6 @@
+import { YAMLHandler } from '.';
+import { RiskAssessment } from '../../../tools/auth0/handlers/riskAssessment';
+import { ParsedAsset } from '../../../types';
+type ParsedRiskAssessment = ParsedAsset<'riskAssessment', RiskAssessment>;
+declare const riskAssessmentHandler: YAMLHandler<ParsedRiskAssessment>;
+export default riskAssessmentHandler;

package/lib/context/yaml/handlers/riskAssessment.js

@@ -0,0 +1,23 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+async function parse(context) {
+    const { riskAssessment } = context.assets;
+    if (!riskAssessment)
+        return { riskAssessment: null };
+    return {
+        riskAssessment,
+    };
+}
+async function dump(context) {
+    const { riskAssessment } = context.assets;
+    if (!riskAssessment)
+        return { riskAssessment: null };
+    return {
+        riskAssessment,
+    };
+}
+const riskAssessmentHandler = {
+    parse,
+    dump,
+};
+exports.default = riskAssessmentHandler;

package/lib/tools/auth0/handlers/connections.d.ts

@@ -78,11 +78,40 @@ export declare const schema: {
                 required: string[];
                 additionalProperties: boolean;
             };
+            directory_provisioning_configuration: {
+                type: string;
+                properties: {
+                    mapping: {
+                        type: string;
+                        items: {
+                            type: string;
+                            properties: {
+                                auth0: {
+                                    type: string;
+                                    description: string;
+                                };
+                                idp: {
+                                    type: string;
+                                    description: string;
+                                };
+                            };
+                        };
+                    };
+                    synchronize_automatically: {
+                        type: string;
+                        description: string;
+                    };
+                };
+            };
         };
         required: string[];
     };
 };
-export type Connection = Management.ConnectionForList;
+type DirectoryProvisioningConfig = Management.GetDirectoryProvisioningResponseContent;
+export type Connection = Management.ConnectionForList & {
+    enabled_clients?: string[];
+    directory_provisioning_configuration?: DirectoryProvisioningConfig;
+};
 export declare const addExcludedConnectionPropertiesToChanges: ({ proposedChanges, existingConnections, config, }: {
     proposedChanges: CalculatedChanges;
     existingConnections: Asset[];
@@ -135,7 +164,33 @@ export default class ConnectionsHandler extends DefaultAPIHandler {
     } | {
         options?: undefined;
     };
+    /**
+     * Retrieves directory provisioning configuration for a specific Auth0 connection.
+     * @param connectionId - The unique identifier of the connection
+     * @returns A promise that resolves to the configuration object, or null if not configured/supported
+     */
+    getConnectionDirectoryProvisioning(connectionId: string): Promise<DirectoryProvisioningConfig | null>;
+    /**
+     * Creates directory provisioning configuration for a connection.
+     */
+    private createConnectionDirectoryProvisioning;
+    /**
+     * Updates directory provisioning configuration for a connection.
+     */
+    private updateConnectionDirectoryProvisioning;
+    /**
+     * Deletes directory provisioning configuration for a connection.
+     */
+    private deleteConnectionDirectoryProvisioning;
+    /**
+     * This function processes directory provisioning for create, update, and conflict operations.
+     * Directory provisioning is only supported for google-apps strategy connections.
+     *
+     * @param changes - Object containing arrays of connections to create, update, and resolve conflicts for
+     */
+    processConnectionDirectoryProvisioning(changes: CalculatedChanges): Promise<void>;
     getType(): Promise<Asset[] | null>;
     calcChanges(assets: Assets): Promise<CalculatedChanges>;
     processChanges(assets: Assets): Promise<void>;
 }
+export {};

package/lib/tools/auth0/handlers/connections.js

@@ -93,6 +93,25 @@ exports.schema = {
                 required: ['active'],
                 additionalProperties: false,
             },
+            directory_provisioning_configuration: {
+                type: 'object',
+                properties: {
+                    mapping: {
+                        type: 'array',
+                        items: {
+                            type: 'object',
+                            properties: {
+                                auth0: { type: 'string', description: 'The field location in the Auth0 schema' },
+                                idp: { type: 'string', description: 'The field location in the IDP schema' },
+                            },
+                        },
+                    },
+                    synchronize_automatically: {
+                        type: 'boolean',
+                        description: 'The field whether periodic automatic synchronization is enabled',
+                    },
+                },
+            },
         },
         required: ['name', 'strategy'],
     },
@@ -286,6 +305,169 @@ class ConnectionsHandler extends default_1.default {
             return {};
         }
     }
+    /**
+     * Retrieves directory provisioning configuration for a specific Auth0 connection.
+     * @param connectionId - The unique identifier of the connection
+     * @returns A promise that resolves to the configuration object, or null if not configured/supported
+     */
+    async getConnectionDirectoryProvisioning(connectionId) {
+        if (!connectionId)
+            return null;
+        const creates = [connectionId];
+        let config = null;
+        try {
+            await this.client.pool
+                .addEachTask({
+                data: creates || [],
+                generator: async (id) => this.client.connections.directoryProvisioning
+                    .get(id)
+                    .then((resp) => {
+                    config = resp;
+                })
+                    .catch((err) => {
+                    throw new auth0_1.ManagementError(err);
+                }),
+            })
+                .promise();
+            const stripKeysFromOutput = [
+                'connection_id',
+                'connection_name',
+                'strategy',
+                'created_at',
+                'updated_at',
+            ];
+            stripKeysFromOutput.forEach((key) => {
+                if (config && key in config) {
+                    delete config[key];
+                }
+            });
+            return config;
+        }
+        catch (error) {
+            const errLog = `Unable to fetch directory provisioning for connection '${connectionId}'. `;
+            if (error instanceof auth0_1.ManagementError) {
+                const bodyMessage = error.body?.message;
+                logger_1.default.warn(errLog + bodyMessage);
+            }
+            else {
+                logger_1.default.error(errLog, error?.message);
+            }
+            return null;
+        }
+    }
+    /**
+     * Creates directory provisioning configuration for a connection.
+     */
+    async createConnectionDirectoryProvisioning(connectionId, payload) {
+        if (!connectionId) {
+            throw new Error('Connection ID is required to create directory provisioning configuration.');
+        }
+        const createPayload = {
+            mapping: payload.mapping,
+            synchronize_automatically: payload.synchronize_automatically,
+        };
+        await this.client.connections.directoryProvisioning.create(connectionId, createPayload);
+        logger_1.default.debug(`Created directory provisioning for connection '${connectionId}'`);
+    }
+    /**
+     * Updates directory provisioning configuration for a connection.
+     */
+    async updateConnectionDirectoryProvisioning(connectionId, payload) {
+        if (!connectionId) {
+            throw new Error('Connection ID is required to update directory provisioning configuration.');
+        }
+        const updatePayload = {
+            mapping: payload.mapping,
+            synchronize_automatically: payload.synchronize_automatically,
+        };
+        await this.client.connections.directoryProvisioning.update(connectionId, updatePayload);
+        logger_1.default.debug(`Updated directory provisioning for connection '${connectionId}'`);
+    }
+    /**
+     * Deletes directory provisioning configuration for a connection.
+     */
+    async deleteConnectionDirectoryProvisioning(connectionId) {
+        if (!connectionId) {
+            throw new Error('Connection ID is required to delete directory provisioning configuration.');
+        }
+        await this.client.connections.directoryProvisioning.delete(connectionId);
+        logger_1.default.debug(`Deleted directory provisioning for connection '${connectionId}'`);
+    }
+    /**
+     * This function processes directory provisioning for create, update, and conflict operations.
+     * Directory provisioning is only supported for google-apps strategy connections.
+     *
+     * @param changes - Object containing arrays of connections to create, update, and resolve conflicts for
+     */
+    async processConnectionDirectoryProvisioning(changes) {
+        const { create, update, conflicts } = changes;
+        // Build a map of existing connections by ID for quick lookup
+        const existingConnectionsMap = (0, lodash_1.keyBy)(this.existing || [], 'id');
+        // Filter to only google-apps connections
+        const googleAppsWithDirProvFilter = (conn) => conn.strategy === 'google-apps';
+        const connectionsToProcess = [
+            ...update.filter(googleAppsWithDirProvFilter),
+            ...create.filter(googleAppsWithDirProvFilter),
+            ...conflicts.filter(googleAppsWithDirProvFilter),
+        ];
+        if (connectionsToProcess.length === 0) {
+            return;
+        }
+        const directoryConnectionsToUpdate = [];
+        const directoryConnectionsToCreate = [];
+        const directoryConnectionsToDelete = [];
+        for (const conn of connectionsToProcess) {
+            if (!conn.id)
+                continue;
+            const existingConn = existingConnectionsMap[conn.id];
+            const existingConfig = existingConn?.directory_provisioning_configuration;
+            const proposedConfig = conn.directory_provisioning_configuration;
+            if (existingConfig && proposedConfig) {
+                directoryConnectionsToUpdate.push(conn);
+            }
+            else if (!existingConfig && proposedConfig) {
+                directoryConnectionsToCreate.push(conn);
+            }
+            else if (existingConfig && !proposedConfig) {
+                directoryConnectionsToDelete.push(conn);
+            }
+        }
+        // Process updates first
+        await this.client.pool
+            .addEachTask({
+            data: directoryConnectionsToUpdate || [],
+            generator: (conn) => this.updateConnectionDirectoryProvisioning(conn.id, conn.directory_provisioning_configuration).catch((err) => {
+                throw new Error(`Failed to update directory provisioning for connection '${conn.id}':\n${err}`);
+            }),
+        })
+            .promise();
+        // Process creates
+        await this.client.pool
+            .addEachTask({
+            data: directoryConnectionsToCreate || [],
+            generator: (conn) => this.createConnectionDirectoryProvisioning(conn.id, conn.directory_provisioning_configuration).catch((err) => {
+                throw new Error(`Failed to create directory provisioning for connection '${conn.id}':\n${err}`);
+            }),
+        })
+            .promise();
+        // Process deletes
+        if (this.config('AUTH0_ALLOW_DELETE') === 'true' ||
+            this.config('AUTH0_ALLOW_DELETE') === true) {
+            await this.client.pool
+                .addEachTask({
+                data: directoryConnectionsToDelete || [],
+                generator: (conn) => this.deleteConnectionDirectoryProvisioning(conn.id).catch((err) => {
+                    throw new Error(`Failed to delete directory provisioning for connection '${conn.id}':\n${err}`);
+                }),
+            })
+                .promise();
+        }
+        else if (directoryConnectionsToDelete.length) {
+            logger_1.default.warn(`Detected directory provisioning configs to delete. Deletes are disabled (set 'AUTH0_ALLOW_DELETE' to true to allow).\n${directoryConnectionsToDelete
+                .map((i) => this.objString(i))
+                .join('\n')}`);
+        }
+    }
     async getType() {
         if (this.existing)
             return this.existing;
@@ -306,10 +488,18 @@ class ConnectionsHandler extends default_1.default {
             if (!con?.id)
                 return con;
             const enabledClients = await (0, exports.getConnectionEnabledClients)(this.client, con.id);
+            // Cast to Asset to allow adding properties
+            let connection = { ...con };
             if (enabledClients && enabledClients?.length) {
-                return { ...con, enabled_clients: enabledClients };
+                connection.enabled_clients = enabledClients;
+            }
+            if (connection.strategy === 'google-apps') {
+                const dirProvConfig = await this.getConnectionDirectoryProvisioning(con.id);
+                if (dirProvConfig) {
+                    connection.directory_provisioning_configuration = dirProvConfig;
+                }
             }
-            return con;
+            return connection;
         }));
         this.existing = connectionsWithEnabledClients;
         // Apply `scim_configuration` to all the relevant `SCIM` connections. This method mutates `this.existing`.
@@ -366,6 +556,8 @@ class ConnectionsHandler extends default_1.default {
         await super.processChanges(assets, (0, utils_1.filterExcluded)(changes, excludedConnections));
         // process enabled clients
         await (0, exports.processConnectionEnabledClients)(this.client, this.type, (0, utils_1.filterExcluded)(changes, excludedConnections));
+        // process directory provisioning
+        await this.processConnectionDirectoryProvisioning((0, utils_1.filterExcluded)(changes, excludedConnections));
     }
 }
 exports.default = ConnectionsHandler;

package/lib/tools/auth0/handlers/index.js

@@ -60,6 +60,7 @@ const actions = __importStar(require("./actions"));
 const triggers = __importStar(require("./triggers"));
 const organizations = __importStar(require("./organizations"));
 const attackProtection = __importStar(require("./attackProtection"));
+const riskAssessment = __importStar(require("./riskAssessment"));
 const logStreams = __importStar(require("./logStreams"));
 const customDomains = __importStar(require("./customDomains"));
 const themes = __importStar(require("./themes"));
@@ -100,6 +101,7 @@ const auth0ApiHandlers = {
     triggers,
     organizations,
     attackProtection,
+    riskAssessment,
     logStreams,
     customDomains,
     themes,

package/lib/tools/auth0/handlers/riskAssessment.d.ts

@@ -0,0 +1,39 @@
+import DefaultAPIHandler from './default';
+import { Assets } from '../../../types';
+import { Management } from 'auth0';
+export declare const schema: {
+    type: string;
+    properties: {
+        settings: {
+            type: string;
+            properties: {
+                enabled: {
+                    type: string;
+                    description: string;
+                };
+            };
+            required: string[];
+        };
+        new_device: {
+            type: string;
+            properties: {
+                remember_for: {
+                    type: string;
+                    description: string;
+                };
+            };
+            required: string[];
+        };
+    };
+    required: string[];
+};
+export type RiskAssessment = {
+    settings: Management.GetRiskAssessmentsSettingsResponseContent;
+    new_device?: Management.GetRiskAssessmentsSettingsNewDeviceResponseContent;
+};
+export default class RiskAssessmentHandler extends DefaultAPIHandler {
+    existing: RiskAssessment;
+    constructor(config: DefaultAPIHandler);
+    getType(): Promise<RiskAssessment>;
+    processChanges(assets: Assets): Promise<void>;
+}

package/lib/tools/auth0/handlers/riskAssessment.js

@@ -0,0 +1,95 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.schema = void 0;
+const default_1 = __importDefault(require("./default"));
+const auth0_1 = require("auth0");
+exports.schema = {
+    type: 'object',
+    properties: {
+        settings: {
+            type: 'object',
+            properties: {
+                enabled: {
+                    type: 'boolean',
+                    description: 'Whether or not risk assessment is enabled.',
+                },
+            },
+            required: ['enabled'],
+        },
+        new_device: {
+            type: 'object',
+            properties: {
+                remember_for: {
+                    type: 'number',
+                    description: 'Length of time to remember devices for, in days.',
+                },
+            },
+            required: ['remember_for'],
+        },
+    },
+    required: ['settings'],
+};
+class RiskAssessmentHandler extends default_1.default {
+    constructor(config) {
+        super({
+            ...config,
+            type: 'riskAssessment',
+        });
+    }
+    async getType() {
+        if (this.existing) {
+            return this.existing;
+        }
+        try {
+            const [settings, newDeviceSettings] = await Promise.all([
+                this.client.riskAssessments.settings.get(),
+                this.client.riskAssessments.settings.newDevice.get().catch((err) => {
+                    if (err instanceof auth0_1.ManagementError && err?.statusCode === 404) {
+                        return { remember_for: 0 };
+                    }
+                    throw err;
+                }),
+            ]);
+            const riskAssessment = {
+                settings: settings,
+                new_device: newDeviceSettings,
+                ...(newDeviceSettings.remember_for > 0 && {
+                    new_device: newDeviceSettings,
+                }),
+            };
+            this.existing = riskAssessment;
+            return this.existing;
+        }
+        catch (err) {
+            if (err instanceof auth0_1.ManagementError && err.statusCode === 404) {
+                const riskAssessment = {
+                    settings: { enabled: false },
+                };
+                this.existing = riskAssessment;
+                return this.existing;
+            }
+            throw err;
+        }
+    }
+    async processChanges(assets) {
+        const { riskAssessment } = assets;
+        // Non-existing section means it doesn't need to be processed
+        if (!riskAssessment) {
+            return;
+        }
+        const updates = [];
+        // Update main settings (enabled flag)
+        updates.push(this.client.riskAssessments.settings.update(riskAssessment?.settings));
+        // Update new device settings if provided
+        if (riskAssessment.new_device) {
+            updates.push(this.client.riskAssessments.settings.newDevice.update(riskAssessment.new_device));
+        }
+        await Promise.all(updates);
+        this.updated += 1;
+        this.didUpdate(riskAssessment);
+    }
+}
+exports.default = RiskAssessmentHandler;

package/lib/tools/auth0/handlers/scimHandler.js

@@ -190,6 +190,7 @@ class ScimHandler {
         // Remove `scim_configuration` from `bodyParams`, because `connections.update` doesn't accept it.
         const { scim_configuration: scimBodyParams } = bodyParams;
         delete bodyParams.scim_configuration;
+        delete bodyParams.directory_provisioning_configuration;
         // First, update `connections`.
         const updated = await this.connectionsManager.update(requestParams.id, bodyParams);
         const idMapEntry = this.idMap.get(requestParams.id);
@@ -223,6 +224,7 @@ class ScimHandler {
         // Remove `scim_configuration` from `bodyParams`, because `connections.create` doesn't accept it.
         const { scim_configuration: scimBodyParams } = bodyParams;
         delete bodyParams.scim_configuration;
+        delete bodyParams.directory_provisioning_configuration;
         // First, create the new `connection`.
         const data = await this.connectionsManager.create(bodyParams);
         if (data?.id && scimBodyParams && this.scimScopes.create) {

package/lib/tools/constants.d.ts

@@ -57,6 +57,7 @@ declare const constants: {
     CONNECTIONS_ID_NAME: string;
     ROLES_DIRECTORY: string;
     ATTACK_PROTECTION_DIRECTORY: string;
+    RISK_ASSESSMENT_DIRECTORY: string;
     GUARDIAN_FACTORS: string[];
     GUARDIAN_POLICIES: string[];
     GUARDIAN_PHONE_PROVIDERS: string[];

package/lib/tools/constants.js

@@ -103,6 +103,7 @@ const constants = {
     CONNECTIONS_ID_NAME: 'id',
     ROLES_DIRECTORY: 'roles',
     ATTACK_PROTECTION_DIRECTORY: 'attack-protection',
+    RISK_ASSESSMENT_DIRECTORY: 'risk-assessment',
     GUARDIAN_FACTORS: [
         'sms',
         'push-notification',

package/lib/types.d.ts

@@ -18,6 +18,7 @@ import { NetworkACL } from './tools/auth0/handlers/networkACLs';
 import { UserAttributeProfile } from './tools/auth0/handlers/userAttributeProfiles';
 import { AttackProtection } from './tools/auth0/handlers/attackProtection';
 import { TokenExchangeProfile } from './tools/auth0/handlers/tokenExchangeProfiles';
+import { RiskAssessment } from './tools/auth0/handlers/riskAssessment';
 type SharedPaginationParams = {
     checkpoint?: boolean;
     paginate?: boolean;
@@ -90,6 +91,7 @@ export type Asset = {
 export type Assets = Partial<{
     actions: Action[] | null;
     attackProtection: AttackProtection | null;
+    riskAssessment: RiskAssessment | null;
     branding: (Asset & {
         templates?: {
             template: string;
@@ -147,7 +149,7 @@ export type CalculatedChanges = {
     conflicts: Asset[];
     create: Asset[];
 };
-export type AssetTypes = 'rules' | 'rulesConfigs' | 'hooks' | 'pages' | 'databases' | 'clientGrants' | 'resourceServers' | 'clients' | 'connections' | 'tenant' | 'emailProvider' | 'emailTemplates' | 'guardianFactors' | 'guardianFactorProviders' | 'guardianFactorTemplates' | 'guardianPhoneFactorMessageTypes' | 'guardianPhoneFactorSelectedProvider' | 'guardianPolicies' | 'roles' | 'actions' | 'organizations' | 'triggers' | 'attackProtection' | 'branding' | 'phoneProviders' | 'phoneTemplates' | 'logStreams' | 'prompts' | 'customDomains' | 'themes' | 'forms' | 'flows' | 'flowVaultConnections' | 'selfServiceProfiles' | 'networkACLs' | 'userAttributeProfiles' | 'connectionProfiles' | 'tokenExchangeProfiles';
+export type AssetTypes = 'rules' | 'rulesConfigs' | 'hooks' | 'pages' | 'databases' | 'clientGrants' | 'resourceServers' | 'clients' | 'connections' | 'tenant' | 'emailProvider' | 'emailTemplates' | 'guardianFactors' | 'guardianFactorProviders' | 'guardianFactorTemplates' | 'guardianPhoneFactorMessageTypes' | 'guardianPhoneFactorSelectedProvider' | 'guardianPolicies' | 'roles' | 'actions' | 'organizations' | 'triggers' | 'attackProtection' | 'riskAssessment' | 'branding' | 'phoneProviders' | 'phoneTemplates' | 'logStreams' | 'prompts' | 'customDomains' | 'themes' | 'forms' | 'flows' | 'flowVaultConnections' | 'selfServiceProfiles' | 'networkACLs' | 'userAttributeProfiles' | 'connectionProfiles' | 'tokenExchangeProfiles';
 export type KeywordMappings = {
     [key: string]: (string | number)[] | string | number;
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "auth0-deploy-cli",
-  "version": "8.23.2",
+  "version": "8.24.0",
   "description": "A command line tool for deploying updates to your Auth0 tenant",
   "main": "lib/index.js",
   "bin": {