feat: Add support for riskAssessment

[josh-cain]

🔧 Changes

Add the ability manage risk assessment settings (/v2/risk-assessments/settings) via the CLI. This change includes two settings:

Examples

YAML format

riskAssessment:

riskAssessment:
  settings:
    enabled: true
  new_device:
    remember_for: 30

JSON format (directory settings.json)

{
  "settings": {
    "enabled": true
  },
  "new_device": {
    "remember_for": 30
  }
}

📚 References

• https://auth0.com/docs/api/management/v2/risk-assessments/get-risk-assessments-settings
• https://auth0.com/docs/api/management/v2/risk-assessments/get-new-device

🔬 Testing

Unit tests passing ✅

Smoke tested locally with:

node lib/index.js export -c config.json -f yaml -o ./local-export/

Everything seemed fine, the tenant.json file rendered correctly with riskAssessment.

Next, ran the import script:

node lib/index.js import -c config.json -i ./local-export/tenant.yaml
.
2025-12-01T23:59:45.590Z - info: Import Successful

Everything checked out, and was properly reflected in tenant logs and the tenant:

📝 Checklist

• All new/changed/fixed functionality is covered by tests (or N/A)
• I have added documentation for all new/changed functionality (or N/A)

[kushalshit27]

Hi, @josh-cain
Thank you for submitting this PR! Please add proper PR description (e.g #1204).

Contributing guideline: https://github.com/auth0/auth0-deploy-cli/blob/master/CONTRIBUTING.md

Let me know if you have any questions. Looking forward to your updates!

[josh-cain]

Hey @kushalshit27 , will when I go to move it out of draft state, build is passing, etc. Thanks 👍

[josh-cain]

Should be ready to go. Only issue is the e2e tests, for which it looks like I'd need to record prior to running, is that accurate @kushalshit27 ?

[kushalshit27]

Hi, @josh-cain
E2E tests sometimes fail for fork PRs; I will handle that.

[kushalshit27]

Please add PR description similar to #1204

[kushalshit27]

HI, @josh-cain ,
Since there are no multiple risk assessments, use the singular riskAssessment.

Please keep a single file for riskAssessment , riskAssessmentsNewDevice.ts is not needed.

Refer to attackProtection for a reference on combining multiple APIs under a single resource.

[josh-cain]

@kushalshit27 Updated ✅ . Please LMK if those changes are what you had in mind.

[kushalshit27]

@josh-cain
One small request, renaming all the files and variables:

riskAssessments to riskAssessment

[kushalshit27]

@claude

[josh-cain]

@josh-cain One small request, renaming all the files and variables:

riskAssessments to riskAssessment

🤔 The API endpoint + docs are riskAssessments, I thought we would want to match?

[kushalshit27]

Hi, @josh-cain
Renaming the files from 'riskAssessments' to 'riskAssessment' would be helpful.

[josh-cain]

@kushalshit27 ready for another look when you are.

[kushalshit27]

Hi, @josh-cain ,
Appreciate your effort in submitting this PR. 🤝

Is it okay if I make some changes to your fork PR, as we moved from node-sdk v4 to v5 on deploy-cli?

Let me know if you have any preferences or concerns.

[josh-cain]

@kushalshit27 Always 👍 , just ready to get this over the line.