auth0.getClient
Data source to retrieve a specific Auth0 application client by client_id
or name
.
Example Usage
using System.Collections.Generic;
using Pulumi;
using Auth0 = Pulumi.Auth0;
return await Deployment.RunAsync(() =>
{
var some_client_by_name = Auth0.GetClient.Invoke(new()
{
Name = "Name of my Application",
});
var some_client_by_id = Auth0.GetClient.Invoke(new()
{
ClientId = "abcdefghkijklmnopqrstuvwxyz0123456789",
});
});
package main
import (
"github.com/pulumi/pulumi-auth0/sdk/v2/go/auth0"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := auth0.LookupClient(ctx, &auth0.LookupClientArgs{
Name: pulumi.StringRef("Name of my Application"),
}, nil)
if err != nil {
return err
}
_, err = auth0.LookupClient(ctx, &auth0.LookupClientArgs{
ClientId: pulumi.StringRef("abcdefghkijklmnopqrstuvwxyz0123456789"),
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.auth0.Auth0Functions;
import com.pulumi.auth0.inputs.GetClientArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var some-client-by-name = Auth0Functions.getClient(GetClientArgs.builder()
.name("Name of my Application")
.build());
final var some-client-by-id = Auth0Functions.getClient(GetClientArgs.builder()
.clientId("abcdefghkijklmnopqrstuvwxyz0123456789")
.build());
}
}
import pulumi
import pulumi_auth0 as auth0
some_client_by_name = auth0.get_client(name="Name of my Application")
some_client_by_id = auth0.get_client(client_id="abcdefghkijklmnopqrstuvwxyz0123456789")
import * as pulumi from "@pulumi/pulumi";
import * as auth0 from "@pulumi/auth0";
const some-client-by-name = auth0.getClient({
name: "Name of my Application",
});
const some-client-by-id = auth0.getClient({
clientId: "abcdefghkijklmnopqrstuvwxyz0123456789",
});
variables:
some-client-by-name:
fn::invoke:
Function: auth0:getClient
Arguments:
name: Name of my Application
some-client-by-id:
fn::invoke:
Function: auth0:getClient
Arguments:
clientId: abcdefghkijklmnopqrstuvwxyz0123456789
Using getClient
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getClient(args: GetClientArgs, opts?: InvokeOptions): Promise<GetClientResult>
function getClientOutput(args: GetClientOutputArgs, opts?: InvokeOptions): Output<GetClientResult>
def get_client(client_id: Optional[str] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetClientResult
def get_client_output(client_id: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetClientResult]
func LookupClient(ctx *Context, args *LookupClientArgs, opts ...InvokeOption) (*LookupClientResult, error)
func LookupClientOutput(ctx *Context, args *LookupClientOutputArgs, opts ...InvokeOption) LookupClientResultOutput
> Note: This function is named LookupClient
in the Go SDK.
public static class GetClient
{
public static Task<GetClientResult> InvokeAsync(GetClientArgs args, InvokeOptions? opts = null)
public static Output<GetClientResult> Invoke(GetClientInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetClientResult> getClient(GetClientArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: auth0:index/getClient:getClient
arguments:
# arguments dictionary
The following arguments are supported:
getClient Result
The following output properties are available:
- Addons
List<Get
Client Addon> Addons enabled for this client and their associated configurations.
- Allowed
Clients List<string> List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- Allowed
Logout List<string>Urls URLs that Auth0 may redirect to after logout.
- Allowed
Origins List<string> URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- App
Type string Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- Callbacks List<string>
URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- Client
Aliases List<string> List of audiences/realms for SAML protocol. Used by the wsfed addon.
- Client
Metadata Dictionary<string, object> Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
.- Client
Secret string - Cross
Origin boolAuth Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). Requires thecoa_toggle_enabled
feature flag to be enabled on the tenant by the support team.- Cross
Origin stringLoc URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- Custom
Login stringPage The content (HTML, CSS, JS) of the custom login page.
- Custom
Login boolPage On Indicates whether a custom login page is to be used.
- Description string
Description of the purpose of the client.
- Encryption
Key Dictionary<string, string> Encryption used for WS-Fed responses with this client.
- Form
Template string HTML form template to be used for WS-Federation.
- Grant
Types List<string> Types of grants that this client is authorized to use.
- Id string
The provider-assigned unique ID for this managed resource.
- Initiate
Login stringUri Initiate login URI. Must be HTTPS or an empty string.
- Is
First boolParty Indicates whether this client is a first-party client.
- Is
Token boolEndpoint Ip Header Trusted Indicates whether the token endpoint IP header is trusted.
- Jwt
Configurations List<GetClient Jwt Configuration> Configuration settings for the JWTs issued for this client.
- Logo
Uri string URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- Mobiles
List<Get
Client Mobile> Additional configuration for native mobile apps.
- List<Get
Client Native Social Login> Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
.- Oidc
Conformant bool Indicates whether this client will conform to strict OIDC specifications.
- Organization
Require stringBehavior Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- Organization
Usage string Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
.- Refresh
Tokens List<GetClient Refresh Token> Configuration settings for the refresh tokens issued for this client.
- Signing
Keys List<ImmutableDictionary<string, object>> List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- Sso bool
Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- Sso
Disabled bool Indicates whether or not SSO is disabled.
- Token
Endpoint stringAuth Method Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- Web
Origins List<string> URLs that represent valid web origins for use with web message response mode.
- Client
Id string The ID of the client. If not provided,
name
must be set.- Name string
The name of the client. If not provided,
client_id
must be set.
- Addons
[]Get
Client Addon Addons enabled for this client and their associated configurations.
- Allowed
Clients []string List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- Allowed
Logout []stringUrls URLs that Auth0 may redirect to after logout.
- Allowed
Origins []string URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- App
Type string Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- Callbacks []string
URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- Client
Aliases []string List of audiences/realms for SAML protocol. Used by the wsfed addon.
- Client
Metadata map[string]interface{} Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
.- Client
Secret string - Cross
Origin boolAuth Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). Requires thecoa_toggle_enabled
feature flag to be enabled on the tenant by the support team.- Cross
Origin stringLoc URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- Custom
Login stringPage The content (HTML, CSS, JS) of the custom login page.
- Custom
Login boolPage On Indicates whether a custom login page is to be used.
- Description string
Description of the purpose of the client.
- Encryption
Key map[string]string Encryption used for WS-Fed responses with this client.
- Form
Template string HTML form template to be used for WS-Federation.
- Grant
Types []string Types of grants that this client is authorized to use.
- Id string
The provider-assigned unique ID for this managed resource.
- Initiate
Login stringUri Initiate login URI. Must be HTTPS or an empty string.
- Is
First boolParty Indicates whether this client is a first-party client.
- Is
Token boolEndpoint Ip Header Trusted Indicates whether the token endpoint IP header is trusted.
- Jwt
Configurations []GetClient Jwt Configuration Configuration settings for the JWTs issued for this client.
- Logo
Uri string URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- Mobiles
[]Get
Client Mobile Additional configuration for native mobile apps.
- []Get
Client Native Social Login Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
.- Oidc
Conformant bool Indicates whether this client will conform to strict OIDC specifications.
- Organization
Require stringBehavior Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- Organization
Usage string Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
.- Refresh
Tokens []GetClient Refresh Token Configuration settings for the refresh tokens issued for this client.
- Signing
Keys []map[string]interface{} List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- Sso bool
Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- Sso
Disabled bool Indicates whether or not SSO is disabled.
- Token
Endpoint stringAuth Method Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- Web
Origins []string URLs that represent valid web origins for use with web message response mode.
- Client
Id string The ID of the client. If not provided,
name
must be set.- Name string
The name of the client. If not provided,
client_id
must be set.
- addons
List<Get
Client Addon> Addons enabled for this client and their associated configurations.
- allowed
Clients List<String> List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout List<String>Urls URLs that Auth0 may redirect to after logout.
- allowed
Origins List<String> URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type String Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks List<String>
URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Aliases List<String> List of audiences/realms for SAML protocol. Used by the wsfed addon.
- client
Metadata Map<String,Object> Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
.- client
Secret String - cross
Origin BooleanAuth Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). Requires thecoa_toggle_enabled
feature flag to be enabled on the tenant by the support team.- cross
Origin StringLoc URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- custom
Login StringPage The content (HTML, CSS, JS) of the custom login page.
- custom
Login BooleanPage On Indicates whether a custom login page is to be used.
- description String
Description of the purpose of the client.
- encryption
Key Map<String,String> Encryption used for WS-Fed responses with this client.
- form
Template String HTML form template to be used for WS-Federation.
- grant
Types List<String> Types of grants that this client is authorized to use.
- id String
The provider-assigned unique ID for this managed resource.
- initiate
Login StringUri Initiate login URI. Must be HTTPS or an empty string.
- is
First BooleanParty Indicates whether this client is a first-party client.
- is
Token BooleanEndpoint Ip Header Trusted Indicates whether the token endpoint IP header is trusted.
- jwt
Configurations List<GetClient Jwt Configuration> Configuration settings for the JWTs issued for this client.
- logo
Uri String URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobiles
List<Get
Client Mobile> Additional configuration for native mobile apps.
- List<Get
Client Native Social Login> Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
.- oidc
Conformant Boolean Indicates whether this client will conform to strict OIDC specifications.
- organization
Require StringBehavior Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization
Usage String Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
.- refresh
Tokens List<GetClient Refresh Token> Configuration settings for the refresh tokens issued for this client.
- signing
Keys List<Map<String,Object>> List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- sso Boolean
Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- sso
Disabled Boolean Indicates whether or not SSO is disabled.
- token
Endpoint StringAuth Method Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web
Origins List<String> URLs that represent valid web origins for use with web message response mode.
- client
Id String The ID of the client. If not provided,
name
must be set.- name String
The name of the client. If not provided,
client_id
must be set.
- addons
Get
Client Addon[] Addons enabled for this client and their associated configurations.
- allowed
Clients string[] List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout string[]Urls URLs that Auth0 may redirect to after logout.
- allowed
Origins string[] URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type string Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks string[]
URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Aliases string[] List of audiences/realms for SAML protocol. Used by the wsfed addon.
- client
Metadata {[key: string]: any} Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
.- client
Secret string - cross
Origin booleanAuth Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). Requires thecoa_toggle_enabled
feature flag to be enabled on the tenant by the support team.- cross
Origin stringLoc URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- custom
Login stringPage The content (HTML, CSS, JS) of the custom login page.
- custom
Login booleanPage On Indicates whether a custom login page is to be used.
- description string
Description of the purpose of the client.
- encryption
Key {[key: string]: string} Encryption used for WS-Fed responses with this client.
- form
Template string HTML form template to be used for WS-Federation.
- grant
Types string[] Types of grants that this client is authorized to use.
- id string
The provider-assigned unique ID for this managed resource.
- initiate
Login stringUri Initiate login URI. Must be HTTPS or an empty string.
- is
First booleanParty Indicates whether this client is a first-party client.
- is
Token booleanEndpoint Ip Header Trusted Indicates whether the token endpoint IP header is trusted.
- jwt
Configurations GetClient Jwt Configuration[] Configuration settings for the JWTs issued for this client.
- logo
Uri string URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobiles
Get
Client Mobile[] Additional configuration for native mobile apps.
- Get
Client Native Social Login[] Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
.- oidc
Conformant boolean Indicates whether this client will conform to strict OIDC specifications.
- organization
Require stringBehavior Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization
Usage string Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
.- refresh
Tokens GetClient Refresh Token[] Configuration settings for the refresh tokens issued for this client.
- signing
Keys {[key: string]: any}[] List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- sso boolean
Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- sso
Disabled boolean Indicates whether or not SSO is disabled.
- token
Endpoint stringAuth Method Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web
Origins string[] URLs that represent valid web origins for use with web message response mode.
- client
Id string The ID of the client. If not provided,
name
must be set.- name string
The name of the client. If not provided,
client_id
must be set.
- addons
Sequence[Get
Client Addon] Addons enabled for this client and their associated configurations.
- allowed_
clients Sequence[str] List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed_
logout_ Sequence[str]urls URLs that Auth0 may redirect to after logout.
- allowed_
origins Sequence[str] URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app_
type str Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks Sequence[str]
URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client_
aliases Sequence[str] List of audiences/realms for SAML protocol. Used by the wsfed addon.
- client_
metadata Mapping[str, Any] Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
.- client_
secret str - cross_
origin_ boolauth Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). Requires thecoa_toggle_enabled
feature flag to be enabled on the tenant by the support team.- cross_
origin_ strloc URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- custom_
login_ strpage The content (HTML, CSS, JS) of the custom login page.
- custom_
login_ boolpage_ on Indicates whether a custom login page is to be used.
- description str
Description of the purpose of the client.
- encryption_
key Mapping[str, str] Encryption used for WS-Fed responses with this client.
- form_
template str HTML form template to be used for WS-Federation.
- grant_
types Sequence[str] Types of grants that this client is authorized to use.
- id str
The provider-assigned unique ID for this managed resource.
- initiate_
login_ struri Initiate login URI. Must be HTTPS or an empty string.
- is_
first_ boolparty Indicates whether this client is a first-party client.
- is_
token_ boolendpoint_ ip_ header_ trusted Indicates whether the token endpoint IP header is trusted.
- jwt_
configurations Sequence[GetClient Jwt Configuration] Configuration settings for the JWTs issued for this client.
- logo_
uri str URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobiles
Sequence[Get
Client Mobile] Additional configuration for native mobile apps.
- Sequence[Get
Client Native Social Login] Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
.- oidc_
conformant bool Indicates whether this client will conform to strict OIDC specifications.
- organization_
require_ strbehavior Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization_
usage str Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
.- refresh_
tokens Sequence[GetClient Refresh Token] Configuration settings for the refresh tokens issued for this client.
- signing_
keys Sequence[Mapping[str, Any]] List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- sso bool
Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- sso_
disabled bool Indicates whether or not SSO is disabled.
- token_
endpoint_ strauth_ method Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web_
origins Sequence[str] URLs that represent valid web origins for use with web message response mode.
- client_
id str The ID of the client. If not provided,
name
must be set.- name str
The name of the client. If not provided,
client_id
must be set.
- addons List<Property Map>
Addons enabled for this client and their associated configurations.
- allowed
Clients List<String> List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout List<String>Urls URLs that Auth0 may redirect to after logout.
- allowed
Origins List<String> URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type String Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
.- callbacks List<String>
URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Aliases List<String> List of audiences/realms for SAML protocol. Used by the wsfed addon.
- client
Metadata Map<Any> Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
.- client
Secret String - cross
Origin BooleanAuth Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). Requires thecoa_toggle_enabled
feature flag to be enabled on the tenant by the support team.- cross
Origin StringLoc URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- custom
Login StringPage The content (HTML, CSS, JS) of the custom login page.
- custom
Login BooleanPage On Indicates whether a custom login page is to be used.
- description String
Description of the purpose of the client.
- encryption
Key Map<String> Encryption used for WS-Fed responses with this client.
- form
Template String HTML form template to be used for WS-Federation.
- grant
Types List<String> Types of grants that this client is authorized to use.
- id String
The provider-assigned unique ID for this managed resource.
- initiate
Login StringUri Initiate login URI. Must be HTTPS or an empty string.
- is
First BooleanParty Indicates whether this client is a first-party client.
- is
Token BooleanEndpoint Ip Header Trusted Indicates whether the token endpoint IP header is trusted.
- jwt
Configurations List<Property Map> Configuration settings for the JWTs issued for this client.
- logo
Uri String URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobiles List<Property Map>
Additional configuration for native mobile apps.
- List<Property Map>
Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
.- oidc
Conformant Boolean Indicates whether this client will conform to strict OIDC specifications.
- organization
Require StringBehavior Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default) orpre_login_prompt
.- organization
Usage String Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
.- refresh
Tokens List<Property Map> Configuration settings for the refresh tokens issued for this client.
- signing
Keys List<Map<Any>> List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- sso Boolean
Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- sso
Disabled Boolean Indicates whether or not SSO is disabled.
- token
Endpoint StringAuth Method Defines the requested authentication method for the token endpoint. Options include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic).- web
Origins List<String> URLs that represent valid web origins for use with web message response mode.
- client
Id String The ID of the client. If not provided,
name
must be set.- name String
The name of the client. If not provided,
client_id
must be set.
Supporting Types
GetClientAddon
- Aws Dictionary<string, object>
- Azure
Blob Dictionary<string, object> - Azure
Sb Dictionary<string, object> - Box Dictionary<string, object>
- Cloudbees Dictionary<string, object>
- Concur Dictionary<string, object>
- Dropbox Dictionary<string, object>
- Echosign Dictionary<string, object>
- Egnyte Dictionary<string, object>
- Firebase Dictionary<string, object>
- Layer Dictionary<string, object>
- Mscrm Dictionary<string, object>
- Newrelic Dictionary<string, object>
- Office365 Dictionary<string, object>
- Rms Dictionary<string, object>
- Salesforce Dictionary<string, object>
- Salesforce
Api Dictionary<string, object> - Salesforce
Sandbox Dictionary<string, object>Api - Samlps
List<Get
Client Addon Samlp> - Sap
Api Dictionary<string, object> - Sentry Dictionary<string, object>
- Dictionary<string, object>
- Slack Dictionary<string, object>
- Springcm Dictionary<string, object>
- Wams Dictionary<string, object>
- Wsfed Dictionary<string, object>
- Zendesk Dictionary<string, object>
- Zoom Dictionary<string, object>
- Aws map[string]interface{}
- Azure
Blob map[string]interface{} - Azure
Sb map[string]interface{} - Box map[string]interface{}
- Cloudbees map[string]interface{}
- Concur map[string]interface{}
- Dropbox map[string]interface{}
- Echosign map[string]interface{}
- Egnyte map[string]interface{}
- Firebase map[string]interface{}
- Layer map[string]interface{}
- Mscrm map[string]interface{}
- Newrelic map[string]interface{}
- Office365 map[string]interface{}
- Rms map[string]interface{}
- Salesforce map[string]interface{}
- Salesforce
Api map[string]interface{} - Salesforce
Sandbox map[string]interface{}Api - Samlps
[]Get
Client Addon Samlp - Sap
Api map[string]interface{} - Sentry map[string]interface{}
- map[string]interface{}
- Slack map[string]interface{}
- Springcm map[string]interface{}
- Wams map[string]interface{}
- Wsfed map[string]interface{}
- Zendesk map[string]interface{}
- Zoom map[string]interface{}
- aws Map<String,Object>
- azure
Blob Map<String,Object> - azure
Sb Map<String,Object> - box Map<String,Object>
- cloudbees Map<String,Object>
- concur Map<String,Object>
- dropbox Map<String,Object>
- echosign Map<String,Object>
- egnyte Map<String,Object>
- firebase Map<String,Object>
- layer Map<String,Object>
- mscrm Map<String,Object>
- newrelic Map<String,Object>
- office365 Map<String,Object>
- rms Map<String,Object>
- salesforce Map<String,Object>
- salesforce
Api Map<String,Object> - salesforce
Sandbox Map<String,Object>Api - samlps
List<Get
Client Addon Samlp> - sap
Api Map<String,Object> - sentry Map<String,Object>
- Map<String,Object>
- slack Map<String,Object>
- springcm Map<String,Object>
- wams Map<String,Object>
- wsfed Map<String,Object>
- zendesk Map<String,Object>
- zoom Map<String,Object>
- aws {[key: string]: any}
- azure
Blob {[key: string]: any} - azure
Sb {[key: string]: any} - box {[key: string]: any}
- cloudbees {[key: string]: any}
- concur {[key: string]: any}
- dropbox {[key: string]: any}
- echosign {[key: string]: any}
- egnyte {[key: string]: any}
- firebase {[key: string]: any}
- layer {[key: string]: any}
- mscrm {[key: string]: any}
- newrelic {[key: string]: any}
- office365 {[key: string]: any}
- rms {[key: string]: any}
- salesforce {[key: string]: any}
- salesforce
Api {[key: string]: any} - salesforce
Sandbox {[key: string]: any}Api - samlps
Get
Client Addon Samlp[] - sap
Api {[key: string]: any} - sentry {[key: string]: any}
- {[key: string]: any}
- slack {[key: string]: any}
- springcm {[key: string]: any}
- wams {[key: string]: any}
- wsfed {[key: string]: any}
- zendesk {[key: string]: any}
- zoom {[key: string]: any}
- aws Mapping[str, Any]
- azure_
blob Mapping[str, Any] - azure_
sb Mapping[str, Any] - box Mapping[str, Any]
- cloudbees Mapping[str, Any]
- concur Mapping[str, Any]
- dropbox Mapping[str, Any]
- echosign Mapping[str, Any]
- egnyte Mapping[str, Any]
- firebase Mapping[str, Any]
- layer Mapping[str, Any]
- mscrm Mapping[str, Any]
- newrelic Mapping[str, Any]
- office365 Mapping[str, Any]
- rms Mapping[str, Any]
- salesforce Mapping[str, Any]
- salesforce_
api Mapping[str, Any] - salesforce_
sandbox_ Mapping[str, Any]api - samlps
Sequence[Get
Client Addon Samlp] - sap_
api Mapping[str, Any] - sentry Mapping[str, Any]
- Mapping[str, Any]
- slack Mapping[str, Any]
- springcm Mapping[str, Any]
- wams Mapping[str, Any]
- wsfed Mapping[str, Any]
- zendesk Mapping[str, Any]
- zoom Mapping[str, Any]
- aws Map<Any>
- azure
Blob Map<Any> - azure
Sb Map<Any> - box Map<Any>
- cloudbees Map<Any>
- concur Map<Any>
- dropbox Map<Any>
- echosign Map<Any>
- egnyte Map<Any>
- firebase Map<Any>
- layer Map<Any>
- mscrm Map<Any>
- newrelic Map<Any>
- office365 Map<Any>
- rms Map<Any>
- salesforce Map<Any>
- salesforce
Api Map<Any> - salesforce
Sandbox Map<Any>Api - samlps List<Property Map>
- sap
Api Map<Any> - sentry Map<Any>
- Map<Any>
- slack Map<Any>
- springcm Map<Any>
- wams Map<Any>
- wsfed Map<Any>
- zendesk Map<Any>
- zoom Map<Any>
GetClientAddonSamlp
- Audience string
- Authn
Context stringClass Ref - Binding string
- Create
Upn boolClaim - Destination string
- Digest
Algorithm string - Include
Attribute boolName Format - Issuer string
- Lifetime
In intSeconds - Logout Dictionary<string, object>
- Map
Identities bool - Map
Unknown boolClaims As Is - Mappings Dictionary<string, object>
- Name
Identifier stringFormat - Name
Identifier List<string>Probes - Passthrough
Claims boolWith No Mapping - Recipient string
- Sign
Response bool - Signature
Algorithm string - Signing
Cert string - Typed
Attributes bool
- Audience string
- Authn
Context stringClass Ref - Binding string
- Create
Upn boolClaim - Destination string
- Digest
Algorithm string - Include
Attribute boolName Format - Issuer string
- Lifetime
In intSeconds - Logout map[string]interface{}
- Map
Identities bool - Map
Unknown boolClaims As Is - Mappings map[string]interface{}
- Name
Identifier stringFormat - Name
Identifier []stringProbes - Passthrough
Claims boolWith No Mapping - Recipient string
- Sign
Response bool - Signature
Algorithm string - Signing
Cert string - Typed
Attributes bool
- audience String
- authn
Context StringClass Ref - binding String
- create
Upn BooleanClaim - destination String
- digest
Algorithm String - include
Attribute BooleanName Format - issuer String
- lifetime
In IntegerSeconds - logout Map<String,Object>
- map
Identities Boolean - map
Unknown BooleanClaims As Is - mappings Map<String,Object>
- name
Identifier StringFormat - name
Identifier List<String>Probes - passthrough
Claims BooleanWith No Mapping - recipient String
- sign
Response Boolean - signature
Algorithm String - signing
Cert String - typed
Attributes Boolean
- audience string
- authn
Context stringClass Ref - binding string
- create
Upn booleanClaim - destination string
- digest
Algorithm string - include
Attribute booleanName Format - issuer string
- lifetime
In numberSeconds - logout {[key: string]: any}
- map
Identities boolean - map
Unknown booleanClaims As Is - mappings {[key: string]: any}
- name
Identifier stringFormat - name
Identifier string[]Probes - passthrough
Claims booleanWith No Mapping - recipient string
- sign
Response boolean - signature
Algorithm string - signing
Cert string - typed
Attributes boolean
- audience str
- authn_
context_ strclass_ ref - binding str
- create_
upn_ boolclaim - destination str
- digest_
algorithm str - include_
attribute_ boolname_ format - issuer str
- lifetime_
in_ intseconds - logout Mapping[str, Any]
- map_
identities bool - map_
unknown_ boolclaims_ as_ is - mappings Mapping[str, Any]
- name_
identifier_ strformat - name_
identifier_ Sequence[str]probes - passthrough_
claims_ boolwith_ no_ mapping - recipient str
- sign_
response bool - signature_
algorithm str - signing_
cert str - typed_
attributes bool
- audience String
- authn
Context StringClass Ref - binding String
- create
Upn BooleanClaim - destination String
- digest
Algorithm String - include
Attribute BooleanName Format - issuer String
- lifetime
In NumberSeconds - logout Map<Any>
- map
Identities Boolean - map
Unknown BooleanClaims As Is - mappings Map<Any>
- name
Identifier StringFormat - name
Identifier List<String>Probes - passthrough
Claims BooleanWith No Mapping - recipient String
- sign
Response Boolean - signature
Algorithm String - signing
Cert String - typed
Attributes Boolean
GetClientJwtConfiguration
- Alg string
- Lifetime
In intSeconds - Scopes Dictionary<string, string>
- Secret
Encoded bool
- Alg string
- Lifetime
In intSeconds - Scopes map[string]string
- Secret
Encoded bool
- alg String
- lifetime
In IntegerSeconds - scopes Map<String,String>
- secret
Encoded Boolean
- alg string
- lifetime
In numberSeconds - scopes {[key: string]: string}
- secret
Encoded boolean
- alg str
- lifetime_
in_ intseconds - scopes Mapping[str, str]
- secret_
encoded bool
- alg String
- lifetime
In NumberSeconds - scopes Map<String>
- secret
Encoded Boolean
GetClientMobile
GetClientMobileAndroid
- App
Package stringName - Sha256Cert
Fingerprints List<string>
- App
Package stringName - Sha256Cert
Fingerprints []string
- app
Package StringName - sha256Cert
Fingerprints List<String>
- app
Package stringName - sha256Cert
Fingerprints string[]
- app_
package_ strname - sha256_
cert_ Sequence[str]fingerprints
- app
Package StringName - sha256Cert
Fingerprints List<String>
GetClientMobileIo
- App
Bundle stringIdentifier - Team
Id string
- App
Bundle stringIdentifier - Team
Id string
- app
Bundle StringIdentifier - team
Id String
- app
Bundle stringIdentifier - team
Id string
- app_
bundle_ stridentifier - team_
id str
- app
Bundle StringIdentifier - team
Id String
GetClientNativeSocialLogin
GetClientNativeSocialLoginApple
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
GetClientNativeSocialLoginFacebook
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
GetClientRefreshToken
- Expiration
Type string - Idle
Token intLifetime - Infinite
Idle boolToken Lifetime - Infinite
Token boolLifetime - Leeway int
- Rotation
Type string - Token
Lifetime int
- Expiration
Type string - Idle
Token intLifetime - Infinite
Idle boolToken Lifetime - Infinite
Token boolLifetime - Leeway int
- Rotation
Type string - Token
Lifetime int
- expiration
Type String - idle
Token IntegerLifetime - infinite
Idle BooleanToken Lifetime - infinite
Token BooleanLifetime - leeway Integer
- rotation
Type String - token
Lifetime Integer
- expiration
Type string - idle
Token numberLifetime - infinite
Idle booleanToken Lifetime - infinite
Token booleanLifetime - leeway number
- rotation
Type string - token
Lifetime number
- expiration_
type str - idle_
token_ intlifetime - infinite_
idle_ booltoken_ lifetime - infinite_
token_ boollifetime - leeway int
- rotation_
type str - token_
lifetime int
- expiration
Type String - idle
Token NumberLifetime - infinite
Idle BooleanToken Lifetime - infinite
Token BooleanLifetime - leeway Number
- rotation
Type String - token
Lifetime Number
Package Details
- Repository
- Auth0 pulumi/pulumi-auth0
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
auth0
Terraform Provider.