docs: better secret handling in Auth0 rule (hasura#5677)

hasura#5677
etrepum · Oct 1, 2020 · 3b57008 · 3b57008
1 parent b705dcb
commit 3b57008
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/docs/graphql/core/guides/integrations/auth0-jwt.rst b/docs/graphql/core/guides/integrations/auth0-jwt.rst
@@ -233,7 +233,6 @@ Using Auth0 Rules again, add the following rule which will insert a new user eve
 
    function (user, context, callback) {
      const userId = user.user_id;
-     const hasuraAdminSecret = "xxxx";
      const url = "https://my-hasura-app.hasura.app/v1/graphql";
      const upsertUserQuery = `
        mutation($userId: String!){
@@ -244,7 +243,7 @@ Using Auth0 Rules again, add the following rule which will insert a new user eve
      const graphqlReq = { "query": upsertUserQuery, "variables": { "userId": userId } }
 
      request.post({
-         headers: {'content-type' : 'application/json', 'x-hasura-admin-secret': hasuraAdminSecret},
+         headers: {'content-type' : 'application/json', 'x-hasura-admin-secret': configuration.HASURA_ADMIN_SECRET},
          url:   url,
          body:  JSON.stringify(graphqlReq)
      }, function(error, response, body){
@@ -253,6 +252,8 @@ Using Auth0 Rules again, add the following rule which will insert a new user eve
      });
    }
 
+Make sure to specify the ``HASURA_ADMIN_SECRET`` variable in the "Rules > Settings" section of Auth0. 
+
 That’s it! This rule will be triggered on every successful signup/login and sync your Auth0 user into your postgres database.
 
 .. note::