Resource: auth0_client

With this resource, you can set up applications that use Auth0 for authentication and configure allowed callback URLs and secrets for these applications.

Example Usage

resource "auth0_client" "my_client" {
  name                                = "Application - Acceptance Test"
  description                         = "Test Applications Long Description"
  app_type                            = "non_interactive"
  custom_login_page_on                = true
  is_first_party                      = true
  is_token_endpoint_ip_header_trusted = true
  oidc_conformant                     = false
  callbacks                           = ["https://example.com/callback"]
  allowed_origins                     = ["https://example.com"]
  allowed_logout_urls                 = ["https://example.com"]
  web_origins                         = ["https://example.com"]
  grant_types = [
    "authorization_code",
    "http://auth0.com/oauth/grant-type/password-realm",
    "implicit",
    "password",
    "refresh_token"
  ]
  client_metadata = {
    foo = "zoo"
  }

  jwt_configuration {
    lifetime_in_seconds = 300
    secret_encoded      = true
    alg                 = "RS256"
    scopes = {
      foo = "bar"
    }
  }

  refresh_token {
    leeway          = 0
    token_lifetime  = 2592000
    rotation_type   = "rotating"
    expiration_type = "expiring"
  }

  mobile {
    ios {
      team_id               = "9JA89QQLNQ"
      app_bundle_identifier = "com.my.bundle.id"
    }
  }

  addons {
    samlp {
      audience = "https://example.com/saml"
      issuer   = "https://example.com"
      mappings = {
        email = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
        name  = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
      }
      create_upn_claim                   = false
      passthrough_claims_with_no_mapping = false
      map_unknown_claims_as_is           = false
      map_identities                     = false
      name_identifier_format             = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
      name_identifier_probes = [
        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
      ]
      signing_cert = "-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n"
    }
  }
}

Schema

Required

Optional

Read-Only

Nested Schema for addons

Optional:

Nested Schema for addons.aws

Optional:

Nested Schema for addons.azure_blob

Optional:

Nested Schema for addons.azure_sb

Optional:

Nested Schema for addons.box

Nested Schema for addons.cloudbees

Nested Schema for addons.concur

Nested Schema for addons.dropbox

Nested Schema for addons.echosign

Optional:

Nested Schema for addons.egnyte

Optional:

Nested Schema for addons.firebase

Optional:

Nested Schema for addons.layer

Required:

Optional:

Nested Schema for addons.mscrm

Optional:

Nested Schema for addons.newrelic

Optional:

Nested Schema for addons.office365

Optional:

Nested Schema for addons.rms

Optional:

Nested Schema for addons.salesforce

Optional:

Nested Schema for addons.salesforce_api

Optional:

Nested Schema for addons.salesforce_sandbox_api

Optional:

Nested Schema for addons.samlp

Optional:

Nested Schema for addons.samlp.logout

Optional:

Nested Schema for addons.sap_api

Optional:

Nested Schema for addons.sentry

Optional:

Nested Schema for addons.sharepoint

Optional:

Nested Schema for addons.slack

Optional:

Nested Schema for addons.springcm

Optional:

Nested Schema for addons.sso_integration

Optional:

Nested Schema for addons.wams

Optional:

Nested Schema for addons.wsfed

Nested Schema for addons.zendesk

Optional:

Nested Schema for addons.zoom

Optional:

Nested Schema for jwt_configuration

Optional:

Nested Schema for mobile

Optional:

Nested Schema for mobile.android

Optional:

Nested Schema for mobile.ios

Optional:

Nested Schema for native_social_login

Optional:

Nested Schema for native_social_login.apple

Optional:

Nested Schema for native_social_login.facebook

Optional:

Nested Schema for refresh_token

Required:

Optional:

Import

Import is supported using the following syntax:

# This resource can be imported by specifying the client ID.
#
# Example:
terraform import auth0_client.my_client "AaiyAPdpYdesoKnqjj8HJqRn4T5titww"