Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Support for Token Exchange Profile #1119

Merged
merged 20 commits into from
Jan 29, 2025
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Updated docs
  • Loading branch information
duedares-rvj committed Jan 29, 2025
commit 6b660c18f2b6303de698afc8aee58081676de3ac
10 changes: 10 additions & 0 deletions docs/data-sources/client.md
Original file line number Diff line number Diff line change
@@ -73,6 +73,7 @@ data "auth0_client" "some-client-by-id" {
- `sso` (Boolean) Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- `sso_disabled` (Boolean) Indicates whether or not SSO is disabled.
- `token_endpoint_auth_method` (String) The authentication method for the token endpoint. Results include `none` (public client without a client secret), `client_secret_post` (client uses HTTP POST parameters), `client_secret_basic` (client uses HTTP Basic), Managing a client's authentication method can be done via the `auth0_client_credentials` resource.
- `token_exchange` (List of Object) Allows configuration for token exchange (see [below for nested schema](#nestedatt--token_exchange))
- `web_origins` (List of String) URLs that represent valid web origins for use with web message response mode.

<a id="nestedatt--addons"></a>
@@ -610,3 +611,12 @@ Read-Only:
- `updated_at` (String)



<a id="nestedatt--token_exchange"></a>
### Nested Schema for `token_exchange`

Read-Only:

- `allow_any_profile_of_type` (List of String)


10 changes: 10 additions & 0 deletions docs/data-sources/clients.md
Original file line number Diff line number Diff line change
@@ -60,6 +60,7 @@ Read-Only:
- `is_token_endpoint_ip_header_trusted` (Boolean)
- `name` (String)
- `oidc_logout` (List of Object) (see [below for nested schema](#nestedobjatt--clients--oidc_logout))
- `token_exchange` (List of Object) (see [below for nested schema](#nestedobjatt--clients--token_exchange))
- `web_origins` (List of String)

<a id="nestedobjatt--clients--oidc_logout"></a>
@@ -79,3 +80,12 @@ Read-Only:
- `selected_initiators` (Set of String)



<a id="nestedobjatt--clients--token_exchange"></a>
### Nested Schema for `clients.token_exchange`

Read-Only:

- `allow_any_profile_of_type` (List of String)


2 changes: 1 addition & 1 deletion docs/resources/action.md
Original file line number Diff line number Diff line change
@@ -67,7 +67,7 @@ resource "auth0_action" "my_action" {

- `dependencies` (Block Set) List of third party npm modules, and their versions, that this action depends on. (see [below for nested schema](#nestedblock--dependencies))
- `deploy` (Boolean) Deploying an action will create a new immutable version of the action. If the action is currently bound to a trigger, then the system will begin executing the newly deployed version of the action immediately.
- `runtime` (String) The Node runtime. Defaults to `node18`. Possible values are: `node16` (not recommended), or `node18` (recommended).
- `runtime` (String) The Node runtime. Possible values are: `node12`, `node16` (not recommended), `node18`, `node22`
- `secrets` (Block Set) List of secrets that are included in an action or a version of an action. Partial management of secrets is not supported. (see [below for nested schema](#nestedblock--secrets))

### Read-Only
9 changes: 9 additions & 0 deletions docs/resources/client.md
Original file line number Diff line number Diff line change
@@ -126,6 +126,7 @@ resource "auth0_client" "my_client" {
- `require_pushed_authorization_requests` (Boolean) Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.
- `sso` (Boolean) Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).
- `sso_disabled` (Boolean) Indicates whether or not SSO is disabled.
- `token_exchange` (Block List, Max: 1) Allows configuration for token exchange (see [below for nested schema](#nestedblock--token_exchange))
- `web_origins` (List of String) URLs that represent valid web origins for use with web message response mode.

### Read-Only
@@ -568,6 +569,14 @@ Optional:
- `leeway` (Number) The amount of time in seconds in which a refresh token may be reused without triggering reuse detection.
- `token_lifetime` (Number) The absolute lifetime of a refresh token in seconds.


<a id="nestedblock--token_exchange"></a>
### Nested Schema for `token_exchange`

Required:

- `allow_any_profile_of_type` (List of String) List of allowed profile types for token exchange

## Import

Import is supported using the following syntax: