Skip to content
Eight Effect-native API SDKs are live.Explore the catalog
Distilled
Esc
navigateopen⌘Jpreview
On this page

Announcing the Distilled Auth0 SDK

Administer Auth0 tenants, users, clients, connections, organizations, and logs through Effect.

Identity administration is both automation-friendly and security-sensitive. Provisioning users, inspecting clients, rotating configuration, and investigating logs all benefit from a boundary that treats credentials and failures deliberately. @kevinmichaelchen/distilled-auth0 brings 451 Auth0 Management API operations into Effect.

Auth0, at a glance

Auth0 is an identity platform for authentication and authorization. The Management API v2 lets trusted backends perform administrative work across users, clients, connections, organizations, roles, permissions, logs, actions, branding, and tenant configuration. Auth0’s official Node client lives at auth0/node-auth0.

Why Effect and Distilled?

Identity-management failures should not disappear into generic exceptions. Distilled maps known Auth0 statuses, validates supported schemas, redacts Management API tokens and sensitive response fields, and exposes retry behavior. Effect lets a provisioning workflow compose those failures with timeouts, backoff, tracing, concurrency limits, and compensating logic.

Configuration is a layer rather than a hidden singleton. Tests can replace the tenant credentials or HTTP client, and production programs can share one explicit dependency graph.

How we made the SDK

Mirror Auth0's official OpenAPI

A dedicated source repository records the Management API v2 OpenAPI 3.1 document at an immutable commit.

Generate the administrative surface

The common generator emits 451 operation modules for users, clients, connections, organizations, logs, actions, roles, and tenant settings.

Respect the complexity guard

Four exceptionally large top-level unions use the generator’s existing unknown-output safety limit rather than expanding into unstable combinatorial schemas.

Add tenant-aware runtime policy

The handwritten layer constructs https://<tenant>/api/v2, injects bearer authentication, redacts secrets, and decodes Auth0 errors.

Code Examples

Set AUTH0_DOMAIN and AUTH0_MANAGEMENT_TOKEN, then install:

npm install @kevinmichaelchen/distilled-auth0 effect
pnpm add @kevinmichaelchen/distilled-auth0 effect
bun add @kevinmichaelchen/distilled-auth0 effect
import * as Effect from "effect/Effect";
import * as Layer from "effect/Layer";
import * as Redacted from "effect/Redacted";
import * as FetchHttpClient from "effect/unstable/http/FetchHttpClient";
import {
  CredentialsFromEnv,
  getLogs,
  getUsers,
  postUsers,
} from "@kevinmichaelchen/distilled-auth0";

const Auth0Live = Layer.mergeAll(FetchHttpClient.layer, CredentialsFromEnv);

Search for blocked users

Find accounts that need security or support follow-up while requesting only the fields the workflow consumes.

const blockedUsers = getUsers({
  q: "blocked:true",
  search_engine: "v3",
  fields: "user_id,email,blocked,last_login",
  include_fields: true,
  per_page: 50,
});

const findBlockedUsers = blockedUsers.pipe(Effect.provide(Auth0Live));

Provision a database user

Create an account in a database connection while keeping the initial password redacted in Effect logs and diagnostics.

const provisionDatabaseUser = postUsers({
  connection: "Username-Password-Authentication",
  email: "new.user@example.com",
  password: Redacted.make("replace-with-a-generated-secret"),
  verify_email: true,
}).pipe(Effect.provide(Auth0Live));

Inspect recent tenant errors

Pull recent failure events for an operational dashboard or incident workflow.

const inspectRecentTenantErrors = getLogs({
  search: "type:f OR type:fe OR type:fu",
  sort: "date:-1",
  per_page: 100,
  include_totals: true,
}).pipe(Effect.provide(Auth0Live));

From the same runtime you can manage roles and permissions, configure connections, administer organizations, and revoke sessions or refresh tokens.

Available now

Read the Auth0 SDK guide, inspect the implementation, browse the spec mirror, or install @kevinmichaelchen/distilled-auth0.

Last updated on July 15, 2026

Was this page helpful?