Auth0 Node.js SDK - v5.2.0
    Preparing search index...

    Interface ConnectionOptionsAzureAd

    Options for the 'waad' connection

    interface ConnectionOptionsAzureAd {
        api_enable_users?: boolean;
        app_domain?: string;
        app_id?: string;
        basic_profile?: boolean;
        client_id?: string;
        client_secret?: string;
        domain_aliases?: ConnectionDomainAliasesAzureAd;
        ext_access_token?: boolean;
        ext_account_enabled?: boolean;
        ext_admin?: boolean;
        ext_agreed_terms?: boolean;
        ext_assigned_licenses?: boolean;
        ext_assigned_plans?: boolean;
        ext_azure_id?: boolean;
        ext_city?: boolean;
        ext_country?: boolean;
        ext_department?: boolean;
        ext_dir_sync_enabled?: boolean;
        ext_email?: boolean;
        ext_expires_in?: boolean;
        ext_family_name?: boolean;
        ext_fax?: boolean;
        ext_given_name?: boolean;
        ext_group_ids?: boolean;
        ext_groups?: boolean;
        ext_is_suspended?: boolean;
        ext_job_title?: boolean;
        ext_last_sync?: boolean;
        ext_mobile?: boolean;
        ext_name?: boolean;
        ext_nested_groups?: boolean;
        ext_nickname?: boolean;
        ext_oid?: boolean;
        ext_phone?: boolean;
        ext_physical_delivery_office_name?: boolean;
        ext_postal_code?: boolean;
        ext_preferred_language?: boolean;
        ext_profile?: boolean;
        ext_provisioned_plans?: boolean;
        ext_provisioning_errors?: boolean;
        ext_proxy_addresses?: boolean;
        ext_puid?: boolean;
        ext_refresh_token?: boolean;
        ext_roles?: boolean;
        ext_state?: boolean;
        ext_street?: boolean;
        ext_telephoneNumber?: boolean;
        ext_tenantid?: boolean;
        ext_upn?: boolean;
        ext_usage_location?: boolean;
        ext_user_id?: boolean;
        federated_connections_access_tokens?:
            | ConnectionFederatedConnectionsAccessTokens
            | null;
        granted?: boolean;
        icon_url?: string;
        identity_api?: Management.ConnectionIdentityApiEnumAzureAd;
        max_groups_to_retrieve?: string;
        scope?: ConnectionScopeAzureAd;
        set_user_root_attributes?: Management.ConnectionSetUserRootAttributesEnum;
        should_trust_email_verified_connection?: Management.ConnectionShouldTrustEmailVerifiedConnectionEnum;
        tenant_domain?: string;
        tenantId?: string;
        thumbprints?: ConnectionThumbprints;
        upstream_params?: ConnectionUpstreamParamsAzureAd;
        use_wsfed?: boolean;
        useCommonEndpoint?: boolean;
        userid_attribute?: Management.ConnectionUseridAttributeEnumAzureAd;
        waad_protocol?: Management.ConnectionWaadProtocolEnumAzureAd;
        non_persistent_attrs?: ConnectionNonPersistentAttrs;
    }

    Hierarchy (View Summary)

    Index

    Properties

    api_enable_users? app_domain? app_id? basic_profile? client_id? client_secret? domain_aliases? ext_access_token? ext_account_enabled? ext_admin? ext_agreed_terms? ext_assigned_licenses? ext_assigned_plans? ext_azure_id? ext_city? ext_country? ext_department? ext_dir_sync_enabled? ext_email? ext_expires_in? ext_family_name? ext_fax? ext_given_name? ext_group_ids? ext_groups? ext_is_suspended? ext_job_title? ext_last_sync? ext_mobile? ext_name? ext_nested_groups? ext_nickname? ext_oid? ext_phone? ext_physical_delivery_office_name? ext_postal_code? ext_preferred_language? ext_profile? ext_provisioned_plans? ext_provisioning_errors? ext_proxy_addresses? ext_puid? ext_refresh_token? ext_roles? ext_state? ext_street? ext_telephoneNumber? ext_tenantid? ext_upn? ext_usage_location? ext_user_id? federated_connections_access_tokens? granted? icon_url? identity_api? max_groups_to_retrieve? scope? set_user_root_attributes? should_trust_email_verified_connection? tenant_domain? tenantId? thumbprints? upstream_params? use_wsfed? useCommonEndpoint? userid_attribute? waad_protocol? non_persistent_attrs?

    Properties

    api_enable_users?: boolean

    Enable users API

    app_domain?: string
    app_id?: string

    The Application ID URI (App ID URI) for the Azure AD application. Required when using Azure AD v1 with the Resource Owner Password flow. Used to identify the resource being requested in OAuth token requests.

    basic_profile?: boolean

    Includes basic user profile information from Azure AD (name, email, given_name, family_name). Always enabled and required - represents the minimum profile data retrieved during authentication.

    client_id?: string
    client_secret?: string
    domain_aliases?: ConnectionDomainAliasesAzureAd
    ext_access_token?: boolean

    When false, prevents storing the user's Azure AD access token in the Auth0 user profile. When true (default), the access token is persisted for API access.

    ext_account_enabled?: boolean

    When false, prevents storing whether the user's Azure AD account is enabled. When true (default), the account enabled status is persisted in the user profile.

    ext_admin?: boolean
    ext_agreed_terms?: boolean
    ext_assigned_licenses?: boolean

    When false, prevents storing the list of Microsoft 365/Office 365 licenses assigned to the user. When true (default), license information is persisted in the user profile.

    ext_assigned_plans?: boolean
    ext_azure_id?: boolean

    When false, prevents storing the user's Azure ID identifier. When true (default), the Azure ID is persisted. Note: 'oid' (Object ID) is the recommended unique identifier for single-tenant connections.

    ext_city?: boolean

    When false, prevents storing the user's city from Azure AD. When true (default), city information is persisted in the user profile.

    ext_country?: boolean

    When false, prevents storing the user's country from Azure AD. When true (default), country information is persisted in the user profile.

    ext_department?: boolean

    When false, prevents storing the user's department from Azure AD. When true (default), department information is persisted in the user profile.

    ext_dir_sync_enabled?: boolean

    When false, prevents storing whether directory synchronization is enabled for the user. When true (default), directory sync status is persisted in the user profile.

    ext_email?: boolean

    When false, prevents storing the user's email address from Azure AD. When true (default), email is persisted in the user profile.

    ext_expires_in?: boolean

    When false, prevents storing the token expiration time (in seconds). When true (default), expiration information is persisted in the user profile.

    ext_family_name?: boolean

    When false, prevents storing the user's family name (last name) from Azure AD. When true (default), family name is persisted in the user profile.

    ext_fax?: boolean

    When false, prevents storing the user's fax number from Azure AD. When true (default), fax information is persisted in the user profile.

    ext_given_name?: boolean

    When false, prevents storing the user's given name (first name) from Azure AD. When true (default), given name is persisted in the user profile.

    ext_group_ids?: boolean

    When false, prevents storing the list of Azure AD group IDs the user is a member of. When true (default), group membership IDs are persisted. See ext_groups for retrieving group details.

    ext_groups?: boolean
    ext_is_suspended?: boolean
    ext_job_title?: boolean

    When false, prevents storing the user's job title from Azure AD. When true (default), job title information is persisted in the user profile.

    ext_last_sync?: boolean

    When false, prevents storing the timestamp of the last directory synchronization. When true (default), the last sync date is persisted in the user profile.

    ext_mobile?: boolean

    When false, prevents storing the user's mobile phone number from Azure AD. When true (default), mobile number is persisted in the user profile.

    ext_name?: boolean

    When false, prevents storing the user's full name from Azure AD. When true (default), full name is persisted in the user profile.

    ext_nested_groups?: boolean

    When true, stores all groups the user is member of, including transitive group memberships (groups within groups). When false (default), only direct group memberships are included.

    ext_nickname?: boolean

    When false, prevents storing the user's nickname or display name from Azure AD. When true (default), nickname is persisted in the user profile.

    ext_oid?: boolean

    When false, prevents storing the user's Object ID (oid) from Azure AD. When true (default), the oid is persisted. Note: 'oid' is the recommended unique identifier for single-tenant connections and required for SCIM.

    ext_phone?: boolean

    When false, prevents storing the user's phone number from Azure AD. When true (default), phone number is persisted in the user profile.

    ext_physical_delivery_office_name?: boolean

    When false, prevents storing the user's office location from Azure AD. When true (default), office location is persisted in the user profile.

    ext_postal_code?: boolean

    When false, prevents storing the user's postal code from Azure AD. When true (default), postal code is persisted in the user profile.

    ext_preferred_language?: boolean

    When false, prevents storing the user's preferred language from Azure AD. When true (default), language preference is persisted in the user profile.

    ext_profile?: boolean
    ext_provisioned_plans?: boolean

    When false, prevents storing the list of service plans provisioned to the user. When true (default), provisioned plans are persisted in the user profile.

    ext_provisioning_errors?: boolean

    When false, prevents storing provisioning errors that occurred during synchronization. When true (default), error information is persisted. Useful for troubleshooting sync issues.

    ext_proxy_addresses?: boolean

    When false, prevents storing all proxy email addresses (email aliases) for the user. When true (default), proxy addresses are persisted in the user profile.

    ext_puid?: boolean

    When false, prevents storing the user's Passport User ID (puid). When true (default), puid is persisted in the user profile. Legacy attribute.

    ext_refresh_token?: boolean

    When false, prevents storing the Azure AD refresh token. When true (default), the refresh token is persisted for offline access. Required for token refresh in long-lived applications.

    ext_roles?: boolean

    When false, prevents storing Azure AD application roles assigned to the user. When true (default), role information is persisted. Useful for RBAC in applications.

    ext_state?: boolean

    When false, prevents storing the user's state (province/region) from Azure AD. When true (default), state information is persisted in the user profile.

    ext_street?: boolean

    When false, prevents storing the user's street address from Azure AD. When true (default), street address is persisted in the user profile.

    ext_telephoneNumber?: boolean

    When false, prevents storing the user's telephone number from Azure AD. When true (default), telephone number is persisted in the user profile.

    ext_tenantid?: boolean

    When false, prevents storing the user's Azure AD tenant ID. When true (default), tenant ID is persisted. Useful for identifying which Azure AD organization the user belongs to.

    ext_upn?: boolean

    When false, prevents storing the user's User Principal Name (UPN) from Azure AD. When true (default), UPN is persisted. UPN is the user's logon name (e.g., user@contoso.com).

    ext_usage_location?: boolean

    When false, prevents storing the user's usage location for license assignment. When true (default), usage location is persisted in the user profile.

    ext_user_id?: boolean

    When false, prevents storing an alternative user ID. When true (default), this user ID is persisted in the user profile.

    federated_connections_access_tokens?:
        | ConnectionFederatedConnectionsAccessTokens
        | null
    granted?: boolean

    Indicates whether admin consent has been granted for the required Azure AD permissions. Read-only status field managed by Auth0 during the OAuth authorization flow.

    icon_url?: string
    identity_api?: Management.ConnectionIdentityApiEnumAzureAd
    max_groups_to_retrieve?: string
    scope?: ConnectionScopeAzureAd
    set_user_root_attributes?: Management.ConnectionSetUserRootAttributesEnum
    should_trust_email_verified_connection?: Management.ConnectionShouldTrustEmailVerifiedConnectionEnum
    tenant_domain?: string
    tenantId?: string
    thumbprints?: ConnectionThumbprints
    upstream_params?: ConnectionUpstreamParamsAzureAd
    use_wsfed?: boolean

    Indicates WS-Federation protocol usage. When true, uses WS-Federation; when false, uses OpenID Connect.

    useCommonEndpoint?: boolean
    userid_attribute?: Management.ConnectionUseridAttributeEnumAzureAd
    waad_protocol?: Management.ConnectionWaadProtocolEnumAzureAd
    non_persistent_attrs?: ConnectionNonPersistentAttrs

    Settings

    Member Visibility

    On This Page

    Properties
    api_enable_usersapp_domainapp_idbasic_profileclient_idclient_secretdomain_aliasesext_access_tokenext_account_enabledext_adminext_agreed_termsext_assigned_licensesext_assigned_plansext_azure_idext_cityext_countryext_departmentext_dir_sync_enabledext_emailext_expires_inext_family_nameext_faxext_given_nameext_group_idsext_groupsext_is_suspendedext_job_titleext_last_syncext_mobileext_nameext_nested_groupsext_nicknameext_oidext_phoneext_physical_delivery_office_nameext_postal_codeext_preferred_languageext_profileext_provisioned_plansext_provisioning_errorsext_proxy_addressesext_puidext_refresh_tokenext_rolesext_stateext_streetext_telephoneNumberext_tenantidext_upnext_usage_locationext_user_idfederated_connections_access_tokensgrantedicon_urlidentity_apimax_groups_to_retrievescopeset_user_root_attributesshould_trust_email_verified_connectiontenant_domaintenantIdthumbprintsupstream_paramsuse_wsfeduseCommonEndpointuserid_attributewaad_protocolnon_persistent_attrs