ENCRYPTION_KEY parameter clarification for the auth0 custom Extension

[jralmaraz]

Hi.

Again, thanks for the great content you guys always produce, they are very helpful.

In regards to installing this repos' extension on Auth0, can you clarify on the more on what should be the "ENCRYPTION_KEY - An AES 128 encryption key (encoded in base64) that will be used to encrypt sensitive information when in transit or when stored as part of the Auth0 user profile" ?

I tried to create a private key using openssl, encoding it with base64, but I get "Forbidden" when clicking on the installed Extension and also get an "invalid key length" when trying the automatic created Rule "Multi-Factor-VoiceIt-Do-Not-Rename".

I must be missing something and been re-reading the docs in the meantime, but any feedback is appreciated.

Thanks.

Jose

[jmangelo]

Hi Jose, for that parameter you should be able to just generate 128 bits of random data using any appropriate pseudo random number generator and then encode that data in base64. (https://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator)