Class ClientsManager

Hierarchy

  • BaseAPI
    • ClientsManager

Constructors

constructor

Properties

configuration

Methods

create createCredential delete deleteCredential get getAll getCredential getCredentials request rotateClientSecret update updateCredential

Constructors

constructor

Properties

Protected configuration

configuration: Configuration

Methods

create

  • Create a new client (application or SSO integration). For more information, read Create Applications API Endpoints for Single Sign-On.

    Notes:

    • We recommend leaving the client_secret parameter unspecified to allow the generation of a safe secret.
    • The client_authentication_methods and token_endpoint_auth_method properties are mutually exclusive. Use client_authentication_methods to configure the client with Private Key JWT authentication method. Otherwise, use token_endpoint_auth_method to configure the client with client secret (basic or post) or with no authentication method (none).
    • When using client_authentication_methods to configure the client with Private Key JWT authentication method, specify fully defined credentials. These credentials will be automatically enabled for Private Key JWT authentication on the client.
    • To configure client_authentication_methods, the create:client_credentials scope is required.
    • To configure client_authentication_methods, the property jwt_configuration.alg must be set to RS256.
    SSO Integrations created via this endpoint will accept login requests and share user profile information.

    Create a client

    Throws

    Parameters

    Returns Promise<ApiResponse<Client>>

createCredential

delete

deleteCredential

get

  • Retrieve client details by ID. Clients are SSO connections or Applications linked with your Auth0 tenant. A list of fields to include or exclude may also be specified. For more information, read Applications in Auth0 and Single Sign-On.

    • The following properties can be retrieved with any of the scopes: client_id, app_type, name, and description.
    • The following properties can only be retrieved with the read:clients or read:client_keys scopes: callbacks, oidc_logout, allowed_origins, web_origins, tenant, global, config_route, callback_url_template, jwt_configuration, jwt_configuration.lifetime_in_seconds, jwt_configuration.secret_encoded, jwt_configuration.scopes, jwt_configuration.alg, api_type, logo_uri, allowed_clients, owners, custom_login_page, custom_login_page_off, sso, addons, form_template, custom_login_page_codeview, resource_servers, client_metadata, mobile, mobile.android, mobile.ios, allowed_logout_urls, token_endpoint_auth_method, is_first_party, oidc_conformant, is_token_endpoint_ip_header_trusted, initiate_login_uri, grant_types, refresh_token, refresh_token.rotation_type, refresh_token.expiration_type, refresh_token.leeway, refresh_token.token_lifetime, organization_usage, organization_require_behavior.
    • The following properties can only be retrieved with the read:client_keys or read:client_credentials scopes: encryption_key, encryption_key.pub, encryption_key.cert, client_secret, client_authentication_methods and signing_key.

    Get client by ID

    Throws

    Parameters

    Returns Promise<ApiResponse<Client>>

getAll

  • Retrieve clients (applications and SSO integrations) matching provided filters. A list of fields to include or exclude may also be specified. For more information, read Applications in Auth0 and Single Sign-On.

    • The following can be retrieved with any scope: client_id, app_type, name, and description.
    • The following properties can only be retrieved with the read:clients or read:client_keys scope: callbacks, oidc_logout, allowed_origins, web_origins, tenant, global, config_route, callback_url_template, jwt_configuration, jwt_configuration.lifetime_in_seconds, jwt_configuration.secret_encoded, jwt_configuration.scopes, jwt_configuration.alg, api_type, logo_uri, allowed_clients, owners, custom_login_page, custom_login_page_off, sso, addons, form_template, custom_login_page_codeview, resource_servers, client_metadata, mobile, mobile.android, mobile.ios, allowed_logout_urls, token_endpoint_auth_method, is_first_party, oidc_conformant, is_token_endpoint_ip_header_trusted, initiate_login_uri, grant_types, refresh_token, refresh_token.rotation_type, refresh_token.expiration_type, refresh_token.leeway, refresh_token.token_lifetime, organization_usage, organization_require_behavior.
    • The following properties can only be retrieved with the read:client_keys or read:client_credentials scope: encryption_key, encryption_key.pub, encryption_key.cert, client_secret, client_authentication_methods and signing_key.

    Get clients

    Throws

    Parameters

    Returns Promise<ApiResponse<GetClients200ResponseOneOf>>

  • Parameters

    Returns Promise<ApiResponse<Client[]>>

getCredential

getCredentials

Protected request

rotateClientSecret

update

  • Updates a client's settings. For more information, read Applications in Auth0 and Single Sign-On.

    Notes:

    • The client_secret and signing_key attributes can only be updated with the update:client_keys scope.
    • The client_authentication_methods and token_endpoint_auth_method properties are mutually exclusive. Use client_authentication_methods to configure the client with Private Key JWT authentication method. Otherwise, use token_endpoint_auth_method to configure the client with client secret (basic or post) or with no authentication method (none).
    • When using client_authentication_methods to configure the client with Private Key JWT authentication method, only specify the credential IDs that were generated when creating the credentials on the client.
    • To configure client_authentication_methods, the update:client_credentials scope is required.
    • To configure client_authentication_methods, the property jwt_configuration.alg must be set to RS256. Update a client

    Throws

    Parameters

    Returns Promise<ApiResponse<Client>>

updateCredential

Settings

Member Visibility

Theme

On This Page