Auth0

Pulumi Official
Package maintained by Pulumi
v2.9.0 published on Thursday, May 26, 2022 by Pulumi

Client

With this resource, you can set up applications that use Auth0 for authentication and configure allowed callback URLs and secrets for these applications. Depending on your plan, you may also configure add-ons to allow your application to call another application’s API (such as Firebase and AWS) on behalf of an authenticated user.

Example Usage

using Pulumi;
using Auth0 = Pulumi.Auth0;

class MyStack : Stack
{
    public MyStack()
    {
        var myClient = new Auth0.Client("myClient", new Auth0.ClientArgs
        {
            Addons = new Auth0.Inputs.ClientAddonsArgs
            {
                Firebase = 
                {
                    { "clientEmail", "john.doe@example.com" },
                    { "lifetimeInSeconds", 1 },
                    { "privateKey", "wer" },
                    { "privateKeyId", "qwreerwerwe" },
                },
                Samlp = new Auth0.Inputs.ClientAddonsSamlpArgs
                {
                    Audience = "https://example.com/saml",
                    CreateUpnClaim = false,
                    MapIdentities = false,
                    MapUnknownClaimsAsIs = false,
                    Mappings = 
                    {
                        { "email", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" },
                        { "name", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" },
                    },
                    NameIdentifierFormat = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
                    NameIdentifierProbes = 
                    {
                        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
                    },
                    PassthroughClaimsWithNoMapping = false,
                    SigningCert = "pemcertificate",
                },
            },
            AllowedClients = 
            {
                "https://allowed.example.com",
            },
            AllowedLogoutUrls = 
            {
                "https://example.com",
            },
            AllowedOrigins = 
            {
                "https://example.com",
            },
            AppType = "non_interactive",
            Callbacks = 
            {
                "https://example.com/callback",
            },
            ClientMetadata = 
            {
                { "foo", "zoo" },
            },
            ClientSecretRotationTrigger = 
            {
                { "triggered_at", "2018-01-02T23:12:01Z" },
                { "triggered_by", "auth0" },
            },
            CustomLoginPageOn = true,
            Description = "Test Applications Long Description",
            GrantTypes = 
            {
                "authorization_code",
                "http://auth0.com/oauth/grant-type/password-realm",
                "implicit",
                "password",
                "refresh_token",
            },
            InitiateLoginUri = "https://example.com/login",
            IsFirstParty = true,
            IsTokenEndpointIpHeaderTrusted = true,
            JwtConfiguration = new Auth0.Inputs.ClientJwtConfigurationArgs
            {
                Alg = "RS256",
                LifetimeInSeconds = 300,
                Scopes = 
                {
                    { "foo", "bar" },
                },
                SecretEncoded = true,
            },
            Mobile = new Auth0.Inputs.ClientMobileArgs
            {
                Ios = new Auth0.Inputs.ClientMobileIosArgs
                {
                    AppBundleIdentifier = "com.my.bundle.id",
                    TeamId = "9JA89QQLNQ",
                },
            },
            OidcConformant = false,
            OrganizationRequireBehavior = "no_prompt",
            OrganizationUsage = "deny",
            RefreshToken = new Auth0.Inputs.ClientRefreshTokenArgs
            {
                ExpirationType = "expiring",
                IdleTokenLifetime = 1296000,
                InfiniteIdleTokenLifetime = true,
                InfiniteTokenLifetime = false,
                Leeway = 15,
                RotationType = "rotating",
                TokenLifetime = 84600,
            },
            TokenEndpointAuthMethod = "client_secret_post",
            WebOrigins = 
            {
                "https://example.com",
            },
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-auth0/sdk/v2/go/auth0"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := auth0.NewClient(ctx, "myClient", &auth0.ClientArgs{
			Addons: &ClientAddonsArgs{
				Firebase: pulumi.AnyMap{
					"clientEmail":       pulumi.Any("john.doe@example.com"),
					"lifetimeInSeconds": pulumi.Any(1),
					"privateKey":        pulumi.Any("wer"),
					"privateKeyId":      pulumi.Any("qwreerwerwe"),
				},
				Samlp: &ClientAddonsSamlpArgs{
					Audience:             pulumi.String("https://example.com/saml"),
					CreateUpnClaim:       pulumi.Bool(false),
					MapIdentities:        pulumi.Bool(false),
					MapUnknownClaimsAsIs: pulumi.Bool(false),
					Mappings: pulumi.AnyMap{
						"email": pulumi.Any("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"),
						"name":  pulumi.Any("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"),
					},
					NameIdentifierFormat: pulumi.String("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"),
					NameIdentifierProbes: pulumi.StringArray{
						pulumi.String("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"),
					},
					PassthroughClaimsWithNoMapping: pulumi.Bool(false),
					SigningCert:                    pulumi.String("pemcertificate"),
				},
			},
			AllowedClients: pulumi.StringArray{
				pulumi.String("https://allowed.example.com"),
			},
			AllowedLogoutUrls: pulumi.StringArray{
				pulumi.String("https://example.com"),
			},
			AllowedOrigins: pulumi.StringArray{
				pulumi.String("https://example.com"),
			},
			AppType: pulumi.String("non_interactive"),
			Callbacks: pulumi.StringArray{
				pulumi.String("https://example.com/callback"),
			},
			ClientMetadata: pulumi.AnyMap{
				"foo": pulumi.Any("zoo"),
			},
			ClientSecretRotationTrigger: pulumi.AnyMap{
				"triggered_at": pulumi.Any("2018-01-02T23:12:01Z"),
				"triggered_by": pulumi.Any("auth0"),
			},
			CustomLoginPageOn: pulumi.Bool(true),
			Description:       pulumi.String("Test Applications Long Description"),
			GrantTypes: pulumi.StringArray{
				pulumi.String("authorization_code"),
				pulumi.String("http://auth0.com/oauth/grant-type/password-realm"),
				pulumi.String("implicit"),
				pulumi.String("password"),
				pulumi.String("refresh_token"),
			},
			InitiateLoginUri:               pulumi.String("https://example.com/login"),
			IsFirstParty:                   pulumi.Bool(true),
			IsTokenEndpointIpHeaderTrusted: pulumi.Bool(true),
			JwtConfiguration: &ClientJwtConfigurationArgs{
				Alg:               pulumi.String("RS256"),
				LifetimeInSeconds: pulumi.Int(300),
				Scopes: pulumi.StringMap{
					"foo": pulumi.String("bar"),
				},
				SecretEncoded: pulumi.Bool(true),
			},
			Mobile: &ClientMobileArgs{
				Ios: &ClientMobileIosArgs{
					AppBundleIdentifier: pulumi.String("com.my.bundle.id"),
					TeamId:              pulumi.String("9JA89QQLNQ"),
				},
			},
			OidcConformant:              pulumi.Bool(false),
			OrganizationRequireBehavior: pulumi.String("no_prompt"),
			OrganizationUsage:           pulumi.String("deny"),
			RefreshToken: &ClientRefreshTokenArgs{
				ExpirationType:            pulumi.String("expiring"),
				IdleTokenLifetime:         pulumi.Int(1296000),
				InfiniteIdleTokenLifetime: pulumi.Bool(true),
				InfiniteTokenLifetime:     pulumi.Bool(false),
				Leeway:                    pulumi.Int(15),
				RotationType:              pulumi.String("rotating"),
				TokenLifetime:             pulumi.Int(84600),
			},
			TokenEndpointAuthMethod: pulumi.String("client_secret_post"),
			WebOrigins: pulumi.StringArray{
				pulumi.String("https://example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var myClient = new Client("myClient", ClientArgs.builder()        
            .addons(ClientAddonsArgs.builder()
                .firebase(Map.ofEntries(
                    Map.entry("clientEmail", "john.doe@example.com"),
                    Map.entry("lifetimeInSeconds", 1),
                    Map.entry("privateKey", "wer"),
                    Map.entry("privateKeyId", "qwreerwerwe")
                ))
                .samlp(ClientAddonsSamlpArgs.builder()
                    .audience("https://example.com/saml")
                    .createUpnClaim(false)
                    .mapIdentities(false)
                    .mapUnknownClaimsAsIs(false)
                    .mappings(Map.ofEntries(
                        Map.entry("email", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"),
                        Map.entry("name", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name")
                    ))
                    .nameIdentifierFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent")
                    .nameIdentifierProbes("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress")
                    .passthroughClaimsWithNoMapping(false)
                    .signingCert("pemcertificate")
                    .build())
                .build())
            .allowedClients("https://allowed.example.com")
            .allowedLogoutUrls("https://example.com")
            .allowedOrigins("https://example.com")
            .appType("non_interactive")
            .callbacks("https://example.com/callback")
            .clientMetadata(Map.of("foo", "zoo"))
            .clientSecretRotationTrigger(Map.ofEntries(
                Map.entry("triggered_at", "2018-01-02T23:12:01Z"),
                Map.entry("triggered_by", "auth0")
            ))
            .customLoginPageOn(true)
            .description("Test Applications Long Description")
            .grantTypes(            
                "authorization_code",
                "http://auth0.com/oauth/grant-type/password-realm",
                "implicit",
                "password",
                "refresh_token")
            .initiateLoginUri("https://example.com/login")
            .isFirstParty(true)
            .isTokenEndpointIpHeaderTrusted(true)
            .jwtConfiguration(ClientJwtConfigurationArgs.builder()
                .alg("RS256")
                .lifetimeInSeconds(300)
                .scopes(Map.of("foo", "bar"))
                .secretEncoded(true)
                .build())
            .mobile(ClientMobileArgs.builder()
                .ios(ClientMobileIosArgs.builder()
                    .appBundleIdentifier("com.my.bundle.id")
                    .teamId("9JA89QQLNQ")
                    .build())
                .build())
            .oidcConformant(false)
            .organizationRequireBehavior("no_prompt")
            .organizationUsage("deny")
            .refreshToken(ClientRefreshTokenArgs.builder()
                .expirationType("expiring")
                .idleTokenLifetime(1296000)
                .infiniteIdleTokenLifetime(true)
                .infiniteTokenLifetime(false)
                .leeway(15)
                .rotationType("rotating")
                .tokenLifetime(84600)
                .build())
            .tokenEndpointAuthMethod("client_secret_post")
            .webOrigins("https://example.com")
            .build());

    }
}
import pulumi
import pulumi_auth0 as auth0

my_client = auth0.Client("myClient",
    addons=auth0.ClientAddonsArgs(
        firebase={
            "clientEmail": "john.doe@example.com",
            "lifetimeInSeconds": 1,
            "privateKey": "wer",
            "privateKeyId": "qwreerwerwe",
        },
        samlp=auth0.ClientAddonsSamlpArgs(
            audience="https://example.com/saml",
            create_upn_claim=False,
            map_identities=False,
            map_unknown_claims_as_is=False,
            mappings={
                "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
                "name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
            },
            name_identifier_format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
            name_identifier_probes=["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"],
            passthrough_claims_with_no_mapping=False,
            signing_cert="pemcertificate",
        ),
    ),
    allowed_clients=["https://allowed.example.com"],
    allowed_logout_urls=["https://example.com"],
    allowed_origins=["https://example.com"],
    app_type="non_interactive",
    callbacks=["https://example.com/callback"],
    client_metadata={
        "foo": "zoo",
    },
    client_secret_rotation_trigger={
        "triggered_at": "2018-01-02T23:12:01Z",
        "triggered_by": "auth0",
    },
    custom_login_page_on=True,
    description="Test Applications Long Description",
    grant_types=[
        "authorization_code",
        "http://auth0.com/oauth/grant-type/password-realm",
        "implicit",
        "password",
        "refresh_token",
    ],
    initiate_login_uri="https://example.com/login",
    is_first_party=True,
    is_token_endpoint_ip_header_trusted=True,
    jwt_configuration=auth0.ClientJwtConfigurationArgs(
        alg="RS256",
        lifetime_in_seconds=300,
        scopes={
            "foo": "bar",
        },
        secret_encoded=True,
    ),
    mobile=auth0.ClientMobileArgs(
        ios=auth0.ClientMobileIosArgs(
            app_bundle_identifier="com.my.bundle.id",
            team_id="9JA89QQLNQ",
        ),
    ),
    oidc_conformant=False,
    organization_require_behavior="no_prompt",
    organization_usage="deny",
    refresh_token=auth0.ClientRefreshTokenArgs(
        expiration_type="expiring",
        idle_token_lifetime=1296000,
        infinite_idle_token_lifetime=True,
        infinite_token_lifetime=False,
        leeway=15,
        rotation_type="rotating",
        token_lifetime=84600,
    ),
    token_endpoint_auth_method="client_secret_post",
    web_origins=["https://example.com"])
import * as pulumi from "@pulumi/pulumi";
import * as auth0 from "@pulumi/auth0";

const myClient = new auth0.Client("my_client", {
    addons: {
        firebase: {
            client_email: "john.doe@example.com",
            lifetime_in_seconds: 1,
            private_key: "wer",
            private_key_id: "qwreerwerwe",
        },
        samlp: {
            audience: "https://example.com/saml",
            createUpnClaim: false,
            mapIdentities: false,
            mapUnknownClaimsAsIs: false,
            mappings: {
                email: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
                name: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
            },
            nameIdentifierFormat: "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
            nameIdentifierProbes: ["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"],
            passthroughClaimsWithNoMapping: false,
            signingCert: "pemcertificate",
        },
    },
    allowedClients: ["https://allowed.example.com"],
    allowedLogoutUrls: ["https://example.com"],
    allowedOrigins: ["https://example.com"],
    appType: "non_interactive",
    callbacks: ["https://example.com/callback"],
    clientMetadata: {
        foo: "zoo",
    },
    clientSecretRotationTrigger: {
        triggered_at: "2018-01-02T23:12:01Z",
        triggered_by: "auth0",
    },
    customLoginPageOn: true,
    description: "Test Applications Long Description",
    grantTypes: [
        "authorization_code",
        "http://auth0.com/oauth/grant-type/password-realm",
        "implicit",
        "password",
        "refresh_token",
    ],
    initiateLoginUri: "https://example.com/login",
    isFirstParty: true,
    isTokenEndpointIpHeaderTrusted: true,
    jwtConfiguration: {
        alg: "RS256",
        lifetimeInSeconds: 300,
        scopes: {
            foo: "bar",
        },
        secretEncoded: true,
    },
    mobile: {
        ios: {
            appBundleIdentifier: "com.my.bundle.id",
            teamId: "9JA89QQLNQ",
        },
    },
    oidcConformant: false,
    organizationRequireBehavior: "no_prompt",
    organizationUsage: "deny",
    refreshToken: {
        expirationType: "expiring",
        idleTokenLifetime: 1296000,
        infiniteIdleTokenLifetime: true,
        infiniteTokenLifetime: false,
        leeway: 15,
        rotationType: "rotating",
        tokenLifetime: 84600,
    },
    tokenEndpointAuthMethod: "client_secret_post",
    webOrigins: ["https://example.com"],
});
resources:
  myClient:
    type: auth0:Client
    properties:
      addons:
        firebase:
          clientEmail: john.doe@example.com
          lifetimeInSeconds: 1
          privateKey: wer
          privateKeyId: qwreerwerwe
        samlp:
          audience: https://example.com/saml
          createUpnClaim: false
          mapIdentities: false
          mapUnknownClaimsAsIs: false
          mappings:
            email: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
            name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
          nameIdentifierFormat: urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
          nameIdentifierProbes:
            - http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
          passthroughClaimsWithNoMapping: false
          signingCert: pemcertificate
      allowedClients:
        - https://allowed.example.com
      allowedLogoutUrls:
        - https://example.com
      allowedOrigins:
        - https://example.com
      appType: non_interactive
      callbacks:
        - https://example.com/callback
      clientMetadata:
        foo: zoo
      clientSecretRotationTrigger:
        triggered_at: 2018-01-02T23:12:01Z
        triggered_by: auth0
      customLoginPageOn: true
      description: Test Applications Long Description
      grantTypes:
        - authorization_code
        - http://auth0.com/oauth/grant-type/password-realm
        - implicit
        - password
        - refresh_token
      initiateLoginUri: https://example.com/login
      isFirstParty: true
      isTokenEndpointIpHeaderTrusted: true
      jwtConfiguration:
        alg: RS256
        lifetimeInSeconds: 300
        scopes:
          foo: bar
        secretEncoded: true
      mobile:
        ios:
          appBundleIdentifier: com.my.bundle.id
          teamId: 9JA89QQLNQ
      oidcConformant: false
      organizationRequireBehavior: no_prompt
      organizationUsage: deny
      refreshToken:
        expirationType: expiring
        idleTokenLifetime: 1.296e+06
        infiniteIdleTokenLifetime: true
        infiniteTokenLifetime: false
        leeway: 15
        rotationType: rotating
        tokenLifetime: 84600
      tokenEndpointAuthMethod: client_secret_post
      webOrigins:
        - https://example.com

Create a Client Resource

new Client(name: string, args?: ClientArgs, opts?: CustomResourceOptions);
@overload
def Client(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           addons: Optional[ClientAddonsArgs] = None,
           allowed_clients: Optional[Sequence[str]] = None,
           allowed_logout_urls: Optional[Sequence[str]] = None,
           allowed_origins: Optional[Sequence[str]] = None,
           app_type: Optional[str] = None,
           callbacks: Optional[Sequence[str]] = None,
           client_metadata: Optional[Mapping[str, Any]] = None,
           client_secret_rotation_trigger: Optional[Mapping[str, Any]] = None,
           cross_origin_auth: Optional[bool] = None,
           cross_origin_loc: Optional[str] = None,
           custom_login_page: Optional[str] = None,
           custom_login_page_on: Optional[bool] = None,
           description: Optional[str] = None,
           encryption_key: Optional[Mapping[str, str]] = None,
           form_template: Optional[str] = None,
           grant_types: Optional[Sequence[str]] = None,
           initiate_login_uri: Optional[str] = None,
           is_first_party: Optional[bool] = None,
           is_token_endpoint_ip_header_trusted: Optional[bool] = None,
           jwt_configuration: Optional[ClientJwtConfigurationArgs] = None,
           logo_uri: Optional[str] = None,
           mobile: Optional[ClientMobileArgs] = None,
           name: Optional[str] = None,
           native_social_login: Optional[ClientNativeSocialLoginArgs] = None,
           oidc_conformant: Optional[bool] = None,
           organization_require_behavior: Optional[str] = None,
           organization_usage: Optional[str] = None,
           refresh_token: Optional[ClientRefreshTokenArgs] = None,
           sso: Optional[bool] = None,
           sso_disabled: Optional[bool] = None,
           token_endpoint_auth_method: Optional[str] = None,
           web_origins: Optional[Sequence[str]] = None)
@overload
def Client(resource_name: str,
           args: Optional[ClientArgs] = None,
           opts: Optional[ResourceOptions] = None)
func NewClient(ctx *Context, name string, args *ClientArgs, opts ...ResourceOption) (*Client, error)
public Client(string name, ClientArgs? args = null, CustomResourceOptions? opts = null)
public Client(String name, ClientArgs args)
public Client(String name, ClientArgs args, CustomResourceOptions options)
type: auth0:Client
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ClientArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ClientArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ClientArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ClientArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ClientArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Client Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Client resource accepts the following input properties:

Addons ClientAddonsArgs

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

AllowedClients List<string>

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

AllowedLogoutUrls List<string>

List(String). URLs that Auth0 may redirect to after logout.

AllowedOrigins List<string>

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

AppType string

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

Callbacks List<string>

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

ClientMetadata Dictionary<string, object>

Map(String)

ClientSecretRotationTrigger Dictionary<string, object>

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

CrossOriginAuth bool

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

CrossOriginLoc string

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

CustomLoginPage string

String. Content of the custom login page.

CustomLoginPageOn bool

Boolean. Indicates whether or not a custom login page is to be used.

Description string

String, (Max length = 140 characters). Description of the purpose of the client.

EncryptionKey Dictionary<string, string>

Map(String).

FormTemplate string

String. Form template for WS-Federation protocol.

GrantTypes List<string>

List(String). Types of grants that this client is authorized to use.

InitiateLoginUri string

String. Initiate login uri, must be https.

IsFirstParty bool

Boolean. Indicates whether or not this client is a first-party client.

IsTokenEndpointIpHeaderTrusted bool

Boolean. Indicates whether or not the token endpoint IP header is trusted.

JwtConfiguration ClientJwtConfigurationArgs

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

LogoUri string

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

Mobile ClientMobileArgs

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

Name string

String. Name of the client.

NativeSocialLogin ClientNativeSocialLoginArgs

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

OidcConformant bool

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

OrganizationRequireBehavior string

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

OrganizationUsage string

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

RefreshToken ClientRefreshTokenArgs

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

Sso bool

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

SsoDisabled bool

Boolean. Indicates whether or not SSO is disabled.

TokenEndpointAuthMethod string

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

WebOrigins List<string>

List(String). URLs that represent valid web origins for use with web message response mode.

Addons ClientAddonsArgs

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

AllowedClients []string

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

AllowedLogoutUrls []string

List(String). URLs that Auth0 may redirect to after logout.

AllowedOrigins []string

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

AppType string

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

Callbacks []string

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

ClientMetadata map[string]interface{}

Map(String)

ClientSecretRotationTrigger map[string]interface{}

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

CrossOriginAuth bool

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

CrossOriginLoc string

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

CustomLoginPage string

String. Content of the custom login page.

CustomLoginPageOn bool

Boolean. Indicates whether or not a custom login page is to be used.

Description string

String, (Max length = 140 characters). Description of the purpose of the client.

EncryptionKey map[string]string

Map(String).

FormTemplate string

String. Form template for WS-Federation protocol.

GrantTypes []string

List(String). Types of grants that this client is authorized to use.

InitiateLoginUri string

String. Initiate login uri, must be https.

IsFirstParty bool

Boolean. Indicates whether or not this client is a first-party client.

IsTokenEndpointIpHeaderTrusted bool

Boolean. Indicates whether or not the token endpoint IP header is trusted.

JwtConfiguration ClientJwtConfigurationArgs

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

LogoUri string

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

Mobile ClientMobileArgs

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

Name string

String. Name of the client.

NativeSocialLogin ClientNativeSocialLoginArgs

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

OidcConformant bool

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

OrganizationRequireBehavior string

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

OrganizationUsage string

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

RefreshToken ClientRefreshTokenArgs

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

Sso bool

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

SsoDisabled bool

Boolean. Indicates whether or not SSO is disabled.

TokenEndpointAuthMethod string

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

WebOrigins []string

List(String). URLs that represent valid web origins for use with web message response mode.

addons ClientAddonsArgs

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

allowedClients List<String>

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowedLogoutUrls List<String>

List(String). URLs that Auth0 may redirect to after logout.

allowedOrigins List<String>

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

appType String

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks List<String>

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

clientMetadata Map<String,Object>

Map(String)

clientSecretRotationTrigger Map<String,Object>

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

crossOriginAuth Boolean

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

crossOriginLoc String

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

customLoginPage String

String. Content of the custom login page.

customLoginPageOn Boolean

Boolean. Indicates whether or not a custom login page is to be used.

description String

String, (Max length = 140 characters). Description of the purpose of the client.

encryptionKey Map<String,String>

Map(String).

formTemplate String

String. Form template for WS-Federation protocol.

grantTypes List<String>

List(String). Types of grants that this client is authorized to use.

initiateLoginUri String

String. Initiate login uri, must be https.

isFirstParty Boolean

Boolean. Indicates whether or not this client is a first-party client.

isTokenEndpointIpHeaderTrusted Boolean

Boolean. Indicates whether or not the token endpoint IP header is trusted.

jwtConfiguration ClientJwtConfigurationArgs

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

logoUri String

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobile ClientMobileArgs

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

name String

String. Name of the client.

nativeSocialLogin ClientNativeSocialLoginArgs

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

oidcConformant Boolean

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

organizationRequireBehavior String

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organizationUsage String

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

refreshToken ClientRefreshTokenArgs

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

sso Boolean

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

ssoDisabled Boolean

Boolean. Indicates whether or not SSO is disabled.

tokenEndpointAuthMethod String

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

webOrigins List<String>

List(String). URLs that represent valid web origins for use with web message response mode.

addons ClientAddonsArgs

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

allowedClients string[]

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowedLogoutUrls string[]

List(String). URLs that Auth0 may redirect to after logout.

allowedOrigins string[]

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

appType string

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks string[]

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

clientMetadata {[key: string]: any}

Map(String)

clientSecretRotationTrigger {[key: string]: any}

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

crossOriginAuth boolean

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

crossOriginLoc string

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

customLoginPage string

String. Content of the custom login page.

customLoginPageOn boolean

Boolean. Indicates whether or not a custom login page is to be used.

description string

String, (Max length = 140 characters). Description of the purpose of the client.

encryptionKey {[key: string]: string}

Map(String).

formTemplate string

String. Form template for WS-Federation protocol.

grantTypes string[]

List(String). Types of grants that this client is authorized to use.

initiateLoginUri string

String. Initiate login uri, must be https.

isFirstParty boolean

Boolean. Indicates whether or not this client is a first-party client.

isTokenEndpointIpHeaderTrusted boolean

Boolean. Indicates whether or not the token endpoint IP header is trusted.

jwtConfiguration ClientJwtConfigurationArgs

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

logoUri string

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobile ClientMobileArgs

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

name string

String. Name of the client.

nativeSocialLogin ClientNativeSocialLoginArgs

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

oidcConformant boolean

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

organizationRequireBehavior string

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organizationUsage string

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

refreshToken ClientRefreshTokenArgs

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

sso boolean

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

ssoDisabled boolean

Boolean. Indicates whether or not SSO is disabled.

tokenEndpointAuthMethod string

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

webOrigins string[]

List(String). URLs that represent valid web origins for use with web message response mode.

addons ClientAddonsArgs

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

allowed_clients Sequence[str]

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowed_logout_urls Sequence[str]

List(String). URLs that Auth0 may redirect to after logout.

allowed_origins Sequence[str]

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

app_type str

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks Sequence[str]

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

client_metadata Mapping[str, Any]

Map(String)

client_secret_rotation_trigger Mapping[str, Any]

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

cross_origin_auth bool

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

cross_origin_loc str

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

custom_login_page str

String. Content of the custom login page.

custom_login_page_on bool

Boolean. Indicates whether or not a custom login page is to be used.

description str

String, (Max length = 140 characters). Description of the purpose of the client.

encryption_key Mapping[str, str]

Map(String).

form_template str

String. Form template for WS-Federation protocol.

grant_types Sequence[str]

List(String). Types of grants that this client is authorized to use.

initiate_login_uri str

String. Initiate login uri, must be https.

is_first_party bool

Boolean. Indicates whether or not this client is a first-party client.

is_token_endpoint_ip_header_trusted bool

Boolean. Indicates whether or not the token endpoint IP header is trusted.

jwt_configuration ClientJwtConfigurationArgs

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

logo_uri str

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobile ClientMobileArgs

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

name str

String. Name of the client.

native_social_login ClientNativeSocialLoginArgs

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

oidc_conformant bool

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

organization_require_behavior str

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organization_usage str

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

refresh_token ClientRefreshTokenArgs

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

sso bool

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

sso_disabled bool

Boolean. Indicates whether or not SSO is disabled.

token_endpoint_auth_method str

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

web_origins Sequence[str]

List(String). URLs that represent valid web origins for use with web message response mode.

addons Property Map

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

allowedClients List<String>

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowedLogoutUrls List<String>

List(String). URLs that Auth0 may redirect to after logout.

allowedOrigins List<String>

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

appType String

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks List<String>

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

clientMetadata Map<Any>

Map(String)

clientSecretRotationTrigger Map<Any>

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

crossOriginAuth Boolean

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

crossOriginLoc String

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

customLoginPage String

String. Content of the custom login page.

customLoginPageOn Boolean

Boolean. Indicates whether or not a custom login page is to be used.

description String

String, (Max length = 140 characters). Description of the purpose of the client.

encryptionKey Map<String>

Map(String).

formTemplate String

String. Form template for WS-Federation protocol.

grantTypes List<String>

List(String). Types of grants that this client is authorized to use.

initiateLoginUri String

String. Initiate login uri, must be https.

isFirstParty Boolean

Boolean. Indicates whether or not this client is a first-party client.

isTokenEndpointIpHeaderTrusted Boolean

Boolean. Indicates whether or not the token endpoint IP header is trusted.

jwtConfiguration Property Map

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

logoUri String

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobile Property Map

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

name String

String. Name of the client.

nativeSocialLogin Property Map

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

oidcConformant Boolean

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

organizationRequireBehavior String

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organizationUsage String

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

refreshToken Property Map

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

sso Boolean

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

ssoDisabled Boolean

Boolean. Indicates whether or not SSO is disabled.

tokenEndpointAuthMethod String

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

webOrigins List<String>

List(String). URLs that represent valid web origins for use with web message response mode.

Outputs

All input properties are implicitly available as output properties. Additionally, the Client resource produces the following output properties:

ClientId string

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
ClientSecret string
Id string

The provider-assigned unique ID for this managed resource.

SigningKeys List<ImmutableDictionary<string, object>>

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

ClientId string

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
ClientSecret string
Id string

The provider-assigned unique ID for this managed resource.

SigningKeys []map[string]interface{}

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

clientId String

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
clientSecret String
id String

The provider-assigned unique ID for this managed resource.

signingKeys List<Map<String,Object>>

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

clientId string

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
clientSecret string
id string

The provider-assigned unique ID for this managed resource.

signingKeys {[key: string]: any}[]

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

client_id str

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
client_secret str
id str

The provider-assigned unique ID for this managed resource.

signing_keys Sequence[Mapping[str, Any]]

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

clientId String

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
clientSecret String
id String

The provider-assigned unique ID for this managed resource.

signingKeys List<Map<Any>>

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

Look up an Existing Client Resource

Get an existing Client resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ClientState, opts?: CustomResourceOptions): Client
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        addons: Optional[ClientAddonsArgs] = None,
        allowed_clients: Optional[Sequence[str]] = None,
        allowed_logout_urls: Optional[Sequence[str]] = None,
        allowed_origins: Optional[Sequence[str]] = None,
        app_type: Optional[str] = None,
        callbacks: Optional[Sequence[str]] = None,
        client_id: Optional[str] = None,
        client_metadata: Optional[Mapping[str, Any]] = None,
        client_secret: Optional[str] = None,
        client_secret_rotation_trigger: Optional[Mapping[str, Any]] = None,
        cross_origin_auth: Optional[bool] = None,
        cross_origin_loc: Optional[str] = None,
        custom_login_page: Optional[str] = None,
        custom_login_page_on: Optional[bool] = None,
        description: Optional[str] = None,
        encryption_key: Optional[Mapping[str, str]] = None,
        form_template: Optional[str] = None,
        grant_types: Optional[Sequence[str]] = None,
        initiate_login_uri: Optional[str] = None,
        is_first_party: Optional[bool] = None,
        is_token_endpoint_ip_header_trusted: Optional[bool] = None,
        jwt_configuration: Optional[ClientJwtConfigurationArgs] = None,
        logo_uri: Optional[str] = None,
        mobile: Optional[ClientMobileArgs] = None,
        name: Optional[str] = None,
        native_social_login: Optional[ClientNativeSocialLoginArgs] = None,
        oidc_conformant: Optional[bool] = None,
        organization_require_behavior: Optional[str] = None,
        organization_usage: Optional[str] = None,
        refresh_token: Optional[ClientRefreshTokenArgs] = None,
        signing_keys: Optional[Sequence[Mapping[str, Any]]] = None,
        sso: Optional[bool] = None,
        sso_disabled: Optional[bool] = None,
        token_endpoint_auth_method: Optional[str] = None,
        web_origins: Optional[Sequence[str]] = None) -> Client
func GetClient(ctx *Context, name string, id IDInput, state *ClientState, opts ...ResourceOption) (*Client, error)
public static Client Get(string name, Input<string> id, ClientState? state, CustomResourceOptions? opts = null)
public static Client get(String name, Output<String> id, ClientState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Addons ClientAddonsArgs

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

AllowedClients List<string>

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

AllowedLogoutUrls List<string>

List(String). URLs that Auth0 may redirect to after logout.

AllowedOrigins List<string>

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

AppType string

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

Callbacks List<string>

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

ClientId string

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
ClientMetadata Dictionary<string, object>

Map(String)

ClientSecret string
ClientSecretRotationTrigger Dictionary<string, object>

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

CrossOriginAuth bool

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

CrossOriginLoc string

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

CustomLoginPage string

String. Content of the custom login page.

CustomLoginPageOn bool

Boolean. Indicates whether or not a custom login page is to be used.

Description string

String, (Max length = 140 characters). Description of the purpose of the client.

EncryptionKey Dictionary<string, string>

Map(String).

FormTemplate string

String. Form template for WS-Federation protocol.

GrantTypes List<string>

List(String). Types of grants that this client is authorized to use.

InitiateLoginUri string

String. Initiate login uri, must be https.

IsFirstParty bool

Boolean. Indicates whether or not this client is a first-party client.

IsTokenEndpointIpHeaderTrusted bool

Boolean. Indicates whether or not the token endpoint IP header is trusted.

JwtConfiguration ClientJwtConfigurationArgs

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

LogoUri string

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

Mobile ClientMobileArgs

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

Name string

String. Name of the client.

NativeSocialLogin ClientNativeSocialLoginArgs

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

OidcConformant bool

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

OrganizationRequireBehavior string

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

OrganizationUsage string

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

RefreshToken ClientRefreshTokenArgs

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

SigningKeys List<ImmutableDictionary<string, object>>

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

Sso bool

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

SsoDisabled bool

Boolean. Indicates whether or not SSO is disabled.

TokenEndpointAuthMethod string

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

WebOrigins List<string>

List(String). URLs that represent valid web origins for use with web message response mode.

Addons ClientAddonsArgs

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

AllowedClients []string

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

AllowedLogoutUrls []string

List(String). URLs that Auth0 may redirect to after logout.

AllowedOrigins []string

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

AppType string

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

Callbacks []string

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

ClientId string

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
ClientMetadata map[string]interface{}

Map(String)

ClientSecret string
ClientSecretRotationTrigger map[string]interface{}

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

CrossOriginAuth bool

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

CrossOriginLoc string

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

CustomLoginPage string

String. Content of the custom login page.

CustomLoginPageOn bool

Boolean. Indicates whether or not a custom login page is to be used.

Description string

String, (Max length = 140 characters). Description of the purpose of the client.

EncryptionKey map[string]string

Map(String).

FormTemplate string

String. Form template for WS-Federation protocol.

GrantTypes []string

List(String). Types of grants that this client is authorized to use.

InitiateLoginUri string

String. Initiate login uri, must be https.

IsFirstParty bool

Boolean. Indicates whether or not this client is a first-party client.

IsTokenEndpointIpHeaderTrusted bool

Boolean. Indicates whether or not the token endpoint IP header is trusted.

JwtConfiguration ClientJwtConfigurationArgs

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

LogoUri string

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

Mobile ClientMobileArgs

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

Name string

String. Name of the client.

NativeSocialLogin ClientNativeSocialLoginArgs

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

OidcConformant bool

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

OrganizationRequireBehavior string

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

OrganizationUsage string

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

RefreshToken ClientRefreshTokenArgs

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

SigningKeys []map[string]interface{}

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

Sso bool

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

SsoDisabled bool

Boolean. Indicates whether or not SSO is disabled.

TokenEndpointAuthMethod string

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

WebOrigins []string

List(String). URLs that represent valid web origins for use with web message response mode.

addons ClientAddonsArgs

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

allowedClients List<String>

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowedLogoutUrls List<String>

List(String). URLs that Auth0 may redirect to after logout.

allowedOrigins List<String>

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

appType String

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks List<String>

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

clientId String

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
clientMetadata Map<String,Object>

Map(String)

clientSecret String
clientSecretRotationTrigger Map<String,Object>

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

crossOriginAuth Boolean

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

crossOriginLoc String

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

customLoginPage String

String. Content of the custom login page.

customLoginPageOn Boolean

Boolean. Indicates whether or not a custom login page is to be used.

description String

String, (Max length = 140 characters). Description of the purpose of the client.

encryptionKey Map<String,String>

Map(String).

formTemplate String

String. Form template for WS-Federation protocol.

grantTypes List<String>

List(String). Types of grants that this client is authorized to use.

initiateLoginUri String

String. Initiate login uri, must be https.

isFirstParty Boolean

Boolean. Indicates whether or not this client is a first-party client.

isTokenEndpointIpHeaderTrusted Boolean

Boolean. Indicates whether or not the token endpoint IP header is trusted.

jwtConfiguration ClientJwtConfigurationArgs

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

logoUri String

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobile ClientMobileArgs

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

name String

String. Name of the client.

nativeSocialLogin ClientNativeSocialLoginArgs

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

oidcConformant Boolean

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

organizationRequireBehavior String

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organizationUsage String

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

refreshToken ClientRefreshTokenArgs

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

signingKeys List<Map<String,Object>>

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

sso Boolean

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

ssoDisabled Boolean

Boolean. Indicates whether or not SSO is disabled.

tokenEndpointAuthMethod String

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

webOrigins List<String>

List(String). URLs that represent valid web origins for use with web message response mode.

addons ClientAddonsArgs

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

allowedClients string[]

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowedLogoutUrls string[]

List(String). URLs that Auth0 may redirect to after logout.

allowedOrigins string[]

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

appType string

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks string[]

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

clientId string

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
clientMetadata {[key: string]: any}

Map(String)

clientSecret string
clientSecretRotationTrigger {[key: string]: any}

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

crossOriginAuth boolean

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

crossOriginLoc string

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

customLoginPage string

String. Content of the custom login page.

customLoginPageOn boolean

Boolean. Indicates whether or not a custom login page is to be used.

description string

String, (Max length = 140 characters). Description of the purpose of the client.

encryptionKey {[key: string]: string}

Map(String).

formTemplate string

String. Form template for WS-Federation protocol.

grantTypes string[]

List(String). Types of grants that this client is authorized to use.

initiateLoginUri string

String. Initiate login uri, must be https.

isFirstParty boolean

Boolean. Indicates whether or not this client is a first-party client.

isTokenEndpointIpHeaderTrusted boolean

Boolean. Indicates whether or not the token endpoint IP header is trusted.

jwtConfiguration ClientJwtConfigurationArgs

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

logoUri string

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobile ClientMobileArgs

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

name string

String. Name of the client.

nativeSocialLogin ClientNativeSocialLoginArgs

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

oidcConformant boolean

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

organizationRequireBehavior string

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organizationUsage string

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

refreshToken ClientRefreshTokenArgs

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

signingKeys {[key: string]: any}[]

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

sso boolean

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

ssoDisabled boolean

Boolean. Indicates whether or not SSO is disabled.

tokenEndpointAuthMethod string

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

webOrigins string[]

List(String). URLs that represent valid web origins for use with web message response mode.

addons ClientAddonsArgs

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

allowed_clients Sequence[str]

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowed_logout_urls Sequence[str]

List(String). URLs that Auth0 may redirect to after logout.

allowed_origins Sequence[str]

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

app_type str

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks Sequence[str]

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

client_id str

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
client_metadata Mapping[str, Any]

Map(String)

client_secret str
client_secret_rotation_trigger Mapping[str, Any]

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

cross_origin_auth bool

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

cross_origin_loc str

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

custom_login_page str

String. Content of the custom login page.

custom_login_page_on bool

Boolean. Indicates whether or not a custom login page is to be used.

description str

String, (Max length = 140 characters). Description of the purpose of the client.

encryption_key Mapping[str, str]

Map(String).

form_template str

String. Form template for WS-Federation protocol.

grant_types Sequence[str]

List(String). Types of grants that this client is authorized to use.

initiate_login_uri str

String. Initiate login uri, must be https.

is_first_party bool

Boolean. Indicates whether or not this client is a first-party client.

is_token_endpoint_ip_header_trusted bool

Boolean. Indicates whether or not the token endpoint IP header is trusted.

jwt_configuration ClientJwtConfigurationArgs

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

logo_uri str

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobile ClientMobileArgs

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

name str

String. Name of the client.

native_social_login ClientNativeSocialLoginArgs

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

oidc_conformant bool

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

organization_require_behavior str

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organization_usage str

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

refresh_token ClientRefreshTokenArgs

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

signing_keys Sequence[Mapping[str, Any]]

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

sso bool

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

sso_disabled bool

Boolean. Indicates whether or not SSO is disabled.

token_endpoint_auth_method str

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

web_origins Sequence[str]

List(String). URLs that represent valid web origins for use with web message response mode.

addons Property Map

List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.

allowedClients List<String>

List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowedLogoutUrls List<String>

List(String). URLs that Auth0 may redirect to after logout.

allowedOrigins List<String>

List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

appType String

String. Type of application the client represents. Options include native, spa, regular_web, non_interactive, rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks List<String>

List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

clientId String

String. ID of the client.

  • client_secret1 - String. Secret for the client; keep this private.
clientMetadata Map<Any>

Map(String)

clientSecret String
clientSecretRotationTrigger Map<Any>

Map. Custom metadata for the rotation. For more info: rotate-client-secret.

crossOriginAuth Boolean

Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.

crossOriginLoc String

String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.

customLoginPage String

String. Content of the custom login page.

customLoginPageOn Boolean

Boolean. Indicates whether or not a custom login page is to be used.

description String

String, (Max length = 140 characters). Description of the purpose of the client.

encryptionKey Map<String>

Map(String).

formTemplate String

String. Form template for WS-Federation protocol.

grantTypes List<String>

List(String). Types of grants that this client is authorized to use.

initiateLoginUri String

String. Initiate login uri, must be https.

isFirstParty Boolean

Boolean. Indicates whether or not this client is a first-party client.

isTokenEndpointIpHeaderTrusted Boolean

Boolean. Indicates whether or not the token endpoint IP header is trusted.

jwtConfiguration Property Map

List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.

logoUri String

String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobile Property Map

List(Resource). Configuration settings for mobile native applications. For details, see Mobile.

name String

String. Name of the client.

nativeSocialLogin Property Map

List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login

oidcConformant Boolean

Boolean. Indicates whether or not this client will conform to strict OIDC specifications.

organizationRequireBehavior String

String. Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organizationUsage String

String. Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

refreshToken Property Map

List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.

signingKeys List<Map<Any>>

List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.

sso Boolean

Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.

ssoDisabled Boolean

Boolean. Indicates whether or not SSO is disabled.

tokenEndpointAuthMethod String

String. Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

webOrigins List<String>

List(String). URLs that represent valid web origins for use with web message response mode.

Supporting Types

ClientAddons

Aws Dictionary<string, object>

String

AzureBlob Dictionary<string, object>

String

AzureSb Dictionary<string, object>

String

Box Dictionary<string, object>

String

Cloudbees Dictionary<string, object>

String

Concur Dictionary<string, object>

String

Dropbox Dictionary<string, object>

String

Echosign Dictionary<string, object>

String

Egnyte Dictionary<string, object>

String

Firebase Dictionary<string, object>

String

Layer Dictionary<string, object>

String

Mscrm Dictionary<string, object>

String

Newrelic Dictionary<string, object>

String

Office365 Dictionary<string, object>

String

Rms Dictionary<string, object>

String

Salesforce Dictionary<string, object>

String

SalesforceApi Dictionary<string, object>

String

SalesforceSandboxApi Dictionary<string, object>

String

Samlp ClientAddonsSamlp

List(Resource). Configuration settings for a SAML add-on. For details, see SAML.

SapApi Dictionary<string, object>

String

Sentry Dictionary<string, object>

String

Sharepoint Dictionary<string, object>

String

Slack Dictionary<string, object>

String

Springcm Dictionary<string, object>

String

Wams Dictionary<string, object>

String

Wsfed Dictionary<string, object>

String

Zendesk Dictionary<string, object>

String

Zoom Dictionary<string, object>

String

Aws map[string]interface{}

String

AzureBlob map[string]interface{}

String

AzureSb map[string]interface{}

String

Box map[string]interface{}

String

Cloudbees map[string]interface{}

String

Concur map[string]interface{}

String

Dropbox map[string]interface{}

String

Echosign map[string]interface{}

String

Egnyte map[string]interface{}

String

Firebase map[string]interface{}

String

Layer map[string]interface{}

String

Mscrm map[string]interface{}

String

Newrelic map[string]interface{}

String

Office365 map[string]interface{}

String

Rms map[string]interface{}

String

Salesforce map[string]interface{}

String

SalesforceApi map[string]interface{}

String

SalesforceSandboxApi map[string]interface{}

String

Samlp ClientAddonsSamlp

List(Resource). Configuration settings for a SAML add-on. For details, see SAML.

SapApi map[string]interface{}

String

Sentry map[string]interface{}

String

Sharepoint map[string]interface{}

String

Slack map[string]interface{}

String

Springcm map[string]interface{}

String

Wams map[string]interface{}

String

Wsfed map[string]interface{}

String

Zendesk map[string]interface{}

String

Zoom map[string]interface{}

String

aws Map<String,Object>

String

azureBlob Map<String,Object>

String

azureSb Map<String,Object>

String

box Map<String,Object>

String

cloudbees Map<String,Object>

String

concur Map<String,Object>

String

dropbox Map<String,Object>

String

echosign Map<String,Object>

String

egnyte Map<String,Object>

String

firebase Map<String,Object>

String

layer Map<String,Object>

String

mscrm Map<String,Object>

String

newrelic Map<String,Object>

String

office365 Map<String,Object>

String

rms Map<String,Object>

String

salesforce Map<String,Object>

String

salesforceApi Map<String,Object>

String

salesforceSandboxApi Map<String,Object>

String

samlp ClientAddonsSamlp

List(Resource). Configuration settings for a SAML add-on. For details, see SAML.

sapApi Map<String,Object>

String

sentry Map<String,Object>

String

sharepoint Map<String,Object>

String

slack Map<String,Object>

String

springcm Map<String,Object>

String

wams Map<String,Object>

String

wsfed Map<String,Object>

String

zendesk Map<String,Object>

String

zoom Map<String,Object>

String

aws {[key: string]: any}

String

azureBlob {[key: string]: any}

String

azureSb {[key: string]: any}

String

box {[key: string]: any}

String

cloudbees {[key: string]: any}

String

concur {[key: string]: any}

String

dropbox {[key: string]: any}

String

echosign {[key: string]: any}

String

egnyte {[key: string]: any}

String

firebase {[key: string]: any}

String

layer {[key: string]: any}

String

mscrm {[key: string]: any}

String

newrelic {[key: string]: any}

String

office365 {[key: string]: any}

String

rms {[key: string]: any}

String

salesforce {[key: string]: any}

String

salesforceApi {[key: string]: any}

String

salesforceSandboxApi {[key: string]: any}

String

samlp ClientAddonsSamlp

List(Resource). Configuration settings for a SAML add-on. For details, see SAML.

sapApi {[key: string]: any}

String

sentry {[key: string]: any}

String

sharepoint {[key: string]: any}

String

slack {[key: string]: any}

String

springcm {[key: string]: any}

String

wams {[key: string]: any}

String

wsfed {[key: string]: any}

String

zendesk {[key: string]: any}

String

zoom {[key: string]: any}

String

aws Mapping[str, Any]

String

azure_blob Mapping[str, Any]

String

azure_sb Mapping[str, Any]

String

box Mapping[str, Any]

String

cloudbees Mapping[str, Any]

String

concur Mapping[str, Any]

String

dropbox Mapping[str, Any]

String

echosign Mapping[str, Any]

String

egnyte Mapping[str, Any]

String

firebase Mapping[str, Any]

String

layer Mapping[str, Any]

String

mscrm Mapping[str, Any]

String

newrelic Mapping[str, Any]

String

office365 Mapping[str, Any]

String

rms Mapping[str, Any]

String

salesforce Mapping[str, Any]

String

salesforce_api Mapping[str, Any]

String

salesforce_sandbox_api Mapping[str, Any]

String

samlp ClientAddonsSamlp

List(Resource). Configuration settings for a SAML add-on. For details, see SAML.

sap_api Mapping[str, Any]

String

sentry Mapping[str, Any]

String

sharepoint Mapping[str, Any]

String

slack Mapping[str, Any]

String

springcm Mapping[str, Any]

String

wams Mapping[str, Any]

String

wsfed Mapping[str, Any]

String

zendesk Mapping[str, Any]

String

zoom Mapping[str, Any]

String

aws Map<Any>

String

azureBlob Map<Any>

String

azureSb Map<Any>

String

box Map<Any>

String

cloudbees Map<Any>

String

concur Map<Any>

String

dropbox Map<Any>

String

echosign Map<Any>

String

egnyte Map<Any>

String

firebase Map<Any>

String

layer Map<Any>

String

mscrm Map<Any>

String

newrelic Map<Any>

String

office365 Map<Any>

String

rms Map<Any>

String

salesforce Map<Any>

String

salesforceApi Map<Any>

String

salesforceSandboxApi Map<Any>

String

samlp Property Map

List(Resource). Configuration settings for a SAML add-on. For details, see SAML.

sapApi Map<Any>

String

sentry Map<Any>

String

sharepoint Map<Any>

String

slack Map<Any>

String

springcm Map<Any>

String

wams Map<Any>

String

wsfed Map<Any>

String

zendesk Map<Any>

String

zoom Map<Any>

String

ClientAddonsSamlp

Audience string

String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.

AuthnContextClassRef string

String. Class reference of the authentication context.

Binding string

String. Protocol binding used for SAML logout responses.

CreateUpnClaim bool

Boolean, (Default=true) Indicates whether or not a UPN claim should be created.

Destination string

String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.

DigestAlgorithm string

String, (Default=sha1). Algorithm used to calculate the digest of the SAML Assertion or response. Options include defaultsha1 and sha256.

IncludeAttributeNameFormat bool

Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.

LifetimeInSeconds int

Integer, (Default=3600). Number of seconds during which the token is valid.

Logout Dictionary<string, object>

Map(Resource). Configuration settings for logout. For details, see Logout.

MapIdentities bool

Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.

MapUnknownClaimsAsIs bool

Boolean, (Default=false). Indicates whether or not to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion.

Mappings Dictionary<string, object>

Map(String). Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).

NameIdentifierFormat string

String, (Default=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified). Format of the name identifier.

NameIdentifierProbes List<string>

List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.

PassthroughClaimsWithNoMapping bool

Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.

Recipient string

String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.

SignResponse bool

Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.

SignatureAlgorithm string

String, (Default=rsa-sha1). Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256.

SigningCert string

String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.

TypedAttributes bool

Boolean, (Default=true). Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType.

Audience string

String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.

AuthnContextClassRef string

String. Class reference of the authentication context.

Binding string

String. Protocol binding used for SAML logout responses.

CreateUpnClaim bool

Boolean, (Default=true) Indicates whether or not a UPN claim should be created.

Destination string

String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.

DigestAlgorithm string

String, (Default=sha1). Algorithm used to calculate the digest of the SAML Assertion or response. Options include defaultsha1 and sha256.

IncludeAttributeNameFormat bool

Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.

LifetimeInSeconds int

Integer, (Default=3600). Number of seconds during which the token is valid.

Logout map[string]interface{}

Map(Resource). Configuration settings for logout. For details, see Logout.

MapIdentities bool

Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.

MapUnknownClaimsAsIs bool

Boolean, (Default=false). Indicates whether or not to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion.

Mappings map[string]interface{}

Map(String). Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).

NameIdentifierFormat string

String, (Default=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified). Format of the name identifier.

NameIdentifierProbes []string

List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.

PassthroughClaimsWithNoMapping bool

Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.

Recipient string

String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.

SignResponse bool

Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.

SignatureAlgorithm string

String, (Default=rsa-sha1). Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256.

SigningCert string

String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.

TypedAttributes bool

Boolean, (Default=true). Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType.

audience String

String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.

authnContextClassRef String

String. Class reference of the authentication context.

binding String

String. Protocol binding used for SAML logout responses.

createUpnClaim Boolean

Boolean, (Default=true) Indicates whether or not a UPN claim should be created.

destination String

String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.

digestAlgorithm String

String, (Default=sha1). Algorithm used to calculate the digest of the SAML Assertion or response. Options include defaultsha1 and sha256.

includeAttributeNameFormat Boolean

Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.

lifetimeInSeconds Integer

Integer, (Default=3600). Number of seconds during which the token is valid.

logout Map<String,Object>

Map(Resource). Configuration settings for logout. For details, see Logout.

mapIdentities Boolean

Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.

mapUnknownClaimsAsIs Boolean

Boolean, (Default=false). Indicates whether or not to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion.

mappings Map<String,Object>

Map(String). Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).

nameIdentifierFormat String

String, (Default=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified). Format of the name identifier.

nameIdentifierProbes List<String>

List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.

passthroughClaimsWithNoMapping Boolean

Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.

recipient String

String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.

signResponse Boolean

Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.

signatureAlgorithm String

String, (Default=rsa-sha1). Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256.

signingCert String

String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.

typedAttributes Boolean

Boolean, (Default=true). Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType.

audience string

String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.

authnContextClassRef string

String. Class reference of the authentication context.

binding string

String. Protocol binding used for SAML logout responses.

createUpnClaim boolean

Boolean, (Default=true) Indicates whether or not a UPN claim should be created.

destination string

String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.

digestAlgorithm string

String, (Default=sha1). Algorithm used to calculate the digest of the SAML Assertion or response. Options include defaultsha1 and sha256.

includeAttributeNameFormat boolean

Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.

lifetimeInSeconds number

Integer, (Default=3600). Number of seconds during which the token is valid.

logout {[key: string]: any}

Map(Resource). Configuration settings for logout. For details, see Logout.

mapIdentities boolean

Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.

mapUnknownClaimsAsIs boolean

Boolean, (Default=false). Indicates whether or not to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion.

mappings {[key: string]: any}

Map(String). Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).

nameIdentifierFormat string

String, (Default=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified). Format of the name identifier.

nameIdentifierProbes string[]

List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.

passthroughClaimsWithNoMapping boolean

Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.

recipient string

String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.

signResponse boolean

Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.

signatureAlgorithm string

String, (Default=rsa-sha1). Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256.

signingCert string

String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.

typedAttributes boolean

Boolean, (Default=true). Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType.

audience str

String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.

authn_context_class_ref str

String. Class reference of the authentication context.

binding str

String. Protocol binding used for SAML logout responses.

create_upn_claim bool

Boolean, (Default=true) Indicates whether or not a UPN claim should be created.

destination str

String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.

digest_algorithm str

String, (Default=sha1). Algorithm used to calculate the digest of the SAML Assertion or response. Options include defaultsha1 and sha256.

include_attribute_name_format bool

Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.

lifetime_in_seconds int

Integer, (Default=3600). Number of seconds during which the token is valid.

logout Mapping[str, Any]

Map(Resource). Configuration settings for logout. For details, see Logout.

map_identities bool

Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.

map_unknown_claims_as_is bool

Boolean, (Default=false). Indicates whether or not to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion.

mappings Mapping[str, Any]

Map(String). Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).

name_identifier_format str

String, (Default=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified). Format of the name identifier.

name_identifier_probes Sequence[str]

List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.

passthrough_claims_with_no_mapping bool

Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.

recipient str

String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.

sign_response bool

Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.

signature_algorithm str

String, (Default=rsa-sha1). Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256.

signing_cert str

String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.

typed_attributes bool

Boolean, (Default=true). Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType.

audience String

String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.

authnContextClassRef String

String. Class reference of the authentication context.

binding String

String. Protocol binding used for SAML logout responses.

createUpnClaim Boolean

Boolean, (Default=true) Indicates whether or not a UPN claim should be created.

destination String

String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.

digestAlgorithm String

String, (Default=sha1). Algorithm used to calculate the digest of the SAML Assertion or response. Options include defaultsha1 and sha256.

includeAttributeNameFormat Boolean

Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.

lifetimeInSeconds Number

Integer, (Default=3600). Number of seconds during which the token is valid.

logout Map<Any>

Map(Resource). Configuration settings for logout. For details, see Logout.

mapIdentities Boolean

Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.

mapUnknownClaimsAsIs Boolean

Boolean, (Default=false). Indicates whether or not to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion.

mappings Map<Any>

Map(String). Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).

nameIdentifierFormat String

String, (Default=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified). Format of the name identifier.

nameIdentifierProbes List<String>

List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.

passthroughClaimsWithNoMapping Boolean

Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.

recipient String

String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.

signResponse Boolean

Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.

signatureAlgorithm String

String, (Default=rsa-sha1). Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256.

signingCert String

String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.

typedAttributes Boolean

Boolean, (Default=true). Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType.

ClientJwtConfiguration

Alg string

String. Algorithm used to sign JWTs.

LifetimeInSeconds int

Integer. Number of seconds during which the JWT will be valid.

Scopes Dictionary<string, string>

Map(String). Permissions (scopes) included in JWTs.

SecretEncoded bool

Boolean. Indicates whether or not the client secret is base64 encoded.

Alg string

String. Algorithm used to sign JWTs.

LifetimeInSeconds int

Integer. Number of seconds during which the JWT will be valid.

Scopes map[string]string

Map(String). Permissions (scopes) included in JWTs.

SecretEncoded bool

Boolean. Indicates whether or not the client secret is base64 encoded.

alg String

String. Algorithm used to sign JWTs.

lifetimeInSeconds Integer

Integer. Number of seconds during which the JWT will be valid.

scopes Map<String,String>

Map(String). Permissions (scopes) included in JWTs.

secretEncoded Boolean

Boolean. Indicates whether or not the client secret is base64 encoded.

alg string

String. Algorithm used to sign JWTs.

lifetimeInSeconds number

Integer. Number of seconds during which the JWT will be valid.

scopes {[key: string]: string}

Map(String). Permissions (scopes) included in JWTs.

secretEncoded boolean

Boolean. Indicates whether or not the client secret is base64 encoded.

alg str

String. Algorithm used to sign JWTs.

lifetime_in_seconds int

Integer. Number of seconds during which the JWT will be valid.

scopes Mapping[str, str]

Map(String). Permissions (scopes) included in JWTs.

secret_encoded bool

Boolean. Indicates whether or not the client secret is base64 encoded.

alg String

String. Algorithm used to sign JWTs.

lifetimeInSeconds Number

Integer. Number of seconds during which the JWT will be valid.

scopes Map<String>

Map(String). Permissions (scopes) included in JWTs.

secretEncoded Boolean

Boolean. Indicates whether or not the client secret is base64 encoded.

ClientMobile

Android ClientMobileAndroid

List(Resource). Configuration settings for Android native apps. For details, see Android.

Ios ClientMobileIos

List(Resource). Configuration settings for i0S native apps. For details, see iOS.

Android ClientMobileAndroid

List(Resource). Configuration settings for Android native apps. For details, see Android.

Ios ClientMobileIos

List(Resource). Configuration settings for i0S native apps. For details, see iOS.

android ClientMobileAndroid

List(Resource). Configuration settings for Android native apps. For details, see Android.

ios ClientMobileIos

List(Resource). Configuration settings for i0S native apps. For details, see iOS.

android ClientMobileAndroid

List(Resource). Configuration settings for Android native apps. For details, see Android.

ios ClientMobileIos

List(Resource). Configuration settings for i0S native apps. For details, see iOS.

android ClientMobileAndroid

List(Resource). Configuration settings for Android native apps. For details, see Android.

ios ClientMobileIos

List(Resource). Configuration settings for i0S native apps. For details, see iOS.

android Property Map

List(Resource). Configuration settings for Android native apps. For details, see Android.

ios Property Map

List(Resource). Configuration settings for i0S native apps. For details, see iOS.

ClientMobileAndroid

AppPackageName string

String

Sha256CertFingerprints List<string>

List(String)

AppPackageName string

String

Sha256CertFingerprints []string

List(String)

appPackageName String

String

sha256CertFingerprints List<String>

List(String)

appPackageName string

String

sha256CertFingerprints string[]

List(String)

app_package_name str

String

sha256_cert_fingerprints Sequence[str]

List(String)

appPackageName String

String

sha256CertFingerprints List<String>

List(String)

ClientMobileIos

AppBundleIdentifier string

String

TeamId string

String

AppBundleIdentifier string

String

TeamId string

String

appBundleIdentifier String

String

teamId String

String

appBundleIdentifier string

String

teamId string

String

app_bundle_identifier str

String

team_id str

String

appBundleIdentifier String

String

teamId String

String

ClientNativeSocialLogin

ClientNativeSocialLoginApple

Enabled bool

Boolean

Enabled bool

Boolean

enabled Boolean

Boolean

enabled boolean

Boolean

enabled bool

Boolean

enabled Boolean

Boolean

ClientNativeSocialLoginFacebook

Enabled bool

Boolean

Enabled bool

Boolean

enabled Boolean

Boolean

enabled boolean

Boolean

enabled bool

Boolean

enabled Boolean

Boolean

ClientRefreshToken

ExpirationType string

String. Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.

RotationType string

String. Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.

IdleTokenLifetime int

Integer. The time in seconds after which inactive refresh tokens will expire.

InfiniteIdleTokenLifetime bool

Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.

InfiniteTokenLifetime bool

Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set

Leeway int

Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.

TokenLifetime int

Integer. The absolute lifetime of a refresh token in seconds.

ExpirationType string

String. Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.

RotationType string

String. Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.

IdleTokenLifetime int

Integer. The time in seconds after which inactive refresh tokens will expire.

InfiniteIdleTokenLifetime bool

Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.

InfiniteTokenLifetime bool

Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set

Leeway int

Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.

TokenLifetime int

Integer. The absolute lifetime of a refresh token in seconds.

expirationType String

String. Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.

rotationType String

String. Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.

idleTokenLifetime Integer

Integer. The time in seconds after which inactive refresh tokens will expire.

infiniteIdleTokenLifetime Boolean

Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.

infiniteTokenLifetime Boolean

Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set

leeway Integer

Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.

tokenLifetime Integer

Integer. The absolute lifetime of a refresh token in seconds.

expirationType string

String. Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.

rotationType string

String. Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.

idleTokenLifetime number

Integer. The time in seconds after which inactive refresh tokens will expire.

infiniteIdleTokenLifetime boolean

Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.

infiniteTokenLifetime boolean

Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set

leeway number

Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.

tokenLifetime number

Integer. The absolute lifetime of a refresh token in seconds.

expiration_type str

String. Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.

rotation_type str

String. Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.

idle_token_lifetime int

Integer. The time in seconds after which inactive refresh tokens will expire.

infinite_idle_token_lifetime bool

Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.

infinite_token_lifetime bool

Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set

leeway int

Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.

token_lifetime int

Integer. The absolute lifetime of a refresh token in seconds.

expirationType String

String. Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.

rotationType String

String. Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.

idleTokenLifetime Number

Integer. The time in seconds after which inactive refresh tokens will expire.

infiniteIdleTokenLifetime Boolean

Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.

infiniteTokenLifetime Boolean

Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set

leeway Number

Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.

tokenLifetime Number

Integer. The absolute lifetime of a refresh token in seconds.

Import

A client can be imported using the client’s ID, e.g.

 $ pulumi import auth0:index/client:Client my_client AaiyAPdpYdesoKnqjj8HJqRn4T5titww

Package Details

Repository
https://github.com/pulumi/pulumi-auth0
License
Apache-2.0
Notes

This Pulumi package is based on the auth0 Terraform Provider.