jti and aud of all tokens in the blacklist."
- },
- "response": []
- },
- {
- "name": "Blacklist a token",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"aud\": \"\",\r\n \"jti\": \"\"\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/blacklists/tokens",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "blacklists",
- "tokens"
- ]
- },
- "description": "Adds the token identified by the jti to a blacklist for the tenant."
- },
- "response": []
- }
- ],
- "description": "Blacklists"
- },
- {
- "name": "Client Grants",
- "item": [
- {
- "name": "Get all client grants",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/client-grants",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "client-grants"
- ]
- }
- },
- "response": []
- },
- {
- "name": "Create a client grant",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"client_id\": \"\",\r\n \"audience\": \"\",\r\n \"scope\": [\r\n \"\"\r\n ]\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/client-grants",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "client-grants"
- ]
- }
- },
- "response": []
- },
- {
- "name": "Delete a client grant",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/client-grants/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "client-grants",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- }
- },
- "response": []
- },
- {
- "name": "Update a client grant",
- "request": {
- "method": "PATCH",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"scope\": [\r\n \"\"\r\n ]\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/client-grants/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "client-grants",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- }
- },
- "response": []
- }
- ],
- "description": "Client Grants"
- },
- {
- "name": "Clients",
- "item": [
- {
- "name": "Get all clients",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/clients",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "clients"
- ]
- },
- "description": "Retrieves a list of all client applications. Accepts a list of fields to include or exclude.client_secret and encryption_key attributes can only be retrieved with the read:client_keys scope."
- },
- "response": []
- },
- {
- "name": "Create a client",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"name\": \"\",\r\n \"client_secret\": \"\",\r\n \"logo_uri\": \"\",\r\n \"callbacks\": [\r\n \"\"\r\n ],\r\n \"allowed_origins\": [\r\n \"\"\r\n ],\r\n \"client_aliases\": [\r\n \"\"\r\n ],\r\n \"allowed_clients\": [\r\n \"\"\r\n ],\r\n \"allowed_logout_urls\": [\r\n \"\"\r\n ],\r\n \"token_endpoint_auth_method\": \"\",\r\n \"app_type\": \"\",\r\n \"is_first_party\": true,\r\n \"jwt_configuration\": {\r\n \"lifetime_in_seconds\": 0,\r\n \"secret_encoded\": true,\r\n \"scopes\": {},\r\n \"alg\": \"\"\r\n },\r\n \"encryption_key\": {\r\n \"pub\": \"\",\r\n \"cert\": \"\"\r\n },\r\n \"sso\": true,\r\n \"custom_login_page_on\": true,\r\n \"custom_login_page\": \"\",\r\n \"custom_login_page_preview\": \"\",\r\n \"form_template\": \"\",\r\n \"is_heroku_app\": true,\r\n \"addons\": {\r\n \"aws\": {},\r\n \"azure_blob\": {},\r\n \"azure_sb\": {},\r\n \"rms\": {},\r\n \"mscrm\": {},\r\n \"slack\": {},\r\n \"box\": {},\r\n \"cloudbees\": {},\r\n \"concur\": {},\r\n \"dropbox\": {},\r\n \"echosign\": {},\r\n \"egnyte\": {},\r\n \"firebase\": {},\r\n \"newrelic\": {},\r\n \"office365\": {},\r\n \"salesforce\": {},\r\n \"salesforce_api\": {},\r\n \"salesforce_sandbox_api\": {},\r\n \"samlp\": {},\r\n \"layer\": {},\r\n \"sap_api\": {},\r\n \"sharepoint\": {},\r\n \"springcm\": {},\r\n \"wams\": {},\r\n \"wsfed\": {},\r\n \"zendesk\": {},\r\n \"zoom\": {}\r\n },\r\n \"resource_servers\": [\r\n {\r\n \"identifier\": \"\",\r\n \"scopes\": [\r\n \"\"\r\n ]\r\n }\r\n ],\r\n \"client_metadata\": {},\r\n \"mobile\": {\r\n \"android\": {},\r\n \"ios\": {}\r\n }\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/clients",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "clients"
- ]
- },
- "description": "Creates a new client application. The samples on the right show every attribute that can be used."
- },
- "response": []
- },
- {
- "name": "Get a client",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/clients/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "clients",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Retrieves a client by its id.client_secret,encryption_key and signing_keys attributes can only be retrieved with the read:client_keys scope."
- },
- "response": []
- },
- {
- "name": "Delete a client",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/clients/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "clients",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Deletes a client and all its related assets (like rules, connections, etc) given its id."
- },
- "response": []
- },
- {
- "name": "Update a client",
- "request": {
- "method": "PATCH",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"name\": \"\",\r\n \"client_secret\": \"\",\r\n \"logo_uri\": \"\",\r\n \"callbacks\": [\r\n \"\"\r\n ],\r\n \"allowed_origins\": [\r\n \"\"\r\n ],\r\n \"client_aliases\": [\r\n \"\"\r\n ],\r\n \"allowed_clients\": [\r\n \"\"\r\n ],\r\n \"allowed_logout_urls\": [\r\n \"\"\r\n ],\r\n \"jwt_configuration\": {\r\n \"lifetime_in_seconds\": 0,\r\n \"secret_encoded\": true,\r\n \"scopes\": {},\r\n \"alg\": \"\"\r\n },\r\n \"encryption_key\": {\r\n \"pub\": \"\",\r\n \"cert\": \"\",\r\n \"subject\": \"\"\r\n },\r\n \"sso\": true,\r\n \"custom_login_page_on\": true,\r\n \"token_endpoint_auth_method\": \"\",\r\n \"app_type\": \"\",\r\n \"is_first_party\": true,\r\n \"custom_login_page\": \"\",\r\n \"custom_login_page_preview\": \"\",\r\n \"form_template\": \"\",\r\n \"addons\": {\r\n \"aws\": {},\r\n \"azure_blob\": {},\r\n \"azure_sb\": {},\r\n \"rms\": {},\r\n \"mscrm\": {},\r\n \"slack\": {},\r\n \"box\": {},\r\n \"cloudbees\": {},\r\n \"concur\": {},\r\n \"dropbox\": {},\r\n \"echosign\": {},\r\n \"egnyte\": {},\r\n \"firebase\": {},\r\n \"newrelic\": {},\r\n \"office365\": {},\r\n \"salesforce\": {},\r\n \"salesforce_api\": {},\r\n \"salesforce_sandbox_api\": {},\r\n \"samlp\": {},\r\n \"layer\": {},\r\n \"sap_api\": {},\r\n \"sharepoint\": {},\r\n \"springcm\": {},\r\n \"wams\": {},\r\n \"wsfed\": {},\r\n \"zendesk\": {},\r\n \"zoom\": {}\r\n },\r\n \"resource_servers\": [\r\n {\r\n \"identifier\": \"\",\r\n \"scopes\": [\r\n \"\"\r\n ]\r\n }\r\n ],\r\n \"client_metadata\": {},\r\n \"mobile\": {\r\n \"android\": {},\r\n \"ios\": {}\r\n }\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/clients/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "clients",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Important: The client_secret and encryption_key attributes can only be updated with the update:client_keys scope."
- },
- "response": []
- }
- ],
- "description": "Clients"
- },
- {
- "name": "Connections",
- "item": [
- {
- "name": "Get all connections",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/connections",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "connections"
- ]
- },
- "description": "Retrieves every connection matching the specified strategy. All connections are retrieved if no strategy is being specified. Accepts a list of fields to include or exclude in the resulting list of connection objects."
- },
- "response": []
- },
- {
- "name": "Create a connection",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"name\": \"\",\r\n \"strategy\": \"\",\r\n \"options\": {\r\n \"validation\": {},\r\n \"passwordPolicy\": \"\",\r\n \"password_history\": {},\r\n \"password_no_personal_info\": {},\r\n \"password_dictionary\": {}\r\n },\r\n \"enabled_clients\": [\r\n \"\"\r\n ]\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/connections",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "connections"
- ]
- },
- "description": "Creates a new connection according to the JSON object received in body.name and strategy.ad, adfs, amazon, dropbox, bitbucket, aol, auth0-adldap, auth0-oidc, auth0, baidu, bitly, box, custom, dwolla, email, evernote-sandbox, evernote, exact, facebook, fitbit, flickr, github, google-apps, google-oauth2, google-openid, instagram, ip, linkedin, miicard, oauth1, oauth2, office365, paypal, pingfederate, planningcenter, renren, salesforce-community, salesforce-sandbox, salesforce, samlp, sharepoint, shopify, sms, soundcloud, thecity-sandbox, thecity, thirtysevensignals, twitter, untappd, vkontakte, waad, weibo, windowslive, wordpress, yahoo, yammer, yandex"
- },
- "response": []
- },
- {
- "name": "Get a connection",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/connections/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "connections",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Retrieves a connection by its id."
- },
- "response": []
- },
- {
- "name": "Delete a connection",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/connections/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "connections",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Deletes a connection and all its users."
- },
- "response": []
- },
- {
- "name": "Update a connection",
- "request": {
- "method": "PATCH",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"options\": {\r\n \"validation\": {},\r\n \"passwordPolicy\": \"\",\r\n \"password_history\": {},\r\n \"password_no_personal_info\": {},\r\n \"password_dictionary\": {}\r\n },\r\n \"enabled_clients\": [\r\n \"\"\r\n ]\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/connections/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "connections",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Note: if you use the options parameter, the whole options object will be overridden, ensure all parameters are present"
- },
- "response": []
- },
- {
- "name": "Delete a connection user",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/connections/:id/users",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "connections",
- ":id",
- "users"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Deletes a specified connection user by its email (currently only database connections are supported and you cannot delete all users from specific connection)."
- },
- "response": []
- }
- ],
- "description": "Connections"
- },
- {
- "name": "Device Credentials",
- "item": [
- {
- "name": "List device credentials",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/device-credentials",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "device-credentials"
- ]
- },
- "description": "You can use the device-credentials endpoint using Basic authentication with username and password from a database connectionAuthorization: Basic base64(\"{db_conn_name}\\{user}:{password}\")\n"
- },
- "response": []
- },
- {
- "name": "Create a device public key",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"device_name\": \"\",\r\n \"type\": \"\",\r\n \"value\": \"\",\r\n \"device_id\": \"\",\r\n \"client_id\": \"\"\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/device-credentials",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "device-credentials"
- ]
- },
- "description": "You can use the device-credentials endpoint using Basic authentication with username and password from a database connectionAuthorization: Basic base64(\"{db_conn_name}\\{user}:{password}\")\n"
- },
- "response": []
- },
- {
- "name": "Delete a device credential",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/device-credentials/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "device-credentials",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "You can use the device-credentials endpoint using Basic authentication with username and password from a database connectionAuthorization: Basic base64(\"{db_conn_name}\\{user}:{password}\")\n"
- },
- "response": []
- }
- ],
- "description": "Device Credentials"
- },
- {
- "name": "Emails",
- "item": [
- {
- "name": "Get the email provider",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/emails/provider",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "emails",
- "provider"
- ]
- }
- },
- "response": []
- },
- {
- "name": "Delete the email provider",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/emails/provider",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "emails",
- "provider"
- ]
- },
- "description": "USE WITH CAUTION"
- },
- "response": []
- },
- {
- "name": "Configure the email provider",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"name\": \"\",\r\n \"enabled\": true,\r\n \"default_from_address\": \"\",\r\n \"credentials\": {\r\n \"api_key\": \"\"\r\n },\r\n \"settings\": {}\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/emails/provider",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "emails",
- "provider"
- ]
- }
- },
- "response": []
- },
- {
- "name": "Update the email provider",
- "request": {
- "method": "PATCH",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"name\": \"\",\r\n \"enabled\": true,\r\n \"default_from_address\": \"\",\r\n \"credentials\": {\r\n \"api_key\": \"\"\r\n },\r\n \"settings\": {}\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/emails/provider",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "emails",
- "provider"
- ]
- }
- },
- "response": []
- }
- ],
- "description": "Emails"
- },
- {
- "name": "Guardian",
- "item": [
- {
- "name": "Get a list of factors and statuses",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/guardian/factors",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "guardian",
- "factors"
- ]
- },
- "description": "Retrieves all factors. Useful to check factor enablement and trial status."
- },
- "response": []
- },
- {
- "name": "Get a Guardian enrollment",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/guardian/enrollments/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "guardian",
- "enrollments",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Retrieves an enrollment. Useful to check its type and related metadata."
- },
- "response": []
- },
- {
- "name": "Delete a Guardian enrollment",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/guardian/enrollments/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "guardian",
- "enrollments",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Deletes an enrollment. Useful when you want to force re-enroll."
- },
- "response": []
- },
- {
- "name": "Get enrollment and verification templates",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/guardian/factors/sms/templates",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "guardian",
- "factors",
- "sms",
- "templates"
- ]
- },
- "description": "Retrieve both templates. Useful to check if a different template than default were set."
- },
- "response": []
- },
- {
- "name": "Update enrollment and verification SMS templates.",
- "request": {
- "method": "PUT",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"enrollment_message\": \"\",\r\n \"verification_message\": \"\"\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/guardian/factors/sms/templates",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "guardian",
- "factors",
- "sms",
- "templates"
- ]
- },
- "description": "Useful to send custom messages on sms enrollment and verification"
- },
- "response": []
- },
- {
- "name": "Get Guardian factor provider",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/guardian/factors/:factor_name/providers/:name",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "guardian",
- "factors",
- ":factor_name",
- "providers",
- ":name"
- ],
- "variable": [
- {
- "key": "factor_name"
- },
- {
- "key": "name"
- }
- ]
- },
- "description": "Returns provider configuration"
- },
- "response": []
- },
- {
- "name": "Update Guardian Factor",
- "request": {
- "method": "PUT",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"enabled\": true\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/guardian/factors/:name",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "guardian",
- "factors",
- ":name"
- ],
- "variable": [
- {
- "key": "name"
- }
- ]
- },
- "description": "Useful to enable / disable factor"
- },
- "response": []
- },
- {
- "name": "Update Guardian's Twilio SMS factor provider",
- "request": {
- "method": "PUT",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"from\": \"\",\r\n \"messaging_service_sid\": \"\",\r\n \"auth_token\": \"\",\r\n \"sid\": \"\"\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/guardian/factors/sms/providers/twilio",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "guardian",
- "factors",
- "sms",
- "providers",
- "twilio"
- ]
- },
- "description": "Useful to configure SMS provider"
- },
- "response": []
- }
- ],
- "description": "Guardian"
- },
- {
- "name": "Jobs",
- "item": [
- {
- "name": "Get a job",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/jobs/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "jobs",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Retrieves a job. Useful to check its status."
- },
- "response": []
- },
- {
- "name": "Get failed job error details",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/jobs/:id/errors",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "jobs",
- ":id",
- "errors"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- }
- },
- "response": []
- },
- {
- "name": "Import users",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/jobs/users-imports",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "jobs",
- "users-imports"
- ]
- },
- "description": "Imports users to a connection from a file using a long running job. Important: The documentation for the file format is here."
- },
- "response": []
- },
- {
- "name": "Send a \"verify email address\" email",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"user_id\": \"\"\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/jobs/verification-email",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "jobs",
- "verification-email"
- ]
- },
- "description": "Send an email to the specified user that asks them to click a link to verify their email address."
- },
- "response": []
- }
- ],
- "description": "Jobs"
- },
- {
- "name": "Logs",
- "item": [
- {
- "name": "Search log events",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/logs",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "logs"
- ]
- },
- "description": "Retrieves log entries that match the specified search criteria (or list all entries if no criteria is used).q parameter or you can search by a specific log ID (search by checkpoint):field:order, where order is 1 for ascending and -1 for descending. For example date:-1true if the fields specified are to be included in the result, false otherwise. Defaults to truetrue if a query summary must be included in the result, false otherwise. Default false.take parameter.from parameter.enabled parameter can be specified to get enabled or disabled rules. The rule's stage of executing could be set to the following values login_success, login_failure or pre_authorize"
- },
- "response": []
- },
- {
- "name": "Create a rule",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"name\": \"\",\r\n \"script\": \"\",\r\n \"order\": {},\r\n \"enabled\": true,\r\n \"stage\": \"\"\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/rules",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "rules"
- ]
- },
- "description": "Creates a new rule according to the JSON object received in body.name and scriptNote: Changing a rule's stage of execution from the default login_success can change the rule's function signature to have user omitted."
- },
- "response": []
- },
- {
- "name": "Get a rule",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/rules/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "rules",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Retrieves a rule by its ID. Accepts a list of fields to include or exclude in the result."
- },
- "response": []
- },
- {
- "name": "Delete a rule",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/rules/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "rules",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- }
- },
- "response": []
- },
- {
- "name": "Update a rule",
- "request": {
- "method": "PATCH",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"script\": \"\",\r\n \"name\": \"\",\r\n \"order\": {},\r\n \"enabled\": true\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/rules/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "rules",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- }
- },
- "response": []
- }
- ],
- "description": "Rules"
- },
- {
- "name": "Stats",
- "item": [
- {
- "name": "Get active users count",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/stats/active-users",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "stats",
- "active-users"
- ]
- },
- "description": "Gets the active users count (logged in during the last 30 days)."
- },
- "response": []
- },
- {
- "name": "Get daily stats",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/stats/daily",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "stats",
- "daily"
- ]
- },
- "description": "Gets the daily stats for a particular period."
- },
- "response": []
- }
- ],
- "description": "Stats"
- },
- {
- "name": "Tenants",
- "item": [
- {
- "name": "Get tenant settings",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/tenants/settings",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "tenants",
- "settings"
- ]
- }
- },
- "response": []
- },
- {
- "name": "Update tenant settings",
- "request": {
- "method": "PATCH",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"change_password\": {\r\n \"enabled\": true,\r\n \"html\": \"\"\r\n },\r\n \"guardian_mfa_page\": {\r\n \"enabled\": true,\r\n \"html\": \"\"\r\n },\r\n \"error_page\": {\r\n \"html\": \"\",\r\n \"show_log_link\": true,\r\n \"url\": \"\"\r\n },\r\n \"flags\": {\r\n \"change_pwd_flow_v1\": true,\r\n \"enable_client_connections\": true,\r\n \"enable_apis_section\": true,\r\n \"enable_pipeline2\": true\r\n },\r\n \"friendly_name\": \"\",\r\n \"picture_url\": \"\",\r\n \"support_email\": \"\",\r\n \"support_url\": \"\",\r\n \"allowed_logout_urls\": [\r\n \"\"\r\n ],\r\n \"session_lifetime\": 0\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/tenants/settings",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "tenants",
- "settings"
- ]
- }
- },
- "response": []
- }
- ],
- "description": "Tenants"
- },
- {
- "name": "Tickets",
- "item": [
- {
- "name": "Create an email verification ticket",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"result_url\": \"\",\r\n \"user_id\": \"\"\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/tickets/email-verification",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "tickets",
- "email-verification"
- ]
- }
- },
- "response": []
- },
- {
- "name": "Create a password change ticket",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"result_url\": \"\",\r\n \"user_id\": \"\",\r\n \"new_password\": \"\",\r\n \"connection_id\": \"\",\r\n \"email\": \"\",\r\n \"ttl_sec\": 0\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/tickets/password-change",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "tickets",
- "password-change"
- ]
- }
- },
- "response": []
- }
- ],
- "description": "Tickets"
- },
- {
- "name": "User Blocks",
- "item": [
- {
- "name": "Get blocks by identifier",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/user-blocks",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "user-blocks"
- ]
- }
- },
- "response": []
- },
- {
- "name": "Unblock by identifier",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/user-blocks",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "user-blocks"
- ]
- }
- },
- "response": []
- },
- {
- "name": "Get a user's blocks",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/user-blocks/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "user-blocks",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- }
- },
- "response": []
- },
- {
- "name": "Unblock a user",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/user-blocks/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "user-blocks",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- }
- },
- "response": []
- }
- ],
- "description": "User Blocks"
- },
- {
- "name": "Users",
- "item": [
- {
- "name": "List or search users",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/users",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "users"
- ]
- }
- },
- "response": []
- },
- {
- "name": "Create a user",
- "request": {
- "method": "POST",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"connection\": \"\",\r\n \"email\": \"\",\r\n \"username\": \"\",\r\n \"password\": \"\",\r\n \"phone_number\": \"\",\r\n \"user_metadata\": {},\r\n \"email_verified\": true,\r\n \"app_metadata\": {}\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/users",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "users"
- ]
- },
- "description": "Creates a new user according to the JSON object received in body.connection is always mandatory but depending on the type of connection you are using there could be others too. For instance, Auth0 DB Connections require email and password."
- },
- "response": []
- },
- {
- "name": "Get a user",
- "request": {
- "method": "GET",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/users/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "users",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- }
- },
- "response": []
- },
- {
- "name": "Delete a user",
- "request": {
- "method": "DELETE",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": ""
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/users/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "users",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- }
- },
- "response": []
- },
- {
- "name": "Update a user",
- "request": {
- "method": "PATCH",
- "header": [
- {
- "key": "Authorization",
- "value": "Bearer {{auth0_token}}"
- },
- {
- "key": "Content-Type",
- "value": "application/json"
- }
- ],
- "body": {
- "mode": "raw",
- "raw": "{\r\n \"blocked\": true,\r\n \"email_verified\": true,\r\n \"email\": \"\",\r\n \"verify_email\": true,\r\n \"phone_number\": \"\",\r\n \"phone_verified\": true,\r\n \"verify_phone_number\": true,\r\n \"password\": \"\",\r\n \"verify_password\": true,\r\n \"user_metadata\": {},\r\n \"app_metadata\": {},\r\n \"connection\": \"\",\r\n \"username\": \"\",\r\n \"client_id\": \"\"\r\n}"
- },
- "url": {
- "raw": "https://{{auth0_domain}}/api/v2/users/:id",
- "protocol": "https",
- "host": [
- "{{auth0_domain}}"
- ],
- "path": [
- "api",
- "v2",
- "users",
- ":id"
- ],
- "variable": [
- {
- "key": "id"
- }
- ]
- },
- "description": "Updates a user with the object's properties received in the request's body (the object should be a JSON object).user_metadata and app_metadata). These properties are merged instead of being replaced but be careful, the merge only occurs on the first level.email_verified, phone_verified, username or password you need to specify the connection property too.email or phone_number you need to specify the connection and the client_id properties.{ \"email_verified\": true }user_metadata:{ \"user_metadata\" : { \"profileCode\": 1479 } }addresses the body to send should be:{ \"user_metadata\" : { \"addresses\": {\"work_address\": \"100 Industrial Way\"} }}user_metadata property:{\n \"user_metadata\": {\n \"profileCode\": 1479,\n \"addresses\": { \"work_address\": \"100 Industrial Way\" }\n }\n}\"home_address\": \"742 Evergreen Terrace\" in addresses we should send the whole addresses object (since this object is on the first level, it will be merged in, but it's own properties won't). The body to send should be:\n{\n \"user_metadata\": {\n \"addresses\": {\n \"work_address\": \"100 Industrial Way\",\n \"home_address\": \"742 Evergreen Terrace\"\n }\n }\n}user_metadata property:{\n \"user_metadata\": {\n \"profileCode\": 1479,\n \"addresses\": {\n \"work_address\": \"100 Industrial Way\",\n \"home_address\": \"742 Evergreen Terrace\"\n }\n }\n}id param of the URL (primary account).update:current_user_identities scope:\n\nPOST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities\nAuthorization: \"Bearer PRIMARY_ACCOUNT_JWT\"\n{\n \"link_with\": \"SECONDARY_ACCOUNT_JWT\"\n}\nIn this case only the link_with param is required in the body, containing the JWT obtained upon the secondary account's authentication.update:users scope:\n\nPOST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities\nAuthorization: \"Bearer YOUR_API_V2_TOKEN\"\n{\n \"provider\": \"SECONDARY_ACCOUNT_PROVIDER\",\n \"connection_id\": \"SECONDARY_ACCOUNT_CONNECTION_ID(OPTIONAL)\",\n \"user_id\": \"SECONDARY_ACCOUNT_USER_ID\"\n}\nIn this case you need to send provider and user_id in the body. Optionally you can also send the connection_id param which is suitable for identifying a particular database connection for the 'auth0' provider.${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else if (pm.response.code === 403) {",
+ " const data = pm.response.json();",
+ " const { error, mfa_token } = data;",
+ " if (error === `mfa_required`) {",
+ " console.warn(`The MFA is required.`)",
+ " if (mfa_token) {",
+ " pm.collectionVariables.set(`auth0_mfa_token_do_not_edit`, mfa_token);",
+ " console.log(`The MFA token is available. Use \"(MFA) 1.1. Retrieve enrolled authenticators\" to check if the user is enrolled with MFA.`);",
+ " } else {",
+ " console.log(`The MFA token is not available. ROPG Flow doesn't support \"challengeWith\" API.`);",
+ " }",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [
+ {
+ "key": "auth0-forwarded-for",
+ "value": "8.8.8.8",
+ "description": "End-user IP as a string value. Set this if you want brute-force protection to work in server-side scenarios. In your application, under Advanced Settings, locate the OAuth tab, and enable Trust Token Endpoint IP Header.",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "http://auth0.com/oauth/grant-type/password-realm",
+ "description": "string | Use `http://auth0.com/oauth/grant-type/password-realm` for `realm` support. Use `password` to authenticate against tenant's default directory.",
+ "type": "text"
+ },
+ {
+ "key": "realm",
+ "value": "Username-Password-Authentication",
+ "description": "string | String value of the realm (connection name) the user belongs.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "audience",
+ "value": "https://{{auth0_domain}}/api/v2/",
+ "description": "string | The unique identifier of the target API you want to access.",
+ "type": "text"
+ },
+ {
+ "key": "username",
+ "value": "test@example.com",
+ "description": "string | Resource Owner's identifier, such as a username or email address.",
+ "type": "text"
+ },
+ {
+ "key": "password",
+ "value": "1234",
+ "description": "string | Resource Owner's secret.",
+ "type": "text"
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "string | String value of the different scopes the application is asking for. Multiple scopes are separated with whitespace.",
+ "type": "text"
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "(MFA) 1.1. Retrieve enrolled authenticators",
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ },
+ "request": {
+ "auth": {
+ "type": "bearer",
+ "bearer": [
+ {
+ "key": "token",
+ "value": "{{auth0_mfa_token_do_not_edit}}",
+ "type": "string"
+ }
+ ]
+ },
+ "method": "GET",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": []
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/mfa/authenticators",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "mfa",
+ "authenticators"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "(MFA) 1.2A. Enroll into MFA (if not enrolled yet)",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(\"Set MFA token\", function () {",
+ " if(pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " pm.collectionVariables.set(\"auth0_oob_code_do_not_edit\", data.oob_code);",
+ " console.log(`Success! Challenge was sent. Go to \"(MFA) 1.3. Complete MFA challenge\". Use the one-time code (e.g., from the SMS you received) in the \"binding_code\" field`);",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "bearer",
+ "bearer": [
+ {
+ "key": "token",
+ "value": "{{auth0_mfa_token_do_not_edit}}",
+ "type": "string"
+ }
+ ]
+ },
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "authenticator_types[]",
+ "value": "oob",
+ "description": "array | The type of authenticators supported by the client. Value is an array with values \"otp\" or \"oob\".",
+ "type": "text"
+ },
+ {
+ "key": "oob_channels[]",
+ "value": "sms",
+ "description": "array | The type of OOB channels supported by the client. An array with values \"auth0\", \"sms\", \"voice\". Required if authenticator_types include oob.",
+ "type": "text"
+ },
+ {
+ "key": "phone_number",
+ "value": "+34700000000",
+ "description": "string | The phone number to use for SMS or Voice. Required if oob_channels includes sms or voice.\n",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field in your Application Settings is Post or Basic.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "client_assertion",
+ "value": "",
+ "description": "string | A JWT containing a signed assertion with your application credentials. Required when Private Key JWT is your application authentication method.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "client_assertion_type",
+ "value": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+ "description": "string | The value is urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method.",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/mfa/associate",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "mfa",
+ "associate"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "(MFA) 1.2B. Or Challenge (if already enrolled)",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(\"Set MFA token\", function () {",
+ " if(pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " pm.collectionVariables.set(\"auth0_oob_code_do_not_edit\", data.oob_code);",
+ " console.log(`Success! Challenge was sent. Go to \"(MFA) 1.3. Complete MFA challenge\". Use the one-time code (e.g., from the SMS you received) in the \"binding_code\" field`);",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "mfa_token",
+ "value": "{{auth0_mfa_token_do_not_edit}}",
+ "description": "string | The token received from mfa_required error.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "challenge_type",
+ "value": "oob",
+ "description": "string | A whitespace-separated list of the challenges types accepted by your application. Accepted challenge types are oob or otp. Excluding this parameter means that your client application accepts all supported challenge types.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "authenticator_id",
+ "value": "sms|dev_3fXmgf...",
+ "description": "string | The ID of the authenticator to challenge. You can get the ID by querying the list of available authenticators for the user as explained on List authenticators below.",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/mfa/challenge",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "mfa",
+ "challenge"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "(MFA) 1.3. Complete MFA challenge",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get tokens using mfa-oob`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "http://auth0.com/oauth/grant-type/mfa-oob",
+ "description": "string | Denotes the flow you are using. For OTP MFA, use http://auth0.com/oauth/grant-type/mfa-oob",
+ "type": "text"
+ },
+ {
+ "key": "binding_code",
+ "value": "209015",
+ "description": "string | A code used to bind the side channel (used to deliver the challenge) with the main channel you are using to authenticate. This is usually an OTP-like code delivered as part of the challenge message.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "mfa_token",
+ "value": "{{auth0_mfa_token_do_not_edit}}",
+ "description": "string | The mfa_token you received from mfa_required error.",
+ "type": "text"
+ },
+ {
+ "key": "oob_code",
+ "value": "{{auth0_oob_code_do_not_edit}}",
+ "description": "string | The oob code received from the challenge request.",
+ "type": "text"
+ },
+ {
+ "key": "client_assertion",
+ "value": "",
+ "description": "string | A JWT containing a signed assertion with your application credentials. Required when Private Key JWT is your application authentication method.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "client_assertion_type",
+ "value": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+ "description": "string | The value is urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method.",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "2. Refresh Tokens",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get tokens using refresh_token`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [
+ {
+ "key": "auth0-forwarded-for",
+ "value": "8.8.8.8",
+ "description": "End-user IP as a string value. Set this if you want brute-force protection to work in server-side scenarios. In your application, under Advanced Settings, locate the OAuth tab, and enable Trust Token Endpoint IP Header.",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "refresh_token",
+ "description": "string | Denotes the flow you are using. To refresh a token, use refresh_token.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "refresh_token",
+ "value": "{{auth0_refresh_token_do_not_edit}}",
+ "description": "string | The refresh token to use. Variable will be set after you execute authentication via Resource Owner Password Flow.",
+ "type": "text"
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "string | You can reduce scope by specifying a.scope you require. ",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "3. Get userinfo",
+ "request": {
+ "method": "GET",
+ "header": [
+ {
+ "key": "Authorization",
+ "value": "Bearer {{auth0_access_token_do_not_edit}}",
+ "type": "text"
+ }
+ ],
+ "url": {
+ "raw": "https://{{auth0_domain}}/userinfo",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "userinfo"
+ ]
+ }
+ },
+ "response": []
+ }
+ ],
+ "description": "This is the OAuth 2.0 grant that highly-trusted apps use to access an API. In this flow, the end-user is asked to fill in credentials (username/password), typically using an interactive form in the user-agent (browser). This information is sent to the backend and from there to Auth0. It is therefore imperative that the application is absolutely trusted with this information.\n\nDocumentation:\n\n- [Resource Owner Password Flow (Auth0 Management API Explorer)](https://auth0.com/docs/api/authentication#resource-owner-password-flow)\n \n- [Resource Owner Password Flow (Auth0 Docs)](https://auth0.com/docs/get-started/authentication-and-authorization-flow/resource-owner-password-flow)\n \n- [Authenticate Using the Resource Owner Password Flow with MFA](https://auth0.com/docs/secure/multi-factor-authentication/authenticate-using-ropg-flow-with-mfa)\n \n- [Resource Owner Password Flow with OIDC](https://auth0.com/docs/authenticate/login/oidc-conformant-authentication/oidc-adoption-rop-flow)",
+ "event": [
+ {
+ "listen": "prerequest",
+ "script": {
+ "type": "text/javascript",
+ "packages": {},
+ "exec": [
+ ""
+ ]
+ }
+ },
+ {
+ "listen": "test",
+ "script": {
+ "type": "text/javascript",
+ "packages": {},
+ "exec": [
+ ""
+ ]
+ }
+ }
+ ]
+ },
+ {
+ "name": "Client Credentials Flow",
+ "item": [
+ {
+ "name": "1. Get Tokens (client_credential)",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get Access Token`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "client_credentials",
+ "description": "string | Denotes the flow you are using. For Client Credentials use client_credentials.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret.",
+ "type": "text"
+ },
+ {
+ "key": "audience",
+ "value": "https://{{auth0_domain}}/api/v2/",
+ "description": "string | The unique identifier of the target API you want to access.",
+ "type": "text"
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ }
+ ],
+ "description": "This is the OAuth 2.0 grant that server processes use to access an API. Use this endpoint to directly request an access token by using the application's credentials (a Client ID and a Client Secret).\n\nDocumentation:\n\n- [Client Credentials Flow (Auth0 Management API Explorer)](https://auth0.com/docs/api/authentication#client-credential-flow)\n \n- [Client Credentials Flow (Auth0 Docs)](https://auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow)",
+ "event": [
+ {
+ "listen": "prerequest",
+ "script": {
+ "type": "text/javascript",
+ "packages": {},
+ "exec": [
+ ""
+ ]
+ }
+ },
+ {
+ "listen": "test",
+ "script": {
+ "type": "text/javascript",
+ "packages": {},
+ "exec": [
+ ""
+ ]
+ }
+ }
+ ]
+ },
+ {
+ "name": "Passwordless Flow",
+ "item": [
+ {
+ "name": "1. Start Passwordless Flow",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get tokens via Passwordless Flow`, function () {",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { email, phone_number } = data;",
+ " if (email) {",
+ " pm.collectionVariables.set(`auth0_passwordless_email_do_not_edit`, email);",
+ " } else if (phone_number) {",
+ " pm.collectionVariables.set(`auth0_passwordless_phone_do_not_edit`, phone_number);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | The client_id of your application.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | The client_secret of your application. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic. Specifically required for Regular Web Applications only.",
+ "type": "text"
+ },
+ {
+ "key": "connection",
+ "value": "sms",
+ "description": "string | Use `sms` if you want to use SMS Passwordless connection.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "phone_number",
+ "value": "+34700000000",
+ "description": "string | Set this to the user's phone number, when connection=sms.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "connection",
+ "value": "email",
+ "description": "string | or use `email` if you want to use SMS Passwordless connection.",
+ "type": "text"
+ },
+ {
+ "key": "email",
+ "value": "test@example.com",
+ "description": "string | Set this to the user's email address, when connection=email.",
+ "type": "text"
+ },
+ {
+ "key": "send",
+ "value": "code",
+ "description": "string | Use link to send a link or code to send a verification code. If null, a link will be sent.",
+ "type": "text"
+ },
+ {
+ "key": "authParams[scope]",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "array of objects | Use this to append or override the link parameters (like scope, redirect_uri, protocol, response_type), when you send a link using email.",
+ "type": "text"
+ },
+ {
+ "key": "authParams[response_type]",
+ "value": "token id_token",
+ "description": "array of objects | Use this to append or override the link parameters (like scope, redirect_uri, protocol, response_type), when you send a link using email.",
+ "type": "text"
+ },
+ {
+ "key": "authParams[audience]",
+ "value": "https://{{auth0_domain}}/api/v2/",
+ "description": "array of objects | Use this to append or override the link parameters (like scope, redirect_uri, protocol, response_type), when you send a link using email.",
+ "type": "text"
+ },
+ {
+ "key": "client_assertion",
+ "value": "eyJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE3MTgwOTE0NjIsImlzcyI6IjNLNmR0Z0xQaURSdXpiUVEzMnoxREgzN0w1NzBURUxvIiwic3ViIjoiM0s2ZHRnTFBpRFJ1emJRUTMyejFESDM3TDU3MFRFTG8iLCJhdWQiOiJodHRwczovL2FydC1lbnQudXMuYXV0aDAuY29tLyIsImV4cCI6MTcxODA5MTUyMiwianRpIjoiNjAzZGJmY2QtNTgzYy00MmQ4LTlkNTctMzczMmUyMDJlYTVhIn0.HwWwJEYS1pEP_ki-jqL28CT-3X9RjTzgYLyBkPo4dr-LBksSnvDw0LzAhlS1oL-Cuymz1MNPqqGCxHNyDzISR0-xkrXmyuRmlB8UOhdrifXn-yv7ljD0SRcs-bKGCIu_lqPSk3878vFcCnv0kADl4GP6Fh0h_zrWZslQVEuvnRrL_C6ftCnYZ5ZWXMJf2qoy-Tl-xeu_0ytudqRW-oOZWwG399idxtbIdr0y8dW94cOVBSw2Mur7TMlOWjCutkncslUyW3XhURk2GS3kyHVi-ULJPMHslOCrLkdkkB6yLBRy_P3T8amzXHYhBm4waa7td-eEm5iAyWI1oZo5LigChg",
+ "description": "string | A JWT containing containing a signed assertion with your applications credentials. Required when Private Key JWT is your application authentication method.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "client_assertion_type",
+ "value": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+ "description": "string | Use the value urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method.",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/passwordless/start",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "passwordless",
+ "start"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "2. Get Tokens (passwordless/otp)",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get tokens via Passwordless Flow`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [
+ {
+ "key": "auth0-forwarded-for",
+ "value": "8.8.8.8",
+ "description": "End-user IP as a string value. Set this if you want brute-force protection to work in server-side scenarios. In your application, under Advanced Settings, locate the OAuth tab, and enable Trust Token Endpoint IP Header.",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "http://auth0.com/oauth/grant-type/passwordless/otp",
+ "description": "string | Use `http://auth0.com/oauth/grant-type/passwordless/otp`",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "realm",
+ "value": "sms",
+ "description": "string | Use `sms` for SMS Passwordless (should be the same as in POST /passwordless/start)",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "username",
+ "value": "{{auth0_passwordless_phone_do_not_edit}}",
+ "description": "string | The user's phone number if realm=sms",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "realm",
+ "value": "email",
+ "description": "string | or use `email` for EMAIL Passwordless (should be the same as in POST /passwordless/start)",
+ "type": "text"
+ },
+ {
+ "key": "username",
+ "value": "{{auth0_passwordless_email_do_not_edit}}",
+ "description": "string | or the user's email if realm=email.",
+ "type": "text"
+ },
+ {
+ "key": "otp",
+ "value": "773703",
+ "description": "string | The user's verification code.",
+ "type": "text"
+ },
+ {
+ "key": "audience",
+ "value": "https://{{auth0_domain}}/api/v2/",
+ "description": "string | API Identifier of the API for which you want to get an Access Token.",
+ "type": "text"
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "string | String value of the different scopes the application is asking for. Multiple scopes are separated with whitespace.",
+ "type": "text"
+ },
+ {
+ "key": "redirect_uri",
+ "value": "https://jwt.io",
+ "description": "string | A callback URL that has been registered with your application's Allowed Callback URLs.",
+ "type": "text"
+ },
+ {
+ "key": "client_assertion",
+ "value": "eyJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE3MTgwOTE0NjIsImlzcyI6IjNLNmR0Z0xQaURSdXpiUVEzMnoxREgzN0w1NzBURUxvIiwic3ViIjoiM0s2ZHRnTFBpRFJ1emJRUTMyejFESDM3TDU3MFRFTG8iLCJhdWQiOiJodHRwczovL2FydC1lbnQudXMuYXV0aDAuY29tLyIsImV4cCI6MTcxODA5MTUyMiwianRpIjoiNjAzZGJmY2QtNTgzYy00MmQ4LTlkNTctMzczMmUyMDJlYTVhIn0.HwWwJEYS1pEP_ki-jqL28CT-3X9RjTzgYLyBkPo4dr-LBksSnvDw0LzAhlS1oL-Cuymz1MNPqqGCxHNyDzISR0-xkrXmyuRmlB8UOhdrifXn-yv7ljD0SRcs-bKGCIu_lqPSk3878vFcCnv0kADl4GP6Fh0h_zrWZslQVEuvnRrL_C6ftCnYZ5ZWXMJf2qoy-Tl-xeu_0ytudqRW-oOZWwG399idxtbIdr0y8dW94cOVBSw2Mur7TMlOWjCutkncslUyW3XhURk2GS3kyHVi-ULJPMHslOCrLkdkkB6yLBRy_P3T8amzXHYhBm4waa7td-eEm5iAyWI1oZo5LigChg",
+ "description": "string | A JWT containing a signed assertion with your application credentials. Required when Private Key JWT is your application authentication method.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "client_assertion_type",
+ "value": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+ "description": "string | The value is urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method.",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "3. Refresh Tokens",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get tokens using refresh_token`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [
+ {
+ "key": "auth0-forwarded-for",
+ "value": "8.8.8.8",
+ "description": "End-user IP as a string value. Set this if you want brute-force protection to work in server-side scenarios. In your application, under Advanced Settings, locate the OAuth tab, and enable Trust Token Endpoint IP Header.",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "refresh_token",
+ "description": "string | Denotes the flow you are using. To refresh a token, use refresh_token.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "refresh_token",
+ "value": "{{auth0_refresh_token_do_not_edit}}",
+ "description": "string | The refresh token to use. Variable will be set after you execute authentication via Resource Owner Password Flow.",
+ "type": "text"
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "string | You can reduce scope by specifying a.scope you require. ",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "4. Get userinfo",
+ "request": {
+ "method": "GET",
+ "header": [
+ {
+ "key": "Authorization",
+ "value": "Bearer {{auth0_access_token_do_not_edit}}",
+ "type": "text"
+ }
+ ],
+ "url": {
+ "raw": "https://{{auth0_domain}}/userinfo",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "userinfo"
+ ]
+ },
+ "description": "Given the Auth0 Access Token obtained during login, this endpoint returns a user's profile.\n\nThis endpoint will work only if `openid` was granted as a scope for the Access Token. The user profile information included in the response depends on the scopes requested. For example, a scope of just `openid` may return less information than a scope of `openid profile email`."
+ },
+ "response": []
+ }
+ ],
+ "description": "Passwordless connections do not require the user to remember a password. Instead, another mechanism is used to prove identity, such as a one-time code sent through email or SMS, every time the user logs in.\n\nDocumentation:\n\n- [Passwordless Flow (Auth0 Management API Explorer)](https://auth0.com/docs/api/authentication#passwordless)\n \n- [Passwordless Connections (Auth0 Docs)](https://auth0.com/docs/authenticate/passwordless)\n \n- [Configure SMS Passwordless (Auth0 Docs)](https://auth0.com/docs/authenticate/passwordless/authentication-methods/sms-otp)\n \n - [Configure with Custom SMS Gateway (Auth0 Docs)](https://auth0.com/docs/authenticate/passwordless/authentication-methods/use-sms-gateway-passwordless)\n \n- [Configure EMAIL Passwordless (Auth0 Docs)](https://auth0.com/docs/authenticate/passwordless/authentication-methods/email-otp)"
+ },
+ {
+ "name": "Refresh Token Flow",
+ "item": [
+ {
+ "name": "1. Get Tokens (refresh_token)",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get tokens using refresh_token`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [
+ {
+ "key": "auth0-forwarded-for",
+ "value": "8.8.8.8",
+ "description": "End-user IP as a string value. Set this if you want brute-force protection to work in server-side scenarios. In your application, under Advanced Settings, locate the OAuth tab, and enable Trust Token Endpoint IP Header.",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "refresh_token",
+ "description": "string | Denotes the flow you are using. To refresh a token, use refresh_token.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "refresh_token",
+ "value": "{{auth0_refresh_token_do_not_edit}}",
+ "description": "string | The refresh token to use. Variable will be set after you execute authentication via Resource Owner Password Flow.",
+ "type": "text"
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "string | You can reduce scope by specifying a.scope you require. ",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "2. Revoke a Refresh Token",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ ""
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [
+ {
+ "key": "auth0-forwarded-for",
+ "value": "8.8.8.8",
+ "description": "End-user IP as a string value. Set this if you want brute-force protection to work in server-side scenarios. In your application, under Advanced Settings, locate the OAuth tab, and enable Trust Token Endpoint IP Header.",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "token",
+ "value": "{{auth0_refresh_token_do_not_edit}}",
+ "description": "string | The Refresh Token you want to revoke.",
+ "type": "text"
+ },
+ {
+ "key": "client_assertion",
+ "value": "",
+ "description": "string | A JWT containing a signed assertion with your application credentials. Required when Private Key JWT is the application authentication method.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "client_assertion_type",
+ "value": "",
+ "description": "string | The value is urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method.",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/revoke",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "revoke"
+ ]
+ }
+ },
+ "response": []
+ }
+ ],
+ "description": "A Refresh Token is a credential artifact that lets a client application get new access tokens without having to ask the user to log in again.\n\nDocumentation:\n\n- [Refresh Tokens (Auth0 Management API Explorer)](https://auth0.com/docs/api/authentication#refresh-token)\n \n- [Refresh Tokens (Auth0 Docs)](https://auth0.com/docs/secure/tokens/refresh-tokens)\n \n- [What Are Refresh Tokens and How to Use Them Securely (Auth0 Blog)](https://auth0.com/blog/refresh-tokens-what-are-they-and-when-to-use-them/)",
+ "event": [
+ {
+ "listen": "prerequest",
+ "script": {
+ "type": "text/javascript",
+ "packages": {},
+ "exec": [
+ ""
+ ]
+ }
+ },
+ {
+ "listen": "test",
+ "script": {
+ "type": "text/javascript",
+ "packages": {},
+ "exec": [
+ ""
+ ]
+ }
+ }
+ ]
+ },
+ {
+ "name": "Device Authorization Flow",
+ "item": [
+ {
+ "name": "1. Request Device Authorization",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Request Device Authorization Code`, function () {",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { device_code, verification_uri_complete } = data;",
+ " if(device_code) {",
+ " pm.collectionVariables.set(`auth0_device_code_do_not_edit`, device_code);",
+ " }",
+ " console.log(`----------------------`);",
+ " console.log(`Open ${verification_uri_complete} in the browser and complete the authentication. Then request a token using the \"device_code\"`);",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " Complete the Device Authorization Flow by openining the following URL in the browser
", + "${verification_uri_complete}
", + "Once completed, Request a Token using the device_code
", + " ", + " `;", + " pm.visualizer.set(template, {});", + " } else {", + " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);", + " }", + "});" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "urlencoded", + "urlencoded": [ + { + "key": "client_id", + "value": "{{auth0_native_client_id}}", + "description": "string | Your application's ID.", + "type": "text" + }, + { + "key": "audience", + "value": "https://{{auth0_domain}}/api/v2/", + "description": "string | The unique identifier of the target API you want to access.", + "type": "text" + }, + { + "key": "scope", + "value": "openid email profile read:current_user offline_access", + "description": "string | The scopes for which you want to request authorization. These must be separated by a space. You can request any of the standard OIDC scopes about users, such as profile and email, custom claims that must conform to a namespaced format, or any scopes supported by the target API (for example, read:contacts). Include offline_access to get a Refresh Token.", + "type": "text" + } + ] + }, + "url": { + "raw": "https://{{auth0_domain}}/oauth/device/code", + "protocol": "https", + "host": [ + "{{auth0_domain}}" + ], + "path": [ + "oauth", + "device", + "code" + ] + } + }, + "response": [] + }, + { + "name": "2. Get Tokens (device_code)", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(`Get Access Token`, function () {", + " const parseJWT = (jwt) => {", + " if (!jwt) { return {} };", + " const [header, payload, signature] = jwt.split(`.`);", + " if (payload) {", + " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);", + " const payloadJSON = JSON.parse(payloadString);", + " return payloadJSON;", + " } else {", + " return {}, `Opaque Token. Make sure to use audience.`", + " }", + " }", + " if (pm.response.code === 200) {", + " const data = pm.response.json();", + " const { id_token, access_token, refresh_token } = data;", + " if (access_token || id_token) {", + " if (refresh_token) {", + " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);", + " }", + " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);", + " console.log(`-- ID TOKEN ----------`);", + " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);", + " if (id_token) console.log(parseJWT(id_token));", + " console.log(`-- ACCESS TOKEN ------`);", + " console.log(access_token);", + " console.log(parseJWT(access_token));", + " console.log(`----------------------`);", + " const template = `", + " ", + " ", + "${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "client_id",
+ "value": "{{auth0_native_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "grant_type",
+ "value": "urn:ietf:params:oauth:grant-type:device_code",
+ "description": "string | Denotes the flow you are using. For Device Authorization, use urn:ietf:params:oauth:grant-type:device_code.",
+ "type": "text"
+ },
+ {
+ "key": "device_code",
+ "value": "{{auth0_device_code_do_not_edit}}",
+ "description": "string | The device code previously returned from the /oauth/device/code endpoint.",
+ "type": "text"
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "3. Refresh Tokens",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get Access Token using Refresh Token`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [
+ {
+ "key": "auth0-forwarded-for",
+ "value": "8.8.8.8",
+ "description": "End-user IP as a string value. Set this if you want brute-force protection to work in server-side scenarios. In your application, under Advanced Settings, locate the OAuth tab, and enable Trust Token Endpoint IP Header.",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "refresh_token",
+ "description": "string | Denotes the flow you are using. To refresh a token, use refresh_token.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_native_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "refresh_token",
+ "value": "{{auth0_refresh_token_do_not_edit}}",
+ "description": "string | The refresh token to use. Variable will be set after you execute authentication via Resource Owner Password Flow.",
+ "type": "text"
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "string | String value of the different scopes the application is asking for. Multiple scopes are separated with whitespace.",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "4. Get userinfo",
+ "request": {
+ "method": "GET",
+ "header": [
+ {
+ "key": "Authorization",
+ "value": "Bearer {{auth0_access_token_do_not_edit}}",
+ "type": "text"
+ }
+ ],
+ "url": {
+ "raw": "https://{{auth0_domain}}/userinfo",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "userinfo"
+ ]
+ },
+ "description": "Given the Auth0 Access Token obtained during login, this endpoint returns a user's profile.\n\nThis endpoint will work only if `openid` was granted as a scope for the Access Token. The user profile information included in the response depends on the scopes requested. For example, a scope of just `openid` may return less information than a scope of `openid profile email`."
+ },
+ "response": []
+ }
+ ],
+ "description": "With input-constrained devices that connect to the internet, rather than authenticate the user directly, the device asks the user to go to a link on their computer or smartphone and authorize the device. This avoids a poor user experience for devices that do not have an easy way to enter text. To do this, device apps use the Device Authorization Flow, in which they pass along their Client ID to initiate the authorization process and get a token.\n\nDocumentation:\n\n- [Device Authorization Flow (Auth0 Management API Explorer)](https://auth0.com/docs/api/authentication#device-authorization-flow)\n \n- [Device Authorization Flow (Auth0 Docs)](https://auth0.com/docs/get-started/authentication-and-authorization-flow/device-authorization-flow)"
+ },
+ {
+ "name": "Browser Flows",
+ "item": [
+ {
+ "name": "Logout",
+ "item": [
+ {
+ "name": "Auth0 Logout (v2)",
+ "protocolProfileBehavior": {
+ "followRedirects": false
+ },
+ "request": {
+ "method": "GET",
+ "header": [],
+ "url": {
+ "raw": "https://{{auth0_domain}}/v2/logout?returnTo=https://jwt.io&client_id={{auth0_client_id}}",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "v2",
+ "logout"
+ ],
+ "query": [
+ {
+ "key": "returnTo",
+ "value": "https://jwt.io",
+ "description": "string | URL to redirect the user after the logout."
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | The client_id of your application."
+ },
+ {
+ "key": "federated",
+ "value": null,
+ "description": "Add this query string parameter to the logout URL, to log the user out of their identity provider, as well: https://your-tenant.us.auth0.com/v2/logout?federated",
+ "disabled": true
+ }
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "OIDC Logout",
+ "protocolProfileBehavior": {
+ "followRedirects": false
+ },
+ "request": {
+ "method": "GET",
+ "header": [],
+ "url": {
+ "raw": "https://{{auth0_domain}}/oidc/logout?client_id={{auth0_client_id}}&id_token_hint={{auth0_id_token_do_not_edit}}&logout_hint={{auth0_sid_do_not_edit}}",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oidc",
+ "logout"
+ ],
+ "query": [
+ {
+ "key": "post_logout_redirect_uri",
+ "value": "https://jwt.io",
+ "description": "string | URL to redirect the user after the logout.",
+ "disabled": true
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | The client_id of your application."
+ },
+ {
+ "key": "federated",
+ "value": "",
+ "description": "Add this query string parameter to the logout URL, to log the user out of their identity provider, as well: https://your-tenant.us.auth0.com/v2/logout?federated",
+ "disabled": true
+ },
+ {
+ "key": "id_token_hint",
+ "value": "{{auth0_id_token_do_not_edit}}",
+ "description": "Previously issued ID Token for the user. This is used to indicate which user to log out."
+ },
+ {
+ "key": "logout_hint",
+ "value": "{{auth0_sid_do_not_edit}}",
+ "description": "Optional sid (session ID) value to indicate which user to log out. Should be provided when id_token_hint is not available."
+ },
+ {
+ "key": "state",
+ "value": "",
+ "description": "An opaque value the applications adds to the initial request that the authorization server includes when redirecting the back to thepost_logout_redirect_uri.",
+ "disabled": true
+ },
+ {
+ "key": "ui_locales",
+ "value": "en fr-FR",
+ "description": "Space-delimited list of locales used to constrain the language list for the request. The first locale on the list must match the enabled locale in your tenant",
+ "disabled": true
+ }
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "Legacy Logout",
+ "protocolProfileBehavior": {
+ "followRedirects": false
+ },
+ "request": {
+ "method": "GET",
+ "header": [],
+ "url": {
+ "raw": "https://{{auth0_domain}}/logout?returnTo=https://jwt.io&client_id={{auth0_client_id}}",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "logout"
+ ],
+ "query": [
+ {
+ "key": "returnTo",
+ "value": "https://jwt.io",
+ "description": "string | URL to redirect the user after the logout."
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | The client_id of your application."
+ },
+ {
+ "key": "federated",
+ "value": null,
+ "description": "Add this query string parameter to the logout URL, to log the user out of their identity provider, as well: https://your-tenant.us.auth0.com/v2/logout?federated",
+ "disabled": true
+ }
+ ]
+ }
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Authorization Code (PKCE) / Implicit Flow",
+ "item": [
+ {
+ "name": "1. Start Login Flow",
+ "item": [
+ {
+ "name": "1A. Implicit / Authorization Code",
+ "item": [
+ {
+ "name": "1A. 1. Call Authorization Server",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Request Authorization Code`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`;",
+ " }",
+ " }",
+ " if (pm.response.code === 302) {",
+ " const queryString = require(`querystring`);",
+ " const location = pm.response.headers.get(`Location`);",
+ " let params;",
+ " if (location.includes(`?`)) {",
+ " params = location.split(`?`);",
+ " } else {",
+ " params = location.split(`#`);",
+ " }",
+ " const { state, code, access_token, id_token, refresh_token } = queryString.parse(params[1]);",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.warn(`Already logged in. See tokens below or Log out.`);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add 'openid email profile' scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (code) {",
+ " console.warn(`Already logged in. Exchange code in \"3.2. Get Tokens (authorization_code)\" request or Log out.`);",
+ " pm.collectionVariables.set(`auth0_auth_code_do_not_edit`, code);",
+ " } else if (state) {",
+ " pm.collectionVariables.set(`auth0_login_state_do_not_edit`, state);",
+ " let authenticationProfile = ['Identifier First', '2A. 1. Submit Identifier'];",
+ " if (params[0] === `/u/login`) {",
+ " authenticationProfile = [`Identifier + Password`,`2B. 1. Submit Identifier + Password`];",
+ " }",
+ " console.warn(`${authenticationProfile[0]} Authentication Profile configured. Use appropriate folder to send the next request.`)",
+ " console.log(`Success! Continue with \"${authenticationProfile[1]}\" request.`);",
+ " }",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ },
+ {
+ "listen": "prerequest",
+ "script": {
+ "exec": [
+ "pm.test(`Create Code Verifier`, function () {",
+ " const crypto = require('crypto-js');",
+ " var b64map = \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\";",
+ " var b64pad = \"=\";",
+ " const uuid = () => {",
+ " return ([1e7] + -1e3 + -4e3 + -8e3 + -1e11).replace(/[018]/g, c =>",
+ " (c ^ Math.random() * 16 >> c / 4).toString(16)",
+ " )",
+ " }",
+ " const random = () => {",
+ " return uuid().replace(/-/g, '');",
+ " }",
+ " const hexToBase64 = (h) => {",
+ " var i;",
+ " var c;",
+ " var ret = \"\";",
+ " for (i = 0; i + 3 <= h.length; i += 3) {",
+ " c = parseInt(h.substring(i, i + 3), 16);",
+ " ret += b64map.charAt(c >> 6) + b64map.charAt(c & 63);",
+ " }",
+ " if (i + 1 === h.length) {",
+ " c = parseInt(h.substring(i, i + 1), 16);",
+ " ret += b64map.charAt(c << 2);",
+ " }",
+ " else if (i + 2 === h.length) {",
+ " c = parseInt(h.substring(i, i + 2), 16);",
+ " ret += b64map.charAt(c >> 2) + b64map.charAt((c & 3) << 4);",
+ " }",
+ " if (b64pad) while ((ret.length & 3) > 0) ret += b64pad;",
+ " return ret;",
+ " }",
+ " const base64ToBase64Url = (s) => {",
+ " s = s.replace(/=/g, \"\");",
+ " s = s.replace(/\\+/g, \"-\");",
+ " s = s.replace(/\\//g, \"_\");",
+ " return s;",
+ " }",
+ " const hextob64u = (s) => {",
+ " if (s.length % 2 === 1) {",
+ " s = '0' + s;",
+ " }",
+ " return base64ToBase64Url(hexToBase64(s));",
+ " }",
+ " const code_verifier = random() + random() + random();",
+ " const hash = crypto.SHA256(code_verifier).toString();",
+ " const code_challenge = hextob64u(hash);",
+ " console.log(`Generated a code_challenge: ${code_challenge} and a code_verifier: ${code_verifier}.`);",
+ " pm.collectionVariables.set(`auth0_code_challenge_do_not_edit`, code_challenge);",
+ " pm.collectionVariables.set(`auth0_code_verifier_do_not_edit`, code_verifier);",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "followRedirects": false
+ },
+ "request": {
+ "method": "GET",
+ "header": [],
+ "url": {
+ "raw": "https://{{auth0_domain}}/authorize?client_id={{auth0_client_id}}&response_type=code&code_challenge={{auth0_code_challenge_do_not_edit}}&code_challenge_method=S256&redirect_uri=https://jwt.io&audience=https://{{auth0_domain}}/api/v2/&scope=openid email profile read:current_user offline_access&nonce=123&state=456&prompt=login",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "authorize"
+ ],
+ "query": [
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID."
+ },
+ {
+ "key": "response_type",
+ "value": "token id_token",
+ "description": "string | Use `token id_token` for Implicit Flow.",
+ "disabled": true
+ },
+ {
+ "key": "response_type",
+ "value": "code",
+ "description": "string | Use `code` for Authorization Code."
+ },
+ {
+ "key": "code_challenge",
+ "value": "{{auth0_code_challenge_do_not_edit}}",
+ "description": "string | Only if response_type=code. Generated challenge from the code_verifier. Enables PKCE Flow."
+ },
+ {
+ "key": "code_challenge_method",
+ "value": "S256",
+ "description": "string | Only if response_type=code. Method used to generate the challenge. The PKCE spec defines two methods, S256 and plain, however, Auth0 supports only S256 since the latter is discouraged."
+ },
+ {
+ "key": "connection",
+ "value": "Username-Password-Authentication",
+ "description": "string | The name of the connection configured to your application.",
+ "disabled": true
+ },
+ {
+ "key": "redirect_uri",
+ "value": "https://jwt.io",
+ "description": "string | The URL to which Auth0 will redirect the browser after authorization has been granted by the user. "
+ },
+ {
+ "key": "audience",
+ "value": "https://{{auth0_domain}}/api/v2/",
+ "description": "string | The unique identifier of the target API you want to access."
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "string | The scopes which you want to request authorization for. These must be separated by a space. You can request any of the standard OpenID Connect (OIDC) scopes about users, such as profile and email, custom claims that must conform to a namespaced format, or any scopes supported by the target API (for example, read:contacts). Include offline_access to get a Refresh Token."
+ },
+ {
+ "key": "nonce",
+ "value": "123",
+ "description": "string | A string value which will be included in the ID token response from Auth0, used to prevent token replay attacks. It is required for response_type=id_token token."
+ },
+ {
+ "key": "state",
+ "value": "456",
+ "description": "string | An opaque value the client adds to the initial request that Auth0 includes when redirecting back to the client. This value must be used by the client to prevent CSRF attacks."
+ },
+ {
+ "key": "prompt",
+ "value": "login",
+ "description": "string | To initiate a silent authentication request, use prompt=none."
+ },
+ {
+ "key": "organization",
+ "value": "org_???",
+ "description": "string | ID of the organization to use when authenticating a user. When not provided, if your application is configured to Display Organization Prompt, the user will be able to enter the organization name when authenticating.",
+ "disabled": true
+ },
+ {
+ "key": "invitation",
+ "value": "",
+ "description": "string | Ticket ID of the organization invitation. When inviting a member to an Organization, your application should handle invitation acceptance by forwarding the invitation and organization key-value pairs when the user accepts the invitation.",
+ "disabled": true
+ },
+ {
+ "key": "login_hint",
+ "value": "test@example.com",
+ "description": "string | The user's email address or other identifier. When your app knows which user is trying to authenticate, you can provide this parameter to pre-fill the email box or select the right session for sign-in.",
+ "disabled": true
+ },
+ {
+ "key": "screen_hint",
+ "value": "signup",
+ "description": "string | Provides a hint to Auth0 as to what flow should be displayed. The default behavior is to show a login page but you can override this by passing 'signup' to show the signup page instead. ",
+ "disabled": true
+ }
+ ]
+ }
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "1B. Pushed Authorization Request",
+ "item": [
+ {
+ "name": "1B. 1. Call the PAR endpoint",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get Access Token`, function () {",
+ " if (pm.response.code === 201) {",
+ " const data = pm.response.json();",
+ " const { request_uri } = data;",
+ " if (request_uri) {",
+ " pm.collectionVariables.set(\"auth0_request_uri_do_not_edit\", data.request_uri);",
+ " console.log(`Success! Go to 1B. 2. Call Authorization Server.`)",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "basic",
+ "basic": [
+ {
+ "key": "password",
+ "value": "{{HRI_AUTH0_CLIENT_SECRET}}",
+ "type": "string"
+ },
+ {
+ "key": "username",
+ "value": "{{HRI_AUTH0_CLIENT_ID}}",
+ "type": "string"
+ }
+ ]
+ },
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "response_type",
+ "value": "token id_token",
+ "description": "string | `code` or `token id_token`",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | The client_id of your application.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "redirect_uri",
+ "value": "https://jwt.io",
+ "description": "string | The URL to which Auth0 will redirect the browser after authorization has been granted by the user. Should be added to Allowed Callback URLs in the Application settings.",
+ "type": "text"
+ },
+ {
+ "key": "audience",
+ "value": "https://{{auth0_domain}}/api/v2/",
+ "description": "string | The unique identifier of the target API you want to access.",
+ "type": "text"
+ },
+ {
+ "key": "prompt",
+ "value": "login",
+ "description": "string | Can be used to force a particular prompt to display, e.g. [login, none, consent]",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "string | OIDC scopes and custom API scopes. For example: openid read:timesheets. Include offline_access to get a refresh token.",
+ "type": "text"
+ },
+ {
+ "key": "nonce",
+ "value": "456",
+ "description": "string | A string value which will be included in the ID token response from Auth0, used to prevent token replay attacks. It is required for response_type=id_token token.",
+ "type": "text"
+ },
+ {
+ "key": "authorization_details",
+ "value": "[{\n \"type\": \"one_time_payment\",\n \"amount\": {\n \"amount\": 2460,\n \"currency\": \"USD\"\n },\n \"recipient\": \"Acme Travel, Inc.\"\n}]",
+ "description": "array of objects | Requested permissions for each resource. Similar to scopes. To learn more, read RAR reference documention.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "organization",
+ "value": "org_???",
+ "description": "string | ID of the organization to use when authenticating a user. When not provided, if your application is configured to Display Organization Prompt, the user will be able to enter the organization name when authenticating.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "connection",
+ "value": "Username-Password-Authentication",
+ "description": "string | The name of the connection configured to your application. If null, it will redirect to the Auth0 Login Page and show the Login Widget using the first database connection.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "code_challenge",
+ "value": "",
+ "description": "string | Generated challenge from the code_verifier.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "code_challenge_method",
+ "value": "S256",
+ "description": "string | Method used to generate the challenge. The PKCE specification defines two methods, S256 and plain, however, Auth0 supports only S256 since the latter is discouraged. ",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "state",
+ "value": "123",
+ "description": "string | An opaque value the application adds to the initial request that the authorization server includes when redirecting the back to the application. This value must be used by the application to prevent CSRF attacks.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "client_assertion",
+ "value": "eyJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE3MTgwOTE0NjIsImlzcyI6IjNLNmR0Z0xQaURSdXpiUVEzMnoxREgzN0w1NzBURUxvIiwic3ViIjoiM0s2ZHRnTFBpRFJ1emJRUTMyejFESDM3TDU3MFRFTG8iLCJhdWQiOiJodHRwczovL2FydC1lbnQudXMuYXV0aDAuY29tLyIsImV4cCI6MTcxODA5MTUyMiwianRpIjoiNjAzZGJmY2QtNTgzYy00MmQ4LTlkNTctMzczMmUyMDJlYTVhIn0.HwWwJEYS1pEP_ki-jqL28CT-3X9RjTzgYLyBkPo4dr-LBksSnvDw0LzAhlS1oL-Cuymz1MNPqqGCxHNyDzISR0-xkrXmyuRmlB8UOhdrifXn-yv7ljD0SRcs-bKGCIu_lqPSk3878vFcCnv0kADl4GP6Fh0h_zrWZslQVEuvnRrL_C6ftCnYZ5ZWXMJf2qoy-Tl-xeu_0ytudqRW-oOZWwG399idxtbIdr0y8dW94cOVBSw2Mur7TMlOWjCutkncslUyW3XhURk2GS3kyHVi-ULJPMHslOCrLkdkkB6yLBRy_P3T8amzXHYhBm4waa7td-eEm5iAyWI1oZo5LigChg",
+ "description": "string | A JWT containing a signed assertion with your application credentials. Required when Private Key JWT is the application authentication method.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "client_assertion_type",
+ "value": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+ "description": "string | The value is urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "request",
+ "value": "eyJhbGciOiJSUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QifQ.eyJpc3MiOiIzSzZkdGdMUGlEUnV6YlFRMzJ6MURIMzdMNTcwVEVMbyIsImF1ZCI6Imh0dHBzOi8vYXJ0LWVudC51cy5hdXRoMC5jb20vIiwiY2xpZW50X2lkIjoiM0s2ZHRnTFBpRFJ1emJRUTMyejFESDM3TDU3MFRFTG8iLCJjbGllbnRfc2VjcmV0IjoiZVpIbVVYbVlpQW5lZHdPVDFTR2NNVll5THFKYjh4MVpaY2JzZzRNOUNUUUhmWVFoV3pwUzJwZU5yYlUtMEhjRyIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vand0LmlvIiwibm9uY2UiOiI2YWNmOTM1MjM3YzM2MjdhMjdjMDc5YTIxNTA0NmVjMCIsImlhdCI6MTcxNzU5MTczNX0.GNjYTTXy7mAfp-YCP330goskC-jq_K2xNNpMfTTvzLbhp4tKfaqrIpII9pfYakcgAZB4VAOIhUA9MkifP0iOQJi6TUxpP5NzwECqlm8RQEhz0hKrIWkDJ56BRnL7pyvfmo8idFD6ycDrx4z4PxpD_vGXAcHxw81IHU7Hn6eyzZlkOqRbXdSBBgHJO58YJnVXNpfnKdDYdqq9xN4xER2FJv4ORvfYDK2lVV56Wt26HzFCnBsZQ5tFDxAIdJYR_Lhy30PC3w9OdEmlPXN7jPWj5fJTEblu6yHooeYdRBCk-T-xGNBHc07op6An_OwE2pC9j3X2TtFrEZIj6x7PKdb9Zg",
+ "description": "string | Signed and URL-encoded JWT. For JWT-Secured Authorization Requests (JAR).",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/par",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "par"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "1B. 2. Call Authorization Server",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Request Authorization Code`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`;",
+ " }",
+ " }",
+ " if (pm.response.code === 302) {",
+ " const queryString = require(`querystring`);",
+ " const location = pm.response.headers.get(`Location`);",
+ " let params;",
+ " if (location.includes(`?`)) {",
+ " params = location.split(`?`);",
+ " } else {",
+ " params = location.split(`#`);",
+ " }",
+ " const { state, code, access_token, id_token } = queryString.parse(params[1]);",
+ " if (access_token || id_token) {",
+ " console.warn(`Already logged in. See tokens below or go to \"0. LOGOUT\".`);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add 'openid email profile' scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (code) {",
+ " console.warn(`Already logged in. Exchange code in \"3.2. Get Tokens (authorization_code)\" request or Log out.`);",
+ " pm.collectionVariables.set(`auth0_auth_code_do_not_edit`, code);",
+ " } else if (state) {",
+ " pm.collectionVariables.set(`auth0_login_state_do_not_edit`, state);",
+ " let authenticationProfile = ['Identifier First', '2A. 1. Submit Identifier'];",
+ " if (params[0] === `/u/login`) {",
+ " authenticationProfile = [`Identifier + Password`,`2B. 1. Submit Identifier + Password`];",
+ " }",
+ " console.warn(`${authenticationProfile[0]} Authentication Profile configured. Use appropriate folder to send the next request.`)",
+ " console.log(`Success! Continue with \"${authenticationProfile[1]}\" request.`);",
+ " }",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "followRedirects": false
+ },
+ "request": {
+ "method": "GET",
+ "header": [],
+ "url": {
+ "raw": "https://{{auth0_domain}}/authorize?client_id={{auth0_client_id}}&request_uri={{auth0_request_uri_do_not_edit}}",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "authorize"
+ ],
+ "query": [
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | The client_id of your application."
+ },
+ {
+ "key": "request_uri",
+ "value": "{{auth0_request_uri_do_not_edit}}",
+ "description": "string | The request_uri value that was received from the /oauth/par endpoint."
+ }
+ ]
+ }
+ },
+ "response": []
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "name": "2. Submit Credentials",
+ "item": [
+ {
+ "name": "2A. Identifier First",
+ "item": [
+ {
+ "name": "2A. 1. Submit Identifier",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(\"GetState\", function () {",
+ " if (pm.response.code === 302) {",
+ " const queryString = require(`querystring`);",
+ " const location = pm.response.headers.get(`Location`);",
+ " const params = location.split(`?`);",
+ " console.log(`Success! Continue with \"2A. 2. Submit Password\" request.`);",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "followRedirects": false
+ },
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "username",
+ "value": "test@example.com",
+ "description": "strine | Email, username or Phone Number.",
+ "type": "text"
+ },
+ {
+ "key": "state",
+ "value": "{{auth0_login_state_do_not_edit}}",
+ "description": "string | This `state` was generated at previous step.",
+ "type": "text"
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/u/login/identifier?state={{auth0_login_state_do_not_edit}}",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "u",
+ "login",
+ "identifier"
+ ],
+ "query": [
+ {
+ "key": "state",
+ "value": "{{auth0_login_state_do_not_edit}}",
+ "description": "string | This `state` was generated at previous step."
+ }
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "2A. 2. Submit Password",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(\"GetResumeState\", function () {",
+ " if (pm.response.code === 302) {",
+ " const queryString = require(`querystring`);",
+ " const location = pm.response.headers.get(`Location`);",
+ " const params = location.split(`?`);",
+ " const { state } = queryString.parse(params[1]);",
+ " pm.collectionVariables.set(\"auth0_resume_state_do_not_edit\", state);",
+ " console.log(`Success! Continue with \"3.1. Get a CODE or Token & ID Token\" request.`);",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "followRedirects": false
+ },
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "password",
+ "value": "1234",
+ "description": "string | User's password.",
+ "type": "text"
+ },
+ {
+ "key": "state",
+ "value": "{{auth0_login_state_do_not_edit}}",
+ "description": "string | This `state` was generated at previous step.",
+ "type": "text"
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/u/login/password?state={{auth0_login_state_do_not_edit}}",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "u",
+ "login",
+ "password"
+ ],
+ "query": [
+ {
+ "key": "state",
+ "value": "{{auth0_login_state_do_not_edit}}",
+ "description": "string | This `state` was generated at previous step."
+ }
+ ]
+ }
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "2B. Identifier + Password",
+ "item": [
+ {
+ "name": "2B. 1. Submit Identifier + Password",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(\"GetResumeState\", function () {",
+ " if (pm.response.code === 302) {",
+ " const queryString = require(`querystring`);",
+ " const location = pm.response.headers.get(`Location`);",
+ " const params = location.split(`?`);",
+ " const { state } = queryString.parse(params[1]);",
+ " pm.collectionVariables.set(`auth0_resume_state_do_not_edit`, state);",
+ " console.log(`Success! Continue with \"3.1. Get a CODE or Token & ID Token\" request.`);",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "followRedirects": false
+ },
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "username",
+ "value": "test@example.com",
+ "description": "string | Email, Username or Phone Number.",
+ "type": "text"
+ },
+ {
+ "key": "password",
+ "value": "1234",
+ "description": "string | User's password.",
+ "type": "text"
+ },
+ {
+ "key": "state",
+ "value": "{{auth0_login_state_do_not_edit}}",
+ "description": "string | This `state` was generated at previous step.",
+ "type": "text"
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/u/login?state={{auth0_login_state_do_not_edit}}",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "u",
+ "login"
+ ],
+ "query": [
+ {
+ "key": "state",
+ "value": "{{auth0_login_state_do_not_edit}}",
+ "description": "string | This `state` was generated at previous step."
+ }
+ ]
+ }
+ },
+ "response": []
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "name": "3. Complete Login",
+ "item": [
+ {
+ "name": "3.1. Get a CODE or Token & ID Token",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`GetResumeState`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`;",
+ " }",
+ " }",
+ " if (pm.response.code === 302) {",
+ " const queryString = require(`querystring`);",
+ " const location = pm.response.headers.get(`Location`);",
+ " let params;",
+ " if (location.includes(`?`)) {",
+ " params = location.split(`?`);",
+ " } else {",
+ " params = location.split(`#`);",
+ " }",
+ " const { code, access_token, id_token, refresh_token } = queryString.parse(params[1]);",
+ " if (code) {",
+ " pm.collectionVariables.set(`auth0_auth_code_do_not_edit`, code);",
+ " console.log(`Success! Continue with \"3.2. Get Tokens (authorization_code)\" request.`);",
+ " } else if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.warn(`Success! See tokens below.`);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add 'openid email profile' scope.`);",
+ " if (id_token) {",
+ " const id_token_parsed = parseJWT(id_token);",
+ " console.log(id_token_parsed);",
+ " pm.collectionVariables.set(`auth0_id_token_do_not_edit`, id_token);",
+ " pm.collectionVariables.set(`auth0_sid_do_not_edit`, id_token_parsed.sid);",
+ " }",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the \"Redirecting to URL\" or the tenant logs.`);",
+ " }",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "followRedirects": false
+ },
+ "request": {
+ "method": "GET",
+ "header": [],
+ "url": {
+ "raw": "https://{{auth0_domain}}/authorize/resume?state={{auth0_resume_state_do_not_edit}}",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "authorize",
+ "resume"
+ ],
+ "query": [
+ {
+ "key": "state",
+ "value": "{{auth0_resume_state_do_not_edit}}",
+ "description": "string | This `state` was generated at previous step."
+ }
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "3.2. Get Tokens (authorization_code)",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get Access Token`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) {",
+ " const id_token_parsed = parseJWT(id_token);",
+ " console.log(id_token_parsed);",
+ " pm.collectionVariables.set(`auth0_id_token_do_not_edit`, id_token);",
+ " pm.collectionVariables.set(`auth0_sid_do_not_edit`, id_token_parsed.sid);",
+ " }",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "authorization_code",
+ "description": "string | Denotes the flow you are using. For Authorization Code use authorization_code.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret.",
+ "type": "text"
+ },
+ {
+ "key": "code",
+ "value": "{{auth0_auth_code_do_not_edit}}",
+ "description": "string | The Authorization Code received from the initial /authorize call.",
+ "type": "text"
+ },
+ {
+ "key": "redirect_uri",
+ "value": "https://jwt.io",
+ "description": "string | This is required only if it was set at the GET /authorize endpoint. The values from /authorize must match the value you set at /oauth/token.",
+ "type": "text"
+ },
+ {
+ "key": "code_verifier",
+ "value": "{{auth0_code_verifier_do_not_edit}}",
+ "description": "string | Only if the code_challenge was sent to /authorize. Enables PKCE Flow. Cryptographically random key that was used to generate the code_challenge passed to /authorize.",
+ "type": "text"
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "3.3. Refresh Tokens",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get tokens using refresh_token`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [
+ {
+ "key": "auth0-forwarded-for",
+ "value": "8.8.8.8",
+ "description": "End-user IP as a string value. Set this if you want brute-force protection to work in server-side scenarios. In your application, under Advanced Settings, locate the OAuth tab, and enable Trust Token Endpoint IP Header.",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "refresh_token",
+ "description": "string | Denotes the flow you are using. To refresh a token, use refresh_token.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "refresh_token",
+ "value": "{{auth0_refresh_token_do_not_edit}}",
+ "description": "string | The refresh token to use. Variable will be set after you execute authentication via Resource Owner Password Flow.",
+ "type": "text"
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "string | You can reduce scope by specifying a.scope you require. ",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ },
+ "description": "Use this endpoint to refresh an Access Token using the Refresh Token you got during authorization."
+ },
+ "response": []
+ },
+ {
+ "name": "3.4. Get userinfo",
+ "request": {
+ "method": "GET",
+ "header": [
+ {
+ "key": "Authorization",
+ "value": "Bearer {{auth0_access_token_do_not_edit}}",
+ "type": "text"
+ }
+ ],
+ "url": {
+ "raw": "https://{{auth0_domain}}/userinfo",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "userinfo"
+ ]
+ },
+ "description": "Given the Auth0 Access Token obtained during login, this endpoint returns a user's profile.\n\nThis endpoint will work only if `openid` was granted as a scope for the Access Token. The user profile information included in the response depends on the scopes requested. For example, a scope of just `openid` may return less information than a scope of `openid profile email`."
+ },
+ "response": []
+ }
+ ]
+ }
+ ],
+ "description": "Please note that most requests are enabled with scripts, which should make the flow seamless. The scripts will automatically save and use required variables during the flow. Open the Postman Console when executing this flow to monitor the requests made to Authentication API endpoints.\n\nThis flow is customizable and supports:\n\n- Authorization Code Flow\n \n - In **1A. 1. Call Authorization Server** set the `response_type` to `code`.\n \n- Authorization Code Flow (with PKCE)\n \n - In **1A. 1. Call Authorization Server** set the `response_type` to `code`. Also enable `code_challenge` and `code_challenge_method` params.\n \n - In **3.2. Get Tokens (authorization_code)** enable `code_verifier`.\n \n- Implicit Flow\n \n - In **1A. 1. Call Authorization Server** set the `response_type` to `token id_token`.\n \n- Pushed Authorization Request\n \n - Start with **1B. 1 Call the PAR endpoint**, then **1B. 2. Call Authorization Server**. Then, follow the normal flow.\n \n- Identifier + Password Authentication Profile\n \n - If this Authentication Profile is configured in your tenant, use **2B. 1. Submit Identifier + Password** to submit credentials.\n \n- Identifier First Authentication Profile\n \n - If this Authentication Profile is configured in your tenant, use **2A. 1. Submit Identifier** and **2A. 2. Submit Password**\n \n\nDocumenation:\n\n- [Authorization Code Flow (Auth0 Management API Explorer)](https://auth0.com/docs/api/authentication#authorization-code-flow)\n \n - [How it works (Auth0 Docs)](https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow#how-authorization-code-flow-works)\n \n- [Authorization Code Flow with PKCE (Auth0 Management API Explorer)](https://auth0.com/docs/api/authentication#authorization-code-flow-with-pkce)\n \n - [How it works (Auth0 Docs)](https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow-with-pkce#how-it-works)\n \n- [Authorization Code Flow with PAR (Auth0 Management API Explorer)](https://auth0.com/docs/api/authentication#authorization-code-flow-with-enhanced-privacy-protection)\n \n - [How it works (Auth0 Docs)](https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-par)\n \n- [Implicit Flow (Auth0 Management API Explorer)](https://auth0.com/docs/api/authentication#implicit-flow)\n \n - [How it works (Auth0 Docs)](https://auth0.com/docs/get-started/authentication-and-authorization-flow/implicit-flow-with-form-post)"
+ },
+ {
+ "name": "Cross-Origin Authentication Flow",
+ "item": [
+ {
+ "name": "1. Call co/authentication endpoint",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get login_ticket`, function () {",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { login_ticket, co_verifier, co_id } = data;",
+ " pm.collectionVariables.set(`auth0_login_ticket_do_not_edit`, login_ticket);",
+ " console.log(`Success! Continue with \"2a. Authorization Code Flow\" or \"2b. Implicit Flow\" request.`);",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "method": "POST",
+ "header": [
+ {
+ "key": "Origin",
+ "value": "https://jwt.io",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "type": "text"
+ },
+ {
+ "key": "credential_type",
+ "value": "http://auth0.com/oauth/grant-type/password-realm",
+ "type": "text"
+ },
+ {
+ "key": "realm",
+ "value": "Username-Password-Authentication",
+ "type": "text"
+ },
+ {
+ "key": "username",
+ "value": "test@example.com",
+ "type": "text"
+ },
+ {
+ "key": "password",
+ "value": "1234",
+ "type": "text"
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/co/authenticate",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "co",
+ "authenticate"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "2. Call Authorization Server",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Request an authorization code with login_ticket`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`;",
+ " }",
+ " }",
+ " if (pm.response.code === 302) {",
+ " const queryString = require(`querystring`);",
+ " const location = pm.response.headers.get(`Location`);",
+ " let params;",
+ " if (location.includes(`?`)) {",
+ " params = location.split(`?`);",
+ " } else {",
+ " params = location.split(`#`);",
+ " }",
+ " const { error, error_description, code, id_token, access_token, refresh_token } = queryString.parse(params[1]);",
+ " if (code) {",
+ " pm.collectionVariables.set(`auth0_auth_code_do_not_edit`, code);",
+ " console.log(code);",
+ " console.log(`Success! Continue with \"3. Get Tokens (authorization_code)\" request.`);",
+ " } else if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } else {",
+ " console.error(`Request error. The \"login_ticket\" may be incorrect.`);",
+ " }",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "followRedirects": false
+ },
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "GET",
+ "header": [],
+ "url": {
+ "raw": "https://{{auth0_domain}}/authorize?response_type=code&client_id={{auth0_client_id}}&redirect_uri=https://jwt.io&login_ticket={{auth0_login_ticket_do_not_edit}}&prompt=none&realm=Username-Password-Authentication&nonce=123&scope=openid email profile read:current_user offline_access&audience=https://{{auth0_domain}}/api/v2/&state=456",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "authorize"
+ ],
+ "query": [
+ {
+ "key": "response_type",
+ "value": "code"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}"
+ },
+ {
+ "key": "redirect_uri",
+ "value": "https://jwt.io"
+ },
+ {
+ "key": "login_ticket",
+ "value": "{{auth0_login_ticket_do_not_edit}}"
+ },
+ {
+ "key": "prompt",
+ "value": "none"
+ },
+ {
+ "key": "response_mode",
+ "value": "query",
+ "disabled": true
+ },
+ {
+ "key": "realm",
+ "value": "Username-Password-Authentication"
+ },
+ {
+ "key": "nonce",
+ "value": "123"
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access"
+ },
+ {
+ "key": "audience",
+ "value": "https://{{auth0_domain}}/api/v2/"
+ },
+ {
+ "key": "state",
+ "value": "456"
+ }
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "3. Get Tokens (authorization_code)",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get tokens using authorization code`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [
+ {
+ "key": "auth0-forwarded-for",
+ "value": "8.8.8.8",
+ "description": "End-user IP as a string value. Set this if you want brute-force protection to work in server-side scenarios. In your application, under Advanced Settings, locate the OAuth tab, and enable Trust Token Endpoint IP Header.",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "authorization_code",
+ "description": "string | Denotes the flow you are using. To refresh a token, use refresh_token.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "code",
+ "value": "{{auth0_auth_code_do_not_edit}}",
+ "description": "string | A 'code' received from the previous request.",
+ "type": "text"
+ },
+ {
+ "key": "redirect_uri",
+ "value": "https://jwt.io",
+ "description": "string | A callback.",
+ "type": "text"
+ },
+ {
+ "key": "scope",
+ "value": "read:current_user",
+ "description": "string | You can reduce scope by specifying the scopes you need.",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "4. Refresh Tokens",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Get tokens using refresh_token`, function () {",
+ " const parseJWT = (jwt) => {",
+ " if (!jwt) { return {} };",
+ " const [header, payload, signature] = jwt.split(`.`);",
+ " if (payload) {",
+ " const payloadString = Buffer.from(payload, `base64`).toString(`utf-8`);",
+ " const payloadJSON = JSON.parse(payloadString);",
+ " return payloadJSON;",
+ " } else {",
+ " return {}, `Opaque Token. Make sure to use audience.`",
+ " }",
+ " }",
+ " if (pm.response.code === 200) {",
+ " const data = pm.response.json();",
+ " const { id_token, access_token, refresh_token } = data;",
+ " if (access_token || id_token) {",
+ " if (refresh_token) {",
+ " pm.collectionVariables.set(`auth0_refresh_token_do_not_edit`, refresh_token);",
+ " }",
+ " pm.collectionVariables.set(`auth0_access_token_do_not_edit`, access_token);",
+ " console.log(`-- ID TOKEN ----------`);",
+ " console.log(id_token || `ID Token not requested. Add \\\"openid email profile\\\" scope.`);",
+ " if (id_token) console.log(parseJWT(id_token));",
+ " console.log(`-- ACCESS TOKEN ------`);",
+ " console.log(access_token);",
+ " console.log(parseJWT(access_token));",
+ " console.log(`----------------------`);",
+ " const template = `",
+ " ",
+ " ",
+ " ${id_token || \"ID Token not requested. Add \\\"openid email profile\\\" scope.\"}",
+ " ${id_token ? JSON.stringify(parseJWT(id_token), null, 2) : \"\"}",
+ " ${access_token}",
+ " ${JSON.stringify(parseJWT(access_token), null, 2)}",
+ " ",
+ " `;",
+ " pm.visualizer.set(template, {});",
+ " } else if (error) {",
+ " console.error(`-- ERROR -------------`);",
+ " console.error(`${error}: ${error_description}`);",
+ " } ",
+ " } else {",
+ " console.error(`Request error. Check error/error_description in the response body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "auth": {
+ "type": "noauth"
+ },
+ "method": "POST",
+ "header": [
+ {
+ "key": "auth0-forwarded-for",
+ "value": "8.8.8.8",
+ "description": "End-user IP as a string value. Set this if you want brute-force protection to work in server-side scenarios. In your application, under Advanced Settings, locate the OAuth tab, and enable Trust Token Endpoint IP Header.",
+ "type": "text"
+ }
+ ],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "grant_type",
+ "value": "refresh_token",
+ "description": "string | Denotes the flow you are using. To refresh a token, use refresh_token.",
+ "type": "text"
+ },
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "client_secret",
+ "value": "{{auth0_client_secret}}",
+ "description": "string | Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.",
+ "type": "text"
+ },
+ {
+ "key": "refresh_token",
+ "value": "{{auth0_refresh_token_do_not_edit}}",
+ "description": "string | The refresh token to use. Variable will be set after you execute authentication via Resource Owner Password Flow.",
+ "type": "text"
+ },
+ {
+ "key": "scope",
+ "value": "openid email profile read:current_user offline_access",
+ "description": "string | You can reduce scope by specifying a.scope you require. ",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/oauth/token",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "oauth",
+ "token"
+ ]
+ },
+ "description": "Use this endpoint to refresh an Access Token using the Refresh Token you got during authorization."
+ },
+ "response": []
+ },
+ {
+ "name": "5. Get userinfo",
+ "request": {
+ "method": "GET",
+ "header": [
+ {
+ "key": "Authorization",
+ "value": "Bearer {{auth0_access_token_do_not_edit}}",
+ "description": "The Auth0 Access Token obtained during login.",
+ "type": "text"
+ }
+ ],
+ "url": {
+ "raw": "https://{{auth0_domain}}/userinfo",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "userinfo"
+ ]
+ },
+ "description": "Given the Auth0 Access Token obtained during login, this endpoint returns a user's profile.\n\nThis endpoint will work only if `openid` was granted as a scope for the Access Token. The user profile information included in the response depends on the scopes requested. For example, a scope of just `openid` may return less information than a scope of `openid profile email`."
+ },
+ "response": []
+ }
+ ],
+ "description": "This Flow is not documented and not public. It is currently used only by Classic Universal Login and Auth0JS."
+ }
+ ],
+ "description": "As per the title, endpoints in this folder are meant to be called by the browser. You can try these flows in Postman, but there's no guarantee they will work all the time. It's recommended to test these flows using [Auth0 Quickstarts](https://auth0.com/docs/quickstarts)."
+ },
+ {
+ "name": "User management",
+ "item": [
+ {
+ "name": "Signup (x-www-form-urlencoded)",
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | Your application's Client ID.",
+ "type": "text"
+ },
+ {
+ "key": "connection",
+ "value": "Username-Password-Authentication",
+ "description": "string | The name of the database connection configured to your client.",
+ "type": "text"
+ },
+ {
+ "key": "email",
+ "value": "test_01@example.com",
+ "description": "string | The user's email address. Only valid if the Email attribute is enabled in the connection.",
+ "type": "text"
+ },
+ {
+ "key": "email_verified",
+ "value": "false",
+ "type": "text"
+ },
+ {
+ "key": "username",
+ "value": "art_s_username",
+ "description": "string | The user's username. Only valid if the Username attribute is enabled in the connection.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "phone_number",
+ "value": "+34700000000",
+ "description": "string | The user's phone identifier. Only valid if the Phone Number attribute is enabled in the connection.",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "phone_verified",
+ "value": "false",
+ "description": "string | Set to true, if \"Verify phone number on sign up\" is enabled for this attribute",
+ "type": "text",
+ "disabled": true
+ },
+ {
+ "key": "password",
+ "value": "1234",
+ "description": "string | The user's desired password.",
+ "type": "text"
+ },
+ {
+ "key": "given_name",
+ "value": "Art",
+ "description": "string | The user's given name(s).",
+ "type": "text"
+ },
+ {
+ "key": "family_name",
+ "value": "S",
+ "description": "string | The user's family name(s).",
+ "type": "text"
+ },
+ {
+ "key": "name",
+ "value": "Art S",
+ "description": "string | The user's full name.",
+ "type": "text"
+ },
+ {
+ "key": "nickname",
+ "value": "art_s",
+ "description": "string | The user's nickname.",
+ "type": "text"
+ },
+ {
+ "key": "picture",
+ "value": "https://images.ctfassets.net/23aumh6u8s0i/2sy4XcHhoHtkvD0DIH8AX3/88c43d05a3f60145b14d157d74e32925/WhatIs_Broken_Auth_hero",
+ "description": "string | A URI pointing to the user's picture.",
+ "type": "text"
+ },
+ {
+ "key": "user_metadata[subscription]",
+ "value": "premium",
+ "description": "object | The user metadata to be associated with the user. If set, the field must be an object containing no more than ten properties. Property names can have a maximum of 100 characters, and property values must be strings of no more than 500 characters.",
+ "type": "text"
+ },
+ {
+ "key": "user_metadata[membership]",
+ "value": "full",
+ "description": "object | The user metadata to be associated with the user. If set, the field must be an object containing no more than ten properties. Property names can have a maximum of 100 characters, and property values must be strings of no more than 500 characters.",
+ "type": "text"
+ },
+ {
+ "key": "user_metadata[created_with]",
+ "value": "Authentication API Collection for Postman",
+ "description": "object | The user metadata to be associated with the user. If set, the field must be an object containing no more than ten properties. Property names can have a maximum of 100 characters, and property values must be strings of no more than 500 characters.",
+ "type": "text"
+ },
+ {
+ "key": "user_metadata[external_user]",
+ "value": "art.stupels@okta.com",
+ "description": "object | The user metadata to be associated with the user. If set, the field must be an object containing no more than ten properties. Property names can have a maximum of 100 characters, and property values must be strings of no more than 500 characters.",
+ "type": "text"
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/dbconnections/signup",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "dbconnections",
+ "signup"
+ ]
+ },
+ "description": "Given a user's credentials and a `connection`, this endpoint creates a new user.\n\nThis endpoint only works for database connections."
+ },
+ "response": []
+ },
+ {
+ "name": "Signup (Raw JSON)",
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"client_id\": \"{{auth0_client_id}}\",\n \"connection\": \"Username-Password-Authentication\",\n \"email\": \"test_02@example.com\",\n \"username\": \"art_s_user_02\",\n \"email_verified\": false,\n \"phone_number\": \"+34700000005\",\n \"phone_verified\": false,\n \"password\": \"1234\",\n \"given_name\": \"Art\",\n \"family_name\": \"S\",\n \"name\": \"Art S\",\n \"nickname\": \"art_s\",\n \"picture\": \"https://images.ctfassets.net/23aumh6u8s0i/5DmYnzyKV26HjuOgJIvs4d/79ff12196b68401e2f4b7f998bd46ad8/auth0_by_okta_hero_copy.png\",\n \"user_metadata\": {\n \"subscription\": \"premium\",\n \"membership\": \"full\",\n \"created_with\": \"Authentication API Collection for Postman\",\n \"external_user\": \"art.stupels@okta.com\"\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/dbconnections/signup",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "dbconnections",
+ "signup"
+ ]
+ },
+ "description": "Given a user's credentials and a `connection`, this endpoint creates a new user.\n\nThis endpoint only works for database connections."
+ },
+ "response": []
+ },
+ {
+ "name": "Request a password reset",
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "urlencoded",
+ "urlencoded": [
+ {
+ "key": "client_id",
+ "value": "{{auth0_client_id}}",
+ "description": "string | The client_id of your client.",
+ "type": "text"
+ },
+ {
+ "key": "email",
+ "value": "test@example.com",
+ "description": "string | User's email, username or phone number identifier. If used doesn't have an email identificator, the \"User does not contain email address\" is expected.",
+ "type": "text"
+ },
+ {
+ "key": "connection",
+ "value": "Username-Password-Authentication",
+ "description": "string | The name of the database connection configured to your client.",
+ "type": "text"
+ },
+ {
+ "key": "organization",
+ "value": "org_?????????????",
+ "description": "string | The organization_id of the Organization associated with the user.",
+ "type": "text",
+ "disabled": true
+ }
+ ]
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/dbconnections/change_password",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "dbconnections",
+ "change_password"
+ ]
+ },
+ "description": "Send a change password email to the user's provided email address and `connection`.\n\nOptionally, you may provide an Organization ID to support Organization-specific variables in customized email templates and to include the `organization_id` and `organization_name` parameters in the **Redirect To** URL.\n\nNote: This endpoint only works for database connections."
+ },
+ "response": []
+ }
+ ]
+ }
+ ],
+ "event": [
+ {
+ "listen": "prerequest",
+ "script": {
+ "type": "text/javascript",
+ "packages": {},
+ "exec": [
+ ""
+ ]
+ }
+ },
+ {
+ "listen": "test",
+ "script": {
+ "type": "text/javascript",
+ "packages": {},
+ "exec": [
+ ""
+ ]
+ }
+ }
+ ]
+}
\ No newline at end of file
diff --git a/Auth0_Configure_Environment.json b/Auth0_Configure_Environment.json
new file mode 100644
index 0000000..84aa099
--- /dev/null
+++ b/Auth0_Configure_Environment.json
@@ -0,0 +1,218 @@
+{
+ "info": {
+ "_postman_id": "b7f8f115-9510-4a6b-aa3e-bb88978afe8d",
+ "name": "Auth0 | Configure Environment",
+ "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
+ "_exporter_id": "32516383"
+ },
+ "item": [
+ {
+ "name": "1. Create a Regular Postman Application",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Create a Regular Application for Postman`, function () {",
+ " if (pm.response.code === 201) {",
+ " const data = pm.response.json();",
+ " const { client_id, client_secret, tenant } = data;",
+ " console.warn(`The regular application was created in the \"${tenant}\" tenant.`)",
+ " pm.environment.set(`auth0_client_id`, client_id);",
+ " pm.environment.set(`auth0_client_secret`, client_secret);",
+ " console.warn(`The [auth0_client_id, auth0_client_secret] variables were updated in the active environment.`)",
+ " } else {",
+ " console.error(`Request error. Check \"error-message\" in the HTML body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"is_token_endpoint_ip_header_trusted\": true,\n \"name\": \"POSTMAN_REGULAR\",\n \"is_first_party\": true,\n \"oidc_conformant\": true,\n \"refresh_token\": {\n \"expiration_type\": \"expiring\",\n \"leeway\": 0,\n \"infinite_token_lifetime\": false,\n \"infinite_idle_token_lifetime\": true,\n \"token_lifetime\": 2592000,\n \"idle_token_lifetime\": 1296000,\n \"rotation_type\": \"rotating\"\n },\n \"callbacks\": [\n \"https://jwt.io\"\n ],\n \"allowed_logout_urls\": [\n \"https://jwt.io\"\n ],\n \"cross_origin_authentication\": true,\n \"logo_uri\": \"https://res.cloudinary.com/postman/image/upload/t_team_logo/v1629869194/team/2893aede23f01bfcbd2319326bc96a6ed0524eba759745ed6d73405a3a8b67a8\",\n \"allowed_origins\": [\n \"https://jwt.io\"\n ],\n \"token_endpoint_auth_method\": \"client_secret_post\",\n \"app_type\": \"regular_web\",\n \"grant_types\": [\n \"authorization_code\",\n \"implicit\",\n \"refresh_token\",\n \"client_credentials\",\n \"password\",\n \"http://auth0.com/oauth/grant-type/password-realm\",\n \"http://auth0.com/oauth/grant-type/mfa-oob\",\n \"http://auth0.com/oauth/grant-type/mfa-otp\",\n \"http://auth0.com/oauth/grant-type/mfa-recovery-code\",\n \"http://auth0.com/oauth/grant-type/passwordless/otp\"\n ],\n \"web_origins\": [\n \"https://jwt.io\"\n ],\n \"description\": \"This application is created for use with Auth0 Postman Collections. \\n\\n- Art Stupels (art.stupels@okta.com)\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/api/v2/clients",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "clients"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "2. Authorize Management API",
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"audience\":\"https://{{auth0_domain}}/api/v2/\",\n \"client_id\":\"{{auth0_client_id}}\",\n \"scope\":[\"read:client_grants\",\"create:client_grants\",\"delete:client_grants\",\"update:client_grants\",\"read:users\",\"update:users\",\"delete:users\",\"create:users\",\"read:users_app_metadata\",\"update:users_app_metadata\",\"delete:users_app_metadata\",\"create:users_app_metadata\",\"read:user_custom_blocks\",\"create:user_custom_blocks\",\"delete:user_custom_blocks\",\"create:user_tickets\",\"read:clients\",\"update:clients\",\"delete:clients\",\"create:clients\",\"read:client_keys\",\"update:client_keys\",\"delete:client_keys\",\"create:client_keys\",\"read:connections\",\"update:connections\",\"delete:connections\",\"create:connections\",\"read:resource_servers\",\"update:resource_servers\",\"delete:resource_servers\",\"create:resource_servers\",\"read:device_credentials\",\"update:device_credentials\",\"delete:device_credentials\",\"create:device_credentials\",\"read:rules\",\"update:rules\",\"delete:rules\",\"create:rules\",\"read:rules_configs\",\"update:rules_configs\",\"delete:rules_configs\",\"read:hooks\",\"update:hooks\",\"delete:hooks\",\"create:hooks\",\"read:actions\",\"update:actions\",\"delete:actions\",\"create:actions\",\"read:email_provider\",\"update:email_provider\",\"delete:email_provider\",\"create:email_provider\",\"blacklist:tokens\",\"read:stats\",\"read:insights\",\"read:tenant_settings\",\"update:tenant_settings\",\"read:logs\",\"read:logs_users\",\"read:shields\",\"create:shields\",\"update:shields\",\"delete:shields\",\"read:anomaly_blocks\",\"delete:anomaly_blocks\",\"update:triggers\",\"read:triggers\",\"read:grants\",\"delete:grants\",\"read:guardian_factors\",\"update:guardian_factors\",\"read:guardian_enrollments\",\"delete:guardian_enrollments\",\"create:guardian_enrollment_tickets\",\"read:user_idp_tokens\",\"create:passwords_checking_job\",\"delete:passwords_checking_job\",\"read:custom_domains\",\"delete:custom_domains\",\"create:custom_domains\",\"update:custom_domains\",\"read:email_templates\",\"create:email_templates\",\"update:email_templates\",\"read:mfa_policies\",\"update:mfa_policies\",\"read:roles\",\"create:roles\",\"delete:roles\",\"update:roles\",\"read:prompts\",\"update:prompts\",\"read:branding\",\"update:branding\",\"delete:branding\",\"read:log_streams\",\"create:log_streams\",\"delete:log_streams\",\"update:log_streams\",\"create:signing_keys\",\"read:signing_keys\",\"update:signing_keys\",\"read:limits\",\"update:limits\",\"create:role_members\",\"read:role_members\",\"delete:role_members\",\"read:entitlements\",\"read:attack_protection\",\"update:attack_protection\",\"read:organizations_summary\",\"create:authentication_methods\",\"read:authentication_methods\",\"update:authentication_methods\",\"delete:authentication_methods\",\"read:organizations\",\"update:organizations\",\"create:organizations\",\"delete:organizations\",\"create:organization_members\",\"read:organization_members\",\"delete:organization_members\",\"create:organization_connections\",\"read:organization_connections\",\"update:organization_connections\",\"delete:organization_connections\",\"create:organization_member_roles\",\"read:organization_member_roles\",\"delete:organization_member_roles\",\"create:organization_invitations\",\"read:organization_invitations\",\"delete:organization_invitations\",\"read:scim_config\",\"create:scim_config\",\"update:scim_config\",\"delete:scim_config\",\"create:scim_token\",\"read:scim_token\",\"delete:scim_token\",\"delete:phone_providers\",\"create:phone_providers\",\"read:phone_providers\",\"update:phone_providers\",\"delete:phone_templates\",\"create:phone_templates\",\"read:phone_templates\",\"update:phone_templates\",\"create:encryption_keys\",\"read:encryption_keys\",\"update:encryption_keys\",\"delete:encryption_keys\",\"read:sessions\",\"delete:sessions\",\"read:refresh_tokens\",\"delete:refresh_tokens\",\"create:self_service_profiles\",\"read:self_service_profiles\",\"update:self_service_profiles\",\"delete:self_service_profiles\",\"create:sso_access_tickets\",\"read:forms\",\"update:forms\",\"delete:forms\",\"create:forms\",\"read:flows\",\"update:flows\",\"delete:flows\",\"create:flows\",\"read:flows_vault\",\"read:flows_vault_connections\",\"update:flows_vault_connections\",\"delete:flows_vault_connections\",\"create:flows_vault_connections\",\"read:flows_executions\",\"delete:flows_executions\",\"read:connections_options\",\"update:connections_options\",\"read:self_service_profile_custom_texts\",\"update:self_service_profile_custom_texts\",\"read:client_credentials\",\"create:client_credentials\",\"update:client_credentials\",\"delete:client_credentials\"]\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/api/v2/client-grants",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "client-grants"
+ ],
+ "query": [
+ {
+ "key": "",
+ "value": null,
+ "disabled": true
+ }
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "3. Create a Native Postman Application",
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "pm.test(`Create a Native Application for Postman`, function () {",
+ " if (pm.response.code === 201) {",
+ " const data = pm.response.json();",
+ " const { client_id, client_secret, tenant } = data;",
+ " console.warn(`The native application was created in the \"${tenant}\" tenant.`)",
+ " pm.environment.set(`auth0_native_client_id`, client_id);",
+ " console.warn(`The [auth0_native_client_id] variable was updated in the active environment.`)",
+ " } else {",
+ " console.error(`Request error. Check \"error-message\" in the HTML body or the tenant logs.`);",
+ " }",
+ "});"
+ ],
+ "type": "text/javascript",
+ "packages": {}
+ }
+ }
+ ],
+ "request": {
+ "method": "POST",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"name\": \"POSTMAN_NATIVE\",\n \"is_first_party\": true,\n \"oidc_conformant\": true,\n \"refresh_token\": {\n \"expiration_type\": \"expiring\",\n \"leeway\": 0,\n \"infinite_token_lifetime\": false,\n \"infinite_idle_token_lifetime\": true,\n \"token_lifetime\": 2592000,\n \"idle_token_lifetime\": 1296000,\n \"rotation_type\": \"rotating\"\n },\n \"callbacks\": [\n \"https://jwt.io\"\n ],\n \"allowed_logout_urls\": [\n \"https://jwt.io\"\n ],\n \"cross_origin_authentication\": true,\n \"logo_uri\": \"https://res.cloudinary.com/postman/image/upload/t_team_logo/v1629869194/team/2893aede23f01bfcbd2319326bc96a6ed0524eba759745ed6d73405a3a8b67a8\",\n \"allowed_origins\": [\n \"https://jwt.io\"\n ],\n \"token_endpoint_auth_method\": \"none\",\n \"app_type\": \"native\",\n \"grant_types\": [\n \"authorization_code\",\n \"implicit\",\n \"refresh_token\",\n \"password\",\n \"http://auth0.com/oauth/grant-type/password-realm\",\n \"http://auth0.com/oauth/grant-type/mfa-oob\",\n \"http://auth0.com/oauth/grant-type/mfa-otp\",\n \"http://auth0.com/oauth/grant-type/mfa-recovery-code\",\n \"http://auth0.com/oauth/grant-type/passwordless/otp\",\n \"urn:ietf:params:oauth:grant-type:device_code\"\n ],\n \"web_origins\": [\n \"https://jwt.io\"\n ],\n \"description\": \"This application is created for use with Auth0 Postman Collections. \\n\\n- Art Stupels (art.stupels@okta.com)\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/api/v2/clients",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "clients"
+ ]
+ }
+ },
+ "response": []
+ },
+ {
+ "name": "4. Set Default Directory",
+ "request": {
+ "method": "PATCH",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"default_audience\":\"\",\n \"default_directory\":\"Username-Password-Authentication\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "raw": "https://{{auth0_domain}}/api/v2/tenants/settings",
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "tenants",
+ "settings"
+ ],
+ "query": [
+ {
+ "key": "",
+ "value": null,
+ "disabled": true
+ }
+ ]
+ }
+ },
+ "response": []
+ }
+ ],
+ "auth": {
+ "type": "bearer",
+ "bearer": [
+ {
+ "key": "token",
+ "value": "{{auth0_config_token}}",
+ "type": "string"
+ }
+ ]
+ },
+ "event": [
+ {
+ "listen": "prerequest",
+ "script": {
+ "type": "text/javascript",
+ "packages": {},
+ "exec": [
+ ""
+ ]
+ }
+ },
+ {
+ "listen": "test",
+ "script": {
+ "type": "text/javascript",
+ "packages": {},
+ "exec": [
+ ""
+ ]
+ }
+ }
+ ]
+}
\ No newline at end of file
diff --git a/Auth0_Management_API.json b/Auth0_Management_API.json
new file mode 100644
index 0000000..6e3a2e1
--- /dev/null
+++ b/Auth0_Management_API.json
@@ -0,0 +1,12836 @@
+{
+ "info": {
+ "name": "Auth0 | Management API",
+ "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
+ "description": "# Quick setup\n\n## Create a Regular Application.\n\n1. Open **Auth0 Dashboard**.\n \n2. Go to **Applications** > [Applications](https://manage.auth0.com/#/applications).\n \n3. Click **\\+ Create Application.**\n \n4. Type the **name** (for example, POSTMAN) and select **Regular Web Application** type.\n \n5. Configure the following:\n \n - **Allowed Callback URLs:** [https://jwt.io](https://jwt.io)\n \n - **Allowed Logout URLs:** [https://jwt.i](https://jwt.io)\n \n - **Allowed Web Origins:** [https://jwt.i](https://jwt.io)\n \n - **Allow Cross-Origin Authentication:** enabled\n \n - **Allowed Origins:** [https://jwt.i](https://jwt.io)\n \n - **Allow Refresh Token Rotation**: enable\n \n - **Trust Token Endpoint IP Header:** enable\n \n - **Grant Types:** enable all \\[Implicit Authorization Code Refresh Token Client Credentials Password MFA Passwordless OTP\n \n - **Authentication Method:** Client Secret (Post)\n \n - **Connections:** enable the Username-Password-Authentication connection.\n \n\nTake note of the **Client ID** and **Client Secret** on the **Settings** tab and add them to the environmental variables (see below).\n\n### Enable Auth0 Management API for this application\n\n1. Open **Application** > [APIs](https://manage.auth0.com/#/apis)\n \n2. Click on **Auth0 Management API**.\n \n3. Click the **Machine To Machine Applications** tab.\n \n4. Find the name of the Application you just created and enable the toggle (Authorize).\n \n5. Now click the **V** button to expand this element.\n \n6. **Select All Permissions** and click **Update**.\n \n\n## Configure Environmental Variables\n\n1. In Postman, click **Environments** in the left navigation.\n \n2. Click + to create a new environment.\n \n3. For ease of use, name this environment the same name as your Auth0 tenant, e.g. tenant.us.auth0.com\n \n4. In the table, add three variables:\n \n 1. **auth0_domain**\n \n 2. **auth0_m2m_client_id**\n \n 3. **auth0_m2m_client_secret**\n \n5. Set the **Current value** of these three variables to values of your Machine To Machine Application.\n \n6. Click **Save** to save changes.\n \n7. Now, in the list of Environments make sure to put this environment active. To do this, hover over it's name and click the ✓ icon.\n \n\n## Authorize Postman\n\n1. In Postman, click on the collection name (Auth0 | Management API) and then click **Authorization** tab.\n \n2. Scroll to the very bottom and click **Get New Access Token**.\n \n3. When you see the **Authentication complete** message, click **Proceed**, and then **Use Token**.\n \n\nIf authorization failed, check the Postman's console to help you find the cause. You may also check you tenant logs.\n\n_This collection was created by Art Stupels (_[art.stupels@okta.com](https://mailto:art.stupels@okta.com)_)._"
+ },
+ "item": [
+ {
+ "name": "Actions",
+ "item": [
+ {
+ "name": "Get actions",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "actions"
+ ],
+ "query": [
+ {
+ "description": "string | An actions extensibility point.",
+ "type": "string",
+ "key": "triggerId",
+ "disabled": true
+ },
+ {
+ "description": "string | The name of the action to retrieve.",
+ "type": "string",
+ "key": "actionName",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Optional filter to only retrieve actions that are deployed.",
+ "type": "boolean",
+ "key": "deployed",
+ "disabled": true
+ },
+ {
+ "description": "number | Use this field to request a specific page of the list results.",
+ "type": "number",
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "number | The maximum number of results to be returned by the server in single response. 20 by default",
+ "type": "number",
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Optional. When true, return only installed actions. When false, return only custom actions. Returns all actions by default.",
+ "type": "boolean",
+ "key": "installed",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve all actions.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/get-actions)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The actions were retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: read:actions. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create an action",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "actions"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate an action. Once an action is created, it must be deployed, and then bound to a trigger before it will be executed as part of a flow.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/post-action)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Action successfully created. |\n| 400 | invalid_body | Invalid Request Body. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: create:actions. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get triggers",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "triggers"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve the set of triggers currently available within actions. A trigger is an extensibility point to which actions can be bound.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/get-triggers)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The triggers were retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: read:actions. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get an action",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "actions",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The ID of the action to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve an action by its ID.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/get-action)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The action was retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: read:actions. |\n| 404 | --- | The action does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete an action",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "actions",
+ ":id"
+ ],
+ "query": [
+ {
+ "description": "boolean | Force action deletion detaching bindings",
+ "type": "boolean",
+ "key": "force",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | The ID of the action to delete.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDeletes an action and all of its associated versions. An action must be unbound from all triggers before it can be deleted.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/delete-action)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Action successfully deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: delete:actions. |\n| 404 | --- | The action version does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update an action",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "actions",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the action to update.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate an existing action. If this action is currently bound to a trigger, updating it will not affect any user flows until the action is deployed.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/patch-action)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Action successfully updated. |\n| 400 | invalid_body | Invalid Request Body. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: update:actions. |\n| 404 | --- | Action not found and cannot be updated. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get an execution",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "executions",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The ID of the execution to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve information about a specific execution of a trigger. Relevant execution IDs will be included in tenant logs generated as part of that authentication flow. Executions will only be stored for 10 days after their creation.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/get-execution)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The execution was retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: read:actions. |\n| 404 | --- | The execution does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get an action's versions",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "actions",
+ ":actionId",
+ "versions"
+ ],
+ "query": [
+ {
+ "description": "number | Use this field to request a specific page of the list results.",
+ "type": "number",
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "number | This field specify the maximum number of results to be returned by the server. 20 by default",
+ "type": "number",
+ "key": "per_page",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | The ID of the action.",
+ "type": "string",
+ "required": true,
+ "key": "actionId"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve all of an action's versions. An action version is created whenever an action is deployed. An action version is immutable, once created.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/get-action-versions)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The action versions were retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: read:actions. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get trigger bindings",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "triggers",
+ ":triggerId",
+ "bindings"
+ ],
+ "query": [
+ {
+ "description": "number | Use this field to request a specific page of the list results.",
+ "type": "number",
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "number | The maximum number of results to be returned in a single request. 20 by default",
+ "type": "number",
+ "key": "per_page",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | An actions extensibility point.",
+ "type": "string",
+ "required": true,
+ "key": "triggerId"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve the actions that are bound to a trigger. Once an action is created and deployed, it must be attached (i.e. bound) to a trigger so that it will be executed as part of a flow. The list of actions returned reflects the order in which they will be executed during the appropriate flow.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/get-bindings)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The bindings were retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: read:actions. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update trigger bindings",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "triggers",
+ ":triggerId",
+ "bindings"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | An actions extensibility point.",
+ "type": "string",
+ "required": true,
+ "key": "triggerId"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate the actions that are bound (i.e. attached) to a trigger. Once an action is created and deployed, it must be attached (i.e. bound) to a trigger so that it will be executed as part of a flow. The order in which the actions are provided will determine the order in which they are executed.\n[More info](https://auth0.com/docs/api/management/v2/actions/patch-bindings)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The bindings were updated. |\n| 400 | invalid_body | Invalid Request Body. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: update:actions. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a specific version of an action",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "actions",
+ ":actionId",
+ "versions",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The ID of the action.",
+ "type": "string",
+ "required": true,
+ "key": "actionId"
+ },
+ {
+ "description": "string | The ID of the action version.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve a specific version of an action. An action version is created whenever an action is deployed. An action version is immutable, once created.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/get-action-version)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The action version was retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: read:actions. |\n| 404 | --- | The action version does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Deploy an action",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "actions",
+ ":id",
+ "deploy"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The ID of an action.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDeploy an action. Deploying an action will create a new immutable version of the action. If the action is currently bound to a trigger, then the system will begin executing the newly deployed version of the action immediately. Otherwise, the action will only be executed as a part of a flow once it is bound to that flow.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/post-deploy-action)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 202 | --- | Request to create action version was accepted. |\n| 400 | invalid_body | Invalid Request Body. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: create:actions. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Test an Action",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "actions",
+ ":id",
+ "test"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the action to test.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nTest an action. After updating an action, it can be tested prior to being deployed to ensure it behaves as expected.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/post-test-action)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Test action version successfully created. |\n| 400 | invalid_body | Invalid Request Body. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: create:actions. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Roll back to a previous action version",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "actions",
+ "actions",
+ ":actionId",
+ "versions",
+ ":id",
+ "deploy"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The ID of an action version.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | The ID of an action.",
+ "type": "string",
+ "required": true,
+ "key": "actionId"
+ }
+ ]
+ },
+ "description": "**Description**\nPerforms the equivalent of a roll-back of an action to an earlier, specified version. Creates a new, deployed action version that is identical to the specified version. If this action is currently bound to a trigger, the system will begin executing the newly-created version immediately.\n\n[More info](https://auth0.com/docs/api/management/v2/actions/post-deploy-draft-version)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 202 | --- | Request to create action version was accepted. |\n| 400 | invalid_body | Invalid Request Body. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: create:actions. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Anomaly",
+ "item": [
+ {
+ "name": "Check if an IP address is blocked",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "anomaly",
+ "blocks",
+ "ips",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | IP address to check.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nCheck if the given IP address is blocked via the Suspicious IP Throttling due to multiple suspicious attempts.\n[More info](https://auth0.com/docs/api/management/v2/anomaly/get-ips-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | IP address specified is currently blocked. |\n| 400 | inexistent_shield | Connection does not exist. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: get:anomaly_block. |\n| 404 | --- | IP address specified is not currently blocked. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Remove the blocked IP address",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "anomaly",
+ "blocks",
+ "ips",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | IP address to unblock.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRemove a block imposed by Suspicious IP Throttling for the given IP address.\n[More info](https://auth0.com/docs/api/management/v2/anomaly/delete-ips-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | IP address specified successfully unblocked. |\n| 400 | inexistent_shield | Connection does not exist. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:anomaly_block. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Attack Protection",
+ "item": [
+ {
+ "name": "Get Breached Password Detection settings",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "attack-protection",
+ "breached-password-detection"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of the Breached Password Detection configuration of your tenant.\n[More info](https://auth0.com/docs/api/management/v2/attack protection/get-breached-password-detection)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Breached password detection settings successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:attack_protection. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update Breached Password Detection settings",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "attack-protection",
+ "breached-password-detection"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nUpdate details of the Breached Password Detection configuration of your tenant.\n[More info](https://auth0.com/docs/api/management/v2/attack protection/patch-breached-password-detection)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Breached password detection settings successfully updated. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: update:attack_protection. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get Brute-force settings",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "attack-protection",
+ "brute-force-protection"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of the Brute-force Protection configuration of your tenant.\n[More info](https://auth0.com/docs/api/management/v2/attack protection/get-brute-force-protection)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Brute force configuration successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:attack_protection. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update Brute-force settings",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "attack-protection",
+ "brute-force-protection"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nUpdate the Brute-force Protection configuration of your tenant.\n[More info](https://auth0.com/docs/api/management/v2/attack protection/patch-brute-force-protection)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Brute force configuration successfully updated. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: update:attack_protection. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get Suspicious IP Throttling settings",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "attack-protection",
+ "suspicious-ip-throttling"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of the Suspicious IP Throttling configuration of your tenant.\n[More info](https://auth0.com/docs/api/management/v2/attack protection/get-suspicious-ip-throttling)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Suspicious IP throttling configuration successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:attack_protection. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update Suspicious IP Throttling settings",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "attack-protection",
+ "suspicious-ip-throttling"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nUpdate the details of the Suspicious IP Throttling configuration of your tenant.\n[More info](https://auth0.com/docs/api/management/v2/attack protection/patch-suspicious-ip-throttling)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Suspicious IP throttling configuration successfully updated. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: update:attack_protection. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Branding",
+ "item": [
+ {
+ "name": "Get branding settings",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve branding settings.\n[More info](https://auth0.com/docs/api/management/v2/branding/get-branding)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Branding settings successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | operation_not_supported | The specified client cannot perform the requested operation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:branding. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update branding settings",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nUpdate branding settings.\n[More info](https://auth0.com/docs/api/management/v2/branding/patch-branding)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Branding settings successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:branding. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a list of phone providers",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "providers"
+ ],
+ "query": [
+ {
+ "description": "boolean | Whether the provider is enabled (false) or disabled (true).",
+ "type": "boolean",
+ "key": "disabled",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve a list of phone providers details set for a Tenant. A list of fields to include or exclude may also be specified.\n\n[More info](https://auth0.com/docs/api/management/v2/branding/get-branding-phone-providers)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Phone providers have been successfully retrieved. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:phone_provider. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Configure the phone provider",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "providers"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a phone provider.\nThe credentials object requires different properties depending on the phone provider (which is specified using the name property).\n\n[More info](https://auth0.com/docs/api/management/v2/branding/create-phone-provider)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Phone notification provider successfully created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:phone_provider. |\n| 409 | custom_phone_provider_conflict | Custom phone provider conflict. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a list of phone notification templates",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "templates"
+ ],
+ "query": [
+ {
+ "description": "boolean | Whether the template is enabled (false) or disabled (true).",
+ "type": "boolean",
+ "key": "disabled",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/branding/get-phone-templates)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The phone notification templates were retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: read:phone_templates |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a phone notification template",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "templates"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/branding/create-phone-template)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | The phone notification template was created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: create:phone_templates |\n| 409 | --- | Phone template already configured for tenant |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get template for New Universal Login Experience",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "templates",
+ "universal-login"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/branding/get-universal-login)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Template successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 402 | --- | A paid subscription is required for this feature. |\n| 403 | insufficient_scope | Insufficient scope; expected: read:branding |\n| 404 | inexistent_templates_universal_login | Template does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete template for New Universal Login Experience",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "templates",
+ "universal-login"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/branding/delete-universal-login)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Template successfully deleted. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 402 | --- | A paid subscription is required for this feature. |\n| 403 | insufficient_scope | Insufficient scope; expected: delete:branding. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Set template for New Universal Login Experience",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "templates",
+ "universal-login"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nUpdate the Universal Login branding template.\n\nWhen content-type header is set to application/json, the expected body must be JSON:
\n{\n \"template\": \"<!DOCTYPE html><html><head>{%- auth0:head -%}</head><body>{%- auth0:widget -%}</body></html>\"\n}\n\n\n\n When content-type header is set to text/html, the expected body must be the HTML template:\n
\n<!DOCTYPE html>\n<code>\n <html>\n <head>\n {%- auth0:head -%}\n </head>\n <body>\n {%- auth0:widget -%}\n </body>\n </html>\n</code>\n\n\n[More info](https://auth0.com/docs/api/management/v2/branding/put-universal-login)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Template successfully created. |\n| 204 | --- | Template successfully updated. |\n| 400 | --- | Payload content length greater than maximum allowed: 102400. |\n| 400 | --- | Payload content missing required Liquid tags (auth0:head and auth0:widget). |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 402 | --- | A paid subscription is required for this feature. |\n| 403 | insufficient_scope | Insufficient scope; expected: update:branding. |\n| 409 | templates_universal_login_conflict | Template update conflict. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get default branding theme",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "themes",
+ "default"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve default branding theme.\n[More info](https://auth0.com/docs/api/management/v2/branding/get-default-branding-theme)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Branding theme successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | operation_not_supported | The specified client cannot perform the requested operation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:branding. |\n| 404 | --- | There was an error retrieving branding settings: invalid theme ID |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get branding theme",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "themes",
+ ":themeId"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The ID of the theme",
+ "type": "string",
+ "required": true,
+ "key": "themeId"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve branding theme.\n[More info](https://auth0.com/docs/api/management/v2/branding/get-branding-theme)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Branding theme successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | operation_not_supported | The specified client cannot perform the requested operation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:branding. |\n| 404 | --- | There was an error retrieving branding settings: invalid theme ID |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete branding theme",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "themes",
+ ":themeId"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The ID of the theme",
+ "type": "string",
+ "required": true,
+ "key": "themeId"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete branding theme.\n[More info](https://auth0.com/docs/api/management/v2/branding/delete-branding-theme)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Branding theme successfully deleted. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | operation_not_supported | The specified client cannot perform the requested operation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:branding. |\n| 404 | --- | There was an error deleting branding settings: invalid theme ID |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update branding theme",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "themes",
+ ":themeId"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The ID of the theme",
+ "type": "string",
+ "required": true,
+ "key": "themeId"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate branding theme.\n[More info](https://auth0.com/docs/api/management/v2/branding/patch-branding-theme)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Branding settings successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:branding. |\n| 404 | --- | There was an error updating branding settings: invalid theme ID |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a phone provider",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "providers",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "type": "string",
+ "required": true,
+ "key": "id",
+ "description": "string | undefined"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve phone provider details. A list of fields to include or exclude may also be specified.\n\n[More info](https://auth0.com/docs/api/management/v2/branding/get-phone-provider)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Phone provider successfully retrieved. |\n| 400 | --- | Invalid id for provider. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:phone_provider. |\n| 404 | inexistent_email_provider | Phone provider has not been configured. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Deletes a Phone Provider",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "providers",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "type": "string",
+ "required": true,
+ "key": "id",
+ "description": "string | undefined"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete the configured phone provider.\n\n[More info](https://auth0.com/docs/api/management/v2/branding/delete-phone-provider)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Phone provider successfully deleted. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:phone_provider. |\n| 404 | inexistent_email_provider | Phone provider has not been configured. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update the phone provider",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "providers",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "type": "string",
+ "required": true,
+ "key": "id",
+ "description": "string | undefined"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate a phone provider.\nThe credentials object requires different properties depending on the phone provider (which is specified using the name property).\n\n[More info](https://auth0.com/docs/api/management/v2/branding/update-phone-provider)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Phone provider successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:phone_provider. |\n| 404 | inexistent_email_provider | Phone provider has not been configured. |\n| 409 | custom_phone_provider_conflict | Custom phone provider conflict. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a phone notification template",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "templates",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "type": "string",
+ "required": true,
+ "key": "id",
+ "description": "string | undefined"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/branding/get-phone-template)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The phone notification template were retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: read:phone_templates |\n| 404 | inexistent_email_template | Phone template does not exist |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a phone notification template",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "templates",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "type": "string",
+ "required": true,
+ "key": "id",
+ "description": "string | undefined"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/branding/delete-phone-template)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | The phone notification template was deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: delete:phone_templates |\n| 404 | inexistent_email_template | Phone template does not exist |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update a phone notification template",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "templates",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "type": "string",
+ "required": true,
+ "key": "id",
+ "description": "string | undefined"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/branding/update-phone-template)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The phone notification template was updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: update:phone_templates |\n| 404 | inexistent_email_template | Phone template does not exist |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Resets a phone notification template values",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "templates",
+ ":id",
+ "reset"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "type": "string",
+ "required": true,
+ "key": "id",
+ "description": "string | undefined"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/branding/reset-phone-template)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The phone notification template was reset. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: create:phone_templates |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create branding theme",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "themes"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate branding theme.\n[More info](https://auth0.com/docs/api/management/v2/branding/post-branding-theme)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Branding settings successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:branding. |\n| 409 | --- | There was an error updating branding settings: The theme already exists |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Send a test phone notification for the configured provider",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "providers",
+ ":id",
+ "try"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "type": "string",
+ "required": true,
+ "key": "id",
+ "description": "string | undefined"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/branding/try-phone-provider)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 202 | --- | Phone notification sent. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: create:phone_provider. |\n| 404 | inexistent_email_provider | Phone provider has not been configured. |\n| 409 | custom_phone_provider_conflict | Custom phone provider conflict. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Send a test phone notification for the configured template",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "branding",
+ "phone",
+ "templates",
+ ":id",
+ "try"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "type": "string",
+ "required": true,
+ "key": "id",
+ "description": "string | undefined"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/branding/try-phone-template)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 202 | --- | The phone testing notification for the template was sent |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: create:phone_templates |\n| 404 | inexistent_email_template | Phone template does not exist |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Client Grants",
+ "item": [
+ {
+ "name": "Get client grants",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "client-grants"
+ ],
+ "query": [
+ {
+ "description": "integer | Number of results per page.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional Id from which to start selection.",
+ "type": "string",
+ "key": "from",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "take",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional filter on audience.",
+ "type": "string",
+ "key": "audience",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional filter on client_id.",
+ "type": "string",
+ "key": "client_id",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Optional filter on allow_any_organization.",
+ "type": "boolean",
+ "enum": [
+ true
+ ],
+ "key": "allow_any_organization",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve a list of client grants, including the scopes associated with the application/API pair.\n\n[More info](https://auth0.com/docs/api/management/v2/client grants/get-client-grants)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Client grants successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:client_grants. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create client grant",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "client-grants"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a client grant for a machine-to-machine login flow. To learn more, read Client Credential Flow.\n[More info](https://auth0.com/docs/api/management/v2/client grants/post-client-grants)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Client grant successfully created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:client_grants. |\n| 404 | inexistent_resource_server | Resource server not found |\n| 404 | inexistent_client | Client not found |\n| 409 | resource_server_conflict | A resource server with the same identifier already exists. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get the organizations associated to a client grant",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "client-grants",
+ ":id",
+ "organizations"
+ ],
+ "query": [
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional Id from which to start selection.",
+ "type": "string",
+ "key": "from",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "take",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | ID of the client grant",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/client grants/get-client-grant-organizations)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Organizations successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:organization_client_grants. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| undefined | invalid_paging | Invalid query string paging options. The message will vary depending on the cause |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete client grant",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "client-grants",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the client grant to delete.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete the Client Credential Flow from your machine-to-machine application.\n\n[More info](https://auth0.com/docs/api/management/v2/client grants/delete-client-grants-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Client grant successfully deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:client_grants. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update client grant",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "client-grants",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the client grant to update.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate a client grant.\n[More info](https://auth0.com/docs/api/management/v2/client grants/patch-client-grants-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Client grant successfully updated. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:client_grants. |\n| 404 | inexistent_client_grant | The client grant does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Clients",
+ "item": [
+ {
+ "name": "Get clients",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "clients"
+ ],
+ "query": [
+ {
+ "description": "string | Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Whether specified fields are to be included (true) or excluded (false).",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ },
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Default value is 50, maximum value is 100",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional Id from which to start selection.",
+ "type": "string",
+ "key": "from",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "take",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Optional filter on the global client parameter.",
+ "type": "boolean",
+ "key": "is_global",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Optional filter on whether or not a client is a first-party client.",
+ "type": "boolean",
+ "key": "is_first_party",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional filter by a comma-separated list of application types.",
+ "type": "string",
+ "key": "app_type",
+ "disabled": true
+ },
+ {
+ "description": "string | Advanced Query in Lucene syntax.client_id, app_type, name, and description.\n read:clients or\n read:client_keys scope:\n callbacks, oidc_logout, allowed_origins,\n web_origins, tenant, global, config_route,\n callback_url_template, jwt_configuration,\n jwt_configuration.lifetime_in_seconds, jwt_configuration.secret_encoded,\n jwt_configuration.scopes, jwt_configuration.alg, api_type,\n logo_uri, allowed_clients, owners, custom_login_page,\n custom_login_page_off, sso, addons, form_template,\n custom_login_page_codeview, resource_servers, client_metadata,\n mobile, mobile.android, mobile.ios, allowed_logout_urls,\n token_endpoint_auth_method, is_first_party, oidc_conformant,\n is_token_endpoint_ip_header_trusted, initiate_login_uri, grant_types,\n refresh_token, refresh_token.rotation_type, refresh_token.expiration_type,\n refresh_token.leeway, refresh_token.token_lifetime, refresh_token.policies, organization_usage,\n organization_require_behavior.\n read:client_keys or read:client_credentials scope:\n encryption_key, encryption_key.pub, encryption_key.cert,\n client_secret, client_authentication_methods and signing_key.\n client_authentication_methods and token_endpoint_auth_method properties are mutually exclusive. Use \nclient_authentication_methods to configure the client with Private Key JWT authentication method. Otherwise, use token_endpoint_auth_method\nto configure the client with client secret (basic or post) or with no authentication method (none).\n- When using client_authentication_methods to configure the client with Private Key JWT authentication method, specify fully defined credentials. \nThese credentials will be automatically enabled for Private Key JWT authentication on the client. \n- To configure client_authentication_methods, the create:client_credentials scope is required.\n- To configure client_authentication_methods, the property jwt_configuration.alg must be set to RS256.\n\nclient_id, app_type, name, and description.\n read:clients or\n read:client_keys scopes:\n callbacks, oidc_logout, allowed_origins,\n web_origins, tenant, global, config_route,\n callback_url_template, jwt_configuration,\n jwt_configuration.lifetime_in_seconds, jwt_configuration.secret_encoded,\n jwt_configuration.scopes, jwt_configuration.alg, api_type,\n logo_uri, allowed_clients, owners, custom_login_page,\n custom_login_page_off, sso, addons, form_template,\n custom_login_page_codeview, resource_servers, client_metadata,\n mobile, mobile.android, mobile.ios, allowed_logout_urls,\n token_endpoint_auth_method, is_first_party, oidc_conformant,\n is_token_endpoint_ip_header_trusted, initiate_login_uri, grant_types,\n refresh_token, refresh_token.rotation_type, refresh_token.expiration_type,\n refresh_token.leeway, refresh_token.token_lifetime, refresh_token.policies, organization_usage,\n organization_require_behavior.\n read:client_keys or read:client_credentials scopes:\n encryption_key, encryption_key.pub, encryption_key.cert,\n client_secret, client_authentication_methods and signing_key.\n client_authentication_methods and token_endpoint_auth_method properties are mutually exclusive. Use \nclient_authentication_methods to configure the client with Private Key JWT authentication method. Otherwise, use token_endpoint_auth_method\nto configure the client with client secret (basic or post) or with no authentication method (none).\n- When using client_authentication_methods to configure the client with Private Key JWT authentication method, only specify the credential IDs \nthat were generated when creating the credentials on the client.\n- To configure client_authentication_methods, the update:client_credentials scope is required. \n- To configure client_authentication_methods, the property jwt_configuration.alg must be set to RS256.\n[More info](https://auth0.com/docs/api/management/v2/clients/patch-clients-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Client successfully updated. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:clients, update:client_keys. |\n| 403 | insufficient_scope | Some fields cannot be updated with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes. |\n| 403 | operation_not_supported | The account is not allowed to perform this operation. |\n| 403 | invalid_body | Organizations are only available to first party clients on user-based flows. |\n| 404 | inexistent_client | Client not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get client credentials",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "clients",
+ ":client_id",
+ "credentials"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the client.",
+ "type": "string",
+ "required": true,
+ "key": "client_id"
+ }
+ ]
+ },
+ "description": "**Description**\nGet the details of a client credential.\n\nImportant: To enable credentials to be used for a client authentication method, set the client_authentication_methods property on the client. To enable credentials to be used for JWT-Secured Authorization requests set the signed_request_object property on the client.\n\n[More info](https://auth0.com/docs/api/management/v2/clients/get-credentials)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Credentials successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:client_credentials. |\n| 404 | inexistent_client | Client not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a client credential",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "clients",
+ ":client_id",
+ "credentials"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the client.",
+ "type": "string",
+ "required": true,
+ "key": "client_id"
+ }
+ ]
+ },
+ "description": "**Description**\nCreate a client credential associated to your application. Credentials can be used to configure Private Key JWT and mTLS authentication methods, as well as for JWT-secured Authorization requests.\n\n{\n \"credential_type\": \"public_key\",\n \"name\": \"string\",\n \"pem\": \"string\",\n \"alg\": \"RS256\",\n \"parse_expiry_from_cert\": false,\n \"expires_at\": \"2022-12-31T23:59:59Z\"\n}{\n \"credential_type\": \"x509_cert\",\n \"name\": \"string\",\n \"pem\": \"string\"\n}{\n \"credential_type\": \"cert_subject_dn\",\n \"name\": \"string\",\n \"subject_dn\": \"string\"\n}{\n \"credential_type\": \"cert_subject_dn\",\n \"name\": \"string\",\n \"pem\": \"string\"\n}client_authentication_methods property on the client. For more information, read Configure Private Key JWT Authentication and Configure mTLS Authenticationsigned_request_objectproperty on the client. For more information, read Configure JWT-secured Authorization Requests (JAR)client_authentication_methods property on the client. To enable credentials to be used for JWT-Secured Authorization requests set the signed_request_object property on the client.\n\n[More info](https://auth0.com/docs/api/management/v2/clients/get-credentials-by-credential-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Credential successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:client_credentials. |\n| 404 | inexistent_client | Client not found. |\n| 404 | inexistent_credential | Credential does not exist |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a client credential",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "clients",
+ ":client_id",
+ "credentials",
+ ":credential_id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the client.",
+ "type": "string",
+ "required": true,
+ "key": "client_id"
+ },
+ {
+ "description": "string | ID of the credential to delete.",
+ "type": "string",
+ "required": true,
+ "key": "credential_id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete a client credential you previously created. May be enabled or disabled. For more information, read Client Credential Flow.\n[More info](https://auth0.com/docs/api/management/v2/clients/delete-credentials-by-credential-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Credential successfully deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:client_credentials. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update a client credential",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "clients",
+ ":client_id",
+ "credentials",
+ ":credential_id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the client.",
+ "type": "string",
+ "required": true,
+ "key": "client_id"
+ },
+ {
+ "description": "string | ID of the credential.",
+ "type": "string",
+ "required": true,
+ "key": "credential_id"
+ }
+ ]
+ },
+ "description": "**Description**\nChange a client credential you previously created. May be enabled or disabled. For more information, read Client Credential Flow.\n[More info](https://auth0.com/docs/api/management/v2/clients/patch-credentials-by-credential-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Credential successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:client_credentials. |\n| 404 | inexistent_client | Client not found. |\n| 404 | inexistent_credential | Credential does not exist |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Rotate a client secret",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "clients",
+ ":id",
+ "rotate-secret"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the client that will rotate secrets.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRotate a client secret.\n\nThis endpoint cannot be used with clients configured with Private Key JWT authentication method (client_authentication_methods configured with private_key_jwt). The generated secret is NOT base64 encoded.\n\nFor more information, read Rotate Client Secrets.\n[More info](https://auth0.com/docs/api/management/v2/clients/post-rotate-secret)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Secret successfully rotated. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:client_keys. |\n| 403 | insufficient_scope | Some fields cannot be updated with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes. |\n| 404 | inexistent_client | Client not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Connections",
+ "item": [
+ {
+ "name": "Get all connections",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections"
+ ],
+ "query": [
+ {
+ "description": "integer | The amount of entries per page. Defaults to 100 if not provided",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "integer | The page number. Zero based",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | true if a query summary must be included in the result, false otherwise. Not returned when using checkpoint pagination. Default false.",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional Id from which to start selection.",
+ "type": "string",
+ "key": "from",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "take",
+ "disabled": true
+ },
+ {
+ "description": "array | Provide strategies to only retrieve connections with such strategies",
+ "type": "array",
+ "items": {
+ "type": "string",
+ "enum": [
+ "ad",
+ "adfs",
+ "amazon",
+ "apple",
+ "dropbox",
+ "bitbucket",
+ "aol",
+ "auth0-oidc",
+ "auth0",
+ "baidu",
+ "bitly",
+ "box",
+ "custom",
+ "daccount",
+ "dwolla",
+ "email",
+ "evernote-sandbox",
+ "evernote",
+ "exact",
+ "facebook",
+ "fitbit",
+ "flickr",
+ "github",
+ "google-apps",
+ "google-oauth2",
+ "instagram",
+ "ip",
+ "line",
+ "linkedin",
+ "miicard",
+ "oauth1",
+ "oauth2",
+ "office365",
+ "oidc",
+ "okta",
+ "paypal",
+ "paypal-sandbox",
+ "pingfederate",
+ "planningcenter",
+ "renren",
+ "salesforce-community",
+ "salesforce-sandbox",
+ "salesforce",
+ "samlp",
+ "sharepoint",
+ "shopify",
+ "sms",
+ "soundcloud",
+ "thecity-sandbox",
+ "thecity",
+ "thirtysevensignals",
+ "twitter",
+ "untappd",
+ "vkontakte",
+ "waad",
+ "weibo",
+ "windowslive",
+ "wordpress",
+ "yahoo",
+ "yammer",
+ "yandex",
+ "auth0-adldap"
+ ],
+ "uniqueItems": true
+ },
+ "key": "strategy",
+ "disabled": true
+ },
+ {
+ "description": "string | Provide the name of the connection to retrieve",
+ "type": "string",
+ "key": "name",
+ "disabled": true
+ },
+ {
+ "description": "string | A comma separated list of fields to include or exclude (depending on include_fields) from the result, empty to retrieve all fields",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | true if the fields specified are to be included in the result, false otherwise (defaults to true)",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieves detailed list of all connections that match the specified strategy. If no strategy is provided, all connections within your tenant are retrieved. This action can accept a list of fields to include or exclude from the resulting list of connections. \n\nThis endpoint supports two types of pagination:\nfrom: Optional id from which to start selection.take: The total amount of entries to retrieve when using the from parameter. Defaults to 50.from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no pages are remaining.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/get-connections)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The conections were retrieved. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: read:connections |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a connection",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreates a new connection according to the JSON object received in body.name and strategy.ad, adfs, amazon, apple, dropbox, bitbucket, aol, auth0-oidc, auth0, baidu, bitly, box, custom, daccount, dwolla, email, evernote-sandbox, evernote, exact, facebook, fitbit, flickr, github, google-apps, google-oauth2, instagram, ip, line, linkedin, miicard, oauth1, oauth2, office365, oidc, okta, paypal, paypal-sandbox, pingfederate, planningcenter, renren, salesforce-community, salesforce-sandbox, salesforce, samlp, sharepoint, shopify, sms, soundcloud, thecity-sandbox, thecity, thirtysevensignals, twitter, untappd, vkontakte, waad, weibo, windowslive, wordpress, yahoo, yammer, yandextrue if the fields specified are to be included in the result, false otherwise (defaults to true)",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | The id of the connection to retrieve",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve details for a specified connection along with options that can be used for identity provider configuration.\n[More info](https://auth0.com/docs/api/management/v2/connections/get-connections-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The connection was retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: read:connections |\n| 404 | inexistent_connection | The connection does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a connection",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the connection to delete",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRemoves a specific connection from your tenant. This action cannot be undone. Once removed, users can no longer use this connection to authenticate.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/delete-connections-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 202 | --- | The connection is being deleted. |\n| 204 | --- | The connection no longer exists. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: delete:connections |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update a connection",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the connection to update",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate details for a specific connection, including option properties for identity provider configuration.\n\nNote: If you use the options parameter, the entire options object is overriden. To avoid partial data or other issues, ensure all parameters are present when using this option.\n[More info](https://auth0.com/docs/api/management/v2/connections/patch-connections-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The connection was updated. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 400 | operation_not_supported | This database contains users. You cannot change \"options.enabledDatabaseCustomization\" setting. |\n| 400 | operation_not_supported | Your account is not allowed to set options.set_user_root_attributes |\n| 400 | operation_not_supported | The Azure AD common endpoint cannot be enabled for this connection when SCIM is enabled. |\n| 400 | invalid_body | options.set_user_root_attributes can be set only for enterprise connections, social connections or custom database connections (using external users store) |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: update:connections |\n| 404 | inexistent_connection | The connection does not exist |\n| 409 | connection_conflict | The name/client_id tuple has already been used for another connection |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Check connection status",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "status"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the connection to check",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieves the status of an ad/ldap connection referenced by its ID. 200 OK http status code response is returned when the connection is online, otherwise a 404 status code is returned along with an error message\n[More info](https://auth0.com/docs/api/management/v2/connections/get-status)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Connection status successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:connections. |\n| 404 | --- | Connection not found. |\n| 404 | --- | not connected to any node |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get connection keys",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "keys"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the connection",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nGets the connection keys for the OIDC connection strategy.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/get-keys)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Connection keys successfully retrieved. |\n| undefined | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| undefined | --- | keys are not available for this connection |\n| undefined | --- | Invalid token. |\n| undefined | --- | Client is not global. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:connections. |\n| undefined | --- | Connection not found. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a connection's SCIM configuration",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "scim-configuration"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the connection to retrieve its SCIM configuration",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieves a scim configuration by its connectionId.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/get-scim-configuration)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The connection's SCIM configuration was retrieved. See Response Schemas for schema. |\n| 400 | invalid_uri | Path validation error |\n| 404 | inexistent_connection | The connection does not exist |\n| 404 | --- | Not Found |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a connection's SCIM configuration",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "scim-configuration"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the connection to delete its SCIM configuration",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDeletes a scim configuration by its connectionId.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/delete-scim-configuration)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | The connection's SCIM configuration has been deleted. |\n| 400 | invalid_uri | Path validation error |\n| 404 | inexistent_connection | The connection does not exist |"
+ },
+ "response": []
+ },
+ {
+ "name": "Patch a connection's SCIM configuration",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "scim-configuration"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the connection to update its SCIM configuration",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate a scim configuration by its connectionId.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/patch-scim-configuration)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The connection's SCIM configuration was updated. See Response Schemas for schema. |\n| 400 | --- | Invalid mapping provided |\n| 400 | --- | Invalid payload |\n| 400 | invalid_uri | Path validation error |\n| 404 | inexistent_connection | The connection does not exist |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a SCIM configuration",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "scim-configuration"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the connection to create its SCIM configuration",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nCreate a scim configuration for a connection.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/post-scim-configuration)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | The connection's SCIM configuration was created. See Response Schemas for schema. |\n| 400 | invalid_uri | Path validation error |\n| 400 | --- | SCIM configuration alreay exists for connection |\n| 400 | --- | Invalid mapping provided |\n| 400 | --- | Invalid payload |\n| 404 | inexistent_connection | The connection does not exist |\n| 400 | operation_not_supported | SCIM cannot be enabled for this connection when the Azure AD common endpoint is used. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get enabled clients for a connection",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "clients"
+ ],
+ "query": [
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 1000,
+ "key": "take",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional Id from which to start selection.",
+ "type": "string",
+ "key": "from",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | The id of the connection for which enabled clients are to be retrieved",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve all clients that have the specified connection enabled.\n\nNote: The first time you call this endpoint, omit the from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no further results are remaining.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/get-connection-clients)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Success |\n| undefined | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| undefined | invalid_query_string | Invalid query string. The message will vary depending on the cause. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation |\n| undefined | insufficient_scope | Insufficient scope, expected any of: read:connections |\n| undefined | inexistent_connection | The connection does not exist |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update enabled clients for a connection",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "clients"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the connection to modify",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/connections/patch-clients)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Success |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 400 | --- | Tenant Phone Provider not set. Connection can not be enable on a client. |\n| 400 | --- | Passwordless cannot be enabled for a client, as delivery method (sms/text) is not supported by the configured Tenant phone provider |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: update:connections |\n| 404 | inexistent_connection | The connection does not exist |\n| 404 | inexistent_credential | The client does not exist |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a connection's default SCIM mapping",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "scim-configuration",
+ "default-mapping"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the connection to retrieve its default SCIM mapping",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieves a scim configuration's default mapping by its connectionId.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/get-default-mapping)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The connection's default SCIM mapping was retrieved. See Response Schemas for schema. |\n| 400 | invalid_uri | Path validation error |\n| 404 | --- | Not Found |\n| 404 | inexistent_connection | The connection does not exist |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a connection's SCIM tokens",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "scim-configuration",
+ "tokens"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the connection to retrieve its SCIM configuration",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieves all scim tokens by its connection id.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/get-scim-tokens)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The connection's SCIM tokens were retrieved. See Response Schemas for schema. |\n| 400 | invalid_uri | Path validation error |\n| 404 | inexistent_connection | The connection does not exist |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a SCIM Token",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "scim-configuration",
+ "tokens"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the connection to create its SCIM token",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nCreate a scim token for a scim client.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/post-scim-token)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | The connection's SCIM token was created. See Response Schemas for schema. |\n| 400 | invalid_uri | Path validation error |\n| 404 | inexistent_connection | The connection does not exist |\n| 409 | --- | Maximum of 2 tokens already issued for this connection |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a connection user",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "users"
+ ],
+ "query": [
+ {
+ "description": "string | The email of the user to delete",
+ "type": "string",
+ "required": true,
+ "key": "email",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | The id of the connection (currently only database connections are supported)",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDeletes a specified connection user by its email (you cannot delete all users from specific connection). Currently, only Database Connections are supported.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/delete-users-by-email)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | The user no longer exists. |\n| 400 | inexistent_connection | The connection does not exist |\n| 400 | operation_not_supported | Connection must be a database connection |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: delete:users |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a connection's SCIM token",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "connections",
+ ":id",
+ "scim-configuration",
+ "tokens",
+ ":tokenId"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The connection id that owns the SCIM token to delete",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | The id of the scim token to delete",
+ "type": "string",
+ "required": true,
+ "key": "tokenId"
+ }
+ ]
+ },
+ "description": "**Description**\nDeletes a scim token by its connection id and tokenId.\n\n[More info](https://auth0.com/docs/api/management/v2/connections/delete-tokens-by-tokenId)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | The SCIM token has been deleted. |\n| 400 | invalid_uri | Path validation error |\n| 404 | inexistent_connection | The connection does not exist |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Custom Domains",
+ "item": [
+ {
+ "name": "Get custom domains configurations",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "custom-domains"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details on custom domains.\n[More info](https://auth0.com/docs/api/management/v2/custom domains/get-custom-domains)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Custom domains successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:custom_domains. |\n| 403 | insufficient_scope | Some fields cannot be read with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes. |\n| 403 | operation_not_supported | The account is not allowed to perform this operation. |\n| 403 | --- | There must be a verified credit card on file to perform this operation |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Configure a new custom domain",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "custom-domains"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a new custom domain.\n\nNote: The custom domain will need to be verified before it will accept\nrequests.\n\nOptional attributes that can be updated:\n\n- custom_client_ip_header\n- tls_policy\n\n\nTLS Policies:\n\n- recommended - for modern usage this includes TLS 1.2 only\n- compatible - compatible with older browsers this policy includes TLS 1.0, 1.1, 1.2\n\n\nSome considerations:\n\n- The TLS ciphers and protocols available in each TLS policy follow industry recommendations, and may be updated occasionally.\n- Do not use the compatible TLS policy unless you have clients that require TLS 1.0.\n\n[More info](https://auth0.com/docs/api/management/v2/custom domains/post-custom-domains)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Custom domain successfully created (verification is pending). |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 400 | invalid_body | The 'tls_policy' cannot be set on self_managed domains |\n| 400 | invalid_body | The 'custom_client_ip_header' cannot be set on auth0_managed domains |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:custom_domains. |\n| 403 | operation_not_supported | The account is not allowed to perform this operation. |\n| 403 | --- | There must be a verified credit card on file to perform this operation |\n| 409 | custom_domain_conflict | Custom domain already exists. |\n| 409 | custom_domain_conflict | You reached the maximum number of custom domains for your account. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get custom domain configuration",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "custom-domains",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the custom domain to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve a custom domain configuration and status.\n[More info](https://auth0.com/docs/api/management/v2/custom domains/get-custom-domains-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Custom domain successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:custom_domains. |\n| 403 | insufficient_scope | Some fields cannot be read with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes. |\n| 403 | operation_not_supported | The account is not allowed to perform this operation. |\n| 403 | --- | There must be a verified credit card on file to perform this operation |\n| 404 | inexistent_custom_domain | Custom domain not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete custom domain configuration",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "custom-domains",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the custom domain to delete.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete a custom domain and stop serving requests for it.\n[More info](https://auth0.com/docs/api/management/v2/custom domains/delete-custom-domains-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Custom domain successfully deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:custom_domains. |\n| 403 | operation_not_supported | The account is not allowed to perform this operation. |\n| 403 | --- | There must be a verified credit card on file to perform this operation. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update custom domain configuration",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "custom-domains",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the custom domain to update",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate a custom domain.\n\nThese are the attributes that can be updated:\n\n- custom_client_ip_header\n- tls_policy\n\ncustom_client_ip_header for a domain, the body to\nsend should be:\n{ \"custom_client_ip_header\": \"cf-connecting-ip\" }tls_policy for a domain, the body to send should be:\n{ \"tls_policy\": \"recommended\" }compatible TLS policy is no longer supported.\n\n[More info](https://auth0.com/docs/api/management/v2/custom domains/patch-custom-domains-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Custom domain updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 400 | invalid_body | The 'tls_policy' cannot be set on self_managed domains |\n| 400 | invalid_body | The 'custom_client_ip_header' cannot be set on auth0_managed domains |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected: update:custom_domains. |\n| 403 | operation_not_supported | Your account is not allowed to perform this operation. |\n| 403 | --- | There must be a verified credit card on file to perform this operation |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Verify a custom domain",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "custom-domains",
+ ":id",
+ "verify"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the custom domain to verify.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRun the verification process on a custom domain.\n\nNote: Check the status field to see its verification status. Once verification is complete, it may take up to 10 minutes before the custom domain can start accepting requests.\n\nFor self_managed_certs, when the custom domain is verified for the first time, the response will also include the cname_api_key which you will need to configure your proxy. This key must be kept secret, and is used to validate the proxy requests.\n\nLearn more about verifying custom domains that use Auth0 Managed certificates.\nLearn more about verifying custom domains that use Self Managed certificates.\n\n[More info](https://auth0.com/docs/api/management/v2/custom domains/post-verify)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Custom domain successfully verified. |\n| 200 | --- | Custom domain failed verification. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_uri | Custom domain already verified. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:custom_domains. |\n| 403 | operation_not_supported | The account is not allowed to perform this operation. |\n| 403 | --- | There must be a verified credit card on file to perform this operation |\n| 404 | inexistent_custom_domain | Custom domain not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Device Credentials",
+ "item": [
+ {
+ "name": "Retrieve device credentials",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "device-credentials"
+ ],
+ "query": [
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. There is a maximum of 1000 results allowed from this endpoint.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ },
+ {
+ "description": "string | Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Whether specified fields are to be included (true) or excluded (false).",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ },
+ {
+ "description": "string | user_id of the devices to retrieve.",
+ "type": "string",
+ "key": "user_id",
+ "disabled": true
+ },
+ {
+ "description": "string | client_id of the devices to retrieve.",
+ "type": "string",
+ "key": "client_id",
+ "disabled": true
+ },
+ {
+ "description": "string | Type of credentials to retrieve. Must be `public_key`, `refresh_token` or `rotating_refresh_token`. The property will default to `refresh_token` when paging is requested",
+ "type": "string",
+ "enum": [
+ "public_key",
+ "refresh_token",
+ "rotating_refresh_token"
+ ],
+ "key": "type",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve device credential information (public_key, refresh_token, or rotating_refresh_token) associated with a specific user.\n\n[More info](https://auth0.com/docs/api/management/v2/device credentials/get-device-credentials)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Device credentials successfully retrieved. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 401 | --- | Username is malformed, try with '{connection}\\{email_or_username}' |\n| 401 | --- | Bad username or password. |\n| 403 | --- | User to be acted on does not match subject in bearer token. |\n| 403 | insufficient_scope | Insufficient scope, expected any of: read:device_credentials |\n| 403 | unowned_resource | Cannot retrieve device credentials for that user. |\n| 403 | unowned_resource | Cannot retrieve device credentials for that client. |\n| 403 | invalid_query_string | Must provide client_id parameter. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a device public key credential",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "device-credentials"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a device credential public key to manage refresh token rotation for a given user_id. Device Credentials APIs are designed for ad-hoc administrative use only and paging is by default enabled for GET requests.\n\nWhen refresh token rotation is enabled, the endpoint becomes consistent. For more information, read Signing Keys.\n\n[More info](https://auth0.com/docs/api/management/v2/device credentials/post-device-credentials)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Device credentials successfully created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 401 | --- | Username is malformed, try with \"{connection}\\{email_or_username}\". |\n| 401 | --- | Bad username or password. |\n| 403 | unowned_resource | Cannot create device credentials for that user. |\n| 403 | unowned_resource | Cannot create device credentials for that client. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:current_user_device_credentials. |\n| 409 | device_credential_conflict | A public key already exists for the device. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a device credential",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "device-credentials",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the credential to delete.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nPermanently delete a device credential (such as a refresh token or public key) with the given ID.\n[More info](https://auth0.com/docs/api/management/v2/device credentials/delete-device-credentials-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Device credentials successfully deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 401 | --- | Username is malformed, try with \"{connection}\\{email_or_username}\". |\n| 401 | --- | Bad username or password. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:device_credentials, update:current_user, delete:current_user_device_credentials. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Email Templates",
+ "item": [
+ {
+ "name": "Get an email template",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "email-templates",
+ ":templateName"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy).",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "verify_email",
+ "verify_email_by_code",
+ "reset_email",
+ "reset_email_by_code",
+ "welcome_email",
+ "blocked_account",
+ "stolen_credentials",
+ "enrollment_email",
+ "mfa_oob_code",
+ "user_invitation",
+ "change_password",
+ "password_reset"
+ ],
+ "key": "templateName"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve an email template by pre-defined name. These names are `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, and `user_invitation`. The names `change_password`, and `password_reset` are also supported for legacy scenarios.\n[More info](https://auth0.com/docs/api/management/v2/email templates/get-email-templates-by-templateName)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Template successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected: read:email_templates. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Patch an email template",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "email-templates",
+ ":templateName"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy).",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "verify_email",
+ "verify_email_by_code",
+ "reset_email",
+ "reset_email_by_code",
+ "welcome_email",
+ "blocked_account",
+ "stolen_credentials",
+ "enrollment_email",
+ "mfa_oob_code",
+ "user_invitation",
+ "change_password",
+ "password_reset"
+ ],
+ "key": "templateName"
+ }
+ ]
+ },
+ "description": "**Description**\nModify an email template.\n[More info](https://auth0.com/docs/api/management/v2/email templates/patch-email-templates-by-templateName)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Template successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected: update:email_templates. |\n| 404 | --- | Template not found and cannot be updated. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update an email template",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "email-templates",
+ ":templateName"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy).",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "verify_email",
+ "verify_email_by_code",
+ "reset_email",
+ "reset_email_by_code",
+ "welcome_email",
+ "blocked_account",
+ "stolen_credentials",
+ "enrollment_email",
+ "mfa_oob_code",
+ "user_invitation",
+ "change_password",
+ "password_reset"
+ ],
+ "key": "templateName"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate an email template.\n[More info](https://auth0.com/docs/api/management/v2/email templates/put-email-templates-by-templateName)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Template successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected: update:email_templates. |\n| 404 | --- | Template not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create an email template",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "email-templates"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate an email template.\n[More info](https://auth0.com/docs/api/management/v2/email templates/post-email-templates)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Template successfully created. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected: create:email_templates. |\n| 409 | --- | Template (templateName) already exists. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Emails",
+ "item": [
+ {
+ "name": "Get email provider",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "emails",
+ "provider"
+ ],
+ "query": [
+ {
+ "description": "string | Comma-separated list of fields to include or exclude (dependent upon include_fields) from the result. Leave empty to retrieve `name` and `enabled`. Additional fields available include `credentials`, `default_from_address`, and `settings`.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Whether specified fields are to be included (true) or excluded (false).",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of the email provider configuration in your tenant. A list of fields to include or exclude may also be specified.\n\n[More info](https://auth0.com/docs/api/management/v2/emails/get-provider)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Email provider successfully retrieved. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:email_provider. |\n| 404 | inexistent_email_provider | Email provider has not been configured. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete email provider",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "emails",
+ "provider"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nDelete the email provider.\n\n[More info](https://auth0.com/docs/api/management/v2/emails/delete-provider)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | The email provider has been deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: delete:email_provider |\n| 404 | inexistent_email_provider | Email provider does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update email provider",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "emails",
+ "provider"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nUpdate an email provider. The credentials object\nrequires different properties depending on the email provider (which is specified using the name property):\nmandrill requires api_keysendgrid requires api_keysparkpost requires api_key. Optionally, set region to eu to use\n the SparkPost service hosted in Western Europe; set to null to use the SparkPost service hosted in\n North America. eu or null are the only valid values for region.\n mailgun requires api_key and domain. Optionally, set region to\n eu to use the Mailgun service hosted in Europe; set to null otherwise. eu or\n null are the only valid values for region.\n ses requires accessKeyId, secretAccessKey, and regionsmtp requires smtp_host, smtp_port, smtp_user, and\n smtp_pass\n settings object with different configuration\noptions, which will be used when sending an email:\nsmtp provider, settings may contain headers object.\n X-SES-Configuration-Set header. Value must be a string.\n X-MSYS_API header. Value must be an object.\n ses provider, settings may contain message object, where you can provide\n a name of configuration set in configuration_set_name property. Value must be a string.\n credentials object\nrequires different properties depending on the email provider (which is specified using the name property):\nmandrill requires api_keysendgrid requires api_keysparkpost requires api_key. Optionally, set region to eu to use\n the SparkPost service hosted in Western Europe; set to null to use the SparkPost service hosted in\n North America. eu or null are the only valid values for region.\n mailgun requires api_key and domain. Optionally, set region to\n eu to use the Mailgun service hosted in Europe; set to null otherwise. eu or\n null are the only valid values for region.\n ses requires accessKeyId, secretAccessKey, and regionsmtp requires smtp_host, smtp_port, smtp_user, and\n smtp_pass\n settings object with different configuration\noptions, which will be used when sending an email:\nsmtp provider, settings may contain headers object.\n X-SES-Configuration-Set header. Value must be a string.\n X-MSYS_API header. Value must be an object.\n ses provider, settings may contain message object, where you can provide\n a name of configuration set in configuration_set_name property. Value must be a string.\n all-applications policy prompts with MFA for all logins.confidence-score policy prompts with MFA only for low confidence logins.confidence-score policy is part of the Adaptive MFA feature. Adaptive MFA requires an add-on for the Enterprise plan; review Auth0 Pricing for more details.\n\n[More info](https://auth0.com/docs/api/management/v2/guardian/get-policies)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Success |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update multi-factor authentication policies",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "policies"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nSet multi-factor authentication (MFA) policies for your tenant.\n\nThe following policies are supported:\nall-applications policy prompts with MFA for all logins.confidence-score policy prompts with MFA only for low confidence logins.confidence-score policy is part of the Adaptive MFA feature. Adaptive MFA requires an add-on for the Enterprise plan; review Auth0 Pricing for more details.\n\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-policies)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Policies updated |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a multi-factor authentication enrollment",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "enrollments",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the enrollment to be retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve details, such as status and type, for a specific multi-factor authentication enrollment registered to a user account.\n[More info](https://auth0.com/docs/api/management/v2/guardian/get-enrollments-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Enrollment successfully retrieved. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | invalid_token | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a multi-factor authentication enrollment",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "enrollments",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the enrollment to be deleted.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRemove a specific multi-factor authentication (MFA) enrollment from a user's account. This allows the user to re-enroll with MFA. For more information, review Reset User Multi-Factor Authentication and Recovery Codes.\n[More info](https://auth0.com/docs/api/management/v2/guardian/delete-enrollments-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Enrollment successfully deleted. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | invalid_token | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope (expected delete:enrollment). |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get DUO Configuration",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "duo",
+ "settings"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieves the DUO account and factor configuration.\n[More info](https://auth0.com/docs/api/management/v2/guardian/get-factor-duo-settings)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | DUO settings successfully retrieved. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update the DUO Configuration",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "duo",
+ "settings"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/guardian/patch-factor-duo-settings)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | DUO settings successfully updated. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update the DUO Configuration",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "duo",
+ "settings"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nSet the DUO account configuration and other properties specific to this factor.\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-factor-duo-settings)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | DUO settings successfully updated. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get Enabled Phone Factors",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "phone",
+ "message-types"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve list of phone-type MFA factors (i.e., sms and voice) that are enabled for your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/get-message-types)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Returns the enabled phone factors |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update the Enabled Phone Factors",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "phone",
+ "message-types"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nReplace the list of phone-type MFA factors (i.e., sms and voice) that are enabled for your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-message-types)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Returns selected SMS provider configuration |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |\n| 404 | [object Object] | The phone factor does not exist. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get phone provider configuration",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "phone",
+ "selected-provider"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of the multi-factor authentication phone provider configured for your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/get-guardian-phone-providers)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Returns selected Phone provider configuration |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update phone provider configuration",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "phone",
+ "selected-provider"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-phone-providers)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Returns selected Phone provider configuration |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get Enrollment and Verification Phone Templates",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "phone",
+ "templates"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of the multi-factor authentication enrollment and verification templates for phone-type factors available in your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/get-factor-phone-templates)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Phone enrollment and verification templates successfully retrieved. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update Enrollment and Verification Phone Templates",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "phone",
+ "templates"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCustomize the messages sent to complete phone enrollment and verification (subscription required).\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-factor-phone-templates)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Phone enrollment and verification templates successfully updated. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get push notification provider",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "selected-provider"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nModify the push notification provider configured for your tenant. For more information, review Configure Push Notifications for MFA. \n[More info](https://auth0.com/docs/api/management/v2/guardian/get-pn-providers)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Returns selected push notification provider |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update Push Notification configuration",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "selected-provider"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nModify the push notification provider configured for your tenant. For more information, review Configure Push Notifications for MFA. \n[More info](https://auth0.com/docs/api/management/v2/guardian/put-pn-providers)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Returns selected push notification provider configuration |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get SMS configuration",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "sms",
+ "selected-provider"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nThis endpoint has been deprecated. To complete this action, use the Retrieve phone configuration endpoint instead.\n\n Previous functionality: Retrieve details for the multi-factor authentication SMS provider configured for your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/get-sms-providers)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Returns selected SMS provider configuration |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update SMS configuration",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "sms",
+ "selected-provider"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nThis endpoint has been deprecated. To complete this action, use the Update phone configuration endpoint instead.\n\n Previous functionality: Update the multi-factor authentication SMS provider configuration in your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-sms-providers)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Returns selected SMS provider configuration |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get SMS enrollment and verification templates",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "sms",
+ "templates"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nThis endpoint has been deprecated. To complete this action, use the Retrieve enrollment and verification phone templates endpoint instead.\n\n Previous function: Retrieve details of SMS enrollment and verification templates configured for your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/get-factor-sms-templates)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | SMS enrollment and verification templates successfully retrieved. |\n| 204 | --- | No content. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update SMS enrollment and verification templates",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "sms",
+ "templates"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nThis endpoint has been deprecated. To complete this action, use the Update enrollment and verification phone templates endpoint instead.\n\n Previous functionality: Customize the messages sent to complete SMS enrollment and verification.\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-factor-sms-templates)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | SMS enrollment and verification templates successfully updated. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get Twilio configuration",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "phone",
+ "providers",
+ "twilio"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve configuration details for a Twilio phone provider that has been set up in your tenant. To learn more, review Configure SMS and Voice Notifications for MFA. \n[More info](https://auth0.com/docs/api/management/v2/guardian/get-phone-twilio-factor-provider)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Twilio Phone configuration successfully retrieved. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | --- | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update Twilio configuration",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "phone",
+ "providers",
+ "twilio"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nUpdate the configuration of a Twilio phone provider that has been set up in your tenant. To learn more, review Configure SMS and Voice Notifications for MFA. \n[More info](https://auth0.com/docs/api/management/v2/guardian/put-twilio)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Twilio Phone configuration successfully updated. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | --- | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get APNS push notification configuration",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "providers",
+ "apns"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve configuration details for the multi-factor authentication APNS provider associated with your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/get-apns)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | APNS configuration successfully retrieved. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | --- | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update APNs provider configuration",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "providers",
+ "apns"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nModify configuration details of the multi-factor authentication APNS provider associated with your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/patch-apns)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | APNS configuration successfully updated. |\n| 400 | --- | Invalid input based on schemas. |\n| 400 | --- | The PKCS #12 file is invalid. Please ensure the client certificate is not expired, the environment matches, and the key and certificate are not encrypted with a deprecated algorithm. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | --- | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update APNS configuration",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "providers",
+ "apns"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nOverwrite all configuration details of the multi-factor authentication APNS provider associated with your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-apns)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | APNS configuration successfully updated. |\n| 400 | --- | Invalid input based on schemas. |\n| 400 | --- | The PKCS #12 file is invalid. Please ensure the client certificate is not expired, the environment matches, and the key and certificate are not encrypted with a deprecated algorithm. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | --- | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get AWS SNS configuration",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "providers",
+ "sns"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve configuration details for an AWS SNS push notification provider that has been enabled for MFA. To learn more, review Configure Push Notifications for MFA. \n[More info](https://auth0.com/docs/api/management/v2/guardian/get-sns)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | AWS SNS configuration successfully retrieved. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | --- | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update AWS SNS configuration",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "providers",
+ "sns"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nConfigure the AWS SNS push notification provider configuration (subscription required).\n[More info](https://auth0.com/docs/api/management/v2/guardian/patch-sns)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | AWS SNS configuration successfully updated. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | --- | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update AWS SNS configuration",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "providers",
+ "sns"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nConfigure the AWS SNS push notification provider configuration (subscription required).\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-sns)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | AWS SNS configuration successfully updated. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | --- | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get Twilio SMS configuration",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "sms",
+ "providers",
+ "twilio"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve the Twilio SMS provider configuration (subscription required).\n\n A new endpoint is available to retrieve the Twilio configuration related to phone factors (phone Twilio configuration). It has the same payload as this one. Please use it instead.\n[More info](https://auth0.com/docs/api/management/v2/guardian/get-sms-twilio-factor-provider)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Twilio SMS configuration successfully retrieved. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | --- | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update Twilio SMS configuration",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "sms",
+ "providers",
+ "twilio"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nThis endpoint has been deprecated. To complete this action, use the Update Twilio phone configuration endpoint.\n\n Previous functionality: Update the Twilio SMS provider configuration.\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-sms-twilio-factor-provider)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Twilio SMS configuration successfully updated. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | --- | Insufficient scope. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Updates FCM configuration",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "providers",
+ "fcm"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nModify configuration details of the multi-factor authentication FCM provider associated with your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/patch-fcm)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | FCM configuration updated |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Updates FCM configuration",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "providers",
+ "fcm"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nOverwrite all configuration details of the multi-factor authentication FCM provider associated with your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-fcm)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | FCM configuration updated |\n| 400 | --- | Invalid input based on schemas |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Updates FCMV1 configuration",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "providers",
+ "fcmv1"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nModify configuration details of the multi-factor authentication FCMV1 provider associated with your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/patch-fcmv1)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | FCMV1 configuration updated |\n| 400 | --- | Invalid input based on schemas |\n| 400 | --- | Invalid server credentials |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Updates FCMV1 configuration",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ "push-notification",
+ "providers",
+ "fcmv1"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nOverwrite all configuration details of the multi-factor authentication FCMV1 provider associated with your tenant.\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-fcmv1)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | FCMV1 configuration updated |\n| 400 | --- | Invalid input based on schemas |\n| 400 | --- | Invalid server credentials |\n| 401 | --- | Token has expired or signature is invalid |\n| 403 | --- | Insufficient scope |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a multi-factor authentication enrollment ticket",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "enrollments",
+ "ticket"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a multi-factor authentication (MFA) enrollment ticket, and optionally send an email with the created ticket, to a given user.\n\n[More info](https://auth0.com/docs/api/management/v2/guardian/post-ticket)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Enrollment ticket successfully created. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope. |\n| 404 | inexistent_user | User not found. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update multi-factor authentication type",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "guardian",
+ "factors",
+ ":name"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Factor name. Can be `sms`, `push-notification`, `email`, `duo` `otp` `webauthn-roaming`, `webauthn-platform`, or `recovery-code`.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "push-notification",
+ "sms",
+ "email",
+ "duo",
+ "otp",
+ "webauthn-roaming",
+ "webauthn-platform",
+ "recovery-code"
+ ],
+ "key": "name"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate the status (i.e., enabled or disabled) of a specific multi-factor authentication factor.\n[More info](https://auth0.com/docs/api/management/v2/guardian/put-factors-by-name)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Factor updated successfully. |\n| 400 | --- | Invalid input based on schemas. |\n| 401 | --- | Token has expired or signature is invalid. |\n| 403 | insufficient_scope | Insufficient scope. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Hooks",
+ "item": [
+ {
+ "name": "Get hooks",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "hooks"
+ ],
+ "query": [
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page.",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Optional filter on whether a hook is enabled (true) or disabled (false).",
+ "type": "boolean",
+ "key": "enabled",
+ "disabled": true
+ },
+ {
+ "description": "string | Comma-separated list of fields to include in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "string | Retrieves hooks that match the trigger",
+ "type": "string",
+ "enum": [
+ "credentials-exchange",
+ "pre-user-registration",
+ "post-user-registration",
+ "post-change-password",
+ "send-phone-message"
+ ],
+ "key": "triggerId",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve all hooks. Accepts a list of fields to include or exclude in the result.\n\n[More info](https://auth0.com/docs/api/management/v2/hooks/get-hooks)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Hooks successfully retrieved. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:hooks. |\n| 404 | inexistent_hook | Hook not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a hook",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "hooks"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a new hook.\n\n[More info](https://auth0.com/docs/api/management/v2/hooks/post-hooks)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Hook successfully created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:hooks. |\n| 403 | hooks_not_allowed | This endpoint is disabled for your tenant. |\n| 409 | hook_conflict | Hook with the same name already exists. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a hook",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "hooks",
+ ":id"
+ ],
+ "query": [
+ {
+ "description": "string | Comma-separated list of fields to include in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | ID of the hook to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve a hook by its ID. Accepts a list of fields to include in the result.\n\n[More info](https://auth0.com/docs/api/management/v2/hooks/get-hooks-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Hook successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:hooks. |\n| 404 | inexistent_hook | Hook not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a hook",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "hooks",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the hook to delete.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete a hook.\n\n[More info](https://auth0.com/docs/api/management/v2/hooks/delete-hooks-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Hook successfully deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:hooks. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update a hook",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "hooks",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the hook to update.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate an existing hook.\n\n[More info](https://auth0.com/docs/api/management/v2/hooks/patch-hooks-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Hook successfully created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:hooks. |\n| 403 | hooks_not_allowed | This endpoint is disabled for your tenant. |\n| 404 | inexistent_hook | The hook does not exist |\n| 409 | hook_conflict | A hook with the same name already exists. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get hook secrets",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "hooks",
+ ":id",
+ "secrets"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the hook to retrieve secrets from.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve a hook's secrets by the ID of the hook. \n\n[More info](https://auth0.com/docs/api/management/v2/hooks/get-secrets)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Hook secrets successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:hooks. |\n| 404 | inexistent_hook | Hook not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete hook secrets",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "hooks",
+ ":id",
+ "secrets"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the hook whose secrets to delete.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete one or more existing secrets for a given hook. Accepts an array of secret names to delete. \n[More info](https://auth0.com/docs/api/management/v2/hooks/delete-secrets)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Hook secrets successfully deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:hooks. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update hook secrets",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "hooks",
+ ":id",
+ "secrets"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the hook whose secrets to update.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate one or more existing secrets for an existing hook. Accepts an object of key-value pairs, where the key is the name of the existing secret. \n\n[More info](https://auth0.com/docs/api/management/v2/hooks/patch-secrets)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Hook secrets successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:hooks. |\n| 403 | hooks_not_allowed | This endpoint is disabled for your tenant. |\n| 404 | inexistent_hook | Hook or secret not found. |\n| 409 | hook_conflict | Secret with the same name already exists. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Add hook secrets",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "hooks",
+ ":id",
+ "secrets"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the hook to retrieve",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nAdd one or more secrets to an existing hook. Accepts an object of key-value pairs, where the key is the name of the secret. A hook can have a maximum of 20 secrets. \n\n[More info](https://auth0.com/docs/api/management/v2/hooks/post-secrets)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Hook secrets successfully added. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:hooks. |\n| 403 | hooks_not_allowed | This endpoint is disabled for your tenant. |\n| 409 | hook_conflict | Secret with the same name already exists. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Jobs",
+ "item": [
+ {
+ "name": "Get export users jobs",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "jobs",
+ "users-exports"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieves a list of export users jobs.\n[More info](https://auth0.com/docs/api/management/v2/jobs/get-users-exports)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Jobs retrieved successfully. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected: read:users. |\n| 404 | inexistent_connection | Connection not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create export users job",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "jobs",
+ "users-exports"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nExport all users to a file via a long-running job.\n[More info](https://auth0.com/docs/api/management/v2/jobs/post-users-exports)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Job created successfully. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 400 | inexistent_connection | The connection does not exist. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:users. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get import users jobs",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "jobs",
+ "users-imports"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieves import users jobs. Useful to list recent import jobs.\n[More info](https://auth0.com/docs/api/management/v2/jobs/get-users-imports)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Jobs retrieved successfully. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected: create:users. |\n| 404 | --- | Connection not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create import users job",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "jobs",
+ "users-imports"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nImport users from a formatted file into a connection via a long-running job. When importing users, with or without upsert, the `email_verified` is set to `false` when the email address is added or updated. Users must verify their email address. To avoid this behavior, set `email_verified` to `true` in the imported data.\n[More info](https://auth0.com/docs/api/management/v2/jobs/post-users-imports)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 202 | --- | Job successfully created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 400 | invalid_body | Must provide 'users' file as multipart part. |\n| 400 | invalid_body | Payload validation error: 'Invalid multipart payload format'. |\n| 400 | operation_not_supported | Users file must not be empty. |\n| 400 | invalid_body | Must provide 'connection_id' as multipart part. |\n| 400 | operation_not_supported | Connection must be a database connection. |\n| 400 | connection_is_disabled | Connection must be enabled. |\n| 400 | invalid_body | Payload validation error: 'String does not match pattern ^con_[A-Za-z0-9]{16}$' on property connection_id. |\n| 400 | inexistent_connection | The connection does not exist. |\n| 400 | operation_not_supported | Custom Database Connections without import mode are not allowed. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:users. |\n| 413 | --- | Payload content length greater than maximum allowed: 512000. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| 500 | --- | Internal error. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a job",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "jobs",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the job.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieves a job. Useful to check its status.\n[More info](https://auth0.com/docs/api/management/v2/jobs/get-jobs-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Job retrieved successfully. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:users. |\n| 404 | inexistent_job | Job not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get job error details",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "jobs",
+ ":id",
+ "errors"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the job.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve error details of a failed job.\n[More info](https://auth0.com/docs/api/management/v2/jobs/get-errors)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Job successfully retrieved. |\n| 204 | --- | The job was retrieved, but no errors were found. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: create:users |\n| 404 | inexistent_job | The job does not exist |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Send an email address verification email",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "jobs",
+ "verification-email"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nSend an email to the specified user that asks them to click a link to verify their email address.\n\nNote: You must have the `Status` toggle enabled for the verification email template for the email to be sent.\n[More info](https://auth0.com/docs/api/management/v2/jobs/post-verification-email)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Job successfully created. |\n| 400 | --- | Invalid request parameters. The message will vary depending on the cause. |\n| 400 | operation_not_supported | Connection must be a database connection. |\n| 400 | --- | User does not have an email address. |\n| 400 | inexistent_connection | connection does not exist. |\n| 400 | connection_is_disabled | Connection must be enabled. |\n| 400 | inexistent_organization | The organization does not exist |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:users. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Keys",
+ "item": [
+ {
+ "name": "Get custom signing keys",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "custom-signing"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nGet entire jwks representation of custom signing keys.\n[More info](https://auth0.com/docs/api/management/v2/keys/get-custom-signing-keys)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Custom signing keys were successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:custom_signing_keys. |\n| undefined | inexistent_custom_signing_keys | No custom signing keys found for this tenant. Upload custom signing keys first. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete custom signing keys",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "custom-signing"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nDelete entire jwks representation of custom signing keys.\n[More info](https://auth0.com/docs/api/management/v2/keys/delete-custom-signing-keys)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Custom signing keys were successfully deleted. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: delete:custom_signing_keys. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create or replace custom signing keys",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "custom-signing"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate or replace entire jwks representation of custom signing keys.\n[More info](https://auth0.com/docs/api/management/v2/keys/put-custom-signing-keys)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Custom signing keys were successfully created or replaced. |\n| undefined | invalid_body | Payload validation error. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | insufficient_scope | Insufficient scope, expected all of: create:custom_signing_keys,update:custom_signing_keys. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get all encryption keys",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "encryption"
+ ],
+ "query": [
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Default value is 50, maximum value is 100.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of all the encryption keys associated with your tenant.\n[More info](https://auth0.com/docs/api/management/v2/keys/get-encryption-keys)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The keys were successfully retrieved. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:encryption_keys. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create the new encryption key",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "encryption"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate the new, pre-activated encryption key, without the key material.\n[More info](https://auth0.com/docs/api/management/v2/keys/post-encryption)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | The key was successfully created. |\n| 400 | invalid_body | Request body is invalid. Unsupported key \"type\" provided. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:encryption_keys. |\n| 409 | encryption_key_conflict | Encryption key has already been created. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get all Application Signing Keys",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "signing"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of all the application signing keys associated with your tenant.\n[More info](https://auth0.com/docs/api/management/v2/keys/get-signing-keys)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The signing keys were retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: read:signing_keys |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get the encryption key by its key id",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "encryption",
+ ":kid"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Encryption key ID",
+ "type": "string",
+ "required": true,
+ "key": "kid"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve details of the encryption key with the given ID.\n[More info](https://auth0.com/docs/api/management/v2/keys/get-encryption-key)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The key was successfully retrieved. |\n| 400 | invalid_uri | Invalid UUID format in uri. |\n| 400 | invalid_uri | Invalid key id or unsupported key type. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:encryption_keys. |\n| 404 | inexistent_encryption_key | The key does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete the encryption key by its key id",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "encryption",
+ ":kid"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Encryption key ID",
+ "type": "string",
+ "required": true,
+ "key": "kid"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete the custom provided encryption key with the given ID and move back to using native encryption key.\n[More info](https://auth0.com/docs/api/management/v2/keys/delete-encryption-key)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | The key was successfully deleted. |\n| 400 | invalid_uri | Invalid UUID format in uri. |\n| 400 | invalid_uri | Invalid key id or unsupported key type. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:encryption_keys. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Import the encryption key",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "encryption",
+ ":kid"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Encryption key ID",
+ "type": "string",
+ "required": true,
+ "key": "kid"
+ }
+ ]
+ },
+ "description": "**Description**\nImport wrapped key material and activate encryption key.\n[More info](https://auth0.com/docs/api/management/v2/keys/post-encryption-key)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | The key was successfully imported. |\n| 400 | invalid_uri | The key ID was not found. |\n| 400 | invalid_uri | Invalid UUID format in uri. |\n| 400 | invalid_body | Invalid input. Wrapped key material is invalid or unsupported key type. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:encryption_keys. |\n| 409 | encryption_key_conflict | Failed precondition. Key import not in progress or unable to find the wrapping key. Make sure you have followed all the steps to import a key. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get an Application Signing Key by its key id",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "signing",
+ ":kid"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Key id of the key to retrieve",
+ "type": "string",
+ "required": true,
+ "key": "kid"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve details of the application signing key with the given ID.\n[More info](https://auth0.com/docs/api/management/v2/keys/get-signing-key)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The signing keys were retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: read:signing_keys |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Rekey the key hierarchy",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "encryption",
+ "rekey"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nPerform rekeying operation on the key hierarchy.\n[More info](https://auth0.com/docs/api/management/v2/keys/post-encryption-rekey)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | The key hierarchy was successfully rekeyed. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected all of: create:encryption_keys update:encryption_keys. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Rotate the Application Signing Key",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "signing",
+ "rotate"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRotate the application signing key of your tenant.\n[More info](https://auth0.com/docs/api/management/v2/keys/post-signing-keys)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Signing key rotated successfully. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected create:signing_keys and update:signing_keys. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create the public wrapping key",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "encryption",
+ ":kid",
+ "wrapping-key"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Encryption key ID",
+ "type": "string",
+ "required": true,
+ "key": "kid"
+ }
+ ]
+ },
+ "description": "**Description**\nCreate the public wrapping key to wrap your own encryption key material.\n[More info](https://auth0.com/docs/api/management/v2/keys/post-encryption-wrapping-key)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | The public wrapping key was successfully created. |\n| 400 | invalid_uri | Invalid UUID format in uri. |\n| 400 | invalid_uri | Invalid key id or unsupported key type. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:encryption_keys. |\n| 409 | encryption_key_conflict | Failed precondition. Create new encryption key without the key material first. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Revoke an Application Signing Key by its key id",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "keys",
+ "signing",
+ ":kid",
+ "revoke"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Key id of the key to revoke",
+ "type": "string",
+ "required": true,
+ "key": "kid"
+ }
+ ]
+ },
+ "description": "**Description**\nRevoke the application signing key with the given ID.\n[More info](https://auth0.com/docs/api/management/v2/keys/put-signing-keys)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Signing key revoked successfully. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:signing_keys. |\n| 404 | --- | Signing key not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Log Streams",
+ "item": [
+ {
+ "name": "Get log streams",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "log-streams"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details on log streams.\n[{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"eventbridge\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"awsAccountId\": \"string\",\n\t\t\"awsRegion\": \"string\",\n\t\t\"awsPartnerEventSource\": \"string\"\n\t}\n}, {\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"http\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"httpContentFormat\": \"JSONLINES|JSONARRAY\",\n\t\t\"httpContentType\": \"string\",\n\t\t\"httpEndpoint\": \"string\",\n\t\t\"httpAuthorization\": \"string\"\n\t}\n},\n{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"eventgrid\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"azureSubscriptionId\": \"string\",\n\t\t\"azureResourceGroup\": \"string\",\n\t\t\"azureRegion\": \"string\",\n\t\t\"azurePartnerTopic\": \"string\"\n\t}\n},\n{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"splunk\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"splunkDomain\": \"string\",\n\t\t\"splunkToken\": \"string\",\n\t\t\"splunkPort\": \"string\",\n\t\t\"splunkSecure\": \"boolean\"\n\t}\n},\n{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"sumo\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"sumoSourceAddress\": \"string\",\n\t}\n},\n{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"datadog\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"datadogRegion\": \"string\",\n\t\t\"datadogApiKey\": \"string\"\n\t}\n}]type of log stream being created determines the properties required in the sink payload.\nhttp Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"http\",\n\t\"sink\": {\n\t\t\"httpEndpoint\": \"string\",\n\t\t\"httpContentType\": \"string\",\n\t\t\"httpContentFormat\": \"JSONLINES|JSONARRAY\",\n\t\t\"httpAuthorization\": \"string\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"http\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"httpEndpoint\": \"string\",\n\t\t\"httpContentType\": \"string\",\n\t\t\"httpContentFormat\": \"JSONLINES|JSONARRAY\",\n\t\t\"httpAuthorization\": \"string\"\n\t}\n}eventbridge Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"eventbridge\",\n\t\"sink\": {\n\t\t\"awsRegion\": \"string\",\n\t\t\"awsAccountId\": \"string\"\n\t}\n}awsPartnerEventSource in the sink: {\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"eventbridge\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"awsAccountId\": \"string\",\n\t\t\"awsRegion\": \"string\",\n\t\t\"awsPartnerEventSource\": \"string\"\n\t}\n}Azure Event Grid Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"eventgrid\",\n\t\"sink\": {\n\t\t\"azureSubscriptionId\": \"string\",\n\t\t\"azureResourceGroup\": \"string\",\n\t\t\"azureRegion\": \"string\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"http\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"azureSubscriptionId\": \"string\",\n\t\t\"azureResourceGroup\": \"string\",\n\t\t\"azureRegion\": \"string\",\n\t\t\"azurePartnerTopic\": \"string\"\n\t}\n}Datadog Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"datadog\",\n\t\"sink\": {\n\t\t\"datadogRegion\": \"string\",\n\t\t\"datadogApiKey\": \"string\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"datadog\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"datadogRegion\": \"string\",\n\t\t\"datadogApiKey\": \"string\"\n\t}\n}Splunk Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"splunk\",\n\t\"sink\": {\n\t\t\"splunkDomain\": \"string\",\n\t\t\"splunkToken\": \"string\",\n\t\t\"splunkPort\": \"string\",\n\t\t\"splunkSecure\": \"boolean\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"splunk\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"splunkDomain\": \"string\",\n\t\t\"splunkToken\": \"string\",\n\t\t\"splunkPort\": \"string\",\n\t\t\"splunkSecure\": \"boolean\"\n\t}\n}Sumo Logic Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"sumo\",\n\t\"sink\": {\n\t\t\"sumoSourceAddress\": \"string\",\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"sumo\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"sumoSourceAddress\": \"string\",\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"eventbridge\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"awsAccountId\": \"string\",\n\t\t\"awsRegion\": \"string\",\n\t\t\"awsPartnerEventSource\": \"string\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"http\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"httpContentFormat\": \"JSONLINES|JSONARRAY\",\n\t\t\"httpContentType\": \"string\",\n\t\t\"httpEndpoint\": \"string\",\n\t\t\"httpAuthorization\": \"string\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"datadog\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"datadogRegion\": \"string\",\n\t\t\"datadogApiKey\": \"string\"\n\t}\n\n}{\n\t \"name\": \"string\",\n\t \"type\": \"mixpanel\",\n\t \"sink\": {\n\t\t\"mixpanelRegion\": \"string\", // \"us\" | \"eu\",\n\t\t\"mixpanelProjectId\": \"string\",\n\t\t\"mixpanelServiceAccountUsername\": \"string\",\n\t\t\"mixpanelServiceAccountPassword\": \"string\"\n\t }\n\t} {\n\t\t\"id\": \"string\",\n\t\t\"name\": \"string\",\n\t\t\"type\": \"mixpanel\",\n\t\t\"status\": \"active\",\n\t\t\"sink\": {\n\t\t \"mixpanelRegion\": \"string\", // \"us\" | \"eu\",\n\t\t \"mixpanelProjectId\": \"string\",\n\t\t \"mixpanelServiceAccountUsername\": \"string\",\n\t\t \"mixpanelServiceAccountPassword\": \"string\" // the following is redacted on return\n\t\t}\n\t } {\n\t \"name\": \"string\",\n\t \"type\": \"segment\",\n\t \"sink\": {\n\t\t\"segmentWriteKey\": \"string\"\n\t }\n\t}{\n\t \"id\": \"string\",\n\t \"name\": \"string\",\n\t \"type\": \"segment\",\n\t \"status\": \"active\",\n\t \"sink\": {\n\t\t\"segmentWriteKey\": \"string\"\n\t }\n\t} {\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"splunk\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"splunkDomain\": \"string\",\n\t\t\"splunkToken\": \"string\",\n\t\t\"splunkPort\": \"string\",\n\t\t\"splunkSecure\": \"boolean\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"sumo\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"sumoSourceAddress\": \"string\",\n\t}\n}status of a log stream maybe any of the following:\n1. active - Stream is currently enabled.\n2. paused - Stream is currently user disabled and will not attempt log delivery.\n3. suspended - Stream is currently disabled because of errors and will not attempt log delivery.\n\n[More info](https://auth0.com/docs/api/management/v2/log streams/get-log-streams-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Returning log stream. |\n| 404 | --- | The log stream does not exist. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:log_streams. |\n| 403 | operation_not_supported | The account is not allowed to perform this operation. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete log stream",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "log-streams",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the log stream to delete",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete a log stream.\n\n[More info](https://auth0.com/docs/api/management/v2/log streams/delete-log-streams-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | The log stream was deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: delete:log_streams. |\n| 404 | --- | The log stream does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update a log stream",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "log-streams",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the log stream to get",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate a log stream.\neventbridge and eventgrid, updating the sink is not permitted.\n{\n\t\"status\": \"active|paused\"\n}{\n\t\"name\": \"string\"\n}http{\n \"sink\": {\n \"httpEndpoint\": \"string\",\n \"httpContentType\": \"string\",\n \"httpContentFormat\": \"JSONARRAY|JSONLINES\",\n \"httpAuthorization\": \"string\"\n }\n}datadog{\n \"sink\": {\n\t\t\"datadogRegion\": \"string\",\n\t\t\"datadogApiKey\": \"string\"\n }\n}splunk{\n \"sink\": {\n \"splunkDomain\": \"string\",\n \"splunkToken\": \"string\",\n \"splunkPort\": \"string\",\n \"splunkSecure\": \"boolean\"\n }\n}sumo{\n \"sink\": {\n \"sumoSourceAddress\": \"string\"\n }\n}50. Max value: 100",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "string | Field to use for sorting appended with :1 for ascending and :-1 for descending. e.g. date:-1",
+ "type": "string",
+ "key": "sort",
+ "disabled": true
+ },
+ {
+ "description": "string | Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Whether specified fields are to be included (true) or excluded (false)",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results as an array when false (default). Return results inside an object that also contains a total result count when true.",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ },
+ {
+ "description": "string | Log Event Id from which to start selection from.",
+ "type": "string",
+ "key": "from",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of entries to retrieve when using the from parameter. Default 50, max 100",
+ "type": "integer",
+ "key": "take",
+ "disabled": true
+ },
+ {
+ "description": "string | Query in Lucene query string syntax.",
+ "type": "string",
+ "key": "q",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve log entries that match the specified search criteria (or all log entries if no criteria specified).\n\nSet custom search criteria using the q parameter, or search from a specific log ID (\"search from checkpoint\").\n\nFor more information on all possible event types, their respective acronyms, and descriptions, see Log Event Type Codes.\n\nfields and sort, see Searchable Fields.\n\nAuth0 limits the number of logs you can return by search criteria to 100 logs per request. Furthermore, you may paginate only through 1,000 search results. If you exceed this threshold, please redefine your search or use the get logs by checkpoint method.\n\ntake parameter. If you use from at the same time as q, from takes precedence and q is ignored.from parameter.from and take will be ignored, and date ordering is not guaranteed.\n\n[More info](https://auth0.com/docs/api/management/v2/logs/get-logs)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Logs successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:logs, read:logs_users. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a log event by id",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "logs",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | log_id of the log to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve an individual log event.\n[More info](https://auth0.com/docs/api/management/v2/logs/get-logs-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Log successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:logs, read:logs_users. |\n| 404 | inexistent_log | Log not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Network Acls",
+ "item": [
+ {
+ "name": "Get all access control list entries for a tenant",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "network-acls"
+ ],
+ "query": [
+ {
+ "description": "integer | Use this field to request a specific page of the list results.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | The amount of results per page.",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nGet all access control list entries for your client.\n[More info](https://auth0.com/docs/api/management/v2/network acls/get-network-acls)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Network access control list successfully retrieved. |\n| undefined | --- | Network access control list not found. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:tenant_acls. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create Access Control List",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "network-acls"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a new access control list for your client.\n[More info](https://auth0.com/docs/api/management/v2/network acls/post-network-acls)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Network ACL successfully created. |\n| 403 | --- | Entitlement is not enabled for this tenant. Please upgrade your subscription to enable Tenant ACL Management. |\n| 403 | --- | Tenant ACL Management is not enabled for this tenant. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: create:network_acls. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 409 | Conflict | A Network ACL with this priority number has already been created. |\n| 500 | --- | There was an error retrieving Networks ACLs subscription settings. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a specific access control list entry for a tenant",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "network-acls",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the access control list to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nGet a specific access control list entry for your client.\n[More info](https://auth0.com/docs/api/management/v2/network acls/get-network-acls-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Suspicious IP throttling configuration successfully retrieved. |\n| undefined | --- | Network access control list not found. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:tenant_acls. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete Access Control List",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "network-acls",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the ACL to delete",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete existing access control list for your client.\n[More info](https://auth0.com/docs/api/management/v2/network acls/delete-network-acls-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Network ACL successfully deleted |\n| undefined | --- | Tenant ACL Management is not enabled for this tenant. |\n| undefined | --- | This ACL does not exist |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: delete:network_acls. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update Access Control List",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "network-acls",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the ACL to update.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate existing access control list for your client.\n[More info](https://auth0.com/docs/api/management/v2/network acls/put-network-acls-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Network ACL properties successfully updated |\n| undefined | --- | Network ACL not found and cannot be updated |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: update:network_acls. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Organizations",
+ "item": [
+ {
+ "name": "Get organizations",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations"
+ ],
+ "query": [
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 1000,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional Id from which to start selection.",
+ "type": "string",
+ "key": "from",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "take",
+ "disabled": true
+ },
+ {
+ "description": "string | Field to sort by. Use field:order where order is 1 for ascending and -1 for descending. e.g. created_at:1. We currently support sorting by the following fields: name, display_name and created_at.",
+ "type": "string",
+ "key": "sort",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve detailed list of all Organizations available in your tenant. For more information, see Auth0 Organizations.\n\nThis endpoint supports two types of pagination:\nfrom: Optional id from which to start selection.take: The total number of entries to retrieve when using the from parameter. Defaults to 50.from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no pages are remaining.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/get-organizations)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Organizations successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:organizations. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| undefined | invalid_paging | Invalid query string paging options. The message will vary depending on the cause |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create an Organization",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a new Organization within your tenant. To learn more about Organization settings, behavior, and configuration options, review Create Your First Organization.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/post-organizations)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Organization successfully created. |\n| 409 | organization_conflict | An organization with this name already exists. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: create:organizations. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get organization",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the organization to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve details about a single Organization specified by ID. \n\n[More info](https://auth0.com/docs/api/management/v2/organizations/get-organizations-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Organization successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:organizations. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete organization",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRemove an Organization from your tenant. This action cannot be undone. \n\nNote: Members are automatically disassociated from an Organization when it is deleted. However, this action does not delete these users from your tenant.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/delete-organizations-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | The organization was deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:organizations. |\n| 404 | --- | The organization does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Modify an Organization",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the organization to update.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate the details of a specific Organization, such as name and display name, branding options, and metadata.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/patch-organizations-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Organization successfully updated. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: update:organizations. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get organization by name",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ "name",
+ ":name"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | name of the organization to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "name"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve details about a single Organization specified by name.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/get-name-by-name)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Organization successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:organizations. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get client grants associated to an organization",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "client-grants"
+ ],
+ "query": [
+ {
+ "description": "string | Optional filter on audience of the client grant.",
+ "type": "string",
+ "key": "audience",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional filter on client_id of the client grant.",
+ "type": "string",
+ "key": "client_id",
+ "disabled": true
+ },
+ {
+ "description": "array | Optional filter on the ID of the client grant. Must be URL encoded and may be specified multiple times (max 10).fields parameter to optionally define the specific member details retrieved. If fields is left blank, all fields (except roles) are returned.\n fields=roles to retrieve the roles assigned to each listed member. To use this parameter, you must include the read:organization_member_roles scope in the token.\n from parameter. If there are more results, a next value will be included in the response. You can use this for subsequent API calls. When next is no longer included in the response, this indicates there are no more pages remaining.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/get-members)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Members successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:organization_members, read:organization_member_roles. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| undefined | invalid_paging | Invalid query string paging options. The message will vary depending on the cause |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete members from an organization",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "members"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/organizations/delete-members)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Users successfully removed from organization. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: delete:organization_members. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Add members to an organization",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "members"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nSet one or more existing users as members of a specific Organization.\n\nTo add a user to an Organization through this action, the user must already exist in your tenant. If a user does not yet exist, you can invite them to create an account, manually create them through the Auth0 Dashboard, or use the Management API.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/post-members)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Members successfully added to organization. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: create:organization_members. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a specific invitation to an Organization",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "invitations",
+ ":invitation_id"
+ ],
+ "query": [
+ {
+ "description": "string | Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Whether specified fields are to be included (true) or excluded (false). Defaults to true.",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | The id of the user invitation.",
+ "type": "string",
+ "required": true,
+ "key": "invitation_id"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/organizations/get-invitations-by-invitation-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Invitation successfully retrieved. |\n| 404 | --- | No organization found by that id. |\n| 404 | inexistent_invitation | The invitation does not exist. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:organization_invitations. |\n| undefined | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete an invitation to an Organization",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "invitations",
+ ":invitation_id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | The id of the user invitation.",
+ "type": "string",
+ "required": true,
+ "key": "invitation_id"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/organizations/delete-invitations-by-invitation-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Invitation successfully deleted. |\n| 404 | --- | No organization found by that id. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: delete:organization_invitations. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get an enabled connection for an organization",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "enabled_connections",
+ ":connectionId"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | Connection identifier.",
+ "type": "string",
+ "required": true,
+ "key": "connectionId"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve details about a specific connection currently enabled for an Organization. Information returned includes details such as connection ID, name, strategy, and whether the connection automatically grants membership upon login.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/get-enabled-connections-by-connectionId)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Connection successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:organization_connections. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete connections from an organization",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "enabled_connections",
+ ":connectionId"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | Connection identifier.",
+ "type": "string",
+ "required": true,
+ "key": "connectionId"
+ }
+ ]
+ },
+ "description": "**Description**\nDisable a specific connection for an Organization. Once disabled, Organization members can no longer use that connection to authenticate. \n\nNote: This action does not remove the connection from your tenant.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/delete-enabled-connections-by-connectionId)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Connection successfully removed from organization. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: delete:organization_connections. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update the Connection of an Organization",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "enabled_connections",
+ ":connectionId"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | Connection identifier.",
+ "type": "string",
+ "required": true,
+ "key": "connectionId"
+ }
+ ]
+ },
+ "description": "**Description**\nModify the details of a specific connection currently enabled for an Organization.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/patch-enabled-connections-by-connectionId)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Organization connection successfully updated. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: update:organization_connections. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get user roles assigned to an Organization member",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "members",
+ ":user_id",
+ "roles"
+ ],
+ "query": [
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 1000,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | ID of the user to associate roles with.",
+ "type": "string",
+ "required": true,
+ "key": "user_id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve detailed list of roles assigned to a given user within the context of a specific Organization. \n\nUsers can be members of multiple Organizations with unique roles assigned for each membership. This action only returns the roles associated with the specified Organization; any roles assigned to the user within other Organizations are not included.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/get-organization-member-roles)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Roles successfully retrieved. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:organization_member_roles. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| undefined | invalid_paging | Invalid query string paging options. The message will vary depending on the cause |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete user roles from an Organization member",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "members",
+ ":user_id",
+ "roles"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | User ID of the organization member to remove roles from.",
+ "type": "string",
+ "required": true,
+ "key": "user_id"
+ }
+ ]
+ },
+ "description": "**Description**\nRemove one or more Organization-specific roles from a given user.\n\nUsers can be members of multiple Organizations with unique roles assigned for each membership. This action removes roles from a user in relation to the specified Organization. Roles assigned to the user within a different Organization cannot be managed in the same call.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/delete-organization-member-roles)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Roles successfully removed from organization member. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: delete:organization_member_roles. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Assign user roles to an Organization member",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "members",
+ ":user_id",
+ "roles"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | ID of the user to associate roles with.",
+ "type": "string",
+ "required": true,
+ "key": "user_id"
+ }
+ ]
+ },
+ "description": "**Description**\nAssign one or more roles to a user to determine their access for a specific Organization.\n\nUsers can be members of multiple Organizations with unique roles assigned for each membership. This action assigns roles to a user only for the specified Organization. Roles cannot be assigned to a user across multiple Organizations in the same call.\n\n[More info](https://auth0.com/docs/api/management/v2/organizations/post-organization-member-roles)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Roles successfully associated with user. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: create:organization_member_roles. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 409 | --- | No more roles can be assigned to this organization member. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Remove a client grant from an organization",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "organizations",
+ ":id",
+ "client-grants",
+ ":grant_id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Organization identifier.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | The Client Grant ID to remove from the organization",
+ "type": "string",
+ "required": true,
+ "key": "grant_id"
+ }
+ ]
+ },
+ "description": "**Description**\nundefined\n[More info](https://auth0.com/docs/api/management/v2/organizations/delete-client-grants-by-grant-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | The Client Grant was removed from the Organization. |\n| 404 | --- | No organization found by that id. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: delete:organization_client_grants. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Prompts",
+ "item": [
+ {
+ "name": "Get prompt settings",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "prompts"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of the Universal Login configuration of your tenant. This includes the Identifier First Authentication and WebAuthn with Device Biometrics for MFA features.\n[More info](https://auth0.com/docs/api/management/v2/prompts/get-prompts)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Prompt settings successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | operation_not_supported | The specified client cannot perform the requested operation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:prompts. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update prompt settings",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "prompts"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nUpdate the Universal Login configuration of your tenant. This includes the Identifier First Authentication and WebAuthn with Device Biometrics for MFA features.\n[More info](https://auth0.com/docs/api/management/v2/prompts/patch-prompts)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Prompts settings successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:prompts. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get partials for a prompt",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "prompts",
+ ":prompt",
+ "partials"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Name of the prompt.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "login",
+ "login-id",
+ "login-password",
+ "login-passwordless",
+ "signup",
+ "signup-id",
+ "signup-password",
+ "customized-consent"
+ ],
+ "key": "prompt"
+ }
+ ]
+ },
+ "description": "**Description**\nGet template partials for a prompt\n[More info](https://auth0.com/docs/api/management/v2/prompts/get-partials)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Prompt partials successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:prompts. |\n| 403 | operation_not_supported | Permission Denied. This feature is not available on this plan. |\n| 404 | --- | The prompt does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Set partials for a prompt",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "prompts",
+ ":prompt",
+ "partials"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Name of the prompt.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "login",
+ "login-id",
+ "login-password",
+ "login-passwordless",
+ "signup",
+ "signup-id",
+ "signup-password",
+ "customized-consent"
+ ],
+ "key": "prompt"
+ }
+ ]
+ },
+ "description": "**Description**\nSet template partials for a prompt\n[More info](https://auth0.com/docs/api/management/v2/prompts/put-partials)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Template partials successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:prompts. |\n| 403 | operation_not_supported | Permission Denied. This feature is not available on this plan. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get custom text for a prompt",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "prompts",
+ ":prompt",
+ "custom-text",
+ ":language"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Name of the prompt.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "login",
+ "login-id",
+ "login-password",
+ "login-passwordless",
+ "login-email-verification",
+ "signup",
+ "signup-id",
+ "signup-password",
+ "phone-identifier-enrollment",
+ "phone-identifier-challenge",
+ "email-identifier-challenge",
+ "reset-password",
+ "custom-form",
+ "consent",
+ "customized-consent",
+ "logout",
+ "mfa-push",
+ "mfa-otp",
+ "mfa-voice",
+ "mfa-phone",
+ "mfa-webauthn",
+ "mfa-sms",
+ "mfa-email",
+ "mfa-recovery-code",
+ "mfa",
+ "status",
+ "device-flow",
+ "email-verification",
+ "email-otp-challenge",
+ "organizations",
+ "invitation",
+ "common",
+ "passkeys",
+ "captcha"
+ ],
+ "key": "prompt"
+ },
+ {
+ "description": "string | Language to update.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "am",
+ "ar",
+ "ar-EG",
+ "ar-SA",
+ "az",
+ "bg",
+ "bn",
+ "bs",
+ "ca-ES",
+ "cnr",
+ "cs",
+ "cy",
+ "da",
+ "de",
+ "el",
+ "en",
+ "en-CA",
+ "es",
+ "es-419",
+ "es-AR",
+ "es-MX",
+ "et",
+ "eu-ES",
+ "fa",
+ "fi",
+ "fr",
+ "fr-CA",
+ "fr-FR",
+ "gl-ES",
+ "gu",
+ "he",
+ "hi",
+ "hr",
+ "hu",
+ "hy",
+ "id",
+ "is",
+ "it",
+ "ja",
+ "ka",
+ "kk",
+ "kn",
+ "ko",
+ "lt",
+ "lv",
+ "mk",
+ "ml",
+ "mn",
+ "mr",
+ "ms",
+ "my",
+ "nb",
+ "nl",
+ "nn",
+ "no",
+ "pa",
+ "pl",
+ "pt",
+ "pt-BR",
+ "pt-PT",
+ "ro",
+ "ru",
+ "sk",
+ "sl",
+ "so",
+ "sq",
+ "sr",
+ "sv",
+ "sw",
+ "ta",
+ "te",
+ "th",
+ "tl",
+ "tr",
+ "uk",
+ "ur",
+ "vi",
+ "zgh",
+ "zh-CN",
+ "zh-HK",
+ "zh-TW"
+ ],
+ "key": "language"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve custom text for a specific prompt and language.\n[More info](https://auth0.com/docs/api/management/v2/prompts/get-custom-text-by-language)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Prompt dictionaries successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected any of: read:prompts. |\n| 404 | --- | The prompt does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Set custom text for a specific prompt",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "prompts",
+ ":prompt",
+ "custom-text",
+ ":language"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Name of the prompt.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "login",
+ "login-id",
+ "login-password",
+ "login-passwordless",
+ "login-email-verification",
+ "signup",
+ "signup-id",
+ "signup-password",
+ "phone-identifier-enrollment",
+ "phone-identifier-challenge",
+ "email-identifier-challenge",
+ "reset-password",
+ "custom-form",
+ "consent",
+ "customized-consent",
+ "logout",
+ "mfa-push",
+ "mfa-otp",
+ "mfa-voice",
+ "mfa-phone",
+ "mfa-webauthn",
+ "mfa-sms",
+ "mfa-email",
+ "mfa-recovery-code",
+ "mfa",
+ "status",
+ "device-flow",
+ "email-verification",
+ "email-otp-challenge",
+ "organizations",
+ "invitation",
+ "common",
+ "passkeys",
+ "captcha"
+ ],
+ "key": "prompt"
+ },
+ {
+ "description": "string | Language to update.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "am",
+ "ar",
+ "ar-EG",
+ "ar-SA",
+ "az",
+ "bg",
+ "bn",
+ "bs",
+ "ca-ES",
+ "cnr",
+ "cs",
+ "cy",
+ "da",
+ "de",
+ "el",
+ "en",
+ "en-CA",
+ "es",
+ "es-419",
+ "es-AR",
+ "es-MX",
+ "et",
+ "eu-ES",
+ "fa",
+ "fi",
+ "fr",
+ "fr-CA",
+ "fr-FR",
+ "gl-ES",
+ "gu",
+ "he",
+ "hi",
+ "hr",
+ "hu",
+ "hy",
+ "id",
+ "is",
+ "it",
+ "ja",
+ "ka",
+ "kk",
+ "kn",
+ "ko",
+ "lt",
+ "lv",
+ "mk",
+ "ml",
+ "mn",
+ "mr",
+ "ms",
+ "my",
+ "nb",
+ "nl",
+ "nn",
+ "no",
+ "pa",
+ "pl",
+ "pt",
+ "pt-BR",
+ "pt-PT",
+ "ro",
+ "ru",
+ "sk",
+ "sl",
+ "so",
+ "sq",
+ "sr",
+ "sv",
+ "sw",
+ "ta",
+ "te",
+ "th",
+ "tl",
+ "tr",
+ "uk",
+ "ur",
+ "vi",
+ "zgh",
+ "zh-CN",
+ "zh-HK",
+ "zh-TW"
+ ],
+ "key": "language"
+ }
+ ]
+ },
+ "description": "**Description**\nSet custom text for a specific prompt. Existing texts will be overwritten.\n[More info](https://auth0.com/docs/api/management/v2/prompts/put-custom-text-by-language)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Prompt dictionaries successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:prompts. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get render settings for a screen",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "prompts",
+ ":prompt",
+ "screen",
+ ":screen",
+ "rendering"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Name of the prompt",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "login",
+ "login-id",
+ "login-password",
+ "login-passwordless",
+ "login-email-verification",
+ "signup",
+ "signup-id",
+ "signup-password",
+ "phone-identifier-enrollment",
+ "phone-identifier-challenge",
+ "email-identifier-challenge",
+ "reset-password",
+ "custom-form",
+ "consent",
+ "customized-consent",
+ "logout",
+ "mfa-push",
+ "mfa-otp",
+ "mfa-voice",
+ "mfa-phone",
+ "mfa-webauthn",
+ "mfa-sms",
+ "mfa-email",
+ "mfa-recovery-code",
+ "mfa",
+ "status",
+ "device-flow",
+ "email-verification",
+ "email-otp-challenge",
+ "organizations",
+ "invitation",
+ "common",
+ "passkeys",
+ "captcha"
+ ],
+ "key": "prompt"
+ },
+ {
+ "description": "string | Name of the screen",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "login",
+ "login-id",
+ "login-password",
+ "login-passwordless-email-code",
+ "login-passwordless-email-link",
+ "login-passwordless-sms-otp",
+ "login-email-verification",
+ "signup",
+ "signup-id",
+ "signup-password",
+ "phone-identifier-enrollment",
+ "phone-identifier-challenge",
+ "email-identifier-challenge",
+ "reset-password-request",
+ "reset-password-email",
+ "reset-password",
+ "reset-password-success",
+ "reset-password-error",
+ "reset-password-mfa-email-challenge",
+ "reset-password-mfa-otp-challenge",
+ "reset-password-mfa-phone-challenge",
+ "reset-password-mfa-push-challenge-push",
+ "reset-password-mfa-recovery-code-challenge",
+ "reset-password-mfa-sms-challenge",
+ "reset-password-mfa-voice-challenge",
+ "reset-password-mfa-webauthn-platform-challenge",
+ "reset-password-mfa-webauthn-roaming-challenge",
+ "custom-form",
+ "consent",
+ "customized-consent",
+ "logout",
+ "logout-complete",
+ "logout-aborted",
+ "mfa-push-welcome",
+ "mfa-push-enrollment-qr",
+ "mfa-push-enrollment-code",
+ "mfa-push-success",
+ "mfa-push-challenge-push",
+ "mfa-push-list",
+ "mfa-otp-enrollment-qr",
+ "mfa-otp-enrollment-code",
+ "mfa-otp-challenge",
+ "mfa-voice-enrollment",
+ "mfa-voice-challenge",
+ "mfa-phone-challenge",
+ "mfa-phone-enrollment",
+ "mfa-webauthn-platform-enrollment",
+ "mfa-webauthn-roaming-enrollment",
+ "mfa-webauthn-platform-challenge",
+ "mfa-webauthn-roaming-challenge",
+ "mfa-webauthn-change-key-nickname",
+ "mfa-webauthn-enrollment-success",
+ "mfa-webauthn-error",
+ "mfa-webauthn-not-available-error",
+ "mfa-country-codes",
+ "mfa-sms-enrollment",
+ "mfa-sms-challenge",
+ "mfa-sms-list",
+ "mfa-email-challenge",
+ "mfa-email-list",
+ "mfa-recovery-code-enrollment",
+ "mfa-recovery-code-challenge",
+ "mfa-detect-browser-capabilities",
+ "mfa-enroll-result",
+ "mfa-login-options",
+ "mfa-begin-enroll-options",
+ "status",
+ "device-code-activation",
+ "device-code-activation-allowed",
+ "device-code-activation-denied",
+ "device-code-confirmation",
+ "email-verification-result",
+ "email-otp-challenge",
+ "organization-selection",
+ "organization-picker",
+ "accept-invitation",
+ "redeem-ticket",
+ "passkey-enrollment",
+ "passkey-enrollment-local",
+ "interstitial-captcha"
+ ],
+ "key": "screen"
+ }
+ ]
+ },
+ "description": "**Description**\nGet render settings for a screen.\n[More info](https://auth0.com/docs/api/management/v2/prompts/get-rendering)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | ACUL settings successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 402 | --- | A paid subscription is required to use Advanced Customizations. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:prompts. |\n| 403 | operation_not_supported | This tenant does not have Advanced Customizations enabled. |\n| 403 | operation_not_supported | This screen is not available in Advanced Customizations |\n| 404 | --- | The prompt does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update render settings for a screen",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "prompts",
+ ":prompt",
+ "screen",
+ ":screen",
+ "rendering"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Name of the prompt",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "login",
+ "login-id",
+ "login-password",
+ "login-passwordless",
+ "login-email-verification",
+ "signup",
+ "signup-id",
+ "signup-password",
+ "phone-identifier-enrollment",
+ "phone-identifier-challenge",
+ "email-identifier-challenge",
+ "reset-password",
+ "custom-form",
+ "consent",
+ "customized-consent",
+ "logout",
+ "mfa-push",
+ "mfa-otp",
+ "mfa-voice",
+ "mfa-phone",
+ "mfa-webauthn",
+ "mfa-sms",
+ "mfa-email",
+ "mfa-recovery-code",
+ "mfa",
+ "status",
+ "device-flow",
+ "email-verification",
+ "email-otp-challenge",
+ "organizations",
+ "invitation",
+ "common",
+ "passkeys",
+ "captcha"
+ ],
+ "key": "prompt"
+ },
+ {
+ "description": "string | Name of the screen",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "login",
+ "login-id",
+ "login-password",
+ "login-passwordless-email-code",
+ "login-passwordless-email-link",
+ "login-passwordless-sms-otp",
+ "login-email-verification",
+ "signup",
+ "signup-id",
+ "signup-password",
+ "phone-identifier-enrollment",
+ "phone-identifier-challenge",
+ "email-identifier-challenge",
+ "reset-password-request",
+ "reset-password-email",
+ "reset-password",
+ "reset-password-success",
+ "reset-password-error",
+ "reset-password-mfa-email-challenge",
+ "reset-password-mfa-otp-challenge",
+ "reset-password-mfa-phone-challenge",
+ "reset-password-mfa-push-challenge-push",
+ "reset-password-mfa-recovery-code-challenge",
+ "reset-password-mfa-sms-challenge",
+ "reset-password-mfa-voice-challenge",
+ "reset-password-mfa-webauthn-platform-challenge",
+ "reset-password-mfa-webauthn-roaming-challenge",
+ "custom-form",
+ "consent",
+ "customized-consent",
+ "logout",
+ "logout-complete",
+ "logout-aborted",
+ "mfa-push-welcome",
+ "mfa-push-enrollment-qr",
+ "mfa-push-enrollment-code",
+ "mfa-push-success",
+ "mfa-push-challenge-push",
+ "mfa-push-list",
+ "mfa-otp-enrollment-qr",
+ "mfa-otp-enrollment-code",
+ "mfa-otp-challenge",
+ "mfa-voice-enrollment",
+ "mfa-voice-challenge",
+ "mfa-phone-challenge",
+ "mfa-phone-enrollment",
+ "mfa-webauthn-platform-enrollment",
+ "mfa-webauthn-roaming-enrollment",
+ "mfa-webauthn-platform-challenge",
+ "mfa-webauthn-roaming-challenge",
+ "mfa-webauthn-change-key-nickname",
+ "mfa-webauthn-enrollment-success",
+ "mfa-webauthn-error",
+ "mfa-webauthn-not-available-error",
+ "mfa-country-codes",
+ "mfa-sms-enrollment",
+ "mfa-sms-challenge",
+ "mfa-sms-list",
+ "mfa-email-challenge",
+ "mfa-email-list",
+ "mfa-recovery-code-enrollment",
+ "mfa-recovery-code-challenge",
+ "mfa-detect-browser-capabilities",
+ "mfa-enroll-result",
+ "mfa-login-options",
+ "mfa-begin-enroll-options",
+ "status",
+ "device-code-activation",
+ "device-code-activation-allowed",
+ "device-code-activation-denied",
+ "device-code-confirmation",
+ "email-verification-result",
+ "email-otp-challenge",
+ "organization-selection",
+ "organization-picker",
+ "accept-invitation",
+ "redeem-ticket",
+ "passkey-enrollment",
+ "passkey-enrollment-local",
+ "interstitial-captcha"
+ ],
+ "key": "screen"
+ }
+ ]
+ },
+ "description": "**Description**\nLearn more about configuring render settings for advanced customization.\n\n\n Example head_tags array. See our documentation on using Liquid variables within head tags.\n
{\n \"head_tags\": [\n {\n \"tag\": \"script\",\n \"attributes\": {\n \"defer\": true,\n \"src\": \"URL_TO_ASSET\",\n \"async\": true,\n \"integrity\": [\n \"ASSET_SHA\"\n ]\n }\n },\n {\n \"tag\": \"link\",\n \"attributes\": {\n \"href\": \"URL_TO_ASSET\",\n \"rel\": \"stylesheet\"\n }\n }\n ]\n}\n\n\n[More info](https://auth0.com/docs/api/management/v2/prompts/patch-rendering)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | ACUL settings successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 402 | --- | A paid subscription is required to use Advanced Customizations. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:prompts. |\n| 403 | operation_not_supported | This tenant does not have Advanced Customizations enabled. |\n| 403 | operation_not_supported | This screen is not available in Advanced Customizations |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Refresh Tokens",
+ "item": [
+ {
+ "name": "Get a refresh token",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "refresh-tokens",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID refresh token to retrieve",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve refresh token information.\n[More info](https://auth0.com/docs/api/management/v2/refresh tokens/get-refresh-token)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The refresh token was retrieved |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected: read:refresh_tokens |\n| 404 | inexistent_refresh_token | The refresh token does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a refresh tokens",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "refresh-tokens",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the refresh token to delete.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete a refresh token by its ID.\n[More info](https://auth0.com/docs/api/management/v2/refresh tokens/delete-refresh-token)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 202 | --- | Refresh token deletion request accepted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected: delete:refresh_tokens |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Resource Servers",
+ "item": [
+ {
+ "name": "Get resource servers",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "resource-servers"
+ ],
+ "query": [
+ {
+ "description": "array | An optional filter on the resource server identifier. Must be URL encoded and may be specified multiple times (max 10).from: Optional id from which to start selection.take: The total amount of entries to retrieve when using the from parameter. Defaults to 50.from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no pages are remaining.\n\n[More info](https://auth0.com/docs/api/management/v2/roles/get-role-user)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Role users successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected all of: read:users, read:roles. |\n| 404 | --- | Role not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Assign users to a role",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "roles",
+ ":id",
+ "users"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the role to assign users to.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nAssign one or more users to an existing user role. To learn more, review Role-Based Access Control.\n\nNote: New roles cannot be created through this action.\n\n[More info](https://auth0.com/docs/api/management/v2/roles/post-role-users)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Role users successfully updated. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected: update:roles. |\n| 404 | --- | Role not found. |\n| 404 | --- | One or more of the users do not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get permissions granted by role",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "roles",
+ ":id",
+ "permissions"
+ ],
+ "query": [
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | ID of the role to list granted permissions.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve detailed list (name, description, resource server) of permissions granted by a specified user role.\n\n[More info](https://auth0.com/docs/api/management/v2/roles/get-role-permission)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Role permissions successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected: read:roles. |\n| 404 | --- | Role not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Remove permissions from a role",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "roles",
+ ":id",
+ "permissions"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the role to remove permissions from.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRemove one or more permissions from a specified user role.\n\n[More info](https://auth0.com/docs/api/management/v2/roles/delete-role-permission-assignment)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Role permissions successfully updated. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected: update:roles. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Associate permissions with a role",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "roles",
+ ":id",
+ "permissions"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the role to add permissions to.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nAdd one or more permissions to a specified user role.\n\n[More info](https://auth0.com/docs/api/management/v2/roles/post-role-permission-assignment)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Role permissions updated. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected: update:roles. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Rules",
+ "item": [
+ {
+ "name": "Get rules",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "rules"
+ ],
+ "query": [
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page.",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Optional filter on whether a rule is enabled (true) or disabled (false).",
+ "type": "boolean",
+ "key": "enabled",
+ "disabled": true
+ },
+ {
+ "description": "string | Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Whether specified fields are to be included (true) or excluded (false).",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve a filtered list of rules. Accepts a list of fields to include or exclude.\n\n[More info](https://auth0.com/docs/api/management/v2/rules/get-rules)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Rules successfully retrieved. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:rules. |\n| 404 | inexistent_rule | Rule not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a rule",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "rules"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a new rule.\n\nNote: Changing a rule's stage of execution from the default login_success can change the rule's function signature to have user omitted.\n\n[More info](https://auth0.com/docs/api/management/v2/rules/post-rules)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Rule successfully created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:rules. |\n| 403 | too_many_entities | You reached the limit of entities of this type for this tenant. |\n| 409 | rule_conflict | A rule with the same name already exists. |\n| 409 | rule_conflict | A rule with the same order already exists. |\n| 409 | rule_conflict | A rule with the same execution stage already exists. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a rule",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "rules",
+ ":id"
+ ],
+ "query": [
+ {
+ "description": "string | Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Whether specified fields are to be included (true) or excluded (false).",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | ID of the rule to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve rule details. Accepts a list of fields to include or exclude in the result.\n\n[More info](https://auth0.com/docs/api/management/v2/rules/get-rules-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Rule successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:rules. |\n| 404 | inexistent_rule | Rule not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a rule",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "rules",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the rule to delete.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete a rule.\n\n[More info](https://auth0.com/docs/api/management/v2/rules/delete-rules-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Rule successfully deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:rules. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update a rule",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "rules",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the rule to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate an existing rule.\n\n[More info](https://auth0.com/docs/api/management/v2/rules/patch-rules-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Rule successfully updated. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:rules. |\n| 404 | rule_conflict | Rule not found. |\n| 409 | rule_conflict | A rule with the same name already exists. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Rules Configs",
+ "item": [
+ {
+ "name": "Retrieve config variable keys for rules (get_rules-configs)",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "rules-configs"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve rules config variable keys.\n\n Note: For security, config variable values cannot be retrieved outside rule execution.\n[More info](https://auth0.com/docs/api/management/v2/rules configs/get-rules-configs)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Rules config keys successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:rules_configs. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete rules config for a given key",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "rules-configs",
+ ":key"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Key of the rules config variable to delete.",
+ "type": "string",
+ "required": true,
+ "key": "key"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete a rules config variable identified by its key.\n[More info](https://auth0.com/docs/api/management/v2/rules configs/delete-rules-configs-by-key)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Rules config variable successfully removed. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:rules_configs. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Set rules config for a given key",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "rules-configs",
+ ":key"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | Key of the rules config variable to set (max length: 127 characters).",
+ "type": "string",
+ "required": true,
+ "key": "key"
+ }
+ ]
+ },
+ "description": "**Description**\nSets a rules config variable.\n[More info](https://auth0.com/docs/api/management/v2/rules configs/put-rules-configs-by-key)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Rules config variable successfully set. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:rules_configs. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Self Service Profiles",
+ "item": [
+ {
+ "name": "Get self-service profiles",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "self-service-profiles"
+ ],
+ "query": [
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page. Defaults to 50.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieves self-service profiles.\n\n[More info](https://auth0.com/docs/api/management/v2/self service profiles/get-self-service-profiles)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | List of existing profiles. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: read:self_service_profiles. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| 500 | --- | Internal error. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a self-service profile",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "self-service-profiles"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreates a self-service profile.\n\n[More info](https://auth0.com/docs/api/management/v2/self service profiles/post-self-service-profiles)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Self-service profile successfully created. |\n| 400 | invalid_body | Invalid Request Body. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: create:self_service_profiles. |\n| 409 | --- | No more profiles can be created for this tenant. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| 500 | --- | Internal error. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a self-service profile by Id",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "self-service-profiles",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the self-service profile to retrieve",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieves a self-service profile by Id.\n[More info](https://auth0.com/docs/api/management/v2/self service profiles/get-self-service-profiles-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Record for existing self-service profile. |\n| 400 | --- | Invalid Request. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: read:self_service_profiles. |\n| 404 | --- | Self-service profile not found |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| 500 | --- | Internal error. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a self-service profile by Id",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "self-service-profiles",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the self-service profile to delete",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDeletes a self-service profile by Id.\n[More info](https://auth0.com/docs/api/management/v2/self service profiles/delete-self-service-profiles-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | Self-service profile successfully deleted. |\n| 400 | --- | Invalid Request. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: delete:self_service_profiles. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| 500 | --- | Internal error. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update a self-service profile",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "self-service-profiles",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the self-service profile to update",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdates a self-service profile.\n[More info](https://auth0.com/docs/api/management/v2/self service profiles/patch-self-service-profiles-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Self-service profile successfully updated. |\n| 400 | --- | Invalid Request. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope, expected: update:self_service_profiles. |\n| 404 | --- | Self-service profile not found |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| 500 | --- | Internal error. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get custom text for a self-service profile",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "self-service-profiles",
+ ":id",
+ "custom-text",
+ ":language",
+ ":page"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the self-service profile.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | The language of the custom text.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "en"
+ ],
+ "key": "language"
+ },
+ {
+ "description": "string | The page where the custom text is shown.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "get-started"
+ ],
+ "key": "page"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieves text customizations for a given self-service profile, language and Self Service SSO Flow page.\n\n[More info](https://auth0.com/docs/api/management/v2/self service profiles/get-self-service-profile-custom-text)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Retrieved custom text. |\n| 404 | --- | Self-service profile not found. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: read:self_service_profile_custom_texts. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Set custom text for a self-service profile",
+ "request": {
+ "method": "put",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "self-service-profiles",
+ ":id",
+ "custom-text",
+ ":language",
+ ":page"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the self-service profile.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ },
+ {
+ "description": "string | The language of the custom text.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "en"
+ ],
+ "key": "language"
+ },
+ {
+ "description": "string | The page where the custom text is shown.",
+ "type": "string",
+ "required": true,
+ "enum": [
+ "get-started"
+ ],
+ "key": "page"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdates text customizations for a given self-service profile, language and Self Service SSO Flow page.\n\n[More info](https://auth0.com/docs/api/management/v2/self service profiles/put-self-service-profile-custom-text)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Updated custom text. |\n| 404 | --- | Self-service profile not found. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: update:self_service_profile_custom_texts. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create an SSO access ticket to initiate the Self Service SSO Flow",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "self-service-profiles",
+ ":id",
+ "sso-ticket"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the self-service profile to retrieve",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nCreates an SSO access ticket to initiate the Self Service SSO Flow using a self-service profile.\n\n[More info](https://auth0.com/docs/api/management/v2/self service profiles/post-sso-ticket)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | SSO Access Ticket successfully created. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: create:sso_access_tickets. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| undefined | invalid_body | Invalid request body. The message will vary depending on the cause. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Revoke an SSO access ticket",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "self-service-profiles",
+ ":profileId",
+ "sso-ticket",
+ ":id",
+ "revoke"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The id of the self-service profile",
+ "type": "string",
+ "required": true,
+ "key": "profileId"
+ },
+ {
+ "description": "string | The id of the ticket to revoke",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRevokes an SSO access ticket and invalidates associated sessions. The ticket will no longer be accepted to initiate a Self-Service SSO session. If any users have already started a session through this ticket, their session will be terminated. Clients should expect a `202 Accepted` response upon successful processing, indicating that the request has been acknowledged and that the revocation is underway but may not be fully completed at the time of response. If the specified ticket does not exist, a `202 Accepted` response is also returned, signaling that no further action is required.\nClients should treat these `202` responses as an acknowledgment that the request has been accepted and is in progress, even if the ticket was not found.\n\n[More info](https://auth0.com/docs/api/management/v2/self service profiles/post-revoke)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 202 | --- | SSO Access Ticket revocation request accepted. |\n| undefined | --- | Invalid token. |\n| undefined | --- | Invalid signature received for JSON Web Token validation. |\n| undefined | --- | Client is not global. |\n| undefined | insufficient_scope | Insufficient scope; expected any of: delete:sso_access_tickets. |\n| undefined | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Sessions",
+ "item": [
+ {
+ "name": "Get session",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "sessions",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of session to retrieve",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve session information.\n[More info](https://auth0.com/docs/api/management/v2/sessions/get-session)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | The session was retrieved |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation |\n| 403 | insufficient_scope | Insufficient scope, expected any of: read:sessions |\n| 404 | inexistent_session | The session does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete session",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "sessions",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the session to delete.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete a session by ID.\n[More info](https://auth0.com/docs/api/management/v2/sessions/delete-session)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 202 | --- | Session deletion request accepted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected: delete:sessions |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Revokes a session",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "sessions",
+ ":id",
+ "revoke"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the session to revoke.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRevokes a session by ID and all associated refresh tokens.\n[More info](https://auth0.com/docs/api/management/v2/sessions/revoke-session)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 202 | --- | Session deletion request accepted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected: delete:sessions |\n| 404 | inexistent_session | The session does not exist. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Stats",
+ "item": [
+ {
+ "name": "Get active users count",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "stats",
+ "active-users"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve the number of active users that logged in during the last 30 days.\n[More info](https://auth0.com/docs/api/management/v2/stats/get-active-users)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Number of active users successfully retrieved. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | --- | Insufficient scope; expected any of: read:stats. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get daily stats",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "stats",
+ "daily"
+ ],
+ "query": [
+ {
+ "description": "string | Optional first day of the date range (inclusive) in YYYYMMDD format.",
+ "type": "string",
+ "key": "from",
+ "disabled": true
+ },
+ {
+ "description": "string | Optional last day of the date range (inclusive) in YYYYMMDD format.",
+ "type": "string",
+ "key": "to",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve the number of logins, signups and breached-password detections (subscription required) that occurred each day within a specified date range.\n[More info](https://auth0.com/docs/api/management/v2/stats/get-daily)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Daily stats successfully retrieved. |\n| 400 | invalid_query_string | Invalid request query. The message will vary depending on the cause. |\n| 400 | invalid_query_string | 'from' date cannot be greater than 'to' date. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:stats. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Tenants",
+ "item": [
+ {
+ "name": "Get tenant settings",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "tenants",
+ "settings"
+ ],
+ "query": [
+ {
+ "description": "string | Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Whether specified fields are to be included (true) or excluded (false).",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve tenant settings. A list of fields to include or exclude may also be specified.\n[More info](https://auth0.com/docs/api/management/v2/tenants/tenant-settings-route)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Tenant settings successfully retrieved. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | operation_not_supported | The specified client cannot perform the requested operation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:tenant_settings. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update tenant settings",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "tenants",
+ "settings"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nUpdate settings for a tenant.\n[More info](https://auth0.com/docs/api/management/v2/tenants/patch-settings)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Tenant settings successfully updated. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: update:tenant_settings. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Tickets",
+ "item": [
+ {
+ "name": "Create an email verification ticket",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "tickets",
+ "email-verification"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate an email verification ticket for a given user. An email verification ticket is a generated URL that the user can consume to verify their email address.\n\n[More info](https://auth0.com/docs/api/management/v2/tickets/post-email-verification)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Ticket successfully created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 400 | user_missing_email | The user does not have an email address. |\n| 400 | operation_not_supported | The user's main connection does not support this operation. |\n| 400 | auth0_idp_error | An error ocurred in Auth0's identity provider. |\n| 400 | inexistent_connection | The connection with id {connection_id} does not exist. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | unowned_resource | User to be acted on does not match subject in bearer token. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:user_tickets. |\n| 404 | inexistent_user | User not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| 400 | inexistent_client | The client does not exist |\n| 400 | inexistent_organization | The organization does not exist |\n| 400 | invalid_user | The user with id {user_id} is not a member of organization with id {organization_id}. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a password change ticket",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "tickets",
+ "password-change"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a password change ticket for a given user. A password change ticket is a generated URL that the user can consume to start a reset password flow.\n\nNote: This endpoint does not verify the given user’s identity. If you call this endpoint within your application, you must design your application to verify the user’s identity.\n\n[More info](https://auth0.com/docs/api/management/v2/tickets/post-password-change)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | Ticket successfully created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 400 | user_missing_email | The user does not have an email address. |\n| 400 | operation_not_supported | The user's main connection does not support this operation. |\n| 400 | auth0_idp_error | An error ocurred in Auth0's identity provider. |\n| 400 | inexistent_connection | The connection with id {connection_id} does not exist. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | unowned_resource | User to be acted on does not match subject in bearer token. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: create:user_tickets. |\n| 404 | inexistent_user | User not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| 400 | inexistent_client | The client does not exist |\n| 400 | inexistent_organization | The organization does not exist |\n| 400 | invalid_user | The user with id {user_id} is not a member of organization with id {organization_id}. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "User Blocks",
+ "item": [
+ {
+ "name": "Get blocks by identifier",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "user-blocks"
+ ],
+ "query": [
+ {
+ "description": "string | Should be any of a username, phone number, or email.",
+ "type": "string",
+ "required": true,
+ "key": "identifier",
+ "disabled": true
+ },
+ {
+ "description": "boolean | \n If true and Brute Force Protection is enabled and configured to block logins, will return a list of blocked IP addresses.\n If true and Brute Force Protection is disabled, will return an empty list.\n ",
+ "type": "boolean",
+ "required": false,
+ "key": "consider_brute_force_enablement",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of all Brute-force Protection blocks for a user with the given identifier (username, phone number, or email).\n[More info](https://auth0.com/docs/api/management/v2/user blocks/get-user-blocks)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | User successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:users. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Unblock by identifier",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "user-blocks"
+ ],
+ "query": [
+ {
+ "description": "string | Should be any of a username, phone number, or email.",
+ "type": "string",
+ "required": true,
+ "key": "identifier",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRemove all Brute-force Protection blocks for the user with the given identifier (username, phone number, or email).\n\nNote: This endpoint does not unblock users that were blocked by a tenant administrator.\n\n[More info](https://auth0.com/docs/api/management/v2/user blocks/delete-user-blocks)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | User successfully unblocked. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Some fields cannot be read with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes. |\n| 403 | --- | Insufficient scope; expected any of: update:users. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a user's blocks",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "user-blocks",
+ ":id"
+ ],
+ "query": [
+ {
+ "description": "boolean | \n If true and Brute Force Protection is enabled and configured to block logins, will return a list of blocked IP addresses.\n If true and Brute Force Protection is disabled, will return an empty list.\n ",
+ "type": "boolean",
+ "key": "consider_brute_force_enablement",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | user_id of the user blocks to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve details of all Brute-force Protection blocks for the user with the given ID.\n\n[More info](https://auth0.com/docs/api/management/v2/user blocks/get-user-blocks-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | User block successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | unowned_resource | User to be acted on does not match subject in bearer token. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:users. |\n| 404 | inexistent_user | User not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Unblock a user",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "user-blocks",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | The user_id of the user to update.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRemove all Brute-force Protection blocks for the user with the given ID.\n\nNote: This endpoint does not unblock users that were blocked by a tenant administrator.\n\n[More info](https://auth0.com/docs/api/management/v2/user blocks/delete-user-blocks-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | User successfully unblocked. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | unowned_resource | User to be acted on does not match subject in bearer token. |\n| 403 | insufficient_scope | Some fields cannot be read with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes. |\n| 403 | --- | Insufficient scope; expected any of: update:users. |\n| 404 | inexistent_user | User not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ }
+ ]
+ },
+ {
+ "name": "Users",
+ "item": [
+ {
+ "name": "List or Search Users",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "users"
+ ],
+ "query": [
+ {
+ "description": "integer | Page index of the results to return. First page is 0.",
+ "type": "integer",
+ "minimum": 0,
+ "key": "page",
+ "disabled": true
+ },
+ {
+ "description": "integer | Number of results per page.",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 100,
+ "key": "per_page",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "type": "boolean",
+ "key": "include_totals",
+ "disabled": true
+ },
+ {
+ "description": "string | Field to sort by. Use field:order where order is 1 for ascending and -1 for descending. e.g. created_at:1",
+ "type": "string",
+ "key": "sort",
+ "disabled": true
+ },
+ {
+ "description": "string | Connection filter. Only applies when using search_engine=v1. To filter by connection with search_engine=v2|v3, use q=identities.connection:\"connection_name\"",
+ "type": "string",
+ "key": "connection",
+ "disabled": true
+ },
+ {
+ "description": "string | Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Whether specified fields are to be included (true) or excluded (false).",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ },
+ {
+ "description": "string | Query in Lucene query string syntax. Some query types cannot be used on metadata fields, for details see Searchable Fields.",
+ "type": "string",
+ "key": "q",
+ "disabled": true
+ },
+ {
+ "description": "string | The version of the search engine",
+ "type": "string",
+ "enum": [
+ "v1",
+ "v2",
+ "v3"
+ ],
+ "key": "search_engine",
+ "disabled": true
+ }
+ ],
+ "variable": []
+ },
+ "description": "**Description**\nRetrieve details of users. It is possible to:\n\n- Specify a search criteria for users\n- Sort the users to be returned\n- Select the fields to be returned\n- Specify the number of users to retrieve per page and the page index\n \nThe q query parameter can be used to get users that match the specified criteria using query string syntax.\n\nLearn more about searching for users.\n\nRead about best practices when working with the API endpoints for retrieving users.\n\nAuth0 limits the number of users you can return. If you exceed this threshold, please redefine your search, use the export job, or the User Import / Export extension.\n\n[More info](https://auth0.com/docs/api/management/v2/users/get-users)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | Users successfully retrieved. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 400 | invalid_query_string | The 'q' parameter is available only if you specify 'search_engine=v2|v3'. |\n| 400 | operation_not_supported | You are not allowed to use search_engine=v1. |\n| 400 | operation_not_supported | You are not allowed to use search_engine=v2. Use search_engine=v3 instead. |\n| 400 | operation_not_supported | You are not allowed to use search_engine=v3. |\n| 400 | invalid_paging | You can only page through the first 1000 records. See https://auth0.com/docs/users/search/v3/view-search-results-by-page#limitation. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 401 | --- | Invalid token. |\n| 403 | insufficient_scope | Insufficient scope, expected any of: read:users. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |\n| 503 | --- | The query exceeded the timeout. Please try refining your search criteria. See https://auth0.com/docs/best-practices/search-best-practices. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Create a User",
+ "request": {
+ "method": "post",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "users"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "description": "**Description**\nCreate a new user for a given database or passwordless connection.\n\nNote: connection is required but other parameters such as email and password are dependent upon the type of connection.\n[More info](https://auth0.com/docs/api/management/v2/users/post-users)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 201 | --- | User successfully created. |\n| 400 | invalid_body | Invalid request body. The message will vary depending on the cause. |\n| 400 | operation_not_supported | Connection does not support user creation through the API. It must either be a database or passwordless connection. |\n| 400 | operation_not_supported | Cannot set username for connection without requires_username. |\n| 400 | inexistent_connection | Connection does not exist. |\n| 400 | connection_is_disabled | Connection is disabled. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | insufficient_scope | Insufficient scope, expected any of: create:users. |\n| 409 | auth0_idp_error | User already exists. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Get a User",
+ "request": {
+ "method": "get",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "users",
+ ":id"
+ ],
+ "query": [
+ {
+ "description": "string | Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "type": "string",
+ "key": "fields",
+ "disabled": true
+ },
+ {
+ "description": "boolean | Whether specified fields are to be included (true) or excluded (false).",
+ "type": "boolean",
+ "key": "include_fields",
+ "disabled": true
+ }
+ ],
+ "variable": [
+ {
+ "description": "string | ID of the user to retrieve.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nRetrieve user details. A list of fields to include or exclude may also be specified. For more information, see Retrieve Users with the Get Users Endpoint.\n\n[More info](https://auth0.com/docs/api/management/v2/users/get-users-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 200 | --- | User successfully retrieved. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 400 | invalid_query_string | Invalid request query string. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | unowned_resource | User to be acted on does not match subject in bearer token. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: read:users, read:user_idp_tokens, read:current_user. |\n| 404 | inexistent_user | User not found. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Delete a User",
+ "request": {
+ "method": "delete",
+ "header": [],
+ "body": {},
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "users",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the user to delete.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nDelete a user by user ID. This action cannot be undone. For Auth0 Dashboard instructions, see Delete Users.\n\n[More info](https://auth0.com/docs/api/management/v2/users/delete-users-by-id)\n\n**Response messages:**\n\n| **Status code** | **Error code** | **Message** |\n| --- | --- | --- |\n| 204 | --- | User successfully deleted. |\n| 400 | invalid_uri | Invalid request URI. The message will vary depending on the cause. |\n| 401 | --- | Invalid token. |\n| 401 | --- | Client is not global. |\n| 401 | --- | Invalid signature received for JSON Web Token validation. |\n| 403 | unowned_resource | User to be acted on does not match subject in bearer token. |\n| 403 | insufficient_scope | Insufficient scope; expected any of: delete:users,delete:current_user. |\n| 429 | --- | Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers. |"
+ },
+ "response": []
+ },
+ {
+ "name": "Update a User",
+ "request": {
+ "method": "patch",
+ "header": [],
+ "body": {
+ "mode": "raw",
+ "raw": "{ \"Make\": \"A Get Request First\" }",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ },
+ "url": {
+ "protocol": "https",
+ "host": [
+ "{{auth0_domain}}"
+ ],
+ "path": [
+ "api",
+ "v2",
+ "users",
+ ":id"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "description": "string | ID of the user to update.",
+ "type": "string",
+ "required": true,
+ "key": "id"
+ }
+ ]
+ },
+ "description": "**Description**\nUpdate a user.\n\nThese are the attributes that can be updated at the root level:\n\nuser_metadata and app_metadata). These properties are merged instead of being replaced but be careful, the merge only occurs on the first level.email, email_verified, phone_number, phone_verified, username or password of a secondary identity, you need to specify the connection property too.email or phone_number you can specify, optionally, the client_id property.email_verified is not supported for enterprise and passwordless sms connections.blocked to false does not affect the user's blocked state from an excessive amount of incorrectly provided credentials. Use the \"Unblock a user\" endpoint from the \"User Blocks\" API to change the user's state.null as the value.{ \"email_verified\": true }user_metadata:\n{ \"user_metadata\" : { \"profileCode\": 1479 } }addresses the body to send should be:\n{ \"user_metadata\" : { \"addresses\": {\"work_address\": \"100 Industrial Way\"} }}user_metadata property:{\n \"user_metadata\": {\n \"profileCode\": 1479,\n \"addresses\": { \"work_address\": \"100 Industrial Way\" }\n }\n}\"home_address\": \"742 Evergreen Terrace\" (using the addresses property) we should send the whole addresses object. Since this is a first-level object, the object will be merged in, but its own properties will not be. The body to send should be:\n{\n \"user_metadata\": {\n \"addresses\": {\n \"work_address\": \"100 Industrial Way\",\n \"home_address\": \"742 Evergreen Terrace\"\n }\n }\n}user_metadata property:\n{\n \"user_metadata\": {\n \"profileCode\": 1479,\n \"addresses\": {\n \"work_address\": \"100 Industrial Way\",\n \"home_address\": \"742 Evergreen Terrace\"\n }\n }\n}update:current_user_identities scope:\n \n POST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities\n Authorization: \"Bearer PRIMARY_ACCOUNT_JWT\"\n {\n \"link_with\": \"SECONDARY_ACCOUNT_JWT\"\n }\n \n In this case, only the link_with param is required in the body, which also contains the JWT obtained upon the secondary account's authentication.\n update:users scope:\n \n POST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities\n Authorization: \"Bearer YOUR_API_V2_TOKEN\"\n {\n \"provider\": \"SECONDARY_ACCOUNT_PROVIDER\",\n \"connection_id\": \"SECONDARY_ACCOUNT_CONNECTION_ID(OPTIONAL)\",\n \"user_id\": \"SECONDARY_ACCOUNT_USER_ID\"\n }\n \n In this case you need to send provider and user_id in the body. Optionally you can also send the connection_id param which is suitable for identifying a particular database connection for the 'auth0' provider.\n