Back to Node Auth0

Interface EventStreamCloudEventConnectionCreatedObject7Options

docs/interfaces/management.Management.EventStreamCloudEventConnectionCreatedObject7Options.html

6.0.011.7 KB
Original Source

Interface EventStreamCloudEventConnectionCreatedObject7Options

Options for the 'waad' connection

interface EventStreamCloudEventConnectionCreatedObject7Options {
api_enable_users?: boolean;
app_domain?: string;
app_id?: string;
basic_profile?: boolean;
cert_rollover_notification?: string;
client_id: string;
domain?: string;
domain_aliases?: string[];
ext_groups?: boolean;
ext_nested_groups?: boolean;
ext_profile?: boolean;
federated_connections_access_tokens?: EventStreamCloudEventConnectionCreatedObject7OptionsFederatedConnectionsAccessTokens;
granted?: boolean;
icon_url?: string;
identity_api?: Management.EventStreamCloudEventConnectionCreatedObject7OptionsIdentityApiEnum;
max_groups_to_retrieve?: string;
non_persistent_attrs?: string[];
scope?: string[];
set_user_root_attributes?: Management.EventStreamCloudEventConnectionCreatedObject7OptionsSetUserRootAttributesEnum;
should_trust_email_verified_connection?: Management.EventStreamCloudEventConnectionCreatedObject7OptionsShouldTrustEmailVerifiedConnectionEnum;
tenant_domain?: string;
tenantId?: string;
thumbprints?: string[];
upstream_params?: EventStreamCloudEventConnectionCreatedObject7OptionsUpstreamParams;
use_wsfed?: boolean;
useCommonEndpoint?: boolean;
userid_attribute?: Management.EventStreamCloudEventConnectionCreatedObject7OptionsUseridAttributeEnum;
waad_protocol?: Management.EventStreamCloudEventConnectionCreatedObject7OptionsWaadProtocolEnum;
}

Index

Properties

api_enable_users?app_domain?app_id?basic_profile?cert_rollover_notification?client_iddomain?domain_aliases?ext_groups?ext_nested_groups?ext_profile?federated_connections_access_tokens?granted?icon_url?identity_api?max_groups_to_retrieve?non_persistent_attrs?scope?set_user_root_attributes?should_trust_email_verified_connection?tenant_domain?tenantId?thumbprints?upstream_params?use_wsfed?useCommonEndpoint?userid_attribute?waad_protocol?

Properties

Optionalapi_enable_users

api_enable_users?: boolean

Enable users API

Optionalapp_domain

app_domain?: string

The Azure AD application domain (e.g., 'contoso.onmicrosoft.com'). Used primarily with WS-Federation protocol and Azure AD v1 endpoints.

Optionalapp_id

app_id?: string

The Application ID URI (App ID URI) for the Azure AD application. Required when using Azure AD v1 with the Resource Owner Password flow. Used to identify the resource being requested in OAuth token requests.

Optionalbasic_profile

basic_profile?: boolean

Includes basic user profile information from Azure AD (name, email, given_name, family_name). Always enabled and required - represents the minimum profile data retrieved during authentication.

Optionalcert_rollover_notification

cert_rollover_notification?: string

Timestamp of the last certificate expiring soon notification.

client_id

client_id: string

OAuth 2.0 client identifier issued by the identity provider during application registration. This value identifies your Auth0 connection to the identity provider.

Optionaldomain

domain?: string

The primary Azure AD tenant domain (e.g., 'contoso.onmicrosoft.com' or 'contoso.com').

Optionaldomain_aliases

domain_aliases?: string[]

Alternative domain names associated with this Azure AD tenant. Allows users from multiple verified domains to authenticate through this connection. Can be an array of domain strings.

Optionalext_groups

ext_groups?: boolean

When enabled (true), retrieves and stores Azure AD security group memberships for the user. Requires Microsoft Graph API permissions (Directory.Read.All). Allows configuring max_groups_to_retrieve.

Optionalext_nested_groups

ext_nested_groups?: boolean

When true, stores all groups the user is member of, including transitive group memberships (groups within groups). When false (default), only direct group memberships are included.

Optionalext_profile

ext_profile?: boolean

When enabled (true), retrieves extended profile attributes from Azure AD via Microsoft Graph API (job title, department, office location, etc.). Requires Graph API permissions. Only available with Azure AD v1 or when explicitly enabled for v2.

Optionalfederated_connections_access_tokens

federated_connections_access_tokens?: EventStreamCloudEventConnectionCreatedObject7OptionsFederatedConnectionsAccessTokens

Optionalgranted

granted?: boolean

Indicates whether admin consent has been granted for the required Azure AD permissions. Read-only status field managed by Auth0 during the OAuth authorization flow.

Optionalicon_url

icon_url?: string

URL for the connection icon displayed in Auth0 login pages. Accepts HTTPS URLs. Used for visual branding in authentication flows.

Optionalidentity_api

identity_api?: Management.EventStreamCloudEventConnectionCreatedObject7OptionsIdentityApiEnum

Optionalmax_groups_to_retrieve

max_groups_to_retrieve?: string

Maximum number of Azure AD groups to retrieve per user during authentication. Helps prevent performance issues for users in many groups. Only applies when ext_groups is enabled. Leave empty to use platform default.

Optionalnon_persistent_attrs

non_persistent_attrs?: string[]

An array of user fields that should not be stored in the Auth0 database (https://auth0.com/docs/security/data-security/denylist)

Optionalscope

scope?: string[]

OAuth 2.0 scopes to request from Azure AD during authentication. Each scope represents a permission (e.g., 'User.Read', 'Group.Read.All'). Only applies with Microsoft Identity Platform v2.0. See Microsoft Graph permissions reference for available scopes.

Optionalset_user_root_attributes

set_user_root_attributes?: Management.EventStreamCloudEventConnectionCreatedObject7OptionsSetUserRootAttributesEnum

Optionalshould_trust_email_verified_connection

should_trust_email_verified_connection?: Management.EventStreamCloudEventConnectionCreatedObject7OptionsShouldTrustEmailVerifiedConnectionEnum

Optionaltenant_domain

tenant_domain?: string

OptionaltenantId

tenantId?: string

The Azure AD tenant ID as a UUID. The unique identifier for your Azure AD organization. Must be a valid 36-character UUID.

Optionalthumbprints

thumbprints?: string[]

Array of certificate thumbprints (SHA-128/SHA-256/SHA-512 hex hashes) for validating SAML signatures. Used with WS-Federation protocol. Maximum 20 thumbprints. Each thumbprint must be a hexadecimal string.

Optionalupstream_params

upstream_params?: EventStreamCloudEventConnectionCreatedObject7OptionsUpstreamParams

Optionaluse_wsfed

use_wsfed?: boolean

Indicates WS-Federation protocol usage. When true, uses WS-Federation; when false, uses OpenID Connect.

OptionaluseCommonEndpoint

useCommonEndpoint?: boolean

When enabled (true), uses the Azure AD common endpoint for multi-tenant authentication. Allows users from any Azure AD organization to sign in. Requires userid_attribute set to 'sub' (not 'oid'). Cannot be used with SCIM provisioning. Defaults to false.

Optionaluserid_attribute

userid_attribute?: Management.EventStreamCloudEventConnectionCreatedObject7OptionsUseridAttributeEnum

Optionalwaad_protocol

waad_protocol?: Management.EventStreamCloudEventConnectionCreatedObject7OptionsWaadProtocolEnum

Settings

Member Visibility

  • Protected
  • Inherited

ThemeOSLightDark

On This Page

Properties api_enable_usersapp_domainapp_idbasic_profilecert_rollover_notificationclient_iddomaindomain_aliasesext_groupsext_nested_groupsext_profilefederated_connections_access_tokensgrantedicon_urlidentity_apimax_groups_to_retrievenon_persistent_attrsscopeset_user_root_attributesshould_trust_email_verified_connectiontenant_domaintenantIdthumbprintsupstream_paramsuse_wsfeduseCommonEndpointuserid_attributewaad_protocol