Auth0 v3.7.1 published on Thursday, Sep 12, 2024 by Pulumi
auth0.getClient
Explore with Pulumi AI
Data source to retrieve a specific Auth0 application client by client_id
or name
.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as auth0 from "@pulumi/auth0";
// An Auth0 Client loaded using its name.
const some-client-by-name = auth0.getClient({
name: "Name of my Application",
});
// An Auth0 Client loaded using its ID.
const some-client-by-id = auth0.getClient({
clientId: "abcdefghkijklmnopqrstuvwxyz0123456789",
});
import pulumi
import pulumi_auth0 as auth0
# An Auth0 Client loaded using its name.
some_client_by_name = auth0.get_client(name="Name of my Application")
# An Auth0 Client loaded using its ID.
some_client_by_id = auth0.get_client(client_id="abcdefghkijklmnopqrstuvwxyz0123456789")
package main
import (
"github.com/pulumi/pulumi-auth0/sdk/v3/go/auth0"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// An Auth0 Client loaded using its name.
_, err := auth0.LookupClient(ctx, &auth0.LookupClientArgs{
Name: pulumi.StringRef("Name of my Application"),
}, nil)
if err != nil {
return err
}
// An Auth0 Client loaded using its ID.
_, err = auth0.LookupClient(ctx, &auth0.LookupClientArgs{
ClientId: pulumi.StringRef("abcdefghkijklmnopqrstuvwxyz0123456789"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Auth0 = Pulumi.Auth0;
return await Deployment.RunAsync(() =>
{
// An Auth0 Client loaded using its name.
var some_client_by_name = Auth0.GetClient.Invoke(new()
{
Name = "Name of my Application",
});
// An Auth0 Client loaded using its ID.
var some_client_by_id = Auth0.GetClient.Invoke(new()
{
ClientId = "abcdefghkijklmnopqrstuvwxyz0123456789",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.auth0.Auth0Functions;
import com.pulumi.auth0.inputs.GetClientArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// An Auth0 Client loaded using its name.
final var some-client-by-name = Auth0Functions.getClient(GetClientArgs.builder()
.name("Name of my Application")
.build());
// An Auth0 Client loaded using its ID.
final var some-client-by-id = Auth0Functions.getClient(GetClientArgs.builder()
.clientId("abcdefghkijklmnopqrstuvwxyz0123456789")
.build());
}
}
variables:
# An Auth0 Client loaded using its name.
some-client-by-name:
fn::invoke:
Function: auth0:getClient
Arguments:
name: Name of my Application
# An Auth0 Client loaded using its ID.
some-client-by-id:
fn::invoke:
Function: auth0:getClient
Arguments:
clientId: abcdefghkijklmnopqrstuvwxyz0123456789
Using getClient
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getClient(args: GetClientArgs, opts?: InvokeOptions): Promise<GetClientResult>
function getClientOutput(args: GetClientOutputArgs, opts?: InvokeOptions): Output<GetClientResult>
def get_client(client_id: Optional[str] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetClientResult
def get_client_output(client_id: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetClientResult]
func LookupClient(ctx *Context, args *LookupClientArgs, opts ...InvokeOption) (*LookupClientResult, error)
func LookupClientOutput(ctx *Context, args *LookupClientOutputArgs, opts ...InvokeOption) LookupClientResultOutput
> Note: This function is named LookupClient
in the Go SDK.
public static class GetClient
{
public static Task<GetClientResult> InvokeAsync(GetClientArgs args, InvokeOptions? opts = null)
public static Output<GetClientResult> Invoke(GetClientInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetClientResult> getClient(GetClientArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: auth0:index/getClient:getClient
arguments:
# arguments dictionary
The following arguments are supported:
getClient Result
The following output properties are available:
- Addons
List<Get
Client Addon> - Addons enabled for this client and their associated configurations.
- Allowed
Clients List<string> - List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- Allowed
Logout List<string>Urls - URLs that Auth0 may redirect to after logout.
- Allowed
Origins List<string> - URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- App
Type string - Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
. - Callbacks List<string>
- URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- Client
Aliases List<string> - List of audiences/realms for SAML protocol. Used by the wsfed addon.
- Client
Metadata Dictionary<string, string> - Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
. - Client
Secret string - Cross
Origin boolAuth - Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). - Cross
Origin stringLoc - URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- Custom
Login stringPage - The content (HTML, CSS, JS) of the custom login page.
- Custom
Login boolPage On - Indicates whether a custom login page is to be used.
- Default
Organizations List<GetClient Default Organization> - Configure and associate an organization with the Client
- Description string
- Description of the purpose of the client.
- Encryption
Key Dictionary<string, string> - Encryption used for WS-Fed responses with this client.
- Form
Template string - HTML form template to be used for WS-Federation.
- Grant
Types List<string> - Types of grants that this client is authorized to use.
- Id string
- The provider-assigned unique ID for this managed resource.
- Initiate
Login stringUri - Initiate login URI. Must be HTTPS or an empty string.
- Is
First boolParty - Indicates whether this client is a first-party client.
- Is
Token boolEndpoint Ip Header Trusted - Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to
client_secret_post
orclient_secret_basic
. Setting this property when creating the resource, will default the authentication method toclient_secret_post
. To change the authentication method toclient_secret_basic
use theauth0.ClientCredentials
resource. - Jwt
Configurations List<GetClient Jwt Configuration> - Configuration settings for the JWTs issued for this client.
- Logo
Uri string - URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- Mobiles
List<Get
Client Mobile> - Additional configuration for native mobile apps.
- List<Get
Client Native Social Login> - Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
. - Oidc
Backchannel List<string>Logout Urls - Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
- Oidc
Conformant bool - Indicates whether this client will conform to strict OIDC specifications.
- Organization
Require stringBehavior - Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default),pre_login_prompt
orpost_login_prompt
. - Organization
Usage string - Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
. - Refresh
Tokens List<GetClient Refresh Token> - Configuration settings for the refresh tokens issued for this client.
- bool
- Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
- Signing
Keys List<ImmutableDictionary<string, string>> - List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- Sso bool
- Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- Sso
Disabled bool - Indicates whether or not SSO is disabled.
- Token
Endpoint stringAuth Method - The authentication method for the token endpoint. Results include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic). Managing a client's authentication method can be done via theauth0.ClientCredentials
resource. - Web
Origins List<string> - URLs that represent valid web origins for use with web message response mode.
- Client
Id string - The ID of the client. If not provided,
name
must be set. - Name string
- The name of the client. If not provided,
client_id
must be set.
- Addons
[]Get
Client Addon - Addons enabled for this client and their associated configurations.
- Allowed
Clients []string - List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- Allowed
Logout []stringUrls - URLs that Auth0 may redirect to after logout.
- Allowed
Origins []string - URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- App
Type string - Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
. - Callbacks []string
- URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- Client
Aliases []string - List of audiences/realms for SAML protocol. Used by the wsfed addon.
- Client
Metadata map[string]string - Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
. - Client
Secret string - Cross
Origin boolAuth - Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). - Cross
Origin stringLoc - URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- Custom
Login stringPage - The content (HTML, CSS, JS) of the custom login page.
- Custom
Login boolPage On - Indicates whether a custom login page is to be used.
- Default
Organizations []GetClient Default Organization - Configure and associate an organization with the Client
- Description string
- Description of the purpose of the client.
- Encryption
Key map[string]string - Encryption used for WS-Fed responses with this client.
- Form
Template string - HTML form template to be used for WS-Federation.
- Grant
Types []string - Types of grants that this client is authorized to use.
- Id string
- The provider-assigned unique ID for this managed resource.
- Initiate
Login stringUri - Initiate login URI. Must be HTTPS or an empty string.
- Is
First boolParty - Indicates whether this client is a first-party client.
- Is
Token boolEndpoint Ip Header Trusted - Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to
client_secret_post
orclient_secret_basic
. Setting this property when creating the resource, will default the authentication method toclient_secret_post
. To change the authentication method toclient_secret_basic
use theauth0.ClientCredentials
resource. - Jwt
Configurations []GetClient Jwt Configuration - Configuration settings for the JWTs issued for this client.
- Logo
Uri string - URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- Mobiles
[]Get
Client Mobile - Additional configuration for native mobile apps.
- []Get
Client Native Social Login - Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
. - Oidc
Backchannel []stringLogout Urls - Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
- Oidc
Conformant bool - Indicates whether this client will conform to strict OIDC specifications.
- Organization
Require stringBehavior - Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default),pre_login_prompt
orpost_login_prompt
. - Organization
Usage string - Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
. - Refresh
Tokens []GetClient Refresh Token - Configuration settings for the refresh tokens issued for this client.
- bool
- Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
- Signing
Keys []map[string]string - List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- Sso bool
- Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- Sso
Disabled bool - Indicates whether or not SSO is disabled.
- Token
Endpoint stringAuth Method - The authentication method for the token endpoint. Results include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic). Managing a client's authentication method can be done via theauth0.ClientCredentials
resource. - Web
Origins []string - URLs that represent valid web origins for use with web message response mode.
- Client
Id string - The ID of the client. If not provided,
name
must be set. - Name string
- The name of the client. If not provided,
client_id
must be set.
- addons
List<Get
Client Addon> - Addons enabled for this client and their associated configurations.
- allowed
Clients List<String> - List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout List<String>Urls - URLs that Auth0 may redirect to after logout.
- allowed
Origins List<String> - URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type String - Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
. - callbacks List<String>
- URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Aliases List<String> - List of audiences/realms for SAML protocol. Used by the wsfed addon.
- client
Metadata Map<String,String> - Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
. - client
Secret String - cross
Origin BooleanAuth - Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). - cross
Origin StringLoc - URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- custom
Login StringPage - The content (HTML, CSS, JS) of the custom login page.
- custom
Login BooleanPage On - Indicates whether a custom login page is to be used.
- default
Organizations List<GetClient Default Organization> - Configure and associate an organization with the Client
- description String
- Description of the purpose of the client.
- encryption
Key Map<String,String> - Encryption used for WS-Fed responses with this client.
- form
Template String - HTML form template to be used for WS-Federation.
- grant
Types List<String> - Types of grants that this client is authorized to use.
- id String
- The provider-assigned unique ID for this managed resource.
- initiate
Login StringUri - Initiate login URI. Must be HTTPS or an empty string.
- is
First BooleanParty - Indicates whether this client is a first-party client.
- is
Token BooleanEndpoint Ip Header Trusted - Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to
client_secret_post
orclient_secret_basic
. Setting this property when creating the resource, will default the authentication method toclient_secret_post
. To change the authentication method toclient_secret_basic
use theauth0.ClientCredentials
resource. - jwt
Configurations List<GetClient Jwt Configuration> - Configuration settings for the JWTs issued for this client.
- logo
Uri String - URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobiles
List<Get
Client Mobile> - Additional configuration for native mobile apps.
- List<Get
Client Native Social Login> - Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
. - oidc
Backchannel List<String>Logout Urls - Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
- oidc
Conformant Boolean - Indicates whether this client will conform to strict OIDC specifications.
- organization
Require StringBehavior - Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default),pre_login_prompt
orpost_login_prompt
. - organization
Usage String - Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
. - refresh
Tokens List<GetClient Refresh Token> - Configuration settings for the refresh tokens issued for this client.
- Boolean
- Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
- signing
Keys List<Map<String,String>> - List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- sso Boolean
- Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- sso
Disabled Boolean - Indicates whether or not SSO is disabled.
- token
Endpoint StringAuth Method - The authentication method for the token endpoint. Results include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic). Managing a client's authentication method can be done via theauth0.ClientCredentials
resource. - web
Origins List<String> - URLs that represent valid web origins for use with web message response mode.
- client
Id String - The ID of the client. If not provided,
name
must be set. - name String
- The name of the client. If not provided,
client_id
must be set.
- addons
Get
Client Addon[] - Addons enabled for this client and their associated configurations.
- allowed
Clients string[] - List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout string[]Urls - URLs that Auth0 may redirect to after logout.
- allowed
Origins string[] - URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type string - Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
. - callbacks string[]
- URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Aliases string[] - List of audiences/realms for SAML protocol. Used by the wsfed addon.
- client
Metadata {[key: string]: string} - Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
. - client
Secret string - cross
Origin booleanAuth - Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). - cross
Origin stringLoc - URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- custom
Login stringPage - The content (HTML, CSS, JS) of the custom login page.
- custom
Login booleanPage On - Indicates whether a custom login page is to be used.
- default
Organizations GetClient Default Organization[] - Configure and associate an organization with the Client
- description string
- Description of the purpose of the client.
- encryption
Key {[key: string]: string} - Encryption used for WS-Fed responses with this client.
- form
Template string - HTML form template to be used for WS-Federation.
- grant
Types string[] - Types of grants that this client is authorized to use.
- id string
- The provider-assigned unique ID for this managed resource.
- initiate
Login stringUri - Initiate login URI. Must be HTTPS or an empty string.
- is
First booleanParty - Indicates whether this client is a first-party client.
- is
Token booleanEndpoint Ip Header Trusted - Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to
client_secret_post
orclient_secret_basic
. Setting this property when creating the resource, will default the authentication method toclient_secret_post
. To change the authentication method toclient_secret_basic
use theauth0.ClientCredentials
resource. - jwt
Configurations GetClient Jwt Configuration[] - Configuration settings for the JWTs issued for this client.
- logo
Uri string - URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobiles
Get
Client Mobile[] - Additional configuration for native mobile apps.
- Get
Client Native Social Login[] - Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
. - oidc
Backchannel string[]Logout Urls - Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
- oidc
Conformant boolean - Indicates whether this client will conform to strict OIDC specifications.
- organization
Require stringBehavior - Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default),pre_login_prompt
orpost_login_prompt
. - organization
Usage string - Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
. - refresh
Tokens GetClient Refresh Token[] - Configuration settings for the refresh tokens issued for this client.
- boolean
- Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
- signing
Keys {[key: string]: string}[] - List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- sso boolean
- Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- sso
Disabled boolean - Indicates whether or not SSO is disabled.
- token
Endpoint stringAuth Method - The authentication method for the token endpoint. Results include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic). Managing a client's authentication method can be done via theauth0.ClientCredentials
resource. - web
Origins string[] - URLs that represent valid web origins for use with web message response mode.
- client
Id string - The ID of the client. If not provided,
name
must be set. - name string
- The name of the client. If not provided,
client_id
must be set.
- addons
Sequence[Get
Client Addon] - Addons enabled for this client and their associated configurations.
- allowed_
clients Sequence[str] - List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed_
logout_ Sequence[str]urls - URLs that Auth0 may redirect to after logout.
- allowed_
origins Sequence[str] - URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app_
type str - Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
. - callbacks Sequence[str]
- URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client_
aliases Sequence[str] - List of audiences/realms for SAML protocol. Used by the wsfed addon.
- client_
metadata Mapping[str, str] - Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
. - client_
secret str - cross_
origin_ boolauth - Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). - cross_
origin_ strloc - URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- custom_
login_ strpage - The content (HTML, CSS, JS) of the custom login page.
- custom_
login_ boolpage_ on - Indicates whether a custom login page is to be used.
- default_
organizations Sequence[GetClient Default Organization] - Configure and associate an organization with the Client
- description str
- Description of the purpose of the client.
- encryption_
key Mapping[str, str] - Encryption used for WS-Fed responses with this client.
- form_
template str - HTML form template to be used for WS-Federation.
- grant_
types Sequence[str] - Types of grants that this client is authorized to use.
- id str
- The provider-assigned unique ID for this managed resource.
- initiate_
login_ struri - Initiate login URI. Must be HTTPS or an empty string.
- is_
first_ boolparty - Indicates whether this client is a first-party client.
- is_
token_ boolendpoint_ ip_ header_ trusted - Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to
client_secret_post
orclient_secret_basic
. Setting this property when creating the resource, will default the authentication method toclient_secret_post
. To change the authentication method toclient_secret_basic
use theauth0.ClientCredentials
resource. - jwt_
configurations Sequence[GetClient Jwt Configuration] - Configuration settings for the JWTs issued for this client.
- logo_
uri str - URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobiles
Sequence[Get
Client Mobile] - Additional configuration for native mobile apps.
- Sequence[Get
Client Native Social Login] - Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
. - oidc_
backchannel_ Sequence[str]logout_ urls - Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
- oidc_
conformant bool - Indicates whether this client will conform to strict OIDC specifications.
- organization_
require_ strbehavior - Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default),pre_login_prompt
orpost_login_prompt
. - organization_
usage str - Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
. - refresh_
tokens Sequence[GetClient Refresh Token] - Configuration settings for the refresh tokens issued for this client.
- bool
- Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
- signing_
keys Sequence[Mapping[str, str]] - List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- sso bool
- Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- sso_
disabled bool - Indicates whether or not SSO is disabled.
- token_
endpoint_ strauth_ method - The authentication method for the token endpoint. Results include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic). Managing a client's authentication method can be done via theauth0.ClientCredentials
resource. - web_
origins Sequence[str] - URLs that represent valid web origins for use with web message response mode.
- client_
id str - The ID of the client. If not provided,
name
must be set. - name str
- The name of the client. If not provided,
client_id
must be set.
- addons List<Property Map>
- Addons enabled for this client and their associated configurations.
- allowed
Clients List<String> - List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
- allowed
Logout List<String>Urls - URLs that Auth0 may redirect to after logout.
- allowed
Origins List<String> - URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
- app
Type String - Type of application the client represents. Possible values are:
native
,spa
,regular_web
,non_interactive
,sso_integration
. Specific SSO integrations types accepted as well are:rms
,box
,cloudbees
,concur
,dropbox
,mscrm
,echosign
,egnyte
,newrelic
,office365
,salesforce
,sentry
,sharepoint
,slack
,springcm
,zendesk
,zoom
. - callbacks List<String>
- URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
- client
Aliases List<String> - List of audiences/realms for SAML protocol. Used by the wsfed addon.
- client
Metadata Map<String> - Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters:
:,-+=_*?"/\()<>@ [Tab] [Space]
. - client
Secret String - cross
Origin BooleanAuth - Whether this client can be used to make cross-origin authentication requests (
true
) or it is not allowed to make such requests (false
). - cross
Origin StringLoc - URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
- custom
Login StringPage - The content (HTML, CSS, JS) of the custom login page.
- custom
Login BooleanPage On - Indicates whether a custom login page is to be used.
- default
Organizations List<Property Map> - Configure and associate an organization with the Client
- description String
- Description of the purpose of the client.
- encryption
Key Map<String> - Encryption used for WS-Fed responses with this client.
- form
Template String - HTML form template to be used for WS-Federation.
- grant
Types List<String> - Types of grants that this client is authorized to use.
- id String
- The provider-assigned unique ID for this managed resource.
- initiate
Login StringUri - Initiate login URI. Must be HTTPS or an empty string.
- is
First BooleanParty - Indicates whether this client is a first-party client.
- is
Token BooleanEndpoint Ip Header Trusted - Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to
client_secret_post
orclient_secret_basic
. Setting this property when creating the resource, will default the authentication method toclient_secret_post
. To change the authentication method toclient_secret_basic
use theauth0.ClientCredentials
resource. - jwt
Configurations List<Property Map> - Configuration settings for the JWTs issued for this client.
- logo
Uri String - URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
- mobiles List<Property Map>
- Additional configuration for native mobile apps.
- List<Property Map>
- Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to
false
in order to change theapp_type
. - oidc
Backchannel List<String>Logout Urls - Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
- oidc
Conformant Boolean - Indicates whether this client will conform to strict OIDC specifications.
- organization
Require StringBehavior - Defines how to proceed during an authentication transaction when
organization_usage = "require"
. Can beno_prompt
(default),pre_login_prompt
orpost_login_prompt
. - organization
Usage String - Defines how to proceed during an authentication transaction with regards to an organization. Can be
deny
(default),allow
orrequire
. - refresh
Tokens List<Property Map> - Configuration settings for the refresh tokens issued for this client.
- Boolean
- Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
- signing
Keys List<Map<String>> - List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
- sso Boolean
- Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- sso
Disabled Boolean - Indicates whether or not SSO is disabled.
- token
Endpoint StringAuth Method - The authentication method for the token endpoint. Results include
none
(public client without a client secret),client_secret_post
(client uses HTTP POST parameters),client_secret_basic
(client uses HTTP Basic). Managing a client's authentication method can be done via theauth0.ClientCredentials
resource. - web
Origins List<String> - URLs that represent valid web origins for use with web message response mode.
- client
Id String - The ID of the client. If not provided,
name
must be set. - name String
- The name of the client. If not provided,
client_id
must be set.
Supporting Types
GetClientAddon
- Aws
List<Get
Client Addon Aw> - AWS Addon configuration.
- Azure
Blobs List<GetClient Addon Azure Blob> - Azure Blob Storage Addon configuration.
- Azure
Sbs List<GetClient Addon Azure Sb> - Azure Storage Bus Addon configuration.
- Boxes
List<Get
Client Addon Box> - Box SSO indicator (no configuration settings needed for Box SSO).
- Cloudbees
List<Get
Client Addon Cloudbee> - CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
- Concurs
List<Get
Client Addon Concur> - Concur SSO indicator (no configuration settings needed for Concur SSO).
- Dropboxes
List<Get
Client Addon Dropbox> - Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
- Echosigns
List<Get
Client Addon Echosign> - Adobe EchoSign SSO configuration.
- Egnytes
List<Get
Client Addon Egnyte> - Egnyte SSO configuration.
- Firebases
List<Get
Client Addon Firebase> - Google Firebase addon configuration.
- Layers
List<Get
Client Addon Layer> - Layer addon configuration.
- Mscrms
List<Get
Client Addon Mscrm> - Microsoft Dynamics CRM SSO configuration.
- Newrelics
List<Get
Client Addon Newrelic> - New Relic SSO configuration.
- Office365s
List<Get
Client Addon Office365> - Microsoft Office 365 SSO configuration.
- Rms
List<Get
Client Addon Rm> - Active Directory Rights Management Service SSO configuration.
- Salesforce
Apis List<GetClient Addon Salesforce Api> - Salesforce API addon configuration.
- Salesforce
Sandbox List<GetApis Client Addon Salesforce Sandbox Api> - Salesforce Sandbox addon configuration.
- Salesforces
List<Get
Client Addon Salesforce> - Salesforce SSO configuration.
- Samlps
List<Get
Client Addon Samlp> - Configuration settings for a SAML add-on.
- Sap
Apis List<GetClient Addon Sap Api> - SAP API addon configuration.
- Sentries
List<Get
Client Addon Sentry> - Sentry SSO configuration.
- List<Get
Client Addon Sharepoint> - SharePoint SSO configuration.
- Slacks
List<Get
Client Addon Slack> - Slack team or workspace name usually first segment in your Slack URL, for example
https://acme-org.slack.com
would beacme-org
. - Springcms
List<Get
Client Addon Springcm> - SpringCM SSO configuration.
- Sso
Integrations List<GetClient Addon Sso Integration> - Generic SSO configuration.
- Wams
List<Get
Client Addon Wam> - Windows Azure Mobile Services addon configuration.
- Wsfeds
List<Get
Client Addon Wsfed> - WS-Fed (WIF) addon indicator. Actual configuration is stored in
callback
andclient_aliases
properties on the client. - Zendesks
List<Get
Client Addon Zendesk> - Zendesk SSO configuration.
- Zooms
List<Get
Client Addon Zoom> - Zoom SSO configuration.
- Aws
[]Get
Client Addon Aw - AWS Addon configuration.
- Azure
Blobs []GetClient Addon Azure Blob - Azure Blob Storage Addon configuration.
- Azure
Sbs []GetClient Addon Azure Sb - Azure Storage Bus Addon configuration.
- Boxes
[]Get
Client Addon Box - Box SSO indicator (no configuration settings needed for Box SSO).
- Cloudbees
[]Get
Client Addon Cloudbee - CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
- Concurs
[]Get
Client Addon Concur - Concur SSO indicator (no configuration settings needed for Concur SSO).
- Dropboxes
[]Get
Client Addon Dropbox - Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
- Echosigns
[]Get
Client Addon Echosign - Adobe EchoSign SSO configuration.
- Egnytes
[]Get
Client Addon Egnyte - Egnyte SSO configuration.
- Firebases
[]Get
Client Addon Firebase - Google Firebase addon configuration.
- Layers
[]Get
Client Addon Layer - Layer addon configuration.
- Mscrms
[]Get
Client Addon Mscrm - Microsoft Dynamics CRM SSO configuration.
- Newrelics
[]Get
Client Addon Newrelic - New Relic SSO configuration.
- Office365s
[]Get
Client Addon Office365 - Microsoft Office 365 SSO configuration.
- Rms
[]Get
Client Addon Rm - Active Directory Rights Management Service SSO configuration.
- Salesforce
Apis []GetClient Addon Salesforce Api - Salesforce API addon configuration.
- Salesforce
Sandbox []GetApis Client Addon Salesforce Sandbox Api - Salesforce Sandbox addon configuration.
- Salesforces
[]Get
Client Addon Salesforce - Salesforce SSO configuration.
- Samlps
[]Get
Client Addon Samlp - Configuration settings for a SAML add-on.
- Sap
Apis []GetClient Addon Sap Api - SAP API addon configuration.
- Sentries
[]Get
Client Addon Sentry - Sentry SSO configuration.
- []Get
Client Addon Sharepoint - SharePoint SSO configuration.
- Slacks
[]Get
Client Addon Slack - Slack team or workspace name usually first segment in your Slack URL, for example
https://acme-org.slack.com
would beacme-org
. - Springcms
[]Get
Client Addon Springcm - SpringCM SSO configuration.
- Sso
Integrations []GetClient Addon Sso Integration - Generic SSO configuration.
- Wams
[]Get
Client Addon Wam - Windows Azure Mobile Services addon configuration.
- Wsfeds
[]Get
Client Addon Wsfed - WS-Fed (WIF) addon indicator. Actual configuration is stored in
callback
andclient_aliases
properties on the client. - Zendesks
[]Get
Client Addon Zendesk - Zendesk SSO configuration.
- Zooms
[]Get
Client Addon Zoom - Zoom SSO configuration.
- aws
List<Get
Client Addon Aw> - AWS Addon configuration.
- azure
Blobs List<GetClient Addon Azure Blob> - Azure Blob Storage Addon configuration.
- azure
Sbs List<GetClient Addon Azure Sb> - Azure Storage Bus Addon configuration.
- boxes
List<Get
Client Addon Box> - Box SSO indicator (no configuration settings needed for Box SSO).
- cloudbees
List<Get
Client Addon Cloudbee> - CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
- concurs
List<Get
Client Addon Concur> - Concur SSO indicator (no configuration settings needed for Concur SSO).
- dropboxes
List<Get
Client Addon Dropbox> - Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
- echosigns
List<Get
Client Addon Echosign> - Adobe EchoSign SSO configuration.
- egnytes
List<Get
Client Addon Egnyte> - Egnyte SSO configuration.
- firebases
List<Get
Client Addon Firebase> - Google Firebase addon configuration.
- layers
List<Get
Client Addon Layer> - Layer addon configuration.
- mscrms
List<Get
Client Addon Mscrm> - Microsoft Dynamics CRM SSO configuration.
- newrelics
List<Get
Client Addon Newrelic> - New Relic SSO configuration.
- office365s
List<Get
Client Addon Office365> - Microsoft Office 365 SSO configuration.
- rms
List<Get
Client Addon Rm> - Active Directory Rights Management Service SSO configuration.
- salesforce
Apis List<GetClient Addon Salesforce Api> - Salesforce API addon configuration.
- salesforce
Sandbox List<GetApis Client Addon Salesforce Sandbox Api> - Salesforce Sandbox addon configuration.
- salesforces
List<Get
Client Addon Salesforce> - Salesforce SSO configuration.
- samlps
List<Get
Client Addon Samlp> - Configuration settings for a SAML add-on.
- sap
Apis List<GetClient Addon Sap Api> - SAP API addon configuration.
- sentries
List<Get
Client Addon Sentry> - Sentry SSO configuration.
- List<Get
Client Addon Sharepoint> - SharePoint SSO configuration.
- slacks
List<Get
Client Addon Slack> - Slack team or workspace name usually first segment in your Slack URL, for example
https://acme-org.slack.com
would beacme-org
. - springcms
List<Get
Client Addon Springcm> - SpringCM SSO configuration.
- sso
Integrations List<GetClient Addon Sso Integration> - Generic SSO configuration.
- wams
List<Get
Client Addon Wam> - Windows Azure Mobile Services addon configuration.
- wsfeds
List<Get
Client Addon Wsfed> - WS-Fed (WIF) addon indicator. Actual configuration is stored in
callback
andclient_aliases
properties on the client. - zendesks
List<Get
Client Addon Zendesk> - Zendesk SSO configuration.
- zooms
List<Get
Client Addon Zoom> - Zoom SSO configuration.
- aws
Get
Client Addon Aw[] - AWS Addon configuration.
- azure
Blobs GetClient Addon Azure Blob[] - Azure Blob Storage Addon configuration.
- azure
Sbs GetClient Addon Azure Sb[] - Azure Storage Bus Addon configuration.
- boxes
Get
Client Addon Box[] - Box SSO indicator (no configuration settings needed for Box SSO).
- cloudbees
Get
Client Addon Cloudbee[] - CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
- concurs
Get
Client Addon Concur[] - Concur SSO indicator (no configuration settings needed for Concur SSO).
- dropboxes
Get
Client Addon Dropbox[] - Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
- echosigns
Get
Client Addon Echosign[] - Adobe EchoSign SSO configuration.
- egnytes
Get
Client Addon Egnyte[] - Egnyte SSO configuration.
- firebases
Get
Client Addon Firebase[] - Google Firebase addon configuration.
- layers
Get
Client Addon Layer[] - Layer addon configuration.
- mscrms
Get
Client Addon Mscrm[] - Microsoft Dynamics CRM SSO configuration.
- newrelics
Get
Client Addon Newrelic[] - New Relic SSO configuration.
- office365s
Get
Client Addon Office365[] - Microsoft Office 365 SSO configuration.
- rms
Get
Client Addon Rm[] - Active Directory Rights Management Service SSO configuration.
- salesforce
Apis GetClient Addon Salesforce Api[] - Salesforce API addon configuration.
- salesforce
Sandbox GetApis Client Addon Salesforce Sandbox Api[] - Salesforce Sandbox addon configuration.
- salesforces
Get
Client Addon Salesforce[] - Salesforce SSO configuration.
- samlps
Get
Client Addon Samlp[] - Configuration settings for a SAML add-on.
- sap
Apis GetClient Addon Sap Api[] - SAP API addon configuration.
- sentries
Get
Client Addon Sentry[] - Sentry SSO configuration.
- Get
Client Addon Sharepoint[] - SharePoint SSO configuration.
- slacks
Get
Client Addon Slack[] - Slack team or workspace name usually first segment in your Slack URL, for example
https://acme-org.slack.com
would beacme-org
. - springcms
Get
Client Addon Springcm[] - SpringCM SSO configuration.
- sso
Integrations GetClient Addon Sso Integration[] - Generic SSO configuration.
- wams
Get
Client Addon Wam[] - Windows Azure Mobile Services addon configuration.
- wsfeds
Get
Client Addon Wsfed[] - WS-Fed (WIF) addon indicator. Actual configuration is stored in
callback
andclient_aliases
properties on the client. - zendesks
Get
Client Addon Zendesk[] - Zendesk SSO configuration.
- zooms
Get
Client Addon Zoom[] - Zoom SSO configuration.
- aws
Sequence[Get
Client Addon Aw] - AWS Addon configuration.
- azure_
blobs Sequence[GetClient Addon Azure Blob] - Azure Blob Storage Addon configuration.
- azure_
sbs Sequence[GetClient Addon Azure Sb] - Azure Storage Bus Addon configuration.
- boxes
Sequence[Get
Client Addon Box] - Box SSO indicator (no configuration settings needed for Box SSO).
- cloudbees
Sequence[Get
Client Addon Cloudbee] - CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
- concurs
Sequence[Get
Client Addon Concur] - Concur SSO indicator (no configuration settings needed for Concur SSO).
- dropboxes
Sequence[Get
Client Addon Dropbox] - Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
- echosigns
Sequence[Get
Client Addon Echosign] - Adobe EchoSign SSO configuration.
- egnytes
Sequence[Get
Client Addon Egnyte] - Egnyte SSO configuration.
- firebases
Sequence[Get
Client Addon Firebase] - Google Firebase addon configuration.
- layers
Sequence[Get
Client Addon Layer] - Layer addon configuration.
- mscrms
Sequence[Get
Client Addon Mscrm] - Microsoft Dynamics CRM SSO configuration.
- newrelics
Sequence[Get
Client Addon Newrelic] - New Relic SSO configuration.
- office365s
Sequence[Get
Client Addon Office365] - Microsoft Office 365 SSO configuration.
- rms
Sequence[Get
Client Addon Rm] - Active Directory Rights Management Service SSO configuration.
- salesforce_
apis Sequence[GetClient Addon Salesforce Api] - Salesforce API addon configuration.
- salesforce_
sandbox_ Sequence[Getapis Client Addon Salesforce Sandbox Api] - Salesforce Sandbox addon configuration.
- salesforces
Sequence[Get
Client Addon Salesforce] - Salesforce SSO configuration.
- samlps
Sequence[Get
Client Addon Samlp] - Configuration settings for a SAML add-on.
- sap_
apis Sequence[GetClient Addon Sap Api] - SAP API addon configuration.
- sentries
Sequence[Get
Client Addon Sentry] - Sentry SSO configuration.
- Sequence[Get
Client Addon Sharepoint] - SharePoint SSO configuration.
- slacks
Sequence[Get
Client Addon Slack] - Slack team or workspace name usually first segment in your Slack URL, for example
https://acme-org.slack.com
would beacme-org
. - springcms
Sequence[Get
Client Addon Springcm] - SpringCM SSO configuration.
- sso_
integrations Sequence[GetClient Addon Sso Integration] - Generic SSO configuration.
- wams
Sequence[Get
Client Addon Wam] - Windows Azure Mobile Services addon configuration.
- wsfeds
Sequence[Get
Client Addon Wsfed] - WS-Fed (WIF) addon indicator. Actual configuration is stored in
callback
andclient_aliases
properties on the client. - zendesks
Sequence[Get
Client Addon Zendesk] - Zendesk SSO configuration.
- zooms
Sequence[Get
Client Addon Zoom] - Zoom SSO configuration.
- aws List<Property Map>
- AWS Addon configuration.
- azure
Blobs List<Property Map> - Azure Blob Storage Addon configuration.
- azure
Sbs List<Property Map> - Azure Storage Bus Addon configuration.
- boxes List<Property Map>
- Box SSO indicator (no configuration settings needed for Box SSO).
- cloudbees List<Property Map>
- CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
- concurs List<Property Map>
- Concur SSO indicator (no configuration settings needed for Concur SSO).
- dropboxes List<Property Map>
- Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
- echosigns List<Property Map>
- Adobe EchoSign SSO configuration.
- egnytes List<Property Map>
- Egnyte SSO configuration.
- firebases List<Property Map>
- Google Firebase addon configuration.
- layers List<Property Map>
- Layer addon configuration.
- mscrms List<Property Map>
- Microsoft Dynamics CRM SSO configuration.
- newrelics List<Property Map>
- New Relic SSO configuration.
- office365s List<Property Map>
- Microsoft Office 365 SSO configuration.
- rms List<Property Map>
- Active Directory Rights Management Service SSO configuration.
- salesforce
Apis List<Property Map> - Salesforce API addon configuration.
- salesforce
Sandbox List<Property Map>Apis - Salesforce Sandbox addon configuration.
- salesforces List<Property Map>
- Salesforce SSO configuration.
- samlps List<Property Map>
- Configuration settings for a SAML add-on.
- sap
Apis List<Property Map> - SAP API addon configuration.
- sentries List<Property Map>
- Sentry SSO configuration.
- List<Property Map>
- SharePoint SSO configuration.
- slacks List<Property Map>
- Slack team or workspace name usually first segment in your Slack URL, for example
https://acme-org.slack.com
would beacme-org
. - springcms List<Property Map>
- SpringCM SSO configuration.
- sso
Integrations List<Property Map> - Generic SSO configuration.
- wams List<Property Map>
- Windows Azure Mobile Services addon configuration.
- wsfeds List<Property Map>
- WS-Fed (WIF) addon indicator. Actual configuration is stored in
callback
andclient_aliases
properties on the client. - zendesks List<Property Map>
- Zendesk SSO configuration.
- zooms List<Property Map>
- Zoom SSO configuration.
GetClientAddonAw
- Lifetime
In intSeconds - AWS token lifetime in seconds.
- Principal string
- AWS principal ARN, for example
arn:aws:iam::010616021751:saml-provider/idpname
. - Role string
- AWS role ARN, for example
arn:aws:iam::010616021751:role/foo
.
- Lifetime
In intSeconds - AWS token lifetime in seconds.
- Principal string
- AWS principal ARN, for example
arn:aws:iam::010616021751:saml-provider/idpname
. - Role string
- AWS role ARN, for example
arn:aws:iam::010616021751:role/foo
.
- lifetime
In IntegerSeconds - AWS token lifetime in seconds.
- principal String
- AWS principal ARN, for example
arn:aws:iam::010616021751:saml-provider/idpname
. - role String
- AWS role ARN, for example
arn:aws:iam::010616021751:role/foo
.
- lifetime
In numberSeconds - AWS token lifetime in seconds.
- principal string
- AWS principal ARN, for example
arn:aws:iam::010616021751:saml-provider/idpname
. - role string
- AWS role ARN, for example
arn:aws:iam::010616021751:role/foo
.
- lifetime_
in_ intseconds - AWS token lifetime in seconds.
- principal str
- AWS principal ARN, for example
arn:aws:iam::010616021751:saml-provider/idpname
. - role str
- AWS role ARN, for example
arn:aws:iam::010616021751:role/foo
.
- lifetime
In NumberSeconds - AWS token lifetime in seconds.
- principal String
- AWS principal ARN, for example
arn:aws:iam::010616021751:saml-provider/idpname
. - role String
- AWS role ARN, for example
arn:aws:iam::010616021751:role/foo
.
GetClientAddonAzureBlob
- Account
Name string - Your Azure storage account name. Usually first segment in your Azure storage URL, for example
https://acme-org.blob.core.windows.net
would be the account nameacme-org
. - Blob
Delete bool - Indicates if the issued token has permission to delete the blob.
- Blob
Name string - Entity to request a token for, such as
my-blob
. If blank the computed SAS will apply to the entire storage container. - Blob
Read bool - Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
- Blob
Write bool - Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- Container
Delete bool - Indicates if issued token has permission to delete any blob in the container.
- Container
List bool - Indicates if the issued token has permission to list blobs in the container.
- Container
Name string - Container to request a token for, such as
my-container
. - Container
Read bool - Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
- Container
Write bool - Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- Expiration int
- Expiration in minutes for the generated token (default of 5 minutes).
- Signed
Identifier string - Shared access policy identifier defined in your storage account resource.
- Storage
Access stringKey - Access key associated with this storage account.
- Account
Name string - Your Azure storage account name. Usually first segment in your Azure storage URL, for example
https://acme-org.blob.core.windows.net
would be the account nameacme-org
. - Blob
Delete bool - Indicates if the issued token has permission to delete the blob.
- Blob
Name string - Entity to request a token for, such as
my-blob
. If blank the computed SAS will apply to the entire storage container. - Blob
Read bool - Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
- Blob
Write bool - Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- Container
Delete bool - Indicates if issued token has permission to delete any blob in the container.
- Container
List bool - Indicates if the issued token has permission to list blobs in the container.
- Container
Name string - Container to request a token for, such as
my-container
. - Container
Read bool - Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
- Container
Write bool - Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- Expiration int
- Expiration in minutes for the generated token (default of 5 minutes).
- Signed
Identifier string - Shared access policy identifier defined in your storage account resource.
- Storage
Access stringKey - Access key associated with this storage account.
- account
Name String - Your Azure storage account name. Usually first segment in your Azure storage URL, for example
https://acme-org.blob.core.windows.net
would be the account nameacme-org
. - blob
Delete Boolean - Indicates if the issued token has permission to delete the blob.
- blob
Name String - Entity to request a token for, such as
my-blob
. If blank the computed SAS will apply to the entire storage container. - blob
Read Boolean - Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
- blob
Write Boolean - Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- container
Delete Boolean - Indicates if issued token has permission to delete any blob in the container.
- container
List Boolean - Indicates if the issued token has permission to list blobs in the container.
- container
Name String - Container to request a token for, such as
my-container
. - container
Read Boolean - Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
- container
Write Boolean - Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- expiration Integer
- Expiration in minutes for the generated token (default of 5 minutes).
- signed
Identifier String - Shared access policy identifier defined in your storage account resource.
- storage
Access StringKey - Access key associated with this storage account.
- account
Name string - Your Azure storage account name. Usually first segment in your Azure storage URL, for example
https://acme-org.blob.core.windows.net
would be the account nameacme-org
. - blob
Delete boolean - Indicates if the issued token has permission to delete the blob.
- blob
Name string - Entity to request a token for, such as
my-blob
. If blank the computed SAS will apply to the entire storage container. - blob
Read boolean - Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
- blob
Write boolean - Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- container
Delete boolean - Indicates if issued token has permission to delete any blob in the container.
- container
List boolean - Indicates if the issued token has permission to list blobs in the container.
- container
Name string - Container to request a token for, such as
my-container
. - container
Read boolean - Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
- container
Write boolean - Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- expiration number
- Expiration in minutes for the generated token (default of 5 minutes).
- signed
Identifier string - Shared access policy identifier defined in your storage account resource.
- storage
Access stringKey - Access key associated with this storage account.
- account_
name str - Your Azure storage account name. Usually first segment in your Azure storage URL, for example
https://acme-org.blob.core.windows.net
would be the account nameacme-org
. - blob_
delete bool - Indicates if the issued token has permission to delete the blob.
- blob_
name str - Entity to request a token for, such as
my-blob
. If blank the computed SAS will apply to the entire storage container. - blob_
read bool - Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
- blob_
write bool - Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- container_
delete bool - Indicates if issued token has permission to delete any blob in the container.
- container_
list bool - Indicates if the issued token has permission to list blobs in the container.
- container_
name str - Container to request a token for, such as
my-container
. - container_
read bool - Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
- container_
write bool - Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- expiration int
- Expiration in minutes for the generated token (default of 5 minutes).
- signed_
identifier str - Shared access policy identifier defined in your storage account resource.
- storage_
access_ strkey - Access key associated with this storage account.
- account
Name String - Your Azure storage account name. Usually first segment in your Azure storage URL, for example
https://acme-org.blob.core.windows.net
would be the account nameacme-org
. - blob
Delete Boolean - Indicates if the issued token has permission to delete the blob.
- blob
Name String - Entity to request a token for, such as
my-blob
. If blank the computed SAS will apply to the entire storage container. - blob
Read Boolean - Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
- blob
Write Boolean - Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- container
Delete Boolean - Indicates if issued token has permission to delete any blob in the container.
- container
List Boolean - Indicates if the issued token has permission to list blobs in the container.
- container
Name String - Container to request a token for, such as
my-container
. - container
Read Boolean - Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
- container
Write Boolean - Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
- expiration Number
- Expiration in minutes for the generated token (default of 5 minutes).
- signed
Identifier String - Shared access policy identifier defined in your storage account resource.
- storage
Access StringKey - Access key associated with this storage account.
GetClientAddonAzureSb
- Entity
Path string - Entity you want to request a token for, such as
my-queue
. - Expiration int
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- Namespace string
- Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example
https://acme-org.servicebus.windows.net
would beacme-org
). - Sas
Key string - Primary Key associated with your shared access policy.
- Sas
Key stringName - Your shared access policy name defined in your Service Bus entity.
- Entity
Path string - Entity you want to request a token for, such as
my-queue
. - Expiration int
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- Namespace string
- Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example
https://acme-org.servicebus.windows.net
would beacme-org
). - Sas
Key string - Primary Key associated with your shared access policy.
- Sas
Key stringName - Your shared access policy name defined in your Service Bus entity.
- entity
Path String - Entity you want to request a token for, such as
my-queue
. - expiration Integer
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- namespace String
- Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example
https://acme-org.servicebus.windows.net
would beacme-org
). - sas
Key String - Primary Key associated with your shared access policy.
- sas
Key StringName - Your shared access policy name defined in your Service Bus entity.
- entity
Path string - Entity you want to request a token for, such as
my-queue
. - expiration number
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- namespace string
- Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example
https://acme-org.servicebus.windows.net
would beacme-org
). - sas
Key string - Primary Key associated with your shared access policy.
- sas
Key stringName - Your shared access policy name defined in your Service Bus entity.
- entity_
path str - Entity you want to request a token for, such as
my-queue
. - expiration int
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- namespace str
- Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example
https://acme-org.servicebus.windows.net
would beacme-org
). - sas_
key str - Primary Key associated with your shared access policy.
- sas_
key_ strname - Your shared access policy name defined in your Service Bus entity.
- entity
Path String - Entity you want to request a token for, such as
my-queue
. - expiration Number
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- namespace String
- Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example
https://acme-org.servicebus.windows.net
would beacme-org
). - sas
Key String - Primary Key associated with your shared access policy.
- sas
Key StringName - Your shared access policy name defined in your Service Bus entity.
GetClientAddonEchosign
- Domain string
- Your custom domain found in your EchoSign URL, for example
https://acme-org.echosign.com
would beacme-org
.
- Domain string
- Your custom domain found in your EchoSign URL, for example
https://acme-org.echosign.com
would beacme-org
.
- domain String
- Your custom domain found in your EchoSign URL, for example
https://acme-org.echosign.com
would beacme-org
.
- domain string
- Your custom domain found in your EchoSign URL, for example
https://acme-org.echosign.com
would beacme-org
.
- domain str
- Your custom domain found in your EchoSign URL, for example
https://acme-org.echosign.com
would beacme-org
.
- domain String
- Your custom domain found in your EchoSign URL, for example
https://acme-org.echosign.com
would beacme-org
.
GetClientAddonEgnyte
- Domain string
- Your custom domain found in your Egnyte URL, for example
https://acme-org.echosign.com
would beacme-org
.
- Domain string
- Your custom domain found in your Egnyte URL, for example
https://acme-org.echosign.com
would beacme-org
.
- domain String
- Your custom domain found in your Egnyte URL, for example
https://acme-org.echosign.com
would beacme-org
.
- domain string
- Your custom domain found in your Egnyte URL, for example
https://acme-org.echosign.com
would beacme-org
.
- domain str
- Your custom domain found in your Egnyte URL, for example
https://acme-org.echosign.com
would beacme-org
.
- domain String
- Your custom domain found in your Egnyte URL, for example
https://acme-org.echosign.com
would beacme-org
.
GetClientAddonFirebase
- Client
Email string - ID of the Service Account you have created (shown as
client_email
in the generated JSON file, SDK v3+ tokens only). - Lifetime
In intSeconds - Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
- Private
Key string - Private Key for signing the token (SDK v3+ tokens only).
- Private
Key stringId - Optional ID of the private key to obtain the
kid
header claim from the issued token (SDK v3+ tokens only). - Secret string
- Google Firebase Secret. (SDK v2 only).
- Client
Email string - ID of the Service Account you have created (shown as
client_email
in the generated JSON file, SDK v3+ tokens only). - Lifetime
In intSeconds - Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
- Private
Key string - Private Key for signing the token (SDK v3+ tokens only).
- Private
Key stringId - Optional ID of the private key to obtain the
kid
header claim from the issued token (SDK v3+ tokens only). - Secret string
- Google Firebase Secret. (SDK v2 only).
- client
Email String - ID of the Service Account you have created (shown as
client_email
in the generated JSON file, SDK v3+ tokens only). - lifetime
In IntegerSeconds - Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
- private
Key String - Private Key for signing the token (SDK v3+ tokens only).
- private
Key StringId - Optional ID of the private key to obtain the
kid
header claim from the issued token (SDK v3+ tokens only). - secret String
- Google Firebase Secret. (SDK v2 only).
- client
Email string - ID of the Service Account you have created (shown as
client_email
in the generated JSON file, SDK v3+ tokens only). - lifetime
In numberSeconds - Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
- private
Key string - Private Key for signing the token (SDK v3+ tokens only).
- private
Key stringId - Optional ID of the private key to obtain the
kid
header claim from the issued token (SDK v3+ tokens only). - secret string
- Google Firebase Secret. (SDK v2 only).
- client_
email str - ID of the Service Account you have created (shown as
client_email
in the generated JSON file, SDK v3+ tokens only). - lifetime_
in_ intseconds - Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
- private_
key str - Private Key for signing the token (SDK v3+ tokens only).
- private_
key_ strid - Optional ID of the private key to obtain the
kid
header claim from the issued token (SDK v3+ tokens only). - secret str
- Google Firebase Secret. (SDK v2 only).
- client
Email String - ID of the Service Account you have created (shown as
client_email
in the generated JSON file, SDK v3+ tokens only). - lifetime
In NumberSeconds - Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
- private
Key String - Private Key for signing the token (SDK v3+ tokens only).
- private
Key StringId - Optional ID of the private key to obtain the
kid
header claim from the issued token (SDK v3+ tokens only). - secret String
- Google Firebase Secret. (SDK v2 only).
GetClientAddonLayer
- Expiration int
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- Key
Id string - Authentication Key identifier used to sign the Layer token.
- Principal string
- Name of the property used as the unique user ID in Layer. If not specified
user_id
is used. - Private
Key string - Private key for signing the Layer token.
- Provider
Id string - Provider ID of your Layer account.
- Expiration int
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- Key
Id string - Authentication Key identifier used to sign the Layer token.
- Principal string
- Name of the property used as the unique user ID in Layer. If not specified
user_id
is used. - Private
Key string - Private key for signing the Layer token.
- Provider
Id string - Provider ID of your Layer account.
- expiration Integer
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- key
Id String - Authentication Key identifier used to sign the Layer token.
- principal String
- Name of the property used as the unique user ID in Layer. If not specified
user_id
is used. - private
Key String - Private key for signing the Layer token.
- provider
Id String - Provider ID of your Layer account.
- expiration number
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- key
Id string - Authentication Key identifier used to sign the Layer token.
- principal string
- Name of the property used as the unique user ID in Layer. If not specified
user_id
is used. - private
Key string - Private key for signing the Layer token.
- provider
Id string - Provider ID of your Layer account.
- expiration int
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- key_
id str - Authentication Key identifier used to sign the Layer token.
- principal str
- Name of the property used as the unique user ID in Layer. If not specified
user_id
is used. - private_
key str - Private key for signing the Layer token.
- provider_
id str - Provider ID of your Layer account.
- expiration Number
- Optional expiration in minutes for the generated token. Defaults to 5 minutes.
- key
Id String - Authentication Key identifier used to sign the Layer token.
- principal String
- Name of the property used as the unique user ID in Layer. If not specified
user_id
is used. - private
Key String - Private key for signing the Layer token.
- provider
Id String - Provider ID of your Layer account.
GetClientAddonMscrm
- Url string
- Microsoft Dynamics CRM application URL.
- Url string
- Microsoft Dynamics CRM application URL.
- url String
- Microsoft Dynamics CRM application URL.
- url string
- Microsoft Dynamics CRM application URL.
- url str
- Microsoft Dynamics CRM application URL.
- url String
- Microsoft Dynamics CRM application URL.
GetClientAddonNewrelic
- Account string
- Your New Relic Account ID found in your New Relic URL after the
/accounts/
path, for examplehttps://rpm.newrelic.com/accounts/123456/query
would be123456
.
- Account string
- Your New Relic Account ID found in your New Relic URL after the
/accounts/
path, for examplehttps://rpm.newrelic.com/accounts/123456/query
would be123456
.
- account String
- Your New Relic Account ID found in your New Relic URL after the
/accounts/
path, for examplehttps://rpm.newrelic.com/accounts/123456/query
would be123456
.
- account string
- Your New Relic Account ID found in your New Relic URL after the
/accounts/
path, for examplehttps://rpm.newrelic.com/accounts/123456/query
would be123456
.
- account str
- Your New Relic Account ID found in your New Relic URL after the
/accounts/
path, for examplehttps://rpm.newrelic.com/accounts/123456/query
would be123456
.
- account String
- Your New Relic Account ID found in your New Relic URL after the
/accounts/
path, for examplehttps://rpm.newrelic.com/accounts/123456/query
would be123456
.
GetClientAddonOffice365
- Connection string
- Optional Auth0 database connection for testing an already-configured Office 365 tenant.
- Domain string
- Your Office 365 domain name, for example
acme-org.com
.
- Connection string
- Optional Auth0 database connection for testing an already-configured Office 365 tenant.
- Domain string
- Your Office 365 domain name, for example
acme-org.com
.
- connection String
- Optional Auth0 database connection for testing an already-configured Office 365 tenant.
- domain String
- Your Office 365 domain name, for example
acme-org.com
.
- connection string
- Optional Auth0 database connection for testing an already-configured Office 365 tenant.
- domain string
- Your Office 365 domain name, for example
acme-org.com
.
- connection str
- Optional Auth0 database connection for testing an already-configured Office 365 tenant.
- domain str
- Your Office 365 domain name, for example
acme-org.com
.
- connection String
- Optional Auth0 database connection for testing an already-configured Office 365 tenant.
- domain String
- Your Office 365 domain name, for example
acme-org.com
.
GetClientAddonRm
- Url string
- URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
- Url string
- URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
- url String
- URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
- url string
- URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
- url str
- URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
- url String
- URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
GetClientAddonSalesforce
- Entity
Id string - Arbitrary logical URL that identifies the Saleforce resource, for example
https://acme-org.com
.
- Entity
Id string - Arbitrary logical URL that identifies the Saleforce resource, for example
https://acme-org.com
.
- entity
Id String - Arbitrary logical URL that identifies the Saleforce resource, for example
https://acme-org.com
.
- entity
Id string - Arbitrary logical URL that identifies the Saleforce resource, for example
https://acme-org.com
.
- entity_
id str - Arbitrary logical URL that identifies the Saleforce resource, for example
https://acme-org.com
.
- entity
Id String - Arbitrary logical URL that identifies the Saleforce resource, for example
https://acme-org.com
.
GetClientAddonSalesforceApi
- Client
Id string - Consumer Key assigned by Salesforce to the Connected App.
- Community
Name string - Community name.
- Community
Url stringSection - Community URL section.
- Principal string
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
- Client
Id string - Consumer Key assigned by Salesforce to the Connected App.
- Community
Name string - Community name.
- Community
Url stringSection - Community URL section.
- Principal string
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
- client
Id String - Consumer Key assigned by Salesforce to the Connected App.
- community
Name String - Community name.
- community
Url StringSection - Community URL section.
- principal String
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
- client
Id string - Consumer Key assigned by Salesforce to the Connected App.
- community
Name string - Community name.
- community
Url stringSection - Community URL section.
- principal string
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
- client_
id str - Consumer Key assigned by Salesforce to the Connected App.
- community_
name str - Community name.
- community_
url_ strsection - Community URL section.
- principal str
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
- client
Id String - Consumer Key assigned by Salesforce to the Connected App.
- community
Name String - Community name.
- community
Url StringSection - Community URL section.
- principal String
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
GetClientAddonSalesforceSandboxApi
- Client
Id string - Consumer Key assigned by Salesforce to the Connected App.
- Community
Name string - Community name.
- Community
Url stringSection - Community URL section.
- Principal string
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
- Client
Id string - Consumer Key assigned by Salesforce to the Connected App.
- Community
Name string - Community name.
- Community
Url stringSection - Community URL section.
- Principal string
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
- client
Id String - Consumer Key assigned by Salesforce to the Connected App.
- community
Name String - Community name.
- community
Url StringSection - Community URL section.
- principal String
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
- client
Id string - Consumer Key assigned by Salesforce to the Connected App.
- community
Name string - Community name.
- community
Url stringSection - Community URL section.
- principal string
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
- client_
id str - Consumer Key assigned by Salesforce to the Connected App.
- community_
name str - Community name.
- community_
url_ strsection - Community URL section.
- principal str
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
- client
Id String - Consumer Key assigned by Salesforce to the Connected App.
- community
Name String - Community name.
- community
Url StringSection - Community URL section.
- principal String
- Name of the property in the user object that maps to a Salesforce username, for example
email
.
GetClientAddonSamlp
- Audience string
- Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- Authn
Context stringClass Ref - Class reference of the authentication context.
- Binding string
- Protocol binding used for SAML logout responses.
- Create
Upn boolClaim - Indicates whether a UPN claim should be created. Defaults to
true
. - Destination string
- Destination of the SAML Response. If not specified, it will be
AssertionConsumerUrl
of SAMLRequest or callback URL if there was no SAMLRequest. - Digest
Algorithm string - Algorithm used to calculate the digest of the SAML Assertion or response. Options include
sha1
andsha256
. Defaults tosha1
. - Include
Attribute boolName Format - Indicates whether or not we should infer the NameFormat based on the attribute name. If set to
false
, the attribute NameFormat is not set in the assertion. Defaults totrue
. - Issuer string
- Issuer of the SAML Assertion.
- Lifetime
In intSeconds - Number of seconds during which the token is valid. Defaults to
3600
seconds. - Logouts
List<Get
Client Addon Samlp Logout> - Configuration settings for logout.
- Map
Identities bool - Indicates whether or not to add additional identity information in the token, such as the provider used and the
access_token
, if available. Defaults totrue
. - Map
Unknown boolClaims As Is - Indicates whether to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults tofalse
. - Mappings Dictionary<string, string>
- Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
). - Name
Identifier stringFormat - Format of the name identifier. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - Name
Identifier List<string>Probes - Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- Passthrough
Claims boolWith No Mapping - Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to
true
. - Recipient string
- Recipient of the SAML Assertion (SubjectConfirmationData). Default is
AssertionConsumerUrl
on SAMLRequest or callback URL if no SAMLRequest was sent. - Sign
Response bool - Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- Signature
Algorithm string - Algorithm used to sign the SAML Assertion or response. Options include
rsa-sha1
andrsa-sha256
. Defaults torsa-sha1
. - Signing
Cert string - Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
. - Typed
Attributes bool - Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set tofalse
, allxs:type
arexs:anyType
. Defaults totrue
.
- Audience string
- Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- Authn
Context stringClass Ref - Class reference of the authentication context.
- Binding string
- Protocol binding used for SAML logout responses.
- Create
Upn boolClaim - Indicates whether a UPN claim should be created. Defaults to
true
. - Destination string
- Destination of the SAML Response. If not specified, it will be
AssertionConsumerUrl
of SAMLRequest or callback URL if there was no SAMLRequest. - Digest
Algorithm string - Algorithm used to calculate the digest of the SAML Assertion or response. Options include
sha1
andsha256
. Defaults tosha1
. - Include
Attribute boolName Format - Indicates whether or not we should infer the NameFormat based on the attribute name. If set to
false
, the attribute NameFormat is not set in the assertion. Defaults totrue
. - Issuer string
- Issuer of the SAML Assertion.
- Lifetime
In intSeconds - Number of seconds during which the token is valid. Defaults to
3600
seconds. - Logouts
[]Get
Client Addon Samlp Logout - Configuration settings for logout.
- Map
Identities bool - Indicates whether or not to add additional identity information in the token, such as the provider used and the
access_token
, if available. Defaults totrue
. - Map
Unknown boolClaims As Is - Indicates whether to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults tofalse
. - Mappings map[string]string
- Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
). - Name
Identifier stringFormat - Format of the name identifier. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - Name
Identifier []stringProbes - Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- Passthrough
Claims boolWith No Mapping - Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to
true
. - Recipient string
- Recipient of the SAML Assertion (SubjectConfirmationData). Default is
AssertionConsumerUrl
on SAMLRequest or callback URL if no SAMLRequest was sent. - Sign
Response bool - Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- Signature
Algorithm string - Algorithm used to sign the SAML Assertion or response. Options include
rsa-sha1
andrsa-sha256
. Defaults torsa-sha1
. - Signing
Cert string - Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
. - Typed
Attributes bool - Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set tofalse
, allxs:type
arexs:anyType
. Defaults totrue
.
- audience String
- Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- authn
Context StringClass Ref - Class reference of the authentication context.
- binding String
- Protocol binding used for SAML logout responses.
- create
Upn BooleanClaim - Indicates whether a UPN claim should be created. Defaults to
true
. - destination String
- Destination of the SAML Response. If not specified, it will be
AssertionConsumerUrl
of SAMLRequest or callback URL if there was no SAMLRequest. - digest
Algorithm String - Algorithm used to calculate the digest of the SAML Assertion or response. Options include
sha1
andsha256
. Defaults tosha1
. - include
Attribute BooleanName Format - Indicates whether or not we should infer the NameFormat based on the attribute name. If set to
false
, the attribute NameFormat is not set in the assertion. Defaults totrue
. - issuer String
- Issuer of the SAML Assertion.
- lifetime
In IntegerSeconds - Number of seconds during which the token is valid. Defaults to
3600
seconds. - logouts
List<Get
Client Addon Samlp Logout> - Configuration settings for logout.
- map
Identities Boolean - Indicates whether or not to add additional identity information in the token, such as the provider used and the
access_token
, if available. Defaults totrue
. - map
Unknown BooleanClaims As Is - Indicates whether to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults tofalse
. - mappings Map<String,String>
- Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
). - name
Identifier StringFormat - Format of the name identifier. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - name
Identifier List<String>Probes - Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- passthrough
Claims BooleanWith No Mapping - Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to
true
. - recipient String
- Recipient of the SAML Assertion (SubjectConfirmationData). Default is
AssertionConsumerUrl
on SAMLRequest or callback URL if no SAMLRequest was sent. - sign
Response Boolean - Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- signature
Algorithm String - Algorithm used to sign the SAML Assertion or response. Options include
rsa-sha1
andrsa-sha256
. Defaults torsa-sha1
. - signing
Cert String - Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
. - typed
Attributes Boolean - Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set tofalse
, allxs:type
arexs:anyType
. Defaults totrue
.
- audience string
- Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- authn
Context stringClass Ref - Class reference of the authentication context.
- binding string
- Protocol binding used for SAML logout responses.
- create
Upn booleanClaim - Indicates whether a UPN claim should be created. Defaults to
true
. - destination string
- Destination of the SAML Response. If not specified, it will be
AssertionConsumerUrl
of SAMLRequest or callback URL if there was no SAMLRequest. - digest
Algorithm string - Algorithm used to calculate the digest of the SAML Assertion or response. Options include
sha1
andsha256
. Defaults tosha1
. - include
Attribute booleanName Format - Indicates whether or not we should infer the NameFormat based on the attribute name. If set to
false
, the attribute NameFormat is not set in the assertion. Defaults totrue
. - issuer string
- Issuer of the SAML Assertion.
- lifetime
In numberSeconds - Number of seconds during which the token is valid. Defaults to
3600
seconds. - logouts
Get
Client Addon Samlp Logout[] - Configuration settings for logout.
- map
Identities boolean - Indicates whether or not to add additional identity information in the token, such as the provider used and the
access_token
, if available. Defaults totrue
. - map
Unknown booleanClaims As Is - Indicates whether to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults tofalse
. - mappings {[key: string]: string}
- Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
). - name
Identifier stringFormat - Format of the name identifier. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - name
Identifier string[]Probes - Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- passthrough
Claims booleanWith No Mapping - Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to
true
. - recipient string
- Recipient of the SAML Assertion (SubjectConfirmationData). Default is
AssertionConsumerUrl
on SAMLRequest or callback URL if no SAMLRequest was sent. - sign
Response boolean - Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- signature
Algorithm string - Algorithm used to sign the SAML Assertion or response. Options include
rsa-sha1
andrsa-sha256
. Defaults torsa-sha1
. - signing
Cert string - Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
. - typed
Attributes boolean - Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set tofalse
, allxs:type
arexs:anyType
. Defaults totrue
.
- audience str
- Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- authn_
context_ strclass_ ref - Class reference of the authentication context.
- binding str
- Protocol binding used for SAML logout responses.
- create_
upn_ boolclaim - Indicates whether a UPN claim should be created. Defaults to
true
. - destination str
- Destination of the SAML Response. If not specified, it will be
AssertionConsumerUrl
of SAMLRequest or callback URL if there was no SAMLRequest. - digest_
algorithm str - Algorithm used to calculate the digest of the SAML Assertion or response. Options include
sha1
andsha256
. Defaults tosha1
. - include_
attribute_ boolname_ format - Indicates whether or not we should infer the NameFormat based on the attribute name. If set to
false
, the attribute NameFormat is not set in the assertion. Defaults totrue
. - issuer str
- Issuer of the SAML Assertion.
- lifetime_
in_ intseconds - Number of seconds during which the token is valid. Defaults to
3600
seconds. - logouts
Sequence[Get
Client Addon Samlp Logout] - Configuration settings for logout.
- map_
identities bool - Indicates whether or not to add additional identity information in the token, such as the provider used and the
access_token
, if available. Defaults totrue
. - map_
unknown_ boolclaims_ as_ is - Indicates whether to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults tofalse
. - mappings Mapping[str, str]
- Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
). - name_
identifier_ strformat - Format of the name identifier. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - name_
identifier_ Sequence[str]probes - Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- passthrough_
claims_ boolwith_ no_ mapping - Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to
true
. - recipient str
- Recipient of the SAML Assertion (SubjectConfirmationData). Default is
AssertionConsumerUrl
on SAMLRequest or callback URL if no SAMLRequest was sent. - sign_
response bool - Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- signature_
algorithm str - Algorithm used to sign the SAML Assertion or response. Options include
rsa-sha1
andrsa-sha256
. Defaults torsa-sha1
. - signing_
cert str - Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
. - typed_
attributes bool - Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set tofalse
, allxs:type
arexs:anyType
. Defaults totrue
.
- audience String
- Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
- authn
Context StringClass Ref - Class reference of the authentication context.
- binding String
- Protocol binding used for SAML logout responses.
- create
Upn BooleanClaim - Indicates whether a UPN claim should be created. Defaults to
true
. - destination String
- Destination of the SAML Response. If not specified, it will be
AssertionConsumerUrl
of SAMLRequest or callback URL if there was no SAMLRequest. - digest
Algorithm String - Algorithm used to calculate the digest of the SAML Assertion or response. Options include
sha1
andsha256
. Defaults tosha1
. - include
Attribute BooleanName Format - Indicates whether or not we should infer the NameFormat based on the attribute name. If set to
false
, the attribute NameFormat is not set in the assertion. Defaults totrue
. - issuer String
- Issuer of the SAML Assertion.
- lifetime
In NumberSeconds - Number of seconds during which the token is valid. Defaults to
3600
seconds. - logouts List<Property Map>
- Configuration settings for logout.
- map
Identities Boolean - Indicates whether or not to add additional identity information in the token, such as the provider used and the
access_token
, if available. Defaults totrue
. - map
Unknown BooleanClaims As Is - Indicates whether to add a prefix of
http://schema.auth0.com
to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults tofalse
. - mappings Map<String>
- Mappings between the Auth0 user profile property name (
name
) and the output attributes on the SAML attribute in the assertion (value
). - name
Identifier StringFormat - Format of the name identifier. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - name
Identifier List<String>Probes - Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
- passthrough
Claims BooleanWith No Mapping - Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to
true
. - recipient String
- Recipient of the SAML Assertion (SubjectConfirmationData). Default is
AssertionConsumerUrl
on SAMLRequest or callback URL if no SAMLRequest was sent. - sign
Response Boolean - Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
- signature
Algorithm String - Algorithm used to sign the SAML Assertion or response. Options include
rsa-sha1
andrsa-sha256
. Defaults torsa-sha1
. - signing
Cert String - Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be
-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n
. - typed
Attributes Boolean - Indicates whether or not we should infer the
xs:type
of the element. Types includexs:string
,xs:boolean
,xs:double
, andxs:anyType
. When set tofalse
, allxs:type
arexs:anyType
. Defaults totrue
.
GetClientAddonSamlpLogout
- Callback string
- The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
- Slo
Enabled bool - Controls whether Auth0 should notify service providers of session termination.
- Callback string
- The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
- Slo
Enabled bool - Controls whether Auth0 should notify service providers of session termination.
- callback String
- The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
- slo
Enabled Boolean - Controls whether Auth0 should notify service providers of session termination.
- callback string
- The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
- slo
Enabled boolean - Controls whether Auth0 should notify service providers of session termination.
- callback str
- The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
- slo_
enabled bool - Controls whether Auth0 should notify service providers of session termination.
- callback String
- The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
- slo
Enabled Boolean - Controls whether Auth0 should notify service providers of session termination.
GetClientAddonSapApi
- Client
Id string - If activated in the OAuth 2.0 client configuration (transaction
SOAUTH2) the SAML attribute
client_idmust be set and equal the
client_id` form parameter of the access token request. - Name
Identifier stringFormat - NameID element of the Subject which can be used to express the user's identity. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - Scope string
- Requested scope for SAP APIs.
- Service
Password string - Service account password to use to authenticate API calls to the token endpoint.
- Token
Endpoint stringUrl - The OAuth2 token endpoint URL of your SAP OData server.
- Username
Attribute string - Name of the property in the user object that maps to a SAP username, for example
email
.
- Client
Id string - If activated in the OAuth 2.0 client configuration (transaction
SOAUTH2) the SAML attribute
client_idmust be set and equal the
client_id` form parameter of the access token request. - Name
Identifier stringFormat - NameID element of the Subject which can be used to express the user's identity. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - Scope string
- Requested scope for SAP APIs.
- Service
Password string - Service account password to use to authenticate API calls to the token endpoint.
- Token
Endpoint stringUrl - The OAuth2 token endpoint URL of your SAP OData server.
- Username
Attribute string - Name of the property in the user object that maps to a SAP username, for example
email
.
- client
Id String - If activated in the OAuth 2.0 client configuration (transaction
SOAUTH2) the SAML attribute
client_idmust be set and equal the
client_id` form parameter of the access token request. - name
Identifier StringFormat - NameID element of the Subject which can be used to express the user's identity. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - scope String
- Requested scope for SAP APIs.
- service
Password String - Service account password to use to authenticate API calls to the token endpoint.
- token
Endpoint StringUrl - The OAuth2 token endpoint URL of your SAP OData server.
- username
Attribute String - Name of the property in the user object that maps to a SAP username, for example
email
.
- client
Id string - If activated in the OAuth 2.0 client configuration (transaction
SOAUTH2) the SAML attribute
client_idmust be set and equal the
client_id` form parameter of the access token request. - name
Identifier stringFormat - NameID element of the Subject which can be used to express the user's identity. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - scope string
- Requested scope for SAP APIs.
- service
Password string - Service account password to use to authenticate API calls to the token endpoint.
- token
Endpoint stringUrl - The OAuth2 token endpoint URL of your SAP OData server.
- username
Attribute string - Name of the property in the user object that maps to a SAP username, for example
email
.
- client_
id str - If activated in the OAuth 2.0 client configuration (transaction
SOAUTH2) the SAML attribute
client_idmust be set and equal the
client_id` form parameter of the access token request. - name_
identifier_ strformat - NameID element of the Subject which can be used to express the user's identity. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - scope str
- Requested scope for SAP APIs.
- service_
password str - Service account password to use to authenticate API calls to the token endpoint.
- token_
endpoint_ strurl - The OAuth2 token endpoint URL of your SAP OData server.
- username_
attribute str - Name of the property in the user object that maps to a SAP username, for example
email
.
- client
Id String - If activated in the OAuth 2.0 client configuration (transaction
SOAUTH2) the SAML attribute
client_idmust be set and equal the
client_id` form parameter of the access token request. - name
Identifier StringFormat - NameID element of the Subject which can be used to express the user's identity. Defaults to
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
. - scope String
- Requested scope for SAP APIs.
- service
Password String - Service account password to use to authenticate API calls to the token endpoint.
- token
Endpoint StringUrl - The OAuth2 token endpoint URL of your SAP OData server.
- username
Attribute String - Name of the property in the user object that maps to a SAP username, for example
email
.
GetClientAddonSentry
GetClientAddonSharepoint
- External
Urls List<string> - External SharePoint application URLs if exposed to the Internet.
- Url string
- Internal SharePoint application URL.
- External
Urls []string - External SharePoint application URLs if exposed to the Internet.
- Url string
- Internal SharePoint application URL.
- external
Urls List<String> - External SharePoint application URLs if exposed to the Internet.
- url String
- Internal SharePoint application URL.
- external
Urls string[] - External SharePoint application URLs if exposed to the Internet.
- url string
- Internal SharePoint application URL.
- external_
urls Sequence[str] - External SharePoint application URLs if exposed to the Internet.
- url str
- Internal SharePoint application URL.
- external
Urls List<String> - External SharePoint application URLs if exposed to the Internet.
- url String
- Internal SharePoint application URL.
GetClientAddonSlack
- Team string
- Slack team name.
- Team string
- Slack team name.
- team String
- Slack team name.
- team string
- Slack team name.
- team str
- Slack team name.
- team String
- Slack team name.
GetClientAddonSpringcm
- Acs
Url string - SpringCM ACS URL, for example
https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx
.
- Acs
Url string - SpringCM ACS URL, for example
https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx
.
- acs
Url String - SpringCM ACS URL, for example
https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx
.
- acs
Url string - SpringCM ACS URL, for example
https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx
.
- acs_
url str - SpringCM ACS URL, for example
https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx
.
- acs
Url String - SpringCM ACS URL, for example
https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx
.
GetClientAddonSsoIntegration
GetClientAddonWam
- Master
Key string - Your master key for Windows Azure Mobile Services.
- Master
Key string - Your master key for Windows Azure Mobile Services.
- master
Key String - Your master key for Windows Azure Mobile Services.
- master
Key string - Your master key for Windows Azure Mobile Services.
- master_
key str - Your master key for Windows Azure Mobile Services.
- master
Key String - Your master key for Windows Azure Mobile Services.
GetClientAddonZendesk
- Account
Name string - Zendesk account name. Usually the first segment in your Zendesk URL, for example
https://acme-org.zendesk.com
would beacme-org
.
- Account
Name string - Zendesk account name. Usually the first segment in your Zendesk URL, for example
https://acme-org.zendesk.com
would beacme-org
.
- account
Name String - Zendesk account name. Usually the first segment in your Zendesk URL, for example
https://acme-org.zendesk.com
would beacme-org
.
- account
Name string - Zendesk account name. Usually the first segment in your Zendesk URL, for example
https://acme-org.zendesk.com
would beacme-org
.
- account_
name str - Zendesk account name. Usually the first segment in your Zendesk URL, for example
https://acme-org.zendesk.com
would beacme-org
.
- account
Name String - Zendesk account name. Usually the first segment in your Zendesk URL, for example
https://acme-org.zendesk.com
would beacme-org
.
GetClientAddonZoom
- Account string
- Zoom account name. Usually the first segment of your Zoom URL, for example
https://acme-org.zoom.us
would beacme-org
.
- Account string
- Zoom account name. Usually the first segment of your Zoom URL, for example
https://acme-org.zoom.us
would beacme-org
.
- account String
- Zoom account name. Usually the first segment of your Zoom URL, for example
https://acme-org.zoom.us
would beacme-org
.
- account string
- Zoom account name. Usually the first segment of your Zoom URL, for example
https://acme-org.zoom.us
would beacme-org
.
- account str
- Zoom account name. Usually the first segment of your Zoom URL, for example
https://acme-org.zoom.us
would beacme-org
.
- account String
- Zoom account name. Usually the first segment of your Zoom URL, for example
https://acme-org.zoom.us
would beacme-org
.
GetClientDefaultOrganization
- Disable bool
- If set, the
default_organization
will be removed. - Flows List<string>
- Definition of the flow that needs to be configured. Eg. client_credentials
- Organization
Id string - The unique identifier of the organization
- Disable bool
- If set, the
default_organization
will be removed. - Flows []string
- Definition of the flow that needs to be configured. Eg. client_credentials
- Organization
Id string - The unique identifier of the organization
- disable Boolean
- If set, the
default_organization
will be removed. - flows List<String>
- Definition of the flow that needs to be configured. Eg. client_credentials
- organization
Id String - The unique identifier of the organization
- disable boolean
- If set, the
default_organization
will be removed. - flows string[]
- Definition of the flow that needs to be configured. Eg. client_credentials
- organization
Id string - The unique identifier of the organization
- disable bool
- If set, the
default_organization
will be removed. - flows Sequence[str]
- Definition of the flow that needs to be configured. Eg. client_credentials
- organization_
id str - The unique identifier of the organization
- disable Boolean
- If set, the
default_organization
will be removed. - flows List<String>
- Definition of the flow that needs to be configured. Eg. client_credentials
- organization
Id String - The unique identifier of the organization
GetClientJwtConfiguration
- Alg string
- Algorithm used to sign JWTs.
- Lifetime
In intSeconds - Number of seconds during which the JWT will be valid.
- Scopes Dictionary<string, string>
- Permissions (scopes) included in JWTs.
- Secret
Encoded bool - Indicates whether the client secret is Base64-encoded.
- Alg string
- Algorithm used to sign JWTs.
- Lifetime
In intSeconds - Number of seconds during which the JWT will be valid.
- Scopes map[string]string
- Permissions (scopes) included in JWTs.
- Secret
Encoded bool - Indicates whether the client secret is Base64-encoded.
- alg String
- Algorithm used to sign JWTs.
- lifetime
In IntegerSeconds - Number of seconds during which the JWT will be valid.
- scopes Map<String,String>
- Permissions (scopes) included in JWTs.
- secret
Encoded Boolean - Indicates whether the client secret is Base64-encoded.
- alg string
- Algorithm used to sign JWTs.
- lifetime
In numberSeconds - Number of seconds during which the JWT will be valid.
- scopes {[key: string]: string}
- Permissions (scopes) included in JWTs.
- secret
Encoded boolean - Indicates whether the client secret is Base64-encoded.
- alg str
- Algorithm used to sign JWTs.
- lifetime_
in_ intseconds - Number of seconds during which the JWT will be valid.
- scopes Mapping[str, str]
- Permissions (scopes) included in JWTs.
- secret_
encoded bool - Indicates whether the client secret is Base64-encoded.
- alg String
- Algorithm used to sign JWTs.
- lifetime
In NumberSeconds - Number of seconds during which the JWT will be valid.
- scopes Map<String>
- Permissions (scopes) included in JWTs.
- secret
Encoded Boolean - Indicates whether the client secret is Base64-encoded.
GetClientMobile
- Androids
List<Get
Client Mobile Android> - Configuration settings for Android native apps.
- Ios
List<Get
Client Mobile Io> - Configuration settings for i0S native apps.
- Androids
[]Get
Client Mobile Android - Configuration settings for Android native apps.
- Ios
[]Get
Client Mobile Io - Configuration settings for i0S native apps.
- androids
List<Get
Client Mobile Android> - Configuration settings for Android native apps.
- ios
List<Get
Client Mobile Io> - Configuration settings for i0S native apps.
- androids
Get
Client Mobile Android[] - Configuration settings for Android native apps.
- ios
Get
Client Mobile Io[] - Configuration settings for i0S native apps.
- androids
Sequence[Get
Client Mobile Android] - Configuration settings for Android native apps.
- ios
Sequence[Get
Client Mobile Io] - Configuration settings for i0S native apps.
- androids List<Property Map>
- Configuration settings for Android native apps.
- ios List<Property Map>
- Configuration settings for i0S native apps.
GetClientMobileAndroid
- App
Package stringName - Sha256Cert
Fingerprints List<string>
- App
Package stringName - Sha256Cert
Fingerprints []string
- app
Package StringName - sha256Cert
Fingerprints List<String>
- app
Package stringName - sha256Cert
Fingerprints string[]
- app_
package_ strname - sha256_
cert_ Sequence[str]fingerprints
- app
Package StringName - sha256Cert
Fingerprints List<String>
GetClientMobileIo
- App
Bundle stringIdentifier - Team
Id string
- App
Bundle stringIdentifier - Team
Id string
- app
Bundle StringIdentifier - team
Id String
- app
Bundle stringIdentifier - team
Id string
- app_
bundle_ stridentifier - team_
id str
- app
Bundle StringIdentifier - team
Id String
GetClientNativeSocialLogin
GetClientNativeSocialLoginApple
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
GetClientNativeSocialLoginFacebook
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
GetClientRefreshToken
- Expiration
Type string - Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
. - Idle
Token intLifetime - The time in seconds after which inactive refresh tokens will expire.
- Infinite
Idle boolToken Lifetime - Whether inactive refresh tokens should remain valid indefinitely.
- Infinite
Token boolLifetime - Whether refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set. - Leeway int
- The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
- Rotation
Type string - Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked. - Token
Lifetime int - The absolute lifetime of a refresh token in seconds.
- Expiration
Type string - Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
. - Idle
Token intLifetime - The time in seconds after which inactive refresh tokens will expire.
- Infinite
Idle boolToken Lifetime - Whether inactive refresh tokens should remain valid indefinitely.
- Infinite
Token boolLifetime - Whether refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set. - Leeway int
- The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
- Rotation
Type string - Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked. - Token
Lifetime int - The absolute lifetime of a refresh token in seconds.
- expiration
Type String - Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
. - idle
Token IntegerLifetime - The time in seconds after which inactive refresh tokens will expire.
- infinite
Idle BooleanToken Lifetime - Whether inactive refresh tokens should remain valid indefinitely.
- infinite
Token BooleanLifetime - Whether refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set. - leeway Integer
- The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
- rotation
Type String - Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked. - token
Lifetime Integer - The absolute lifetime of a refresh token in seconds.
- expiration
Type string - Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
. - idle
Token numberLifetime - The time in seconds after which inactive refresh tokens will expire.
- infinite
Idle booleanToken Lifetime - Whether inactive refresh tokens should remain valid indefinitely.
- infinite
Token booleanLifetime - Whether refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set. - leeway number
- The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
- rotation
Type string - Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked. - token
Lifetime number - The absolute lifetime of a refresh token in seconds.
- expiration_
type str - Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
. - idle_
token_ intlifetime - The time in seconds after which inactive refresh tokens will expire.
- infinite_
idle_ booltoken_ lifetime - Whether inactive refresh tokens should remain valid indefinitely.
- infinite_
token_ boollifetime - Whether refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set. - leeway int
- The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
- rotation_
type str - Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked. - token_
lifetime int - The absolute lifetime of a refresh token in seconds.
- expiration
Type String - Options include
expiring
,non-expiring
. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation isrotating
, this must be set toexpiring
. - idle
Token NumberLifetime - The time in seconds after which inactive refresh tokens will expire.
- infinite
Idle BooleanToken Lifetime - Whether inactive refresh tokens should remain valid indefinitely.
- infinite
Token BooleanLifetime - Whether refresh tokens should remain valid indefinitely. If false,
token_lifetime
should also be set. - leeway Number
- The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
- rotation
Type String - Options include
rotating
,non-rotating
. Whenrotating
, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked. - token
Lifetime Number - The absolute lifetime of a refresh token in seconds.
Package Details
- Repository
- Auth0 pulumi/pulumi-auth0
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
auth0
Terraform Provider.