Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs-staging-fix-docs-5513-docs-description-updates.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

The Tenant Access Control List (ACL) manages traffic to your tenant’s resources based on rules you define. Using the Tenant ACL can help you conserve your rate limits against potential threats (like denial-of-service attacks) and ensure that only legitimate users access your applications.

​
Overview

Each Tenant ACL is composed of a set of rules. When your tenant or receives a request, your Tenant ACL’s rules determine how it responds. The Tenant ACL’s granular configuration options let you apply rules to a variety of different signals and scopes. For example:
  • You can use the hostnames scope to disable or restrict access to your canonical domain while allowing traffic via custom domains.
  • If you are adopting Model Context Protocols (MCP) in your tenant, you can use the Dynamic Client Registration (dcr) scope to avoid risks like unauthorized application registration or phishing attempts via misleading application names.
For monitoring and auditing, a tenant log event (acls_summary) is created every 10 minutes for each Tenant ACL rule with details of how that rule is affecting traffic. You can enable monitoring mode for rules to test and log how they would behave without actually applying the rule to traffic.

How To

How to Configure Tenant Access Control List Rules

Define a rule's signal, condition, action, scope, and priority to define its behavior. Use the Management API or Auth0's SDKs, CLIs, or Terraform provider to configure and manage the Tenant ACL.

How to Enable or Disable Monitoring Mode for Tenant Access Control List Rules

Audit how a rule would affect incoming traffic without changing the Tenant ACL's current behavior by enabling monitoring mode.

Details

Rule Evaluation for the Tenant Access Control List

Learn how the Tenant ACL's deterministic engine evaluates rule matches and execution.

Tenant Access Control List Limits

View limits, restrictions, and known issues for Tenant ACLs.

Reference

Code Samples for Common Tenant Access Control List Use Cases

Implement common use cases for the Tenant ACL with these code samples for Management API requests, Auth0 SDKs and CLIs, and the Auth0 Terraform provider.

Management API Parameter Reference for Tenant Access Control List Rules

View descriptions of all parameters for Tenant ACL endpoints in the Management API.

Tenant Log Event Reference for Tenant Access Control List Rules

View descriptions of all fields for the Tenant ACL (`acls_summary`) tenant log event.