docs/interfaces/management.Management.EventStreamCloudEventConnectionDeletedObject7Options.html
Options for the 'waad' connection
interface EventStreamCloudEventConnectionDeletedObject7Options {
api_enable_users?: boolean;
app_domain?: string;
app_id?: string;
basic_profile?: boolean;
cert_rollover_notification?: string;
client_id: string;
domain?: string;
domain_aliases?: string[];
ext_groups?: boolean;
ext_nested_groups?: boolean;
ext_profile?: boolean;
federated_connections_access_tokens?: EventStreamCloudEventConnectionDeletedObject7OptionsFederatedConnectionsAccessTokens;
granted?: boolean;
icon_url?: string;
identity_api?: Management.EventStreamCloudEventConnectionDeletedObject7OptionsIdentityApiEnum;
max_groups_to_retrieve?: string;
non_persistent_attrs?: string[];
scope?: string[];
set_user_root_attributes?: Management.EventStreamCloudEventConnectionDeletedObject7OptionsSetUserRootAttributesEnum;
should_trust_email_verified_connection?: Management.EventStreamCloudEventConnectionDeletedObject7OptionsShouldTrustEmailVerifiedConnectionEnum;
tenant_domain?: string;
tenantId?: string;
thumbprints?: string[];
upstream_params?: EventStreamCloudEventConnectionDeletedObject7OptionsUpstreamParams;
use_wsfed?: boolean;
useCommonEndpoint?: boolean;
userid_attribute?: Management.EventStreamCloudEventConnectionDeletedObject7OptionsUseridAttributeEnum;
waad_protocol?: Management.EventStreamCloudEventConnectionDeletedObject7OptionsWaadProtocolEnum;
}
api_enable_users?app_domain?app_id?basic_profile?cert_rollover_notification?client_iddomain?domain_aliases?ext_groups?ext_nested_groups?ext_profile?federated_connections_access_tokens?granted?icon_url?identity_api?max_groups_to_retrieve?non_persistent_attrs?scope?set_user_root_attributes?should_trust_email_verified_connection?tenant_domain?tenantId?thumbprints?upstream_params?use_wsfed?useCommonEndpoint?userid_attribute?waad_protocol?
Optionalapi_enable_usersapi_enable_users?: boolean
Enable users API
Optionalapp_domainapp_domain?: string
The Azure AD application domain (e.g., 'contoso.onmicrosoft.com'). Used primarily with WS-Federation protocol and Azure AD v1 endpoints.
Optionalapp_idapp_id?: string
The Application ID URI (App ID URI) for the Azure AD application. Required when using Azure AD v1 with the Resource Owner Password flow. Used to identify the resource being requested in OAuth token requests.
Optionalbasic_profilebasic_profile?: boolean
Includes basic user profile information from Azure AD (name, email, given_name, family_name). Always enabled and required - represents the minimum profile data retrieved during authentication.
Optionalcert_rollover_notificationcert_rollover_notification?: string
Timestamp of the last certificate expiring soon notification.
client_id: string
OAuth 2.0 client identifier issued by the identity provider during application registration. This value identifies your Auth0 connection to the identity provider.
Optionaldomaindomain?: string
The primary Azure AD tenant domain (e.g., 'contoso.onmicrosoft.com' or 'contoso.com').
Optionaldomain_aliasesdomain_aliases?: string[]
Alternative domain names associated with this Azure AD tenant. Allows users from multiple verified domains to authenticate through this connection. Can be an array of domain strings.
Optionalext_groupsext_groups?: boolean
When enabled (true), retrieves and stores Azure AD security group memberships for the user. Requires Microsoft Graph API permissions (Directory.Read.All). Allows configuring max_groups_to_retrieve.
Optionalext_nested_groupsext_nested_groups?: boolean
When true, stores all groups the user is member of, including transitive group memberships (groups within groups). When false (default), only direct group memberships are included.
Optionalext_profileext_profile?: boolean
When enabled (true), retrieves extended profile attributes from Azure AD via Microsoft Graph API (job title, department, office location, etc.). Requires Graph API permissions. Only available with Azure AD v1 or when explicitly enabled for v2.
Optionalfederated_connections_access_tokensfederated_connections_access_tokens?: EventStreamCloudEventConnectionDeletedObject7OptionsFederatedConnectionsAccessTokens
Optionalgrantedgranted?: boolean
Indicates whether admin consent has been granted for the required Azure AD permissions. Read-only status field managed by Auth0 during the OAuth authorization flow.
Optionalicon_urlicon_url?: string
URL for the connection icon displayed in Auth0 login pages. Accepts HTTPS URLs. Used for visual branding in authentication flows.
Optionalidentity_apiidentity_api?: Management.EventStreamCloudEventConnectionDeletedObject7OptionsIdentityApiEnum
Optionalmax_groups_to_retrievemax_groups_to_retrieve?: string
Maximum number of Azure AD groups to retrieve per user during authentication. Helps prevent performance issues for users in many groups. Only applies when ext_groups is enabled. Leave empty to use platform default.
Optionalnon_persistent_attrsnon_persistent_attrs?: string[]
An array of user fields that should not be stored in the Auth0 database (https://auth0.com/docs/security/data-security/denylist)
Optionalscopescope?: string[]
OAuth 2.0 scopes to request from Azure AD during authentication. Each scope represents a permission (e.g., 'User.Read', 'Group.Read.All'). Only applies with Microsoft Identity Platform v2.0. See Microsoft Graph permissions reference for available scopes.
Optionalset_user_root_attributesset_user_root_attributes?: Management.EventStreamCloudEventConnectionDeletedObject7OptionsSetUserRootAttributesEnum
Optionalshould_trust_email_verified_connectionshould_trust_email_verified_connection?: Management.EventStreamCloudEventConnectionDeletedObject7OptionsShouldTrustEmailVerifiedConnectionEnum
Optionaltenant_domaintenant_domain?: string
OptionaltenantIdtenantId?: string
The Azure AD tenant ID as a UUID. The unique identifier for your Azure AD organization. Must be a valid 36-character UUID.
Optionalthumbprintsthumbprints?: string[]
Array of certificate thumbprints (SHA-128/SHA-256/SHA-512 hex hashes) for validating SAML signatures. Used with WS-Federation protocol. Maximum 20 thumbprints. Each thumbprint must be a hexadecimal string.
Optionalupstream_paramsupstream_params?: EventStreamCloudEventConnectionDeletedObject7OptionsUpstreamParams
Optionaluse_wsfeduse_wsfed?: boolean
Indicates WS-Federation protocol usage. When true, uses WS-Federation; when false, uses OpenID Connect.
OptionaluseCommonEndpointuseCommonEndpoint?: boolean
When enabled (true), uses the Azure AD common endpoint for multi-tenant authentication. Allows users from any Azure AD organization to sign in. Requires userid_attribute set to 'sub' (not 'oid'). Cannot be used with SCIM provisioning. Defaults to false.
Optionaluserid_attributeuserid_attribute?: Management.EventStreamCloudEventConnectionDeletedObject7OptionsUseridAttributeEnum
Optionalwaad_protocolwaad_protocol?: Management.EventStreamCloudEventConnectionDeletedObject7OptionsWaadProtocolEnum
Member Visibility
ThemeOSLightDark
Properties api_enable_usersapp_domainapp_idbasic_profilecert_rollover_notificationclient_iddomaindomain_aliasesext_groupsext_nested_groupsext_profilefederated_connections_access_tokensgrantedicon_urlidentity_apimax_groups_to_retrievenon_persistent_attrsscopeset_user_root_attributesshould_trust_email_verified_connectiontenant_domaintenantIdthumbprintsupstream_paramsuse_wsfeduseCommonEndpointuserid_attributewaad_protocol