← Back to all sparks
Auth0 logo

Auth0

INFRA · APISDEVOPS
Velocity6.3

Authentication and authorization platform

Auth0 pushes past login into full identity lifecycle: SCIM both ways, granular token control

identityscimprovisioningenterpriserefresh-tokensb2b
Current state
Auth0's recent releases cluster tightly around enterprise identity lifecycle rather than authentication itself. Inbound SCIM groups went GA, outbound SCIM provisioning arrived via Event Streams, and group-to-role mapping now spans tenant and organization scope. In parallel it is hardening session primitives — refresh token metadata (GA) and bulk refresh-token revocation — and modernizing the dashboard IA.
Where it's heading
The direction is a lifecycle and governance platform for B2B: provisioning users and groups in both directions, self-service enterprise configuration, and finer control over tokens and sessions. This is Auth0 competing on the same enterprise provisioning ground as Okta and WorkOS, moving the value from 'sign users in' to 'manage their entire access lifecycle.'
Prediction
Expect more Event Streams destinations and provisioning templates, broader GA of the Early Access refresh-token and session controls, and continued dashboard consolidation as the IA refresh exits beta.

Recent moves

  1. 1d ago

    IPSIE session_expiry Claim Support for Okta and OIDC Enterprise Connections

  2. 2d ago

    Tenant Log Catalog Now Available in Auth0 Docs

    An interactive Tenant Log Catalog in the docs lets developers discover tenant log event codes and schemas without digging through GitHub. A developer-experience improvement that supports the observability and lifecycle work, not a product-capability change.

  3. 8d ago

    Automate Downstream Provisioning with Outbound SCIM for Users via Event Streams

    ⚡ SPARK

    An Outbound SCIM Action template for Event Streams pushes user.created/updated/deleted events to any SCIM 2.0 app with no custom webhook infrastructure. This extends Auth0 from a provisioning sink to a provisioning source, a new direction in its lifecycle story.

  4. 17d ago

    Refresh Token metadata is now Generally Available

    Refresh Token Metadata reaches GA for Enterprise, allowing up to 25 custom key-value pairs per token, set in Actions and managed via the Management API. Part of the broader push to give enterprises richer, programmable control over session context.

  5. 22d ago

    Google Workspace Directory Sync for Groups - Early Access Updates

    Google Workspace Directory Sync for Groups is now Early Access without enrolment, and synced groups can map to tenant-level and organization-scoped RBAC roles. Reinforces the group-to-role provisioning theme running through this window.

  6. 24d ago

    Dashboard Search for APIs Now in Beta

    Dashboard users can now search APIs in real time by ID, identifier, or name instead of scrolling paginated lists. A small admin UX improvement aligned with the broader dashboard modernization effort.