Interface ClientCreate

Hierarchy

  • ClientCreate

Properties

allowed_clients?: string[]

List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed.

allowed_logout_urls?: string[]

Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains.

allowed_origins?: string[]

Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.

Type of client used to determine which settings are applicable. Can be spa, native, non_interactive, or regular_web.

callbacks?: string[]

Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication.

client_aliases?: string[]

List of audiences/realms for SAML protocol. Used by the wsfed addon.

client_authentication_methods?: ClientCreateClientAuthenticationMethods
client_metadata?: {
    [key: string]: any;
}

Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/()<>@ [Tab] [Space]

Type declaration

  • [key: string]: any
cross_origin_authentication?: boolean

Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false).

cross_origin_loc?: string

URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page.

custom_login_page?: string

The content (HTML, CSS, JS) of the custom login page.

custom_login_page_on?: boolean

true if the custom login page is to be used, false otherwise. Defaults to true

custom_login_page_preview?: string

The content (HTML, CSS, JS) of the custom login page. (Used on Previews)

description?: string

Free text description of this client (max length: 140 characters).

encryption_key?: ClientCreateEncryptionKey
form_template?: string

HTML form template to be used for WS-Federation.

grant_types?: string[]

List of grant types supported for this application. Can include authorization_code, implicit, refresh_token, client_credentials, password, http://auth0.com/oauth/grant-type/password-realm, http://auth0.com/oauth/grant-type/mfa-oob, http://auth0.com/oauth/grant-type/mfa-otp, http://auth0.com/oauth/grant-type/mfa-recovery-code, and urn:ietf:params:oauth:grant-type:device_code.

initiate_login_uri?: string

Initiate login uri, must be https

is_first_party?: boolean

Whether this client a first party client or not

jwt_configuration?: ClientCreateJwtConfiguration
logo_uri?: string

URL of the logo to display for this client. Recommended size is 150x150 pixels.

name: string

Name of this client (min length: 1 character, does not allow < or >).

native_social_login?: null | ClientCreateNativeSocialLogin
oidc_conformant?: boolean

Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false).

organization_require_behavior?: ClientCreateOrganizationRequireBehaviorEnum

Defines how to proceed during an authentication transaction when client.organization_usage: 'require'. Can be no_prompt (default), pre_login_prompt or post_login_prompt. post_login_prompt requires oidc_conformant: true.

Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require.

refresh_token?: null | ClientRefreshToken
sso?: boolean

Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false).

sso_disabled?: boolean

true to disable Single Sign On, false otherwise (default: false)

token_endpoint_auth_method?: ClientCreateTokenEndpointAuthMethodEnum

Defines the requested authentication method for the token endpoint. Can be none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), or client_secret_basic (client uses HTTP Basic).

web_origins?: string[]

Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode.