auth0 logo
Auth0 v2.18.0, Mar 20 23

auth0.getClient

Data source to retrieve a specific Auth0 application client by client_id or name.

Example Usage

using System.Collections.Generic;
using Pulumi;
using Auth0 = Pulumi.Auth0;

return await Deployment.RunAsync(() => 
{
    var some_client_by_name = Auth0.GetClient.Invoke(new()
    {
        Name = "Name of my Application",
    });

    var some_client_by_id = Auth0.GetClient.Invoke(new()
    {
        ClientId = "abcdefghkijklmnopqrstuvwxyz0123456789",
    });

});
package main

import (
	"github.com/pulumi/pulumi-auth0/sdk/v2/go/auth0"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := auth0.LookupClient(ctx, &auth0.LookupClientArgs{
			Name: pulumi.StringRef("Name of my Application"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = auth0.LookupClient(ctx, &auth0.LookupClientArgs{
			ClientId: pulumi.StringRef("abcdefghkijklmnopqrstuvwxyz0123456789"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.auth0.Auth0Functions;
import com.pulumi.auth0.inputs.GetClientArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var some-client-by-name = Auth0Functions.getClient(GetClientArgs.builder()
            .name("Name of my Application")
            .build());

        final var some-client-by-id = Auth0Functions.getClient(GetClientArgs.builder()
            .clientId("abcdefghkijklmnopqrstuvwxyz0123456789")
            .build());

    }
}
import pulumi
import pulumi_auth0 as auth0

some_client_by_name = auth0.get_client(name="Name of my Application")
some_client_by_id = auth0.get_client(client_id="abcdefghkijklmnopqrstuvwxyz0123456789")
import * as pulumi from "@pulumi/pulumi";
import * as auth0 from "@pulumi/auth0";

const some-client-by-name = auth0.getClient({
    name: "Name of my Application",
});
const some-client-by-id = auth0.getClient({
    clientId: "abcdefghkijklmnopqrstuvwxyz0123456789",
});
variables:
  some-client-by-name:
    fn::invoke:
      Function: auth0:getClient
      Arguments:
        name: Name of my Application
  some-client-by-id:
    fn::invoke:
      Function: auth0:getClient
      Arguments:
        clientId: abcdefghkijklmnopqrstuvwxyz0123456789

Using getClient

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getClient(args: GetClientArgs, opts?: InvokeOptions): Promise<GetClientResult>
function getClientOutput(args: GetClientOutputArgs, opts?: InvokeOptions): Output<GetClientResult>
def get_client(client_id: Optional[str] = None,
               name: Optional[str] = None,
               opts: Optional[InvokeOptions] = None) -> GetClientResult
def get_client_output(client_id: Optional[pulumi.Input[str]] = None,
               name: Optional[pulumi.Input[str]] = None,
               opts: Optional[InvokeOptions] = None) -> Output[GetClientResult]
func LookupClient(ctx *Context, args *LookupClientArgs, opts ...InvokeOption) (*LookupClientResult, error)
func LookupClientOutput(ctx *Context, args *LookupClientOutputArgs, opts ...InvokeOption) LookupClientResultOutput

> Note: This function is named LookupClient in the Go SDK.

public static class GetClient 
{
    public static Task<GetClientResult> InvokeAsync(GetClientArgs args, InvokeOptions? opts = null)
    public static Output<GetClientResult> Invoke(GetClientInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetClientResult> getClient(GetClientArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: auth0:index/getClient:getClient
  arguments:
    # arguments dictionary

The following arguments are supported:

ClientId string

The ID of the client. If not provided, name must be set.

Name string

The name of the client. If not provided, client_id must be set.

ClientId string

The ID of the client. If not provided, name must be set.

Name string

The name of the client. If not provided, client_id must be set.

clientId String

The ID of the client. If not provided, name must be set.

name String

The name of the client. If not provided, client_id must be set.

clientId string

The ID of the client. If not provided, name must be set.

name string

The name of the client. If not provided, client_id must be set.

client_id str

The ID of the client. If not provided, name must be set.

name str

The name of the client. If not provided, client_id must be set.

clientId String

The ID of the client. If not provided, name must be set.

name String

The name of the client. If not provided, client_id must be set.

getClient Result

The following output properties are available:

Addons List<GetClientAddon>

Addons enabled for this client and their associated configurations.

AllowedClients List<string>

List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

AllowedLogoutUrls List<string>

URLs that Auth0 may redirect to after logout.

AllowedOrigins List<string>

URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

AppType string

Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

Callbacks List<string>

URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

ClientAliases List<string>

List of audiences/realms for SAML protocol. Used by the wsfed addon.

ClientMetadata Dictionary<string, object>

Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].

ClientSecret string
CrossOriginAuth bool

Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false). Requires the coa_toggle_enabled feature flag to be enabled on the tenant by the support team.

CrossOriginLoc string

URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.

CustomLoginPage string

The content (HTML, CSS, JS) of the custom login page.

CustomLoginPageOn bool

Indicates whether a custom login page is to be used.

Description string

Description of the purpose of the client.

EncryptionKey Dictionary<string, string>

Encryption used for WS-Fed responses with this client.

FormTemplate string

HTML form template to be used for WS-Federation.

GrantTypes List<string>

Types of grants that this client is authorized to use.

Id string

The provider-assigned unique ID for this managed resource.

InitiateLoginUri string

Initiate login URI. Must be HTTPS or an empty string.

IsFirstParty bool

Indicates whether this client is a first-party client.

IsTokenEndpointIpHeaderTrusted bool

Indicates whether the token endpoint IP header is trusted.

JwtConfigurations List<GetClientJwtConfiguration>

Configuration settings for the JWTs issued for this client.

LogoUri string

URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

Mobiles List<GetClientMobile>

Additional configuration for native mobile apps.

NativeSocialLogins List<GetClientNativeSocialLogin>

Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.

OidcConformant bool

Indicates whether this client will conform to strict OIDC specifications.

OrganizationRequireBehavior string

Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

OrganizationUsage string

Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.

RefreshTokens List<GetClientRefreshToken>

Configuration settings for the refresh tokens issued for this client.

SigningKeys List<ImmutableDictionary<string, object>>

List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.

Sso bool

Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).

SsoDisabled bool

Indicates whether or not SSO is disabled.

TokenEndpointAuthMethod string

Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

WebOrigins List<string>

URLs that represent valid web origins for use with web message response mode.

ClientId string

The ID of the client. If not provided, name must be set.

Name string

The name of the client. If not provided, client_id must be set.

Addons []GetClientAddon

Addons enabled for this client and their associated configurations.

AllowedClients []string

List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

AllowedLogoutUrls []string

URLs that Auth0 may redirect to after logout.

AllowedOrigins []string

URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

AppType string

Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

Callbacks []string

URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

ClientAliases []string

List of audiences/realms for SAML protocol. Used by the wsfed addon.

ClientMetadata map[string]interface{}

Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].

ClientSecret string
CrossOriginAuth bool

Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false). Requires the coa_toggle_enabled feature flag to be enabled on the tenant by the support team.

CrossOriginLoc string

URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.

CustomLoginPage string

The content (HTML, CSS, JS) of the custom login page.

CustomLoginPageOn bool

Indicates whether a custom login page is to be used.

Description string

Description of the purpose of the client.

EncryptionKey map[string]string

Encryption used for WS-Fed responses with this client.

FormTemplate string

HTML form template to be used for WS-Federation.

GrantTypes []string

Types of grants that this client is authorized to use.

Id string

The provider-assigned unique ID for this managed resource.

InitiateLoginUri string

Initiate login URI. Must be HTTPS or an empty string.

IsFirstParty bool

Indicates whether this client is a first-party client.

IsTokenEndpointIpHeaderTrusted bool

Indicates whether the token endpoint IP header is trusted.

JwtConfigurations []GetClientJwtConfiguration

Configuration settings for the JWTs issued for this client.

LogoUri string

URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

Mobiles []GetClientMobile

Additional configuration for native mobile apps.

NativeSocialLogins []GetClientNativeSocialLogin

Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.

OidcConformant bool

Indicates whether this client will conform to strict OIDC specifications.

OrganizationRequireBehavior string

Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

OrganizationUsage string

Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.

RefreshTokens []GetClientRefreshToken

Configuration settings for the refresh tokens issued for this client.

SigningKeys []map[string]interface{}

List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.

Sso bool

Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).

SsoDisabled bool

Indicates whether or not SSO is disabled.

TokenEndpointAuthMethod string

Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

WebOrigins []string

URLs that represent valid web origins for use with web message response mode.

ClientId string

The ID of the client. If not provided, name must be set.

Name string

The name of the client. If not provided, client_id must be set.

addons List<GetClientAddon>

Addons enabled for this client and their associated configurations.

allowedClients List<String>

List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowedLogoutUrls List<String>

URLs that Auth0 may redirect to after logout.

allowedOrigins List<String>

URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

appType String

Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks List<String>

URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

clientAliases List<String>

List of audiences/realms for SAML protocol. Used by the wsfed addon.

clientMetadata Map<String,Object>

Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].

clientSecret String
crossOriginAuth Boolean

Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false). Requires the coa_toggle_enabled feature flag to be enabled on the tenant by the support team.

crossOriginLoc String

URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.

customLoginPage String

The content (HTML, CSS, JS) of the custom login page.

customLoginPageOn Boolean

Indicates whether a custom login page is to be used.

description String

Description of the purpose of the client.

encryptionKey Map<String,String>

Encryption used for WS-Fed responses with this client.

formTemplate String

HTML form template to be used for WS-Federation.

grantTypes List<String>

Types of grants that this client is authorized to use.

id String

The provider-assigned unique ID for this managed resource.

initiateLoginUri String

Initiate login URI. Must be HTTPS or an empty string.

isFirstParty Boolean

Indicates whether this client is a first-party client.

isTokenEndpointIpHeaderTrusted Boolean

Indicates whether the token endpoint IP header is trusted.

jwtConfigurations List<GetClientJwtConfiguration>

Configuration settings for the JWTs issued for this client.

logoUri String

URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobiles List<GetClientMobile>

Additional configuration for native mobile apps.

nativeSocialLogins List<GetClientNativeSocialLogin>

Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.

oidcConformant Boolean

Indicates whether this client will conform to strict OIDC specifications.

organizationRequireBehavior String

Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organizationUsage String

Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.

refreshTokens List<GetClientRefreshToken>

Configuration settings for the refresh tokens issued for this client.

signingKeys List<Map<String,Object>>

List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.

sso Boolean

Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).

ssoDisabled Boolean

Indicates whether or not SSO is disabled.

tokenEndpointAuthMethod String

Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

webOrigins List<String>

URLs that represent valid web origins for use with web message response mode.

clientId String

The ID of the client. If not provided, name must be set.

name String

The name of the client. If not provided, client_id must be set.

addons GetClientAddon[]

Addons enabled for this client and their associated configurations.

allowedClients string[]

List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowedLogoutUrls string[]

URLs that Auth0 may redirect to after logout.

allowedOrigins string[]

URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

appType string

Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks string[]

URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

clientAliases string[]

List of audiences/realms for SAML protocol. Used by the wsfed addon.

clientMetadata {[key: string]: any}

Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].

clientSecret string
crossOriginAuth boolean

Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false). Requires the coa_toggle_enabled feature flag to be enabled on the tenant by the support team.

crossOriginLoc string

URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.

customLoginPage string

The content (HTML, CSS, JS) of the custom login page.

customLoginPageOn boolean

Indicates whether a custom login page is to be used.

description string

Description of the purpose of the client.

encryptionKey {[key: string]: string}

Encryption used for WS-Fed responses with this client.

formTemplate string

HTML form template to be used for WS-Federation.

grantTypes string[]

Types of grants that this client is authorized to use.

id string

The provider-assigned unique ID for this managed resource.

initiateLoginUri string

Initiate login URI. Must be HTTPS or an empty string.

isFirstParty boolean

Indicates whether this client is a first-party client.

isTokenEndpointIpHeaderTrusted boolean

Indicates whether the token endpoint IP header is trusted.

jwtConfigurations GetClientJwtConfiguration[]

Configuration settings for the JWTs issued for this client.

logoUri string

URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobiles GetClientMobile[]

Additional configuration for native mobile apps.

nativeSocialLogins GetClientNativeSocialLogin[]

Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.

oidcConformant boolean

Indicates whether this client will conform to strict OIDC specifications.

organizationRequireBehavior string

Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organizationUsage string

Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.

refreshTokens GetClientRefreshToken[]

Configuration settings for the refresh tokens issued for this client.

signingKeys {[key: string]: any}[]

List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.

sso boolean

Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).

ssoDisabled boolean

Indicates whether or not SSO is disabled.

tokenEndpointAuthMethod string

Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

webOrigins string[]

URLs that represent valid web origins for use with web message response mode.

clientId string

The ID of the client. If not provided, name must be set.

name string

The name of the client. If not provided, client_id must be set.

addons Sequence[GetClientAddon]

Addons enabled for this client and their associated configurations.

allowed_clients Sequence[str]

List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowed_logout_urls Sequence[str]

URLs that Auth0 may redirect to after logout.

allowed_origins Sequence[str]

URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

app_type str

Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks Sequence[str]

URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

client_aliases Sequence[str]

List of audiences/realms for SAML protocol. Used by the wsfed addon.

client_metadata Mapping[str, Any]

Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].

client_secret str
cross_origin_auth bool

Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false). Requires the coa_toggle_enabled feature flag to be enabled on the tenant by the support team.

cross_origin_loc str

URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.

custom_login_page str

The content (HTML, CSS, JS) of the custom login page.

custom_login_page_on bool

Indicates whether a custom login page is to be used.

description str

Description of the purpose of the client.

encryption_key Mapping[str, str]

Encryption used for WS-Fed responses with this client.

form_template str

HTML form template to be used for WS-Federation.

grant_types Sequence[str]

Types of grants that this client is authorized to use.

id str

The provider-assigned unique ID for this managed resource.

initiate_login_uri str

Initiate login URI. Must be HTTPS or an empty string.

is_first_party bool

Indicates whether this client is a first-party client.

is_token_endpoint_ip_header_trusted bool

Indicates whether the token endpoint IP header is trusted.

jwt_configurations Sequence[GetClientJwtConfiguration]

Configuration settings for the JWTs issued for this client.

logo_uri str

URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobiles Sequence[GetClientMobile]

Additional configuration for native mobile apps.

native_social_logins Sequence[GetClientNativeSocialLogin]

Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.

oidc_conformant bool

Indicates whether this client will conform to strict OIDC specifications.

organization_require_behavior str

Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organization_usage str

Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.

refresh_tokens Sequence[GetClientRefreshToken]

Configuration settings for the refresh tokens issued for this client.

signing_keys Sequence[Mapping[str, Any]]

List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.

sso bool

Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).

sso_disabled bool

Indicates whether or not SSO is disabled.

token_endpoint_auth_method str

Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

web_origins Sequence[str]

URLs that represent valid web origins for use with web message response mode.

client_id str

The ID of the client. If not provided, name must be set.

name str

The name of the client. If not provided, client_id must be set.

addons List<Property Map>

Addons enabled for this client and their associated configurations.

allowedClients List<String>

List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.

allowedLogoutUrls List<String>

URLs that Auth0 may redirect to after logout.

allowedOrigins List<String>

URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.

appType String

Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.

callbacks List<String>

URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.

clientAliases List<String>

List of audiences/realms for SAML protocol. Used by the wsfed addon.

clientMetadata Map<Any>

Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].

clientSecret String
crossOriginAuth Boolean

Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false). Requires the coa_toggle_enabled feature flag to be enabled on the tenant by the support team.

crossOriginLoc String

URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.

customLoginPage String

The content (HTML, CSS, JS) of the custom login page.

customLoginPageOn Boolean

Indicates whether a custom login page is to be used.

description String

Description of the purpose of the client.

encryptionKey Map<String>

Encryption used for WS-Fed responses with this client.

formTemplate String

HTML form template to be used for WS-Federation.

grantTypes List<String>

Types of grants that this client is authorized to use.

id String

The provider-assigned unique ID for this managed resource.

initiateLoginUri String

Initiate login URI. Must be HTTPS or an empty string.

isFirstParty Boolean

Indicates whether this client is a first-party client.

isTokenEndpointIpHeaderTrusted Boolean

Indicates whether the token endpoint IP header is trusted.

jwtConfigurations List<Property Map>

Configuration settings for the JWTs issued for this client.

logoUri String

URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.

mobiles List<Property Map>

Additional configuration for native mobile apps.

nativeSocialLogins List<Property Map>

Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.

oidcConformant Boolean

Indicates whether this client will conform to strict OIDC specifications.

organizationRequireBehavior String

Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default) or pre_login_prompt.

organizationUsage String

Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.

refreshTokens List<Property Map>

Configuration settings for the refresh tokens issued for this client.

signingKeys List<Map<Any>>

List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.

sso Boolean

Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).

ssoDisabled Boolean

Indicates whether or not SSO is disabled.

tokenEndpointAuthMethod String

Defines the requested authentication method for the token endpoint. Options include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic).

webOrigins List<String>

URLs that represent valid web origins for use with web message response mode.

clientId String

The ID of the client. If not provided, name must be set.

name String

The name of the client. If not provided, client_id must be set.

Supporting Types

GetClientAddon

Aws Dictionary<string, object>
AzureBlob Dictionary<string, object>
AzureSb Dictionary<string, object>
Box Dictionary<string, object>
Cloudbees Dictionary<string, object>
Concur Dictionary<string, object>
Dropbox Dictionary<string, object>
Echosign Dictionary<string, object>
Egnyte Dictionary<string, object>
Firebase Dictionary<string, object>
Layer Dictionary<string, object>
Mscrm Dictionary<string, object>
Newrelic Dictionary<string, object>
Office365 Dictionary<string, object>
Rms Dictionary<string, object>
Salesforce Dictionary<string, object>
SalesforceApi Dictionary<string, object>
SalesforceSandboxApi Dictionary<string, object>
Samlps List<GetClientAddonSamlp>
SapApi Dictionary<string, object>
Sentry Dictionary<string, object>
Sharepoint Dictionary<string, object>
Slack Dictionary<string, object>
Springcm Dictionary<string, object>
Wams Dictionary<string, object>
Wsfed Dictionary<string, object>
Zendesk Dictionary<string, object>
Zoom Dictionary<string, object>
Aws map[string]interface{}
AzureBlob map[string]interface{}
AzureSb map[string]interface{}
Box map[string]interface{}
Cloudbees map[string]interface{}
Concur map[string]interface{}
Dropbox map[string]interface{}
Echosign map[string]interface{}
Egnyte map[string]interface{}
Firebase map[string]interface{}
Layer map[string]interface{}
Mscrm map[string]interface{}
Newrelic map[string]interface{}
Office365 map[string]interface{}
Rms map[string]interface{}
Salesforce map[string]interface{}
SalesforceApi map[string]interface{}
SalesforceSandboxApi map[string]interface{}
Samlps []GetClientAddonSamlp
SapApi map[string]interface{}
Sentry map[string]interface{}
Sharepoint map[string]interface{}
Slack map[string]interface{}
Springcm map[string]interface{}
Wams map[string]interface{}
Wsfed map[string]interface{}
Zendesk map[string]interface{}
Zoom map[string]interface{}
aws Map<String,Object>
azureBlob Map<String,Object>
azureSb Map<String,Object>
box Map<String,Object>
cloudbees Map<String,Object>
concur Map<String,Object>
dropbox Map<String,Object>
echosign Map<String,Object>
egnyte Map<String,Object>
firebase Map<String,Object>
layer Map<String,Object>
mscrm Map<String,Object>
newrelic Map<String,Object>
office365 Map<String,Object>
rms Map<String,Object>
salesforce Map<String,Object>
salesforceApi Map<String,Object>
salesforceSandboxApi Map<String,Object>
samlps List<GetClientAddonSamlp>
sapApi Map<String,Object>
sentry Map<String,Object>
sharepoint Map<String,Object>
slack Map<String,Object>
springcm Map<String,Object>
wams Map<String,Object>
wsfed Map<String,Object>
zendesk Map<String,Object>
zoom Map<String,Object>
aws {[key: string]: any}
azureBlob {[key: string]: any}
azureSb {[key: string]: any}
box {[key: string]: any}
cloudbees {[key: string]: any}
concur {[key: string]: any}
dropbox {[key: string]: any}
echosign {[key: string]: any}
egnyte {[key: string]: any}
firebase {[key: string]: any}
layer {[key: string]: any}
mscrm {[key: string]: any}
newrelic {[key: string]: any}
office365 {[key: string]: any}
rms {[key: string]: any}
salesforce {[key: string]: any}
salesforceApi {[key: string]: any}
salesforceSandboxApi {[key: string]: any}
samlps GetClientAddonSamlp[]
sapApi {[key: string]: any}
sentry {[key: string]: any}
sharepoint {[key: string]: any}
slack {[key: string]: any}
springcm {[key: string]: any}
wams {[key: string]: any}
wsfed {[key: string]: any}
zendesk {[key: string]: any}
zoom {[key: string]: any}
aws Mapping[str, Any]
azure_blob Mapping[str, Any]
azure_sb Mapping[str, Any]
box Mapping[str, Any]
cloudbees Mapping[str, Any]
concur Mapping[str, Any]
dropbox Mapping[str, Any]
echosign Mapping[str, Any]
egnyte Mapping[str, Any]
firebase Mapping[str, Any]
layer Mapping[str, Any]
mscrm Mapping[str, Any]
newrelic Mapping[str, Any]
office365 Mapping[str, Any]
rms Mapping[str, Any]
salesforce Mapping[str, Any]
salesforce_api Mapping[str, Any]
salesforce_sandbox_api Mapping[str, Any]
samlps Sequence[GetClientAddonSamlp]
sap_api Mapping[str, Any]
sentry Mapping[str, Any]
sharepoint Mapping[str, Any]
slack Mapping[str, Any]
springcm Mapping[str, Any]
wams Mapping[str, Any]
wsfed Mapping[str, Any]
zendesk Mapping[str, Any]
zoom Mapping[str, Any]
aws Map<Any>
azureBlob Map<Any>
azureSb Map<Any>
box Map<Any>
cloudbees Map<Any>
concur Map<Any>
dropbox Map<Any>
echosign Map<Any>
egnyte Map<Any>
firebase Map<Any>
layer Map<Any>
mscrm Map<Any>
newrelic Map<Any>
office365 Map<Any>
rms Map<Any>
salesforce Map<Any>
salesforceApi Map<Any>
salesforceSandboxApi Map<Any>
samlps List<Property Map>
sapApi Map<Any>
sentry Map<Any>
sharepoint Map<Any>
slack Map<Any>
springcm Map<Any>
wams Map<Any>
wsfed Map<Any>
zendesk Map<Any>
zoom Map<Any>

GetClientAddonSamlp

GetClientJwtConfiguration

Alg string
LifetimeInSeconds int
Scopes Dictionary<string, string>
SecretEncoded bool
Alg string
LifetimeInSeconds int
Scopes map[string]string
SecretEncoded bool
alg String
lifetimeInSeconds Integer
scopes Map<String,String>
secretEncoded Boolean
alg string
lifetimeInSeconds number
scopes {[key: string]: string}
secretEncoded boolean
alg str
lifetime_in_seconds int
scopes Mapping[str, str]
secret_encoded bool
alg String
lifetimeInSeconds Number
scopes Map<String>
secretEncoded Boolean

GetClientMobile

GetClientMobileAndroid

GetClientMobileIo

GetClientNativeSocialLogin

GetClientNativeSocialLoginApple

Enabled bool
Enabled bool
enabled Boolean
enabled boolean
enabled bool
enabled Boolean

GetClientNativeSocialLoginFacebook

Enabled bool
Enabled bool
enabled Boolean
enabled boolean
enabled bool
enabled Boolean

GetClientRefreshToken

Package Details

Repository
Auth0 pulumi/pulumi-auth0
License
Apache-2.0
Notes

This Pulumi package is based on the auth0 Terraform Provider.