1. Packages
  2. Auth0
  3. API Docs
  4. ClientCredentials
Auth0 v3.1.0 published on Thursday, Nov 30, 2023 by Pulumi

auth0.ClientCredentials

Explore with Pulumi AI

auth0 logo
Auth0 v3.1.0 published on Thursday, Nov 30, 2023 by Pulumi

    With this resource, you can configure the method to use when making requests to any endpoint that requires this client to authenticate.

    Refer to the client secret rotation guide for instructions on how to rotate client secrets with zero downtime.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Auth0 = Pulumi.Auth0;
    
    return await Deployment.RunAsync(() => 
    {
        var myClient = new Auth0.Client("myClient", new()
        {
            AppType = "non_interactive",
            JwtConfiguration = new Auth0.Inputs.ClientJwtConfigurationArgs
            {
                Alg = "RS256",
            },
        });
    
        // Configuring client_secret_post as an authentication method.
        var testClientCredentials = new Auth0.ClientCredentials("testClientCredentials", new()
        {
            ClientId = myClient.Id,
            AuthenticationMethod = "client_secret_post",
        });
    
        // Configuring client_secret_basic as an authentication method.
        var testIndex_clientCredentialsClientCredentials = new Auth0.ClientCredentials("testIndex/clientCredentialsClientCredentials", new()
        {
            ClientId = myClient.Id,
            AuthenticationMethod = "client_secret_basic",
        });
    
        // Configuring none as an authentication method.
        var testAuth0Index_clientCredentialsClientCredentials = new Auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials", new()
        {
            ClientId = myClient.Id,
            AuthenticationMethod = "none",
        });
    
        // Configuring private_key_jwt as an authentication method.
        var testAuth0Index_clientCredentialsClientCredentials1 = new Auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials1", new()
        {
            ClientId = myClient.Id,
            AuthenticationMethod = "private_key_jwt",
            PrivateKeyJwt = new Auth0.Inputs.ClientCredentialsPrivateKeyJwtArgs
            {
                Credentials = new[]
                {
                    new Auth0.Inputs.ClientCredentialsPrivateKeyJwtCredentialArgs
                    {
                        Name = "Testing Credentials 1",
                        CredentialType = "public_key",
                        Algorithm = "RS256",
                        ParseExpiryFromCert = true,
                        Pem = @"-----BEGIN CERTIFICATE-----
    MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
    -----END CERTIFICATE-----
    ",
                    },
                },
            },
        });
    
        // Configuring the client_secret.
        var testAuth0Index_clientCredentialsClientCredentials2 = new Auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials2", new()
        {
            ClientId = myClient.Id,
            AuthenticationMethod = "client_secret_basic",
            ClientSecret = "LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-auth0/sdk/v3/go/auth0"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		myClient, err := auth0.NewClient(ctx, "myClient", &auth0.ClientArgs{
    			AppType: pulumi.String("non_interactive"),
    			JwtConfiguration: &auth0.ClientJwtConfigurationArgs{
    				Alg: pulumi.String("RS256"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = auth0.NewClientCredentials(ctx, "testClientCredentials", &auth0.ClientCredentialsArgs{
    			ClientId:             myClient.ID(),
    			AuthenticationMethod: pulumi.String("client_secret_post"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = auth0.NewClientCredentials(ctx, "testIndex/clientCredentialsClientCredentials", &auth0.ClientCredentialsArgs{
    			ClientId:             myClient.ID(),
    			AuthenticationMethod: pulumi.String("client_secret_basic"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = auth0.NewClientCredentials(ctx, "testAuth0Index/clientCredentialsClientCredentials", &auth0.ClientCredentialsArgs{
    			ClientId:             myClient.ID(),
    			AuthenticationMethod: pulumi.String("none"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = auth0.NewClientCredentials(ctx, "testAuth0Index/clientCredentialsClientCredentials1", &auth0.ClientCredentialsArgs{
    			ClientId:             myClient.ID(),
    			AuthenticationMethod: pulumi.String("private_key_jwt"),
    			PrivateKeyJwt: &auth0.ClientCredentialsPrivateKeyJwtArgs{
    				Credentials: auth0.ClientCredentialsPrivateKeyJwtCredentialArray{
    					&auth0.ClientCredentialsPrivateKeyJwtCredentialArgs{
    						Name:                pulumi.String("Testing Credentials 1"),
    						CredentialType:      pulumi.String("public_key"),
    						Algorithm:           pulumi.String("RS256"),
    						ParseExpiryFromCert: pulumi.Bool(true),
    						Pem:                 pulumi.String("-----BEGIN CERTIFICATE-----\nMIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl\n-----END CERTIFICATE-----\n"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = auth0.NewClientCredentials(ctx, "testAuth0Index/clientCredentialsClientCredentials2", &auth0.ClientCredentialsArgs{
    			ClientId:             myClient.ID(),
    			AuthenticationMethod: pulumi.String("client_secret_basic"),
    			ClientSecret:         pulumi.String("LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.auth0.Client;
    import com.pulumi.auth0.ClientArgs;
    import com.pulumi.auth0.inputs.ClientJwtConfigurationArgs;
    import com.pulumi.auth0.ClientCredentials;
    import com.pulumi.auth0.ClientCredentialsArgs;
    import com.pulumi.auth0.inputs.ClientCredentialsPrivateKeyJwtArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var myClient = new Client("myClient", ClientArgs.builder()        
                .appType("non_interactive")
                .jwtConfiguration(ClientJwtConfigurationArgs.builder()
                    .alg("RS256")
                    .build())
                .build());
    
            var testClientCredentials = new ClientCredentials("testClientCredentials", ClientCredentialsArgs.builder()        
                .clientId(myClient.id())
                .authenticationMethod("client_secret_post")
                .build());
    
            var testIndex_clientCredentialsClientCredentials = new ClientCredentials("testIndex/clientCredentialsClientCredentials", ClientCredentialsArgs.builder()        
                .clientId(myClient.id())
                .authenticationMethod("client_secret_basic")
                .build());
    
            var testAuth0Index_clientCredentialsClientCredentials = new ClientCredentials("testAuth0Index/clientCredentialsClientCredentials", ClientCredentialsArgs.builder()        
                .clientId(myClient.id())
                .authenticationMethod("none")
                .build());
    
            var testAuth0Index_clientCredentialsClientCredentials1 = new ClientCredentials("testAuth0Index/clientCredentialsClientCredentials1", ClientCredentialsArgs.builder()        
                .clientId(myClient.id())
                .authenticationMethod("private_key_jwt")
                .privateKeyJwt(ClientCredentialsPrivateKeyJwtArgs.builder()
                    .credentials(ClientCredentialsPrivateKeyJwtCredentialArgs.builder()
                        .name("Testing Credentials 1")
                        .credentialType("public_key")
                        .algorithm("RS256")
                        .parseExpiryFromCert(true)
                        .pem("""
    -----BEGIN CERTIFICATE-----
    MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
    -----END CERTIFICATE-----
                        """)
                        .build())
                    .build())
                .build());
    
            var testAuth0Index_clientCredentialsClientCredentials2 = new ClientCredentials("testAuth0Index/clientCredentialsClientCredentials2", ClientCredentialsArgs.builder()        
                .clientId(myClient.id())
                .authenticationMethod("client_secret_basic")
                .clientSecret("LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_auth0 as auth0
    
    my_client = auth0.Client("myClient",
        app_type="non_interactive",
        jwt_configuration=auth0.ClientJwtConfigurationArgs(
            alg="RS256",
        ))
    # Configuring client_secret_post as an authentication method.
    test_client_credentials = auth0.ClientCredentials("testClientCredentials",
        client_id=my_client.id,
        authentication_method="client_secret_post")
    # Configuring client_secret_basic as an authentication method.
    test_index_client_credentials_client_credentials = auth0.ClientCredentials("testIndex/clientCredentialsClientCredentials",
        client_id=my_client.id,
        authentication_method="client_secret_basic")
    # Configuring none as an authentication method.
    test_auth0_index_client_credentials_client_credentials = auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials",
        client_id=my_client.id,
        authentication_method="none")
    # Configuring private_key_jwt as an authentication method.
    test_auth0_index_client_credentials_client_credentials1 = auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials1",
        client_id=my_client.id,
        authentication_method="private_key_jwt",
        private_key_jwt=auth0.ClientCredentialsPrivateKeyJwtArgs(
            credentials=[auth0.ClientCredentialsPrivateKeyJwtCredentialArgs(
                name="Testing Credentials 1",
                credential_type="public_key",
                algorithm="RS256",
                parse_expiry_from_cert=True,
                pem="""-----BEGIN CERTIFICATE-----
    MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
    -----END CERTIFICATE-----
    """,
            )],
        ))
    # Configuring the client_secret.
    test_auth0_index_client_credentials_client_credentials2 = auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials2",
        client_id=my_client.id,
        authentication_method="client_secret_basic",
        client_secret="LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as auth0 from "@pulumi/auth0";
    
    const myClient = new auth0.Client("myClient", {
        appType: "non_interactive",
        jwtConfiguration: {
            alg: "RS256",
        },
    });
    // Configuring client_secret_post as an authentication method.
    const testClientCredentials = new auth0.ClientCredentials("testClientCredentials", {
        clientId: myClient.id,
        authenticationMethod: "client_secret_post",
    });
    // Configuring client_secret_basic as an authentication method.
    const testIndex_clientCredentialsClientCredentials = new auth0.ClientCredentials("testIndex/clientCredentialsClientCredentials", {
        clientId: myClient.id,
        authenticationMethod: "client_secret_basic",
    });
    // Configuring none as an authentication method.
    const testAuth0Index_clientCredentialsClientCredentials = new auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials", {
        clientId: myClient.id,
        authenticationMethod: "none",
    });
    // Configuring private_key_jwt as an authentication method.
    const testAuth0Index_clientCredentialsClientCredentials1 = new auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials1", {
        clientId: myClient.id,
        authenticationMethod: "private_key_jwt",
        privateKeyJwt: {
            credentials: [{
                name: "Testing Credentials 1",
                credentialType: "public_key",
                algorithm: "RS256",
                parseExpiryFromCert: true,
                pem: `-----BEGIN CERTIFICATE-----
    MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
    -----END CERTIFICATE-----
    `,
            }],
        },
    });
    // Configuring the client_secret.
    const testAuth0Index_clientCredentialsClientCredentials2 = new auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials2", {
        clientId: myClient.id,
        authenticationMethod: "client_secret_basic",
        clientSecret: "LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341",
    });
    
    resources:
      myClient:
        type: auth0:Client
        properties:
          appType: non_interactive
          jwtConfiguration:
            alg: RS256
      # Configuring client_secret_post as an authentication method.
      testClientCredentials:
        type: auth0:ClientCredentials
        properties:
          clientId: ${myClient.id}
          authenticationMethod: client_secret_post
      # Configuring client_secret_basic as an authentication method.
      testIndex/clientCredentialsClientCredentials:
        type: auth0:ClientCredentials
        properties:
          clientId: ${myClient.id}
          authenticationMethod: client_secret_basic
      # Configuring none as an authentication method.
      testAuth0Index/clientCredentialsClientCredentials:
        type: auth0:ClientCredentials
        properties:
          clientId: ${myClient.id}
          authenticationMethod: none
      # Configuring private_key_jwt as an authentication method.
      testAuth0Index/clientCredentialsClientCredentials1:
        type: auth0:ClientCredentials
        properties:
          clientId: ${myClient.id}
          authenticationMethod: private_key_jwt
          privateKeyJwt:
            credentials:
              - name: Testing Credentials 1
                credentialType: public_key
                algorithm: RS256
                parseExpiryFromCert: true
                pem: |
                  -----BEGIN CERTIFICATE-----
                  MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
                  -----END CERTIFICATE-----              
      # Configuring the client_secret.
      testAuth0Index/clientCredentialsClientCredentials2:
        type: auth0:ClientCredentials
        properties:
          clientId: ${myClient.id}
          authenticationMethod: client_secret_basic
          clientSecret: LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341
    

    Create ClientCredentials Resource

    new ClientCredentials(name: string, args: ClientCredentialsArgs, opts?: CustomResourceOptions);
    @overload
    def ClientCredentials(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          authentication_method: Optional[str] = None,
                          client_id: Optional[str] = None,
                          client_secret: Optional[str] = None,
                          private_key_jwt: Optional[ClientCredentialsPrivateKeyJwtArgs] = None)
    @overload
    def ClientCredentials(resource_name: str,
                          args: ClientCredentialsArgs,
                          opts: Optional[ResourceOptions] = None)
    func NewClientCredentials(ctx *Context, name string, args ClientCredentialsArgs, opts ...ResourceOption) (*ClientCredentials, error)
    public ClientCredentials(string name, ClientCredentialsArgs args, CustomResourceOptions? opts = null)
    public ClientCredentials(String name, ClientCredentialsArgs args)
    public ClientCredentials(String name, ClientCredentialsArgs args, CustomResourceOptions options)
    
    type: auth0:ClientCredentials
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args ClientCredentialsArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ClientCredentialsArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ClientCredentialsArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ClientCredentialsArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ClientCredentialsArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    ClientCredentials Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The ClientCredentials resource accepts the following input properties:

    AuthenticationMethod string

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    ClientId string

    The ID of the client for which to configure the authentication method.

    ClientSecret string

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    PrivateKeyJwt ClientCredentialsPrivateKeyJwt

    Defines private_key_jwt client authentication method.

    AuthenticationMethod string

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    ClientId string

    The ID of the client for which to configure the authentication method.

    ClientSecret string

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    PrivateKeyJwt ClientCredentialsPrivateKeyJwtArgs

    Defines private_key_jwt client authentication method.

    authenticationMethod String

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    clientId String

    The ID of the client for which to configure the authentication method.

    clientSecret String

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    privateKeyJwt ClientCredentialsPrivateKeyJwt

    Defines private_key_jwt client authentication method.

    authenticationMethod string

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    clientId string

    The ID of the client for which to configure the authentication method.

    clientSecret string

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    privateKeyJwt ClientCredentialsPrivateKeyJwt

    Defines private_key_jwt client authentication method.

    authentication_method str

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    client_id str

    The ID of the client for which to configure the authentication method.

    client_secret str

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    private_key_jwt ClientCredentialsPrivateKeyJwtArgs

    Defines private_key_jwt client authentication method.

    authenticationMethod String

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    clientId String

    The ID of the client for which to configure the authentication method.

    clientSecret String

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    privateKeyJwt Property Map

    Defines private_key_jwt client authentication method.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ClientCredentials resource produces the following output properties:

    Id string

    The provider-assigned unique ID for this managed resource.

    Id string

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    id string

    The provider-assigned unique ID for this managed resource.

    id str

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    Look up Existing ClientCredentials Resource

    Get an existing ClientCredentials resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ClientCredentialsState, opts?: CustomResourceOptions): ClientCredentials
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            authentication_method: Optional[str] = None,
            client_id: Optional[str] = None,
            client_secret: Optional[str] = None,
            private_key_jwt: Optional[ClientCredentialsPrivateKeyJwtArgs] = None) -> ClientCredentials
    func GetClientCredentials(ctx *Context, name string, id IDInput, state *ClientCredentialsState, opts ...ResourceOption) (*ClientCredentials, error)
    public static ClientCredentials Get(string name, Input<string> id, ClientCredentialsState? state, CustomResourceOptions? opts = null)
    public static ClientCredentials get(String name, Output<String> id, ClientCredentialsState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AuthenticationMethod string

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    ClientId string

    The ID of the client for which to configure the authentication method.

    ClientSecret string

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    PrivateKeyJwt ClientCredentialsPrivateKeyJwt

    Defines private_key_jwt client authentication method.

    AuthenticationMethod string

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    ClientId string

    The ID of the client for which to configure the authentication method.

    ClientSecret string

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    PrivateKeyJwt ClientCredentialsPrivateKeyJwtArgs

    Defines private_key_jwt client authentication method.

    authenticationMethod String

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    clientId String

    The ID of the client for which to configure the authentication method.

    clientSecret String

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    privateKeyJwt ClientCredentialsPrivateKeyJwt

    Defines private_key_jwt client authentication method.

    authenticationMethod string

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    clientId string

    The ID of the client for which to configure the authentication method.

    clientSecret string

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    privateKeyJwt ClientCredentialsPrivateKeyJwt

    Defines private_key_jwt client authentication method.

    authentication_method str

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    client_id str

    The ID of the client for which to configure the authentication method.

    client_secret str

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    private_key_jwt ClientCredentialsPrivateKeyJwtArgs

    Defines private_key_jwt client authentication method.

    authenticationMethod String

    Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none (public client without a client secret), client_secret_post (confidential client using HTTP POST parameters), client_secret_basic (confidential client using HTTP Basic), private_key_jwt (confidential client using a Private Key JWT).

    clientId String

    The ID of the client for which to configure the authentication method.

    clientSecret String

    Secret for the client when using client_secret_post or client_secret_basic authentication method. Keep this private. To access this attribute you need to add the read:client_keys scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt is selected as an authentication method.

    privateKeyJwt Property Map

    Defines private_key_jwt client authentication method.

    Supporting Types

    ClientCredentialsPrivateKeyJwt, ClientCredentialsPrivateKeyJwtArgs

    Credentials List<ClientCredentialsPrivateKeyJwtCredential>

    Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.

    Credentials []ClientCredentialsPrivateKeyJwtCredential

    Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.

    credentials List<ClientCredentialsPrivateKeyJwtCredential>

    Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.

    credentials ClientCredentialsPrivateKeyJwtCredential[]

    Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.

    credentials Sequence[ClientCredentialsPrivateKeyJwtCredential]

    Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.

    credentials List<Property Map>

    Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.

    ClientCredentialsPrivateKeyJwtCredential, ClientCredentialsPrivateKeyJwtCredentialArgs

    CredentialType string

    Credential type. Supported types: public_key.

    Pem string

    PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.

    Algorithm string

    Algorithm which will be used with the credential. Can be one of RS256, RS384, PS256. If not specified, RS256 will be used.

    CreatedAt string

    The ISO 8601 formatted date the credential was created.

    ExpiresAt string

    The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.

    Id string

    The ID of the client credential.

    KeyId string

    The key identifier of the credential, generated on creation.

    Name string

    Friendly name for a credential.

    ParseExpiryFromCert bool

    Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the expires_at is set the credential expiry will be set to the explicit expires_at value.

    UpdatedAt string

    The ISO 8601 formatted date the credential was updated.

    CredentialType string

    Credential type. Supported types: public_key.

    Pem string

    PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.

    Algorithm string

    Algorithm which will be used with the credential. Can be one of RS256, RS384, PS256. If not specified, RS256 will be used.

    CreatedAt string

    The ISO 8601 formatted date the credential was created.

    ExpiresAt string

    The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.

    Id string

    The ID of the client credential.

    KeyId string

    The key identifier of the credential, generated on creation.

    Name string

    Friendly name for a credential.

    ParseExpiryFromCert bool

    Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the expires_at is set the credential expiry will be set to the explicit expires_at value.

    UpdatedAt string

    The ISO 8601 formatted date the credential was updated.

    credentialType String

    Credential type. Supported types: public_key.

    pem String

    PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.

    algorithm String

    Algorithm which will be used with the credential. Can be one of RS256, RS384, PS256. If not specified, RS256 will be used.

    createdAt String

    The ISO 8601 formatted date the credential was created.

    expiresAt String

    The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.

    id String

    The ID of the client credential.

    keyId String

    The key identifier of the credential, generated on creation.

    name String

    Friendly name for a credential.

    parseExpiryFromCert Boolean

    Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the expires_at is set the credential expiry will be set to the explicit expires_at value.

    updatedAt String

    The ISO 8601 formatted date the credential was updated.

    credentialType string

    Credential type. Supported types: public_key.

    pem string

    PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.

    algorithm string

    Algorithm which will be used with the credential. Can be one of RS256, RS384, PS256. If not specified, RS256 will be used.

    createdAt string

    The ISO 8601 formatted date the credential was created.

    expiresAt string

    The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.

    id string

    The ID of the client credential.

    keyId string

    The key identifier of the credential, generated on creation.

    name string

    Friendly name for a credential.

    parseExpiryFromCert boolean

    Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the expires_at is set the credential expiry will be set to the explicit expires_at value.

    updatedAt string

    The ISO 8601 formatted date the credential was updated.

    credential_type str

    Credential type. Supported types: public_key.

    pem str

    PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.

    algorithm str

    Algorithm which will be used with the credential. Can be one of RS256, RS384, PS256. If not specified, RS256 will be used.

    created_at str

    The ISO 8601 formatted date the credential was created.

    expires_at str

    The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.

    id str

    The ID of the client credential.

    key_id str

    The key identifier of the credential, generated on creation.

    name str

    Friendly name for a credential.

    parse_expiry_from_cert bool

    Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the expires_at is set the credential expiry will be set to the explicit expires_at value.

    updated_at str

    The ISO 8601 formatted date the credential was updated.

    credentialType String

    Credential type. Supported types: public_key.

    pem String

    PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.

    algorithm String

    Algorithm which will be used with the credential. Can be one of RS256, RS384, PS256. If not specified, RS256 will be used.

    createdAt String

    The ISO 8601 formatted date the credential was created.

    expiresAt String

    The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.

    id String

    The ID of the client credential.

    keyId String

    The key identifier of the credential, generated on creation.

    name String

    Friendly name for a credential.

    parseExpiryFromCert Boolean

    Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the expires_at is set the credential expiry will be set to the explicit expires_at value.

    updatedAt String

    The ISO 8601 formatted date the credential was updated.

    Import

    This resource can be imported by specifying the client ID. # Example

     $ pulumi import auth0:index/clientCredentials:ClientCredentials my_creds "AaiyAPdpYdesoKnqjj8HJqRn4T5titww"
    

    ~> Importing this resource when the authentication_method is set to private_key_jwt will force the resource to be recreated. This is to be expected, because the pem file can’t be checked for differences.

    Package Details

    Repository
    Auth0 pulumi/pulumi-auth0
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the auth0 Terraform Provider.

    auth0 logo
    Auth0 v3.1.0 published on Thursday, Nov 30, 2023 by Pulumi