AWS bedrock-agentcore documentation change
Summary
Added 'Outbound' configuration section for Auth0 with OAuth2 client credentials and discovery URL
Security assessment
Added documentation for secure OAuth2 configuration but does not address a specific vulnerability. Demonstrates proper use of client secrets in configuration templates.
Diff
diff --git a/bedrock-agentcore/latest/devguide/identity-idp-auth0.md b/bedrock-agentcore/latest/devguide/identity-idp-auth0.md index 03adbc255..bcded1485 100644 --- a//bedrock-agentcore/latest/devguide/identity-idp-auth0.md +++ b//bedrock-agentcore/latest/devguide/identity-idp-auth0.md @@ -5 +5 @@ -Inbound +InboundOutbound @@ -72,0 +73,19 @@ Where `<your-domain>` is your Auth0 tenant domain (e.g., "dev-example.us.auth0.c +## Outbound + +To configure Auth0 as an outbound resource provider, use the following: + + + { + "name": "NAME", + "credentialProviderVendor": "CustomOauth2", + "oauth2ProviderConfigInput" : { + "customOauth2ProviderConfig": { + "clientId": "your-client-id", + "clientSecret": "your-client-secret", + "oauthDiscovery": { + "discoveryUrl": "https://{your-auth0-tenant}.auth0.com/.well-known/openid-configuration" + } + } + } + } +