AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2025-10-01 · Documentation low

File: bedrock-agentcore/latest/devguide/identity-idp-auth0.md

Summary

Added 'Outbound' configuration section for Auth0 with OAuth2 client credentials and discovery URL

Security assessment

Added documentation for secure OAuth2 configuration but does not address a specific vulnerability. Demonstrates proper use of client secrets in configuration templates.

Diff

diff --git a/bedrock-agentcore/latest/devguide/identity-idp-auth0.md b/bedrock-agentcore/latest/devguide/identity-idp-auth0.md
index 03adbc255..bcded1485 100644
--- a//bedrock-agentcore/latest/devguide/identity-idp-auth0.md
+++ b//bedrock-agentcore/latest/devguide/identity-idp-auth0.md
@@ -5 +5 @@
-Inbound
+InboundOutbound
@@ -72,0 +73,19 @@ Where `<your-domain>` is your Auth0 tenant domain (e.g., "dev-example.us.auth0.c
+## Outbound
+
+To configure Auth0 as an outbound resource provider, use the following:
+    
+    
+    {
+      "name": "NAME",
+      "credentialProviderVendor": "CustomOauth2",
+      "oauth2ProviderConfigInput" : {
+        "customOauth2ProviderConfig": {
+          "clientId": "your-client-id",
+          "clientSecret": "your-client-secret",
+          "oauthDiscovery": {
+            "discoveryUrl": "https://{your-auth0-tenant}.auth0.com/.well-known/openid-configuration"
+          }
+        }
+      }
+    }
+