1. Packages
  2. Auth0 Provider
  3. API Docs
  4. getClient
Auth0 v3.7.1 published on Thursday, Sep 12, 2024 by Pulumi

auth0.getClient

Explore with Pulumi AI

auth0 logo
Auth0 v3.7.1 published on Thursday, Sep 12, 2024 by Pulumi

    Data source to retrieve a specific Auth0 application client by client_id or name.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as auth0 from "@pulumi/auth0";
    
    // An Auth0 Client loaded using its name.
    const some-client-by-name = auth0.getClient({
        name: "Name of my Application",
    });
    // An Auth0 Client loaded using its ID.
    const some-client-by-id = auth0.getClient({
        clientId: "abcdefghkijklmnopqrstuvwxyz0123456789",
    });
    
    import pulumi
    import pulumi_auth0 as auth0
    
    # An Auth0 Client loaded using its name.
    some_client_by_name = auth0.get_client(name="Name of my Application")
    # An Auth0 Client loaded using its ID.
    some_client_by_id = auth0.get_client(client_id="abcdefghkijklmnopqrstuvwxyz0123456789")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-auth0/sdk/v3/go/auth0"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		// An Auth0 Client loaded using its name.
    		_, err := auth0.LookupClient(ctx, &auth0.LookupClientArgs{
    			Name: pulumi.StringRef("Name of my Application"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		// An Auth0 Client loaded using its ID.
    		_, err = auth0.LookupClient(ctx, &auth0.LookupClientArgs{
    			ClientId: pulumi.StringRef("abcdefghkijklmnopqrstuvwxyz0123456789"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Auth0 = Pulumi.Auth0;
    
    return await Deployment.RunAsync(() => 
    {
        // An Auth0 Client loaded using its name.
        var some_client_by_name = Auth0.GetClient.Invoke(new()
        {
            Name = "Name of my Application",
        });
    
        // An Auth0 Client loaded using its ID.
        var some_client_by_id = Auth0.GetClient.Invoke(new()
        {
            ClientId = "abcdefghkijklmnopqrstuvwxyz0123456789",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.auth0.Auth0Functions;
    import com.pulumi.auth0.inputs.GetClientArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            // An Auth0 Client loaded using its name.
            final var some-client-by-name = Auth0Functions.getClient(GetClientArgs.builder()
                .name("Name of my Application")
                .build());
    
            // An Auth0 Client loaded using its ID.
            final var some-client-by-id = Auth0Functions.getClient(GetClientArgs.builder()
                .clientId("abcdefghkijklmnopqrstuvwxyz0123456789")
                .build());
    
        }
    }
    
    variables:
      # An Auth0 Client loaded using its name.
      some-client-by-name:
        fn::invoke:
          Function: auth0:getClient
          Arguments:
            name: Name of my Application
      # An Auth0 Client loaded using its ID.
      some-client-by-id:
        fn::invoke:
          Function: auth0:getClient
          Arguments:
            clientId: abcdefghkijklmnopqrstuvwxyz0123456789
    

    Using getClient

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getClient(args: GetClientArgs, opts?: InvokeOptions): Promise<GetClientResult>
    function getClientOutput(args: GetClientOutputArgs, opts?: InvokeOptions): Output<GetClientResult>
    def get_client(client_id: Optional[str] = None,
                   name: Optional[str] = None,
                   opts: Optional[InvokeOptions] = None) -> GetClientResult
    def get_client_output(client_id: Optional[pulumi.Input[str]] = None,
                   name: Optional[pulumi.Input[str]] = None,
                   opts: Optional[InvokeOptions] = None) -> Output[GetClientResult]
    func LookupClient(ctx *Context, args *LookupClientArgs, opts ...InvokeOption) (*LookupClientResult, error)
    func LookupClientOutput(ctx *Context, args *LookupClientOutputArgs, opts ...InvokeOption) LookupClientResultOutput

    > Note: This function is named LookupClient in the Go SDK.

    public static class GetClient 
    {
        public static Task<GetClientResult> InvokeAsync(GetClientArgs args, InvokeOptions? opts = null)
        public static Output<GetClientResult> Invoke(GetClientInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetClientResult> getClient(GetClientArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: auth0:index/getClient:getClient
      arguments:
        # arguments dictionary

    The following arguments are supported:

    ClientId string
    The ID of the client. If not provided, name must be set.
    Name string
    The name of the client. If not provided, client_id must be set.
    ClientId string
    The ID of the client. If not provided, name must be set.
    Name string
    The name of the client. If not provided, client_id must be set.
    clientId String
    The ID of the client. If not provided, name must be set.
    name String
    The name of the client. If not provided, client_id must be set.
    clientId string
    The ID of the client. If not provided, name must be set.
    name string
    The name of the client. If not provided, client_id must be set.
    client_id str
    The ID of the client. If not provided, name must be set.
    name str
    The name of the client. If not provided, client_id must be set.
    clientId String
    The ID of the client. If not provided, name must be set.
    name String
    The name of the client. If not provided, client_id must be set.

    getClient Result

    The following output properties are available:

    Addons List<GetClientAddon>
    Addons enabled for this client and their associated configurations.
    AllowedClients List<string>
    List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
    AllowedLogoutUrls List<string>
    URLs that Auth0 may redirect to after logout.
    AllowedOrigins List<string>
    URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
    AppType string
    Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.
    Callbacks List<string>
    URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
    ClientAliases List<string>
    List of audiences/realms for SAML protocol. Used by the wsfed addon.
    ClientMetadata Dictionary<string, string>
    Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].
    ClientSecret string
    CrossOriginAuth bool
    Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false).
    CrossOriginLoc string
    URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
    CustomLoginPage string
    The content (HTML, CSS, JS) of the custom login page.
    CustomLoginPageOn bool
    Indicates whether a custom login page is to be used.
    DefaultOrganizations List<GetClientDefaultOrganization>
    Configure and associate an organization with the Client
    Description string
    Description of the purpose of the client.
    EncryptionKey Dictionary<string, string>
    Encryption used for WS-Fed responses with this client.
    FormTemplate string
    HTML form template to be used for WS-Federation.
    GrantTypes List<string>
    Types of grants that this client is authorized to use.
    Id string
    The provider-assigned unique ID for this managed resource.
    InitiateLoginUri string
    Initiate login URI. Must be HTTPS or an empty string.
    IsFirstParty bool
    Indicates whether this client is a first-party client.
    IsTokenEndpointIpHeaderTrusted bool
    Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to client_secret_post or client_secret_basic. Setting this property when creating the resource, will default the authentication method to client_secret_post. To change the authentication method to client_secret_basic use the auth0.ClientCredentials resource.
    JwtConfigurations List<GetClientJwtConfiguration>
    Configuration settings for the JWTs issued for this client.
    LogoUri string
    URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
    Mobiles List<GetClientMobile>
    Additional configuration for native mobile apps.
    NativeSocialLogins List<GetClientNativeSocialLogin>
    Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.
    OidcBackchannelLogoutUrls List<string>
    Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
    OidcConformant bool
    Indicates whether this client will conform to strict OIDC specifications.
    OrganizationRequireBehavior string
    Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default), pre_login_prompt or post_login_prompt.
    OrganizationUsage string
    Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.
    RefreshTokens List<GetClientRefreshToken>
    Configuration settings for the refresh tokens issued for this client.
    RequirePushedAuthorizationRequests bool
    Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
    SigningKeys List<ImmutableDictionary<string, string>>
    List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
    Sso bool
    Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
    SsoDisabled bool
    Indicates whether or not SSO is disabled.
    TokenEndpointAuthMethod string
    The authentication method for the token endpoint. Results include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic). Managing a client's authentication method can be done via the auth0.ClientCredentials resource.
    WebOrigins List<string>
    URLs that represent valid web origins for use with web message response mode.
    ClientId string
    The ID of the client. If not provided, name must be set.
    Name string
    The name of the client. If not provided, client_id must be set.
    Addons []GetClientAddon
    Addons enabled for this client and their associated configurations.
    AllowedClients []string
    List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
    AllowedLogoutUrls []string
    URLs that Auth0 may redirect to after logout.
    AllowedOrigins []string
    URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
    AppType string
    Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.
    Callbacks []string
    URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
    ClientAliases []string
    List of audiences/realms for SAML protocol. Used by the wsfed addon.
    ClientMetadata map[string]string
    Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].
    ClientSecret string
    CrossOriginAuth bool
    Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false).
    CrossOriginLoc string
    URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
    CustomLoginPage string
    The content (HTML, CSS, JS) of the custom login page.
    CustomLoginPageOn bool
    Indicates whether a custom login page is to be used.
    DefaultOrganizations []GetClientDefaultOrganization
    Configure and associate an organization with the Client
    Description string
    Description of the purpose of the client.
    EncryptionKey map[string]string
    Encryption used for WS-Fed responses with this client.
    FormTemplate string
    HTML form template to be used for WS-Federation.
    GrantTypes []string
    Types of grants that this client is authorized to use.
    Id string
    The provider-assigned unique ID for this managed resource.
    InitiateLoginUri string
    Initiate login URI. Must be HTTPS or an empty string.
    IsFirstParty bool
    Indicates whether this client is a first-party client.
    IsTokenEndpointIpHeaderTrusted bool
    Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to client_secret_post or client_secret_basic. Setting this property when creating the resource, will default the authentication method to client_secret_post. To change the authentication method to client_secret_basic use the auth0.ClientCredentials resource.
    JwtConfigurations []GetClientJwtConfiguration
    Configuration settings for the JWTs issued for this client.
    LogoUri string
    URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
    Mobiles []GetClientMobile
    Additional configuration for native mobile apps.
    NativeSocialLogins []GetClientNativeSocialLogin
    Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.
    OidcBackchannelLogoutUrls []string
    Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
    OidcConformant bool
    Indicates whether this client will conform to strict OIDC specifications.
    OrganizationRequireBehavior string
    Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default), pre_login_prompt or post_login_prompt.
    OrganizationUsage string
    Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.
    RefreshTokens []GetClientRefreshToken
    Configuration settings for the refresh tokens issued for this client.
    RequirePushedAuthorizationRequests bool
    Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
    SigningKeys []map[string]string
    List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
    Sso bool
    Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
    SsoDisabled bool
    Indicates whether or not SSO is disabled.
    TokenEndpointAuthMethod string
    The authentication method for the token endpoint. Results include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic). Managing a client's authentication method can be done via the auth0.ClientCredentials resource.
    WebOrigins []string
    URLs that represent valid web origins for use with web message response mode.
    ClientId string
    The ID of the client. If not provided, name must be set.
    Name string
    The name of the client. If not provided, client_id must be set.
    addons List<GetClientAddon>
    Addons enabled for this client and their associated configurations.
    allowedClients List<String>
    List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
    allowedLogoutUrls List<String>
    URLs that Auth0 may redirect to after logout.
    allowedOrigins List<String>
    URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
    appType String
    Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.
    callbacks List<String>
    URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
    clientAliases List<String>
    List of audiences/realms for SAML protocol. Used by the wsfed addon.
    clientMetadata Map<String,String>
    Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].
    clientSecret String
    crossOriginAuth Boolean
    Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false).
    crossOriginLoc String
    URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
    customLoginPage String
    The content (HTML, CSS, JS) of the custom login page.
    customLoginPageOn Boolean
    Indicates whether a custom login page is to be used.
    defaultOrganizations List<GetClientDefaultOrganization>
    Configure and associate an organization with the Client
    description String
    Description of the purpose of the client.
    encryptionKey Map<String,String>
    Encryption used for WS-Fed responses with this client.
    formTemplate String
    HTML form template to be used for WS-Federation.
    grantTypes List<String>
    Types of grants that this client is authorized to use.
    id String
    The provider-assigned unique ID for this managed resource.
    initiateLoginUri String
    Initiate login URI. Must be HTTPS or an empty string.
    isFirstParty Boolean
    Indicates whether this client is a first-party client.
    isTokenEndpointIpHeaderTrusted Boolean
    Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to client_secret_post or client_secret_basic. Setting this property when creating the resource, will default the authentication method to client_secret_post. To change the authentication method to client_secret_basic use the auth0.ClientCredentials resource.
    jwtConfigurations List<GetClientJwtConfiguration>
    Configuration settings for the JWTs issued for this client.
    logoUri String
    URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
    mobiles List<GetClientMobile>
    Additional configuration for native mobile apps.
    nativeSocialLogins List<GetClientNativeSocialLogin>
    Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.
    oidcBackchannelLogoutUrls List<String>
    Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
    oidcConformant Boolean
    Indicates whether this client will conform to strict OIDC specifications.
    organizationRequireBehavior String
    Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default), pre_login_prompt or post_login_prompt.
    organizationUsage String
    Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.
    refreshTokens List<GetClientRefreshToken>
    Configuration settings for the refresh tokens issued for this client.
    requirePushedAuthorizationRequests Boolean
    Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
    signingKeys List<Map<String,String>>
    List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
    sso Boolean
    Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
    ssoDisabled Boolean
    Indicates whether or not SSO is disabled.
    tokenEndpointAuthMethod String
    The authentication method for the token endpoint. Results include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic). Managing a client's authentication method can be done via the auth0.ClientCredentials resource.
    webOrigins List<String>
    URLs that represent valid web origins for use with web message response mode.
    clientId String
    The ID of the client. If not provided, name must be set.
    name String
    The name of the client. If not provided, client_id must be set.
    addons GetClientAddon[]
    Addons enabled for this client and their associated configurations.
    allowedClients string[]
    List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
    allowedLogoutUrls string[]
    URLs that Auth0 may redirect to after logout.
    allowedOrigins string[]
    URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
    appType string
    Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.
    callbacks string[]
    URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
    clientAliases string[]
    List of audiences/realms for SAML protocol. Used by the wsfed addon.
    clientMetadata {[key: string]: string}
    Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].
    clientSecret string
    crossOriginAuth boolean
    Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false).
    crossOriginLoc string
    URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
    customLoginPage string
    The content (HTML, CSS, JS) of the custom login page.
    customLoginPageOn boolean
    Indicates whether a custom login page is to be used.
    defaultOrganizations GetClientDefaultOrganization[]
    Configure and associate an organization with the Client
    description string
    Description of the purpose of the client.
    encryptionKey {[key: string]: string}
    Encryption used for WS-Fed responses with this client.
    formTemplate string
    HTML form template to be used for WS-Federation.
    grantTypes string[]
    Types of grants that this client is authorized to use.
    id string
    The provider-assigned unique ID for this managed resource.
    initiateLoginUri string
    Initiate login URI. Must be HTTPS or an empty string.
    isFirstParty boolean
    Indicates whether this client is a first-party client.
    isTokenEndpointIpHeaderTrusted boolean
    Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to client_secret_post or client_secret_basic. Setting this property when creating the resource, will default the authentication method to client_secret_post. To change the authentication method to client_secret_basic use the auth0.ClientCredentials resource.
    jwtConfigurations GetClientJwtConfiguration[]
    Configuration settings for the JWTs issued for this client.
    logoUri string
    URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
    mobiles GetClientMobile[]
    Additional configuration for native mobile apps.
    nativeSocialLogins GetClientNativeSocialLogin[]
    Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.
    oidcBackchannelLogoutUrls string[]
    Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
    oidcConformant boolean
    Indicates whether this client will conform to strict OIDC specifications.
    organizationRequireBehavior string
    Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default), pre_login_prompt or post_login_prompt.
    organizationUsage string
    Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.
    refreshTokens GetClientRefreshToken[]
    Configuration settings for the refresh tokens issued for this client.
    requirePushedAuthorizationRequests boolean
    Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
    signingKeys {[key: string]: string}[]
    List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
    sso boolean
    Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
    ssoDisabled boolean
    Indicates whether or not SSO is disabled.
    tokenEndpointAuthMethod string
    The authentication method for the token endpoint. Results include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic). Managing a client's authentication method can be done via the auth0.ClientCredentials resource.
    webOrigins string[]
    URLs that represent valid web origins for use with web message response mode.
    clientId string
    The ID of the client. If not provided, name must be set.
    name string
    The name of the client. If not provided, client_id must be set.
    addons Sequence[GetClientAddon]
    Addons enabled for this client and their associated configurations.
    allowed_clients Sequence[str]
    List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
    allowed_logout_urls Sequence[str]
    URLs that Auth0 may redirect to after logout.
    allowed_origins Sequence[str]
    URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
    app_type str
    Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.
    callbacks Sequence[str]
    URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
    client_aliases Sequence[str]
    List of audiences/realms for SAML protocol. Used by the wsfed addon.
    client_metadata Mapping[str, str]
    Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].
    client_secret str
    cross_origin_auth bool
    Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false).
    cross_origin_loc str
    URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
    custom_login_page str
    The content (HTML, CSS, JS) of the custom login page.
    custom_login_page_on bool
    Indicates whether a custom login page is to be used.
    default_organizations Sequence[GetClientDefaultOrganization]
    Configure and associate an organization with the Client
    description str
    Description of the purpose of the client.
    encryption_key Mapping[str, str]
    Encryption used for WS-Fed responses with this client.
    form_template str
    HTML form template to be used for WS-Federation.
    grant_types Sequence[str]
    Types of grants that this client is authorized to use.
    id str
    The provider-assigned unique ID for this managed resource.
    initiate_login_uri str
    Initiate login URI. Must be HTTPS or an empty string.
    is_first_party bool
    Indicates whether this client is a first-party client.
    is_token_endpoint_ip_header_trusted bool
    Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to client_secret_post or client_secret_basic. Setting this property when creating the resource, will default the authentication method to client_secret_post. To change the authentication method to client_secret_basic use the auth0.ClientCredentials resource.
    jwt_configurations Sequence[GetClientJwtConfiguration]
    Configuration settings for the JWTs issued for this client.
    logo_uri str
    URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
    mobiles Sequence[GetClientMobile]
    Additional configuration for native mobile apps.
    native_social_logins Sequence[GetClientNativeSocialLogin]
    Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.
    oidc_backchannel_logout_urls Sequence[str]
    Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
    oidc_conformant bool
    Indicates whether this client will conform to strict OIDC specifications.
    organization_require_behavior str
    Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default), pre_login_prompt or post_login_prompt.
    organization_usage str
    Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.
    refresh_tokens Sequence[GetClientRefreshToken]
    Configuration settings for the refresh tokens issued for this client.
    require_pushed_authorization_requests bool
    Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
    signing_keys Sequence[Mapping[str, str]]
    List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
    sso bool
    Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
    sso_disabled bool
    Indicates whether or not SSO is disabled.
    token_endpoint_auth_method str
    The authentication method for the token endpoint. Results include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic). Managing a client's authentication method can be done via the auth0.ClientCredentials resource.
    web_origins Sequence[str]
    URLs that represent valid web origins for use with web message response mode.
    client_id str
    The ID of the client. If not provided, name must be set.
    name str
    The name of the client. If not provided, client_id must be set.
    addons List<Property Map>
    Addons enabled for this client and their associated configurations.
    allowedClients List<String>
    List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.
    allowedLogoutUrls List<String>
    URLs that Auth0 may redirect to after logout.
    allowedOrigins List<String>
    URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.
    appType String
    Type of application the client represents. Possible values are: native, spa, regular_web, non_interactive, sso_integration. Specific SSO integrations types accepted as well are: rms, box, cloudbees, concur, dropbox, mscrm, echosign, egnyte, newrelic, office365, salesforce, sentry, sharepoint, slack, springcm, zendesk, zoom.
    callbacks List<String>
    URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.
    clientAliases List<String>
    List of audiences/realms for SAML protocol. Used by the wsfed addon.
    clientMetadata Map<String>
    Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space].
    clientSecret String
    crossOriginAuth Boolean
    Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false).
    crossOriginLoc String
    URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.
    customLoginPage String
    The content (HTML, CSS, JS) of the custom login page.
    customLoginPageOn Boolean
    Indicates whether a custom login page is to be used.
    defaultOrganizations List<Property Map>
    Configure and associate an organization with the Client
    description String
    Description of the purpose of the client.
    encryptionKey Map<String>
    Encryption used for WS-Fed responses with this client.
    formTemplate String
    HTML form template to be used for WS-Federation.
    grantTypes List<String>
    Types of grants that this client is authorized to use.
    id String
    The provider-assigned unique ID for this managed resource.
    initiateLoginUri String
    Initiate login URI. Must be HTTPS or an empty string.
    isFirstParty Boolean
    Indicates whether this client is a first-party client.
    isTokenEndpointIpHeaderTrusted Boolean
    Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to client_secret_post or client_secret_basic. Setting this property when creating the resource, will default the authentication method to client_secret_post. To change the authentication method to client_secret_basic use the auth0.ClientCredentials resource.
    jwtConfigurations List<Property Map>
    Configuration settings for the JWTs issued for this client.
    logoUri String
    URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.
    mobiles List<Property Map>
    Additional configuration for native mobile apps.
    nativeSocialLogins List<Property Map>
    Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false in order to change the app_type.
    oidcBackchannelLogoutUrls List<String>
    Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
    oidcConformant Boolean
    Indicates whether this client will conform to strict OIDC specifications.
    organizationRequireBehavior String
    Defines how to proceed during an authentication transaction when organization_usage = "require". Can be no_prompt (default), pre_login_prompt or post_login_prompt.
    organizationUsage String
    Defines how to proceed during an authentication transaction with regards to an organization. Can be deny (default), allow or require.
    refreshTokens List<Property Map>
    Configuration settings for the refresh tokens issued for this client.
    requirePushedAuthorizationRequests Boolean
    Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
    signingKeys List<Map<String>>
    List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.
    sso Boolean
    Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
    ssoDisabled Boolean
    Indicates whether or not SSO is disabled.
    tokenEndpointAuthMethod String
    The authentication method for the token endpoint. Results include none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), client_secret_basic (client uses HTTP Basic). Managing a client's authentication method can be done via the auth0.ClientCredentials resource.
    webOrigins List<String>
    URLs that represent valid web origins for use with web message response mode.
    clientId String
    The ID of the client. If not provided, name must be set.
    name String
    The name of the client. If not provided, client_id must be set.

    Supporting Types

    GetClientAddon

    Aws List<GetClientAddonAw>
    AWS Addon configuration.
    AzureBlobs List<GetClientAddonAzureBlob>
    Azure Blob Storage Addon configuration.
    AzureSbs List<GetClientAddonAzureSb>
    Azure Storage Bus Addon configuration.
    Boxes List<GetClientAddonBox>
    Box SSO indicator (no configuration settings needed for Box SSO).
    Cloudbees List<GetClientAddonCloudbee>
    CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
    Concurs List<GetClientAddonConcur>
    Concur SSO indicator (no configuration settings needed for Concur SSO).
    Dropboxes List<GetClientAddonDropbox>
    Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
    Echosigns List<GetClientAddonEchosign>
    Adobe EchoSign SSO configuration.
    Egnytes List<GetClientAddonEgnyte>
    Egnyte SSO configuration.
    Firebases List<GetClientAddonFirebase>
    Google Firebase addon configuration.
    Layers List<GetClientAddonLayer>
    Layer addon configuration.
    Mscrms List<GetClientAddonMscrm>
    Microsoft Dynamics CRM SSO configuration.
    Newrelics List<GetClientAddonNewrelic>
    New Relic SSO configuration.
    Office365s List<GetClientAddonOffice365>
    Microsoft Office 365 SSO configuration.
    Rms List<GetClientAddonRm>
    Active Directory Rights Management Service SSO configuration.
    SalesforceApis List<GetClientAddonSalesforceApi>
    Salesforce API addon configuration.
    SalesforceSandboxApis List<GetClientAddonSalesforceSandboxApi>
    Salesforce Sandbox addon configuration.
    Salesforces List<GetClientAddonSalesforce>
    Salesforce SSO configuration.
    Samlps List<GetClientAddonSamlp>
    Configuration settings for a SAML add-on.
    SapApis List<GetClientAddonSapApi>
    SAP API addon configuration.
    Sentries List<GetClientAddonSentry>
    Sentry SSO configuration.
    Sharepoints List<GetClientAddonSharepoint>
    SharePoint SSO configuration.
    Slacks List<GetClientAddonSlack>
    Slack team or workspace name usually first segment in your Slack URL, for example https://acme-org.slack.com would be acme-org.
    Springcms List<GetClientAddonSpringcm>
    SpringCM SSO configuration.
    SsoIntegrations List<GetClientAddonSsoIntegration>
    Generic SSO configuration.
    Wams List<GetClientAddonWam>
    Windows Azure Mobile Services addon configuration.
    Wsfeds List<GetClientAddonWsfed>
    WS-Fed (WIF) addon indicator. Actual configuration is stored in callback and client_aliases properties on the client.
    Zendesks List<GetClientAddonZendesk>
    Zendesk SSO configuration.
    Zooms List<GetClientAddonZoom>
    Zoom SSO configuration.
    Aws []GetClientAddonAw
    AWS Addon configuration.
    AzureBlobs []GetClientAddonAzureBlob
    Azure Blob Storage Addon configuration.
    AzureSbs []GetClientAddonAzureSb
    Azure Storage Bus Addon configuration.
    Boxes []GetClientAddonBox
    Box SSO indicator (no configuration settings needed for Box SSO).
    Cloudbees []GetClientAddonCloudbee
    CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
    Concurs []GetClientAddonConcur
    Concur SSO indicator (no configuration settings needed for Concur SSO).
    Dropboxes []GetClientAddonDropbox
    Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
    Echosigns []GetClientAddonEchosign
    Adobe EchoSign SSO configuration.
    Egnytes []GetClientAddonEgnyte
    Egnyte SSO configuration.
    Firebases []GetClientAddonFirebase
    Google Firebase addon configuration.
    Layers []GetClientAddonLayer
    Layer addon configuration.
    Mscrms []GetClientAddonMscrm
    Microsoft Dynamics CRM SSO configuration.
    Newrelics []GetClientAddonNewrelic
    New Relic SSO configuration.
    Office365s []GetClientAddonOffice365
    Microsoft Office 365 SSO configuration.
    Rms []GetClientAddonRm
    Active Directory Rights Management Service SSO configuration.
    SalesforceApis []GetClientAddonSalesforceApi
    Salesforce API addon configuration.
    SalesforceSandboxApis []GetClientAddonSalesforceSandboxApi
    Salesforce Sandbox addon configuration.
    Salesforces []GetClientAddonSalesforce
    Salesforce SSO configuration.
    Samlps []GetClientAddonSamlp
    Configuration settings for a SAML add-on.
    SapApis []GetClientAddonSapApi
    SAP API addon configuration.
    Sentries []GetClientAddonSentry
    Sentry SSO configuration.
    Sharepoints []GetClientAddonSharepoint
    SharePoint SSO configuration.
    Slacks []GetClientAddonSlack
    Slack team or workspace name usually first segment in your Slack URL, for example https://acme-org.slack.com would be acme-org.
    Springcms []GetClientAddonSpringcm
    SpringCM SSO configuration.
    SsoIntegrations []GetClientAddonSsoIntegration
    Generic SSO configuration.
    Wams []GetClientAddonWam
    Windows Azure Mobile Services addon configuration.
    Wsfeds []GetClientAddonWsfed
    WS-Fed (WIF) addon indicator. Actual configuration is stored in callback and client_aliases properties on the client.
    Zendesks []GetClientAddonZendesk
    Zendesk SSO configuration.
    Zooms []GetClientAddonZoom
    Zoom SSO configuration.
    aws List<GetClientAddonAw>
    AWS Addon configuration.
    azureBlobs List<GetClientAddonAzureBlob>
    Azure Blob Storage Addon configuration.
    azureSbs List<GetClientAddonAzureSb>
    Azure Storage Bus Addon configuration.
    boxes List<GetClientAddonBox>
    Box SSO indicator (no configuration settings needed for Box SSO).
    cloudbees List<GetClientAddonCloudbee>
    CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
    concurs List<GetClientAddonConcur>
    Concur SSO indicator (no configuration settings needed for Concur SSO).
    dropboxes List<GetClientAddonDropbox>
    Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
    echosigns List<GetClientAddonEchosign>
    Adobe EchoSign SSO configuration.
    egnytes List<GetClientAddonEgnyte>
    Egnyte SSO configuration.
    firebases List<GetClientAddonFirebase>
    Google Firebase addon configuration.
    layers List<GetClientAddonLayer>
    Layer addon configuration.
    mscrms List<GetClientAddonMscrm>
    Microsoft Dynamics CRM SSO configuration.
    newrelics List<GetClientAddonNewrelic>
    New Relic SSO configuration.
    office365s List<GetClientAddonOffice365>
    Microsoft Office 365 SSO configuration.
    rms List<GetClientAddonRm>
    Active Directory Rights Management Service SSO configuration.
    salesforceApis List<GetClientAddonSalesforceApi>
    Salesforce API addon configuration.
    salesforceSandboxApis List<GetClientAddonSalesforceSandboxApi>
    Salesforce Sandbox addon configuration.
    salesforces List<GetClientAddonSalesforce>
    Salesforce SSO configuration.
    samlps List<GetClientAddonSamlp>
    Configuration settings for a SAML add-on.
    sapApis List<GetClientAddonSapApi>
    SAP API addon configuration.
    sentries List<GetClientAddonSentry>
    Sentry SSO configuration.
    sharepoints List<GetClientAddonSharepoint>
    SharePoint SSO configuration.
    slacks List<GetClientAddonSlack>
    Slack team or workspace name usually first segment in your Slack URL, for example https://acme-org.slack.com would be acme-org.
    springcms List<GetClientAddonSpringcm>
    SpringCM SSO configuration.
    ssoIntegrations List<GetClientAddonSsoIntegration>
    Generic SSO configuration.
    wams List<GetClientAddonWam>
    Windows Azure Mobile Services addon configuration.
    wsfeds List<GetClientAddonWsfed>
    WS-Fed (WIF) addon indicator. Actual configuration is stored in callback and client_aliases properties on the client.
    zendesks List<GetClientAddonZendesk>
    Zendesk SSO configuration.
    zooms List<GetClientAddonZoom>
    Zoom SSO configuration.
    aws GetClientAddonAw[]
    AWS Addon configuration.
    azureBlobs GetClientAddonAzureBlob[]
    Azure Blob Storage Addon configuration.
    azureSbs GetClientAddonAzureSb[]
    Azure Storage Bus Addon configuration.
    boxes GetClientAddonBox[]
    Box SSO indicator (no configuration settings needed for Box SSO).
    cloudbees GetClientAddonCloudbee[]
    CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
    concurs GetClientAddonConcur[]
    Concur SSO indicator (no configuration settings needed for Concur SSO).
    dropboxes GetClientAddonDropbox[]
    Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
    echosigns GetClientAddonEchosign[]
    Adobe EchoSign SSO configuration.
    egnytes GetClientAddonEgnyte[]
    Egnyte SSO configuration.
    firebases GetClientAddonFirebase[]
    Google Firebase addon configuration.
    layers GetClientAddonLayer[]
    Layer addon configuration.
    mscrms GetClientAddonMscrm[]
    Microsoft Dynamics CRM SSO configuration.
    newrelics GetClientAddonNewrelic[]
    New Relic SSO configuration.
    office365s GetClientAddonOffice365[]
    Microsoft Office 365 SSO configuration.
    rms GetClientAddonRm[]
    Active Directory Rights Management Service SSO configuration.
    salesforceApis GetClientAddonSalesforceApi[]
    Salesforce API addon configuration.
    salesforceSandboxApis GetClientAddonSalesforceSandboxApi[]
    Salesforce Sandbox addon configuration.
    salesforces GetClientAddonSalesforce[]
    Salesforce SSO configuration.
    samlps GetClientAddonSamlp[]
    Configuration settings for a SAML add-on.
    sapApis GetClientAddonSapApi[]
    SAP API addon configuration.
    sentries GetClientAddonSentry[]
    Sentry SSO configuration.
    sharepoints GetClientAddonSharepoint[]
    SharePoint SSO configuration.
    slacks GetClientAddonSlack[]
    Slack team or workspace name usually first segment in your Slack URL, for example https://acme-org.slack.com would be acme-org.
    springcms GetClientAddonSpringcm[]
    SpringCM SSO configuration.
    ssoIntegrations GetClientAddonSsoIntegration[]
    Generic SSO configuration.
    wams GetClientAddonWam[]
    Windows Azure Mobile Services addon configuration.
    wsfeds GetClientAddonWsfed[]
    WS-Fed (WIF) addon indicator. Actual configuration is stored in callback and client_aliases properties on the client.
    zendesks GetClientAddonZendesk[]
    Zendesk SSO configuration.
    zooms GetClientAddonZoom[]
    Zoom SSO configuration.
    aws Sequence[GetClientAddonAw]
    AWS Addon configuration.
    azure_blobs Sequence[GetClientAddonAzureBlob]
    Azure Blob Storage Addon configuration.
    azure_sbs Sequence[GetClientAddonAzureSb]
    Azure Storage Bus Addon configuration.
    boxes Sequence[GetClientAddonBox]
    Box SSO indicator (no configuration settings needed for Box SSO).
    cloudbees Sequence[GetClientAddonCloudbee]
    CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
    concurs Sequence[GetClientAddonConcur]
    Concur SSO indicator (no configuration settings needed for Concur SSO).
    dropboxes Sequence[GetClientAddonDropbox]
    Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
    echosigns Sequence[GetClientAddonEchosign]
    Adobe EchoSign SSO configuration.
    egnytes Sequence[GetClientAddonEgnyte]
    Egnyte SSO configuration.
    firebases Sequence[GetClientAddonFirebase]
    Google Firebase addon configuration.
    layers Sequence[GetClientAddonLayer]
    Layer addon configuration.
    mscrms Sequence[GetClientAddonMscrm]
    Microsoft Dynamics CRM SSO configuration.
    newrelics Sequence[GetClientAddonNewrelic]
    New Relic SSO configuration.
    office365s Sequence[GetClientAddonOffice365]
    Microsoft Office 365 SSO configuration.
    rms Sequence[GetClientAddonRm]
    Active Directory Rights Management Service SSO configuration.
    salesforce_apis Sequence[GetClientAddonSalesforceApi]
    Salesforce API addon configuration.
    salesforce_sandbox_apis Sequence[GetClientAddonSalesforceSandboxApi]
    Salesforce Sandbox addon configuration.
    salesforces Sequence[GetClientAddonSalesforce]
    Salesforce SSO configuration.
    samlps Sequence[GetClientAddonSamlp]
    Configuration settings for a SAML add-on.
    sap_apis Sequence[GetClientAddonSapApi]
    SAP API addon configuration.
    sentries Sequence[GetClientAddonSentry]
    Sentry SSO configuration.
    sharepoints Sequence[GetClientAddonSharepoint]
    SharePoint SSO configuration.
    slacks Sequence[GetClientAddonSlack]
    Slack team or workspace name usually first segment in your Slack URL, for example https://acme-org.slack.com would be acme-org.
    springcms Sequence[GetClientAddonSpringcm]
    SpringCM SSO configuration.
    sso_integrations Sequence[GetClientAddonSsoIntegration]
    Generic SSO configuration.
    wams Sequence[GetClientAddonWam]
    Windows Azure Mobile Services addon configuration.
    wsfeds Sequence[GetClientAddonWsfed]
    WS-Fed (WIF) addon indicator. Actual configuration is stored in callback and client_aliases properties on the client.
    zendesks Sequence[GetClientAddonZendesk]
    Zendesk SSO configuration.
    zooms Sequence[GetClientAddonZoom]
    Zoom SSO configuration.
    aws List<Property Map>
    AWS Addon configuration.
    azureBlobs List<Property Map>
    Azure Blob Storage Addon configuration.
    azureSbs List<Property Map>
    Azure Storage Bus Addon configuration.
    boxes List<Property Map>
    Box SSO indicator (no configuration settings needed for Box SSO).
    cloudbees List<Property Map>
    CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).
    concurs List<Property Map>
    Concur SSO indicator (no configuration settings needed for Concur SSO).
    dropboxes List<Property Map>
    Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).
    echosigns List<Property Map>
    Adobe EchoSign SSO configuration.
    egnytes List<Property Map>
    Egnyte SSO configuration.
    firebases List<Property Map>
    Google Firebase addon configuration.
    layers List<Property Map>
    Layer addon configuration.
    mscrms List<Property Map>
    Microsoft Dynamics CRM SSO configuration.
    newrelics List<Property Map>
    New Relic SSO configuration.
    office365s List<Property Map>
    Microsoft Office 365 SSO configuration.
    rms List<Property Map>
    Active Directory Rights Management Service SSO configuration.
    salesforceApis List<Property Map>
    Salesforce API addon configuration.
    salesforceSandboxApis List<Property Map>
    Salesforce Sandbox addon configuration.
    salesforces List<Property Map>
    Salesforce SSO configuration.
    samlps List<Property Map>
    Configuration settings for a SAML add-on.
    sapApis List<Property Map>
    SAP API addon configuration.
    sentries List<Property Map>
    Sentry SSO configuration.
    sharepoints List<Property Map>
    SharePoint SSO configuration.
    slacks List<Property Map>
    Slack team or workspace name usually first segment in your Slack URL, for example https://acme-org.slack.com would be acme-org.
    springcms List<Property Map>
    SpringCM SSO configuration.
    ssoIntegrations List<Property Map>
    Generic SSO configuration.
    wams List<Property Map>
    Windows Azure Mobile Services addon configuration.
    wsfeds List<Property Map>
    WS-Fed (WIF) addon indicator. Actual configuration is stored in callback and client_aliases properties on the client.
    zendesks List<Property Map>
    Zendesk SSO configuration.
    zooms List<Property Map>
    Zoom SSO configuration.

    GetClientAddonAw

    LifetimeInSeconds int
    AWS token lifetime in seconds.
    Principal string
    AWS principal ARN, for example arn:aws:iam::010616021751:saml-provider/idpname.
    Role string
    AWS role ARN, for example arn:aws:iam::010616021751:role/foo.
    LifetimeInSeconds int
    AWS token lifetime in seconds.
    Principal string
    AWS principal ARN, for example arn:aws:iam::010616021751:saml-provider/idpname.
    Role string
    AWS role ARN, for example arn:aws:iam::010616021751:role/foo.
    lifetimeInSeconds Integer
    AWS token lifetime in seconds.
    principal String
    AWS principal ARN, for example arn:aws:iam::010616021751:saml-provider/idpname.
    role String
    AWS role ARN, for example arn:aws:iam::010616021751:role/foo.
    lifetimeInSeconds number
    AWS token lifetime in seconds.
    principal string
    AWS principal ARN, for example arn:aws:iam::010616021751:saml-provider/idpname.
    role string
    AWS role ARN, for example arn:aws:iam::010616021751:role/foo.
    lifetime_in_seconds int
    AWS token lifetime in seconds.
    principal str
    AWS principal ARN, for example arn:aws:iam::010616021751:saml-provider/idpname.
    role str
    AWS role ARN, for example arn:aws:iam::010616021751:role/foo.
    lifetimeInSeconds Number
    AWS token lifetime in seconds.
    principal String
    AWS principal ARN, for example arn:aws:iam::010616021751:saml-provider/idpname.
    role String
    AWS role ARN, for example arn:aws:iam::010616021751:role/foo.

    GetClientAddonAzureBlob

    AccountName string
    Your Azure storage account name. Usually first segment in your Azure storage URL, for example https://acme-org.blob.core.windows.net would be the account name acme-org.
    BlobDelete bool
    Indicates if the issued token has permission to delete the blob.
    BlobName string
    Entity to request a token for, such as my-blob. If blank the computed SAS will apply to the entire storage container.
    BlobRead bool
    Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
    BlobWrite bool
    Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    ContainerDelete bool
    Indicates if issued token has permission to delete any blob in the container.
    ContainerList bool
    Indicates if the issued token has permission to list blobs in the container.
    ContainerName string
    Container to request a token for, such as my-container.
    ContainerRead bool
    Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
    ContainerWrite bool
    Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    Expiration int
    Expiration in minutes for the generated token (default of 5 minutes).
    SignedIdentifier string
    Shared access policy identifier defined in your storage account resource.
    StorageAccessKey string
    Access key associated with this storage account.
    AccountName string
    Your Azure storage account name. Usually first segment in your Azure storage URL, for example https://acme-org.blob.core.windows.net would be the account name acme-org.
    BlobDelete bool
    Indicates if the issued token has permission to delete the blob.
    BlobName string
    Entity to request a token for, such as my-blob. If blank the computed SAS will apply to the entire storage container.
    BlobRead bool
    Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
    BlobWrite bool
    Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    ContainerDelete bool
    Indicates if issued token has permission to delete any blob in the container.
    ContainerList bool
    Indicates if the issued token has permission to list blobs in the container.
    ContainerName string
    Container to request a token for, such as my-container.
    ContainerRead bool
    Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
    ContainerWrite bool
    Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    Expiration int
    Expiration in minutes for the generated token (default of 5 minutes).
    SignedIdentifier string
    Shared access policy identifier defined in your storage account resource.
    StorageAccessKey string
    Access key associated with this storage account.
    accountName String
    Your Azure storage account name. Usually first segment in your Azure storage URL, for example https://acme-org.blob.core.windows.net would be the account name acme-org.
    blobDelete Boolean
    Indicates if the issued token has permission to delete the blob.
    blobName String
    Entity to request a token for, such as my-blob. If blank the computed SAS will apply to the entire storage container.
    blobRead Boolean
    Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
    blobWrite Boolean
    Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    containerDelete Boolean
    Indicates if issued token has permission to delete any blob in the container.
    containerList Boolean
    Indicates if the issued token has permission to list blobs in the container.
    containerName String
    Container to request a token for, such as my-container.
    containerRead Boolean
    Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
    containerWrite Boolean
    Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    expiration Integer
    Expiration in minutes for the generated token (default of 5 minutes).
    signedIdentifier String
    Shared access policy identifier defined in your storage account resource.
    storageAccessKey String
    Access key associated with this storage account.
    accountName string
    Your Azure storage account name. Usually first segment in your Azure storage URL, for example https://acme-org.blob.core.windows.net would be the account name acme-org.
    blobDelete boolean
    Indicates if the issued token has permission to delete the blob.
    blobName string
    Entity to request a token for, such as my-blob. If blank the computed SAS will apply to the entire storage container.
    blobRead boolean
    Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
    blobWrite boolean
    Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    containerDelete boolean
    Indicates if issued token has permission to delete any blob in the container.
    containerList boolean
    Indicates if the issued token has permission to list blobs in the container.
    containerName string
    Container to request a token for, such as my-container.
    containerRead boolean
    Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
    containerWrite boolean
    Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    expiration number
    Expiration in minutes for the generated token (default of 5 minutes).
    signedIdentifier string
    Shared access policy identifier defined in your storage account resource.
    storageAccessKey string
    Access key associated with this storage account.
    account_name str
    Your Azure storage account name. Usually first segment in your Azure storage URL, for example https://acme-org.blob.core.windows.net would be the account name acme-org.
    blob_delete bool
    Indicates if the issued token has permission to delete the blob.
    blob_name str
    Entity to request a token for, such as my-blob. If blank the computed SAS will apply to the entire storage container.
    blob_read bool
    Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
    blob_write bool
    Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    container_delete bool
    Indicates if issued token has permission to delete any blob in the container.
    container_list bool
    Indicates if the issued token has permission to list blobs in the container.
    container_name str
    Container to request a token for, such as my-container.
    container_read bool
    Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
    container_write bool
    Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    expiration int
    Expiration in minutes for the generated token (default of 5 minutes).
    signed_identifier str
    Shared access policy identifier defined in your storage account resource.
    storage_access_key str
    Access key associated with this storage account.
    accountName String
    Your Azure storage account name. Usually first segment in your Azure storage URL, for example https://acme-org.blob.core.windows.net would be the account name acme-org.
    blobDelete Boolean
    Indicates if the issued token has permission to delete the blob.
    blobName String
    Entity to request a token for, such as my-blob. If blank the computed SAS will apply to the entire storage container.
    blobRead Boolean
    Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation.
    blobWrite Boolean
    Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    containerDelete Boolean
    Indicates if issued token has permission to delete any blob in the container.
    containerList Boolean
    Indicates if the issued token has permission to list blobs in the container.
    containerName String
    Container to request a token for, such as my-container.
    containerRead Boolean
    Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation.
    containerWrite Boolean
    Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account.
    expiration Number
    Expiration in minutes for the generated token (default of 5 minutes).
    signedIdentifier String
    Shared access policy identifier defined in your storage account resource.
    storageAccessKey String
    Access key associated with this storage account.

    GetClientAddonAzureSb

    EntityPath string
    Entity you want to request a token for, such as my-queue.
    Expiration int
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    Namespace string
    Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example https://acme-org.servicebus.windows.net would be acme-org).
    SasKey string
    Primary Key associated with your shared access policy.
    SasKeyName string
    Your shared access policy name defined in your Service Bus entity.
    EntityPath string
    Entity you want to request a token for, such as my-queue.
    Expiration int
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    Namespace string
    Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example https://acme-org.servicebus.windows.net would be acme-org).
    SasKey string
    Primary Key associated with your shared access policy.
    SasKeyName string
    Your shared access policy name defined in your Service Bus entity.
    entityPath String
    Entity you want to request a token for, such as my-queue.
    expiration Integer
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    namespace String
    Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example https://acme-org.servicebus.windows.net would be acme-org).
    sasKey String
    Primary Key associated with your shared access policy.
    sasKeyName String
    Your shared access policy name defined in your Service Bus entity.
    entityPath string
    Entity you want to request a token for, such as my-queue.
    expiration number
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    namespace string
    Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example https://acme-org.servicebus.windows.net would be acme-org).
    sasKey string
    Primary Key associated with your shared access policy.
    sasKeyName string
    Your shared access policy name defined in your Service Bus entity.
    entity_path str
    Entity you want to request a token for, such as my-queue.
    expiration int
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    namespace str
    Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example https://acme-org.servicebus.windows.net would be acme-org).
    sas_key str
    Primary Key associated with your shared access policy.
    sas_key_name str
    Your shared access policy name defined in your Service Bus entity.
    entityPath String
    Entity you want to request a token for, such as my-queue.
    expiration Number
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    namespace String
    Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (for example https://acme-org.servicebus.windows.net would be acme-org).
    sasKey String
    Primary Key associated with your shared access policy.
    sasKeyName String
    Your shared access policy name defined in your Service Bus entity.

    GetClientAddonEchosign

    Domain string
    Your custom domain found in your EchoSign URL, for example https://acme-org.echosign.com would be acme-org.
    Domain string
    Your custom domain found in your EchoSign URL, for example https://acme-org.echosign.com would be acme-org.
    domain String
    Your custom domain found in your EchoSign URL, for example https://acme-org.echosign.com would be acme-org.
    domain string
    Your custom domain found in your EchoSign URL, for example https://acme-org.echosign.com would be acme-org.
    domain str
    Your custom domain found in your EchoSign URL, for example https://acme-org.echosign.com would be acme-org.
    domain String
    Your custom domain found in your EchoSign URL, for example https://acme-org.echosign.com would be acme-org.

    GetClientAddonEgnyte

    Domain string
    Your custom domain found in your Egnyte URL, for example https://acme-org.echosign.com would be acme-org.
    Domain string
    Your custom domain found in your Egnyte URL, for example https://acme-org.echosign.com would be acme-org.
    domain String
    Your custom domain found in your Egnyte URL, for example https://acme-org.echosign.com would be acme-org.
    domain string
    Your custom domain found in your Egnyte URL, for example https://acme-org.echosign.com would be acme-org.
    domain str
    Your custom domain found in your Egnyte URL, for example https://acme-org.echosign.com would be acme-org.
    domain String
    Your custom domain found in your Egnyte URL, for example https://acme-org.echosign.com would be acme-org.

    GetClientAddonFirebase

    ClientEmail string
    ID of the Service Account you have created (shown as client_email in the generated JSON file, SDK v3+ tokens only).
    LifetimeInSeconds int
    Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
    PrivateKey string
    Private Key for signing the token (SDK v3+ tokens only).
    PrivateKeyId string
    Optional ID of the private key to obtain the kid header claim from the issued token (SDK v3+ tokens only).
    Secret string
    Google Firebase Secret. (SDK v2 only).
    ClientEmail string
    ID of the Service Account you have created (shown as client_email in the generated JSON file, SDK v3+ tokens only).
    LifetimeInSeconds int
    Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
    PrivateKey string
    Private Key for signing the token (SDK v3+ tokens only).
    PrivateKeyId string
    Optional ID of the private key to obtain the kid header claim from the issued token (SDK v3+ tokens only).
    Secret string
    Google Firebase Secret. (SDK v2 only).
    clientEmail String
    ID of the Service Account you have created (shown as client_email in the generated JSON file, SDK v3+ tokens only).
    lifetimeInSeconds Integer
    Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
    privateKey String
    Private Key for signing the token (SDK v3+ tokens only).
    privateKeyId String
    Optional ID of the private key to obtain the kid header claim from the issued token (SDK v3+ tokens only).
    secret String
    Google Firebase Secret. (SDK v2 only).
    clientEmail string
    ID of the Service Account you have created (shown as client_email in the generated JSON file, SDK v3+ tokens only).
    lifetimeInSeconds number
    Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
    privateKey string
    Private Key for signing the token (SDK v3+ tokens only).
    privateKeyId string
    Optional ID of the private key to obtain the kid header claim from the issued token (SDK v3+ tokens only).
    secret string
    Google Firebase Secret. (SDK v2 only).
    client_email str
    ID of the Service Account you have created (shown as client_email in the generated JSON file, SDK v3+ tokens only).
    lifetime_in_seconds int
    Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
    private_key str
    Private Key for signing the token (SDK v3+ tokens only).
    private_key_id str
    Optional ID of the private key to obtain the kid header claim from the issued token (SDK v3+ tokens only).
    secret str
    Google Firebase Secret. (SDK v2 only).
    clientEmail String
    ID of the Service Account you have created (shown as client_email in the generated JSON file, SDK v3+ tokens only).
    lifetimeInSeconds Number
    Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only).
    privateKey String
    Private Key for signing the token (SDK v3+ tokens only).
    privateKeyId String
    Optional ID of the private key to obtain the kid header claim from the issued token (SDK v3+ tokens only).
    secret String
    Google Firebase Secret. (SDK v2 only).

    GetClientAddonLayer

    Expiration int
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    KeyId string
    Authentication Key identifier used to sign the Layer token.
    Principal string
    Name of the property used as the unique user ID in Layer. If not specified user_id is used.
    PrivateKey string
    Private key for signing the Layer token.
    ProviderId string
    Provider ID of your Layer account.
    Expiration int
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    KeyId string
    Authentication Key identifier used to sign the Layer token.
    Principal string
    Name of the property used as the unique user ID in Layer. If not specified user_id is used.
    PrivateKey string
    Private key for signing the Layer token.
    ProviderId string
    Provider ID of your Layer account.
    expiration Integer
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    keyId String
    Authentication Key identifier used to sign the Layer token.
    principal String
    Name of the property used as the unique user ID in Layer. If not specified user_id is used.
    privateKey String
    Private key for signing the Layer token.
    providerId String
    Provider ID of your Layer account.
    expiration number
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    keyId string
    Authentication Key identifier used to sign the Layer token.
    principal string
    Name of the property used as the unique user ID in Layer. If not specified user_id is used.
    privateKey string
    Private key for signing the Layer token.
    providerId string
    Provider ID of your Layer account.
    expiration int
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    key_id str
    Authentication Key identifier used to sign the Layer token.
    principal str
    Name of the property used as the unique user ID in Layer. If not specified user_id is used.
    private_key str
    Private key for signing the Layer token.
    provider_id str
    Provider ID of your Layer account.
    expiration Number
    Optional expiration in minutes for the generated token. Defaults to 5 minutes.
    keyId String
    Authentication Key identifier used to sign the Layer token.
    principal String
    Name of the property used as the unique user ID in Layer. If not specified user_id is used.
    privateKey String
    Private key for signing the Layer token.
    providerId String
    Provider ID of your Layer account.

    GetClientAddonMscrm

    Url string
    Microsoft Dynamics CRM application URL.
    Url string
    Microsoft Dynamics CRM application URL.
    url String
    Microsoft Dynamics CRM application URL.
    url string
    Microsoft Dynamics CRM application URL.
    url str
    Microsoft Dynamics CRM application URL.
    url String
    Microsoft Dynamics CRM application URL.

    GetClientAddonNewrelic

    Account string
    Your New Relic Account ID found in your New Relic URL after the /accounts/ path, for example https://rpm.newrelic.com/accounts/123456/query would be 123456.
    Account string
    Your New Relic Account ID found in your New Relic URL after the /accounts/ path, for example https://rpm.newrelic.com/accounts/123456/query would be 123456.
    account String
    Your New Relic Account ID found in your New Relic URL after the /accounts/ path, for example https://rpm.newrelic.com/accounts/123456/query would be 123456.
    account string
    Your New Relic Account ID found in your New Relic URL after the /accounts/ path, for example https://rpm.newrelic.com/accounts/123456/query would be 123456.
    account str
    Your New Relic Account ID found in your New Relic URL after the /accounts/ path, for example https://rpm.newrelic.com/accounts/123456/query would be 123456.
    account String
    Your New Relic Account ID found in your New Relic URL after the /accounts/ path, for example https://rpm.newrelic.com/accounts/123456/query would be 123456.

    GetClientAddonOffice365

    Connection string
    Optional Auth0 database connection for testing an already-configured Office 365 tenant.
    Domain string
    Your Office 365 domain name, for example acme-org.com.
    Connection string
    Optional Auth0 database connection for testing an already-configured Office 365 tenant.
    Domain string
    Your Office 365 domain name, for example acme-org.com.
    connection String
    Optional Auth0 database connection for testing an already-configured Office 365 tenant.
    domain String
    Your Office 365 domain name, for example acme-org.com.
    connection string
    Optional Auth0 database connection for testing an already-configured Office 365 tenant.
    domain string
    Your Office 365 domain name, for example acme-org.com.
    connection str
    Optional Auth0 database connection for testing an already-configured Office 365 tenant.
    domain str
    Your Office 365 domain name, for example acme-org.com.
    connection String
    Optional Auth0 database connection for testing an already-configured Office 365 tenant.
    domain String
    Your Office 365 domain name, for example acme-org.com.

    GetClientAddonRm

    Url string
    URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
    Url string
    URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
    url String
    URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
    url string
    URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
    url str
    URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
    url String
    URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.

    GetClientAddonSalesforce

    EntityId string
    Arbitrary logical URL that identifies the Saleforce resource, for example https://acme-org.com.
    EntityId string
    Arbitrary logical URL that identifies the Saleforce resource, for example https://acme-org.com.
    entityId String
    Arbitrary logical URL that identifies the Saleforce resource, for example https://acme-org.com.
    entityId string
    Arbitrary logical URL that identifies the Saleforce resource, for example https://acme-org.com.
    entity_id str
    Arbitrary logical URL that identifies the Saleforce resource, for example https://acme-org.com.
    entityId String
    Arbitrary logical URL that identifies the Saleforce resource, for example https://acme-org.com.

    GetClientAddonSalesforceApi

    ClientId string
    Consumer Key assigned by Salesforce to the Connected App.
    CommunityName string
    Community name.
    CommunityUrlSection string
    Community URL section.
    Principal string
    Name of the property in the user object that maps to a Salesforce username, for example email.
    ClientId string
    Consumer Key assigned by Salesforce to the Connected App.
    CommunityName string
    Community name.
    CommunityUrlSection string
    Community URL section.
    Principal string
    Name of the property in the user object that maps to a Salesforce username, for example email.
    clientId String
    Consumer Key assigned by Salesforce to the Connected App.
    communityName String
    Community name.
    communityUrlSection String
    Community URL section.
    principal String
    Name of the property in the user object that maps to a Salesforce username, for example email.
    clientId string
    Consumer Key assigned by Salesforce to the Connected App.
    communityName string
    Community name.
    communityUrlSection string
    Community URL section.
    principal string
    Name of the property in the user object that maps to a Salesforce username, for example email.
    client_id str
    Consumer Key assigned by Salesforce to the Connected App.
    community_name str
    Community name.
    community_url_section str
    Community URL section.
    principal str
    Name of the property in the user object that maps to a Salesforce username, for example email.
    clientId String
    Consumer Key assigned by Salesforce to the Connected App.
    communityName String
    Community name.
    communityUrlSection String
    Community URL section.
    principal String
    Name of the property in the user object that maps to a Salesforce username, for example email.

    GetClientAddonSalesforceSandboxApi

    ClientId string
    Consumer Key assigned by Salesforce to the Connected App.
    CommunityName string
    Community name.
    CommunityUrlSection string
    Community URL section.
    Principal string
    Name of the property in the user object that maps to a Salesforce username, for example email.
    ClientId string
    Consumer Key assigned by Salesforce to the Connected App.
    CommunityName string
    Community name.
    CommunityUrlSection string
    Community URL section.
    Principal string
    Name of the property in the user object that maps to a Salesforce username, for example email.
    clientId String
    Consumer Key assigned by Salesforce to the Connected App.
    communityName String
    Community name.
    communityUrlSection String
    Community URL section.
    principal String
    Name of the property in the user object that maps to a Salesforce username, for example email.
    clientId string
    Consumer Key assigned by Salesforce to the Connected App.
    communityName string
    Community name.
    communityUrlSection string
    Community URL section.
    principal string
    Name of the property in the user object that maps to a Salesforce username, for example email.
    client_id str
    Consumer Key assigned by Salesforce to the Connected App.
    community_name str
    Community name.
    community_url_section str
    Community URL section.
    principal str
    Name of the property in the user object that maps to a Salesforce username, for example email.
    clientId String
    Consumer Key assigned by Salesforce to the Connected App.
    communityName String
    Community name.
    communityUrlSection String
    Community URL section.
    principal String
    Name of the property in the user object that maps to a Salesforce username, for example email.

    GetClientAddonSamlp

    Audience string
    Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
    AuthnContextClassRef string
    Class reference of the authentication context.
    Binding string
    Protocol binding used for SAML logout responses.
    CreateUpnClaim bool
    Indicates whether a UPN claim should be created. Defaults to true.
    Destination string
    Destination of the SAML Response. If not specified, it will be AssertionConsumerUrl of SAMLRequest or callback URL if there was no SAMLRequest.
    DigestAlgorithm string
    Algorithm used to calculate the digest of the SAML Assertion or response. Options include sha1 and sha256. Defaults to sha1.
    IncludeAttributeNameFormat bool
    Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion. Defaults to true.
    Issuer string
    Issuer of the SAML Assertion.
    LifetimeInSeconds int
    Number of seconds during which the token is valid. Defaults to 3600 seconds.
    Logouts List<GetClientAddonSamlpLogout>
    Configuration settings for logout.
    MapIdentities bool
    Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available. Defaults to true.
    MapUnknownClaimsAsIs bool
    Indicates whether to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults to false.
    Mappings Dictionary<string, string>
    Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).
    NameIdentifierFormat string
    Format of the name identifier. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    NameIdentifierProbes List<string>
    Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
    PassthroughClaimsWithNoMapping bool
    Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to true.
    Recipient string
    Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or callback URL if no SAMLRequest was sent.
    SignResponse bool
    Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
    SignatureAlgorithm string
    Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256. Defaults to rsa-sha1.
    SigningCert string
    Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.
    TypedAttributes bool
    Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType. Defaults to true.
    Audience string
    Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
    AuthnContextClassRef string
    Class reference of the authentication context.
    Binding string
    Protocol binding used for SAML logout responses.
    CreateUpnClaim bool
    Indicates whether a UPN claim should be created. Defaults to true.
    Destination string
    Destination of the SAML Response. If not specified, it will be AssertionConsumerUrl of SAMLRequest or callback URL if there was no SAMLRequest.
    DigestAlgorithm string
    Algorithm used to calculate the digest of the SAML Assertion or response. Options include sha1 and sha256. Defaults to sha1.
    IncludeAttributeNameFormat bool
    Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion. Defaults to true.
    Issuer string
    Issuer of the SAML Assertion.
    LifetimeInSeconds int
    Number of seconds during which the token is valid. Defaults to 3600 seconds.
    Logouts []GetClientAddonSamlpLogout
    Configuration settings for logout.
    MapIdentities bool
    Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available. Defaults to true.
    MapUnknownClaimsAsIs bool
    Indicates whether to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults to false.
    Mappings map[string]string
    Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).
    NameIdentifierFormat string
    Format of the name identifier. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    NameIdentifierProbes []string
    Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
    PassthroughClaimsWithNoMapping bool
    Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to true.
    Recipient string
    Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or callback URL if no SAMLRequest was sent.
    SignResponse bool
    Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
    SignatureAlgorithm string
    Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256. Defaults to rsa-sha1.
    SigningCert string
    Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.
    TypedAttributes bool
    Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType. Defaults to true.
    audience String
    Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
    authnContextClassRef String
    Class reference of the authentication context.
    binding String
    Protocol binding used for SAML logout responses.
    createUpnClaim Boolean
    Indicates whether a UPN claim should be created. Defaults to true.
    destination String
    Destination of the SAML Response. If not specified, it will be AssertionConsumerUrl of SAMLRequest or callback URL if there was no SAMLRequest.
    digestAlgorithm String
    Algorithm used to calculate the digest of the SAML Assertion or response. Options include sha1 and sha256. Defaults to sha1.
    includeAttributeNameFormat Boolean
    Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion. Defaults to true.
    issuer String
    Issuer of the SAML Assertion.
    lifetimeInSeconds Integer
    Number of seconds during which the token is valid. Defaults to 3600 seconds.
    logouts List<GetClientAddonSamlpLogout>
    Configuration settings for logout.
    mapIdentities Boolean
    Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available. Defaults to true.
    mapUnknownClaimsAsIs Boolean
    Indicates whether to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults to false.
    mappings Map<String,String>
    Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).
    nameIdentifierFormat String
    Format of the name identifier. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    nameIdentifierProbes List<String>
    Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
    passthroughClaimsWithNoMapping Boolean
    Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to true.
    recipient String
    Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or callback URL if no SAMLRequest was sent.
    signResponse Boolean
    Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
    signatureAlgorithm String
    Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256. Defaults to rsa-sha1.
    signingCert String
    Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.
    typedAttributes Boolean
    Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType. Defaults to true.
    audience string
    Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
    authnContextClassRef string
    Class reference of the authentication context.
    binding string
    Protocol binding used for SAML logout responses.
    createUpnClaim boolean
    Indicates whether a UPN claim should be created. Defaults to true.
    destination string
    Destination of the SAML Response. If not specified, it will be AssertionConsumerUrl of SAMLRequest or callback URL if there was no SAMLRequest.
    digestAlgorithm string
    Algorithm used to calculate the digest of the SAML Assertion or response. Options include sha1 and sha256. Defaults to sha1.
    includeAttributeNameFormat boolean
    Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion. Defaults to true.
    issuer string
    Issuer of the SAML Assertion.
    lifetimeInSeconds number
    Number of seconds during which the token is valid. Defaults to 3600 seconds.
    logouts GetClientAddonSamlpLogout[]
    Configuration settings for logout.
    mapIdentities boolean
    Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available. Defaults to true.
    mapUnknownClaimsAsIs boolean
    Indicates whether to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults to false.
    mappings {[key: string]: string}
    Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).
    nameIdentifierFormat string
    Format of the name identifier. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    nameIdentifierProbes string[]
    Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
    passthroughClaimsWithNoMapping boolean
    Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to true.
    recipient string
    Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or callback URL if no SAMLRequest was sent.
    signResponse boolean
    Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
    signatureAlgorithm string
    Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256. Defaults to rsa-sha1.
    signingCert string
    Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.
    typedAttributes boolean
    Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType. Defaults to true.
    audience str
    Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
    authn_context_class_ref str
    Class reference of the authentication context.
    binding str
    Protocol binding used for SAML logout responses.
    create_upn_claim bool
    Indicates whether a UPN claim should be created. Defaults to true.
    destination str
    Destination of the SAML Response. If not specified, it will be AssertionConsumerUrl of SAMLRequest or callback URL if there was no SAMLRequest.
    digest_algorithm str
    Algorithm used to calculate the digest of the SAML Assertion or response. Options include sha1 and sha256. Defaults to sha1.
    include_attribute_name_format bool
    Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion. Defaults to true.
    issuer str
    Issuer of the SAML Assertion.
    lifetime_in_seconds int
    Number of seconds during which the token is valid. Defaults to 3600 seconds.
    logouts Sequence[GetClientAddonSamlpLogout]
    Configuration settings for logout.
    map_identities bool
    Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available. Defaults to true.
    map_unknown_claims_as_is bool
    Indicates whether to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults to false.
    mappings Mapping[str, str]
    Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).
    name_identifier_format str
    Format of the name identifier. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    name_identifier_probes Sequence[str]
    Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
    passthrough_claims_with_no_mapping bool
    Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to true.
    recipient str
    Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or callback URL if no SAMLRequest was sent.
    sign_response bool
    Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
    signature_algorithm str
    Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256. Defaults to rsa-sha1.
    signing_cert str
    Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.
    typed_attributes bool
    Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType. Defaults to true.
    audience String
    Audience of the SAML Assertion. Default will be the Issuer on SAMLRequest.
    authnContextClassRef String
    Class reference of the authentication context.
    binding String
    Protocol binding used for SAML logout responses.
    createUpnClaim Boolean
    Indicates whether a UPN claim should be created. Defaults to true.
    destination String
    Destination of the SAML Response. If not specified, it will be AssertionConsumerUrl of SAMLRequest or callback URL if there was no SAMLRequest.
    digestAlgorithm String
    Algorithm used to calculate the digest of the SAML Assertion or response. Options include sha1 and sha256. Defaults to sha1.
    includeAttributeNameFormat Boolean
    Indicates whether or not we should infer the NameFormat based on the attribute name. If set to false, the attribute NameFormat is not set in the assertion. Defaults to true.
    issuer String
    Issuer of the SAML Assertion.
    lifetimeInSeconds Number
    Number of seconds during which the token is valid. Defaults to 3600 seconds.
    logouts List<Property Map>
    Configuration settings for logout.
    mapIdentities Boolean
    Indicates whether or not to add additional identity information in the token, such as the provider used and the access_token, if available. Defaults to true.
    mapUnknownClaimsAsIs Boolean
    Indicates whether to add a prefix of http://schema.auth0.com to any claims that are not mapped to the common profile when passed through in the output assertion. Defaults to false.
    mappings Map<String>
    Mappings between the Auth0 user profile property name (name) and the output attributes on the SAML attribute in the assertion (value).
    nameIdentifierFormat String
    Format of the name identifier. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    nameIdentifierProbes List<String>
    Attributes that can be used for Subject/NameID. Auth0 will try each of the attributes of this array in order and use the first value it finds.
    passthroughClaimsWithNoMapping Boolean
    Indicates whether or not to passthrough claims that are not mapped to the common profile in the output assertion. Defaults to true.
    recipient String
    Recipient of the SAML Assertion (SubjectConfirmationData). Default is AssertionConsumerUrl on SAMLRequest or callback URL if no SAMLRequest was sent.
    signResponse Boolean
    Indicates whether or not the SAML Response should be signed instead of the SAML Assertion.
    signatureAlgorithm String
    Algorithm used to sign the SAML Assertion or response. Options include rsa-sha1 and rsa-sha256. Defaults to rsa-sha1.
    signingCert String
    Optionally indicates the public key certificate used to validate SAML requests. If set, SAML requests will be required to be signed. A sample value would be -----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n.
    typedAttributes Boolean
    Indicates whether or not we should infer the xs:type of the element. Types include xs:string, xs:boolean, xs:double, and xs:anyType. When set to false, all xs:type are xs:anyType. Defaults to true.

    GetClientAddonSamlpLogout

    Callback string
    The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
    SloEnabled bool
    Controls whether Auth0 should notify service providers of session termination.
    Callback string
    The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
    SloEnabled bool
    Controls whether Auth0 should notify service providers of session termination.
    callback String
    The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
    sloEnabled Boolean
    Controls whether Auth0 should notify service providers of session termination.
    callback string
    The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
    sloEnabled boolean
    Controls whether Auth0 should notify service providers of session termination.
    callback str
    The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
    slo_enabled bool
    Controls whether Auth0 should notify service providers of session termination.
    callback String
    The service provider (client application)'s Single Logout Service URL, where Auth0 will send logout requests and responses.
    sloEnabled Boolean
    Controls whether Auth0 should notify service providers of session termination.

    GetClientAddonSapApi

    ClientId string
    If activated in the OAuth 2.0 client configuration (transaction SOAUTH2) the SAML attribute client_idmust be set and equal theclient_id` form parameter of the access token request.
    NameIdentifierFormat string
    NameID element of the Subject which can be used to express the user's identity. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    Scope string
    Requested scope for SAP APIs.
    ServicePassword string
    Service account password to use to authenticate API calls to the token endpoint.
    TokenEndpointUrl string
    The OAuth2 token endpoint URL of your SAP OData server.
    UsernameAttribute string
    Name of the property in the user object that maps to a SAP username, for example email.
    ClientId string
    If activated in the OAuth 2.0 client configuration (transaction SOAUTH2) the SAML attribute client_idmust be set and equal theclient_id` form parameter of the access token request.
    NameIdentifierFormat string
    NameID element of the Subject which can be used to express the user's identity. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    Scope string
    Requested scope for SAP APIs.
    ServicePassword string
    Service account password to use to authenticate API calls to the token endpoint.
    TokenEndpointUrl string
    The OAuth2 token endpoint URL of your SAP OData server.
    UsernameAttribute string
    Name of the property in the user object that maps to a SAP username, for example email.
    clientId String
    If activated in the OAuth 2.0 client configuration (transaction SOAUTH2) the SAML attribute client_idmust be set and equal theclient_id` form parameter of the access token request.
    nameIdentifierFormat String
    NameID element of the Subject which can be used to express the user's identity. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    scope String
    Requested scope for SAP APIs.
    servicePassword String
    Service account password to use to authenticate API calls to the token endpoint.
    tokenEndpointUrl String
    The OAuth2 token endpoint URL of your SAP OData server.
    usernameAttribute String
    Name of the property in the user object that maps to a SAP username, for example email.
    clientId string
    If activated in the OAuth 2.0 client configuration (transaction SOAUTH2) the SAML attribute client_idmust be set and equal theclient_id` form parameter of the access token request.
    nameIdentifierFormat string
    NameID element of the Subject which can be used to express the user's identity. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    scope string
    Requested scope for SAP APIs.
    servicePassword string
    Service account password to use to authenticate API calls to the token endpoint.
    tokenEndpointUrl string
    The OAuth2 token endpoint URL of your SAP OData server.
    usernameAttribute string
    Name of the property in the user object that maps to a SAP username, for example email.
    client_id str
    If activated in the OAuth 2.0 client configuration (transaction SOAUTH2) the SAML attribute client_idmust be set and equal theclient_id` form parameter of the access token request.
    name_identifier_format str
    NameID element of the Subject which can be used to express the user's identity. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    scope str
    Requested scope for SAP APIs.
    service_password str
    Service account password to use to authenticate API calls to the token endpoint.
    token_endpoint_url str
    The OAuth2 token endpoint URL of your SAP OData server.
    username_attribute str
    Name of the property in the user object that maps to a SAP username, for example email.
    clientId String
    If activated in the OAuth 2.0 client configuration (transaction SOAUTH2) the SAML attribute client_idmust be set and equal theclient_id` form parameter of the access token request.
    nameIdentifierFormat String
    NameID element of the Subject which can be used to express the user's identity. Defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
    scope String
    Requested scope for SAP APIs.
    servicePassword String
    Service account password to use to authenticate API calls to the token endpoint.
    tokenEndpointUrl String
    The OAuth2 token endpoint URL of your SAP OData server.
    usernameAttribute String
    Name of the property in the user object that maps to a SAP username, for example email.

    GetClientAddonSentry

    BaseUrl string
    URL prefix only if running Sentry Community Edition, otherwise leave empty.
    OrgSlug string
    Generated slug for your Sentry organization. Found in your Sentry URL, for example https://sentry.acme.com/acme-org/ would be acme-org.
    BaseUrl string
    URL prefix only if running Sentry Community Edition, otherwise leave empty.
    OrgSlug string
    Generated slug for your Sentry organization. Found in your Sentry URL, for example https://sentry.acme.com/acme-org/ would be acme-org.
    baseUrl String
    URL prefix only if running Sentry Community Edition, otherwise leave empty.
    orgSlug String
    Generated slug for your Sentry organization. Found in your Sentry URL, for example https://sentry.acme.com/acme-org/ would be acme-org.
    baseUrl string
    URL prefix only if running Sentry Community Edition, otherwise leave empty.
    orgSlug string
    Generated slug for your Sentry organization. Found in your Sentry URL, for example https://sentry.acme.com/acme-org/ would be acme-org.
    base_url str
    URL prefix only if running Sentry Community Edition, otherwise leave empty.
    org_slug str
    Generated slug for your Sentry organization. Found in your Sentry URL, for example https://sentry.acme.com/acme-org/ would be acme-org.
    baseUrl String
    URL prefix only if running Sentry Community Edition, otherwise leave empty.
    orgSlug String
    Generated slug for your Sentry organization. Found in your Sentry URL, for example https://sentry.acme.com/acme-org/ would be acme-org.

    GetClientAddonSharepoint

    ExternalUrls List<string>
    External SharePoint application URLs if exposed to the Internet.
    Url string
    Internal SharePoint application URL.
    ExternalUrls []string
    External SharePoint application URLs if exposed to the Internet.
    Url string
    Internal SharePoint application URL.
    externalUrls List<String>
    External SharePoint application URLs if exposed to the Internet.
    url String
    Internal SharePoint application URL.
    externalUrls string[]
    External SharePoint application URLs if exposed to the Internet.
    url string
    Internal SharePoint application URL.
    external_urls Sequence[str]
    External SharePoint application URLs if exposed to the Internet.
    url str
    Internal SharePoint application URL.
    externalUrls List<String>
    External SharePoint application URLs if exposed to the Internet.
    url String
    Internal SharePoint application URL.

    GetClientAddonSlack

    Team string
    Slack team name.
    Team string
    Slack team name.
    team String
    Slack team name.
    team string
    Slack team name.
    team str
    Slack team name.
    team String
    Slack team name.

    GetClientAddonSpringcm

    AcsUrl string
    SpringCM ACS URL, for example https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx.
    AcsUrl string
    SpringCM ACS URL, for example https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx.
    acsUrl String
    SpringCM ACS URL, for example https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx.
    acsUrl string
    SpringCM ACS URL, for example https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx.
    acs_url str
    SpringCM ACS URL, for example https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx.
    acsUrl String
    SpringCM ACS URL, for example https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx.

    GetClientAddonSsoIntegration

    Name string
    SSO integration name.
    Version string
    SSO integration version installed.
    Name string
    SSO integration name.
    Version string
    SSO integration version installed.
    name String
    SSO integration name.
    version String
    SSO integration version installed.
    name string
    SSO integration name.
    version string
    SSO integration version installed.
    name str
    SSO integration name.
    version str
    SSO integration version installed.
    name String
    SSO integration name.
    version String
    SSO integration version installed.

    GetClientAddonWam

    MasterKey string
    Your master key for Windows Azure Mobile Services.
    MasterKey string
    Your master key for Windows Azure Mobile Services.
    masterKey String
    Your master key for Windows Azure Mobile Services.
    masterKey string
    Your master key for Windows Azure Mobile Services.
    master_key str
    Your master key for Windows Azure Mobile Services.
    masterKey String
    Your master key for Windows Azure Mobile Services.

    GetClientAddonZendesk

    AccountName string
    Zendesk account name. Usually the first segment in your Zendesk URL, for example https://acme-org.zendesk.com would be acme-org.
    AccountName string
    Zendesk account name. Usually the first segment in your Zendesk URL, for example https://acme-org.zendesk.com would be acme-org.
    accountName String
    Zendesk account name. Usually the first segment in your Zendesk URL, for example https://acme-org.zendesk.com would be acme-org.
    accountName string
    Zendesk account name. Usually the first segment in your Zendesk URL, for example https://acme-org.zendesk.com would be acme-org.
    account_name str
    Zendesk account name. Usually the first segment in your Zendesk URL, for example https://acme-org.zendesk.com would be acme-org.
    accountName String
    Zendesk account name. Usually the first segment in your Zendesk URL, for example https://acme-org.zendesk.com would be acme-org.

    GetClientAddonZoom

    Account string
    Zoom account name. Usually the first segment of your Zoom URL, for example https://acme-org.zoom.us would be acme-org.
    Account string
    Zoom account name. Usually the first segment of your Zoom URL, for example https://acme-org.zoom.us would be acme-org.
    account String
    Zoom account name. Usually the first segment of your Zoom URL, for example https://acme-org.zoom.us would be acme-org.
    account string
    Zoom account name. Usually the first segment of your Zoom URL, for example https://acme-org.zoom.us would be acme-org.
    account str
    Zoom account name. Usually the first segment of your Zoom URL, for example https://acme-org.zoom.us would be acme-org.
    account String
    Zoom account name. Usually the first segment of your Zoom URL, for example https://acme-org.zoom.us would be acme-org.

    GetClientDefaultOrganization

    Disable bool
    If set, the default_organization will be removed.
    Flows List<string>
    Definition of the flow that needs to be configured. Eg. client_credentials
    OrganizationId string
    The unique identifier of the organization
    Disable bool
    If set, the default_organization will be removed.
    Flows []string
    Definition of the flow that needs to be configured. Eg. client_credentials
    OrganizationId string
    The unique identifier of the organization
    disable Boolean
    If set, the default_organization will be removed.
    flows List<String>
    Definition of the flow that needs to be configured. Eg. client_credentials
    organizationId String
    The unique identifier of the organization
    disable boolean
    If set, the default_organization will be removed.
    flows string[]
    Definition of the flow that needs to be configured. Eg. client_credentials
    organizationId string
    The unique identifier of the organization
    disable bool
    If set, the default_organization will be removed.
    flows Sequence[str]
    Definition of the flow that needs to be configured. Eg. client_credentials
    organization_id str
    The unique identifier of the organization
    disable Boolean
    If set, the default_organization will be removed.
    flows List<String>
    Definition of the flow that needs to be configured. Eg. client_credentials
    organizationId String
    The unique identifier of the organization

    GetClientJwtConfiguration

    Alg string
    Algorithm used to sign JWTs.
    LifetimeInSeconds int
    Number of seconds during which the JWT will be valid.
    Scopes Dictionary<string, string>
    Permissions (scopes) included in JWTs.
    SecretEncoded bool
    Indicates whether the client secret is Base64-encoded.
    Alg string
    Algorithm used to sign JWTs.
    LifetimeInSeconds int
    Number of seconds during which the JWT will be valid.
    Scopes map[string]string
    Permissions (scopes) included in JWTs.
    SecretEncoded bool
    Indicates whether the client secret is Base64-encoded.
    alg String
    Algorithm used to sign JWTs.
    lifetimeInSeconds Integer
    Number of seconds during which the JWT will be valid.
    scopes Map<String,String>
    Permissions (scopes) included in JWTs.
    secretEncoded Boolean
    Indicates whether the client secret is Base64-encoded.
    alg string
    Algorithm used to sign JWTs.
    lifetimeInSeconds number
    Number of seconds during which the JWT will be valid.
    scopes {[key: string]: string}
    Permissions (scopes) included in JWTs.
    secretEncoded boolean
    Indicates whether the client secret is Base64-encoded.
    alg str
    Algorithm used to sign JWTs.
    lifetime_in_seconds int
    Number of seconds during which the JWT will be valid.
    scopes Mapping[str, str]
    Permissions (scopes) included in JWTs.
    secret_encoded bool
    Indicates whether the client secret is Base64-encoded.
    alg String
    Algorithm used to sign JWTs.
    lifetimeInSeconds Number
    Number of seconds during which the JWT will be valid.
    scopes Map<String>
    Permissions (scopes) included in JWTs.
    secretEncoded Boolean
    Indicates whether the client secret is Base64-encoded.

    GetClientMobile

    Androids List<GetClientMobileAndroid>
    Configuration settings for Android native apps.
    Ios List<GetClientMobileIo>
    Configuration settings for i0S native apps.
    Androids []GetClientMobileAndroid
    Configuration settings for Android native apps.
    Ios []GetClientMobileIo
    Configuration settings for i0S native apps.
    androids List<GetClientMobileAndroid>
    Configuration settings for Android native apps.
    ios List<GetClientMobileIo>
    Configuration settings for i0S native apps.
    androids GetClientMobileAndroid[]
    Configuration settings for Android native apps.
    ios GetClientMobileIo[]
    Configuration settings for i0S native apps.
    androids Sequence[GetClientMobileAndroid]
    Configuration settings for Android native apps.
    ios Sequence[GetClientMobileIo]
    Configuration settings for i0S native apps.
    androids List<Property Map>
    Configuration settings for Android native apps.
    ios List<Property Map>
    Configuration settings for i0S native apps.

    GetClientMobileAndroid

    GetClientMobileIo

    GetClientNativeSocialLogin

    GetClientNativeSocialLoginApple

    Enabled bool
    Enabled bool
    enabled Boolean
    enabled boolean
    enabled bool
    enabled Boolean

    GetClientNativeSocialLoginFacebook

    Enabled bool
    Enabled bool
    enabled Boolean
    enabled boolean
    enabled bool
    enabled Boolean

    GetClientRefreshToken

    ExpirationType string
    Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.
    IdleTokenLifetime int
    The time in seconds after which inactive refresh tokens will expire.
    InfiniteIdleTokenLifetime bool
    Whether inactive refresh tokens should remain valid indefinitely.
    InfiniteTokenLifetime bool
    Whether refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set.
    Leeway int
    The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
    RotationType string
    Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.
    TokenLifetime int
    The absolute lifetime of a refresh token in seconds.
    ExpirationType string
    Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.
    IdleTokenLifetime int
    The time in seconds after which inactive refresh tokens will expire.
    InfiniteIdleTokenLifetime bool
    Whether inactive refresh tokens should remain valid indefinitely.
    InfiniteTokenLifetime bool
    Whether refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set.
    Leeway int
    The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
    RotationType string
    Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.
    TokenLifetime int
    The absolute lifetime of a refresh token in seconds.
    expirationType String
    Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.
    idleTokenLifetime Integer
    The time in seconds after which inactive refresh tokens will expire.
    infiniteIdleTokenLifetime Boolean
    Whether inactive refresh tokens should remain valid indefinitely.
    infiniteTokenLifetime Boolean
    Whether refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set.
    leeway Integer
    The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
    rotationType String
    Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.
    tokenLifetime Integer
    The absolute lifetime of a refresh token in seconds.
    expirationType string
    Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.
    idleTokenLifetime number
    The time in seconds after which inactive refresh tokens will expire.
    infiniteIdleTokenLifetime boolean
    Whether inactive refresh tokens should remain valid indefinitely.
    infiniteTokenLifetime boolean
    Whether refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set.
    leeway number
    The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
    rotationType string
    Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.
    tokenLifetime number
    The absolute lifetime of a refresh token in seconds.
    expiration_type str
    Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.
    idle_token_lifetime int
    The time in seconds after which inactive refresh tokens will expire.
    infinite_idle_token_lifetime bool
    Whether inactive refresh tokens should remain valid indefinitely.
    infinite_token_lifetime bool
    Whether refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set.
    leeway int
    The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
    rotation_type str
    Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.
    token_lifetime int
    The absolute lifetime of a refresh token in seconds.
    expirationType String
    Options include expiring, non-expiring. Whether a refresh token will expire based on an absolute lifetime, after which the token can no longer be used. If rotation is rotating, this must be set to expiring.
    idleTokenLifetime Number
    The time in seconds after which inactive refresh tokens will expire.
    infiniteIdleTokenLifetime Boolean
    Whether inactive refresh tokens should remain valid indefinitely.
    infiniteTokenLifetime Boolean
    Whether refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set.
    leeway Number
    The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
    rotationType String
    Options include rotating, non-rotating. When rotating, exchanging a refresh token will cause a new refresh token to be issued and the existing token will be invalidated. This allows for automatic detection of token reuse if the token is leaked.
    tokenLifetime Number
    The absolute lifetime of a refresh token in seconds.

    Package Details

    Repository
    Auth0 pulumi/pulumi-auth0
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the auth0 Terraform Provider.
    auth0 logo
    Auth0 v3.7.1 published on Thursday, Sep 12, 2024 by Pulumi