docs/interfaces/management.Management.EventStreamCloudEventConnectionCreatedObject0Options.html
Options for the 'oidc' connection
interface EventStreamCloudEventConnectionCreatedObject0Options {
authorization_endpoint?: string;
client_id: string;
connection_settings?: EventStreamCloudEventConnectionCreatedObject0OptionsConnectionSettings;
domain_aliases?: string[];
dpop_signing_alg?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsDpopSigningAlgEnum;
federated_connections_access_tokens?: EventStreamCloudEventConnectionCreatedObject0OptionsFederatedConnectionsAccessTokens;
icon_url?: string;
id_token_session_expiry_supported?: boolean;
id_token_signed_response_algs?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsIdTokenSignedResponseAlgsItemEnum[];
issuer?: string;
jwks_uri?: string;
non_persistent_attrs?: string[];
oidc_metadata?: EventStreamCloudEventConnectionCreatedObject0OptionsOidcMetadata;
schema_version?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsSchemaVersionEnum;
scope?: string;
send_back_channel_nonce?: boolean;
set_user_root_attributes?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsSetUserRootAttributesEnum;
tenant_domain?: string;
token_endpoint?: string;
token_endpoint_auth_method?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsTokenEndpointAuthMethodEnum;
token_endpoint_auth_signing_alg?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsTokenEndpointAuthSigningAlgEnum;
token_endpoint_jwtca_aud_format?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsTokenEndpointJwtcaAudFormatEnum;
upstream_params?: EventStreamCloudEventConnectionCreatedObject0OptionsUpstreamParams;
userinfo_endpoint?: string;
attribute_map?: EventStreamCloudEventConnectionCreatedObject0OptionsAttributeMap;
discovery_url?: string;
type?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsTypeEnum;
}
authorization_endpoint?client_idconnection_settings?domain_aliases?dpop_signing_alg?federated_connections_access_tokens?icon_url?id_token_session_expiry_supported?id_token_signed_response_algs?issuer?jwks_uri?non_persistent_attrs?oidc_metadata?schema_version?scope?send_back_channel_nonce?set_user_root_attributes?tenant_domain?token_endpoint?token_endpoint_auth_method?token_endpoint_auth_signing_alg?token_endpoint_jwtca_aud_format?upstream_params?userinfo_endpoint?attribute_map?discovery_url?type?
Optionalauthorization_endpointauthorization_endpoint?: string
URL of the identity provider's OAuth 2.0 authorization endpoint where users are redirected for authentication. Must be a valid HTTPS URL. This endpoint initiates the OAuth 2.0 authorization code flow.
client_id: string
OAuth 2.0 client identifier issued by the identity provider during application registration. This value identifies your Auth0 connection to the identity provider.
Optionalconnection_settingsconnection_settings?: EventStreamCloudEventConnectionCreatedObject0OptionsConnectionSettings
Optionaldomain_aliasesdomain_aliases?: string[]
Email domains associated with this connection for Home Realm Discovery (HRD). When a user's email matches one of these domains, they are automatically routed to this connection during authentication.
Optionaldpop_signing_algdpop_signing_alg?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsDpopSigningAlgEnum
Optionalfederated_connections_access_tokensfederated_connections_access_tokens?: EventStreamCloudEventConnectionCreatedObject0OptionsFederatedConnectionsAccessTokens
Optionalicon_urlicon_url?: string
https url of the icon to be shown
Optionalid_token_session_expiry_supportedid_token_session_expiry_supported?: boolean
Indicates whether the identity provider supports session expiry via the id_token. If true, the system will use the session_expiry claim in the id_token to determine session expiry.
Optionalid_token_signed_response_algsid_token_signed_response_algs?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsIdTokenSignedResponseAlgsItemEnum[]
List of algorithms allowed to verify the ID tokens. Applicable when strategy=oidc or okta.
Optionalissuerissuer?: string
The identity provider's unique issuer identifier URL (e.g., https://accounts.google.com). Must match the 'iss' claim in ID tokens from the identity provider.
Optionaljwks_urijwks_uri?: string
URL of the identity provider's JSON Web Key Set (JWKS) endpoint containing public keys for signature verification. Auth0 retrieves these keys to validate ID token signatures.
Optionalnon_persistent_attrsnon_persistent_attrs?: string[]
An array of user fields that should not be stored in the Auth0 database (https://auth0.com/docs/security/data-security/denylist)
Optionaloidc_metadataoidc_metadata?: EventStreamCloudEventConnectionCreatedObject0OptionsOidcMetadata
Optionalschema_versionschema_version?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsSchemaVersionEnum
Optionalscopescope?: string
Space-separated list of OAuth 2.0 scopes requested during authorization. Must include 'openid' (required by OIDC spec). Common values: 'openid profile email'. Additional scopes depend on the identity provider.
Optionalsend_back_channel_noncesend_back_channel_nonce?: boolean
When true and type is 'back_channel', includes a cryptographic nonce in authorization requests to prevent replay attacks. The identity provider must include this nonce in the ID token for validation.
Optionalset_user_root_attributesset_user_root_attributes?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsSetUserRootAttributesEnum
Optionaltenant_domaintenant_domain?: string
Tenant domain
Optionaltoken_endpointtoken_endpoint?: string
URL of the identity provider's OAuth 2.0 token endpoint where authorization codes are exchanged for access tokens. Must be a valid HTTPS URL. Required for authorization code flow but optional for implicit flow.
Optionaltoken_endpoint_auth_methodtoken_endpoint_auth_method?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsTokenEndpointAuthMethodEnum
Optionaltoken_endpoint_auth_signing_algtoken_endpoint_auth_signing_alg?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsTokenEndpointAuthSigningAlgEnum
Optionaltoken_endpoint_jwtca_aud_formattoken_endpoint_jwtca_aud_format?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsTokenEndpointJwtcaAudFormatEnum
Optionalupstream_paramsupstream_params?: EventStreamCloudEventConnectionCreatedObject0OptionsUpstreamParams
Optionaluserinfo_endpointuserinfo_endpoint?: string
Optional URL of the identity provider's UserInfo endpoint. When configured with attribute mapping, Auth0 calls this endpoint to retrieve additional user profile claims using the access token.
Optionalattribute_mapattribute_map?: EventStreamCloudEventConnectionCreatedObject0OptionsAttributeMap
Optionaldiscovery_urldiscovery_url?: string
URL of the identity provider's OIDC Discovery endpoint (/.well-known/openid-configuration). When provided and oidc_metadata is empty, Auth0 automatically retrieves the provider's configuration including endpoints and supported features.
Optionaltypetype?: Management.EventStreamCloudEventConnectionCreatedObject0OptionsTypeEnum
Member Visibility
ThemeOSLightDark
Properties authorization_endpointclient_idconnection_settingsdomain_aliasesdpop_signing_algfederated_connections_access_tokensicon_urlid_token_session_expiry_supportedid_token_signed_response_algsissuerjwks_urinon_persistent_attrsoidc_metadataschema_versionscopesend_back_channel_nonceset_user_root_attributestenant_domaintoken_endpointtoken_endpoint_auth_methodtoken_endpoint_auth_signing_algtoken_endpoint_jwtca_aud_formatupstream_paramsuserinfo_endpointattribute_mapdiscovery_urltype