Auth0
Client
With this resource, you can set up applications that use Auth0 for authentication and configure allowed callback URLs and secrets for these applications. Depending on your plan, you may also configure add-ons to allow your application to call another application’s API (such as Firebase and AWS) on behalf of an authenticated user.
Example Usage
using Pulumi;
using Auth0 = Pulumi.Auth0;
class MyStack : Stack
{
public MyStack()
{
var myClient = new Auth0.Client("myClient", new Auth0.ClientArgs
{
Addons = new Auth0.Inputs.ClientAddonsArgs
{
Firebase =
{
{ "clientEmail", "john.doe@example.com" },
{ "lifetimeInSeconds", 1 },
{ "privateKey", "wer" },
{ "privateKeyId", "qwreerwerwe" },
},
Samlp = new Auth0.Inputs.ClientAddonsSamlpArgs
{
Audience = "https://example.com/saml",
CreateUpnClaim = false,
MapIdentities = false,
MapUnknownClaimsAsIs = false,
Mappings =
{
{ "email", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" },
{ "name", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" },
},
NameIdentifierFormat = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
NameIdentifierProbes =
{
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
},
PassthroughClaimsWithNoMapping = false,
SigningCert = "pemcertificate",
},
},
AllowedClients =
{
"https://allowed.example.com",
},
AllowedLogoutUrls =
{
"https://example.com",
},
AllowedOrigins =
{
"https://example.com",
},
AppType = "non_interactive",
Callbacks =
{
"https://example.com/callback",
},
ClientMetadata =
{
{ "foo", "zoo" },
},
ClientSecretRotationTrigger =
{
{ "triggered_at", "2018-01-02T23:12:01Z" },
{ "triggered_by", "auth0" },
},
CustomLoginPageOn = true,
Description = "Test Applications Long Description",
GrantTypes =
{
"authorization_code",
"http://auth0.com/oauth/grant-type/password-realm",
"implicit",
"password",
"refresh_token",
},
InitiateLoginUri = "https://example.com/login",
IsFirstParty = true,
IsTokenEndpointIpHeaderTrusted = true,
JwtConfiguration = new Auth0.Inputs.ClientJwtConfigurationArgs
{
Alg = "RS256",
LifetimeInSeconds = 300,
Scopes =
{
{ "foo", "bar" },
},
SecretEncoded = true,
},
Mobile = new Auth0.Inputs.ClientMobileArgs
{
Ios = new Auth0.Inputs.ClientMobileIosArgs
{
AppBundleIdentifier = "com.my.bundle.id",
TeamId = "9JA89QQLNQ",
},
},
OidcConformant = false,
OrganizationRequireBehavior = "no_prompt",
OrganizationUsage = "deny",
RefreshToken = new Auth0.Inputs.ClientRefreshTokenArgs
{
ExpirationType = "expiring",
IdleTokenLifetime = 1296000,
InfiniteIdleTokenLifetime = true,
InfiniteTokenLifetime = false,
Leeway = 15,
RotationType = "rotating",
TokenLifetime = 84600,
},
TokenEndpointAuthMethod = "client_secret_post",
WebOrigins =
{
"https://example.com",
},
});
}
}
package main
import (
"github.com/pulumi/pulumi-auth0/sdk/v2/go/auth0"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := auth0.NewClient(ctx, "myClient", &auth0.ClientArgs{
Addons: &ClientAddonsArgs{
Firebase: pulumi.AnyMap{
"clientEmail": pulumi.Any("john.doe@example.com"),
"lifetimeInSeconds": pulumi.Any(1),
"privateKey": pulumi.Any("wer"),
"privateKeyId": pulumi.Any("qwreerwerwe"),
},
Samlp: &ClientAddonsSamlpArgs{
Audience: pulumi.String("https://example.com/saml"),
CreateUpnClaim: pulumi.Bool(false),
MapIdentities: pulumi.Bool(false),
MapUnknownClaimsAsIs: pulumi.Bool(false),
Mappings: pulumi.AnyMap{
"email": pulumi.Any("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"),
"name": pulumi.Any("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"),
},
NameIdentifierFormat: pulumi.String("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"),
NameIdentifierProbes: pulumi.StringArray{
pulumi.String("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"),
},
PassthroughClaimsWithNoMapping: pulumi.Bool(false),
SigningCert: pulumi.String("pemcertificate"),
},
},
AllowedClients: pulumi.StringArray{
pulumi.String("https://allowed.example.com"),
},
AllowedLogoutUrls: pulumi.StringArray{
pulumi.String("https://example.com"),
},
AllowedOrigins: pulumi.StringArray{
pulumi.String("https://example.com"),
},
AppType: pulumi.String("non_interactive"),
Callbacks: pulumi.StringArray{
pulumi.String("https://example.com/callback"),
},
ClientMetadata: pulumi.AnyMap{
"foo": pulumi.Any("zoo"),
},
ClientSecretRotationTrigger: pulumi.AnyMap{
"triggered_at": pulumi.Any("2018-01-02T23:12:01Z"),
"triggered_by": pulumi.Any("auth0"),
},
CustomLoginPageOn: pulumi.Bool(true),
Description: pulumi.String("Test Applications Long Description"),
GrantTypes: pulumi.StringArray{
pulumi.String("authorization_code"),
pulumi.String("http://auth0.com/oauth/grant-type/password-realm"),
pulumi.String("implicit"),
pulumi.String("password"),
pulumi.String("refresh_token"),
},
InitiateLoginUri: pulumi.String("https://example.com/login"),
IsFirstParty: pulumi.Bool(true),
IsTokenEndpointIpHeaderTrusted: pulumi.Bool(true),
JwtConfiguration: &ClientJwtConfigurationArgs{
Alg: pulumi.String("RS256"),
LifetimeInSeconds: pulumi.Int(300),
Scopes: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
SecretEncoded: pulumi.Bool(true),
},
Mobile: &ClientMobileArgs{
Ios: &ClientMobileIosArgs{
AppBundleIdentifier: pulumi.String("com.my.bundle.id"),
TeamId: pulumi.String("9JA89QQLNQ"),
},
},
OidcConformant: pulumi.Bool(false),
OrganizationRequireBehavior: pulumi.String("no_prompt"),
OrganizationUsage: pulumi.String("deny"),
RefreshToken: &ClientRefreshTokenArgs{
ExpirationType: pulumi.String("expiring"),
IdleTokenLifetime: pulumi.Int(1296000),
InfiniteIdleTokenLifetime: pulumi.Bool(true),
InfiniteTokenLifetime: pulumi.Bool(false),
Leeway: pulumi.Int(15),
RotationType: pulumi.String("rotating"),
TokenLifetime: pulumi.Int(84600),
},
TokenEndpointAuthMethod: pulumi.String("client_secret_post"),
WebOrigins: pulumi.StringArray{
pulumi.String("https://example.com"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var myClient = new Client("myClient", ClientArgs.builder()
.addons(ClientAddonsArgs.builder()
.firebase(Map.ofEntries(
Map.entry("clientEmail", "john.doe@example.com"),
Map.entry("lifetimeInSeconds", 1),
Map.entry("privateKey", "wer"),
Map.entry("privateKeyId", "qwreerwerwe")
))
.samlp(ClientAddonsSamlpArgs.builder()
.audience("https://example.com/saml")
.createUpnClaim(false)
.mapIdentities(false)
.mapUnknownClaimsAsIs(false)
.mappings(Map.ofEntries(
Map.entry("email", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"),
Map.entry("name", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name")
))
.nameIdentifierFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent")
.nameIdentifierProbes("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress")
.passthroughClaimsWithNoMapping(false)
.signingCert("pemcertificate")
.build())
.build())
.allowedClients("https://allowed.example.com")
.allowedLogoutUrls("https://example.com")
.allowedOrigins("https://example.com")
.appType("non_interactive")
.callbacks("https://example.com/callback")
.clientMetadata(Map.of("foo", "zoo"))
.clientSecretRotationTrigger(Map.ofEntries(
Map.entry("triggered_at", "2018-01-02T23:12:01Z"),
Map.entry("triggered_by", "auth0")
))
.customLoginPageOn(true)
.description("Test Applications Long Description")
.grantTypes(
"authorization_code",
"http://auth0.com/oauth/grant-type/password-realm",
"implicit",
"password",
"refresh_token")
.initiateLoginUri("https://example.com/login")
.isFirstParty(true)
.isTokenEndpointIpHeaderTrusted(true)
.jwtConfiguration(ClientJwtConfigurationArgs.builder()
.alg("RS256")
.lifetimeInSeconds(300)
.scopes(Map.of("foo", "bar"))
.secretEncoded(true)
.build())
.mobile(ClientMobileArgs.builder()
.ios(ClientMobileIosArgs.builder()
.appBundleIdentifier("com.my.bundle.id")
.teamId("9JA89QQLNQ")
.build())
.build())
.oidcConformant(false)
.organizationRequireBehavior("no_prompt")
.organizationUsage("deny")
.refreshToken(ClientRefreshTokenArgs.builder()
.expirationType("expiring")
.idleTokenLifetime(1296000)
.infiniteIdleTokenLifetime(true)
.infiniteTokenLifetime(false)
.leeway(15)
.rotationType("rotating")
.tokenLifetime(84600)
.build())
.tokenEndpointAuthMethod("client_secret_post")
.webOrigins("https://example.com")
.build());
}
}
import pulumi
import pulumi_auth0 as auth0
my_client = auth0.Client("myClient",
addons=auth0.ClientAddonsArgs(
firebase={
"clientEmail": "john.doe@example.com",
"lifetimeInSeconds": 1,
"privateKey": "wer",
"privateKeyId": "qwreerwerwe",
},
samlp=auth0.ClientAddonsSamlpArgs(
audience="https://example.com/saml",
create_upn_claim=False,
map_identities=False,
map_unknown_claims_as_is=False,
mappings={
"email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
"name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
},
name_identifier_format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
name_identifier_probes=["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"],
passthrough_claims_with_no_mapping=False,
signing_cert="pemcertificate",
),
),
allowed_clients=["https://allowed.example.com"],
allowed_logout_urls=["https://example.com"],
allowed_origins=["https://example.com"],
app_type="non_interactive",
callbacks=["https://example.com/callback"],
client_metadata={
"foo": "zoo",
},
client_secret_rotation_trigger={
"triggered_at": "2018-01-02T23:12:01Z",
"triggered_by": "auth0",
},
custom_login_page_on=True,
description="Test Applications Long Description",
grant_types=[
"authorization_code",
"http://auth0.com/oauth/grant-type/password-realm",
"implicit",
"password",
"refresh_token",
],
initiate_login_uri="https://example.com/login",
is_first_party=True,
is_token_endpoint_ip_header_trusted=True,
jwt_configuration=auth0.ClientJwtConfigurationArgs(
alg="RS256",
lifetime_in_seconds=300,
scopes={
"foo": "bar",
},
secret_encoded=True,
),
mobile=auth0.ClientMobileArgs(
ios=auth0.ClientMobileIosArgs(
app_bundle_identifier="com.my.bundle.id",
team_id="9JA89QQLNQ",
),
),
oidc_conformant=False,
organization_require_behavior="no_prompt",
organization_usage="deny",
refresh_token=auth0.ClientRefreshTokenArgs(
expiration_type="expiring",
idle_token_lifetime=1296000,
infinite_idle_token_lifetime=True,
infinite_token_lifetime=False,
leeway=15,
rotation_type="rotating",
token_lifetime=84600,
),
token_endpoint_auth_method="client_secret_post",
web_origins=["https://example.com"])
import * as pulumi from "@pulumi/pulumi";
import * as auth0 from "@pulumi/auth0";
const myClient = new auth0.Client("my_client", {
addons: {
firebase: {
client_email: "john.doe@example.com",
lifetime_in_seconds: 1,
private_key: "wer",
private_key_id: "qwreerwerwe",
},
samlp: {
audience: "https://example.com/saml",
createUpnClaim: false,
mapIdentities: false,
mapUnknownClaimsAsIs: false,
mappings: {
email: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
name: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
},
nameIdentifierFormat: "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
nameIdentifierProbes: ["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"],
passthroughClaimsWithNoMapping: false,
signingCert: "pemcertificate",
},
},
allowedClients: ["https://allowed.example.com"],
allowedLogoutUrls: ["https://example.com"],
allowedOrigins: ["https://example.com"],
appType: "non_interactive",
callbacks: ["https://example.com/callback"],
clientMetadata: {
foo: "zoo",
},
clientSecretRotationTrigger: {
triggered_at: "2018-01-02T23:12:01Z",
triggered_by: "auth0",
},
customLoginPageOn: true,
description: "Test Applications Long Description",
grantTypes: [
"authorization_code",
"http://auth0.com/oauth/grant-type/password-realm",
"implicit",
"password",
"refresh_token",
],
initiateLoginUri: "https://example.com/login",
isFirstParty: true,
isTokenEndpointIpHeaderTrusted: true,
jwtConfiguration: {
alg: "RS256",
lifetimeInSeconds: 300,
scopes: {
foo: "bar",
},
secretEncoded: true,
},
mobile: {
ios: {
appBundleIdentifier: "com.my.bundle.id",
teamId: "9JA89QQLNQ",
},
},
oidcConformant: false,
organizationRequireBehavior: "no_prompt",
organizationUsage: "deny",
refreshToken: {
expirationType: "expiring",
idleTokenLifetime: 1296000,
infiniteIdleTokenLifetime: true,
infiniteTokenLifetime: false,
leeway: 15,
rotationType: "rotating",
tokenLifetime: 84600,
},
tokenEndpointAuthMethod: "client_secret_post",
webOrigins: ["https://example.com"],
});
resources:
myClient:
type: auth0:Client
properties:
addons:
firebase:
clientEmail: john.doe@example.com
lifetimeInSeconds: 1
privateKey: wer
privateKeyId: qwreerwerwe
samlp:
audience: https://example.com/saml
createUpnClaim: false
mapIdentities: false
mapUnknownClaimsAsIs: false
mappings:
email: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
nameIdentifierFormat: urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
nameIdentifierProbes:
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
passthroughClaimsWithNoMapping: false
signingCert: pemcertificate
allowedClients:
- https://allowed.example.com
allowedLogoutUrls:
- https://example.com
allowedOrigins:
- https://example.com
appType: non_interactive
callbacks:
- https://example.com/callback
clientMetadata:
foo: zoo
clientSecretRotationTrigger:
triggered_at: 2018-01-02T23:12:01Z
triggered_by: auth0
customLoginPageOn: true
description: Test Applications Long Description
grantTypes:
- authorization_code
- http://auth0.com/oauth/grant-type/password-realm
- implicit
- password
- refresh_token
initiateLoginUri: https://example.com/login
isFirstParty: true
isTokenEndpointIpHeaderTrusted: true
jwtConfiguration:
alg: RS256
lifetimeInSeconds: 300
scopes:
foo: bar
secretEncoded: true
mobile:
ios:
appBundleIdentifier: com.my.bundle.id
teamId: 9JA89QQLNQ
oidcConformant: false
organizationRequireBehavior: no_prompt
organizationUsage: deny
refreshToken:
expirationType: expiring
idleTokenLifetime: 1.296e+06
infiniteIdleTokenLifetime: true
infiniteTokenLifetime: false
leeway: 15
rotationType: rotating
tokenLifetime: 84600
tokenEndpointAuthMethod: client_secret_post
webOrigins:
- https://example.com
Create a Client Resource
new Client(name: string, args?: ClientArgs, opts?: CustomResourceOptions);
@overload
def Client(resource_name: str,
opts: Optional[ResourceOptions] = None,
addons: Optional[ClientAddonsArgs] = None,
allowed_clients: Optional[Sequence[str]] = None,
allowed_logout_urls: Optional[Sequence[str]] = None,
allowed_origins: Optional[Sequence[str]] = None,
app_type: Optional[str] = None,
callbacks: Optional[Sequence[str]] = None,
client_metadata: Optional[Mapping[str, Any]] = None,
client_secret_rotation_trigger: Optional[Mapping[str, Any]] = None,
cross_origin_auth: Optional[bool] = None,
cross_origin_loc: Optional[str] = None,
custom_login_page: Optional[str] = None,
custom_login_page_on: Optional[bool] = None,
description: Optional[str] = None,
encryption_key: Optional[Mapping[str, str]] = None,
form_template: Optional[str] = None,
grant_types: Optional[Sequence[str]] = None,
initiate_login_uri: Optional[str] = None,
is_first_party: Optional[bool] = None,
is_token_endpoint_ip_header_trusted: Optional[bool] = None,
jwt_configuration: Optional[ClientJwtConfigurationArgs] = None,
logo_uri: Optional[str] = None,
mobile: Optional[ClientMobileArgs] = None,
name: Optional[str] = None,
native_social_login: Optional[ClientNativeSocialLoginArgs] = None,
oidc_conformant: Optional[bool] = None,
organization_require_behavior: Optional[str] = None,
organization_usage: Optional[str] = None,
refresh_token: Optional[ClientRefreshTokenArgs] = None,
sso: Optional[bool] = None,
sso_disabled: Optional[bool] = None,
token_endpoint_auth_method: Optional[str] = None,
web_origins: Optional[Sequence[str]] = None)
@overload
def Client(resource_name: str,
args: Optional[ClientArgs] = None,
opts: Optional[ResourceOptions] = None)
func NewClient(ctx *Context, name string, args *ClientArgs, opts ...ResourceOption) (*Client, error)
public Client(string name, ClientArgs? args = null, CustomResourceOptions? opts = null)
public Client(String name, ClientArgs args)
public Client(String name, ClientArgs args, CustomResourceOptions options)
type: auth0:Client
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClientArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ClientArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ClientArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClientArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ClientArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Client Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Client resource accepts the following input properties:
- Addons
Client
Addons Args List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- Allowed
Clients List<string> List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- Allowed
Logout List<string>Urls List(String). URLs that Auth0 may redirect to after logout.
- Allowed
Origins List<string> List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- App
Type string String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- Callbacks List<string>
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- Client
Metadata Dictionary<string, object> Map(String)
- Client
Secret Dictionary<string, object>Rotation Trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- Cross
Origin boolAuth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- Cross
Origin stringLoc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- Custom
Login stringPage String. Content of the custom login page.
- Custom
Login boolPage On Boolean. Indicates whether or not a custom login page is to be used.
- Description string
String, (Max length = 140 characters). Description of the purpose of the client.
- Encryption
Key Dictionary<string, string> Map(String).
- Form
Template string String. Form template for WS-Federation protocol.
- Grant
Types List<string> List(String). Types of grants that this client is authorized to use.
- Initiate
Login stringUri String. Initiate login uri, must be https.
- Is
First boolParty Boolean. Indicates whether or not this client is a first-party client.
- Is
Token boolEndpoint Ip Header Trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- Jwt
Configuration ClientJwt Configuration Args List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- Logo
Uri string String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- Mobile
Client
Mobile Args List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- Name string
String. Name of the client.
- Client
Native Social Login Args List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- Oidc
Conformant bool Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- Organization
Require stringBehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- Organization
Usage string String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- Refresh
Token ClientRefresh Token Args List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- Sso bool
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- Sso
Disabled bool Boolean. Indicates whether or not SSO is disabled.
- Token
Endpoint stringAuth Method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- Web
Origins List<string> List(String). URLs that represent valid web origins for use with web message response mode.
- Addons
Client
Addons Args List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- Allowed
Clients []string List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- Allowed
Logout []stringUrls List(String). URLs that Auth0 may redirect to after logout.
- Allowed
Origins []string List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- App
Type string String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- Callbacks []string
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- Client
Metadata map[string]interface{} Map(String)
- Client
Secret map[string]interface{}Rotation Trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- Cross
Origin boolAuth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- Cross
Origin stringLoc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- Custom
Login stringPage String. Content of the custom login page.
- Custom
Login boolPage On Boolean. Indicates whether or not a custom login page is to be used.
- Description string
String, (Max length = 140 characters). Description of the purpose of the client.
- Encryption
Key map[string]string Map(String).
- Form
Template string String. Form template for WS-Federation protocol.
- Grant
Types []string List(String). Types of grants that this client is authorized to use.
- Initiate
Login stringUri String. Initiate login uri, must be https.
- Is
First boolParty Boolean. Indicates whether or not this client is a first-party client.
- Is
Token boolEndpoint Ip Header Trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- Jwt
Configuration ClientJwt Configuration Args List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- Logo
Uri string String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- Mobile
Client
Mobile Args List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- Name string
String. Name of the client.
- Client
Native Social Login Args List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- Oidc
Conformant bool Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- Organization
Require stringBehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- Organization
Usage string String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- Refresh
Token ClientRefresh Token Args List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- Sso bool
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- Sso
Disabled bool Boolean. Indicates whether or not SSO is disabled.
- Token
Endpoint stringAuth Method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- Web
Origins []string List(String). URLs that represent valid web origins for use with web message response mode.
- addons
Client
Addons Args List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- allowed
Clients List<String> List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout List<String>Urls List(String). URLs that Auth0 may redirect to after logout.
- allowed
Origins List<String> List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type String String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks List<String>
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Metadata Map<String,Object> Map(String)
- client
Secret Map<String,Object>Rotation Trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- cross
Origin BooleanAuth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- cross
Origin StringLoc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- custom
Login StringPage String. Content of the custom login page.
- custom
Login BooleanPage On Boolean. Indicates whether or not a custom login page is to be used.
- description String
String, (Max length = 140 characters). Description of the purpose of the client.
- encryption
Key Map<String,String> Map(String).
- form
Template String String. Form template for WS-Federation protocol.
- grant
Types List<String> List(String). Types of grants that this client is authorized to use.
- initiate
Login StringUri String. Initiate login uri, must be https.
- is
First BooleanParty Boolean. Indicates whether or not this client is a first-party client.
- is
Token BooleanEndpoint Ip Header Trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- jwt
Configuration ClientJwt Configuration Args List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- logo
Uri String String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobile
Client
Mobile Args List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- name String
String. Name of the client.
- Client
Native Social Login Args List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- oidc
Conformant Boolean Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- organization
Require StringBehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization
Usage String String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- refresh
Token ClientRefresh Token Args List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- sso Boolean
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- sso
Disabled Boolean Boolean. Indicates whether or not SSO is disabled.
- token
Endpoint StringAuth Method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web
Origins List<String> List(String). URLs that represent valid web origins for use with web message response mode.
- addons
Client
Addons Args List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- allowed
Clients string[] List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout string[]Urls List(String). URLs that Auth0 may redirect to after logout.
- allowed
Origins string[] List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type string String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks string[]
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Metadata {[key: string]: any} Map(String)
- client
Secret {[key: string]: any}Rotation Trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- cross
Origin booleanAuth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- cross
Origin stringLoc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- custom
Login stringPage String. Content of the custom login page.
- custom
Login booleanPage On Boolean. Indicates whether or not a custom login page is to be used.
- description string
String, (Max length = 140 characters). Description of the purpose of the client.
- encryption
Key {[key: string]: string} Map(String).
- form
Template string String. Form template for WS-Federation protocol.
- grant
Types string[] List(String). Types of grants that this client is authorized to use.
- initiate
Login stringUri String. Initiate login uri, must be https.
- is
First booleanParty Boolean. Indicates whether or not this client is a first-party client.
- is
Token booleanEndpoint Ip Header Trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- jwt
Configuration ClientJwt Configuration Args List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- logo
Uri string String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobile
Client
Mobile Args List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- name string
String. Name of the client.
- Client
Native Social Login Args List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- oidc
Conformant boolean Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- organization
Require stringBehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization
Usage string String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- refresh
Token ClientRefresh Token Args List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- sso boolean
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- sso
Disabled boolean Boolean. Indicates whether or not SSO is disabled.
- token
Endpoint stringAuth Method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web
Origins string[] List(String). URLs that represent valid web origins for use with web message response mode.
- addons
Client
Addons Args List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- allowed_
clients Sequence[str] List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed_
logout_ Sequence[str]urls List(String). URLs that Auth0 may redirect to after logout.
- allowed_
origins Sequence[str] List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app_
type str String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks Sequence[str]
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client_
metadata Mapping[str, Any] Map(String)
- client_
secret_ Mapping[str, Any]rotation_ trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- cross_
origin_ boolauth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- cross_
origin_ strloc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- custom_
login_ strpage String. Content of the custom login page.
- custom_
login_ boolpage_ on Boolean. Indicates whether or not a custom login page is to be used.
- description str
String, (Max length = 140 characters). Description of the purpose of the client.
- encryption_
key Mapping[str, str] Map(String).
- form_
template str String. Form template for WS-Federation protocol.
- grant_
types Sequence[str] List(String). Types of grants that this client is authorized to use.
- initiate_
login_ struri String. Initiate login uri, must be https.
- is_
first_ boolparty Boolean. Indicates whether or not this client is a first-party client.
- is_
token_ boolendpoint_ ip_ header_ trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- jwt_
configuration ClientJwt Configuration Args List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- logo_
uri str String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobile
Client
Mobile Args List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- name str
String. Name of the client.
- Client
Native Social Login Args List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- oidc_
conformant bool Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- organization_
require_ strbehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization_
usage str String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- refresh_
token ClientRefresh Token Args List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- sso bool
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- sso_
disabled bool Boolean. Indicates whether or not SSO is disabled.
- token_
endpoint_ strauth_ method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web_
origins Sequence[str] List(String). URLs that represent valid web origins for use with web message response mode.
- addons Property Map
List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- allowed
Clients List<String> List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout List<String>Urls List(String). URLs that Auth0 may redirect to after logout.
- allowed
Origins List<String> List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type String String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks List<String>
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Metadata Map<Any> Map(String)
- client
Secret Map<Any>Rotation Trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- cross
Origin BooleanAuth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- cross
Origin StringLoc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- custom
Login StringPage String. Content of the custom login page.
- custom
Login BooleanPage On Boolean. Indicates whether or not a custom login page is to be used.
- description String
String, (Max length = 140 characters). Description of the purpose of the client.
- encryption
Key Map<String> Map(String).
- form
Template String String. Form template for WS-Federation protocol.
- grant
Types List<String> List(String). Types of grants that this client is authorized to use.
- initiate
Login StringUri String. Initiate login uri, must be https.
- is
First BooleanParty Boolean. Indicates whether or not this client is a first-party client.
- is
Token BooleanEndpoint Ip Header Trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- jwt
Configuration Property Map List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- logo
Uri String String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobile Property Map
List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- name String
String. Name of the client.
- Property Map
List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- oidc
Conformant Boolean Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- organization
Require StringBehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization
Usage String String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- refresh
Token Property Map List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- sso Boolean
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- sso
Disabled Boolean Boolean. Indicates whether or not SSO is disabled.
- token
Endpoint StringAuth Method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web
Origins List<String> List(String). URLs that represent valid web origins for use with web message response mode.
Outputs
All input properties are implicitly available as output properties. Additionally, the Client resource produces the following output properties:
- Client
Id string String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- Client
Secret string - Id string
The provider-assigned unique ID for this managed resource.
- Signing
Keys List<ImmutableDictionary<string, object>> List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- Client
Id string String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- Client
Secret string - Id string
The provider-assigned unique ID for this managed resource.
- Signing
Keys []map[string]interface{} List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- client
Id String String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- client
Secret String - id String
The provider-assigned unique ID for this managed resource.
- signing
Keys List<Map<String,Object>> List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- client
Id string String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- client
Secret string - id string
The provider-assigned unique ID for this managed resource.
- signing
Keys {[key: string]: any}[] List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- client_
id str String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- client_
secret str - id str
The provider-assigned unique ID for this managed resource.
- signing_
keys Sequence[Mapping[str, Any]] List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- client
Id String String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- client
Secret String - id String
The provider-assigned unique ID for this managed resource.
- signing
Keys List<Map<Any>> List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
Look up an Existing Client Resource
Get an existing Client resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ClientState, opts?: CustomResourceOptions): Client
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
addons: Optional[ClientAddonsArgs] = None,
allowed_clients: Optional[Sequence[str]] = None,
allowed_logout_urls: Optional[Sequence[str]] = None,
allowed_origins: Optional[Sequence[str]] = None,
app_type: Optional[str] = None,
callbacks: Optional[Sequence[str]] = None,
client_id: Optional[str] = None,
client_metadata: Optional[Mapping[str, Any]] = None,
client_secret: Optional[str] = None,
client_secret_rotation_trigger: Optional[Mapping[str, Any]] = None,
cross_origin_auth: Optional[bool] = None,
cross_origin_loc: Optional[str] = None,
custom_login_page: Optional[str] = None,
custom_login_page_on: Optional[bool] = None,
description: Optional[str] = None,
encryption_key: Optional[Mapping[str, str]] = None,
form_template: Optional[str] = None,
grant_types: Optional[Sequence[str]] = None,
initiate_login_uri: Optional[str] = None,
is_first_party: Optional[bool] = None,
is_token_endpoint_ip_header_trusted: Optional[bool] = None,
jwt_configuration: Optional[ClientJwtConfigurationArgs] = None,
logo_uri: Optional[str] = None,
mobile: Optional[ClientMobileArgs] = None,
name: Optional[str] = None,
native_social_login: Optional[ClientNativeSocialLoginArgs] = None,
oidc_conformant: Optional[bool] = None,
organization_require_behavior: Optional[str] = None,
organization_usage: Optional[str] = None,
refresh_token: Optional[ClientRefreshTokenArgs] = None,
signing_keys: Optional[Sequence[Mapping[str, Any]]] = None,
sso: Optional[bool] = None,
sso_disabled: Optional[bool] = None,
token_endpoint_auth_method: Optional[str] = None,
web_origins: Optional[Sequence[str]] = None) -> Client
func GetClient(ctx *Context, name string, id IDInput, state *ClientState, opts ...ResourceOption) (*Client, error)
public static Client Get(string name, Input<string> id, ClientState? state, CustomResourceOptions? opts = null)
public static Client get(String name, Output<String> id, ClientState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Addons
Client
Addons Args List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- Allowed
Clients List<string> List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- Allowed
Logout List<string>Urls List(String). URLs that Auth0 may redirect to after logout.
- Allowed
Origins List<string> List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- App
Type string String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- Callbacks List<string>
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- Client
Id string String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- Client
Metadata Dictionary<string, object> Map(String)
- Client
Secret string - Client
Secret Dictionary<string, object>Rotation Trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- Cross
Origin boolAuth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- Cross
Origin stringLoc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- Custom
Login stringPage String. Content of the custom login page.
- Custom
Login boolPage On Boolean. Indicates whether or not a custom login page is to be used.
- Description string
String, (Max length = 140 characters). Description of the purpose of the client.
- Encryption
Key Dictionary<string, string> Map(String).
- Form
Template string String. Form template for WS-Federation protocol.
- Grant
Types List<string> List(String). Types of grants that this client is authorized to use.
- Initiate
Login stringUri String. Initiate login uri, must be https.
- Is
First boolParty Boolean. Indicates whether or not this client is a first-party client.
- Is
Token boolEndpoint Ip Header Trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- Jwt
Configuration ClientJwt Configuration Args List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- Logo
Uri string String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- Mobile
Client
Mobile Args List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- Name string
String. Name of the client.
- Client
Native Social Login Args List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- Oidc
Conformant bool Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- Organization
Require stringBehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- Organization
Usage string String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- Refresh
Token ClientRefresh Token Args List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- Signing
Keys List<ImmutableDictionary<string, object>> List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- Sso bool
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- Sso
Disabled bool Boolean. Indicates whether or not SSO is disabled.
- Token
Endpoint stringAuth Method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- Web
Origins List<string> List(String). URLs that represent valid web origins for use with web message response mode.
- Addons
Client
Addons Args List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- Allowed
Clients []string List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- Allowed
Logout []stringUrls List(String). URLs that Auth0 may redirect to after logout.
- Allowed
Origins []string List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- App
Type string String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- Callbacks []string
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- Client
Id string String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- Client
Metadata map[string]interface{} Map(String)
- Client
Secret string - Client
Secret map[string]interface{}Rotation Trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- Cross
Origin boolAuth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- Cross
Origin stringLoc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- Custom
Login stringPage String. Content of the custom login page.
- Custom
Login boolPage On Boolean. Indicates whether or not a custom login page is to be used.
- Description string
String, (Max length = 140 characters). Description of the purpose of the client.
- Encryption
Key map[string]string Map(String).
- Form
Template string String. Form template for WS-Federation protocol.
- Grant
Types []string List(String). Types of grants that this client is authorized to use.
- Initiate
Login stringUri String. Initiate login uri, must be https.
- Is
First boolParty Boolean. Indicates whether or not this client is a first-party client.
- Is
Token boolEndpoint Ip Header Trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- Jwt
Configuration ClientJwt Configuration Args List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- Logo
Uri string String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- Mobile
Client
Mobile Args List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- Name string
String. Name of the client.
- Client
Native Social Login Args List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- Oidc
Conformant bool Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- Organization
Require stringBehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- Organization
Usage string String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- Refresh
Token ClientRefresh Token Args List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- Signing
Keys []map[string]interface{} List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- Sso bool
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- Sso
Disabled bool Boolean. Indicates whether or not SSO is disabled.
- Token
Endpoint stringAuth Method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- Web
Origins []string List(String). URLs that represent valid web origins for use with web message response mode.
- addons
Client
Addons Args List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- allowed
Clients List<String> List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout List<String>Urls List(String). URLs that Auth0 may redirect to after logout.
- allowed
Origins List<String> List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type String String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks List<String>
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Id String String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- client
Metadata Map<String,Object> Map(String)
- client
Secret String - client
Secret Map<String,Object>Rotation Trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- cross
Origin BooleanAuth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- cross
Origin StringLoc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- custom
Login StringPage String. Content of the custom login page.
- custom
Login BooleanPage On Boolean. Indicates whether or not a custom login page is to be used.
- description String
String, (Max length = 140 characters). Description of the purpose of the client.
- encryption
Key Map<String,String> Map(String).
- form
Template String String. Form template for WS-Federation protocol.
- grant
Types List<String> List(String). Types of grants that this client is authorized to use.
- initiate
Login StringUri String. Initiate login uri, must be https.
- is
First BooleanParty Boolean. Indicates whether or not this client is a first-party client.
- is
Token BooleanEndpoint Ip Header Trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- jwt
Configuration ClientJwt Configuration Args List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- logo
Uri String String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobile
Client
Mobile Args List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- name String
String. Name of the client.
- Client
Native Social Login Args List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- oidc
Conformant Boolean Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- organization
Require StringBehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization
Usage String String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- refresh
Token ClientRefresh Token Args List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- signing
Keys List<Map<String,Object>> List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- sso Boolean
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- sso
Disabled Boolean Boolean. Indicates whether or not SSO is disabled.
- token
Endpoint StringAuth Method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web
Origins List<String> List(String). URLs that represent valid web origins for use with web message response mode.
- addons
Client
Addons Args List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- allowed
Clients string[] List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout string[]Urls List(String). URLs that Auth0 may redirect to after logout.
- allowed
Origins string[] List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type string String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks string[]
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Id string String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- client
Metadata {[key: string]: any} Map(String)
- client
Secret string - client
Secret {[key: string]: any}Rotation Trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- cross
Origin booleanAuth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- cross
Origin stringLoc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- custom
Login stringPage String. Content of the custom login page.
- custom
Login booleanPage On Boolean. Indicates whether or not a custom login page is to be used.
- description string
String, (Max length = 140 characters). Description of the purpose of the client.
- encryption
Key {[key: string]: string} Map(String).
- form
Template string String. Form template for WS-Federation protocol.
- grant
Types string[] List(String). Types of grants that this client is authorized to use.
- initiate
Login stringUri String. Initiate login uri, must be https.
- is
First booleanParty Boolean. Indicates whether or not this client is a first-party client.
- is
Token booleanEndpoint Ip Header Trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- jwt
Configuration ClientJwt Configuration Args List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- logo
Uri string String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobile
Client
Mobile Args List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- name string
String. Name of the client.
- Client
Native Social Login Args List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- oidc
Conformant boolean Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- organization
Require stringBehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization
Usage string String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- refresh
Token ClientRefresh Token Args List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- signing
Keys {[key: string]: any}[] List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- sso boolean
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- sso
Disabled boolean Boolean. Indicates whether or not SSO is disabled.
- token
Endpoint stringAuth Method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web
Origins string[] List(String). URLs that represent valid web origins for use with web message response mode.
- addons
Client
Addons Args List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- allowed_
clients Sequence[str] List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed_
logout_ Sequence[str]urls List(String). URLs that Auth0 may redirect to after logout.
- allowed_
origins Sequence[str] List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app_
type str String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks Sequence[str]
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client_
id str String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- client_
metadata Mapping[str, Any] Map(String)
- client_
secret str - client_
secret_ Mapping[str, Any]rotation_ trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- cross_
origin_ boolauth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- cross_
origin_ strloc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- custom_
login_ strpage String. Content of the custom login page.
- custom_
login_ boolpage_ on Boolean. Indicates whether or not a custom login page is to be used.
- description str
String, (Max length = 140 characters). Description of the purpose of the client.
- encryption_
key Mapping[str, str] Map(String).
- form_
template str String. Form template for WS-Federation protocol.
- grant_
types Sequence[str] List(String). Types of grants that this client is authorized to use.
- initiate_
login_ struri String. Initiate login uri, must be https.
- is_
first_ boolparty Boolean. Indicates whether or not this client is a first-party client.
- is_
token_ boolendpoint_ ip_ header_ trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- jwt_
configuration ClientJwt Configuration Args List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- logo_
uri str String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobile
Client
Mobile Args List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- name str
String. Name of the client.
- Client
Native Social Login Args List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- oidc_
conformant bool Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- organization_
require_ strbehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization_
usage str String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- refresh_
token ClientRefresh Token Args List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- signing_
keys Sequence[Mapping[str, Any]] List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- sso bool
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- sso_
disabled bool Boolean. Indicates whether or not SSO is disabled.
- token_
endpoint_ strauth_ method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web_
origins Sequence[str] List(String). URLs that represent valid web origins for use with web message response mode.
- addons Property Map
List(Resource). Configuration settings for add-ons for this client. For details, see Add-ons.
- allowed
Clients List<String> List(String). List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout List<String>Urls List(String). URLs that Auth0 may redirect to after logout.
- allowed
Origins List<String> List(String). URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type String String. Type of application the client represents. Options include
native
,spa
,regular_web
,non_interactive
,rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks List<String>
List(String). URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Id String String. ID of the client.
client_secret
1 - String. Secret for the client; keep this private.
- client
Metadata Map<Any> Map(String)
- client
Secret String - client
Secret Map<Any>Rotation Trigger Map. Custom metadata for the rotation. For more info: rotate-client-secret.
- cross
Origin BooleanAuth Boolean. Indicates whether or not the client can be used to make cross-origin authentication requests.
- cross
Origin StringLoc String. URL for the location on your site where the cross-origin verification takes place for the cross-origin auth flow. Used when performing auth in your own domain instead of through the Auth0-hosted login page.
- custom
Login StringPage String. Content of the custom login page.
- custom
Login BooleanPage On Boolean. Indicates whether or not a custom login page is to be used.
- description String
String, (Max length = 140 characters). Description of the purpose of the client.
- encryption
Key Map<String> Map(String).
- form
Template String String. Form template for WS-Federation protocol.
- grant
Types List<String> List(String). Types of grants that this client is authorized to use.
- initiate
Login StringUri String. Initiate login uri, must be https.
- is
First BooleanParty Boolean. Indicates whether or not this client is a first-party client.
- is
Token BooleanEndpoint Ip Header Trusted Boolean. Indicates whether or not the token endpoint IP header is trusted.
- jwt
Configuration Property Map List(Resource). Configuration settings for the JWTs issued for this client. For details, see JWT Configuration.
- logo
Uri String String. URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobile Property Map
List(Resource). Configuration settings for mobile native applications. For details, see Mobile.
- name String
String. Name of the client.
- Property Map
List(Resource). Configuration settings to toggle native social login for mobile native applications. For details, see Native Social Login
- oidc
Conformant Boolean Boolean. Indicates whether or not this client will conform to strict OIDC specifications.
- organization
Require StringBehavior String. Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization
Usage String String. Defines how to proceed during an authentication transaction with regards an organization. Can be
deny
(default),allow
orrequire
.- refresh
Token Property Map List(Resource). Configuration settings for the refresh tokens issued for this client. For details, see Refresh Token Configuration.
- signing
Keys List<Map<Any>> List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7.
- sso Boolean
Boolean. Indicates whether or not the client should use Auth0 rather than the IdP to perform Single Sign-On (SSO). True = Use Auth0.
- sso
Disabled Boolean Boolean. Indicates whether or not SSO is disabled.
- token
Endpoint StringAuth Method String. Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web
Origins List<String> List(String). URLs that represent valid web origins for use with web message response mode.
Supporting Types
ClientAddons
- Aws Dictionary<string, object>
String
- Azure
Blob Dictionary<string, object> String
- Azure
Sb Dictionary<string, object> String
- Box Dictionary<string, object>
String
- Cloudbees Dictionary<string, object>
String
- Concur Dictionary<string, object>
String
- Dropbox Dictionary<string, object>
String
- Echosign Dictionary<string, object>
String
- Egnyte Dictionary<string, object>
String
- Firebase Dictionary<string, object>
String
- Layer Dictionary<string, object>
String
- Mscrm Dictionary<string, object>
String
- Newrelic Dictionary<string, object>
String
- Office365 Dictionary<string, object>
String
- Rms Dictionary<string, object>
String
- Salesforce Dictionary<string, object>
String
- Salesforce
Api Dictionary<string, object> String
- Salesforce
Sandbox Dictionary<string, object>Api String
- Samlp
Client
Addons Samlp List(Resource). Configuration settings for a SAML add-on. For details, see SAML.
- Sap
Api Dictionary<string, object> String
- Sentry Dictionary<string, object>
String
- Dictionary<string, object>
String
- Slack Dictionary<string, object>
String
- Springcm Dictionary<string, object>
String
- Wams Dictionary<string, object>
String
- Wsfed Dictionary<string, object>
String
- Zendesk Dictionary<string, object>
String
- Zoom Dictionary<string, object>
String
- Aws map[string]interface{}
String
- Azure
Blob map[string]interface{} String
- Azure
Sb map[string]interface{} String
- Box map[string]interface{}
String
- Cloudbees map[string]interface{}
String
- Concur map[string]interface{}
String
- Dropbox map[string]interface{}
String
- Echosign map[string]interface{}
String
- Egnyte map[string]interface{}
String
- Firebase map[string]interface{}
String
- Layer map[string]interface{}
String
- Mscrm map[string]interface{}
String
- Newrelic map[string]interface{}
String
- Office365 map[string]interface{}
String
- Rms map[string]interface{}
String
- Salesforce map[string]interface{}
String
- Salesforce
Api map[string]interface{} String
- Salesforce
Sandbox map[string]interface{}Api String
- Samlp
Client
Addons Samlp List(Resource). Configuration settings for a SAML add-on. For details, see SAML.
- Sap
Api map[string]interface{} String
- Sentry map[string]interface{}
String
- map[string]interface{}
String
- Slack map[string]interface{}
String
- Springcm map[string]interface{}
String
- Wams map[string]interface{}
String
- Wsfed map[string]interface{}
String
- Zendesk map[string]interface{}
String
- Zoom map[string]interface{}
String
- aws Map<String,Object>
String
- azure
Blob Map<String,Object> String
- azure
Sb Map<String,Object> String
- box Map<String,Object>
String
- cloudbees Map<String,Object>
String
- concur Map<String,Object>
String
- dropbox Map<String,Object>
String
- echosign Map<String,Object>
String
- egnyte Map<String,Object>
String
- firebase Map<String,Object>
String
- layer Map<String,Object>
String
- mscrm Map<String,Object>
String
- newrelic Map<String,Object>
String
- office365 Map<String,Object>
String
- rms Map<String,Object>
String
- salesforce Map<String,Object>
String
- salesforce
Api Map<String,Object> String
- salesforce
Sandbox Map<String,Object>Api String
- samlp
Client
Addons Samlp List(Resource). Configuration settings for a SAML add-on. For details, see SAML.
- sap
Api Map<String,Object> String
- sentry Map<String,Object>
String
- Map<String,Object>
String
- slack Map<String,Object>
String
- springcm Map<String,Object>
String
- wams Map<String,Object>
String
- wsfed Map<String,Object>
String
- zendesk Map<String,Object>
String
- zoom Map<String,Object>
String
- aws {[key: string]: any}
String
- azure
Blob {[key: string]: any} String
- azure
Sb {[key: string]: any} String
- box {[key: string]: any}
String
- cloudbees {[key: string]: any}
String
- concur {[key: string]: any}
String
- dropbox {[key: string]: any}
String
- echosign {[key: string]: any}
String
- egnyte {[key: string]: any}
String
- firebase {[key: string]: any}
String
- layer {[key: string]: any}
String
- mscrm {[key: string]: any}
String
- newrelic {[key: string]: any}
String
- office365 {[key: string]: any}
String
- rms {[key: string]: any}
String
- salesforce {[key: string]: any}
String
- salesforce
Api {[key: string]: any} String
- salesforce
Sandbox {[key: string]: any}Api String
- samlp
Client
Addons Samlp List(Resource). Configuration settings for a SAML add-on. For details, see SAML.
- sap
Api {[key: string]: any} String
- sentry {[key: string]: any}
String
- {[key: string]: any}
String
- slack {[key: string]: any}
String
- springcm {[key: string]: any}
String
- wams {[key: string]: any}
String
- wsfed {[key: string]: any}
String
- zendesk {[key: string]: any}
String
- zoom {[key: string]: any}
String
- aws Mapping[str, Any]
String
- azure_
blob Mapping[str, Any] String
- azure_
sb Mapping[str, Any] String
- box Mapping[str, Any]
String
- cloudbees Mapping[str, Any]
String
- concur Mapping[str, Any]
String
- dropbox Mapping[str, Any]
String
- echosign Mapping[str, Any]
String
- egnyte Mapping[str, Any]
String
- firebase Mapping[str, Any]
String
- layer Mapping[str, Any]
String
- mscrm Mapping[str, Any]
String
- newrelic Mapping[str, Any]
String
- office365 Mapping[str, Any]
String
- rms Mapping[str, Any]
String
- salesforce Mapping[str, Any]
String
- salesforce_
api Mapping[str, Any] String
- salesforce_
sandbox_ Mapping[str, Any]api String
- samlp
Client
Addons Samlp List(Resource). Configuration settings for a SAML add-on. For details, see SAML.
- sap_
api Mapping[str, Any] String
- sentry Mapping[str, Any]
String
- Mapping[str, Any]
String
- slack Mapping[str, Any]
String
- springcm Mapping[str, Any]
String
- wams Mapping[str, Any]
String
- wsfed Mapping[str, Any]
String
- zendesk Mapping[str, Any]
String
- zoom Mapping[str, Any]
String
- aws Map<Any>
String
- azure
Blob Map<Any> String
- azure
Sb Map<Any> String
- box Map<Any>
String
- cloudbees Map<Any>
String
- concur Map<Any>
String
- dropbox Map<Any>
String
- echosign Map<Any>
String
- egnyte Map<Any>
String
- firebase Map<Any>
String
- layer Map<Any>
String
- mscrm Map<Any>
String
- newrelic Map<Any>
String
- office365 Map<Any>
String
- rms Map<Any>
String
- salesforce Map<Any>
String
- salesforce
Api Map<Any> String
- salesforce
Sandbox Map<Any>Api String
- samlp Property Map
List(Resource). Configuration settings for a SAML add-on. For details, see SAML.
- sap
Api Map<Any> String
- sentry Map<Any>
String
- Map<Any>
String
- slack Map<Any>
String
- springcm Map<Any>
String
- wams Map<Any>
String
- wsfed Map<Any>
String
- zendesk Map<Any>
String
- zoom Map<Any>
String
ClientAddonsSamlp
- Audience string
String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- Authn
Context stringClass Ref String. Class reference of the authentication context.
- Binding string
String. Protocol binding used for SAML logout responses.
- Create
Upn boolClaim Boolean, (Default=true) Indicates whether or not a UPN claim should be created.
- Destination string
String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.
- Digest
Algorithm string String, (Default=
sha1
). Algorithm used to calculate the digest of the SAML Assertion or response. Options includedefaultsha1
andsha256
.- Include
Attribute boolName Format Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.
- Lifetime
In intSeconds Integer, (Default=3600). Number of seconds during which the token is valid.
- Logout Dictionary<string, object>
Map(Resource). Configuration settings for logout. For details, see Logout.
- Map
Identities bool Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.
- Map
Unknown boolClaims As Is Boolean, (Default=false). Indicates whether or not to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion.- Mappings Dictionary<string, object>
Map(String). Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
).- Name
Identifier stringFormat String, (Default=
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
). Format of the name identifier.- Name
Identifier List<string>Probes List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- Passthrough
Claims boolWith No Mapping Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.
- Recipient string
String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.
- Sign
Response bool Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- Signature
Algorithm string String, (Default=
rsa-sha1
). Algorithm used to sign the SAML Assertion or response. Options includersa-sha1
andrsa-sha256
.- Signing
Cert string String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
.- Typed
Attributes bool Boolean, (Default=true). Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set to false, allxs:type
arexs:anyType
.
- Audience string
String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- Authn
Context stringClass Ref String. Class reference of the authentication context.
- Binding string
String. Protocol binding used for SAML logout responses.
- Create
Upn boolClaim Boolean, (Default=true) Indicates whether or not a UPN claim should be created.
- Destination string
String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.
- Digest
Algorithm string String, (Default=
sha1
). Algorithm used to calculate the digest of the SAML Assertion or response. Options includedefaultsha1
andsha256
.- Include
Attribute boolName Format Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.
- Lifetime
In intSeconds Integer, (Default=3600). Number of seconds during which the token is valid.
- Logout map[string]interface{}
Map(Resource). Configuration settings for logout. For details, see Logout.
- Map
Identities bool Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.
- Map
Unknown boolClaims As Is Boolean, (Default=false). Indicates whether or not to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion.- Mappings map[string]interface{}
Map(String). Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
).- Name
Identifier stringFormat String, (Default=
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
). Format of the name identifier.- Name
Identifier []stringProbes List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- Passthrough
Claims boolWith No Mapping Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.
- Recipient string
String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.
- Sign
Response bool Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- Signature
Algorithm string String, (Default=
rsa-sha1
). Algorithm used to sign the SAML Assertion or response. Options includersa-sha1
andrsa-sha256
.- Signing
Cert string String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
.- Typed
Attributes bool Boolean, (Default=true). Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set to false, allxs:type
arexs:anyType
.
- audience String
String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- authn
Context StringClass Ref String. Class reference of the authentication context.
- binding String
String. Protocol binding used for SAML logout responses.
- create
Upn BooleanClaim Boolean, (Default=true) Indicates whether or not a UPN claim should be created.
- destination String
String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.
- digest
Algorithm String String, (Default=
sha1
). Algorithm used to calculate the digest of the SAML Assertion or response. Options includedefaultsha1
andsha256
.- include
Attribute BooleanName Format Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.
- lifetime
In IntegerSeconds Integer, (Default=3600). Number of seconds during which the token is valid.
- logout Map<String,Object>
Map(Resource). Configuration settings for logout. For details, see Logout.
- map
Identities Boolean Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.
- map
Unknown BooleanClaims As Is Boolean, (Default=false). Indicates whether or not to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion.- mappings Map<String,Object>
Map(String). Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
).- name
Identifier StringFormat String, (Default=
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
). Format of the name identifier.- name
Identifier List<String>Probes List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- passthrough
Claims BooleanWith No Mapping Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.
- recipient String
String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.
- sign
Response Boolean Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- signature
Algorithm String String, (Default=
rsa-sha1
). Algorithm used to sign the SAML Assertion or response. Options includersa-sha1
andrsa-sha256
.- signing
Cert String String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
.- typed
Attributes Boolean Boolean, (Default=true). Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set to false, allxs:type
arexs:anyType
.
- audience string
String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- authn
Context stringClass Ref String. Class reference of the authentication context.
- binding string
String. Protocol binding used for SAML logout responses.
- create
Upn booleanClaim Boolean, (Default=true) Indicates whether or not a UPN claim should be created.
- destination string
String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.
- digest
Algorithm string String, (Default=
sha1
). Algorithm used to calculate the digest of the SAML Assertion or response. Options includedefaultsha1
andsha256
.- include
Attribute booleanName Format Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.
- lifetime
In numberSeconds Integer, (Default=3600). Number of seconds during which the token is valid.
- logout {[key: string]: any}
Map(Resource). Configuration settings for logout. For details, see Logout.
- map
Identities boolean Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.
- map
Unknown booleanClaims As Is Boolean, (Default=false). Indicates whether or not to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion.- mappings {[key: string]: any}
Map(String). Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
).- name
Identifier stringFormat String, (Default=
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
). Format of the name identifier.- name
Identifier string[]Probes List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- passthrough
Claims booleanWith No Mapping Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.
- recipient string
String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.
- sign
Response boolean Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- signature
Algorithm string String, (Default=
rsa-sha1
). Algorithm used to sign the SAML Assertion or response. Options includersa-sha1
andrsa-sha256
.- signing
Cert string String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
.- typed
Attributes boolean Boolean, (Default=true). Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set to false, allxs:type
arexs:anyType
.
- audience str
String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- authn_
context_ strclass_ ref String. Class reference of the authentication context.
- binding str
String. Protocol binding used for SAML logout responses.
- create_
upn_ boolclaim Boolean, (Default=true) Indicates whether or not a UPN claim should be created.
- destination str
String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.
- digest_
algorithm str String, (Default=
sha1
). Algorithm used to calculate the digest of the SAML Assertion or response. Options includedefaultsha1
andsha256
.- include_
attribute_ boolname_ format Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.
- lifetime_
in_ intseconds Integer, (Default=3600). Number of seconds during which the token is valid.
- logout Mapping[str, Any]
Map(Resource). Configuration settings for logout. For details, see Logout.
- map_
identities bool Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.
- map_
unknown_ boolclaims_ as_ is Boolean, (Default=false). Indicates whether or not to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion.- mappings Mapping[str, Any]
Map(String). Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
).- name_
identifier_ strformat String, (Default=
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
). Format of the name identifier.- name_
identifier_ Sequence[str]probes List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- passthrough_
claims_ boolwith_ no_ mapping Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.
- recipient str
String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.
- sign_
response bool Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- signature_
algorithm str String, (Default=
rsa-sha1
). Algorithm used to sign the SAML Assertion or response. Options includersa-sha1
andrsa-sha256
.- signing_
cert str String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
.- typed_
attributes bool Boolean, (Default=true). Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set to false, allxs:type
arexs:anyType
.
- audience String
String. Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- authn
Context StringClass Ref String. Class reference of the authentication context.
- binding String
String. Protocol binding used for SAML logout responses.
- create
Upn BooleanClaim Boolean, (Default=true) Indicates whether or not a UPN claim should be created.
- destination String
String. Destination of the SAML Response. If not specified, it will be AssertionConsumerUrlof SAMLRequest or Callback URL if there was no SAMLRequest.
- digest
Algorithm String String, (Default=
sha1
). Algorithm used to calculate the digest of the SAML Assertion or response. Options includedefaultsha1
andsha256
.- include
Attribute BooleanName Format Boolean,(Default=true). Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion.
- lifetime
In NumberSeconds Integer, (Default=3600). Number of seconds during which the token is valid.
- logout Map<Any>
Map(Resource). Configuration settings for logout. For details, see Logout.
- map
Identities Boolean Boolean, (Default=true). Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available.
- map
Unknown BooleanClaims As Is Boolean, (Default=false). Indicates whether or not to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion.- mappings Map<Any>
Map(String). Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
).- name
Identifier StringFormat String, (Default=
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
). Format of the name identifier.- name
Identifier List<String>Probes List(String). Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- passthrough
Claims BooleanWith No Mapping Boolean, (Default=true). Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion.
- recipient String
String. Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or Callback URL if no SAMLRequest was sent.
- sign
Response Boolean Boolean. Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- signature
Algorithm String String, (Default=
rsa-sha1
). Algorithm used to sign the SAML Assertion or response. Options includersa-sha1
andrsa-sha256
.- signing
Cert String String. Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
.- typed
Attributes Boolean Boolean, (Default=true). Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set to false, allxs:type
arexs:anyType
.
ClientJwtConfiguration
- Alg string
String. Algorithm used to sign JWTs.
- Lifetime
In intSeconds Integer. Number of seconds during which the JWT will be valid.
- Scopes Dictionary<string, string>
Map(String). Permissions (scopes) included in JWTs.
- Secret
Encoded bool Boolean. Indicates whether or not the client secret is base64 encoded.
- Alg string
String. Algorithm used to sign JWTs.
- Lifetime
In intSeconds Integer. Number of seconds during which the JWT will be valid.
- Scopes map[string]string
Map(String). Permissions (scopes) included in JWTs.
- Secret
Encoded bool Boolean. Indicates whether or not the client secret is base64 encoded.
- alg String
String. Algorithm used to sign JWTs.
- lifetime
In IntegerSeconds Integer. Number of seconds during which the JWT will be valid.
- scopes Map<String,String>
Map(String). Permissions (scopes) included in JWTs.
- secret
Encoded Boolean Boolean. Indicates whether or not the client secret is base64 encoded.
- alg string
String. Algorithm used to sign JWTs.
- lifetime
In numberSeconds Integer. Number of seconds during which the JWT will be valid.
- scopes {[key: string]: string}
Map(String). Permissions (scopes) included in JWTs.
- secret
Encoded boolean Boolean. Indicates whether or not the client secret is base64 encoded.
- alg str
String. Algorithm used to sign JWTs.
- lifetime_
in_ intseconds Integer. Number of seconds during which the JWT will be valid.
- scopes Mapping[str, str]
Map(String). Permissions (scopes) included in JWTs.
- secret_
encoded bool Boolean. Indicates whether or not the client secret is base64 encoded.
- alg String
String. Algorithm used to sign JWTs.
- lifetime
In NumberSeconds Integer. Number of seconds during which the JWT will be valid.
- scopes Map<String>
Map(String). Permissions (scopes) included in JWTs.
- secret
Encoded Boolean Boolean. Indicates whether or not the client secret is base64 encoded.
ClientMobile
- Android
Client
Mobile Android List(Resource). Configuration settings for Android native apps. For details, see Android.
- Ios
Client
Mobile Ios List(Resource). Configuration settings for i0S native apps. For details, see iOS.
- Android
Client
Mobile Android List(Resource). Configuration settings for Android native apps. For details, see Android.
- Ios
Client
Mobile Ios List(Resource). Configuration settings for i0S native apps. For details, see iOS.
- android
Client
Mobile Android List(Resource). Configuration settings for Android native apps. For details, see Android.
- ios
Client
Mobile Ios List(Resource). Configuration settings for i0S native apps. For details, see iOS.
- android
Client
Mobile Android List(Resource). Configuration settings for Android native apps. For details, see Android.
- ios
Client
Mobile Ios List(Resource). Configuration settings for i0S native apps. For details, see iOS.
- android
Client
Mobile Android List(Resource). Configuration settings for Android native apps. For details, see Android.
- ios
Client
Mobile Ios List(Resource). Configuration settings for i0S native apps. For details, see iOS.
- android Property Map
List(Resource). Configuration settings for Android native apps. For details, see Android.
- ios Property Map
List(Resource). Configuration settings for i0S native apps. For details, see iOS.
ClientMobileAndroid
- App
Package stringName String
- Sha256Cert
Fingerprints List<string> List(String)
- App
Package stringName String
- Sha256Cert
Fingerprints []string List(String)
- app
Package StringName String
- sha256Cert
Fingerprints List<String> List(String)
- app
Package stringName String
- sha256Cert
Fingerprints string[] List(String)
- app_
package_ strname String
- sha256_
cert_ Sequence[str]fingerprints List(String)
- app
Package StringName String
- sha256Cert
Fingerprints List<String> List(String)
ClientMobileIos
- App
Bundle stringIdentifier String
- Team
Id string String
- App
Bundle stringIdentifier String
- Team
Id string String
- app
Bundle StringIdentifier String
- team
Id String String
- app
Bundle stringIdentifier String
- team
Id string String
- app_
bundle_ stridentifier String
- team_
id str String
- app
Bundle StringIdentifier String
- team
Id String String
ClientNativeSocialLogin
- Apple
Client
Native Social Login Apple Resource:
- Facebook
Client
Native Social Login Facebook Resources:
- Apple
Client
Native Social Login Apple Resource:
- Facebook
Client
Native Social Login Facebook Resources:
- apple
Client
Native Social Login Apple Resource:
- facebook
Client
Native Social Login Facebook Resources:
- apple
Client
Native Social Login Apple Resource:
- facebook
Client
Native Social Login Facebook Resources:
- apple
Client
Native Social Login Apple Resource:
- facebook
Client
Native Social Login Facebook Resources:
- apple Property Map
Resource:
- facebook Property Map
Resources:
ClientNativeSocialLoginApple
- Enabled bool
Boolean
- Enabled bool
Boolean
- enabled Boolean
Boolean
- enabled boolean
Boolean
- enabled bool
Boolean
- enabled Boolean
Boolean
ClientNativeSocialLoginFacebook
- Enabled bool
Boolean
- Enabled bool
Boolean
- enabled Boolean
Boolean
- enabled boolean
Boolean
- enabled bool
Boolean
- enabled Boolean
Boolean
ClientRefreshToken
- Expiration
Type string String. Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
.- Rotation
Type string String. Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.- Idle
Token intLifetime Integer. The time in seconds after which inactive refresh tokens will expire.
- Infinite
Idle boolToken Lifetime Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.
- Infinite
Token boolLifetime Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set- Leeway int
Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.
- Token
Lifetime int Integer. The absolute lifetime of a refresh token in seconds.
- Expiration
Type string String. Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
.- Rotation
Type string String. Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.- Idle
Token intLifetime Integer. The time in seconds after which inactive refresh tokens will expire.
- Infinite
Idle boolToken Lifetime Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.
- Infinite
Token boolLifetime Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set- Leeway int
Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.
- Token
Lifetime int Integer. The absolute lifetime of a refresh token in seconds.
- expiration
Type String String. Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
.- rotation
Type String String. Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.- idle
Token IntegerLifetime Integer. The time in seconds after which inactive refresh tokens will expire.
- infinite
Idle BooleanToken Lifetime Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.
- infinite
Token BooleanLifetime Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set- leeway Integer
Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.
- token
Lifetime Integer Integer. The absolute lifetime of a refresh token in seconds.
- expiration
Type string String. Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
.- rotation
Type string String. Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.- idle
Token numberLifetime Integer. The time in seconds after which inactive refresh tokens will expire.
- infinite
Idle booleanToken Lifetime Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.
- infinite
Token booleanLifetime Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set- leeway number
Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.
- token
Lifetime number Integer. The absolute lifetime of a refresh token in seconds.
- expiration_
type str String. Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
.- rotation_
type str String. Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.- idle_
token_ intlifetime Integer. The time in seconds after which inactive refresh tokens will expire.
- infinite_
idle_ booltoken_ lifetime Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.
- infinite_
token_ boollifetime Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set- leeway int
Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.
- token_
lifetime int Integer. The absolute lifetime of a refresh token in seconds.
- expiration
Type String String. Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
.- rotation
Type String String. Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.- idle
Token NumberLifetime Integer. The time in seconds after which inactive refresh tokens will expire.
- infinite
Idle BooleanToken Lifetime Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.
- infinite
Token BooleanLifetime Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set- leeway Number
Integer. The amount of time in seconds in which a refresh token may be reused without trigging reuse detection.
- token
Lifetime Number Integer. The absolute lifetime of a refresh token in seconds.
Import
A client can be imported using the client’s ID, e.g.
$ pulumi import auth0:index/client:Client my_client AaiyAPdpYdesoKnqjj8HJqRn4T5titww
Package Details
- Repository
- https://github.com/pulumi/pulumi-auth0
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
auth0
Terraform Provider.