Create an Event Stream

By subscribing to events, and delivering them to a destination of your choice using event streams, you can facilitate a number of related use cases, including: 

• Sending emails to new customers to welcome them or ask them to verify their email address.

• Monitoring user lifecycle changes so that you can update CRM (customer relationship management) or billing systems.

You can create an event stream using either AWS EventBridge or webhooks. The sections below outline the setup process for both options.

Event streams can either be provisioned using the Auth0 dashboard or the Auth0 Management API. If using the Management API, before you can set up an event stream, you need to create a machine-to-machine (M2M) application and authenticate with a Management API token. For more information, review Management API Access Tokens.

1. Navigate to Dashboard > Applications > Applications and select Create Application.

2. Enter a descriptive name for your application and choose Machine to Machine Applications. Then, select Create.

3. Select the API you want to call from your application. In this case, use the Auth0 Management API.

4. Choose the permissions that you want to be issued as part of your application's access token, then select Authorize. For testing purposes, select:

   • read:event_streams

   • create:event_streams

   • update:event_streams

   • delete:event_streams

   • read:event_deliveries

   • update:event_deliveries

   • create:users

5. Navigate to the Settings tab to gather your Client ID, Client Secret, and Domain.

6. Review Get Management API Access Tokens to retrieve and store your access token.

The information below describes how you can create and enable an event stream using AWS EventBridge.

To use AWS EventBridge for event streams, you will need the following:

• AWS account

  • Your AWS account must have permissions to use EventBridge. If you don’t have an account, sign up at https://aws.amazon.com/eventbridge/.

• AWS IAM permissions

• AWS EventBridge event bus

• AWS account ID & region

auth0 events create --name ng-demo-eventbridge --type eventbridge --subscriptions "user.created" --configuration '{"aws_account_id":"<your-aws-account-id>","aws_region":"<your-aws-region>"}'

{
  "id": "est_8of6RXoM1997qikH7NS11h",
  "status": "enabled",
  "name": "ng-demo-eventbridge",
  "subscriptions": [
    {
      "event_type": "user.created"
    }
  ],
  "created_at": "2025-01-29T18:08:43.440Z",
  "updated_at": "2025-01-29T18:08:43.440Z",
  "destination": {
    "type": "eventbridge",
    "configuration": {
      "aws_account_id": "<your-aws-account-id>",
      "aws_region": "<your-aws-region>",
      "aws_partner_event_source": "default"
    }
  }
}

As an alternative to AWS EventBridge, you can use webhooks to facilitate event streams.

To get started, first set up a webhook handler to receive real-time notifications when a specific event occurs.  Then, you can create your event stream.

You can either create a basic webhook handler by following the instructions below, or you can use an existing service such as:

• Vercel

• Inngest

If you decide to use an existing service, you can proceed to Create an event stream (webhook). Otherwise, follow the instructions below to create your own basic webhook handler.

Ensure you have the following installed to properly write your webhook handler:

• node.js

• jq

• npm

• ngrok

1. Install express to your node_modules folder and your package.json dependencies.

2. Install dotenv to your root directory to use a .env file for storing environment variables.

3. Create a webhook.js fle to receive the user.created event and store it in a database.

   const express = require('express');
   const app = express();
   
   // Authorization middleware
   app.use((req, res, next) => {
     const token = req.headers["authorization"];
     if (token !== `Bearer ${API_TOKEN}`) {
       return res.status(401).json({ error: "Unauthorized" });
     }
     next();
   });
   
   // Webhook endpoint
   app.post("/webhook", async (req, res) => {
     console.log("Webhook received:", JSON.stringify(req.body, null, 2));
   
     const eventData = req.body;
     const { id, type, time, data } = eventData;
     const user = data.object;
   
     try {
       switch (type) {
         case "user.created":
           await handleUserCreated(user, time);
           break;
         case "user.updated":
           await handleUserUpdated(user, time);
           break;
         case "user.deleted":
           await handleUserDeleted(user, time);
           break;
         default:
           await handleDefaultEvent(id, type, time, data);
       }
   
       console.log(`Webhook event of type '${type}' committed to the database.`);
       res.sendStatus(204);
     } catch (err) {
       console.error("Error processing webhook:", err);
       res.status(500).json({ error: "Internal server error" });
     }
   });
   
   // Specific function for handling the user created event
   // In this example we're making sure users are also created in our own database
   async function handleUserCreated(user, time) {
     const { user_id, email, name, nickname, created_at, updated_at } = user;
   
     const query = `
       INSERT INTO users (user_id, email, name, nickname, created_at, updated_at, raw_user, last_event_processed)
       VALUES ($1, $2, $3, $4, $5, $6, $7, $8)
     `;
     const values = [
       user_id,
       email,
       name,
       nickname,
       created_at,
       updated_at,
       user,
       time,
     ];
   
     try {
       await getPool().query(query, values);
     } catch (err) {
       if (err.code === "23505") {
         console.error(`Duplicate user_id=${user_id}, skipping insert.`);
       } else {
         console.error(`Database error while creating user_id=${user_id}:`, err);
         throw err;
       }
     }
   }

   Was this helpful?

   feedbackSection.yesButtonText /feedbackSection.noButtonText

4. In the root of your project, create a .env file and add your API token using:

   API_TOKEN=`openssl rand -hex 32`
   echo "API_TOKEN=$API_TOKEN" > .env

   Was this helpful?

   feedbackSection.yesButtonText /feedbackSection.noButtonText

5. Start your server:

   node webhook.js

   Was this helpful?

   feedbackSection.yesButtonText /feedbackSection.noButtonText

6. To test the Webhook, expose your webhook handler using a tool like ngrok:

   ngrok http 3000

   Was this helpful?

   feedbackSection.yesButtonText /feedbackSection.noButtonText
   This provides a public URL for your local webhook handler, for example:

   http://localhost:3000

   Was this helpful?

   feedbackSection.yesButtonText /feedbackSection.noButtonText

Event streams allow you to capture real-time changes within your Auth0 tenant and send them to an external system for processing.

Before setting up an event stream, you need to identify the event types you want to monitor. You will then use your webhook handler to create an event stream, as demonstrated below.

source .env # Make sure you are in the webhook directory where you created your .env file
WEBHOOK_URL="<ngrok URL>/webhook"

auth0 events create -n my-event1 -t webhook -s "user.created" -c '{"webhook_endpoint":"'"${WEBHOOK_URL}"'","webhook_authorization":{"method":"bearer","token":'"${API_TOKEN}"'"}}'

{
  "id": "est_8of6RXoM1997qikH7NS11h",
  "status": "enabled",
  "name": "ng-demo-2",
  "subscriptions": [
    {
      "event_type": "user.created"
    }
  ],
  "created_at": "2025-01-29T18:08:43.440Z",
  "updated_at": "2025-01-29T18:08:43.440Z",
  "destination": {
    "type": "webhook",
    "configuration": {
      "webhook_endpoint": "https://example.com/webhook",
      "webhook_authorization": {
        "method": "bearer"
      }
    }
  }
}

auth0 events show <EVENT_STREAM_ID>

After the stream is active, you can test the event stream. For more information, review Event Testing, Observability, and Failure Recovery.

• Event Types
• Event Testing, Observability, and Failure Recovery
• Events Best Practices