With this resource, you can configure the method to use when making requests to any endpoint that requires this client to authenticate.
resource "auth0_client" "my_client" {
name = "Application - Acceptance Test"
app_type = "non_interactive"
jwt_configuration {
alg = "RS256"
}
}
# Configuring client_secret_post as an authentication method.
resource "auth0_client_credentials" "test" {
client_id = auth0_client.my_client.id
authentication_method = "client_secret_post"
}
# Configuring client_secret_basic as an authentication method.
resource "auth0_client_credentials" "test" {
client_id = auth0_client.my_client.id
authentication_method = "client_secret_basic"
}
# Configuring none as an authentication method.
resource "auth0_client_credentials" "test" {
client_id = auth0_client.my_client.id
authentication_method = "none"
}
# Configuring private_key_jwt as an authentication method.
resource "auth0_client_credentials" "test" {
client_id = auth0_client.my_client.id
authentication_method = "private_key_jwt"
private_key_jwt {
credentials {
name = "Testing Credentials 1"
credential_type = "public_key"
algorithm = "RS256"
parse_expiry_from_cert = true
pem = <<EOF
-----BEGIN CERTIFICATE-----
MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
-----END CERTIFICATE-----
EOF
}
}
}
# Configuring the client_secret.
resource "auth0_client_credentials" "test" {
client_id = auth0_client.my_client.id
authentication_method = "client_secret_basic"
client_secret = "LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341"
}
authentication_method
(String) Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include none
(public client without a client secret), client_secret_post
(confidential client using HTTP POST parameters), client_secret_basic
(confidential client using HTTP Basic), private_key_jwt
(confidential client using a Private Key JWT).client_id
(String) The ID of the client for which to configure the authentication method.client_secret
(String, Sensitive) Secret for the client when using client_secret_post
or client_secret_basic
authentication method. Keep this private. To access this attribute you need to add the read:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in case private_key_jwt
is selected as an authentication method.private_key_jwt
(Block List, Max: 1) Defines private_key_jwt
client authentication method. (see below for nested schema)id
(String) The ID of this resource.private_key_jwt
Required:
credentials
(Block List, Min: 1, Max: 2) Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set. (see below for nested schema)private_key_jwt.credentials
Required:
credential_type
(String) Credential type. Supported types: public_key
.pem
(String) PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.Optional:
algorithm
(String) Algorithm which will be used with the credential. Can be one of RS256
, RS384
, PS256
. If not specified, RS256
will be used.expires_at
(String) The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.name
(String) Friendly name for a credential.parse_expiry_from_cert
(Boolean) Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the expires_at
is set the credential expiry will be set to the explicit expires_at
value.Read-Only:
created_at
(String) The ISO 8601 formatted date the credential was created.id
(String) The ID of the client credential.key_id
(String) The key identifier of the credential, generated on creation.updated_at
(String) The ISO 8601 formatted date the credential was updated.Import is supported using the following syntax:
# This resource can be imported by specifying the client ID.
#
# Example:
terraform import auth0_client_credentials.my_creds "AaiyAPdpYdesoKnqjj8HJqRn4T5titww"