Represents an error that occurred during mTLS (Mutual TLS) configuration.
mTLS (RFC 8705) allows a confidential client to authenticate to Auth0 using
a TLS client certificate instead of a client_secret or a signed JWT
assertion. It also enables certificate-bound access tokens, which bind issued
tokens cryptographically to the client certificate so that a stolen token
cannot be replayed without the matching private key.
This error is thrown during Auth0Client construction when the mTLS
configuration is invalid or incomplete.
Common scenarios that trigger MtlsError:
useMtls: true is set without providing a customFetch implementation
The authorization server discovery document lacks mtls_endpoint_aliases
useMtls: true is combined with clientSecret or clientAssertionSigningKey
Represents an error that occurred during mTLS (Mutual TLS) configuration.
mTLS (RFC 8705) allows a confidential client to authenticate to Auth0 using a TLS client certificate instead of a
client_secretor a signed JWT assertion. It also enables certificate-bound access tokens, which bind issued tokens cryptographically to the client certificate so that a stolen token cannot be replayed without the matching private key.This error is thrown during
Auth0Clientconstruction when the mTLS configuration is invalid or incomplete.Common scenarios that trigger
MtlsError:useMtls: trueis set without providing acustomFetchimplementationmtls_endpoint_aliasesuseMtls: trueis combined withclientSecretorclientAssertionSigningKeyExample: Handling mTLS configuration errors
Example: Providing a valid mTLS configuration (Node.js)
See
RFC 8705: OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens