Skip to content
This repository was archived by the owner on Mar 8, 2022. It is now read-only.
This repository was archived by the owner on Mar 8, 2022. It is now read-only.

Verification for custom domains #227

Closed
#410
Closed
Verification for custom domains#227
#410
Labels
enhancementNew feature or requestpreserveresource/auth0_custom_domain
@squarebracket

Description

@squarebracket
squarebracket
opened on May 7, 2020

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

I noticed that the auth0_custom_domain resource doesn't verify the domain. I don't know much about the guts of Terraform's resource dependency, but I'd imagine that it's not possible to have the auth0_custom_domain resource wait for the DNS record to work, since the DNS resource relies on the output of the custom domain resource. But perhaps there could be a separate auth0_custom_domain_verification resource that could accomplish this?

I see that the auth0 go package has a Verify method. In the simplest implementation, one could simply depends_on a null_resource that sleeps for a bit. I suppose a more thorough implementation would wait for the actual DNS record to appear.

New or Affected Resource(s)

  • auth0_custom_domain_verification (I guess, see above)

Potential Terraform Configuration

# Ideal implementation
resource "auth0_custom_domain" "mydomain" {
  domain = "login.example.com"
  type = "auth0_managed_certs"
  verification_method = "txt"
}
resource "digitalocean_record" "auth0_domain" {
  domain = "example.com"
  type = upper(auth0_custom_domain.mydomain.verification[0].methods[0].name)
  name = "login"
  value = "${auth0_custom_domain.mydomain.verification[0].methods[0].record}."
}
resource "auth0_custom_domain_verification" "mydomain" {
  custom_domain_id = auth0_custom_domain.mydomain.id
  dns_record = digitalocean_record.auth0_domain.value
  dns_record_type = auth0_custom_domain.mydomain.verification[0].methods[0].name
}

# hacky version
resource "auth0_custom_domain" "mydomain" {
  domain = "login.example.com"
  type = "auth0_managed_certs"
  verification_method = "txt"
}
resource "digitalocean_record" "auth0_domain" {
  domain = "example.com"
  type = upper(auth0_custom_domain.mydomain.verification[0].methods[0].name)
  name = "login"
  value = "${auth0_custom_domain.mydomain.verification[0].methods[0].record}."
}
resource "null_resource" "delay" {
  provisioner "local-exec" {
    command = "sleep 120"
  }
  triggers = {
    before = digitalocean_record.auth0_domain.id
  }
}
resource "auth0_custom_domain_verification" "mydomain" {
  custom_domain_id = auth0_custom_domain.mydomain.id
  depends_on = ["null_resource.delay"]
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestpreserveresource/auth0_custom_domain

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions