auth0.getTenant

func LookupTenant(ctx *Context, opts ...InvokeOption) (*LookupTenantResult, error)
func LookupTenantOutput(ctx *Context, opts ...InvokeOption) LookupTenantResultOutput

> Note: This function is named LookupTenant in the Go SDK.

AcrValuesSupporteds List<string>

List of supported ACR values.

AllowOrganizationNameInAuthenticationApi bool

Whether to accept an organization name instead of an ID on auth endpoints.

AllowedLogoutUrls List<string>

URLs that Auth0 may redirect to after logout.

CustomizeMfaInPostloginAction bool

Whether to enable flexible factors for MFA in the PostLogin action.

DefaultAudience string

API Audience to use by default for API Authorization flows. This setting is equivalent to appending the audience to every authorization request made to the tenant for every application.

DefaultDirectory string

Name of the connection to be used for Password Grant exchanges. Options include auth0-adldap, ad, auth0, email, sms, waad, and adfs.

DefaultRedirectionUri string

The default absolute redirection URI. Must be HTTPS or an empty string.

DefaultTokenQuotas List<GetTenantDefaultTokenQuota>

Token Quota configuration.

DisableAcrValuesSupported bool

Disable list of supported ACR values.

Domain string

Your Auth0 domain name.

EnabledLocales List<string>

Supported locales for the user interface. The first locale in the list will be used to set the default locale.

ErrorPages List<GetTenantErrorPage>

Configuration for the error page

Flags List<GetTenantFlag>

Configuration settings for tenant flags.

FriendlyName string

Friendly name for the tenant.

Id string

The provider-assigned unique ID for this managed resource.

IdleSessionLifetime double

Number of hours during which a session can be inactive before the user must log in again.

ManagementApiIdentifier string

The identifier value of the built-in Management API resource server, which can be used as an audience when configuring client grants.

Mtls List<GetTenantMtl>

Configuration for mTLS.

OidcLogouts List<GetTenantOidcLogout>

Settings related to OIDC RP-initiated Logout.

PictureUrl string

URL of logo to be shown for the tenant. Recommended size is 150px x 150px. If no URL is provided, the Auth0 logo will be used.

PushedAuthorizationRequestsSupported bool

Enable pushed authorization requests.

SandboxVersion string

Selected sandbox version for the extensibility environment, which allows you to use custom scripts to extend parts of Auth0's functionality.

SessionCookies List<GetTenantSessionCooky>

Alters behavior of tenant's session cookie. Contains a single mode property.

SessionLifetime double

Number of hours during which a session will stay valid.

Sessions List<GetTenantSession>

Sessions related settings for the tenant.

SupportEmail string

Support email address for authenticating users.

SupportUrl string

Support URL for authenticating users.

AcrValuesSupporteds []string

List of supported ACR values.

AllowOrganizationNameInAuthenticationApi bool

Whether to accept an organization name instead of an ID on auth endpoints.

AllowedLogoutUrls []string

URLs that Auth0 may redirect to after logout.

CustomizeMfaInPostloginAction bool

Whether to enable flexible factors for MFA in the PostLogin action.

DefaultAudience string

API Audience to use by default for API Authorization flows. This setting is equivalent to appending the audience to every authorization request made to the tenant for every application.

DefaultDirectory string

Name of the connection to be used for Password Grant exchanges. Options include auth0-adldap, ad, auth0, email, sms, waad, and adfs.

DefaultRedirectionUri string

The default absolute redirection URI. Must be HTTPS or an empty string.

DefaultTokenQuotas []GetTenantDefaultTokenQuota

Token Quota configuration.

DisableAcrValuesSupported bool

Disable list of supported ACR values.

Domain string

Your Auth0 domain name.

EnabledLocales []string

Supported locales for the user interface. The first locale in the list will be used to set the default locale.

ErrorPages []GetTenantErrorPage

Configuration for the error page

Flags []GetTenantFlag

Configuration settings for tenant flags.

FriendlyName string

Friendly name for the tenant.

Id string

The provider-assigned unique ID for this managed resource.

IdleSessionLifetime float64

Number of hours during which a session can be inactive before the user must log in again.

ManagementApiIdentifier string

The identifier value of the built-in Management API resource server, which can be used as an audience when configuring client grants.

Mtls []GetTenantMtl

Configuration for mTLS.

OidcLogouts []GetTenantOidcLogout

Settings related to OIDC RP-initiated Logout.

PictureUrl string

URL of logo to be shown for the tenant. Recommended size is 150px x 150px. If no URL is provided, the Auth0 logo will be used.

PushedAuthorizationRequestsSupported bool

Enable pushed authorization requests.

SandboxVersion string

Selected sandbox version for the extensibility environment, which allows you to use custom scripts to extend parts of Auth0's functionality.

SessionCookies []GetTenantSessionCooky

Alters behavior of tenant's session cookie. Contains a single mode property.

SessionLifetime float64

Number of hours during which a session will stay valid.

Sessions []GetTenantSession

Sessions related settings for the tenant.

SupportEmail string

Support email address for authenticating users.

SupportUrl string

Support URL for authenticating users.

acrValuesSupporteds List<String>

List of supported ACR values.

allowOrganizationNameInAuthenticationApi Boolean

Whether to accept an organization name instead of an ID on auth endpoints.

allowedLogoutUrls List<String>

URLs that Auth0 may redirect to after logout.

customizeMfaInPostloginAction Boolean

Whether to enable flexible factors for MFA in the PostLogin action.

defaultAudience String

API Audience to use by default for API Authorization flows. This setting is equivalent to appending the audience to every authorization request made to the tenant for every application.

defaultDirectory String

Name of the connection to be used for Password Grant exchanges. Options include auth0-adldap, ad, auth0, email, sms, waad, and adfs.

defaultRedirectionUri String

The default absolute redirection URI. Must be HTTPS or an empty string.

defaultTokenQuotas List<GetTenantDefaultTokenQuota>

Token Quota configuration.

disableAcrValuesSupported Boolean

Disable list of supported ACR values.

domain String

Your Auth0 domain name.

enabledLocales List<String>

Supported locales for the user interface. The first locale in the list will be used to set the default locale.

errorPages List<GetTenantErrorPage>

Configuration for the error page

flags List<GetTenantFlag>

Configuration settings for tenant flags.

friendlyName String

Friendly name for the tenant.

id String

The provider-assigned unique ID for this managed resource.

idleSessionLifetime Double

Number of hours during which a session can be inactive before the user must log in again.

managementApiIdentifier String

The identifier value of the built-in Management API resource server, which can be used as an audience when configuring client grants.

mtls List<GetTenantMtl>

Configuration for mTLS.

oidcLogouts List<GetTenantOidcLogout>

Settings related to OIDC RP-initiated Logout.

pictureUrl String

URL of logo to be shown for the tenant. Recommended size is 150px x 150px. If no URL is provided, the Auth0 logo will be used.

pushedAuthorizationRequestsSupported Boolean

Enable pushed authorization requests.

sandboxVersion String

Selected sandbox version for the extensibility environment, which allows you to use custom scripts to extend parts of Auth0's functionality.

sessionCookies List<GetTenantSessionCooky>

Alters behavior of tenant's session cookie. Contains a single mode property.

sessionLifetime Double

Number of hours during which a session will stay valid.

sessions List<GetTenantSession>

Sessions related settings for the tenant.

supportEmail String

Support email address for authenticating users.

supportUrl String

Support URL for authenticating users.

acrValuesSupporteds string[]

List of supported ACR values.

allowOrganizationNameInAuthenticationApi boolean

Whether to accept an organization name instead of an ID on auth endpoints.

allowedLogoutUrls string[]

URLs that Auth0 may redirect to after logout.

customizeMfaInPostloginAction boolean

Whether to enable flexible factors for MFA in the PostLogin action.

defaultAudience string

API Audience to use by default for API Authorization flows. This setting is equivalent to appending the audience to every authorization request made to the tenant for every application.

defaultDirectory string

Name of the connection to be used for Password Grant exchanges. Options include auth0-adldap, ad, auth0, email, sms, waad, and adfs.

defaultRedirectionUri string

The default absolute redirection URI. Must be HTTPS or an empty string.

defaultTokenQuotas GetTenantDefaultTokenQuota[]

Token Quota configuration.

disableAcrValuesSupported boolean

Disable list of supported ACR values.

domain string

Your Auth0 domain name.

enabledLocales string[]

Supported locales for the user interface. The first locale in the list will be used to set the default locale.

errorPages GetTenantErrorPage[]

Configuration for the error page

flags GetTenantFlag[]

Configuration settings for tenant flags.

friendlyName string

Friendly name for the tenant.

id string

The provider-assigned unique ID for this managed resource.

idleSessionLifetime number

Number of hours during which a session can be inactive before the user must log in again.

managementApiIdentifier string

The identifier value of the built-in Management API resource server, which can be used as an audience when configuring client grants.

mtls GetTenantMtl[]

Configuration for mTLS.

oidcLogouts GetTenantOidcLogout[]

Settings related to OIDC RP-initiated Logout.

pictureUrl string

URL of logo to be shown for the tenant. Recommended size is 150px x 150px. If no URL is provided, the Auth0 logo will be used.

pushedAuthorizationRequestsSupported boolean

Enable pushed authorization requests.

sandboxVersion string

Selected sandbox version for the extensibility environment, which allows you to use custom scripts to extend parts of Auth0's functionality.

sessionCookies GetTenantSessionCooky[]

Alters behavior of tenant's session cookie. Contains a single mode property.

sessionLifetime number

Number of hours during which a session will stay valid.

sessions GetTenantSession[]

Sessions related settings for the tenant.

supportEmail string

Support email address for authenticating users.

supportUrl string

Support URL for authenticating users.

acr_values_supporteds Sequence[str]

List of supported ACR values.

allow_organization_name_in_authentication_api bool

Whether to accept an organization name instead of an ID on auth endpoints.

allowed_logout_urls Sequence[str]

URLs that Auth0 may redirect to after logout.

customize_mfa_in_postlogin_action bool

Whether to enable flexible factors for MFA in the PostLogin action.

default_audience str

API Audience to use by default for API Authorization flows. This setting is equivalent to appending the audience to every authorization request made to the tenant for every application.

default_directory str

Name of the connection to be used for Password Grant exchanges. Options include auth0-adldap, ad, auth0, email, sms, waad, and adfs.

default_redirection_uri str

The default absolute redirection URI. Must be HTTPS or an empty string.

default_token_quotas Sequence[GetTenantDefaultTokenQuota]

Token Quota configuration.

disable_acr_values_supported bool

Disable list of supported ACR values.

domain str

Your Auth0 domain name.

enabled_locales Sequence[str]

Supported locales for the user interface. The first locale in the list will be used to set the default locale.

error_pages Sequence[GetTenantErrorPage]

Configuration for the error page

flags Sequence[GetTenantFlag]

Configuration settings for tenant flags.

friendly_name str

Friendly name for the tenant.

id str

The provider-assigned unique ID for this managed resource.

idle_session_lifetime float

Number of hours during which a session can be inactive before the user must log in again.

management_api_identifier str

The identifier value of the built-in Management API resource server, which can be used as an audience when configuring client grants.

mtls Sequence[GetTenantMtl]

Configuration for mTLS.

oidc_logouts Sequence[GetTenantOidcLogout]

Settings related to OIDC RP-initiated Logout.

picture_url str

URL of logo to be shown for the tenant. Recommended size is 150px x 150px. If no URL is provided, the Auth0 logo will be used.

pushed_authorization_requests_supported bool

Enable pushed authorization requests.

sandbox_version str

Selected sandbox version for the extensibility environment, which allows you to use custom scripts to extend parts of Auth0's functionality.

session_cookies Sequence[GetTenantSessionCooky]

Alters behavior of tenant's session cookie. Contains a single mode property.

session_lifetime float

Number of hours during which a session will stay valid.

sessions Sequence[GetTenantSession]

Sessions related settings for the tenant.

support_email str

Support email address for authenticating users.

support_url str

Support URL for authenticating users.

acrValuesSupporteds List<String>

List of supported ACR values.

allowOrganizationNameInAuthenticationApi Boolean

Whether to accept an organization name instead of an ID on auth endpoints.

allowedLogoutUrls List<String>

URLs that Auth0 may redirect to after logout.

customizeMfaInPostloginAction Boolean

Whether to enable flexible factors for MFA in the PostLogin action.

defaultAudience String

API Audience to use by default for API Authorization flows. This setting is equivalent to appending the audience to every authorization request made to the tenant for every application.

defaultDirectory String

Name of the connection to be used for Password Grant exchanges. Options include auth0-adldap, ad, auth0, email, sms, waad, and adfs.

defaultRedirectionUri String

The default absolute redirection URI. Must be HTTPS or an empty string.

defaultTokenQuotas List<Property Map>

Token Quota configuration.

disableAcrValuesSupported Boolean

Disable list of supported ACR values.

domain String

Your Auth0 domain name.

enabledLocales List<String>

Supported locales for the user interface. The first locale in the list will be used to set the default locale.

errorPages List<Property Map>

Configuration for the error page

flags List<Property Map>

Configuration settings for tenant flags.

friendlyName String

Friendly name for the tenant.

id String

The provider-assigned unique ID for this managed resource.

idleSessionLifetime Number

Number of hours during which a session can be inactive before the user must log in again.

managementApiIdentifier String

The identifier value of the built-in Management API resource server, which can be used as an audience when configuring client grants.

mtls List<Property Map>

Configuration for mTLS.

oidcLogouts List<Property Map>

Settings related to OIDC RP-initiated Logout.

pictureUrl String

URL of logo to be shown for the tenant. Recommended size is 150px x 150px. If no URL is provided, the Auth0 logo will be used.

pushedAuthorizationRequestsSupported Boolean

Enable pushed authorization requests.

sandboxVersion String

Selected sandbox version for the extensibility environment, which allows you to use custom scripts to extend parts of Auth0's functionality.

sessionCookies List<Property Map>

Alters behavior of tenant's session cookie. Contains a single mode property.

sessionLifetime Number

Number of hours during which a session will stay valid.

sessions List<Property Map>

Sessions related settings for the tenant.

supportEmail String

Support email address for authenticating users.

supportUrl String

Support URL for authenticating users.

Clients List<GetTenantDefaultTokenQuotaClient>

The token quota configuration.

Organizations List<GetTenantDefaultTokenQuotaOrganization>

The token quota configuration.

Clients []GetTenantDefaultTokenQuotaClient

The token quota configuration.

Organizations []GetTenantDefaultTokenQuotaOrganization

The token quota configuration.

clients List<GetTenantDefaultTokenQuotaClient>

The token quota configuration.

organizations List<GetTenantDefaultTokenQuotaOrganization>

The token quota configuration.

clients GetTenantDefaultTokenQuotaClient[]

The token quota configuration.

organizations GetTenantDefaultTokenQuotaOrganization[]

The token quota configuration.

clients Sequence[GetTenantDefaultTokenQuotaClient]

The token quota configuration.

organizations Sequence[GetTenantDefaultTokenQuotaOrganization]

The token quota configuration.

clients List<Property Map>

The token quota configuration.

organizations List<Property Map>

The token quota configuration.

ClientCredentials List<GetTenantDefaultTokenQuotaClientClientCredential>

The token quota configuration for client credentials.

ClientCredentials []GetTenantDefaultTokenQuotaClientClientCredential

The token quota configuration for client credentials.

clientCredentials List<GetTenantDefaultTokenQuotaClientClientCredential>

The token quota configuration for client credentials.

clientCredentials GetTenantDefaultTokenQuotaClientClientCredential[]

The token quota configuration for client credentials.

client_credentials Sequence[GetTenantDefaultTokenQuotaClientClientCredential]

The token quota configuration for client credentials.

clientCredentials List<Property Map>

The token quota configuration for client credentials.

Enforce bool

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

PerDay int

Maximum number of issued tokens per day

PerHour int

Maximum number of issued tokens per hour

Enforce bool

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

PerDay int

Maximum number of issued tokens per day

PerHour int

Maximum number of issued tokens per hour

enforce Boolean

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

perDay Integer

Maximum number of issued tokens per day

perHour Integer

Maximum number of issued tokens per hour

enforce boolean

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

perDay number

Maximum number of issued tokens per day

perHour number

Maximum number of issued tokens per hour

enforce bool

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

per_day int

Maximum number of issued tokens per day

per_hour int

Maximum number of issued tokens per hour

enforce Boolean

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

perDay Number

Maximum number of issued tokens per day

perHour Number

Maximum number of issued tokens per hour

ClientCredentials List<GetTenantDefaultTokenQuotaOrganizationClientCredential>

The token quota configuration for client credentials.

ClientCredentials []GetTenantDefaultTokenQuotaOrganizationClientCredential

The token quota configuration for client credentials.

clientCredentials List<GetTenantDefaultTokenQuotaOrganizationClientCredential>

The token quota configuration for client credentials.

clientCredentials GetTenantDefaultTokenQuotaOrganizationClientCredential[]

The token quota configuration for client credentials.

client_credentials Sequence[GetTenantDefaultTokenQuotaOrganizationClientCredential]

The token quota configuration for client credentials.

clientCredentials List<Property Map>

The token quota configuration for client credentials.

Enforce bool

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

PerDay int

Maximum number of issued tokens per day

PerHour int

Maximum number of issued tokens per hour

Enforce bool

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

PerDay int

Maximum number of issued tokens per day

PerHour int

Maximum number of issued tokens per hour

enforce Boolean

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

perDay Integer

Maximum number of issued tokens per day

perHour Integer

Maximum number of issued tokens per hour

enforce boolean

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

perDay number

Maximum number of issued tokens per day

perHour number

Maximum number of issued tokens per hour

enforce bool

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

per_day int

Maximum number of issued tokens per day

per_hour int

Maximum number of issued tokens per hour

enforce Boolean

If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs.

perDay Number

Maximum number of issued tokens per day

perHour Number

Maximum number of issued tokens per hour

Html string

Custom Error HTML (Liquid syntax is supported)

ShowLogLink bool

Whether to show the link to log as part of the default error page (true, default) or not to show the link (false).

Url string

URL to redirect to when an error occurs instead of showing the default error page

Html string

Custom Error HTML (Liquid syntax is supported)

ShowLogLink bool

Whether to show the link to log as part of the default error page (true, default) or not to show the link (false).

Url string

URL to redirect to when an error occurs instead of showing the default error page

html String

Custom Error HTML (Liquid syntax is supported)

showLogLink Boolean

Whether to show the link to log as part of the default error page (true, default) or not to show the link (false).

url String

URL to redirect to when an error occurs instead of showing the default error page

html string

Custom Error HTML (Liquid syntax is supported)

showLogLink boolean

Whether to show the link to log as part of the default error page (true, default) or not to show the link (false).

url string

URL to redirect to when an error occurs instead of showing the default error page

html str

Custom Error HTML (Liquid syntax is supported)

show_log_link bool

Whether to show the link to log as part of the default error page (true, default) or not to show the link (false).

url str

URL to redirect to when an error occurs instead of showing the default error page

html String

Custom Error HTML (Liquid syntax is supported)

showLogLink Boolean

Whether to show the link to log as part of the default error page (true, default) or not to show the link (false).

url String

URL to redirect to when an error occurs instead of showing the default error page

AllowLegacyDelegationGrantTypes bool

Whether the legacy delegation endpoint will be enabled for your account (true) or not available (false).

AllowLegacyRoGrantTypes bool

Whether the legacy auth/ro endpoint (used with resource owner password and passwordless features) will be enabled for your account (true) or not available (false).

AllowLegacyTokeninfoEndpoint bool

If enabled, customers can use Tokeninfo Endpoint, otherwise they can not use it.

DashboardInsightsView bool

Enables new insights activity page view.

DashboardLogStreamsNext bool

Enables beta access to log streaming changes.

DisableClickjackProtectionHeaders bool

Indicates whether classic Universal Login prompts include additional security headers to prevent clickjacking.

DisableFieldsMapFix bool

Disables SAML fields map fix for bad mappings with repeated attributes.

DisableManagementApiSmsObfuscation bool

If true, SMS phone numbers will not be obfuscated in Management API GET calls.

EnableAdfsWaadEmailVerification bool

If enabled, users will be presented with an email verification prompt during their first login when using Azure AD or ADFS connections.

EnableApisSection bool

Indicates whether the APIs section is enabled for the tenant.

EnableClientConnections bool

Indicates whether all current connections should be enabled when a new client is created.

EnableCustomDomainInEmails bool

Indicates whether the tenant allows custom domains in emails. Before enabling this flag, you must have a custom domain with status: ready.

EnableDynamicClientRegistration bool

Indicates whether the tenant allows dynamic client registration.

EnableIdtokenApi2 bool

Whether ID tokens can be used to authorize some types of requests to API v2 (true) or not (false).

EnableLegacyLogsSearchV2 bool

Indicates whether to use the older v2 legacy logs search.

EnableLegacyProfile bool

Whether ID tokens and the userinfo endpoint includes a complete user profile (true) or only OpenID Connect claims (false).

EnablePipeline2 bool

Indicates whether advanced API Authorization scenarios are enabled.

EnablePublicSignupUserExistsError bool

Indicates whether the public sign up process shows a user_exists error if the user already exists.

EnableSso bool

Flag indicating whether users will not be prompted to confirm log in before SSO redirection. This flag applies to existing tenants only; new tenants have it enforced as true.

MfaShowFactorListOnEnrollment bool

Used to allow users to pick which factor to enroll with from the list of available MFA factors.

NoDiscloseEnterpriseConnections bool

Do not Publish Enterprise Connections Information with IdP domains on the lock configuration file.

RemoveAlgFromJwks bool

Remove alg from jwks(JSON Web Key Sets).

RequirePushedAuthorizationRequests bool

This Flag is not supported by the Auth0 Management API and will be removed in the next major release.

RevokeRefreshTokenGrant bool

Delete underlying grant when a refresh token is revoked via the Authentication API.

UseScopeDescriptionsForConsent bool

Indicates whether to use scope descriptions for consent.

AllowLegacyDelegationGrantTypes bool

Whether the legacy delegation endpoint will be enabled for your account (true) or not available (false).

AllowLegacyRoGrantTypes bool

Whether the legacy auth/ro endpoint (used with resource owner password and passwordless features) will be enabled for your account (true) or not available (false).

AllowLegacyTokeninfoEndpoint bool

If enabled, customers can use Tokeninfo Endpoint, otherwise they can not use it.

DashboardInsightsView bool

Enables new insights activity page view.

DashboardLogStreamsNext bool

Enables beta access to log streaming changes.

DisableClickjackProtectionHeaders bool

Indicates whether classic Universal Login prompts include additional security headers to prevent clickjacking.

DisableFieldsMapFix bool

Disables SAML fields map fix for bad mappings with repeated attributes.

DisableManagementApiSmsObfuscation bool

If true, SMS phone numbers will not be obfuscated in Management API GET calls.

EnableAdfsWaadEmailVerification bool

If enabled, users will be presented with an email verification prompt during their first login when using Azure AD or ADFS connections.

EnableApisSection bool

Indicates whether the APIs section is enabled for the tenant.

EnableClientConnections bool

Indicates whether all current connections should be enabled when a new client is created.

EnableCustomDomainInEmails bool

Indicates whether the tenant allows custom domains in emails. Before enabling this flag, you must have a custom domain with status: ready.

EnableDynamicClientRegistration bool

Indicates whether the tenant allows dynamic client registration.

EnableIdtokenApi2 bool

Whether ID tokens can be used to authorize some types of requests to API v2 (true) or not (false).

EnableLegacyLogsSearchV2 bool

Indicates whether to use the older v2 legacy logs search.

EnableLegacyProfile bool

Whether ID tokens and the userinfo endpoint includes a complete user profile (true) or only OpenID Connect claims (false).

EnablePipeline2 bool

Indicates whether advanced API Authorization scenarios are enabled.

EnablePublicSignupUserExistsError bool

Indicates whether the public sign up process shows a user_exists error if the user already exists.

EnableSso bool

Flag indicating whether users will not be prompted to confirm log in before SSO redirection. This flag applies to existing tenants only; new tenants have it enforced as true.

MfaShowFactorListOnEnrollment bool

Used to allow users to pick which factor to enroll with from the list of available MFA factors.

NoDiscloseEnterpriseConnections bool

Do not Publish Enterprise Connections Information with IdP domains on the lock configuration file.

RemoveAlgFromJwks bool

Remove alg from jwks(JSON Web Key Sets).

RequirePushedAuthorizationRequests bool

This Flag is not supported by the Auth0 Management API and will be removed in the next major release.

RevokeRefreshTokenGrant bool

Delete underlying grant when a refresh token is revoked via the Authentication API.

UseScopeDescriptionsForConsent bool

Indicates whether to use scope descriptions for consent.

allowLegacyDelegationGrantTypes Boolean

Whether the legacy delegation endpoint will be enabled for your account (true) or not available (false).

allowLegacyRoGrantTypes Boolean

Whether the legacy auth/ro endpoint (used with resource owner password and passwordless features) will be enabled for your account (true) or not available (false).

allowLegacyTokeninfoEndpoint Boolean

If enabled, customers can use Tokeninfo Endpoint, otherwise they can not use it.

dashboardInsightsView Boolean

Enables new insights activity page view.

dashboardLogStreamsNext Boolean

Enables beta access to log streaming changes.

disableClickjackProtectionHeaders Boolean

Indicates whether classic Universal Login prompts include additional security headers to prevent clickjacking.

disableFieldsMapFix Boolean

Disables SAML fields map fix for bad mappings with repeated attributes.

disableManagementApiSmsObfuscation Boolean

If true, SMS phone numbers will not be obfuscated in Management API GET calls.

enableAdfsWaadEmailVerification Boolean

If enabled, users will be presented with an email verification prompt during their first login when using Azure AD or ADFS connections.

enableApisSection Boolean

Indicates whether the APIs section is enabled for the tenant.

enableClientConnections Boolean

Indicates whether all current connections should be enabled when a new client is created.

enableCustomDomainInEmails Boolean

Indicates whether the tenant allows custom domains in emails. Before enabling this flag, you must have a custom domain with status: ready.

enableDynamicClientRegistration Boolean

Indicates whether the tenant allows dynamic client registration.

enableIdtokenApi2 Boolean

Whether ID tokens can be used to authorize some types of requests to API v2 (true) or not (false).

enableLegacyLogsSearchV2 Boolean

Indicates whether to use the older v2 legacy logs search.

enableLegacyProfile Boolean

Whether ID tokens and the userinfo endpoint includes a complete user profile (true) or only OpenID Connect claims (false).

enablePipeline2 Boolean

Indicates whether advanced API Authorization scenarios are enabled.

enablePublicSignupUserExistsError Boolean

Indicates whether the public sign up process shows a user_exists error if the user already exists.

enableSso Boolean

Flag indicating whether users will not be prompted to confirm log in before SSO redirection. This flag applies to existing tenants only; new tenants have it enforced as true.

mfaShowFactorListOnEnrollment Boolean

Used to allow users to pick which factor to enroll with from the list of available MFA factors.

noDiscloseEnterpriseConnections Boolean

Do not Publish Enterprise Connections Information with IdP domains on the lock configuration file.

removeAlgFromJwks Boolean

Remove alg from jwks(JSON Web Key Sets).

requirePushedAuthorizationRequests Boolean

This Flag is not supported by the Auth0 Management API and will be removed in the next major release.

revokeRefreshTokenGrant Boolean

Delete underlying grant when a refresh token is revoked via the Authentication API.

useScopeDescriptionsForConsent Boolean

Indicates whether to use scope descriptions for consent.

allowLegacyDelegationGrantTypes boolean

Whether the legacy delegation endpoint will be enabled for your account (true) or not available (false).

allowLegacyRoGrantTypes boolean

Whether the legacy auth/ro endpoint (used with resource owner password and passwordless features) will be enabled for your account (true) or not available (false).

allowLegacyTokeninfoEndpoint boolean

If enabled, customers can use Tokeninfo Endpoint, otherwise they can not use it.

dashboardInsightsView boolean

Enables new insights activity page view.

dashboardLogStreamsNext boolean

Enables beta access to log streaming changes.

disableClickjackProtectionHeaders boolean

Indicates whether classic Universal Login prompts include additional security headers to prevent clickjacking.

disableFieldsMapFix boolean

Disables SAML fields map fix for bad mappings with repeated attributes.

disableManagementApiSmsObfuscation boolean

If true, SMS phone numbers will not be obfuscated in Management API GET calls.

enableAdfsWaadEmailVerification boolean

If enabled, users will be presented with an email verification prompt during their first login when using Azure AD or ADFS connections.

enableApisSection boolean

Indicates whether the APIs section is enabled for the tenant.

enableClientConnections boolean

Indicates whether all current connections should be enabled when a new client is created.

enableCustomDomainInEmails boolean

Indicates whether the tenant allows custom domains in emails. Before enabling this flag, you must have a custom domain with status: ready.

enableDynamicClientRegistration boolean

Indicates whether the tenant allows dynamic client registration.

enableIdtokenApi2 boolean

Whether ID tokens can be used to authorize some types of requests to API v2 (true) or not (false).

enableLegacyLogsSearchV2 boolean

Indicates whether to use the older v2 legacy logs search.

enableLegacyProfile boolean

Whether ID tokens and the userinfo endpoint includes a complete user profile (true) or only OpenID Connect claims (false).

enablePipeline2 boolean

Indicates whether advanced API Authorization scenarios are enabled.

enablePublicSignupUserExistsError boolean

Indicates whether the public sign up process shows a user_exists error if the user already exists.

enableSso boolean

Flag indicating whether users will not be prompted to confirm log in before SSO redirection. This flag applies to existing tenants only; new tenants have it enforced as true.

mfaShowFactorListOnEnrollment boolean

Used to allow users to pick which factor to enroll with from the list of available MFA factors.

noDiscloseEnterpriseConnections boolean

Do not Publish Enterprise Connections Information with IdP domains on the lock configuration file.

removeAlgFromJwks boolean

Remove alg from jwks(JSON Web Key Sets).

requirePushedAuthorizationRequests boolean

This Flag is not supported by the Auth0 Management API and will be removed in the next major release.

revokeRefreshTokenGrant boolean

Delete underlying grant when a refresh token is revoked via the Authentication API.

useScopeDescriptionsForConsent boolean

Indicates whether to use scope descriptions for consent.

allow_legacy_delegation_grant_types bool

Whether the legacy delegation endpoint will be enabled for your account (true) or not available (false).

allow_legacy_ro_grant_types bool

Whether the legacy auth/ro endpoint (used with resource owner password and passwordless features) will be enabled for your account (true) or not available (false).

allow_legacy_tokeninfo_endpoint bool

If enabled, customers can use Tokeninfo Endpoint, otherwise they can not use it.

dashboard_insights_view bool

Enables new insights activity page view.

dashboard_log_streams_next bool

Enables beta access to log streaming changes.

disable_clickjack_protection_headers bool

Indicates whether classic Universal Login prompts include additional security headers to prevent clickjacking.

disable_fields_map_fix bool

Disables SAML fields map fix for bad mappings with repeated attributes.

disable_management_api_sms_obfuscation bool

If true, SMS phone numbers will not be obfuscated in Management API GET calls.

enable_adfs_waad_email_verification bool

If enabled, users will be presented with an email verification prompt during their first login when using Azure AD or ADFS connections.

enable_apis_section bool

Indicates whether the APIs section is enabled for the tenant.

enable_client_connections bool

Indicates whether all current connections should be enabled when a new client is created.

enable_custom_domain_in_emails bool

Indicates whether the tenant allows custom domains in emails. Before enabling this flag, you must have a custom domain with status: ready.

enable_dynamic_client_registration bool

Indicates whether the tenant allows dynamic client registration.

enable_idtoken_api2 bool

Whether ID tokens can be used to authorize some types of requests to API v2 (true) or not (false).

enable_legacy_logs_search_v2 bool

Indicates whether to use the older v2 legacy logs search.

enable_legacy_profile bool

Whether ID tokens and the userinfo endpoint includes a complete user profile (true) or only OpenID Connect claims (false).

enable_pipeline2 bool

Indicates whether advanced API Authorization scenarios are enabled.

enable_public_signup_user_exists_error bool

Indicates whether the public sign up process shows a user_exists error if the user already exists.

enable_sso bool

Flag indicating whether users will not be prompted to confirm log in before SSO redirection. This flag applies to existing tenants only; new tenants have it enforced as true.

mfa_show_factor_list_on_enrollment bool

Used to allow users to pick which factor to enroll with from the list of available MFA factors.

no_disclose_enterprise_connections bool

Do not Publish Enterprise Connections Information with IdP domains on the lock configuration file.

remove_alg_from_jwks bool

Remove alg from jwks(JSON Web Key Sets).

require_pushed_authorization_requests bool

This Flag is not supported by the Auth0 Management API and will be removed in the next major release.

revoke_refresh_token_grant bool

Delete underlying grant when a refresh token is revoked via the Authentication API.

use_scope_descriptions_for_consent bool

Indicates whether to use scope descriptions for consent.

allowLegacyDelegationGrantTypes Boolean

Whether the legacy delegation endpoint will be enabled for your account (true) or not available (false).

allowLegacyRoGrantTypes Boolean

Whether the legacy auth/ro endpoint (used with resource owner password and passwordless features) will be enabled for your account (true) or not available (false).

allowLegacyTokeninfoEndpoint Boolean

If enabled, customers can use Tokeninfo Endpoint, otherwise they can not use it.

dashboardInsightsView Boolean

Enables new insights activity page view.

dashboardLogStreamsNext Boolean

Enables beta access to log streaming changes.

disableClickjackProtectionHeaders Boolean

Indicates whether classic Universal Login prompts include additional security headers to prevent clickjacking.

disableFieldsMapFix Boolean

Disables SAML fields map fix for bad mappings with repeated attributes.

disableManagementApiSmsObfuscation Boolean

If true, SMS phone numbers will not be obfuscated in Management API GET calls.

enableAdfsWaadEmailVerification Boolean

If enabled, users will be presented with an email verification prompt during their first login when using Azure AD or ADFS connections.

enableApisSection Boolean

Indicates whether the APIs section is enabled for the tenant.

enableClientConnections Boolean

Indicates whether all current connections should be enabled when a new client is created.

enableCustomDomainInEmails Boolean

Indicates whether the tenant allows custom domains in emails. Before enabling this flag, you must have a custom domain with status: ready.

enableDynamicClientRegistration Boolean

Indicates whether the tenant allows dynamic client registration.

enableIdtokenApi2 Boolean

Whether ID tokens can be used to authorize some types of requests to API v2 (true) or not (false).

enableLegacyLogsSearchV2 Boolean

Indicates whether to use the older v2 legacy logs search.

enableLegacyProfile Boolean

Whether ID tokens and the userinfo endpoint includes a complete user profile (true) or only OpenID Connect claims (false).

enablePipeline2 Boolean

Indicates whether advanced API Authorization scenarios are enabled.

enablePublicSignupUserExistsError Boolean

Indicates whether the public sign up process shows a user_exists error if the user already exists.

enableSso Boolean

Flag indicating whether users will not be prompted to confirm log in before SSO redirection. This flag applies to existing tenants only; new tenants have it enforced as true.

mfaShowFactorListOnEnrollment Boolean

Used to allow users to pick which factor to enroll with from the list of available MFA factors.

noDiscloseEnterpriseConnections Boolean

Do not Publish Enterprise Connections Information with IdP domains on the lock configuration file.

removeAlgFromJwks Boolean

Remove alg from jwks(JSON Web Key Sets).

requirePushedAuthorizationRequests Boolean

This Flag is not supported by the Auth0 Management API and will be removed in the next major release.

revokeRefreshTokenGrant Boolean

Delete underlying grant when a refresh token is revoked via the Authentication API.

useScopeDescriptionsForConsent Boolean

Indicates whether to use scope descriptions for consent.

Disable bool

Disable mTLS settings.

EnableEndpointAliases bool

Enable mTLS endpoint aliases.

Disable bool

Disable mTLS settings.

EnableEndpointAliases bool

Enable mTLS endpoint aliases.

disable Boolean

Disable mTLS settings.

enableEndpointAliases Boolean

Enable mTLS endpoint aliases.

disable boolean

Disable mTLS settings.

enableEndpointAliases boolean

Enable mTLS endpoint aliases.

disable bool

Disable mTLS settings.

enable_endpoint_aliases bool

Enable mTLS endpoint aliases.

disable Boolean

Disable mTLS settings.

enableEndpointAliases Boolean

Enable mTLS endpoint aliases.

RpLogoutEndSessionEndpointDiscovery bool

Enable the end_session_endpoint URL in the .well-known discovery configuration.

RpLogoutEndSessionEndpointDiscovery bool

Enable the end_session_endpoint URL in the .well-known discovery configuration.

rpLogoutEndSessionEndpointDiscovery Boolean

Enable the end_session_endpoint URL in the .well-known discovery configuration.

rpLogoutEndSessionEndpointDiscovery boolean

Enable the end_session_endpoint URL in the .well-known discovery configuration.

rp_logout_end_session_endpoint_discovery bool

Enable the end_session_endpoint URL in the .well-known discovery configuration.

rpLogoutEndSessionEndpointDiscovery Boolean

Enable the end_session_endpoint URL in the .well-known discovery configuration.

OidcLogoutPromptEnabled bool

When active, users will be presented with a consent prompt to confirm the logout request if the request is not trustworthy. Turn off the consent prompt to bypass user confirmation.

OidcLogoutPromptEnabled bool

When active, users will be presented with a consent prompt to confirm the logout request if the request is not trustworthy. Turn off the consent prompt to bypass user confirmation.

oidcLogoutPromptEnabled Boolean

When active, users will be presented with a consent prompt to confirm the logout request if the request is not trustworthy. Turn off the consent prompt to bypass user confirmation.

oidcLogoutPromptEnabled boolean

When active, users will be presented with a consent prompt to confirm the logout request if the request is not trustworthy. Turn off the consent prompt to bypass user confirmation.

oidc_logout_prompt_enabled bool

When active, users will be presented with a consent prompt to confirm the logout request if the request is not trustworthy. Turn off the consent prompt to bypass user confirmation.

oidcLogoutPromptEnabled Boolean

When active, users will be presented with a consent prompt to confirm the logout request if the request is not trustworthy. Turn off the consent prompt to bypass user confirmation.

Mode string

Behavior of tenant session cookie. Accepts either "persistent" or "non-persistent".

Mode string

Behavior of tenant session cookie. Accepts either "persistent" or "non-persistent".

mode String

Behavior of tenant session cookie. Accepts either "persistent" or "non-persistent".

mode string

Behavior of tenant session cookie. Accepts either "persistent" or "non-persistent".

mode str

Behavior of tenant session cookie. Accepts either "persistent" or "non-persistent".

mode String

Behavior of tenant session cookie. Accepts either "persistent" or "non-persistent".