Data source to retrieve a specific Auth0 application client by client_id
or name
.
# An Auth0 Client loaded using its name.
data "auth0_client" "some-client-by-name" {
name = "Name of my Application"
}
# An Auth0 Client loaded using its ID.
data "auth0_client" "some-client-by-id" {
client_id = "abcdefghkijklmnopqrstuvwxyz0123456789"
}
client_id
(String) The ID of the client. If not provided, name
must be set.name
(String) The name of the client. If not provided, client_id
must be set.addons
(List of Object) Addons enabled for this client and their associated configurations. (see below for nested schema)allowed_clients
(List of String) List of applications ID's that will be allowed to make delegation request. By default, all applications will be allowed.allowed_logout_urls
(List of String) URLs that Auth0 may redirect to after logout.allowed_origins
(List of String) URLs that represent valid origins for cross-origin resource sharing. By default, all your callback URLs will be allowed.app_type
(String) Type of application the client represents. Possible values are: native
, spa
, regular_web
, non_interactive
, sso_integration
. Specific SSO integrations types accepted as well are: rms
, box
, cloudbees
, concur
, dropbox
, mscrm
, echosign
, egnyte
, newrelic
, office365
, salesforce
, sentry
, sharepoint
, slack
, springcm
, zendesk
, zoom
.callbacks
(List of String) URLs that Auth0 may call back to after a user authenticates for the client. Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native clients, all callbacks should use protocol https://.client_aliases
(List of String) List of audiences/realms for SAML protocol. Used by the wsfed addon.client_metadata
(Map of String) Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/\()<>@ [Tab] [Space]
.client_secret
(String, Sensitive) Secret for the client. Keep this private. To access this attribute you need to add the read:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string.cross_origin_auth
(Boolean) Whether this client can be used to make cross-origin authentication requests (true
) or it is not allowed to make such requests (false
).cross_origin_loc
(String) URL of the location in your site where the cross-origin verification takes place for the cross-origin auth flow when performing authentication in your own domain instead of Auth0 Universal Login page.custom_login_page
(String) The content (HTML, CSS, JS) of the custom login page.custom_login_page_on
(Boolean) Indicates whether a custom login page is to be used.description
(String) Description of the purpose of the client.encryption_key
(Map of String) Encryption used for WS-Fed responses with this client.form_template
(String) HTML form template to be used for WS-Federation.grant_types
(List of String) Types of grants that this client is authorized to use.id
(String) The ID of this resource.initiate_login_uri
(String) Initiate login URI. Must be HTTPS or an empty string.is_first_party
(Boolean) Indicates whether this client is a first-party client.is_token_endpoint_ip_header_trusted
(Boolean) Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to client_secret_post
or client_secret_basic
. Setting this property when creating the resource, will default the authentication method to client_secret_post
. To change the authentication method to client_secret_basic
use the auth0_client_credentials
resource.jwt_configuration
(List of Object) Configuration settings for the JWTs issued for this client. (see below for nested schema)logo_uri
(String) URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown.mobile
(List of Object) Additional configuration for native mobile apps. (see below for nested schema)native_social_login
(List of Object) Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to false
in order to change the app_type
. (see below for nested schema)oidc_backchannel_logout_urls
(Set of String) Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.oidc_conformant
(Boolean) Indicates whether this client will conform to strict OIDC specifications.organization_require_behavior
(String) Defines how to proceed during an authentication transaction when organization_usage = "require"
. Can be no_prompt
(default), pre_login_prompt
or post_login_prompt
.organization_usage
(String) Defines how to proceed during an authentication transaction with regards to an organization. Can be deny
(default), allow
or require
.refresh_token
(List of Object) Configuration settings for the refresh tokens issued for this client. (see below for nested schema)require_pushed_authorization_requests
(Boolean) Makes the use of Pushed Authorization Requests mandatory for this client. This feature currently needs to be enabled on the tenant in order to make use of it.signing_keys
(List of Map of String) List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7.sso
(Boolean) Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false).sso_disabled
(Boolean) Indicates whether or not SSO is disabled.token_endpoint_auth_method
(String) The authentication method for the token endpoint. Results include none
(public client without a client secret), client_secret_post
(client uses HTTP POST parameters), client_secret_basic
(client uses HTTP Basic). Managing a client's authentication method can be done via the auth0_client_credentials
resource.web_origins
(List of String) URLs that represent valid web origins for use with web message response mode.addons
Read-Only:
aws
(List of Object) (see below for nested schema)azure_blob
(List of Object) (see below for nested schema)azure_sb
(List of Object) (see below for nested schema)box
(List of Object) (see below for nested schema)cloudbees
(List of Object) (see below for nested schema)concur
(List of Object) (see below for nested schema)dropbox
(List of Object) (see below for nested schema)echosign
(List of Object) (see below for nested schema)egnyte
(List of Object) (see below for nested schema)firebase
(List of Object) (see below for nested schema)layer
(List of Object) (see below for nested schema)mscrm
(List of Object) (see below for nested schema)newrelic
(List of Object) (see below for nested schema)office365
(List of Object) (see below for nested schema)rms
(List of Object) (see below for nested schema)salesforce
(List of Object) (see below for nested schema)salesforce_api
(List of Object) (see below for nested schema)salesforce_sandbox_api
(List of Object) (see below for nested schema)samlp
(List of Object) (see below for nested schema)sap_api
(List of Object) (see below for nested schema)sentry
(List of Object) (see below for nested schema)sharepoint
(List of Object) (see below for nested schema)slack
(List of Object) (see below for nested schema)springcm
(List of Object) (see below for nested schema)sso_integration
(List of Object) (see below for nested schema)wams
(List of Object) (see below for nested schema)wsfed
(List of Object) (see below for nested schema)zendesk
(List of Object) (see below for nested schema)zoom
(List of Object) (see below for nested schema)addons.aws
Read-Only:
lifetime_in_seconds
(Number)principal
(String)role
(String)addons.azure_blob
Read-Only:
account_name
(String)blob_delete
(Boolean)blob_name
(String)blob_read
(Boolean)blob_write
(Boolean)container_delete
(Boolean)container_list
(Boolean)container_name
(String)container_read
(Boolean)container_write
(Boolean)expiration
(Number)signed_identifier
(String)storage_access_key
(String)addons.azure_sb
Read-Only:
entity_path
(String)expiration
(Number)namespace
(String)sas_key
(String)sas_key_name
(String)addons.box
Read-Only:
addons.cloudbees
Read-Only:
addons.concur
Read-Only:
addons.dropbox
Read-Only:
addons.echosign
Read-Only:
domain
(String)addons.egnyte
Read-Only:
domain
(String)addons.firebase
Read-Only:
client_email
(String)lifetime_in_seconds
(Number)private_key
(String)private_key_id
(String)secret
(String)addons.layer
Read-Only:
expiration
(Number)key_id
(String)principal
(String)private_key
(String)provider_id
(String)addons.mscrm
Read-Only:
url
(String)addons.newrelic
Read-Only:
account
(String)addons.office365
Read-Only:
connection
(String)domain
(String)addons.rms
Read-Only:
url
(String)addons.salesforce
Read-Only:
entity_id
(String)addons.salesforce_api
Read-Only:
client_id
(String)community_name
(String)community_url_section
(String)principal
(String)addons.salesforce_sandbox_api
Read-Only:
client_id
(String)community_name
(String)community_url_section
(String)principal
(String)addons.samlp
Read-Only:
audience
(String)authn_context_class_ref
(String)binding
(String)create_upn_claim
(Boolean)destination
(String)digest_algorithm
(String)include_attribute_name_format
(Boolean)issuer
(String)lifetime_in_seconds
(Number)logout
(List of Object) (see below for nested schema)map_identities
(Boolean)map_unknown_claims_as_is
(Boolean)mappings
(Map of String)name_identifier_format
(String)name_identifier_probes
(List of String)passthrough_claims_with_no_mapping
(Boolean)recipient
(String)sign_response
(Boolean)signature_algorithm
(String)signing_cert
(String)typed_attributes
(Boolean)addons.samlp.logout
Read-Only:
callback
(String)slo_enabled
(Boolean)addons.sap_api
Read-Only:
client_id
(String)name_identifier_format
(String)scope
(String)service_password
(String)token_endpoint_url
(String)username_attribute
(String)addons.sentry
Read-Only:
base_url
(String)org_slug
(String)addons.sharepoint
Read-Only:
external_url
(List of String)url
(String)addons.slack
Read-Only:
team
(String)addons.springcm
Read-Only:
acs_url
(String)addons.sso_integration
Read-Only:
name
(String)version
(String)addons.wams
Read-Only:
master_key
(String)addons.wsfed
Read-Only:
addons.zendesk
Read-Only:
account_name
(String)addons.zoom
Read-Only:
account
(String)jwt_configuration
Read-Only:
alg
(String)lifetime_in_seconds
(Number)scopes
(Map of String)secret_encoded
(Boolean)mobile
Read-Only:
android
(List of Object) (see below for nested schema)ios
(List of Object) (see below for nested schema)mobile.android
Read-Only:
app_package_name
(String)sha256_cert_fingerprints
(List of String)mobile.ios
Read-Only:
app_bundle_identifier
(String)team_id
(String)native_social_login
Read-Only:
apple
(List of Object) (see below for nested schema)facebook
(List of Object) (see below for nested schema)native_social_login.apple
Read-Only:
enabled
(Boolean)native_social_login.facebook
Read-Only:
enabled
(Boolean)refresh_token
Read-Only:
expiration_type
(String)idle_token_lifetime
(Number)infinite_idle_token_lifetime
(Boolean)infinite_token_lifetime
(Boolean)leeway
(Number)rotation_type
(String)token_lifetime
(Number)