Skip to content

feat: Add support for riskAssessment #1217

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kushalshit27 merged 28 commits into from
Dec 22, 2025
Merged

feat: Add support for riskAssessment #1217

kushalshit27 merged 28 commits into from
Dec 22, 2025

Conversation

@josh-cain
Copy link
Contributor

@josh-cain josh-cain commented Nov 24, 2025
edited by kushalshit27
Loading

🔧 Changes

Add the ability manage risk assessment settings (/v2/risk-assessments/settings) via the CLI. This change includes two settings:

Examples

YAML format

riskAssessment:

riskAssessment:
  settings:
    enabled: true
  new_device:
    remember_for: 30

JSON format (directory settings.json)

{
  "settings": {
    "enabled": true
  },
  "new_device": {
    "remember_for": 30
  }
}

📚 References

🔬 Testing

Unit tests passing ✅

Smoke tested locally with:

node lib/index.js export -c config.json -f yaml -o ./local-export/

Everything seemed fine, the tenant.json file rendered correctly with riskAssessment.

Next, ran the import script:

node lib/index.js import -c config.json -i ./local-export/tenant.yaml
.
2025-12-01T23:59:45.590Z - info: Import Successful

Everything checked out, and was properly reflected in tenant logs and the tenant:

Screenshot 2025-12-01 at 6 01 38 PM

📝 Checklist

  • All new/changed/fixed functionality is covered by tests (or N/A)
  • I have added documentation for all new/changed functionality (or N/A)

@kushalshit27
Copy link
Contributor

kushalshit27 commented Nov 25, 2025
edited
Loading

Hi, @josh-cain
Thank you for submitting this PR! Please add proper PR description (e.g #1204).

Contributing guideline: https://github.com/auth0/auth0-deploy-cli/blob/master/CONTRIBUTING.md

Let me know if you have any questions. Looking forward to your updates!

@josh-cain
Copy link
Contributor Author

josh-cain commented Nov 25, 2025
edited
Loading

Hey @kushalshit27 , will when I go to move it out of draft state, build is passing, etc. Thanks 👍

@josh-cain josh-cain force-pushed the addRiskAssessmentConfig branch from dce807e to c774018 Compare December 2, 2025 18:11
@josh-cain josh-cain marked this pull request as ready for review December 3, 2025 01:48
@josh-cain josh-cain requested a review from a team as a code owner December 3, 2025 01:48
@josh-cain josh-cain force-pushed the addRiskAssessmentConfig branch from 2d7d33b to 9f6141b Compare December 3, 2025 01:52
@josh-cain
Copy link
Contributor Author

josh-cain commented Dec 3, 2025

Should be ready to go. Only issue is the e2e tests, for which it looks like I'd need to record prior to running, is that accurate @kushalshit27 ?

@kushalshit27
Copy link
Contributor

kushalshit27 commented Dec 3, 2025
edited
Loading

Hi, @josh-cain
E2E tests sometimes fail for fork PRs; I will handle that.

@kushalshit27
Copy link
Contributor

kushalshit27 commented Dec 3, 2025

Please add PR description similar to #1204

kushalshit27
kushalshit27 reviewed Dec 3, 2025
View reviewed changes
Copy link
Contributor

@kushalshit27 kushalshit27 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

HI, @josh-cain ,
Since there are no multiple risk assessments, use the singular riskAssessment.

Please keep a single file for riskAssessment , riskAssessmentsNewDevice.ts is not needed.

Refer to attackProtection for a reference on combining multiple APIs under a single resource.

@josh-cain
Copy link
Contributor Author

josh-cain commented Dec 4, 2025

@kushalshit27 Updated ✅ . Please LMK if those changes are what you had in mind.

kushalshit27
kushalshit27 requested changes Dec 5, 2025
View reviewed changes
Copy link
Contributor

@kushalshit27 kushalshit27 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@josh-cain
One small request, renaming all the files and variables:

riskAssessments to riskAssessment

@kushalshit27
Copy link
Contributor

kushalshit27 commented Dec 5, 2025

@claude

@github-actions

This comment was marked as outdated.

Sign in to view
github-actions[bot]
github-actions bot reviewed Dec 5, 2025
View reviewed changes
github-actions[bot]
github-actions bot reviewed Dec 5, 2025
View reviewed changes
github-actions[bot]
github-actions bot reviewed Dec 5, 2025
View reviewed changes
github-actions[bot]
github-actions bot reviewed Dec 5, 2025
View reviewed changes
github-actions[bot]
github-actions bot reviewed Dec 5, 2025
View reviewed changes
github-actions[bot]
github-actions bot reviewed Dec 5, 2025
View reviewed changes
github-actions[bot]
github-actions bot reviewed Dec 5, 2025
View reviewed changes
@josh-cain
Copy link
Contributor Author

josh-cain commented Dec 5, 2025

@josh-cain One small request, renaming all the files and variables:

riskAssessments to riskAssessment

🤔 The API endpoint + docs are riskAssessments, I thought we would want to match?

kushalshit27
kushalshit27 reviewed Dec 8, 2025
View reviewed changes
kushalshit27
kushalshit27 reviewed Dec 8, 2025
View reviewed changes
Copy link
Contributor

@kushalshit27 kushalshit27 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, @josh-cain
Renaming the files from 'riskAssessments' to 'riskAssessment' would be helpful.

kushalshit27
kushalshit27 reviewed Dec 8, 2025
View reviewed changes
kushalshit27
kushalshit27 reviewed Dec 8, 2025
View reviewed changes
josh-cain and others added 4 commits December 12, 2025 09:40
@josh-cain @kushalshit27
Update docs/resource-specific-documentation.md
3e38f5c 
Co-authored-by: Kushal <43465488+kushalshit27@users.noreply.github.com>
@josh-cain @kushalshit27
Update src/tools/constants.ts
c73ad14 
Co-authored-by: Kushal <43465488+kushalshit27@users.noreply.github.com>
@josh-cain
feedback: more renaming
6c9931a
@josh-cain
fix: tests should reflect singular naming too
b64421f
@josh-cain
Copy link
Contributor Author

josh-cain commented Dec 12, 2025

@kushalshit27 ready for another look when you are.

@kushalshit27
Copy link
Contributor

kushalshit27 commented Dec 17, 2025

Hi, @josh-cain ,
Appreciate your effort in submitting this PR. 🤝

Is it okay if I make some changes to your fork PR, as we moved from node-sdk v4 to v5 on deploy-cli?

Let me know if you have any preferences or concerns.

@josh-cain
Copy link
Contributor Author

josh-cain commented Dec 17, 2025

@kushalshit27 Always 👍 , just ready to get this over the line.

@kushalshit27
Merge branch 'master' into addRiskAssessmentConfig
863a41e
@kushalshit27
feat: update risk assessment schema structure
cf25eea 
- src/tools/auth0/handlers/riskAssessment.ts: nest 'enabled' under 'settings' object
- src/tools/auth0/handlers/riskAssessment.ts: change required fields to include 'settings'
@kushalshit27
feat: update risk assessment structure and tests
3c7b539 
- src/context/directory/handlers/riskAssessment.ts: change ParsedRiskAssessment type to use RiskAssessmentSettings
- src/context/yaml/handlers/riskAssessment.ts: change ParsedRiskAssessment type to use RiskAssessmentSettings
- test/context/directory/riskAssessment.test.js: update settings structure in test cases
- test/context/yaml/context.test.js: update settings structure in test cases
- test/tools/auth0/handlers/riskAssessment.tests.js: update settings structure in handler tests
- test/utils.js: update mock for risk assessments to reflect new structure
@kushalshit27
feat: update risk assessment configuration and examples
63a5f2d 
- docs/resource-specific-documentation.md: enhance risk assessments section with detailed configuration options
- examples/directory/risk-assessment/settings.json: add new settings.json file for risk assessment
- examples/yaml/tenant.yaml: modify risk assessment structure to include settings
@kushalshit27
update e2e
bb528f1
@kushalshit27
feat: update risk assessment types and remove settings.json
168018a 
- src/context/directory/handlers/riskAssessment.ts: replace RiskAssessmentSettings with RiskAssessment
- src/context/yaml/handlers/riskAssessment.ts: replace RiskAssessmentSettings with RiskAssessment
- src/tools/auth0/handlers/riskAssessment.ts: rename RiskAssessmentSettings to RiskAssessment
- src/types.ts: update riskAssessment type to use RiskAssessment instead of RiskAssessmentSettings
- examples/directory/risk-assessments/settings.json: remove settings.json file
@kushalshit27 kushalshit27 changed the title feat: riskAssessments integration feat: Add support for riskAssessment Dec 21, 2025
@kushalshit27 kushalshit27 merged commit 9062d24 into auth0:master Dec 22, 2025
5 of 6 checks passed
@kushalshit27 kushalshit27 mentioned this pull request Dec 22, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@duedares-rvj duedares-rvj duedares-rvj approved these changes

@kushalshit27 kushalshit27 kushalshit27 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@josh-cain @kushalshit27 @duedares-rvj