Class BlacklistsManager

Hierarchy

BaseAPI
- BlacklistsManager

Index

Constructors

Properties

Methods

add getAll request

Constructors

constructor

new BlacklistsManager(configuration): BlacklistsManager
Parameters
- configuration: Configuration
Returns BlacklistsManager
Inherited from BaseAPI.constructor
- Defined in src/lib/runtime.ts:24

Properties

`Protected` configuration

configuration: Configuration

Methods

add

add(bodyParameters, initOverrides?): Promise<ApiResponse<void>>
Add the token identified by the jti to a blacklist for the tenant.

Blacklist a token

Throws
Parameters
- bodyParameters: Token
- Optional initOverrides: InitOverride
Returns Promise<ApiResponse<void>>
- Defined in src/management/__generated/managers/blacklists-manager.ts:50

getAll

getAll(requestParameters?, initOverrides?): Promise<ApiResponse<Token[]>>
Retrieve the jti and aud of all tokens that are blacklisted.

Note: The JWT specification states that the jti field can be used to prevent replay attacks. Though Auth0 tokens do not include a jti, you can nevertheless blacklist a jti to prevent a token being used more than a predetermined number of times. This behavior is similar to implementing a nonce (where the token's signature can be thought of as the nonce). If a token gets stolen, it (or the tokens issued after it) should be blacklisted and let expire.

Get blacklisted tokens

Throws
Parameters
- requestParameters: GetTokensRequest = {}
- Optional initOverrides: InitOverride
Returns Promise<ApiResponse<Token[]>>
- Defined in src/management/__generated/managers/blacklists-manager.ts:20

`Protected` request

request(context, initOverrides?): Promise<Response>
Parameters
- context: RequestOpts
- Optional initOverrides: RequestInit | InitOverrideFunction
Returns Promise<Response>
Inherited from BaseAPI.request
- Defined in src/lib/runtime.ts:40