docs/types/auth.SDK.CustomTokenExchangeOptions.html
Represents the configuration options required for initiating a Custom Token Exchange request following RFC 8693 specifications.
RFC 8693: OAuth 2.0 Token Exchange
type CustomTokenExchangeOptions = {
subject_token_type: string;
subject_token: string;
audience: string;
scope?: string;
key: string: unknown;
}
Additional custom parameters for Auth0 Action processing
Accessible in Action code via event.request.body
{ custom_parameter: "session_context", device_fingerprint: "a3d8f7...",}Copy
subject_token_typesubject_tokenaudiencescope?
Patternsubject_token_typesubject_token_type: string
The type identifier for the subject token being exchanged
^urn:ietf:params:oauth:* (IETF reserved)^https://auth0\.com/* (Auth0 reserved)^urn:auth0:* (Auth0 reserved)"urn:acme:legacy-system-token""https://api.yourcompany.com/token-type/v1"Copy
Securitysubject_tokensubject_token: string
The opaque token value being exchanged for Auth0 tokens
jose, jsonwebtoken"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"Copy
audience: string
The target audience for the requested Auth0 token
Must match exactly with an API identifier configured in your Auth0 tenant
"https://api.your-service.com/v1"Copy
Optionalscopescope?: string
Space-separated list of OAuth 2.0 scopes being requested
Subject to API authorization policies configured in Auth0
"openid profile email read:data write:data"Copy
Member Visibility
ThemeOSLightDark
Properties subject_token_typesubject_tokenaudiencescope