docs/interfaces/management.Management.ConnectionOptionsAzureAd.html
Options for the 'waad' connection
interface ConnectionOptionsAzureAd {
api_enable_users?: boolean;
app_domain?: string;
app_id?: string;
basic_profile?: boolean;
client_id: string;
client_secret?: string;
domain_aliases?: ConnectionDomainAliasesAzureAd;
ext_access_token?: boolean;
ext_account_enabled?: boolean;
ext_admin?: boolean;
ext_agreed_terms?: boolean;
ext_assigned_licenses?: boolean;
ext_assigned_plans?: boolean;
ext_azure_id?: boolean;
ext_city?: boolean;
ext_country?: boolean;
ext_department?: boolean;
ext_dir_sync_enabled?: boolean;
ext_email?: boolean;
ext_expires_in?: boolean;
ext_family_name?: boolean;
ext_fax?: boolean;
ext_given_name?: boolean;
ext_group_ids?: boolean;
ext_groups?: boolean;
ext_is_suspended?: boolean;
ext_job_title?: boolean;
ext_last_sync?: boolean;
ext_mobile?: boolean;
ext_name?: boolean;
ext_nested_groups?: boolean;
ext_nickname?: boolean;
ext_oid?: boolean;
ext_phone?: boolean;
ext_physical_delivery_office_name?: boolean;
ext_postal_code?: boolean;
ext_preferred_language?: boolean;
ext_profile?: boolean;
ext_provisioned_plans?: boolean;
ext_provisioning_errors?: boolean;
ext_proxy_addresses?: boolean;
ext_puid?: boolean;
ext_refresh_token?: boolean;
ext_roles?: boolean;
ext_state?: boolean;
ext_street?: boolean;
ext_telephoneNumber?: boolean;
ext_tenantid?: boolean;
ext_upn?: boolean;
ext_usage_location?: boolean;
ext_user_id?: boolean;
federated_connections_access_tokens?:
| ConnectionFederatedConnectionsAccessTokens
| null;
granted?: boolean;
icon_url?: string;
identity_api?: Management.ConnectionIdentityApiEnumAzureAd;
max_groups_to_retrieve?: string;
scope?: ConnectionScopeAzureAd;
set_user_root_attributes?: Management.ConnectionSetUserRootAttributesEnum;
should_trust_email_verified_connection?: Management.ConnectionShouldTrustEmailVerifiedConnectionEnum;
tenant_domain?: string;
tenantId?: string;
thumbprints?: ConnectionThumbprints;
upstream_params?: ConnectionUpstreamParams;
use_wsfed?: boolean;
useCommonEndpoint?: boolean;
userid_attribute?: Management.ConnectionUseridAttributeEnumAzureAd;
waad_protocol?: Management.ConnectionWaadProtocolEnumAzureAd;
non_persistent_attrs?: ConnectionNonPersistentAttrs;
key: string: any;
}
Accepts any additional properties
api_enable_users?app_domain?app_id?basic_profile?client_idclient_secret?domain_aliases?ext_access_token?ext_account_enabled?ext_admin?ext_agreed_terms?ext_assigned_licenses?ext_assigned_plans?ext_azure_id?ext_city?ext_country?ext_department?ext_dir_sync_enabled?ext_email?ext_expires_in?ext_family_name?ext_fax?ext_given_name?ext_group_ids?ext_groups?ext_is_suspended?ext_job_title?ext_last_sync?ext_mobile?ext_name?ext_nested_groups?ext_nickname?ext_oid?ext_phone?ext_physical_delivery_office_name?ext_postal_code?ext_preferred_language?ext_profile?ext_provisioned_plans?ext_provisioning_errors?ext_proxy_addresses?ext_puid?ext_refresh_token?ext_roles?ext_state?ext_street?ext_telephoneNumber?ext_tenantid?ext_upn?ext_usage_location?ext_user_id?federated_connections_access_tokens?granted?icon_url?identity_api?max_groups_to_retrieve?scope?set_user_root_attributes?should_trust_email_verified_connection?tenant_domain?tenantId?thumbprints?upstream_params?use_wsfed?useCommonEndpoint?userid_attribute?waad_protocol?non_persistent_attrs?
Optionalapi_enable_usersapi_enable_users?: boolean
Enable users API
Optionalapp_domainapp_domain?: string
Optionalapp_idapp_id?: string
The Application ID URI (App ID URI) for the Azure AD application. Required when using Azure AD v1 with the Resource Owner Password flow. Used to identify the resource being requested in OAuth token requests.
Optionalbasic_profilebasic_profile?: boolean
Includes basic user profile information from Azure AD (name, email, given_name, family_name). Always enabled and required - represents the minimum profile data retrieved during authentication.
client_id: string
Optionalclient_secretclient_secret?: string
Optionaldomain_aliasesdomain_aliases?: ConnectionDomainAliasesAzureAd
Optionalext_access_tokenext_access_token?: boolean
When false, prevents storing the user's Azure AD access token in the Auth0 user profile. When true (default), the access token is persisted for API access.
Optionalext_account_enabledext_account_enabled?: boolean
When false, prevents storing whether the user's Azure AD account is enabled. When true (default), the account enabled status is persisted in the user profile.
Optionalext_adminext_admin?: boolean
Optionalext_agreed_termsext_agreed_terms?: boolean
Optionalext_assigned_licensesext_assigned_licenses?: boolean
When false, prevents storing the list of Microsoft 365/Office 365 licenses assigned to the user. When true (default), license information is persisted in the user profile.
Optionalext_assigned_plansext_assigned_plans?: boolean
Optionalext_azure_idext_azure_id?: boolean
When false, prevents storing the user's Azure ID identifier. When true (default), the Azure ID is persisted. Note: 'oid' (Object ID) is the recommended unique identifier for single-tenant connections.
Optionalext_cityext_city?: boolean
When false, prevents storing the user's city from Azure AD. When true (default), city information is persisted in the user profile.
Optionalext_countryext_country?: boolean
When false, prevents storing the user's country from Azure AD. When true (default), country information is persisted in the user profile.
Optionalext_departmentext_department?: boolean
When false, prevents storing the user's department from Azure AD. When true (default), department information is persisted in the user profile.
Optionalext_dir_sync_enabledext_dir_sync_enabled?: boolean
When false, prevents storing whether directory synchronization is enabled for the user. When true (default), directory sync status is persisted in the user profile.
Optionalext_emailext_email?: boolean
When false, prevents storing the user's email address from Azure AD. When true (default), email is persisted in the user profile.
Optionalext_expires_inext_expires_in?: boolean
When false, prevents storing the token expiration time (in seconds). When true (default), expiration information is persisted in the user profile.
Optionalext_family_nameext_family_name?: boolean
When false, prevents storing the user's family name (last name) from Azure AD. When true (default), family name is persisted in the user profile.
Optionalext_faxext_fax?: boolean
When false, prevents storing the user's fax number from Azure AD. When true (default), fax information is persisted in the user profile.
Optionalext_given_nameext_given_name?: boolean
When false, prevents storing the user's given name (first name) from Azure AD. When true (default), given name is persisted in the user profile.
Optionalext_group_idsext_group_ids?: boolean
When false, prevents storing the list of Azure AD group IDs the user is a member of. When true (default), group membership IDs are persisted. See ext_groups for retrieving group details.
Optionalext_groupsext_groups?: boolean
Optionalext_is_suspendedext_is_suspended?: boolean
Optionalext_job_titleext_job_title?: boolean
When false, prevents storing the user's job title from Azure AD. When true (default), job title information is persisted in the user profile.
Optionalext_last_syncext_last_sync?: boolean
When false, prevents storing the timestamp of the last directory synchronization. When true (default), the last sync date is persisted in the user profile.
Optionalext_mobileext_mobile?: boolean
When false, prevents storing the user's mobile phone number from Azure AD. When true (default), mobile number is persisted in the user profile.
Optionalext_nameext_name?: boolean
When false, prevents storing the user's full name from Azure AD. When true (default), full name is persisted in the user profile.
Optionalext_nested_groupsext_nested_groups?: boolean
When true, stores all groups the user is member of, including transitive group memberships (groups within groups). When false (default), only direct group memberships are included.
Optionalext_nicknameext_nickname?: boolean
When false, prevents storing the user's nickname or display name from Azure AD. When true (default), nickname is persisted in the user profile.
Optionalext_oidext_oid?: boolean
When false, prevents storing the user's Object ID (oid) from Azure AD. When true (default), the oid is persisted. Note: 'oid' is the recommended unique identifier for single-tenant connections and required for SCIM.
Optionalext_phoneext_phone?: boolean
When false, prevents storing the user's phone number from Azure AD. When true (default), phone number is persisted in the user profile.
Optionalext_physical_delivery_office_nameext_physical_delivery_office_name?: boolean
When false, prevents storing the user's office location from Azure AD. When true (default), office location is persisted in the user profile.
Optionalext_postal_codeext_postal_code?: boolean
When false, prevents storing the user's postal code from Azure AD. When true (default), postal code is persisted in the user profile.
Optionalext_preferred_languageext_preferred_language?: boolean
When false, prevents storing the user's preferred language from Azure AD. When true (default), language preference is persisted in the user profile.
Optionalext_profileext_profile?: boolean
Optionalext_provisioned_plansext_provisioned_plans?: boolean
When false, prevents storing the list of service plans provisioned to the user. When true (default), provisioned plans are persisted in the user profile.
Optionalext_provisioning_errorsext_provisioning_errors?: boolean
When false, prevents storing provisioning errors that occurred during synchronization. When true (default), error information is persisted. Useful for troubleshooting sync issues.
Optionalext_proxy_addressesext_proxy_addresses?: boolean
When false, prevents storing all proxy email addresses (email aliases) for the user. When true (default), proxy addresses are persisted in the user profile.
Optionalext_puidext_puid?: boolean
When false, prevents storing the user's Passport User ID (puid). When true (default), puid is persisted in the user profile. Legacy attribute.
Optionalext_refresh_tokenext_refresh_token?: boolean
When false, prevents storing the Azure AD refresh token. When true (default), the refresh token is persisted for offline access. Required for token refresh in long-lived applications.
Optionalext_rolesext_roles?: boolean
When false, prevents storing Azure AD application roles assigned to the user. When true (default), role information is persisted. Useful for RBAC in applications.
Optionalext_stateext_state?: boolean
When false, prevents storing the user's state (province/region) from Azure AD. When true (default), state information is persisted in the user profile.
Optionalext_streetext_street?: boolean
When false, prevents storing the user's street address from Azure AD. When true (default), street address is persisted in the user profile.
Optionalext_telephoneNumberext_telephoneNumber?: boolean
When false, prevents storing the user's telephone number from Azure AD. When true (default), telephone number is persisted in the user profile.
Optionalext_tenantidext_tenantid?: boolean
When false, prevents storing the user's Azure AD tenant ID. When true (default), tenant ID is persisted. Useful for identifying which Azure AD organization the user belongs to.
Optionalext_upnext_upn?: boolean
When false, prevents storing the user's User Principal Name (UPN) from Azure AD. When true (default), UPN is persisted. UPN is the user's logon name (e.g., [email protected]).
Optionalext_usage_locationext_usage_location?: boolean
When false, prevents storing the user's usage location for license assignment. When true (default), usage location is persisted in the user profile.
Optionalext_user_idext_user_id?: boolean
When false, prevents storing an alternative user ID. When true (default), this user ID is persisted in the user profile.
Optionalfederated_connections_access_tokensfederated_connections_access_tokens?:
| ConnectionFederatedConnectionsAccessTokens
| null
Optionalgrantedgranted?: boolean
Indicates whether admin consent has been granted for the required Azure AD permissions. Read-only status field managed by Auth0 during the OAuth authorization flow.
Optionalicon_urlicon_url?: string
Optionalidentity_apiidentity_api?: Management.ConnectionIdentityApiEnumAzureAd
Optionalmax_groups_to_retrievemax_groups_to_retrieve?: string
Optionalscopescope?: ConnectionScopeAzureAd
Optionalset_user_root_attributesset_user_root_attributes?: Management.ConnectionSetUserRootAttributesEnum
Optionalshould_trust_email_verified_connectionshould_trust_email_verified_connection?: Management.ConnectionShouldTrustEmailVerifiedConnectionEnum
Optionaltenant_domaintenant_domain?: string
OptionaltenantIdtenantId?: string
Optionalthumbprintsthumbprints?: ConnectionThumbprints
Optionalupstream_paramsupstream_params?: ConnectionUpstreamParams
Optionaluse_wsfeduse_wsfed?: boolean
Indicates WS-Federation protocol usage. When true, uses WS-Federation; when false, uses OpenID Connect.
OptionaluseCommonEndpointuseCommonEndpoint?: boolean
Optionaluserid_attributeuserid_attribute?: Management.ConnectionUseridAttributeEnumAzureAd
Optionalwaad_protocolwaad_protocol?: Management.ConnectionWaadProtocolEnumAzureAd
Optionalnon_persistent_attrsnon_persistent_attrs?: ConnectionNonPersistentAttrs
Member Visibility
ThemeOSLightDark
Properties api_enable_usersapp_domainapp_idbasic_profileclient_idclient_secretdomain_aliasesext_access_tokenext_account_enabledext_adminext_agreed_termsext_assigned_licensesext_assigned_plansext_azure_idext_cityext_countryext_departmentext_dir_sync_enabledext_emailext_expires_inext_family_nameext_faxext_given_nameext_group_idsext_groupsext_is_suspendedext_job_titleext_last_syncext_mobileext_nameext_nested_groupsext_nicknameext_oidext_phoneext_physical_delivery_office_nameext_postal_codeext_preferred_languageext_profileext_provisioned_plansext_provisioning_errorsext_proxy_addressesext_puidext_refresh_tokenext_rolesext_stateext_streetext_telephoneNumberext_tenantidext_upnext_usage_locationext_user_idfederated_connections_access_tokensgrantedicon_urlidentity_apimax_groups_to_retrievescopeset_user_root_attributesshould_trust_email_verified_connectiontenant_domaintenantIdthumbprintsupstream_paramsuse_wsfeduseCommonEndpointuserid_attributewaad_protocolnon_persistent_attrs