1. Packages
  2. Auth0 Provider
  3. API Docs
  4. getConnection
Auth0 v3.8.3 published on Wednesday, Nov 6, 2024 by Pulumi

auth0.getConnection

Explore with Pulumi AI

auth0 logo
Auth0 v3.8.3 published on Wednesday, Nov 6, 2024 by Pulumi

    Data source to retrieve a specific Auth0 connection by connection_id or name.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as auth0 from "@pulumi/auth0";
    
    // An Auth0 Connection loaded using its name.
    const some-connection-by-name = auth0.getConnection({
        name: "Acceptance-Test-Connection-{{.testName}}",
    });
    // An Auth0 Connection loaded using its ID.
    const some-connection-by-id = auth0.getConnection({
        connectionId: "con_abcdefghkijklmnopqrstuvwxyz0123456789",
    });
    
    import pulumi
    import pulumi_auth0 as auth0
    
    # An Auth0 Connection loaded using its name.
    some_connection_by_name = auth0.get_connection(name="Acceptance-Test-Connection-{{.testName}}")
    # An Auth0 Connection loaded using its ID.
    some_connection_by_id = auth0.get_connection(connection_id="con_abcdefghkijklmnopqrstuvwxyz0123456789")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-auth0/sdk/v3/go/auth0"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		// An Auth0 Connection loaded using its name.
    		_, err := auth0.LookupConnection(ctx, &auth0.LookupConnectionArgs{
    			Name: pulumi.StringRef("Acceptance-Test-Connection-{{.testName}}"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		// An Auth0 Connection loaded using its ID.
    		_, err = auth0.LookupConnection(ctx, &auth0.LookupConnectionArgs{
    			ConnectionId: pulumi.StringRef("con_abcdefghkijklmnopqrstuvwxyz0123456789"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Auth0 = Pulumi.Auth0;
    
    return await Deployment.RunAsync(() => 
    {
        // An Auth0 Connection loaded using its name.
        var some_connection_by_name = Auth0.GetConnection.Invoke(new()
        {
            Name = "Acceptance-Test-Connection-{{.testName}}",
        });
    
        // An Auth0 Connection loaded using its ID.
        var some_connection_by_id = Auth0.GetConnection.Invoke(new()
        {
            ConnectionId = "con_abcdefghkijklmnopqrstuvwxyz0123456789",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.auth0.Auth0Functions;
    import com.pulumi.auth0.inputs.GetConnectionArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            // An Auth0 Connection loaded using its name.
            final var some-connection-by-name = Auth0Functions.getConnection(GetConnectionArgs.builder()
                .name("Acceptance-Test-Connection-{{.testName}}")
                .build());
    
            // An Auth0 Connection loaded using its ID.
            final var some-connection-by-id = Auth0Functions.getConnection(GetConnectionArgs.builder()
                .connectionId("con_abcdefghkijklmnopqrstuvwxyz0123456789")
                .build());
    
        }
    }
    
    variables:
      # An Auth0 Connection loaded using its name.
      some-connection-by-name:
        fn::invoke:
          Function: auth0:getConnection
          Arguments:
            name: Acceptance-Test-Connection-{{.testName}}
      # An Auth0 Connection loaded using its ID.
      some-connection-by-id:
        fn::invoke:
          Function: auth0:getConnection
          Arguments:
            connectionId: con_abcdefghkijklmnopqrstuvwxyz0123456789
    

    Using getConnection

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getConnection(args: GetConnectionArgs, opts?: InvokeOptions): Promise<GetConnectionResult>
    function getConnectionOutput(args: GetConnectionOutputArgs, opts?: InvokeOptions): Output<GetConnectionResult>
    def get_connection(connection_id: Optional[str] = None,
                       name: Optional[str] = None,
                       opts: Optional[InvokeOptions] = None) -> GetConnectionResult
    def get_connection_output(connection_id: Optional[pulumi.Input[str]] = None,
                       name: Optional[pulumi.Input[str]] = None,
                       opts: Optional[InvokeOptions] = None) -> Output[GetConnectionResult]
    func LookupConnection(ctx *Context, args *LookupConnectionArgs, opts ...InvokeOption) (*LookupConnectionResult, error)
    func LookupConnectionOutput(ctx *Context, args *LookupConnectionOutputArgs, opts ...InvokeOption) LookupConnectionResultOutput

    > Note: This function is named LookupConnection in the Go SDK.

    public static class GetConnection 
    {
        public static Task<GetConnectionResult> InvokeAsync(GetConnectionArgs args, InvokeOptions? opts = null)
        public static Output<GetConnectionResult> Invoke(GetConnectionInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetConnectionResult> getConnection(GetConnectionArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: auth0:index/getConnection:getConnection
      arguments:
        # arguments dictionary

    The following arguments are supported:

    ConnectionId string
    The ID of the connection. If not provided, name must be set.
    Name string
    The name of the connection. If not provided, connection_id must be set.
    ConnectionId string
    The ID of the connection. If not provided, name must be set.
    Name string
    The name of the connection. If not provided, connection_id must be set.
    connectionId String
    The ID of the connection. If not provided, name must be set.
    name String
    The name of the connection. If not provided, connection_id must be set.
    connectionId string
    The ID of the connection. If not provided, name must be set.
    name string
    The name of the connection. If not provided, connection_id must be set.
    connection_id str
    The ID of the connection. If not provided, name must be set.
    name str
    The name of the connection. If not provided, connection_id must be set.
    connectionId String
    The ID of the connection. If not provided, name must be set.
    name String
    The name of the connection. If not provided, connection_id must be set.

    getConnection Result

    The following output properties are available:

    DisplayName string
    Name used in login screen.
    EnabledClients List<string>
    IDs of the clients for which the connection is enabled.
    Id string
    The provider-assigned unique ID for this managed resource.
    IsDomainConnection bool
    Indicates whether the connection is domain level.
    Metadata Dictionary<string, string>
    Metadata associated with the connection, in the form of a map of string values (max 255 chars).
    Options List<GetConnectionOption>
    Configuration settings for connection options.
    Realms List<string>
    Defines the realms for which the connection will be used (e.g., email domains). If not specified, the connection name is added as the realm.
    ShowAsButton bool
    Display connection as a button. Only available on enterprise connections.
    Strategy string
    Type of the connection, which indicates the identity provider.
    ConnectionId string
    The ID of the connection. If not provided, name must be set.
    Name string
    The name of the connection. If not provided, connection_id must be set.
    DisplayName string
    Name used in login screen.
    EnabledClients []string
    IDs of the clients for which the connection is enabled.
    Id string
    The provider-assigned unique ID for this managed resource.
    IsDomainConnection bool
    Indicates whether the connection is domain level.
    Metadata map[string]string
    Metadata associated with the connection, in the form of a map of string values (max 255 chars).
    Options []GetConnectionOption
    Configuration settings for connection options.
    Realms []string
    Defines the realms for which the connection will be used (e.g., email domains). If not specified, the connection name is added as the realm.
    ShowAsButton bool
    Display connection as a button. Only available on enterprise connections.
    Strategy string
    Type of the connection, which indicates the identity provider.
    ConnectionId string
    The ID of the connection. If not provided, name must be set.
    Name string
    The name of the connection. If not provided, connection_id must be set.
    displayName String
    Name used in login screen.
    enabledClients List<String>
    IDs of the clients for which the connection is enabled.
    id String
    The provider-assigned unique ID for this managed resource.
    isDomainConnection Boolean
    Indicates whether the connection is domain level.
    metadata Map<String,String>
    Metadata associated with the connection, in the form of a map of string values (max 255 chars).
    options List<GetConnectionOption>
    Configuration settings for connection options.
    realms List<String>
    Defines the realms for which the connection will be used (e.g., email domains). If not specified, the connection name is added as the realm.
    showAsButton Boolean
    Display connection as a button. Only available on enterprise connections.
    strategy String
    Type of the connection, which indicates the identity provider.
    connectionId String
    The ID of the connection. If not provided, name must be set.
    name String
    The name of the connection. If not provided, connection_id must be set.
    displayName string
    Name used in login screen.
    enabledClients string[]
    IDs of the clients for which the connection is enabled.
    id string
    The provider-assigned unique ID for this managed resource.
    isDomainConnection boolean
    Indicates whether the connection is domain level.
    metadata {[key: string]: string}
    Metadata associated with the connection, in the form of a map of string values (max 255 chars).
    options GetConnectionOption[]
    Configuration settings for connection options.
    realms string[]
    Defines the realms for which the connection will be used (e.g., email domains). If not specified, the connection name is added as the realm.
    showAsButton boolean
    Display connection as a button. Only available on enterprise connections.
    strategy string
    Type of the connection, which indicates the identity provider.
    connectionId string
    The ID of the connection. If not provided, name must be set.
    name string
    The name of the connection. If not provided, connection_id must be set.
    display_name str
    Name used in login screen.
    enabled_clients Sequence[str]
    IDs of the clients for which the connection is enabled.
    id str
    The provider-assigned unique ID for this managed resource.
    is_domain_connection bool
    Indicates whether the connection is domain level.
    metadata Mapping[str, str]
    Metadata associated with the connection, in the form of a map of string values (max 255 chars).
    options Sequence[GetConnectionOption]
    Configuration settings for connection options.
    realms Sequence[str]
    Defines the realms for which the connection will be used (e.g., email domains). If not specified, the connection name is added as the realm.
    show_as_button bool
    Display connection as a button. Only available on enterprise connections.
    strategy str
    Type of the connection, which indicates the identity provider.
    connection_id str
    The ID of the connection. If not provided, name must be set.
    name str
    The name of the connection. If not provided, connection_id must be set.
    displayName String
    Name used in login screen.
    enabledClients List<String>
    IDs of the clients for which the connection is enabled.
    id String
    The provider-assigned unique ID for this managed resource.
    isDomainConnection Boolean
    Indicates whether the connection is domain level.
    metadata Map<String>
    Metadata associated with the connection, in the form of a map of string values (max 255 chars).
    options List<Property Map>
    Configuration settings for connection options.
    realms List<String>
    Defines the realms for which the connection will be used (e.g., email domains). If not specified, the connection name is added as the realm.
    showAsButton Boolean
    Display connection as a button. Only available on enterprise connections.
    strategy String
    Type of the connection, which indicates the identity provider.
    connectionId String
    The ID of the connection. If not provided, name must be set.
    name String
    The name of the connection. If not provided, connection_id must be set.

    Supporting Types

    GetConnectionOption

    AdfsServer string
    ADFS URL where to fetch the metadata source.
    AllowedAudiences List<string>
    List of allowed audiences.
    ApiEnableUsers bool
    Enable API Access to users.
    AppId string
    App ID.
    AttributeMaps List<GetConnectionOptionAttributeMap>
    OpenID Connect and Okta Workforce connections can automatically map claims received from the identity provider (IdP). You can configure this mapping through a library template provided by Auth0 or by entering your own template directly. Click here for more info.
    Attributes List<GetConnectionOptionAttribute>
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    AuthParams Dictionary<string, string>
    Query string parameters to be included as part of the generated passwordless email link.
    AuthorizationEndpoint string
    Authorization endpoint.
    BruteForceProtection bool
    Indicates whether to enable brute force protection, which will limit the number of signups and failed logins from a suspicious IP address.
    ClientId string
    The strategy's client ID.
    ClientSecret string
    The strategy's client secret.
    CommunityBaseUrl string
    Salesforce community base URL.
    Configuration Dictionary<string, string>
    A case-sensitive map of key value pairs used as configuration variables for the custom_script.
    ConnectionSettings List<GetConnectionOptionConnectionSetting>
    Proof Key for Code Exchange (PKCE) configuration settings for an OIDC or Okta Workforce connection.
    CustomScripts Dictionary<string, string>
    A map of scripts used to integrate with a custom database.
    Debug bool
    When enabled, additional debug information will be generated.
    DecryptionKeys List<GetConnectionOptionDecryptionKey>
    The key used to decrypt encrypted responses from the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    DigestAlgorithm string
    Sign Request Algorithm Digest.
    DisableCache bool
    Indicates whether to disable the cache or not.
    DisableSelfServiceChangePassword bool
    Indicates whether to remove the forgot password link within the New Universal Login.
    DisableSignOut bool
    When enabled, will disable sign out.
    DisableSignup bool
    Indicates whether to allow user sign-ups to your application.
    DiscoveryUrl string
    OpenID discovery URL, e.g. https://auth.example.com/.well-known/openid-configuration.
    Domain string
    Domain name.
    DomainAliases List<string>
    List of the domains that can be authenticated using the identity provider. Only needed for Identifier First authentication flows.
    EnableScriptContext bool
    Set to true to inject context into custom DB scripts (warning: cannot be disabled once enabled).
    EnabledDatabaseCustomization bool
    Set to true to use a legacy user store.
    EntityId string
    Custom Entity ID for the connection.
    FedMetadataXml string
    Federation Metadata for the ADFS connection.
    FieldsMap string
    If you're configuring a SAML enterprise connection for a non-standard PingFederate Server, you must update the attribute mappings.
    ForwardRequestInfo bool
    Specifies whether or not request info should be forwarded to sms gateway.
    From string
    Address to use as the sender.
    GatewayAuthentications List<GetConnectionOptionGatewayAuthentication>
    Defines the parameters used to generate the auth token for the custom gateway.
    GatewayUrl string
    Defines a custom sms gateway to use instead of Twilio.
    IconUrl string
    Icon URL.
    IdentityApi string
    Azure AD Identity API. Available options are: microsoft-identity-platform-v2.0 or azure-active-directory-v1.0.
    IdpInitiateds List<GetConnectionOptionIdpInitiated>
    Configuration options for IDP Initiated Authentication. This is an object with the properties: client_id, client_protocol, and client_authorize_query.
    ImportMode bool
    Indicates whether you have a legacy user store and want to gradually migrate those users to the Auth0 user store.
    Ips List<string>
    A list of IPs.
    Issuer string
    Issuer URL, e.g. https://auth.example.com.
    JwksUri string
    JWKS URI.
    KeyId string
    Apple Key ID.
    MapUserIdToId bool
    By default Auth0 maps user_id to email. Enabling this setting changes the behavior to map user_id to 'id' instead. This can only be defined on a new Google Workspace connection and can not be changed once set.
    MaxGroupsToRetrieve string
    Maximum number of groups to retrieve.
    MessagingServiceSid string
    SID for Copilot. Used when SMS Source is Copilot.
    MetadataUrl string
    The URL of the SAML metadata document.
    MetadataXml string
    The XML content for the SAML metadata document. Values within the xml will take precedence over other attributes set on the options block.
    Mfas List<GetConnectionOptionMfa>
    Configuration options for multifactor authentication.
    Name string
    The public name of the email or SMS Connection. In most cases this is the same name as the connection name.
    NonPersistentAttrs List<string>
    If there are user fields that should not be stored in Auth0 databases due to privacy reasons, you can add them to the DenyList here.
    PasswordComplexityOptions List<GetConnectionOptionPasswordComplexityOption>
    Configuration settings for password complexity.
    PasswordDictionaries List<GetConnectionOptionPasswordDictionary>
    Configuration settings for the password dictionary check, which does not allow passwords that are part of the password dictionary.
    PasswordHistories List<GetConnectionOptionPasswordHistory>
    Configuration settings for the password history that is maintained for each user to prevent the reuse of passwords.
    PasswordNoPersonalInfos List<GetConnectionOptionPasswordNoPersonalInfo>
    Configuration settings for the password personal info check, which does not allow passwords that contain any part of the user's personal data, including user's name, username, nickname, user_metadata.name, user_metadata.first, user_metadata.last, user's email, or first part of the user's email.
    PasswordPolicy string
    Indicates level of password strength to enforce during authentication. A strong password policy will make it difficult, if not improbable, for someone to guess a password through either manual or automated means. Options include none, low, fair, good, excellent.
    PingFederateBaseUrl string
    Ping Federate Server URL.
    PkceEnabled bool
    Enables Proof Key for Code Exchange (PKCE) functionality for OAuth2 connections.
    Precedences List<string>
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    ProtocolBinding string
    The SAML Response Binding: how the SAML token is received by Auth0 from the IdP.
    Provider string
    Defines the custom sms_gateway provider.
    RequestTemplate string
    Template that formats the SAML request.
    RequiresUsername bool
    Indicates whether the user is required to provide a username in addition to an email address.
    Scopes List<string>
    Permissions to grant to the connection. Within the Auth0 dashboard these appear under the "Attributes" and "Extended Attributes" sections. Some examples: basic_profile, ext_profile, ext_nested_groups, etc.
    Scripts Dictionary<string, string>
    A map of scripts used for an OAuth connection. Only accepts a fetchUserProfile script.
    SetUserRootAttributes string
    Determines whether to sync user profile attributes (name, given_name, family_name, nickname, picture) at each login or only on the first login. Options include: on_each_login, on_first_login. Default value: on_each_login.
    ShouldTrustEmailVerifiedConnection string
    Choose how Auth0 sets the email_verified field in the user profile.
    SignInEndpoint string
    SAML single login URL for the connection.
    SignOutEndpoint string
    SAML single logout URL for the connection.
    SignSamlRequest bool
    When enabled, the SAML authentication request will be signed.
    SignatureAlgorithm string
    Sign Request Algorithm.
    SigningCert string
    X.509 signing certificate (encoded in PEM or CER) you retrieved from the IdP, Base64-encoded.
    SigningKeys List<GetConnectionOptionSigningKey>
    The key used to sign requests in the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    StrategyVersion int
    Version 1 is deprecated, use version 2.
    Subject string
    Subject line of the email.
    Syntax string
    Syntax of the template body.
    TeamId string
    Apple Team ID.
    Template string
    Body of the template.
    TenantDomain string
    Tenant domain name.
    TokenEndpoint string
    Token endpoint.
    Totps List<GetConnectionOptionTotp>
    Configuration options for one-time passwords.
    TwilioSid string
    SID for your Twilio account.
    TwilioToken string
    AuthToken for your Twilio account.
    Type string
    Value can be back_channel or front_channel. Front Channel will use OIDC protocol with response_mode=form_post and response_type=id_token. Back Channel will use response_type=code.
    UpstreamParams string
    You can pass provider-specific parameters to an identity provider during authentication. The values can either be static per connection or dynamic per user.
    UseCertAuth bool
    Indicates whether to use cert auth or not.
    UseKerberos bool
    Indicates whether to use Kerberos or not.
    UseWsfed bool
    Whether to use WS-Fed.
    UserIdAttribute string
    Attribute in the token that will be mapped to the user_id property in Auth0.
    UserinfoEndpoint string
    User info endpoint.
    Validations List<GetConnectionOptionValidation>
    Validation of the minimum and maximum values allowed for a user to have as username.
    WaadCommonEndpoint bool
    Indicates whether to use the common endpoint rather than the default endpoint. Typically enabled if you're using this for a multi-tenant application in Azure AD.
    WaadProtocol string
    Protocol to use.
    AdfsServer string
    ADFS URL where to fetch the metadata source.
    AllowedAudiences []string
    List of allowed audiences.
    ApiEnableUsers bool
    Enable API Access to users.
    AppId string
    App ID.
    AttributeMaps []GetConnectionOptionAttributeMap
    OpenID Connect and Okta Workforce connections can automatically map claims received from the identity provider (IdP). You can configure this mapping through a library template provided by Auth0 or by entering your own template directly. Click here for more info.
    Attributes []GetConnectionOptionAttribute
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    AuthParams map[string]string
    Query string parameters to be included as part of the generated passwordless email link.
    AuthorizationEndpoint string
    Authorization endpoint.
    BruteForceProtection bool
    Indicates whether to enable brute force protection, which will limit the number of signups and failed logins from a suspicious IP address.
    ClientId string
    The strategy's client ID.
    ClientSecret string
    The strategy's client secret.
    CommunityBaseUrl string
    Salesforce community base URL.
    Configuration map[string]string
    A case-sensitive map of key value pairs used as configuration variables for the custom_script.
    ConnectionSettings []GetConnectionOptionConnectionSetting
    Proof Key for Code Exchange (PKCE) configuration settings for an OIDC or Okta Workforce connection.
    CustomScripts map[string]string
    A map of scripts used to integrate with a custom database.
    Debug bool
    When enabled, additional debug information will be generated.
    DecryptionKeys []GetConnectionOptionDecryptionKey
    The key used to decrypt encrypted responses from the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    DigestAlgorithm string
    Sign Request Algorithm Digest.
    DisableCache bool
    Indicates whether to disable the cache or not.
    DisableSelfServiceChangePassword bool
    Indicates whether to remove the forgot password link within the New Universal Login.
    DisableSignOut bool
    When enabled, will disable sign out.
    DisableSignup bool
    Indicates whether to allow user sign-ups to your application.
    DiscoveryUrl string
    OpenID discovery URL, e.g. https://auth.example.com/.well-known/openid-configuration.
    Domain string
    Domain name.
    DomainAliases []string
    List of the domains that can be authenticated using the identity provider. Only needed for Identifier First authentication flows.
    EnableScriptContext bool
    Set to true to inject context into custom DB scripts (warning: cannot be disabled once enabled).
    EnabledDatabaseCustomization bool
    Set to true to use a legacy user store.
    EntityId string
    Custom Entity ID for the connection.
    FedMetadataXml string
    Federation Metadata for the ADFS connection.
    FieldsMap string
    If you're configuring a SAML enterprise connection for a non-standard PingFederate Server, you must update the attribute mappings.
    ForwardRequestInfo bool
    Specifies whether or not request info should be forwarded to sms gateway.
    From string
    Address to use as the sender.
    GatewayAuthentications []GetConnectionOptionGatewayAuthentication
    Defines the parameters used to generate the auth token for the custom gateway.
    GatewayUrl string
    Defines a custom sms gateway to use instead of Twilio.
    IconUrl string
    Icon URL.
    IdentityApi string
    Azure AD Identity API. Available options are: microsoft-identity-platform-v2.0 or azure-active-directory-v1.0.
    IdpInitiateds []GetConnectionOptionIdpInitiated
    Configuration options for IDP Initiated Authentication. This is an object with the properties: client_id, client_protocol, and client_authorize_query.
    ImportMode bool
    Indicates whether you have a legacy user store and want to gradually migrate those users to the Auth0 user store.
    Ips []string
    A list of IPs.
    Issuer string
    Issuer URL, e.g. https://auth.example.com.
    JwksUri string
    JWKS URI.
    KeyId string
    Apple Key ID.
    MapUserIdToId bool
    By default Auth0 maps user_id to email. Enabling this setting changes the behavior to map user_id to 'id' instead. This can only be defined on a new Google Workspace connection and can not be changed once set.
    MaxGroupsToRetrieve string
    Maximum number of groups to retrieve.
    MessagingServiceSid string
    SID for Copilot. Used when SMS Source is Copilot.
    MetadataUrl string
    The URL of the SAML metadata document.
    MetadataXml string
    The XML content for the SAML metadata document. Values within the xml will take precedence over other attributes set on the options block.
    Mfas []GetConnectionOptionMfa
    Configuration options for multifactor authentication.
    Name string
    The public name of the email or SMS Connection. In most cases this is the same name as the connection name.
    NonPersistentAttrs []string
    If there are user fields that should not be stored in Auth0 databases due to privacy reasons, you can add them to the DenyList here.
    PasswordComplexityOptions []GetConnectionOptionPasswordComplexityOption
    Configuration settings for password complexity.
    PasswordDictionaries []GetConnectionOptionPasswordDictionary
    Configuration settings for the password dictionary check, which does not allow passwords that are part of the password dictionary.
    PasswordHistories []GetConnectionOptionPasswordHistory
    Configuration settings for the password history that is maintained for each user to prevent the reuse of passwords.
    PasswordNoPersonalInfos []GetConnectionOptionPasswordNoPersonalInfo
    Configuration settings for the password personal info check, which does not allow passwords that contain any part of the user's personal data, including user's name, username, nickname, user_metadata.name, user_metadata.first, user_metadata.last, user's email, or first part of the user's email.
    PasswordPolicy string
    Indicates level of password strength to enforce during authentication. A strong password policy will make it difficult, if not improbable, for someone to guess a password through either manual or automated means. Options include none, low, fair, good, excellent.
    PingFederateBaseUrl string
    Ping Federate Server URL.
    PkceEnabled bool
    Enables Proof Key for Code Exchange (PKCE) functionality for OAuth2 connections.
    Precedences []string
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    ProtocolBinding string
    The SAML Response Binding: how the SAML token is received by Auth0 from the IdP.
    Provider string
    Defines the custom sms_gateway provider.
    RequestTemplate string
    Template that formats the SAML request.
    RequiresUsername bool
    Indicates whether the user is required to provide a username in addition to an email address.
    Scopes []string
    Permissions to grant to the connection. Within the Auth0 dashboard these appear under the "Attributes" and "Extended Attributes" sections. Some examples: basic_profile, ext_profile, ext_nested_groups, etc.
    Scripts map[string]string
    A map of scripts used for an OAuth connection. Only accepts a fetchUserProfile script.
    SetUserRootAttributes string
    Determines whether to sync user profile attributes (name, given_name, family_name, nickname, picture) at each login or only on the first login. Options include: on_each_login, on_first_login. Default value: on_each_login.
    ShouldTrustEmailVerifiedConnection string
    Choose how Auth0 sets the email_verified field in the user profile.
    SignInEndpoint string
    SAML single login URL for the connection.
    SignOutEndpoint string
    SAML single logout URL for the connection.
    SignSamlRequest bool
    When enabled, the SAML authentication request will be signed.
    SignatureAlgorithm string
    Sign Request Algorithm.
    SigningCert string
    X.509 signing certificate (encoded in PEM or CER) you retrieved from the IdP, Base64-encoded.
    SigningKeys []GetConnectionOptionSigningKey
    The key used to sign requests in the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    StrategyVersion int
    Version 1 is deprecated, use version 2.
    Subject string
    Subject line of the email.
    Syntax string
    Syntax of the template body.
    TeamId string
    Apple Team ID.
    Template string
    Body of the template.
    TenantDomain string
    Tenant domain name.
    TokenEndpoint string
    Token endpoint.
    Totps []GetConnectionOptionTotp
    Configuration options for one-time passwords.
    TwilioSid string
    SID for your Twilio account.
    TwilioToken string
    AuthToken for your Twilio account.
    Type string
    Value can be back_channel or front_channel. Front Channel will use OIDC protocol with response_mode=form_post and response_type=id_token. Back Channel will use response_type=code.
    UpstreamParams string
    You can pass provider-specific parameters to an identity provider during authentication. The values can either be static per connection or dynamic per user.
    UseCertAuth bool
    Indicates whether to use cert auth or not.
    UseKerberos bool
    Indicates whether to use Kerberos or not.
    UseWsfed bool
    Whether to use WS-Fed.
    UserIdAttribute string
    Attribute in the token that will be mapped to the user_id property in Auth0.
    UserinfoEndpoint string
    User info endpoint.
    Validations []GetConnectionOptionValidation
    Validation of the minimum and maximum values allowed for a user to have as username.
    WaadCommonEndpoint bool
    Indicates whether to use the common endpoint rather than the default endpoint. Typically enabled if you're using this for a multi-tenant application in Azure AD.
    WaadProtocol string
    Protocol to use.
    adfsServer String
    ADFS URL where to fetch the metadata source.
    allowedAudiences List<String>
    List of allowed audiences.
    apiEnableUsers Boolean
    Enable API Access to users.
    appId String
    App ID.
    attributeMaps List<GetConnectionOptionAttributeMap>
    OpenID Connect and Okta Workforce connections can automatically map claims received from the identity provider (IdP). You can configure this mapping through a library template provided by Auth0 or by entering your own template directly. Click here for more info.
    attributes List<GetConnectionOptionAttribute>
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    authParams Map<String,String>
    Query string parameters to be included as part of the generated passwordless email link.
    authorizationEndpoint String
    Authorization endpoint.
    bruteForceProtection Boolean
    Indicates whether to enable brute force protection, which will limit the number of signups and failed logins from a suspicious IP address.
    clientId String
    The strategy's client ID.
    clientSecret String
    The strategy's client secret.
    communityBaseUrl String
    Salesforce community base URL.
    configuration Map<String,String>
    A case-sensitive map of key value pairs used as configuration variables for the custom_script.
    connectionSettings List<GetConnectionOptionConnectionSetting>
    Proof Key for Code Exchange (PKCE) configuration settings for an OIDC or Okta Workforce connection.
    customScripts Map<String,String>
    A map of scripts used to integrate with a custom database.
    debug Boolean
    When enabled, additional debug information will be generated.
    decryptionKeys List<GetConnectionOptionDecryptionKey>
    The key used to decrypt encrypted responses from the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    digestAlgorithm String
    Sign Request Algorithm Digest.
    disableCache Boolean
    Indicates whether to disable the cache or not.
    disableSelfServiceChangePassword Boolean
    Indicates whether to remove the forgot password link within the New Universal Login.
    disableSignOut Boolean
    When enabled, will disable sign out.
    disableSignup Boolean
    Indicates whether to allow user sign-ups to your application.
    discoveryUrl String
    OpenID discovery URL, e.g. https://auth.example.com/.well-known/openid-configuration.
    domain String
    Domain name.
    domainAliases List<String>
    List of the domains that can be authenticated using the identity provider. Only needed for Identifier First authentication flows.
    enableScriptContext Boolean
    Set to true to inject context into custom DB scripts (warning: cannot be disabled once enabled).
    enabledDatabaseCustomization Boolean
    Set to true to use a legacy user store.
    entityId String
    Custom Entity ID for the connection.
    fedMetadataXml String
    Federation Metadata for the ADFS connection.
    fieldsMap String
    If you're configuring a SAML enterprise connection for a non-standard PingFederate Server, you must update the attribute mappings.
    forwardRequestInfo Boolean
    Specifies whether or not request info should be forwarded to sms gateway.
    from String
    Address to use as the sender.
    gatewayAuthentications List<GetConnectionOptionGatewayAuthentication>
    Defines the parameters used to generate the auth token for the custom gateway.
    gatewayUrl String
    Defines a custom sms gateway to use instead of Twilio.
    iconUrl String
    Icon URL.
    identityApi String
    Azure AD Identity API. Available options are: microsoft-identity-platform-v2.0 or azure-active-directory-v1.0.
    idpInitiateds List<GetConnectionOptionIdpInitiated>
    Configuration options for IDP Initiated Authentication. This is an object with the properties: client_id, client_protocol, and client_authorize_query.
    importMode Boolean
    Indicates whether you have a legacy user store and want to gradually migrate those users to the Auth0 user store.
    ips List<String>
    A list of IPs.
    issuer String
    Issuer URL, e.g. https://auth.example.com.
    jwksUri String
    JWKS URI.
    keyId String
    Apple Key ID.
    mapUserIdToId Boolean
    By default Auth0 maps user_id to email. Enabling this setting changes the behavior to map user_id to 'id' instead. This can only be defined on a new Google Workspace connection and can not be changed once set.
    maxGroupsToRetrieve String
    Maximum number of groups to retrieve.
    messagingServiceSid String
    SID for Copilot. Used when SMS Source is Copilot.
    metadataUrl String
    The URL of the SAML metadata document.
    metadataXml String
    The XML content for the SAML metadata document. Values within the xml will take precedence over other attributes set on the options block.
    mfas List<GetConnectionOptionMfa>
    Configuration options for multifactor authentication.
    name String
    The public name of the email or SMS Connection. In most cases this is the same name as the connection name.
    nonPersistentAttrs List<String>
    If there are user fields that should not be stored in Auth0 databases due to privacy reasons, you can add them to the DenyList here.
    passwordComplexityOptions List<GetConnectionOptionPasswordComplexityOption>
    Configuration settings for password complexity.
    passwordDictionaries List<GetConnectionOptionPasswordDictionary>
    Configuration settings for the password dictionary check, which does not allow passwords that are part of the password dictionary.
    passwordHistories List<GetConnectionOptionPasswordHistory>
    Configuration settings for the password history that is maintained for each user to prevent the reuse of passwords.
    passwordNoPersonalInfos List<GetConnectionOptionPasswordNoPersonalInfo>
    Configuration settings for the password personal info check, which does not allow passwords that contain any part of the user's personal data, including user's name, username, nickname, user_metadata.name, user_metadata.first, user_metadata.last, user's email, or first part of the user's email.
    passwordPolicy String
    Indicates level of password strength to enforce during authentication. A strong password policy will make it difficult, if not improbable, for someone to guess a password through either manual or automated means. Options include none, low, fair, good, excellent.
    pingFederateBaseUrl String
    Ping Federate Server URL.
    pkceEnabled Boolean
    Enables Proof Key for Code Exchange (PKCE) functionality for OAuth2 connections.
    precedences List<String>
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    protocolBinding String
    The SAML Response Binding: how the SAML token is received by Auth0 from the IdP.
    provider String
    Defines the custom sms_gateway provider.
    requestTemplate String
    Template that formats the SAML request.
    requiresUsername Boolean
    Indicates whether the user is required to provide a username in addition to an email address.
    scopes List<String>
    Permissions to grant to the connection. Within the Auth0 dashboard these appear under the "Attributes" and "Extended Attributes" sections. Some examples: basic_profile, ext_profile, ext_nested_groups, etc.
    scripts Map<String,String>
    A map of scripts used for an OAuth connection. Only accepts a fetchUserProfile script.
    setUserRootAttributes String
    Determines whether to sync user profile attributes (name, given_name, family_name, nickname, picture) at each login or only on the first login. Options include: on_each_login, on_first_login. Default value: on_each_login.
    shouldTrustEmailVerifiedConnection String
    Choose how Auth0 sets the email_verified field in the user profile.
    signInEndpoint String
    SAML single login URL for the connection.
    signOutEndpoint String
    SAML single logout URL for the connection.
    signSamlRequest Boolean
    When enabled, the SAML authentication request will be signed.
    signatureAlgorithm String
    Sign Request Algorithm.
    signingCert String
    X.509 signing certificate (encoded in PEM or CER) you retrieved from the IdP, Base64-encoded.
    signingKeys List<GetConnectionOptionSigningKey>
    The key used to sign requests in the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    strategyVersion Integer
    Version 1 is deprecated, use version 2.
    subject String
    Subject line of the email.
    syntax String
    Syntax of the template body.
    teamId String
    Apple Team ID.
    template String
    Body of the template.
    tenantDomain String
    Tenant domain name.
    tokenEndpoint String
    Token endpoint.
    totps List<GetConnectionOptionTotp>
    Configuration options for one-time passwords.
    twilioSid String
    SID for your Twilio account.
    twilioToken String
    AuthToken for your Twilio account.
    type String
    Value can be back_channel or front_channel. Front Channel will use OIDC protocol with response_mode=form_post and response_type=id_token. Back Channel will use response_type=code.
    upstreamParams String
    You can pass provider-specific parameters to an identity provider during authentication. The values can either be static per connection or dynamic per user.
    useCertAuth Boolean
    Indicates whether to use cert auth or not.
    useKerberos Boolean
    Indicates whether to use Kerberos or not.
    useWsfed Boolean
    Whether to use WS-Fed.
    userIdAttribute String
    Attribute in the token that will be mapped to the user_id property in Auth0.
    userinfoEndpoint String
    User info endpoint.
    validations List<GetConnectionOptionValidation>
    Validation of the minimum and maximum values allowed for a user to have as username.
    waadCommonEndpoint Boolean
    Indicates whether to use the common endpoint rather than the default endpoint. Typically enabled if you're using this for a multi-tenant application in Azure AD.
    waadProtocol String
    Protocol to use.
    adfsServer string
    ADFS URL where to fetch the metadata source.
    allowedAudiences string[]
    List of allowed audiences.
    apiEnableUsers boolean
    Enable API Access to users.
    appId string
    App ID.
    attributeMaps GetConnectionOptionAttributeMap[]
    OpenID Connect and Okta Workforce connections can automatically map claims received from the identity provider (IdP). You can configure this mapping through a library template provided by Auth0 or by entering your own template directly. Click here for more info.
    attributes GetConnectionOptionAttribute[]
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    authParams {[key: string]: string}
    Query string parameters to be included as part of the generated passwordless email link.
    authorizationEndpoint string
    Authorization endpoint.
    bruteForceProtection boolean
    Indicates whether to enable brute force protection, which will limit the number of signups and failed logins from a suspicious IP address.
    clientId string
    The strategy's client ID.
    clientSecret string
    The strategy's client secret.
    communityBaseUrl string
    Salesforce community base URL.
    configuration {[key: string]: string}
    A case-sensitive map of key value pairs used as configuration variables for the custom_script.
    connectionSettings GetConnectionOptionConnectionSetting[]
    Proof Key for Code Exchange (PKCE) configuration settings for an OIDC or Okta Workforce connection.
    customScripts {[key: string]: string}
    A map of scripts used to integrate with a custom database.
    debug boolean
    When enabled, additional debug information will be generated.
    decryptionKeys GetConnectionOptionDecryptionKey[]
    The key used to decrypt encrypted responses from the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    digestAlgorithm string
    Sign Request Algorithm Digest.
    disableCache boolean
    Indicates whether to disable the cache or not.
    disableSelfServiceChangePassword boolean
    Indicates whether to remove the forgot password link within the New Universal Login.
    disableSignOut boolean
    When enabled, will disable sign out.
    disableSignup boolean
    Indicates whether to allow user sign-ups to your application.
    discoveryUrl string
    OpenID discovery URL, e.g. https://auth.example.com/.well-known/openid-configuration.
    domain string
    Domain name.
    domainAliases string[]
    List of the domains that can be authenticated using the identity provider. Only needed for Identifier First authentication flows.
    enableScriptContext boolean
    Set to true to inject context into custom DB scripts (warning: cannot be disabled once enabled).
    enabledDatabaseCustomization boolean
    Set to true to use a legacy user store.
    entityId string
    Custom Entity ID for the connection.
    fedMetadataXml string
    Federation Metadata for the ADFS connection.
    fieldsMap string
    If you're configuring a SAML enterprise connection for a non-standard PingFederate Server, you must update the attribute mappings.
    forwardRequestInfo boolean
    Specifies whether or not request info should be forwarded to sms gateway.
    from string
    Address to use as the sender.
    gatewayAuthentications GetConnectionOptionGatewayAuthentication[]
    Defines the parameters used to generate the auth token for the custom gateway.
    gatewayUrl string
    Defines a custom sms gateway to use instead of Twilio.
    iconUrl string
    Icon URL.
    identityApi string
    Azure AD Identity API. Available options are: microsoft-identity-platform-v2.0 or azure-active-directory-v1.0.
    idpInitiateds GetConnectionOptionIdpInitiated[]
    Configuration options for IDP Initiated Authentication. This is an object with the properties: client_id, client_protocol, and client_authorize_query.
    importMode boolean
    Indicates whether you have a legacy user store and want to gradually migrate those users to the Auth0 user store.
    ips string[]
    A list of IPs.
    issuer string
    Issuer URL, e.g. https://auth.example.com.
    jwksUri string
    JWKS URI.
    keyId string
    Apple Key ID.
    mapUserIdToId boolean
    By default Auth0 maps user_id to email. Enabling this setting changes the behavior to map user_id to 'id' instead. This can only be defined on a new Google Workspace connection and can not be changed once set.
    maxGroupsToRetrieve string
    Maximum number of groups to retrieve.
    messagingServiceSid string
    SID for Copilot. Used when SMS Source is Copilot.
    metadataUrl string
    The URL of the SAML metadata document.
    metadataXml string
    The XML content for the SAML metadata document. Values within the xml will take precedence over other attributes set on the options block.
    mfas GetConnectionOptionMfa[]
    Configuration options for multifactor authentication.
    name string
    The public name of the email or SMS Connection. In most cases this is the same name as the connection name.
    nonPersistentAttrs string[]
    If there are user fields that should not be stored in Auth0 databases due to privacy reasons, you can add them to the DenyList here.
    passwordComplexityOptions GetConnectionOptionPasswordComplexityOption[]
    Configuration settings for password complexity.
    passwordDictionaries GetConnectionOptionPasswordDictionary[]
    Configuration settings for the password dictionary check, which does not allow passwords that are part of the password dictionary.
    passwordHistories GetConnectionOptionPasswordHistory[]
    Configuration settings for the password history that is maintained for each user to prevent the reuse of passwords.
    passwordNoPersonalInfos GetConnectionOptionPasswordNoPersonalInfo[]
    Configuration settings for the password personal info check, which does not allow passwords that contain any part of the user's personal data, including user's name, username, nickname, user_metadata.name, user_metadata.first, user_metadata.last, user's email, or first part of the user's email.
    passwordPolicy string
    Indicates level of password strength to enforce during authentication. A strong password policy will make it difficult, if not improbable, for someone to guess a password through either manual or automated means. Options include none, low, fair, good, excellent.
    pingFederateBaseUrl string
    Ping Federate Server URL.
    pkceEnabled boolean
    Enables Proof Key for Code Exchange (PKCE) functionality for OAuth2 connections.
    precedences string[]
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    protocolBinding string
    The SAML Response Binding: how the SAML token is received by Auth0 from the IdP.
    provider string
    Defines the custom sms_gateway provider.
    requestTemplate string
    Template that formats the SAML request.
    requiresUsername boolean
    Indicates whether the user is required to provide a username in addition to an email address.
    scopes string[]
    Permissions to grant to the connection. Within the Auth0 dashboard these appear under the "Attributes" and "Extended Attributes" sections. Some examples: basic_profile, ext_profile, ext_nested_groups, etc.
    scripts {[key: string]: string}
    A map of scripts used for an OAuth connection. Only accepts a fetchUserProfile script.
    setUserRootAttributes string
    Determines whether to sync user profile attributes (name, given_name, family_name, nickname, picture) at each login or only on the first login. Options include: on_each_login, on_first_login. Default value: on_each_login.
    shouldTrustEmailVerifiedConnection string
    Choose how Auth0 sets the email_verified field in the user profile.
    signInEndpoint string
    SAML single login URL for the connection.
    signOutEndpoint string
    SAML single logout URL for the connection.
    signSamlRequest boolean
    When enabled, the SAML authentication request will be signed.
    signatureAlgorithm string
    Sign Request Algorithm.
    signingCert string
    X.509 signing certificate (encoded in PEM or CER) you retrieved from the IdP, Base64-encoded.
    signingKeys GetConnectionOptionSigningKey[]
    The key used to sign requests in the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    strategyVersion number
    Version 1 is deprecated, use version 2.
    subject string
    Subject line of the email.
    syntax string
    Syntax of the template body.
    teamId string
    Apple Team ID.
    template string
    Body of the template.
    tenantDomain string
    Tenant domain name.
    tokenEndpoint string
    Token endpoint.
    totps GetConnectionOptionTotp[]
    Configuration options for one-time passwords.
    twilioSid string
    SID for your Twilio account.
    twilioToken string
    AuthToken for your Twilio account.
    type string
    Value can be back_channel or front_channel. Front Channel will use OIDC protocol with response_mode=form_post and response_type=id_token. Back Channel will use response_type=code.
    upstreamParams string
    You can pass provider-specific parameters to an identity provider during authentication. The values can either be static per connection or dynamic per user.
    useCertAuth boolean
    Indicates whether to use cert auth or not.
    useKerberos boolean
    Indicates whether to use Kerberos or not.
    useWsfed boolean
    Whether to use WS-Fed.
    userIdAttribute string
    Attribute in the token that will be mapped to the user_id property in Auth0.
    userinfoEndpoint string
    User info endpoint.
    validations GetConnectionOptionValidation[]
    Validation of the minimum and maximum values allowed for a user to have as username.
    waadCommonEndpoint boolean
    Indicates whether to use the common endpoint rather than the default endpoint. Typically enabled if you're using this for a multi-tenant application in Azure AD.
    waadProtocol string
    Protocol to use.
    adfs_server str
    ADFS URL where to fetch the metadata source.
    allowed_audiences Sequence[str]
    List of allowed audiences.
    api_enable_users bool
    Enable API Access to users.
    app_id str
    App ID.
    attribute_maps Sequence[GetConnectionOptionAttributeMap]
    OpenID Connect and Okta Workforce connections can automatically map claims received from the identity provider (IdP). You can configure this mapping through a library template provided by Auth0 or by entering your own template directly. Click here for more info.
    attributes Sequence[GetConnectionOptionAttribute]
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    auth_params Mapping[str, str]
    Query string parameters to be included as part of the generated passwordless email link.
    authorization_endpoint str
    Authorization endpoint.
    brute_force_protection bool
    Indicates whether to enable brute force protection, which will limit the number of signups and failed logins from a suspicious IP address.
    client_id str
    The strategy's client ID.
    client_secret str
    The strategy's client secret.
    community_base_url str
    Salesforce community base URL.
    configuration Mapping[str, str]
    A case-sensitive map of key value pairs used as configuration variables for the custom_script.
    connection_settings Sequence[GetConnectionOptionConnectionSetting]
    Proof Key for Code Exchange (PKCE) configuration settings for an OIDC or Okta Workforce connection.
    custom_scripts Mapping[str, str]
    A map of scripts used to integrate with a custom database.
    debug bool
    When enabled, additional debug information will be generated.
    decryption_keys Sequence[GetConnectionOptionDecryptionKey]
    The key used to decrypt encrypted responses from the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    digest_algorithm str
    Sign Request Algorithm Digest.
    disable_cache bool
    Indicates whether to disable the cache or not.
    disable_self_service_change_password bool
    Indicates whether to remove the forgot password link within the New Universal Login.
    disable_sign_out bool
    When enabled, will disable sign out.
    disable_signup bool
    Indicates whether to allow user sign-ups to your application.
    discovery_url str
    OpenID discovery URL, e.g. https://auth.example.com/.well-known/openid-configuration.
    domain str
    Domain name.
    domain_aliases Sequence[str]
    List of the domains that can be authenticated using the identity provider. Only needed for Identifier First authentication flows.
    enable_script_context bool
    Set to true to inject context into custom DB scripts (warning: cannot be disabled once enabled).
    enabled_database_customization bool
    Set to true to use a legacy user store.
    entity_id str
    Custom Entity ID for the connection.
    fed_metadata_xml str
    Federation Metadata for the ADFS connection.
    fields_map str
    If you're configuring a SAML enterprise connection for a non-standard PingFederate Server, you must update the attribute mappings.
    forward_request_info bool
    Specifies whether or not request info should be forwarded to sms gateway.
    from_ str
    Address to use as the sender.
    gateway_authentications Sequence[GetConnectionOptionGatewayAuthentication]
    Defines the parameters used to generate the auth token for the custom gateway.
    gateway_url str
    Defines a custom sms gateway to use instead of Twilio.
    icon_url str
    Icon URL.
    identity_api str
    Azure AD Identity API. Available options are: microsoft-identity-platform-v2.0 or azure-active-directory-v1.0.
    idp_initiateds Sequence[GetConnectionOptionIdpInitiated]
    Configuration options for IDP Initiated Authentication. This is an object with the properties: client_id, client_protocol, and client_authorize_query.
    import_mode bool
    Indicates whether you have a legacy user store and want to gradually migrate those users to the Auth0 user store.
    ips Sequence[str]
    A list of IPs.
    issuer str
    Issuer URL, e.g. https://auth.example.com.
    jwks_uri str
    JWKS URI.
    key_id str
    Apple Key ID.
    map_user_id_to_id bool
    By default Auth0 maps user_id to email. Enabling this setting changes the behavior to map user_id to 'id' instead. This can only be defined on a new Google Workspace connection and can not be changed once set.
    max_groups_to_retrieve str
    Maximum number of groups to retrieve.
    messaging_service_sid str
    SID for Copilot. Used when SMS Source is Copilot.
    metadata_url str
    The URL of the SAML metadata document.
    metadata_xml str
    The XML content for the SAML metadata document. Values within the xml will take precedence over other attributes set on the options block.
    mfas Sequence[GetConnectionOptionMfa]
    Configuration options for multifactor authentication.
    name str
    The public name of the email or SMS Connection. In most cases this is the same name as the connection name.
    non_persistent_attrs Sequence[str]
    If there are user fields that should not be stored in Auth0 databases due to privacy reasons, you can add them to the DenyList here.
    password_complexity_options Sequence[GetConnectionOptionPasswordComplexityOption]
    Configuration settings for password complexity.
    password_dictionaries Sequence[GetConnectionOptionPasswordDictionary]
    Configuration settings for the password dictionary check, which does not allow passwords that are part of the password dictionary.
    password_histories Sequence[GetConnectionOptionPasswordHistory]
    Configuration settings for the password history that is maintained for each user to prevent the reuse of passwords.
    password_no_personal_infos Sequence[GetConnectionOptionPasswordNoPersonalInfo]
    Configuration settings for the password personal info check, which does not allow passwords that contain any part of the user's personal data, including user's name, username, nickname, user_metadata.name, user_metadata.first, user_metadata.last, user's email, or first part of the user's email.
    password_policy str
    Indicates level of password strength to enforce during authentication. A strong password policy will make it difficult, if not improbable, for someone to guess a password through either manual or automated means. Options include none, low, fair, good, excellent.
    ping_federate_base_url str
    Ping Federate Server URL.
    pkce_enabled bool
    Enables Proof Key for Code Exchange (PKCE) functionality for OAuth2 connections.
    precedences Sequence[str]
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    protocol_binding str
    The SAML Response Binding: how the SAML token is received by Auth0 from the IdP.
    provider str
    Defines the custom sms_gateway provider.
    request_template str
    Template that formats the SAML request.
    requires_username bool
    Indicates whether the user is required to provide a username in addition to an email address.
    scopes Sequence[str]
    Permissions to grant to the connection. Within the Auth0 dashboard these appear under the "Attributes" and "Extended Attributes" sections. Some examples: basic_profile, ext_profile, ext_nested_groups, etc.
    scripts Mapping[str, str]
    A map of scripts used for an OAuth connection. Only accepts a fetchUserProfile script.
    set_user_root_attributes str
    Determines whether to sync user profile attributes (name, given_name, family_name, nickname, picture) at each login or only on the first login. Options include: on_each_login, on_first_login. Default value: on_each_login.
    should_trust_email_verified_connection str
    Choose how Auth0 sets the email_verified field in the user profile.
    sign_in_endpoint str
    SAML single login URL for the connection.
    sign_out_endpoint str
    SAML single logout URL for the connection.
    sign_saml_request bool
    When enabled, the SAML authentication request will be signed.
    signature_algorithm str
    Sign Request Algorithm.
    signing_cert str
    X.509 signing certificate (encoded in PEM or CER) you retrieved from the IdP, Base64-encoded.
    signing_keys Sequence[GetConnectionOptionSigningKey]
    The key used to sign requests in the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    strategy_version int
    Version 1 is deprecated, use version 2.
    subject str
    Subject line of the email.
    syntax str
    Syntax of the template body.
    team_id str
    Apple Team ID.
    template str
    Body of the template.
    tenant_domain str
    Tenant domain name.
    token_endpoint str
    Token endpoint.
    totps Sequence[GetConnectionOptionTotp]
    Configuration options for one-time passwords.
    twilio_sid str
    SID for your Twilio account.
    twilio_token str
    AuthToken for your Twilio account.
    type str
    Value can be back_channel or front_channel. Front Channel will use OIDC protocol with response_mode=form_post and response_type=id_token. Back Channel will use response_type=code.
    upstream_params str
    You can pass provider-specific parameters to an identity provider during authentication. The values can either be static per connection or dynamic per user.
    use_cert_auth bool
    Indicates whether to use cert auth or not.
    use_kerberos bool
    Indicates whether to use Kerberos or not.
    use_wsfed bool
    Whether to use WS-Fed.
    user_id_attribute str
    Attribute in the token that will be mapped to the user_id property in Auth0.
    userinfo_endpoint str
    User info endpoint.
    validations Sequence[GetConnectionOptionValidation]
    Validation of the minimum and maximum values allowed for a user to have as username.
    waad_common_endpoint bool
    Indicates whether to use the common endpoint rather than the default endpoint. Typically enabled if you're using this for a multi-tenant application in Azure AD.
    waad_protocol str
    Protocol to use.
    adfsServer String
    ADFS URL where to fetch the metadata source.
    allowedAudiences List<String>
    List of allowed audiences.
    apiEnableUsers Boolean
    Enable API Access to users.
    appId String
    App ID.
    attributeMaps List<Property Map>
    OpenID Connect and Okta Workforce connections can automatically map claims received from the identity provider (IdP). You can configure this mapping through a library template provided by Auth0 or by entering your own template directly. Click here for more info.
    attributes List<Property Map>
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    authParams Map<String>
    Query string parameters to be included as part of the generated passwordless email link.
    authorizationEndpoint String
    Authorization endpoint.
    bruteForceProtection Boolean
    Indicates whether to enable brute force protection, which will limit the number of signups and failed logins from a suspicious IP address.
    clientId String
    The strategy's client ID.
    clientSecret String
    The strategy's client secret.
    communityBaseUrl String
    Salesforce community base URL.
    configuration Map<String>
    A case-sensitive map of key value pairs used as configuration variables for the custom_script.
    connectionSettings List<Property Map>
    Proof Key for Code Exchange (PKCE) configuration settings for an OIDC or Okta Workforce connection.
    customScripts Map<String>
    A map of scripts used to integrate with a custom database.
    debug Boolean
    When enabled, additional debug information will be generated.
    decryptionKeys List<Property Map>
    The key used to decrypt encrypted responses from the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    digestAlgorithm String
    Sign Request Algorithm Digest.
    disableCache Boolean
    Indicates whether to disable the cache or not.
    disableSelfServiceChangePassword Boolean
    Indicates whether to remove the forgot password link within the New Universal Login.
    disableSignOut Boolean
    When enabled, will disable sign out.
    disableSignup Boolean
    Indicates whether to allow user sign-ups to your application.
    discoveryUrl String
    OpenID discovery URL, e.g. https://auth.example.com/.well-known/openid-configuration.
    domain String
    Domain name.
    domainAliases List<String>
    List of the domains that can be authenticated using the identity provider. Only needed for Identifier First authentication flows.
    enableScriptContext Boolean
    Set to true to inject context into custom DB scripts (warning: cannot be disabled once enabled).
    enabledDatabaseCustomization Boolean
    Set to true to use a legacy user store.
    entityId String
    Custom Entity ID for the connection.
    fedMetadataXml String
    Federation Metadata for the ADFS connection.
    fieldsMap String
    If you're configuring a SAML enterprise connection for a non-standard PingFederate Server, you must update the attribute mappings.
    forwardRequestInfo Boolean
    Specifies whether or not request info should be forwarded to sms gateway.
    from String
    Address to use as the sender.
    gatewayAuthentications List<Property Map>
    Defines the parameters used to generate the auth token for the custom gateway.
    gatewayUrl String
    Defines a custom sms gateway to use instead of Twilio.
    iconUrl String
    Icon URL.
    identityApi String
    Azure AD Identity API. Available options are: microsoft-identity-platform-v2.0 or azure-active-directory-v1.0.
    idpInitiateds List<Property Map>
    Configuration options for IDP Initiated Authentication. This is an object with the properties: client_id, client_protocol, and client_authorize_query.
    importMode Boolean
    Indicates whether you have a legacy user store and want to gradually migrate those users to the Auth0 user store.
    ips List<String>
    A list of IPs.
    issuer String
    Issuer URL, e.g. https://auth.example.com.
    jwksUri String
    JWKS URI.
    keyId String
    Apple Key ID.
    mapUserIdToId Boolean
    By default Auth0 maps user_id to email. Enabling this setting changes the behavior to map user_id to 'id' instead. This can only be defined on a new Google Workspace connection and can not be changed once set.
    maxGroupsToRetrieve String
    Maximum number of groups to retrieve.
    messagingServiceSid String
    SID for Copilot. Used when SMS Source is Copilot.
    metadataUrl String
    The URL of the SAML metadata document.
    metadataXml String
    The XML content for the SAML metadata document. Values within the xml will take precedence over other attributes set on the options block.
    mfas List<Property Map>
    Configuration options for multifactor authentication.
    name String
    The public name of the email or SMS Connection. In most cases this is the same name as the connection name.
    nonPersistentAttrs List<String>
    If there are user fields that should not be stored in Auth0 databases due to privacy reasons, you can add them to the DenyList here.
    passwordComplexityOptions List<Property Map>
    Configuration settings for password complexity.
    passwordDictionaries List<Property Map>
    Configuration settings for the password dictionary check, which does not allow passwords that are part of the password dictionary.
    passwordHistories List<Property Map>
    Configuration settings for the password history that is maintained for each user to prevent the reuse of passwords.
    passwordNoPersonalInfos List<Property Map>
    Configuration settings for the password personal info check, which does not allow passwords that contain any part of the user's personal data, including user's name, username, nickname, user_metadata.name, user_metadata.first, user_metadata.last, user's email, or first part of the user's email.
    passwordPolicy String
    Indicates level of password strength to enforce during authentication. A strong password policy will make it difficult, if not improbable, for someone to guess a password through either manual or automated means. Options include none, low, fair, good, excellent.
    pingFederateBaseUrl String
    Ping Federate Server URL.
    pkceEnabled Boolean
    Enables Proof Key for Code Exchange (PKCE) functionality for OAuth2 connections.
    precedences List<String>
    Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
    protocolBinding String
    The SAML Response Binding: how the SAML token is received by Auth0 from the IdP.
    provider String
    Defines the custom sms_gateway provider.
    requestTemplate String
    Template that formats the SAML request.
    requiresUsername Boolean
    Indicates whether the user is required to provide a username in addition to an email address.
    scopes List<String>
    Permissions to grant to the connection. Within the Auth0 dashboard these appear under the "Attributes" and "Extended Attributes" sections. Some examples: basic_profile, ext_profile, ext_nested_groups, etc.
    scripts Map<String>
    A map of scripts used for an OAuth connection. Only accepts a fetchUserProfile script.
    setUserRootAttributes String
    Determines whether to sync user profile attributes (name, given_name, family_name, nickname, picture) at each login or only on the first login. Options include: on_each_login, on_first_login. Default value: on_each_login.
    shouldTrustEmailVerifiedConnection String
    Choose how Auth0 sets the email_verified field in the user profile.
    signInEndpoint String
    SAML single login URL for the connection.
    signOutEndpoint String
    SAML single logout URL for the connection.
    signSamlRequest Boolean
    When enabled, the SAML authentication request will be signed.
    signatureAlgorithm String
    Sign Request Algorithm.
    signingCert String
    X.509 signing certificate (encoded in PEM or CER) you retrieved from the IdP, Base64-encoded.
    signingKeys List<Property Map>
    The key used to sign requests in the connection. Uses the key and cert properties to provide the private key and certificate respectively.
    strategyVersion Number
    Version 1 is deprecated, use version 2.
    subject String
    Subject line of the email.
    syntax String
    Syntax of the template body.
    teamId String
    Apple Team ID.
    template String
    Body of the template.
    tenantDomain String
    Tenant domain name.
    tokenEndpoint String
    Token endpoint.
    totps List<Property Map>
    Configuration options for one-time passwords.
    twilioSid String
    SID for your Twilio account.
    twilioToken String
    AuthToken for your Twilio account.
    type String
    Value can be back_channel or front_channel. Front Channel will use OIDC protocol with response_mode=form_post and response_type=id_token. Back Channel will use response_type=code.
    upstreamParams String
    You can pass provider-specific parameters to an identity provider during authentication. The values can either be static per connection or dynamic per user.
    useCertAuth Boolean
    Indicates whether to use cert auth or not.
    useKerberos Boolean
    Indicates whether to use Kerberos or not.
    useWsfed Boolean
    Whether to use WS-Fed.
    userIdAttribute String
    Attribute in the token that will be mapped to the user_id property in Auth0.
    userinfoEndpoint String
    User info endpoint.
    validations List<Property Map>
    Validation of the minimum and maximum values allowed for a user to have as username.
    waadCommonEndpoint Boolean
    Indicates whether to use the common endpoint rather than the default endpoint. Typically enabled if you're using this for a multi-tenant application in Azure AD.
    waadProtocol String
    Protocol to use.

    GetConnectionOptionAttribute

    Emails List<GetConnectionOptionAttributeEmail>
    Connection Options for Email Attribute
    PhoneNumbers List<GetConnectionOptionAttributePhoneNumber>
    Connection Options for Phone Number Attribute
    Usernames List<GetConnectionOptionAttributeUsername>
    Connection Options for User Name Attribute
    Emails []GetConnectionOptionAttributeEmail
    Connection Options for Email Attribute
    PhoneNumbers []GetConnectionOptionAttributePhoneNumber
    Connection Options for Phone Number Attribute
    Usernames []GetConnectionOptionAttributeUsername
    Connection Options for User Name Attribute
    emails List<GetConnectionOptionAttributeEmail>
    Connection Options for Email Attribute
    phoneNumbers List<GetConnectionOptionAttributePhoneNumber>
    Connection Options for Phone Number Attribute
    usernames List<GetConnectionOptionAttributeUsername>
    Connection Options for User Name Attribute
    emails GetConnectionOptionAttributeEmail[]
    Connection Options for Email Attribute
    phoneNumbers GetConnectionOptionAttributePhoneNumber[]
    Connection Options for Phone Number Attribute
    usernames GetConnectionOptionAttributeUsername[]
    Connection Options for User Name Attribute
    emails Sequence[GetConnectionOptionAttributeEmail]
    Connection Options for Email Attribute
    phone_numbers Sequence[GetConnectionOptionAttributePhoneNumber]
    Connection Options for Phone Number Attribute
    usernames Sequence[GetConnectionOptionAttributeUsername]
    Connection Options for User Name Attribute
    emails List<Property Map>
    Connection Options for Email Attribute
    phoneNumbers List<Property Map>
    Connection Options for Phone Number Attribute
    usernames List<Property Map>
    Connection Options for User Name Attribute

    GetConnectionOptionAttributeEmail

    Identifiers List<GetConnectionOptionAttributeEmailIdentifier>
    Connection Options Email Attribute Identifier
    ProfileRequired bool
    Defines whether Profile is required
    Signups List<GetConnectionOptionAttributeEmailSignup>
    Defines signup settings for Email attribute
    Identifiers []GetConnectionOptionAttributeEmailIdentifier
    Connection Options Email Attribute Identifier
    ProfileRequired bool
    Defines whether Profile is required
    Signups []GetConnectionOptionAttributeEmailSignup
    Defines signup settings for Email attribute
    identifiers List<GetConnectionOptionAttributeEmailIdentifier>
    Connection Options Email Attribute Identifier
    profileRequired Boolean
    Defines whether Profile is required
    signups List<GetConnectionOptionAttributeEmailSignup>
    Defines signup settings for Email attribute
    identifiers GetConnectionOptionAttributeEmailIdentifier[]
    Connection Options Email Attribute Identifier
    profileRequired boolean
    Defines whether Profile is required
    signups GetConnectionOptionAttributeEmailSignup[]
    Defines signup settings for Email attribute
    identifiers Sequence[GetConnectionOptionAttributeEmailIdentifier]
    Connection Options Email Attribute Identifier
    profile_required bool
    Defines whether Profile is required
    signups Sequence[GetConnectionOptionAttributeEmailSignup]
    Defines signup settings for Email attribute
    identifiers List<Property Map>
    Connection Options Email Attribute Identifier
    profileRequired Boolean
    Defines whether Profile is required
    signups List<Property Map>
    Defines signup settings for Email attribute

    GetConnectionOptionAttributeEmailIdentifier

    Active bool
    Defines whether email attribute is active as an identifier
    Active bool
    Defines whether email attribute is active as an identifier
    active Boolean
    Defines whether email attribute is active as an identifier
    active boolean
    Defines whether email attribute is active as an identifier
    active bool
    Defines whether email attribute is active as an identifier
    active Boolean
    Defines whether email attribute is active as an identifier

    GetConnectionOptionAttributeEmailSignup

    Status string
    Defines signup status for Email Attribute
    Verifications List<GetConnectionOptionAttributeEmailSignupVerification>
    Defines settings for Verification under Email attribute
    Status string
    Defines signup status for Email Attribute
    Verifications []GetConnectionOptionAttributeEmailSignupVerification
    Defines settings for Verification under Email attribute
    status String
    Defines signup status for Email Attribute
    verifications List<GetConnectionOptionAttributeEmailSignupVerification>
    Defines settings for Verification under Email attribute
    status string
    Defines signup status for Email Attribute
    verifications GetConnectionOptionAttributeEmailSignupVerification[]
    Defines settings for Verification under Email attribute
    status str
    Defines signup status for Email Attribute
    verifications Sequence[GetConnectionOptionAttributeEmailSignupVerification]
    Defines settings for Verification under Email attribute
    status String
    Defines signup status for Email Attribute
    verifications List<Property Map>
    Defines settings for Verification under Email attribute

    GetConnectionOptionAttributeEmailSignupVerification

    Active bool
    Defines verification settings for signup attribute
    Active bool
    Defines verification settings for signup attribute
    active Boolean
    Defines verification settings for signup attribute
    active boolean
    Defines verification settings for signup attribute
    active bool
    Defines verification settings for signup attribute
    active Boolean
    Defines verification settings for signup attribute

    GetConnectionOptionAttributeMap

    Attributes string
    This property is an object containing mapping information that allows Auth0 to interpret incoming claims from the IdP. Mapping information must be provided as key/value pairs.
    MappingMode string
    Method used to map incoming claims. Possible values: use_map (Okta or OIDC), bind_all (OIDC) or basic_profile (Okta).
    UserinfoScope string
    This property defines the scopes that Auth0 sends to the IdP’s UserInfo endpoint when requested.
    Attributes string
    This property is an object containing mapping information that allows Auth0 to interpret incoming claims from the IdP. Mapping information must be provided as key/value pairs.
    MappingMode string
    Method used to map incoming claims. Possible values: use_map (Okta or OIDC), bind_all (OIDC) or basic_profile (Okta).
    UserinfoScope string
    This property defines the scopes that Auth0 sends to the IdP’s UserInfo endpoint when requested.
    attributes String
    This property is an object containing mapping information that allows Auth0 to interpret incoming claims from the IdP. Mapping information must be provided as key/value pairs.
    mappingMode String
    Method used to map incoming claims. Possible values: use_map (Okta or OIDC), bind_all (OIDC) or basic_profile (Okta).
    userinfoScope String
    This property defines the scopes that Auth0 sends to the IdP’s UserInfo endpoint when requested.
    attributes string
    This property is an object containing mapping information that allows Auth0 to interpret incoming claims from the IdP. Mapping information must be provided as key/value pairs.
    mappingMode string
    Method used to map incoming claims. Possible values: use_map (Okta or OIDC), bind_all (OIDC) or basic_profile (Okta).
    userinfoScope string
    This property defines the scopes that Auth0 sends to the IdP’s UserInfo endpoint when requested.
    attributes str
    This property is an object containing mapping information that allows Auth0 to interpret incoming claims from the IdP. Mapping information must be provided as key/value pairs.
    mapping_mode str
    Method used to map incoming claims. Possible values: use_map (Okta or OIDC), bind_all (OIDC) or basic_profile (Okta).
    userinfo_scope str
    This property defines the scopes that Auth0 sends to the IdP’s UserInfo endpoint when requested.
    attributes String
    This property is an object containing mapping information that allows Auth0 to interpret incoming claims from the IdP. Mapping information must be provided as key/value pairs.
    mappingMode String
    Method used to map incoming claims. Possible values: use_map (Okta or OIDC), bind_all (OIDC) or basic_profile (Okta).
    userinfoScope String
    This property defines the scopes that Auth0 sends to the IdP’s UserInfo endpoint when requested.

    GetConnectionOptionAttributePhoneNumber

    Identifiers List<GetConnectionOptionAttributePhoneNumberIdentifier>
    Connection Options Phone Number Attribute Identifier
    ProfileRequired bool
    Defines whether Profile is required
    Signups List<GetConnectionOptionAttributePhoneNumberSignup>
    Defines signup settings for Phone Number attribute
    Identifiers []GetConnectionOptionAttributePhoneNumberIdentifier
    Connection Options Phone Number Attribute Identifier
    ProfileRequired bool
    Defines whether Profile is required
    Signups []GetConnectionOptionAttributePhoneNumberSignup
    Defines signup settings for Phone Number attribute
    identifiers List<GetConnectionOptionAttributePhoneNumberIdentifier>
    Connection Options Phone Number Attribute Identifier
    profileRequired Boolean
    Defines whether Profile is required
    signups List<GetConnectionOptionAttributePhoneNumberSignup>
    Defines signup settings for Phone Number attribute
    identifiers GetConnectionOptionAttributePhoneNumberIdentifier[]
    Connection Options Phone Number Attribute Identifier
    profileRequired boolean
    Defines whether Profile is required
    signups GetConnectionOptionAttributePhoneNumberSignup[]
    Defines signup settings for Phone Number attribute
    identifiers Sequence[GetConnectionOptionAttributePhoneNumberIdentifier]
    Connection Options Phone Number Attribute Identifier
    profile_required bool
    Defines whether Profile is required
    signups Sequence[GetConnectionOptionAttributePhoneNumberSignup]
    Defines signup settings for Phone Number attribute
    identifiers List<Property Map>
    Connection Options Phone Number Attribute Identifier
    profileRequired Boolean
    Defines whether Profile is required
    signups List<Property Map>
    Defines signup settings for Phone Number attribute

    GetConnectionOptionAttributePhoneNumberIdentifier

    Active bool
    Defines whether Phone Number attribute is active as an identifier
    Active bool
    Defines whether Phone Number attribute is active as an identifier
    active Boolean
    Defines whether Phone Number attribute is active as an identifier
    active boolean
    Defines whether Phone Number attribute is active as an identifier
    active bool
    Defines whether Phone Number attribute is active as an identifier
    active Boolean
    Defines whether Phone Number attribute is active as an identifier

    GetConnectionOptionAttributePhoneNumberSignup

    Status string
    Defines status of signup for Phone Number attribute
    Verifications List<GetConnectionOptionAttributePhoneNumberSignupVerification>
    Defines verification settings for Phone Number attribute
    Status string
    Defines status of signup for Phone Number attribute
    Verifications []GetConnectionOptionAttributePhoneNumberSignupVerification
    Defines verification settings for Phone Number attribute
    status String
    Defines status of signup for Phone Number attribute
    verifications List<GetConnectionOptionAttributePhoneNumberSignupVerification>
    Defines verification settings for Phone Number attribute
    status string
    Defines status of signup for Phone Number attribute
    verifications GetConnectionOptionAttributePhoneNumberSignupVerification[]
    Defines verification settings for Phone Number attribute
    status str
    Defines status of signup for Phone Number attribute
    verifications Sequence[GetConnectionOptionAttributePhoneNumberSignupVerification]
    Defines verification settings for Phone Number attribute
    status String
    Defines status of signup for Phone Number attribute
    verifications List<Property Map>
    Defines verification settings for Phone Number attribute

    GetConnectionOptionAttributePhoneNumberSignupVerification

    Active bool
    Defines verification settings for Phone Number attribute
    Active bool
    Defines verification settings for Phone Number attribute
    active Boolean
    Defines verification settings for Phone Number attribute
    active boolean
    Defines verification settings for Phone Number attribute
    active bool
    Defines verification settings for Phone Number attribute
    active Boolean
    Defines verification settings for Phone Number attribute

    GetConnectionOptionAttributeUsername

    Identifiers List<GetConnectionOptionAttributeUsernameIdentifier>
    Connection options for User Name Attribute Identifier
    ProfileRequired bool
    Defines whether Profile is required
    Signups List<GetConnectionOptionAttributeUsernameSignup>
    Defines signup settings for User Name attribute
    Validations List<GetConnectionOptionAttributeUsernameValidation>
    Defines validation settings for User Name attribute
    Identifiers []GetConnectionOptionAttributeUsernameIdentifier
    Connection options for User Name Attribute Identifier
    ProfileRequired bool
    Defines whether Profile is required
    Signups []GetConnectionOptionAttributeUsernameSignup
    Defines signup settings for User Name attribute
    Validations []GetConnectionOptionAttributeUsernameValidation
    Defines validation settings for User Name attribute
    identifiers List<GetConnectionOptionAttributeUsernameIdentifier>
    Connection options for User Name Attribute Identifier
    profileRequired Boolean
    Defines whether Profile is required
    signups List<GetConnectionOptionAttributeUsernameSignup>
    Defines signup settings for User Name attribute
    validations List<GetConnectionOptionAttributeUsernameValidation>
    Defines validation settings for User Name attribute
    identifiers GetConnectionOptionAttributeUsernameIdentifier[]
    Connection options for User Name Attribute Identifier
    profileRequired boolean
    Defines whether Profile is required
    signups GetConnectionOptionAttributeUsernameSignup[]
    Defines signup settings for User Name attribute
    validations GetConnectionOptionAttributeUsernameValidation[]
    Defines validation settings for User Name attribute
    identifiers Sequence[GetConnectionOptionAttributeUsernameIdentifier]
    Connection options for User Name Attribute Identifier
    profile_required bool
    Defines whether Profile is required
    signups Sequence[GetConnectionOptionAttributeUsernameSignup]
    Defines signup settings for User Name attribute
    validations Sequence[GetConnectionOptionAttributeUsernameValidation]
    Defines validation settings for User Name attribute
    identifiers List<Property Map>
    Connection options for User Name Attribute Identifier
    profileRequired Boolean
    Defines whether Profile is required
    signups List<Property Map>
    Defines signup settings for User Name attribute
    validations List<Property Map>
    Defines validation settings for User Name attribute

    GetConnectionOptionAttributeUsernameIdentifier

    Active bool
    Defines whether UserName attribute is active as an identifier
    Active bool
    Defines whether UserName attribute is active as an identifier
    active Boolean
    Defines whether UserName attribute is active as an identifier
    active boolean
    Defines whether UserName attribute is active as an identifier
    active bool
    Defines whether UserName attribute is active as an identifier
    active Boolean
    Defines whether UserName attribute is active as an identifier

    GetConnectionOptionAttributeUsernameSignup

    Status string
    Defines whether User Name attribute is active as an identifier
    Status string
    Defines whether User Name attribute is active as an identifier
    status String
    Defines whether User Name attribute is active as an identifier
    status string
    Defines whether User Name attribute is active as an identifier
    status str
    Defines whether User Name attribute is active as an identifier
    status String
    Defines whether User Name attribute is active as an identifier

    GetConnectionOptionAttributeUsernameValidation

    AllowedTypes List<GetConnectionOptionAttributeUsernameValidationAllowedType>
    Defines allowed types for for UserName attribute
    MaxLength int
    Defines Max Length for User Name attribute
    MinLength int
    Defines Min Length for User Name attribute
    AllowedTypes []GetConnectionOptionAttributeUsernameValidationAllowedType
    Defines allowed types for for UserName attribute
    MaxLength int
    Defines Max Length for User Name attribute
    MinLength int
    Defines Min Length for User Name attribute
    allowedTypes List<GetConnectionOptionAttributeUsernameValidationAllowedType>
    Defines allowed types for for UserName attribute
    maxLength Integer
    Defines Max Length for User Name attribute
    minLength Integer
    Defines Min Length for User Name attribute
    allowedTypes GetConnectionOptionAttributeUsernameValidationAllowedType[]
    Defines allowed types for for UserName attribute
    maxLength number
    Defines Max Length for User Name attribute
    minLength number
    Defines Min Length for User Name attribute
    allowed_types Sequence[GetConnectionOptionAttributeUsernameValidationAllowedType]
    Defines allowed types for for UserName attribute
    max_length int
    Defines Max Length for User Name attribute
    min_length int
    Defines Min Length for User Name attribute
    allowedTypes List<Property Map>
    Defines allowed types for for UserName attribute
    maxLength Number
    Defines Max Length for User Name attribute
    minLength Number
    Defines Min Length for User Name attribute

    GetConnectionOptionAttributeUsernameValidationAllowedType

    Email bool
    One of the allowed types for UserName signup attribute
    PhoneNumber bool
    One of the allowed types for UserName signup attribute
    Email bool
    One of the allowed types for UserName signup attribute
    PhoneNumber bool
    One of the allowed types for UserName signup attribute
    email Boolean
    One of the allowed types for UserName signup attribute
    phoneNumber Boolean
    One of the allowed types for UserName signup attribute
    email boolean
    One of the allowed types for UserName signup attribute
    phoneNumber boolean
    One of the allowed types for UserName signup attribute
    email bool
    One of the allowed types for UserName signup attribute
    phone_number bool
    One of the allowed types for UserName signup attribute
    email Boolean
    One of the allowed types for UserName signup attribute
    phoneNumber Boolean
    One of the allowed types for UserName signup attribute

    GetConnectionOptionConnectionSetting

    Pkce string
    PKCE configuration. Possible values: auto (uses the strongest algorithm available), S256 (uses the SHA-256 algorithm), plain (uses plaintext as described in the PKCE specification) or disabled (disables support for PKCE).
    Pkce string
    PKCE configuration. Possible values: auto (uses the strongest algorithm available), S256 (uses the SHA-256 algorithm), plain (uses plaintext as described in the PKCE specification) or disabled (disables support for PKCE).
    pkce String
    PKCE configuration. Possible values: auto (uses the strongest algorithm available), S256 (uses the SHA-256 algorithm), plain (uses plaintext as described in the PKCE specification) or disabled (disables support for PKCE).
    pkce string
    PKCE configuration. Possible values: auto (uses the strongest algorithm available), S256 (uses the SHA-256 algorithm), plain (uses plaintext as described in the PKCE specification) or disabled (disables support for PKCE).
    pkce str
    PKCE configuration. Possible values: auto (uses the strongest algorithm available), S256 (uses the SHA-256 algorithm), plain (uses plaintext as described in the PKCE specification) or disabled (disables support for PKCE).
    pkce String
    PKCE configuration. Possible values: auto (uses the strongest algorithm available), S256 (uses the SHA-256 algorithm), plain (uses plaintext as described in the PKCE specification) or disabled (disables support for PKCE).

    GetConnectionOptionDecryptionKey

    Cert string
    Key string
    Cert string
    Key string
    cert String
    key String
    cert string
    key string
    cert str
    key str
    cert String
    key String

    GetConnectionOptionGatewayAuthentication

    Audience string
    Audience claim for the HS256 token sent to gateway_url.
    Method string
    Authentication method (default is bearer token).
    Secret string
    Secret used to sign the HS256 token sent to gateway_url.
    SecretBase64Encoded bool
    Specifies whether or not the secret is Base64-encoded.
    Subject string
    Subject claim for the HS256 token sent to gateway_url.
    Audience string
    Audience claim for the HS256 token sent to gateway_url.
    Method string
    Authentication method (default is bearer token).
    Secret string
    Secret used to sign the HS256 token sent to gateway_url.
    SecretBase64Encoded bool
    Specifies whether or not the secret is Base64-encoded.
    Subject string
    Subject claim for the HS256 token sent to gateway_url.
    audience String
    Audience claim for the HS256 token sent to gateway_url.
    method String
    Authentication method (default is bearer token).
    secret String
    Secret used to sign the HS256 token sent to gateway_url.
    secretBase64Encoded Boolean
    Specifies whether or not the secret is Base64-encoded.
    subject String
    Subject claim for the HS256 token sent to gateway_url.
    audience string
    Audience claim for the HS256 token sent to gateway_url.
    method string
    Authentication method (default is bearer token).
    secret string
    Secret used to sign the HS256 token sent to gateway_url.
    secretBase64Encoded boolean
    Specifies whether or not the secret is Base64-encoded.
    subject string
    Subject claim for the HS256 token sent to gateway_url.
    audience str
    Audience claim for the HS256 token sent to gateway_url.
    method str
    Authentication method (default is bearer token).
    secret str
    Secret used to sign the HS256 token sent to gateway_url.
    secret_base64_encoded bool
    Specifies whether or not the secret is Base64-encoded.
    subject str
    Subject claim for the HS256 token sent to gateway_url.
    audience String
    Audience claim for the HS256 token sent to gateway_url.
    method String
    Authentication method (default is bearer token).
    secret String
    Secret used to sign the HS256 token sent to gateway_url.
    secretBase64Encoded Boolean
    Specifies whether or not the secret is Base64-encoded.
    subject String
    Subject claim for the HS256 token sent to gateway_url.

    GetConnectionOptionIdpInitiated

    GetConnectionOptionMfa

    Active bool
    Indicates whether multifactor authentication is enabled for this connection.
    ReturnEnrollSettings bool
    Indicates whether multifactor authentication enrollment settings will be returned.
    Active bool
    Indicates whether multifactor authentication is enabled for this connection.
    ReturnEnrollSettings bool
    Indicates whether multifactor authentication enrollment settings will be returned.
    active Boolean
    Indicates whether multifactor authentication is enabled for this connection.
    returnEnrollSettings Boolean
    Indicates whether multifactor authentication enrollment settings will be returned.
    active boolean
    Indicates whether multifactor authentication is enabled for this connection.
    returnEnrollSettings boolean
    Indicates whether multifactor authentication enrollment settings will be returned.
    active bool
    Indicates whether multifactor authentication is enabled for this connection.
    return_enroll_settings bool
    Indicates whether multifactor authentication enrollment settings will be returned.
    active Boolean
    Indicates whether multifactor authentication is enabled for this connection.
    returnEnrollSettings Boolean
    Indicates whether multifactor authentication enrollment settings will be returned.

    GetConnectionOptionPasswordComplexityOption

    MinLength int
    Minimum number of characters allowed in passwords.
    MinLength int
    Minimum number of characters allowed in passwords.
    minLength Integer
    Minimum number of characters allowed in passwords.
    minLength number
    Minimum number of characters allowed in passwords.
    min_length int
    Minimum number of characters allowed in passwords.
    minLength Number
    Minimum number of characters allowed in passwords.

    GetConnectionOptionPasswordDictionary

    Dictionaries List<string>
    Customized contents of the password dictionary. By default, the password dictionary contains a list of the 10,000 most common passwords; your customized content is used in addition to the default password dictionary. Matching is not case-sensitive.
    Enable bool
    Indicates whether the password dictionary check is enabled for this connection.
    Dictionaries []string
    Customized contents of the password dictionary. By default, the password dictionary contains a list of the 10,000 most common passwords; your customized content is used in addition to the default password dictionary. Matching is not case-sensitive.
    Enable bool
    Indicates whether the password dictionary check is enabled for this connection.
    dictionaries List<String>
    Customized contents of the password dictionary. By default, the password dictionary contains a list of the 10,000 most common passwords; your customized content is used in addition to the default password dictionary. Matching is not case-sensitive.
    enable Boolean
    Indicates whether the password dictionary check is enabled for this connection.
    dictionaries string[]
    Customized contents of the password dictionary. By default, the password dictionary contains a list of the 10,000 most common passwords; your customized content is used in addition to the default password dictionary. Matching is not case-sensitive.
    enable boolean
    Indicates whether the password dictionary check is enabled for this connection.
    dictionaries Sequence[str]
    Customized contents of the password dictionary. By default, the password dictionary contains a list of the 10,000 most common passwords; your customized content is used in addition to the default password dictionary. Matching is not case-sensitive.
    enable bool
    Indicates whether the password dictionary check is enabled for this connection.
    dictionaries List<String>
    Customized contents of the password dictionary. By default, the password dictionary contains a list of the 10,000 most common passwords; your customized content is used in addition to the default password dictionary. Matching is not case-sensitive.
    enable Boolean
    Indicates whether the password dictionary check is enabled for this connection.

    GetConnectionOptionPasswordHistory

    Enable bool
    Size int
    Enable bool
    Size int
    enable Boolean
    size Integer
    enable boolean
    size number
    enable bool
    size int
    enable Boolean
    size Number

    GetConnectionOptionPasswordNoPersonalInfo

    Enable bool
    Enable bool
    enable Boolean
    enable boolean
    enable bool
    enable Boolean

    GetConnectionOptionSigningKey

    Cert string
    Key string
    Cert string
    Key string
    cert String
    key String
    cert string
    key string
    cert str
    key str
    cert String
    key String

    GetConnectionOptionTotp

    Length int
    Length of the one-time password.
    TimeStep int
    Seconds between allowed generation of new passwords.
    Length int
    Length of the one-time password.
    TimeStep int
    Seconds between allowed generation of new passwords.
    length Integer
    Length of the one-time password.
    timeStep Integer
    Seconds between allowed generation of new passwords.
    length number
    Length of the one-time password.
    timeStep number
    Seconds between allowed generation of new passwords.
    length int
    Length of the one-time password.
    time_step int
    Seconds between allowed generation of new passwords.
    length Number
    Length of the one-time password.
    timeStep Number
    Seconds between allowed generation of new passwords.

    GetConnectionOptionValidation

    Usernames List<GetConnectionOptionValidationUsername>
    Specifies the min and max values of username length.
    Usernames []GetConnectionOptionValidationUsername
    Specifies the min and max values of username length.
    usernames List<GetConnectionOptionValidationUsername>
    Specifies the min and max values of username length.
    usernames GetConnectionOptionValidationUsername[]
    Specifies the min and max values of username length.
    usernames Sequence[GetConnectionOptionValidationUsername]
    Specifies the min and max values of username length.
    usernames List<Property Map>
    Specifies the min and max values of username length.

    GetConnectionOptionValidationUsername

    Max int
    Min int
    Max int
    Min int
    max Integer
    min Integer
    max number
    min number
    max int
    min int
    max Number
    min Number

    Package Details

    Repository
    Auth0 pulumi/pulumi-auth0
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the auth0 Terraform Provider.
    auth0 logo
    Auth0 v3.8.3 published on Wednesday, Nov 6, 2024 by Pulumi