diff --git a/EXAMPLES.md b/EXAMPLES.md
index 8c04d8c0..1ccbf8a0 100644
--- a/EXAMPLES.md
+++ b/EXAMPLES.md
@@ -193,4 +193,27 @@ if err != nil {
log.Fatalf("error was %+v", err)
}
log.Printf("User %s", user.GetOurCustomID())
-```
\ No newline at end of file
+```
+
+To handle nullable fields, create a custom struct without the omitempty tag and set it to null using a custom request.
+
+```go
+// Define a custom struct similar to the `Tenant` struct exposed by the SDK but without the `omitempty` tag.
+type CustomTenant struct {
+AcrValuesSupported *[]string `json:"acr_values_supported"`
+MTLS *management.MTLSConfiguration `json:"mtls"`
+}
+
+// Create a custom request to set the nullable fields to null.
+nullableTenantSettings := &CustomTenant{
+AcrValuesSupported: nil,
+MTLS: nil,
+}
+
+err := auth0API.Request(context.Background(), http.MethodPatch, auth0API.URI("tenants", "settings"), nullableTenantSettings)
+if err != nil {
+log.Fatalf("error was %+v", err)
+}
+
+log.Printf("Tenant %+v", tenant)
+```
diff --git a/management/client.go b/management/client.go
index f4e546c9..d0131443 100644
--- a/management/client.go
+++ b/management/client.go
@@ -118,6 +118,75 @@ type Client struct {
// URLs that are valid to call back from Auth0 for OIDC logout.
OIDCLogout *OIDCLogout `json:"oidc_logout,omitempty"`
+
+ // SignedRequestObject JWT-secured Authorization Requests (JAR) settings for the client.
+ SignedRequestObject *SignedRequestObject `json:"signed_request_object,omitempty"`
+
+ // ComplianceLevel Defines the compliance level for this client, which may restrict it's capabilities
+ //
+ // To unset values (set to null), use a PATCH request like this:
+ //
+ // PATCH /api/v2/clients/{id}
+ //
+ // {
+ // "compliance_level": null
+ // }
+ //
+ // For more details on making custom requests, refer to the Auth0 Go SDK examples:
+ // https://github.com/auth0/go-auth0/blob/main/EXAMPLES.md#providing-a-custom-user-struct
+ ComplianceLevel *string `json:"compliance_level,omitempty"`
+
+ // RequireProofOfPossession Makes the use of Proof-of-Possession mandatory for this client (default: false).
+ RequireProofOfPossession *bool `json:"require_proof_of_possession,omitempty"`
+}
+
+// SignedRequestObject is used to configure JWT-secured Authorization Requests (JAR) settings for our Client.
+type SignedRequestObject struct {
+ // Indicates whether the JAR requests are mandatory
+ Required *bool `json:"required,omitempty"`
+
+ // Credentials used to sign the JAR requests
+ Credentials *[]Credential `json:"credentials,omitempty"`
+}
+
+// CleanForPatch removes unnecessary fields from the client object before patching.
+func (c *Client) CleanForPatch() {
+ if c.SignedRequestObject != nil && c.SignedRequestObject.Credentials != nil {
+ var credentials []Credential
+ for _, cred := range *c.SignedRequestObject.Credentials {
+ if cred.ID != nil && *cred.ID != "" {
+ credentials = append(credentials, Credential{ID: cred.ID})
+ }
+ }
+ c.SignedRequestObject.Credentials = &credentials
+ }
+ if c.ClientAuthenticationMethods != nil && c.ClientAuthenticationMethods.TLSClientAuth != nil && c.ClientAuthenticationMethods.TLSClientAuth.Credentials != nil {
+ var credentials []Credential
+ for _, cred := range *c.ClientAuthenticationMethods.TLSClientAuth.Credentials {
+ if cred.ID != nil && *cred.ID != "" {
+ credentials = append(credentials, Credential{ID: cred.ID})
+ }
+ }
+ c.ClientAuthenticationMethods.TLSClientAuth.Credentials = &credentials
+ }
+ if c.ClientAuthenticationMethods != nil && c.ClientAuthenticationMethods.SelfSignedTLSClientAuth != nil && c.ClientAuthenticationMethods.SelfSignedTLSClientAuth.Credentials != nil {
+ var credentials []Credential
+ for _, cred := range *c.ClientAuthenticationMethods.SelfSignedTLSClientAuth.Credentials {
+ if cred.ID != nil && *cred.ID != "" {
+ credentials = append(credentials, Credential{ID: cred.ID})
+ }
+ }
+ c.ClientAuthenticationMethods.SelfSignedTLSClientAuth.Credentials = &credentials
+ }
+ if c.ClientAuthenticationMethods != nil && c.ClientAuthenticationMethods.PrivateKeyJWT != nil && c.ClientAuthenticationMethods.PrivateKeyJWT.Credentials != nil {
+ var credentials []Credential
+ for _, cred := range *c.ClientAuthenticationMethods.PrivateKeyJWT.Credentials {
+ if cred.ID != nil && *cred.ID != "" {
+ credentials = append(credentials, Credential{ID: cred.ID})
+ }
+ }
+ c.ClientAuthenticationMethods.PrivateKeyJWT.Credentials = &credentials
+ }
}
// ClientJWTConfiguration is used to configure JWT settings for our Client.
@@ -131,7 +200,7 @@ type ClientJWTConfiguration struct {
Scopes *map[string]string `json:"scopes,omitempty"`
- // Algorithm used to sign JWTs. Can be "HS256" or "RS256"
+ // Algorithm used to sign JWTs. Can be `HS256` or `RS256`. `PS256` available via addon"
Algorithm *string `json:"alg,omitempty"`
}
@@ -215,11 +284,37 @@ type Credential struct {
UpdatedAt *time.Time `json:"updated_at,omitempty"`
// The time that this credential will expire.
ExpiresAt *time.Time `json:"expires_at,omitempty"`
+ // Subject Distinguished Name. Mutually exclusive with `pem` property.
+ SubjectDN *string `json:"subject_dn,omitempty"`
+ // The SHA256 thumbprint of the x509_cert certificate.
+ ThumbprintSHA256 *string `json:"thumbprint_sha256,omitempty"`
}
// ClientAuthenticationMethods defines client authentication method settings for the client.
type ClientAuthenticationMethods struct {
PrivateKeyJWT *PrivateKeyJWT `json:"private_key_jwt,omitempty"`
+
+ // TLSClientAuth defines the `tls_client_auth` client authentication method settings for the client.
+ // If the property is defined, the client is configured to use CA-based mTLS authentication method
+ TLSClientAuth *TLSClientAuth `json:"tls_client_auth,omitempty"`
+
+ // SelfSignedTLSClientAuth defines the `self_signed_tls_client_auth` client authentication method settings for the client.
+ // If the property is defined, the client is configured to use mTLS authentication method utilizing self-signed certificate
+ SelfSignedTLSClientAuth *SelfSignedTLSClientAuth `json:"self_signed_tls_client_auth,omitempty"`
+}
+
+// TLSClientAuth defines the `tls_client_auth` client authentication method settings for the client.
+type TLSClientAuth struct {
+ // Fully defined credentials that will be enabled on the client for CA-based mTLS authentication.
+ // A list of unique and previously created credential IDs enabled on the client for CA-based mTLS authentication.
+ Credentials *[]Credential `json:"credentials,omitempty"`
+}
+
+// SelfSignedTLSClientAuth defines the `self_signed_tls_client_auth` client authentication method settings for the client.
+type SelfSignedTLSClientAuth struct {
+ // Fully defined credentials that will be enabled on the client for mTLS authentication utilizing self-signed certificate.
+ // A list of unique and previously created credential IDs enabled on the client for mTLS authentication utilizing self-signed certificate.
+ Credentials *[]Credential `json:"credentials,omitempty"`
}
// PrivateKeyJWT defines the `private_key_jwt` client authentication method settings for the client.
@@ -560,6 +655,7 @@ func (m *ClientManager) List(ctx context.Context, opts ...RequestOption) (c *Cli
//
// See: https://auth0.com/docs/api/management/v2#!/Clients/patch_clients_by_id
func (m *ClientManager) Update(ctx context.Context, id string, c *Client, opts ...RequestOption) (err error) {
+ c.CleanForPatch()
return m.management.Request(ctx, "PATCH", m.management.URI("clients", id), c, opts...)
}
diff --git a/management/client_test.go b/management/client_test.go
index 73e4dade..f7d073ae 100644
--- a/management/client_test.go
+++ b/management/client_test.go
@@ -30,6 +30,223 @@ func TestClient_Create(t *testing.T) {
})
}
+func TestClientSignedRequestObject(t *testing.T) {
+ configureHTTPTestRecordings(t)
+
+ expectedClient := &Client{
+ Name: auth0.Stringf("Test Client (%s)", time.Now().Format(time.StampMilli)),
+ Description: auth0.String("This is just a test client."),
+ SignedRequestObject: &SignedRequestObject{
+ Required: auth0.Bool(true),
+ Credentials: &[]Credential{
+ {
+ Name: auth0.Stringf("Test Credential (%s)", time.Now().Format(time.StampMilli)),
+ CredentialType: auth0.String("public_key"),
+ PEM: auth0.String(`-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAua6LXMfgDE/tDdkOL1Oe
+3oWUwg1r4dSTg9L7RCcI5hItUzmkVofHtWN0H4CH2lm2ANmaJUsnhzctYowYW2+R
+tHvU9afTmtbdhpy993972hUqZSYLsE3iGziphYkOKVsqq38+VRH3TNg93zSLoRao
+JnTTkMXseVqiyqYRmFN8+gQQoEclHSGPUWQG5XMZ+hhuXeFyo+Yw/qbZWca/6/2I
+3rsca9jXR1alhxhHrXrg8N4Dm3gBgGbmiht6YYYT2Tyl1OqB9+iOI/9D7dfoCF6X
+AWJXRE454cmC8k8oucpjZVpflA+ocKshwPDR6YTLQYbXYiaWxEoaz0QGUErNQBnG
+I+sr9jDY3ua/s6HF6h0qyi/HVZH4wx+m4CtOfJoYTjrGBbaRszzUxhtSN2/MhXDu
++a35q9/2zcu/3fjkkfVvGUt+NyyiYOKQ9vsJC1g/xxdUWtowjNwjfZE2zcG4usi8
+r38Bp0lmiipAsMLduZM/D5dFXkRdWCBNDfULmmg/4nv2wwjbjQuLemAMh7mmrztW
+i/85WMnjKQZT8NqS43pmgyIzg1gK1neMqdS90YmQ/PvJ36qALxCs245w1JpN9BAL
+JbwxCg/dbmKT7PalfWrksx9hGcJxtGqebldaOpw+5GVIPxxtC1C0gVr9BKeiDS3f
+aibASY5pIRiKENmbZELDtucCAwEAAQ==
+-----END PUBLIC KEY-----`),
+ },
+ },
+ },
+ JWTConfiguration: &ClientJWTConfiguration{Algorithm: auth0.String("PS256")},
+ RequirePushedAuthorizationRequests: auth0.Bool(true),
+ ComplianceLevel: auth0.String("fapi1_adv_pkj_par"),
+ RequireProofOfPossession: auth0.Bool(true),
+ }
+
+ err := api.Client.Create(context.Background(), expectedClient)
+ assert.NoError(t, err)
+ assert.NotEmpty(t, expectedClient.GetClientID())
+ assert.Equal(t, true, expectedClient.GetSignedRequestObject().GetRequired())
+ assert.Equal(t, "fapi1_adv_pkj_par", expectedClient.GetComplianceLevel())
+ assert.Equal(t, "PS256", expectedClient.GetJWTConfiguration().GetAlgorithm())
+ assert.Equal(t, true, expectedClient.GetRequirePushedAuthorizationRequests())
+ assert.Equal(t, true, expectedClient.GetRequireProofOfPossession())
+
+ clientID := expectedClient.GetClientID()
+ expectedClient.ClientID = nil // Read-Only: Additional properties not allowed.
+ expectedClient.SigningKeys = nil // Read-Only: Additional properties not allowed.
+ expectedClient.JWTConfiguration.SecretEncoded = nil // Read-Only: Additional properties not allowed.
+
+ updatedClient := expectedClient
+ updatedClient.SignedRequestObject.Required = auth0.Bool(false)
+ updatedClient.ComplianceLevel = auth0.String("fapi1_adv_mtls_par")
+ updatedClient.RequirePushedAuthorizationRequests = auth0.Bool(false)
+ updatedClient.JWTConfiguration.Algorithm = auth0.String("RS256")
+ updatedClient.RequireProofOfPossession = auth0.Bool(false)
+
+ err = api.Client.Update(context.Background(), clientID, updatedClient)
+ assert.NoError(t, err)
+
+ assert.Equal(t, false, updatedClient.GetSignedRequestObject().GetRequired())
+ assert.Equal(t, "fapi1_adv_mtls_par", updatedClient.GetComplianceLevel())
+ assert.Equal(t, false, updatedClient.GetRequirePushedAuthorizationRequests())
+ assert.Equal(t, "RS256", updatedClient.GetJWTConfiguration().GetAlgorithm())
+ assert.Equal(t, false, updatedClient.GetRequireProofOfPossession())
+ t.Cleanup(func() {
+ cleanupClient(t, expectedClient.GetClientID())
+ })
+}
+
+func TestClientAuthenticationMethods(t *testing.T) {
+ updateAndVerifyClient := func(t *testing.T, clientID string, updatedClient *Client) {
+ err := api.Client.Update(context.Background(), clientID, updatedClient)
+ assert.NoError(t, err)
+ assert.Equal(t, "fapi1_adv_mtls_par", updatedClient.GetComplianceLevel())
+ assert.Equal(t, false, updatedClient.GetRequirePushedAuthorizationRequests())
+ assert.Equal(t, "RS256", updatedClient.GetJWTConfiguration().GetAlgorithm())
+ }
+
+ cleanupTestClient := func(t *testing.T, clientID string) {
+ t.Cleanup(func() {
+ cleanupClient(t, clientID)
+ })
+ }
+
+ t.Run("GetTLSClientAuth", func(t *testing.T) {
+ configureHTTPTestRecordings(t)
+ client := givenAClientAuthenticationMethodsClient(t, &TLSClientAuth{
+ Credentials: &[]Credential{
+ {
+ Name: auth0.Stringf("Test Credential (%s)", time.Now().Format(time.StampMilli)),
+ CredentialType: auth0.String("cert_subject_dn"),
+ PEM: auth0.String(`-----BEGIN CERTIFICATE-----
+MIIDPDCCAiQCCQDWNMOIuzwDfzANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJK
+UDEOMAwGA1UECAwFVG9reW8xEzARBgNVBAcMCkNoaXlvZGEta3UxDzANBgNVBAoM
+BkNsaWVudDEbMBkGA1UEAwwSY2xpZW50LmV4YW1wbGUub3JnMB4XDTE5MTAyODA3
+MjczMFoXDTIwMTAyNzA3MjczMFowYDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRv
+a3lvMRMwEQYDVQQHDApDaGl5b2RhLWt1MQ8wDQYDVQQKDAZDbGllbnQxGzAZBgNV
+BAMMEmNsaWVudC5leGFtcGxlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAK2Oyc+BV4N5pYcp47opUwsb2NaJq4X+d5Itq8whpFlZ9uCCHzF5TWSF
+XrpYscOp95veGPF42eT1grfxYyvjFotE76caHhBLCkIbBh6Vf222IGMwwBbSZfO9
+J3eURtEADBvsZ117HkPVdjYqvt3Pr4RxdR12zG1TcBAoTLGchyr8nBqRADFhUTCL
+msYaz1ADiQ/xbJN7VUNQpKhzRWHCdYS03HpbGjYCtAbl9dJnH2EepNF0emGiSPFq
+df6taToyCr7oZjM7ufmKPjiiEDbeSYTf6kbPNmmjtoPNNLeejHjP9p0IYx7l0Gkj
+mx4kSMLp4vSDftrFgGfcxzaMmKBsosMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA
+qzdDYbntFLPBlbwAQlpwIjvmvwzvkQt6qgZ9Y0oMAf7pxq3i9q7W1bDol0UF4pIM
+z3urEJCHO8w18JRlfOnOENkcLLLntrjOUXuNkaCDLrnv8pnp0yeTQHkSpsyMtJi9
+R6r6JT9V57EJ/pWQBgKlN6qMiBkIvX7U2hEMmhZ00h/E5xMmiKbySBiJV9fBzDRf
+mAy1p9YEgLsEMLnGjKHTok+hd0BLvcmXVejdUsKCg84F0zqtXEDXLCiKcpXCeeWv
+lmmXxC5PH/GEMkSPiGSR7+b1i0sSotsq+M3hbdwabpJ6nQLLbKkFSGcsQ87yL+gr
+So6zun26vAUJTu1o9CIjxw==
+-----END CERTIFICATE-----`),
+ },
+ },
+ })
+
+ clientID := client.GetClientID()
+ client.ClientID = nil
+ client.SigningKeys = nil
+ client.JWTConfiguration.SecretEncoded = nil
+
+ updatedClient := client
+ updatedClient.ComplianceLevel = auth0.String("fapi1_adv_mtls_par")
+ updatedClient.RequirePushedAuthorizationRequests = auth0.Bool(false)
+ updatedClient.JWTConfiguration.Algorithm = auth0.String("RS256")
+
+ updateAndVerifyClient(t, clientID, updatedClient)
+ cleanupTestClient(t, client.GetClientID())
+ })
+
+ t.Run("GetSelfSignedTLSClientAuth", func(t *testing.T) {
+ configureHTTPTestRecordings(t)
+ client := givenAClientAuthenticationMethodsClient(t, &SelfSignedTLSClientAuth{
+ Credentials: &[]Credential{
+ {
+ Name: auth0.Stringf("Test Credential (%s)", time.Now().Format(time.StampMilli)),
+ CredentialType: auth0.String("x509_cert"),
+ PEM: auth0.String(`-----BEGIN CERTIFICATE-----
+MIIDwTCCAyqgAwIBAgICDh4wDQYJKoZIhvcNAQEFBQAwgZsxCzAJBgNVBAYTAkpQ
+MQ4wDAYDVQQIEwVUb2t5bzEQMA4GA1UEBxMHQ2h1by1rdTERMA8GA1UEChMIRnJh
+bms0REQxGDAWBgNVBAsTD1dlYkNlcnQgU3VwcG9ydDEYMBYGA1UEAxMPRnJhbms0
+REQgV2ViIENBMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZyYW5rNGRkLmNvbTAi
+GA8wMDAwMDEwMTAwMDAwMVoYDzk5OTkxMjMxMjM1OTU5WjCBgTELMAkGA1UEBhMC
+SlAxDjAMBgNVBAgTBVRva3lvMREwDwYDVQQKEwhGcmFuazRERDEQMA4GA1UECxMH
+U3VwcG9ydDEiMCAGCSqGSIb3DQEJARYTcHVibGljQGZyYW5rNGRkLmNvbTEZMBcG
+A1UEAxMQd3d3LmZyYW5rNGRkLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
+gYEA4rkBL30FzR2ZHZ1vpF9kGBO0DMwhu2pcrkcLJ0SEuf52ggo+md0tPis8f1KN
+Tchxj6DtxWT3c7ECW0c1ALpu6mNVE+GaM94KsckSDehoPfbLjT9Apcc/F0mqvDsC
+N6fPdDixWrjx6xKT7xXi3lCy1yIKRMHA6Ha+T4qPyyCyMPECAwEAAaOCASYwggEi
+MAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgWgMB0GA1UdDgQWBBRWKE5tXPIyS0pC
+fE5taGO5Q84gyTCB0AYDVR0jBIHIMIHFgBRi83vtBtSx1Zx/SOXvxckVYf3ZEaGB
+oaSBnjCBmzELMAkGA1UEBhMCSlAxDjAMBgNVBAgTBVRva3lvMRAwDgYDVQQHEwdD
+aHVvLWt1MREwDwYDVQQKEwhGcmFuazRERDEYMBYGA1UECxMPV2ViQ2VydCBTdXBw
+b3J0MRgwFgYDVQQDEw9GcmFuazRERCBXZWIgQ0ExIzAhBgkqhkiG9w0BCQEWFHN1
+cHBvcnRAZnJhbms0ZGQuY29tggkAxscECbwiW6AwEwYDVR0lBAwwCgYIKwYBBQUH
+AwEwDQYJKoZIhvcNAQEFBQADgYEAfXCfXcePJwnMKc06qLa336cEPpXEsPed1bw4
+xiIXfgZ39duBnN+Nv4a49Yl2kbh4JO8tcr5h8WYAI/a/69w8qBFQBUAjTEY/+lcw
+9/6wU7UA3kh7yexeqDiNTRflnPUv3sfiVdLDTjqLWWAxGS8L26PjVaCUFfJLNiYJ
+jerREgM=
+-----END CERTIFICATE-----`),
+ },
+ },
+ })
+
+ clientID := client.GetClientID()
+ client.ClientID = nil
+ client.SigningKeys = nil
+ client.JWTConfiguration.SecretEncoded = nil
+
+ updatedClient := client
+ updatedClient.ComplianceLevel = auth0.String("fapi1_adv_mtls_par")
+ updatedClient.RequirePushedAuthorizationRequests = auth0.Bool(false)
+ updatedClient.JWTConfiguration.Algorithm = auth0.String("RS256")
+
+ updateAndVerifyClient(t, clientID, updatedClient)
+ cleanupTestClient(t, client.GetClientID())
+ })
+
+ t.Run("GetPrivateKeyJWT", func(t *testing.T) {
+ configureHTTPTestRecordings(t)
+ client := givenAClientAuthenticationMethodsClient(t, &PrivateKeyJWT{
+ Credentials: &[]Credential{
+ {
+ Name: auth0.Stringf("Test Credential (%s)", time.Now().Format(time.StampMilli)),
+ CredentialType: auth0.String("public_key"),
+ PEM: auth0.String(`-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3njxXJoHnuN4hByBhSUo
+0kIbXkJTA0wP0fig87MyVz5KgohPrPJgbRSZ7yz/MmXa4qRNHkWiClJybMS2a98M
+6ELOFG8pfDb6J7JaJqx0Kvqn6xsGInbpwsth3K582Cxrp+Y+GBNja++8wDY5IqAi
+TSKSZRNies0GO0grzQ7kj2p0+R7a0c86mdLO4JnGrHoBqEY1HcsfnJvkJkqETlGi
+yMzDQw8Wkux7P59N/3wuroAI83+HMYl1fV39ek3L/GrsLjECrNe5/CVFtblNltyb
+/va9+pAP7Ye5p6tTW2oj3fzUvdX3dYzENWEtRB7DBHXnfEHMjTaBiQeWb2yDHBCw
+++Uh1OCKw9ZLYzoE6gcDQspYf+fFU3F0kuU4c//gSoNuj/iEjaNmOEK6S3xGy8fE
+TjsC+0oF6YaokDZO9+NreL/sGxFfOAysybrKWrMoaYwa81RlpcmBGZM7H1M00zLH
+PPfCYVhGhFs5X3Qzzt6MQE+msgMt9zeGH7liJbOSW2NGSJwbmn7q35YYIfJEoXRF
+1iefT/9fJB9vhQhtYfCOe3AEpTQq6Yz5ViLhToBdsVDBbz2gmRLALs9/D91SE9T4
+XzvXjHGyxWVu0jdvS9hyhJzP4165k1cYDgx8mmg0VxR7j79LmCUDsFcvvSrAOf6y
+0zY7r4pmNyQQ0r4in/gs/wkCAwEAAQ==
+-----END PUBLIC KEY-----`),
+ },
+ },
+ })
+
+ clientID := client.GetClientID()
+ client.ClientID = nil
+ client.SigningKeys = nil
+ client.JWTConfiguration.SecretEncoded = nil
+
+ updatedClient := client
+ updatedClient.ComplianceLevel = auth0.String("fapi1_adv_mtls_par")
+ updatedClient.RequirePushedAuthorizationRequests = auth0.Bool(false)
+ updatedClient.JWTConfiguration.Algorithm = auth0.String("RS256")
+
+ updateAndVerifyClient(t, clientID, updatedClient)
+ cleanupTestClient(t, client.GetClientID())
+ })
+}
+
func TestClient_Read(t *testing.T) {
configureHTTPTestRecordings(t)
@@ -290,6 +507,119 @@ func TestClient_DeleteCredential(t *testing.T) {
assert.Implements(t, (*Error)(nil), err)
assert.Equal(t, http.StatusNotFound, err.(Error).Status())
}
+func TestClient_CreateAllCredential(t *testing.T) {
+ t.Run("Should create PrivateJWT Credential", func(t *testing.T) {
+ configureHTTPTestRecordings(t)
+
+ expectedClient := givenAClient(t)
+
+ credential := &Credential{
+ Name: auth0.Stringf("Test Credential (%s)", time.Now().Format(time.StampMilli)),
+ CredentialType: auth0.String("public_key"),
+ PEM: auth0.String(`-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3njxXJoHnuN4hByBhSUo
+0kIbXkJTA0wP0fig87MyVz5KgohPrPJgbRSZ7yz/MmXa4qRNHkWiClJybMS2a98M
+6ELOFG8pfDb6J7JaJqx0Kvqn6xsGInbpwsth3K582Cxrp+Y+GBNja++8wDY5IqAi
+TSKSZRNies0GO0grzQ7kj2p0+R7a0c86mdLO4JnGrHoBqEY1HcsfnJvkJkqETlGi
+yMzDQw8Wkux7P59N/3wuroAI83+HMYl1fV39ek3L/GrsLjECrNe5/CVFtblNltyb
+/va9+pAP7Ye5p6tTW2oj3fzUvdX3dYzENWEtRB7DBHXnfEHMjTaBiQeWb2yDHBCw
+++Uh1OCKw9ZLYzoE6gcDQspYf+fFU3F0kuU4c//gSoNuj/iEjaNmOEK6S3xGy8fE
+TjsC+0oF6YaokDZO9+NreL/sGxFfOAysybrKWrMoaYwa81RlpcmBGZM7H1M00zLH
+PPfCYVhGhFs5X3Qzzt6MQE+msgMt9zeGH7liJbOSW2NGSJwbmn7q35YYIfJEoXRF
+1iefT/9fJB9vhQhtYfCOe3AEpTQq6Yz5ViLhToBdsVDBbz2gmRLALs9/D91SE9T4
+XzvXjHGyxWVu0jdvS9hyhJzP4165k1cYDgx8mmg0VxR7j79LmCUDsFcvvSrAOf6y
+0zY7r4pmNyQQ0r4in/gs/wkCAwEAAQ==
+-----END PUBLIC KEY-----`),
+ }
+
+ err := api.Client.CreateCredential(context.Background(), expectedClient.GetClientID(), credential)
+ assert.NoError(t, err)
+ assert.NotEmpty(t, credential.GetID())
+
+ t.Cleanup(func() {
+ cleanupCredential(t, expectedClient.GetClientID(), credential.GetID())
+ })
+ })
+ t.Run("Should create TLSClientAuth Credential", func(t *testing.T) {
+ configureHTTPTestRecordings(t)
+
+ expectedClient := givenAClient(t)
+
+ credential := &Credential{
+ Name: auth0.Stringf("Test Credential (%s)", time.Now().Format(time.StampMilli)),
+ CredentialType: auth0.String("cert_subject_dn"),
+ PEM: auth0.String(`-----BEGIN CERTIFICATE-----
+MIIDPDCCAiQCCQDWNMOIuzwDfzANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJK
+UDEOMAwGA1UECAwFVG9reW8xEzARBgNVBAcMCkNoaXlvZGEta3UxDzANBgNVBAoM
+BkNsaWVudDEbMBkGA1UEAwwSY2xpZW50LmV4YW1wbGUub3JnMB4XDTE5MTAyODA3
+MjczMFoXDTIwMTAyNzA3MjczMFowYDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRv
+a3lvMRMwEQYDVQQHDApDaGl5b2RhLWt1MQ8wDQYDVQQKDAZDbGllbnQxGzAZBgNV
+BAMMEmNsaWVudC5leGFtcGxlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAK2Oyc+BV4N5pYcp47opUwsb2NaJq4X+d5Itq8whpFlZ9uCCHzF5TWSF
+XrpYscOp95veGPF42eT1grfxYyvjFotE76caHhBLCkIbBh6Vf222IGMwwBbSZfO9
+J3eURtEADBvsZ117HkPVdjYqvt3Pr4RxdR12zG1TcBAoTLGchyr8nBqRADFhUTCL
+msYaz1ADiQ/xbJN7VUNQpKhzRWHCdYS03HpbGjYCtAbl9dJnH2EepNF0emGiSPFq
+df6taToyCr7oZjM7ufmKPjiiEDbeSYTf6kbPNmmjtoPNNLeejHjP9p0IYx7l0Gkj
+mx4kSMLp4vSDftrFgGfcxzaMmKBsosMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA
+qzdDYbntFLPBlbwAQlpwIjvmvwzvkQt6qgZ9Y0oMAf7pxq3i9q7W1bDol0UF4pIM
+z3urEJCHO8w18JRlfOnOENkcLLLntrjOUXuNkaCDLrnv8pnp0yeTQHkSpsyMtJi9
+R6r6JT9V57EJ/pWQBgKlN6qMiBkIvX7U2hEMmhZ00h/E5xMmiKbySBiJV9fBzDRf
+mAy1p9YEgLsEMLnGjKHTok+hd0BLvcmXVejdUsKCg84F0zqtXEDXLCiKcpXCeeWv
+lmmXxC5PH/GEMkSPiGSR7+b1i0sSotsq+M3hbdwabpJ6nQLLbKkFSGcsQ87yL+gr
+So6zun26vAUJTu1o9CIjxw==
+-----END CERTIFICATE-----`),
+ }
+
+ err := api.Client.CreateCredential(context.Background(), expectedClient.GetClientID(), credential)
+ assert.NoError(t, err)
+ assert.NotEmpty(t, credential.GetID())
+
+ t.Cleanup(func() {
+ cleanupCredential(t, expectedClient.GetClientID(), credential.GetID())
+ })
+ })
+ t.Run("Should create SelfSignedTLSClientAuth Credential", func(t *testing.T) {
+ configureHTTPTestRecordings(t)
+
+ expectedClient := givenAClient(t)
+
+ credential := &Credential{
+ Name: auth0.Stringf("Test Credential (%s)", time.Now().Format(time.StampMilli)),
+ CredentialType: auth0.String("x509_cert"),
+ PEM: auth0.String(`-----BEGIN CERTIFICATE-----
+MIIDwTCCAyqgAwIBAgICDh4wDQYJKoZIhvcNAQEFBQAwgZsxCzAJBgNVBAYTAkpQ
+MQ4wDAYDVQQIEwVUb2t5bzEQMA4GA1UEBxMHQ2h1by1rdTERMA8GA1UEChMIRnJh
+bms0REQxGDAWBgNVBAsTD1dlYkNlcnQgU3VwcG9ydDEYMBYGA1UEAxMPRnJhbms0
+REQgV2ViIENBMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZyYW5rNGRkLmNvbTAi
+GA8wMDAwMDEwMTAwMDAwMVoYDzk5OTkxMjMxMjM1OTU5WjCBgTELMAkGA1UEBhMC
+SlAxDjAMBgNVBAgTBVRva3lvMREwDwYDVQQKEwhGcmFuazRERDEQMA4GA1UECxMH
+U3VwcG9ydDEiMCAGCSqGSIb3DQEJARYTcHVibGljQGZyYW5rNGRkLmNvbTEZMBcG
+A1UEAxMQd3d3LmZyYW5rNGRkLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
+gYEA4rkBL30FzR2ZHZ1vpF9kGBO0DMwhu2pcrkcLJ0SEuf52ggo+md0tPis8f1KN
+Tchxj6DtxWT3c7ECW0c1ALpu6mNVE+GaM94KsckSDehoPfbLjT9Apcc/F0mqvDsC
+N6fPdDixWrjx6xKT7xXi3lCy1yIKRMHA6Ha+T4qPyyCyMPECAwEAAaOCASYwggEi
+MAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgWgMB0GA1UdDgQWBBRWKE5tXPIyS0pC
+fE5taGO5Q84gyTCB0AYDVR0jBIHIMIHFgBRi83vtBtSx1Zx/SOXvxckVYf3ZEaGB
+oaSBnjCBmzELMAkGA1UEBhMCSlAxDjAMBgNVBAgTBVRva3lvMRAwDgYDVQQHEwdD
+aHVvLWt1MREwDwYDVQQKEwhGcmFuazRERDEYMBYGA1UECxMPV2ViQ2VydCBTdXBw
+b3J0MRgwFgYDVQQDEw9GcmFuazRERCBXZWIgQ0ExIzAhBgkqhkiG9w0BCQEWFHN1
+cHBvcnRAZnJhbms0ZGQuY29tggkAxscECbwiW6AwEwYDVR0lBAwwCgYIKwYBBQUH
+AwEwDQYJKoZIhvcNAQEFBQADgYEAfXCfXcePJwnMKc06qLa336cEPpXEsPed1bw4
+xiIXfgZ39duBnN+Nv4a49Yl2kbh4JO8tcr5h8WYAI/a/69w8qBFQBUAjTEY/+lcw
+9/6wU7UA3kh7yexeqDiNTRflnPUv3sfiVdLDTjqLWWAxGS8L26PjVaCUFfJLNiYJ
+jerREgM=
+-----END CERTIFICATE-----`),
+ }
+
+ err := api.Client.CreateCredential(context.Background(), expectedClient.GetClientID(), credential)
+ assert.NoError(t, err)
+ assert.NotEmpty(t, credential.GetID())
+
+ t.Cleanup(func() {
+ cleanupCredential(t, expectedClient.GetClientID(), credential.GetID())
+ })
+ })
+}
func givenASimpleClient(t *testing.T) *Client {
t.Helper()
@@ -356,6 +686,41 @@ aibASY5pIRiKENmbZELDtucCAwEAAQ==
return client
}
+func givenAClientAuthenticationMethodsClient(t *testing.T, authMethod interface{}) *Client {
+ client := &Client{
+ Name: auth0.Stringf("Test Client (%s)", time.Now().Format(time.StampMilli)),
+ Description: auth0.String("This is just a test client."),
+ ClientAuthenticationMethods: &ClientAuthenticationMethods{
+ TLSClientAuth: nil,
+ SelfSignedTLSClientAuth: nil,
+ PrivateKeyJWT: nil,
+ },
+ JWTConfiguration: &ClientJWTConfiguration{Algorithm: auth0.String("PS256")},
+ RequirePushedAuthorizationRequests: auth0.Bool(true),
+ ComplianceLevel: auth0.String("fapi1_adv_pkj_par"),
+ }
+
+ switch v := authMethod.(type) {
+ case *TLSClientAuth:
+ client.ClientAuthenticationMethods.TLSClientAuth = v
+ case *SelfSignedTLSClientAuth:
+ client.ClientAuthenticationMethods.SelfSignedTLSClientAuth = v
+ case *PrivateKeyJWT:
+ client.ClientAuthenticationMethods.PrivateKeyJWT = v
+ default:
+ t.Fatalf("Unsupported authentication method")
+ }
+
+ err := api.Client.Create(context.Background(), client)
+ assert.NoError(t, err)
+ assert.NotEmpty(t, client.GetClientID())
+ assert.Equal(t, "fapi1_adv_pkj_par", client.GetComplianceLevel())
+ assert.Equal(t, "PS256", client.GetJWTConfiguration().GetAlgorithm())
+ assert.Equal(t, true, client.GetRequirePushedAuthorizationRequests())
+
+ return client
+}
+
func cleanupClient(t *testing.T, clientID string) {
t.Helper()
diff --git a/management/management.gen.go b/management/management.gen.go
index 0a0ed247..82df73ba 100644
--- a/management/management.gen.go
+++ b/management/management.gen.go
@@ -673,6 +673,19 @@ func (a *AuthenticationMethods) String() string {
return Stringify(a)
}
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (a *AuthorizationDetails) GetType() string {
+ if a == nil || a.Type == nil {
+ return ""
+ }
+ return *a.Type
+}
+
+// String returns a string representation of AuthorizationDetails.
+func (a *AuthorizationDetails) String() string {
+ return Stringify(a)
+}
+
// GetLifetimeInSeconds returns the LifetimeInSeconds field if it's non-nil, zero value otherwise.
func (a *AWSClientAddon) GetLifetimeInSeconds() int {
if a == nil || a.LifetimeInSeconds == nil {
@@ -1287,6 +1300,14 @@ func (c *Client) GetClientSecret() string {
return *c.ClientSecret
}
+// GetComplianceLevel returns the ComplianceLevel field if it's non-nil, zero value otherwise.
+func (c *Client) GetComplianceLevel() string {
+ if c == nil || c.ComplianceLevel == nil {
+ return ""
+ }
+ return *c.ComplianceLevel
+}
+
// GetCrossOriginAuth returns the CrossOriginAuth field if it's non-nil, zero value otherwise.
func (c *Client) GetCrossOriginAuth() bool {
if c == nil || c.CrossOriginAuth == nil {
@@ -1471,6 +1492,14 @@ func (c *Client) GetRefreshToken() *ClientRefreshToken {
return c.RefreshToken
}
+// GetRequireProofOfPossession returns the RequireProofOfPossession field if it's non-nil, zero value otherwise.
+func (c *Client) GetRequireProofOfPossession() bool {
+ if c == nil || c.RequireProofOfPossession == nil {
+ return false
+ }
+ return *c.RequireProofOfPossession
+}
+
// GetRequirePushedAuthorizationRequests returns the RequirePushedAuthorizationRequests field if it's non-nil, zero value otherwise.
func (c *Client) GetRequirePushedAuthorizationRequests() bool {
if c == nil || c.RequirePushedAuthorizationRequests == nil {
@@ -1479,6 +1508,14 @@ func (c *Client) GetRequirePushedAuthorizationRequests() bool {
return *c.RequirePushedAuthorizationRequests
}
+// GetSignedRequestObject returns the SignedRequestObject field.
+func (c *Client) GetSignedRequestObject() *SignedRequestObject {
+ if c == nil {
+ return nil
+ }
+ return c.SignedRequestObject
+}
+
// GetSSO returns the SSO field if it's non-nil, zero value otherwise.
func (c *Client) GetSSO() bool {
if c == nil || c.SSO == nil {
@@ -1761,6 +1798,22 @@ func (c *ClientAuthenticationMethods) GetPrivateKeyJWT() *PrivateKeyJWT {
return c.PrivateKeyJWT
}
+// GetSelfSignedTLSClientAuth returns the SelfSignedTLSClientAuth field.
+func (c *ClientAuthenticationMethods) GetSelfSignedTLSClientAuth() *SelfSignedTLSClientAuth {
+ if c == nil {
+ return nil
+ }
+ return c.SelfSignedTLSClientAuth
+}
+
+// GetTLSClientAuth returns the TLSClientAuth field.
+func (c *ClientAuthenticationMethods) GetTLSClientAuth() *TLSClientAuth {
+ if c == nil {
+ return nil
+ }
+ return c.TLSClientAuth
+}
+
// String returns a string representation of ClientAuthenticationMethods.
func (c *ClientAuthenticationMethods) String() string {
return Stringify(c)
@@ -6029,6 +6082,22 @@ func (c *Credential) GetPEM() string {
return *c.PEM
}
+// GetSubjectDN returns the SubjectDN field if it's non-nil, zero value otherwise.
+func (c *Credential) GetSubjectDN() string {
+ if c == nil || c.SubjectDN == nil {
+ return ""
+ }
+ return *c.SubjectDN
+}
+
+// GetThumbprintSHA256 returns the ThumbprintSHA256 field if it's non-nil, zero value otherwise.
+func (c *Credential) GetThumbprintSHA256() string {
+ if c == nil || c.ThumbprintSHA256 == nil {
+ return ""
+ }
+ return *c.ThumbprintSHA256
+}
+
// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
func (c *Credential) GetUpdatedAt() time.Time {
if c == nil || c.UpdatedAt == nil {
@@ -6600,6 +6669,43 @@ func (e *EmailTemplate) String() string {
return Stringify(e)
}
+// GetAlg returns the Alg field if it's non-nil, zero value otherwise.
+func (e *EncryptionKey) GetAlg() string {
+ if e == nil || e.Alg == nil {
+ return ""
+ }
+ return *e.Alg
+}
+
+// GetKid returns the Kid field if it's non-nil, zero value otherwise.
+func (e *EncryptionKey) GetKid() string {
+ if e == nil || e.Kid == nil {
+ return ""
+ }
+ return *e.Kid
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (e *EncryptionKey) GetName() string {
+ if e == nil || e.Name == nil {
+ return ""
+ }
+ return *e.Name
+}
+
+// GetPem returns the Pem field if it's non-nil, zero value otherwise.
+func (e *EncryptionKey) GetPem() string {
+ if e == nil || e.Pem == nil {
+ return ""
+ }
+ return *e.Pem
+}
+
+// String returns a string representation of EncryptionKey.
+func (e *EncryptionKey) String() string {
+ return Stringify(e)
+}
+
// GetEnrolledAt returns the EnrolledAt field if it's non-nil, zero value otherwise.
func (e *Enrollment) GetEnrolledAt() time.Time {
if e == nil || e.EnrolledAt == nil {
@@ -7544,6 +7650,19 @@ func (m *MSCRMClientAddon) String() string {
return Stringify(m)
}
+// GetEnableEndpointAliases returns the EnableEndpointAliases field if it's non-nil, zero value otherwise.
+func (m *MTLSConfiguration) GetEnableEndpointAliases() bool {
+ if m == nil || m.EnableEndpointAliases == nil {
+ return false
+ }
+ return *m.EnableEndpointAliases
+}
+
+// String returns a string representation of MTLSConfiguration.
+func (m *MTLSConfiguration) String() string {
+ return Stringify(m)
+}
+
// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
func (m *MultiFactor) GetEnabled() bool {
if m == nil || m.Enabled == nil {
@@ -8472,6 +8591,27 @@ func (p *PromptPartials) String() string {
return Stringify(p)
}
+// GetMechanism returns the Mechanism field if it's non-nil, zero value otherwise.
+func (p *ProofOfPossession) GetMechanism() string {
+ if p == nil || p.Mechanism == nil {
+ return ""
+ }
+ return *p.Mechanism
+}
+
+// GetRequired returns the Required field if it's non-nil, zero value otherwise.
+func (p *ProofOfPossession) GetRequired() bool {
+ if p == nil || p.Required == nil {
+ return false
+ }
+ return *p.Required
+}
+
+// String returns a string representation of ProofOfPossession.
+func (p *ProofOfPossession) String() string {
+ return Stringify(p)
+}
+
// GetClientID returns the ClientID field if it's non-nil, zero value otherwise.
func (r *RefreshToken) GetClientID() string {
if r == nil || r.ClientID == nil {
@@ -8575,6 +8715,22 @@ func (r *ResourceServer) GetAllowOfflineAccess() bool {
return *r.AllowOfflineAccess
}
+// GetAuthorizationDetails returns the AuthorizationDetails field if it's non-nil, zero value otherwise.
+func (r *ResourceServer) GetAuthorizationDetails() []AuthorizationDetails {
+ if r == nil || r.AuthorizationDetails == nil {
+ return nil
+ }
+ return *r.AuthorizationDetails
+}
+
+// GetConsentPolicy returns the ConsentPolicy field if it's non-nil, zero value otherwise.
+func (r *ResourceServer) GetConsentPolicy() string {
+ if r == nil || r.ConsentPolicy == nil {
+ return ""
+ }
+ return *r.ConsentPolicy
+}
+
// GetEnforcePolicies returns the EnforcePolicies field if it's non-nil, zero value otherwise.
func (r *ResourceServer) GetEnforcePolicies() bool {
if r == nil || r.EnforcePolicies == nil {
@@ -8615,6 +8771,14 @@ func (r *ResourceServer) GetOptions() map[string]string {
return *r.Options
}
+// GetProofOfPossession returns the ProofOfPossession field.
+func (r *ResourceServer) GetProofOfPossession() *ProofOfPossession {
+ if r == nil {
+ return nil
+ }
+ return r.ProofOfPossession
+}
+
// GetScopes returns the Scopes field if it's non-nil, zero value otherwise.
func (r *ResourceServer) GetScopes() []ResourceServerScope {
if r == nil || r.Scopes == nil {
@@ -8655,6 +8819,14 @@ func (r *ResourceServer) GetTokenDialect() string {
return *r.TokenDialect
}
+// GetTokenEncryption returns the TokenEncryption field.
+func (r *ResourceServer) GetTokenEncryption() *TokenEncryption {
+ if r == nil {
+ return nil
+ }
+ return r.TokenEncryption
+}
+
// GetTokenLifetime returns the TokenLifetime field if it's non-nil, zero value otherwise.
func (r *ResourceServer) GetTokenLifetime() int {
if r == nil || r.TokenLifetime == nil {
@@ -9313,6 +9485,19 @@ func (s *SCIMToken) String() string {
return Stringify(s)
}
+// GetCredentials returns the Credentials field if it's non-nil, zero value otherwise.
+func (s *SelfSignedTLSClientAuth) GetCredentials() []Credential {
+ if s == nil || s.Credentials == nil {
+ return nil
+ }
+ return *s.Credentials
+}
+
+// String returns a string representation of SelfSignedTLSClientAuth.
+func (s *SelfSignedTLSClientAuth) String() string {
+ return Stringify(s)
+}
+
// GetBaseURL returns the BaseURL field if it's non-nil, zero value otherwise.
func (s *SentryClientAddon) GetBaseURL() string {
if s == nil || s.BaseURL == nil {
@@ -9355,6 +9540,27 @@ func (s *SharePointClientAddon) String() string {
return Stringify(s)
}
+// GetCredentials returns the Credentials field if it's non-nil, zero value otherwise.
+func (s *SignedRequestObject) GetCredentials() []Credential {
+ if s == nil || s.Credentials == nil {
+ return nil
+ }
+ return *s.Credentials
+}
+
+// GetRequired returns the Required field if it's non-nil, zero value otherwise.
+func (s *SignedRequestObject) GetRequired() bool {
+ if s == nil || s.Required == nil {
+ return false
+ }
+ return *s.Required
+}
+
+// String returns a string representation of SignedRequestObject.
+func (s *SignedRequestObject) String() string {
+ return Stringify(s)
+}
+
// GetCert returns the Cert field if it's non-nil, zero value otherwise.
func (s *SigningKey) GetCert() string {
if s == nil || s.Cert == nil {
@@ -9561,6 +9767,14 @@ func (s *SuspiciousIPThrottling) String() string {
return Stringify(s)
}
+// GetAcrValuesSupported returns the AcrValuesSupported field if it's non-nil, zero value otherwise.
+func (t *Tenant) GetAcrValuesSupported() []string {
+ if t == nil || t.AcrValuesSupported == nil {
+ return nil
+ }
+ return *t.AcrValuesSupported
+}
+
// GetAllowedLogoutURLs returns the AllowedLogoutURLs field if it's non-nil, zero value otherwise.
func (t *Tenant) GetAllowedLogoutURLs() []string {
if t == nil || t.AllowedLogoutURLs == nil {
@@ -9673,6 +9887,14 @@ func (t *Tenant) GetIdleSessionLifetime() float64 {
return *t.IdleSessionLifetime
}
+// GetMTLS returns the MTLS field.
+func (t *Tenant) GetMTLS() *MTLSConfiguration {
+ if t == nil {
+ return nil
+ }
+ return t.MTLS
+}
+
// GetPictureURL returns the PictureURL field if it's non-nil, zero value otherwise.
func (t *Tenant) GetPictureURL() string {
if t == nil || t.PictureURL == nil {
@@ -9681,6 +9903,14 @@ func (t *Tenant) GetPictureURL() string {
return *t.PictureURL
}
+// GetPushedAuthorizationRequestsSupported returns the PushedAuthorizationRequestsSupported field if it's non-nil, zero value otherwise.
+func (t *Tenant) GetPushedAuthorizationRequestsSupported() bool {
+ if t == nil || t.PushedAuthorizationRequestsSupported == nil {
+ return false
+ }
+ return *t.PushedAuthorizationRequestsSupported
+}
+
// GetSandboxVersion returns the SandboxVersion field if it's non-nil, zero value otherwise.
func (t *Tenant) GetSandboxVersion() string {
if t == nil || t.SandboxVersion == nil {
@@ -10005,6 +10235,14 @@ func (t *TenantFlags) GetNoDisclosureEnterpriseConnections() bool {
return *t.NoDisclosureEnterpriseConnections
}
+// GetRemoveAlgFromJWKS returns the RemoveAlgFromJWKS field if it's non-nil, zero value otherwise.
+func (t *TenantFlags) GetRemoveAlgFromJWKS() bool {
+ if t == nil || t.RemoveAlgFromJWKS == nil {
+ return false
+ }
+ return *t.RemoveAlgFromJWKS
+}
+
// GetRequirePushedAuthorizationRequests returns the RequirePushedAuthorizationRequests field if it's non-nil, zero value otherwise.
func (t *TenantFlags) GetRequirePushedAuthorizationRequests() bool {
if t == nil || t.RequirePushedAuthorizationRequests == nil {
@@ -10216,6 +10454,40 @@ func (t *Ticket) String() string {
return Stringify(t)
}
+// GetCredentials returns the Credentials field if it's non-nil, zero value otherwise.
+func (t *TLSClientAuth) GetCredentials() []Credential {
+ if t == nil || t.Credentials == nil {
+ return nil
+ }
+ return *t.Credentials
+}
+
+// String returns a string representation of TLSClientAuth.
+func (t *TLSClientAuth) String() string {
+ return Stringify(t)
+}
+
+// GetEncryptionKey returns the EncryptionKey field.
+func (t *TokenEncryption) GetEncryptionKey() *EncryptionKey {
+ if t == nil {
+ return nil
+ }
+ return t.EncryptionKey
+}
+
+// GetFormat returns the Format field if it's non-nil, zero value otherwise.
+func (t *TokenEncryption) GetFormat() string {
+ if t == nil || t.Format == nil {
+ return ""
+ }
+ return *t.Format
+}
+
+// String returns a string representation of TokenEncryption.
+func (t *TokenEncryption) String() string {
+ return Stringify(t)
+}
+
// GetAppMetadata returns the AppMetadata field if it's non-nil, zero value otherwise.
func (u *User) GetAppMetadata() map[string]interface{} {
if u == nil || u.AppMetadata == nil {
diff --git a/management/management.gen_test.go b/management/management.gen_test.go
index 73b7a512..4194dff3 100644
--- a/management/management.gen_test.go
+++ b/management/management.gen_test.go
@@ -855,6 +855,24 @@ func TestAuthenticationMethods_String(t *testing.T) {
}
}
+func TestAuthorizationDetails_GetType(tt *testing.T) {
+ var zeroValue string
+ a := &AuthorizationDetails{Type: &zeroValue}
+ a.GetType()
+ a = &AuthorizationDetails{}
+ a.GetType()
+ a = nil
+ a.GetType()
+}
+
+func TestAuthorizationDetails_String(t *testing.T) {
+ var rawJSON json.RawMessage
+ v := &AuthorizationDetails{}
+ if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil {
+ t.Errorf("failed to produce a valid json")
+ }
+}
+
func TestAWSClientAddon_GetLifetimeInSeconds(tt *testing.T) {
var zeroValue int
a := &AWSClientAddon{LifetimeInSeconds: &zeroValue}
@@ -1640,6 +1658,16 @@ func TestClient_GetClientSecret(tt *testing.T) {
c.GetClientSecret()
}
+func TestClient_GetComplianceLevel(tt *testing.T) {
+ var zeroValue string
+ c := &Client{ComplianceLevel: &zeroValue}
+ c.GetComplianceLevel()
+ c = &Client{}
+ c.GetComplianceLevel()
+ c = nil
+ c.GetComplianceLevel()
+}
+
func TestClient_GetCrossOriginAuth(tt *testing.T) {
var zeroValue bool
c := &Client{CrossOriginAuth: &zeroValue}
@@ -1852,6 +1880,16 @@ func TestClient_GetRefreshToken(tt *testing.T) {
c.GetRefreshToken()
}
+func TestClient_GetRequireProofOfPossession(tt *testing.T) {
+ var zeroValue bool
+ c := &Client{RequireProofOfPossession: &zeroValue}
+ c.GetRequireProofOfPossession()
+ c = &Client{}
+ c.GetRequireProofOfPossession()
+ c = nil
+ c.GetRequireProofOfPossession()
+}
+
func TestClient_GetRequirePushedAuthorizationRequests(tt *testing.T) {
var zeroValue bool
c := &Client{RequirePushedAuthorizationRequests: &zeroValue}
@@ -1862,6 +1900,13 @@ func TestClient_GetRequirePushedAuthorizationRequests(tt *testing.T) {
c.GetRequirePushedAuthorizationRequests()
}
+func TestClient_GetSignedRequestObject(tt *testing.T) {
+ c := &Client{}
+ c.GetSignedRequestObject()
+ c = nil
+ c.GetSignedRequestObject()
+}
+
func TestClient_GetSSO(tt *testing.T) {
var zeroValue bool
c := &Client{SSO: &zeroValue}
@@ -2128,6 +2173,20 @@ func TestClientAuthenticationMethods_GetPrivateKeyJWT(tt *testing.T) {
c.GetPrivateKeyJWT()
}
+func TestClientAuthenticationMethods_GetSelfSignedTLSClientAuth(tt *testing.T) {
+ c := &ClientAuthenticationMethods{}
+ c.GetSelfSignedTLSClientAuth()
+ c = nil
+ c.GetSelfSignedTLSClientAuth()
+}
+
+func TestClientAuthenticationMethods_GetTLSClientAuth(tt *testing.T) {
+ c := &ClientAuthenticationMethods{}
+ c.GetTLSClientAuth()
+ c = nil
+ c.GetTLSClientAuth()
+}
+
func TestClientAuthenticationMethods_String(t *testing.T) {
var rawJSON json.RawMessage
v := &ClientAuthenticationMethods{}
@@ -7455,6 +7514,26 @@ func TestCredential_GetPEM(tt *testing.T) {
c.GetPEM()
}
+func TestCredential_GetSubjectDN(tt *testing.T) {
+ var zeroValue string
+ c := &Credential{SubjectDN: &zeroValue}
+ c.GetSubjectDN()
+ c = &Credential{}
+ c.GetSubjectDN()
+ c = nil
+ c.GetSubjectDN()
+}
+
+func TestCredential_GetThumbprintSHA256(tt *testing.T) {
+ var zeroValue string
+ c := &Credential{ThumbprintSHA256: &zeroValue}
+ c.GetThumbprintSHA256()
+ c = &Credential{}
+ c.GetThumbprintSHA256()
+ c = nil
+ c.GetThumbprintSHA256()
+}
+
func TestCredential_GetUpdatedAt(tt *testing.T) {
var zeroValue time.Time
c := &Credential{UpdatedAt: &zeroValue}
@@ -8197,6 +8276,54 @@ func TestEmailTemplate_String(t *testing.T) {
}
}
+func TestEncryptionKey_GetAlg(tt *testing.T) {
+ var zeroValue string
+ e := &EncryptionKey{Alg: &zeroValue}
+ e.GetAlg()
+ e = &EncryptionKey{}
+ e.GetAlg()
+ e = nil
+ e.GetAlg()
+}
+
+func TestEncryptionKey_GetKid(tt *testing.T) {
+ var zeroValue string
+ e := &EncryptionKey{Kid: &zeroValue}
+ e.GetKid()
+ e = &EncryptionKey{}
+ e.GetKid()
+ e = nil
+ e.GetKid()
+}
+
+func TestEncryptionKey_GetName(tt *testing.T) {
+ var zeroValue string
+ e := &EncryptionKey{Name: &zeroValue}
+ e.GetName()
+ e = &EncryptionKey{}
+ e.GetName()
+ e = nil
+ e.GetName()
+}
+
+func TestEncryptionKey_GetPem(tt *testing.T) {
+ var zeroValue string
+ e := &EncryptionKey{Pem: &zeroValue}
+ e.GetPem()
+ e = &EncryptionKey{}
+ e.GetPem()
+ e = nil
+ e.GetPem()
+}
+
+func TestEncryptionKey_String(t *testing.T) {
+ var rawJSON json.RawMessage
+ v := &EncryptionKey{}
+ if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil {
+ t.Errorf("failed to produce a valid json")
+ }
+}
+
func TestEnrollment_GetEnrolledAt(tt *testing.T) {
var zeroValue time.Time
e := &Enrollment{EnrolledAt: &zeroValue}
@@ -9413,6 +9540,24 @@ func TestMSCRMClientAddon_String(t *testing.T) {
}
}
+func TestMTLSConfiguration_GetEnableEndpointAliases(tt *testing.T) {
+ var zeroValue bool
+ m := &MTLSConfiguration{EnableEndpointAliases: &zeroValue}
+ m.GetEnableEndpointAliases()
+ m = &MTLSConfiguration{}
+ m.GetEnableEndpointAliases()
+ m = nil
+ m.GetEnableEndpointAliases()
+}
+
+func TestMTLSConfiguration_String(t *testing.T) {
+ var rawJSON json.RawMessage
+ v := &MTLSConfiguration{}
+ if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil {
+ t.Errorf("failed to produce a valid json")
+ }
+}
+
func TestMultiFactor_GetEnabled(tt *testing.T) {
var zeroValue bool
m := &MultiFactor{Enabled: &zeroValue}
@@ -10628,6 +10773,34 @@ func TestPromptPartials_String(t *testing.T) {
}
}
+func TestProofOfPossession_GetMechanism(tt *testing.T) {
+ var zeroValue string
+ p := &ProofOfPossession{Mechanism: &zeroValue}
+ p.GetMechanism()
+ p = &ProofOfPossession{}
+ p.GetMechanism()
+ p = nil
+ p.GetMechanism()
+}
+
+func TestProofOfPossession_GetRequired(tt *testing.T) {
+ var zeroValue bool
+ p := &ProofOfPossession{Required: &zeroValue}
+ p.GetRequired()
+ p = &ProofOfPossession{}
+ p.GetRequired()
+ p = nil
+ p.GetRequired()
+}
+
+func TestProofOfPossession_String(t *testing.T) {
+ var rawJSON json.RawMessage
+ v := &ProofOfPossession{}
+ if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil {
+ t.Errorf("failed to produce a valid json")
+ }
+}
+
func TestRefreshToken_GetClientID(tt *testing.T) {
var zeroValue string
r := &RefreshToken{ClientID: &zeroValue}
@@ -10762,6 +10935,26 @@ func TestResourceServer_GetAllowOfflineAccess(tt *testing.T) {
r.GetAllowOfflineAccess()
}
+func TestResourceServer_GetAuthorizationDetails(tt *testing.T) {
+ var zeroValue []AuthorizationDetails
+ r := &ResourceServer{AuthorizationDetails: &zeroValue}
+ r.GetAuthorizationDetails()
+ r = &ResourceServer{}
+ r.GetAuthorizationDetails()
+ r = nil
+ r.GetAuthorizationDetails()
+}
+
+func TestResourceServer_GetConsentPolicy(tt *testing.T) {
+ var zeroValue string
+ r := &ResourceServer{ConsentPolicy: &zeroValue}
+ r.GetConsentPolicy()
+ r = &ResourceServer{}
+ r.GetConsentPolicy()
+ r = nil
+ r.GetConsentPolicy()
+}
+
func TestResourceServer_GetEnforcePolicies(tt *testing.T) {
var zeroValue bool
r := &ResourceServer{EnforcePolicies: &zeroValue}
@@ -10812,6 +11005,13 @@ func TestResourceServer_GetOptions(tt *testing.T) {
r.GetOptions()
}
+func TestResourceServer_GetProofOfPossession(tt *testing.T) {
+ r := &ResourceServer{}
+ r.GetProofOfPossession()
+ r = nil
+ r.GetProofOfPossession()
+}
+
func TestResourceServer_GetScopes(tt *testing.T) {
var zeroValue []ResourceServerScope
r := &ResourceServer{Scopes: &zeroValue}
@@ -10862,6 +11062,13 @@ func TestResourceServer_GetTokenDialect(tt *testing.T) {
r.GetTokenDialect()
}
+func TestResourceServer_GetTokenEncryption(tt *testing.T) {
+ r := &ResourceServer{}
+ r.GetTokenEncryption()
+ r = nil
+ r.GetTokenEncryption()
+}
+
func TestResourceServer_GetTokenLifetime(tt *testing.T) {
var zeroValue int
r := &ResourceServer{TokenLifetime: &zeroValue}
@@ -11713,6 +11920,24 @@ func TestSCIMToken_String(t *testing.T) {
}
}
+func TestSelfSignedTLSClientAuth_GetCredentials(tt *testing.T) {
+ var zeroValue []Credential
+ s := &SelfSignedTLSClientAuth{Credentials: &zeroValue}
+ s.GetCredentials()
+ s = &SelfSignedTLSClientAuth{}
+ s.GetCredentials()
+ s = nil
+ s.GetCredentials()
+}
+
+func TestSelfSignedTLSClientAuth_String(t *testing.T) {
+ var rawJSON json.RawMessage
+ v := &SelfSignedTLSClientAuth{}
+ if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil {
+ t.Errorf("failed to produce a valid json")
+ }
+}
+
func TestSentryClientAddon_GetBaseURL(tt *testing.T) {
var zeroValue string
s := &SentryClientAddon{BaseURL: &zeroValue}
@@ -11769,6 +11994,34 @@ func TestSharePointClientAddon_String(t *testing.T) {
}
}
+func TestSignedRequestObject_GetCredentials(tt *testing.T) {
+ var zeroValue []Credential
+ s := &SignedRequestObject{Credentials: &zeroValue}
+ s.GetCredentials()
+ s = &SignedRequestObject{}
+ s.GetCredentials()
+ s = nil
+ s.GetCredentials()
+}
+
+func TestSignedRequestObject_GetRequired(tt *testing.T) {
+ var zeroValue bool
+ s := &SignedRequestObject{Required: &zeroValue}
+ s.GetRequired()
+ s = &SignedRequestObject{}
+ s.GetRequired()
+ s = nil
+ s.GetRequired()
+}
+
+func TestSignedRequestObject_String(t *testing.T) {
+ var rawJSON json.RawMessage
+ v := &SignedRequestObject{}
+ if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil {
+ t.Errorf("failed to produce a valid json")
+ }
+}
+
func TestSigningKey_GetCert(tt *testing.T) {
var zeroValue string
s := &SigningKey{Cert: &zeroValue}
@@ -12028,6 +12281,16 @@ func TestSuspiciousIPThrottling_String(t *testing.T) {
}
}
+func TestTenant_GetAcrValuesSupported(tt *testing.T) {
+ var zeroValue []string
+ t := &Tenant{AcrValuesSupported: &zeroValue}
+ t.GetAcrValuesSupported()
+ t = &Tenant{}
+ t.GetAcrValuesSupported()
+ t = nil
+ t.GetAcrValuesSupported()
+}
+
func TestTenant_GetAllowedLogoutURLs(tt *testing.T) {
var zeroValue []string
t := &Tenant{AllowedLogoutURLs: &zeroValue}
@@ -12153,6 +12416,13 @@ func TestTenant_GetIdleSessionLifetime(tt *testing.T) {
t.GetIdleSessionLifetime()
}
+func TestTenant_GetMTLS(tt *testing.T) {
+ t := &Tenant{}
+ t.GetMTLS()
+ t = nil
+ t.GetMTLS()
+}
+
func TestTenant_GetPictureURL(tt *testing.T) {
var zeroValue string
t := &Tenant{PictureURL: &zeroValue}
@@ -12163,6 +12433,16 @@ func TestTenant_GetPictureURL(tt *testing.T) {
t.GetPictureURL()
}
+func TestTenant_GetPushedAuthorizationRequestsSupported(tt *testing.T) {
+ var zeroValue bool
+ t := &Tenant{PushedAuthorizationRequestsSupported: &zeroValue}
+ t.GetPushedAuthorizationRequestsSupported()
+ t = &Tenant{}
+ t.GetPushedAuthorizationRequestsSupported()
+ t = nil
+ t.GetPushedAuthorizationRequestsSupported()
+}
+
func TestTenant_GetSandboxVersion(tt *testing.T) {
var zeroValue string
t := &Tenant{SandboxVersion: &zeroValue}
@@ -12566,6 +12846,16 @@ func TestTenantFlags_GetNoDisclosureEnterpriseConnections(tt *testing.T) {
t.GetNoDisclosureEnterpriseConnections()
}
+func TestTenantFlags_GetRemoveAlgFromJWKS(tt *testing.T) {
+ var zeroValue bool
+ t := &TenantFlags{RemoveAlgFromJWKS: &zeroValue}
+ t.GetRemoveAlgFromJWKS()
+ t = &TenantFlags{}
+ t.GetRemoveAlgFromJWKS()
+ t = nil
+ t.GetRemoveAlgFromJWKS()
+}
+
func TestTenantFlags_GetRequirePushedAuthorizationRequests(tt *testing.T) {
var zeroValue bool
t := &TenantFlags{RequirePushedAuthorizationRequests: &zeroValue}
@@ -12836,6 +13126,49 @@ func TestTicket_String(t *testing.T) {
}
}
+func TestTLSClientAuth_GetCredentials(tt *testing.T) {
+ var zeroValue []Credential
+ t := &TLSClientAuth{Credentials: &zeroValue}
+ t.GetCredentials()
+ t = &TLSClientAuth{}
+ t.GetCredentials()
+ t = nil
+ t.GetCredentials()
+}
+
+func TestTLSClientAuth_String(t *testing.T) {
+ var rawJSON json.RawMessage
+ v := &TLSClientAuth{}
+ if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil {
+ t.Errorf("failed to produce a valid json")
+ }
+}
+
+func TestTokenEncryption_GetEncryptionKey(tt *testing.T) {
+ t := &TokenEncryption{}
+ t.GetEncryptionKey()
+ t = nil
+ t.GetEncryptionKey()
+}
+
+func TestTokenEncryption_GetFormat(tt *testing.T) {
+ var zeroValue string
+ t := &TokenEncryption{Format: &zeroValue}
+ t.GetFormat()
+ t = &TokenEncryption{}
+ t.GetFormat()
+ t = nil
+ t.GetFormat()
+}
+
+func TestTokenEncryption_String(t *testing.T) {
+ var rawJSON json.RawMessage
+ v := &TokenEncryption{}
+ if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil {
+ t.Errorf("failed to produce a valid json")
+ }
+}
+
func TestUser_GetAppMetadata(tt *testing.T) {
var zeroValue map[string]interface{}
u := &User{AppMetadata: &zeroValue}
diff --git a/management/resource_server.go b/management/resource_server.go
index f3b767fa..82916e96 100644
--- a/management/resource_server.go
+++ b/management/resource_server.go
@@ -18,7 +18,7 @@ type ResourceServer struct {
// Scopes supported by the resource server.
Scopes *[]ResourceServerScope `json:"scopes,omitempty"`
- // The algorithm used to sign tokens ["HS256" or "RS256"].
+ // Algorithm used to sign JWTs. Can be `HS256` or `RS256`. `PS256` available via addon.
SigningAlgorithm *string `json:"signing_alg,omitempty"`
// The secret used to sign tokens when using symmetric algorithms.
@@ -59,6 +59,101 @@ type ResourceServer struct {
// Note: RBAC permissions claims are available if RBAC (enforce_policies) is enabled for this API."
// For more details, see the Access Token Profiles documentation : https://auth0.com/docs/secure/tokens/access-tokens/access-token-profiles.
TokenDialect *string `json:"token_dialect,omitempty"`
+
+ // ConsentPolicy specifies the consent policy for the resource server.
+ //
+ // Available options:
+ // - "transactional-authorization-with-mfa"
+ // - null
+ //
+ // To unset values (set to null), use a PATCH request like this:
+ //
+ // PATCH /api/v2/resource-servers/{id}
+ //
+ // {
+ // "consent_policy": null
+ // }
+ //
+ // For more details on making custom requests, refer to the Auth0 Go SDK examples:
+ // https://github.com/auth0/go-auth0/blob/main/EXAMPLES.md#providing-a-custom-user-struct
+ ConsentPolicy *string `json:"consent_policy,omitempty"`
+
+ // The list of authorization details for the resource server.
+ //
+ // To unset values (set to null), use a PATCH request like this:
+ //
+ // PATCH /api/v2/resource-servers/{id}
+ //
+ // {
+ // "authorization_details": null
+ // }
+ //
+ // For more details on making custom requests, refer to the Auth0 Go SDK examples:
+ // https://github.com/auth0/go-auth0/blob/main/EXAMPLES.md#providing-a-custom-user-struct
+ AuthorizationDetails *[]AuthorizationDetails `json:"authorization_details,omitempty"`
+
+ // TokenEncryption specifies the token encryption for the resource server.
+ //
+ // Available options:
+ // - "compact-nested-jwe"
+ // - null
+ TokenEncryption *TokenEncryption `json:"token_encryption,omitempty"`
+
+ // Proof-of-Possession configuration for access tokens.
+ //
+ // To unset values (set to null), use a PATCH request like this:
+ //
+ // PATCH /api/v2/resource-servers/{id}
+ //
+ // {
+ // "proof_of_possession": null
+ // }
+ //
+ // For more details on making custom requests, refer to the Auth0 Go SDK examples:
+ // https://github.com/auth0/go-auth0/blob/main/EXAMPLES.md#providing-a-custom-user-struct
+ ProofOfPossession *ProofOfPossession `json:"proof_of_possession,omitempty"`
+}
+
+// AuthorizationDetails specifies the authorization details for the resource server.
+type AuthorizationDetails struct {
+ // The authorization_detail type identifier.
+ Type *string `json:"type,omitempty"`
+}
+
+// ProofOfPossession specifies the proof-of-possession configuration for access tokens.
+type ProofOfPossession struct {
+ // Intended mechanism for Proof-of-Possession.
+ //
+ // Available options:
+ // - "mtls"
+ Mechanism *string `json:"mechanism,omitempty"`
+
+ // Whether the use of Proof-of-Possession is required for the resource server.
+ Required *bool `json:"required,omitempty"`
+}
+
+// TokenEncryption specifies the token encryption for the resource server.
+type TokenEncryption struct {
+ // Format of the encrypted JWT payload.
+ Format *string `json:"format,omitempty"`
+
+ // EncryptionKey specifies the encryption key for the token encryption.
+ EncryptionKey *EncryptionKey `json:"encryption_key,omitempty"`
+}
+
+// EncryptionKey specifies the encryption key for the token encryption.
+type EncryptionKey struct {
+ // Name of the encryption key.
+ Name *string `json:"name,omitempty"`
+
+ // Algorithm used to encrypt the token.
+ Alg *string `json:"alg,omitempty"`
+
+ // Key ID.
+ Kid *string `json:"kid,omitempty"`
+
+ // PEM-formatted public key. Must be JSON escaped
+ Pem *string `json:"pem,omitempty"`
}
// ResourceServerScope defines the specific actions, resource servers can be allowed to do.
diff --git a/management/resource_server_test.go b/management/resource_server_test.go
index 40435a71..d79c027c 100644
--- a/management/resource_server_test.go
+++ b/management/resource_server_test.go
@@ -18,7 +18,7 @@ func TestResourceServer_Create(t *testing.T) {
expectedResourceServer := &ResourceServer{
Name: auth0.Stringf("Test Resource Server (%s)", time.Now().Format(time.StampMilli)),
Identifier: auth0.String("https://api.example.com/"),
- SigningAlgorithm: auth0.String("HS256"),
+ SigningAlgorithm: auth0.String("PS256"),
TokenLifetime: auth0.Int(7200),
TokenLifetimeForWeb: auth0.Int(3600),
Scopes: &[]ResourceServerScope{
@@ -29,6 +29,41 @@ func TestResourceServer_Create(t *testing.T) {
},
EnforcePolicies: auth0.Bool(true),
TokenDialect: auth0.String("rfc9068_profile_authz"),
+ ConsentPolicy: auth0.String("transactional-authorization-with-mfa"),
+ AuthorizationDetails: &[]AuthorizationDetails{
+ {
+ Type: auth0.String("payment"),
+ },
+ {
+ Type: auth0.String("my custom type"),
+ },
+ },
+ TokenEncryption: &TokenEncryption{
+ Format: auth0.String("compact-nested-jwe"),
+ EncryptionKey: &EncryptionKey{
+ Name: auth0.String("my JWE public key"),
+ Alg: auth0.String("RSA-OAEP-256"),
+ Kid: auth0.String("my-key-id"),
+ Pem: auth0.String(`-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAua6LXMfgDE/tDdkOL1Oe
+3oWUwg1r4dSTg9L7RCcI5hItUzmkVofHtWN0H4CH2lm2ANmaJUsnhzctYowYW2+R
+tHvU9afTmtbdhpy993972hUqZSYLsE3iGziphYkOKVsqq38+VRH3TNg93zSLoRao
+JnTTkMXseVqiyqYRmFN8+gQQoEclHSGPUWQG5XMZ+hhuXeFyo+Yw/qbZWca/6/2I
+3rsca9jXR1alhxhHrXrg8N4Dm3gBgGbmiht6YYYT2Tyl1OqB9+iOI/9D7dfoCF6X
+AWJXRE454cmC8k8oucpjZVpflA+ocKshwPDR6YTLQYbXYiaWxEoaz0QGUErNQBnG
+I+sr9jDY3ua/s6HF6h0qyi/HVZH4wx+m4CtOfJoYTjrGBbaRszzUxhtSN2/MhXDu
++a35q9/2zcu/3fjkkfVvGUt+NyyiYOKQ9vsJC1g/xxdUWtowjNwjfZE2zcG4usi8
+r38Bp0lmiipAsMLduZM/D5dFXkRdWCBNDfULmmg/4nv2wwjbjQuLemAMh7mmrztW
+i/85WMnjKQZT8NqS43pmgyIzg1gK1neMqdS90YmQ/PvJ36qALxCs245w1JpN9BAL
+JbwxCg/dbmKT7PalfWrksx9hGcJxtGqebldaOpw+5GVIPxxtC1C0gVr9BKeiDS3f
+aibASY5pIRiKENmbZELDtucCAwEAAQ==
+-----END PUBLIC KEY-----`),
+ },
+ },
+ ProofOfPossession: &ProofOfPossession{
+ Mechanism: auth0.String("mtls"),
+ Required: auth0.Bool(true),
+ },
}
err := api.ResourceServer.Create(context.Background(), expectedResourceServer)
diff --git a/management/tenant.go b/management/tenant.go
index def8920b..04419be6 100644
--- a/management/tenant.go
+++ b/management/tenant.go
@@ -87,6 +87,41 @@ type Tenant struct {
// If `true`, flexible factors will be enabled for MFA in the PostLogin action.
CustomizeMFAInPostLoginAction *bool `json:"customize_mfa_in_postlogin_action,omitempty"`
+
+ // AcrValuesSupported Supported ACR values
+ //
+ // To unset values (set to null), use a PATCH request like this:
+ //
+ // PATCH /api/v2/tenants/settings
+ // {
+ // "acr_values_supported": null
+ // }
+ //
+ // For more details on making custom requests, refer to the Auth0 Go SDK examples:
+ // https://github.com/auth0/go-auth0/blob/main/EXAMPLES.md#providing-a-custom-user-struct
+ AcrValuesSupported *[]string `json:"acr_values_supported,omitempty"`
+
+ // MTLS configuration for the tenant. Default is false.
+ //
+ // To unset values (set to null), use a PATCH request like this:
+ //
+ // PATCH /api/v2/tenants/settings
+ // {
+ // "mtls": null
+ // }
+ //
+ // For more details on making custom requests, refer to the Auth0 Go SDK examples:
+ // https://github.com/auth0/go-auth0/blob/main/EXAMPLES.md#providing-a-custom-user-struct
+ MTLS *MTLSConfiguration `json:"mtls,omitempty"`
+
+ // Enables the use of Pushed Authorization Requests
+ PushedAuthorizationRequestsSupported *bool `json:"pushed_authorization_requests_supported,omitempty"`
+}
+
+// MTLSConfiguration hold settings for mTLS. If true, enables mTLS endpoint aliases.
+type MTLSConfiguration struct {
+ // If true, enables mTLS endpoint aliases
+ EnableEndpointAliases *bool `json:"enable_endpoint_aliases,omitempty"`
}
// MarshalJSON is a custom serializer for the Tenant type.
@@ -253,6 +288,9 @@ type TenantFlags struct {
// If `true`, all Clients will be required to use Pushed Authorization Requests.
// This feature currently must be enabled for your tenant.
RequirePushedAuthorizationRequests *bool `json:"require_pushed_authorization_requests,omitempty"`
+
+ // Removes alg property from jwks .well-known endpoint
+ RemoveAlgFromJWKS *bool `json:"remove_alg_from_jwks,omitempty"`
}
// TenantUniversalLogin holds universal login settings.
diff --git a/management/tenant_test.go b/management/tenant_test.go
index e3f9ce04..56034a45 100644
--- a/management/tenant_test.go
+++ b/management/tenant_test.go
@@ -3,6 +3,7 @@ package management
import (
"context"
"encoding/json"
+ "net/http"
"testing"
"github.com/stretchr/testify/assert"
@@ -41,6 +42,11 @@ func TestTenantManager(t *testing.T) {
Sessions: &TenantSessions{
OIDCLogoutPromptEnabled: auth0.Bool(false),
},
+ AcrValuesSupported: &[]string{"foo", "bar"},
+ PushedAuthorizationRequestsSupported: auth0.Bool(true),
+ MTLS: &MTLSConfiguration{
+ EnableEndpointAliases: auth0.Bool(true),
+ },
}
err = api.Tenant.Update(context.Background(), newTenantSettings)
assert.NoError(t, err)
@@ -58,6 +64,88 @@ func TestTenantManager(t *testing.T) {
assert.Equal(t, newTenantSettings.GetEnabledLocales(), actualTenantSettings.GetEnabledLocales())
assert.Equal(t, newTenantSettings.GetSandboxVersion(), actualTenantSettings.GetSandboxVersion())
assert.Equal(t, newTenantSettings.GetSessions().GetOIDCLogoutPromptEnabled(), actualTenantSettings.GetSessions().GetOIDCLogoutPromptEnabled())
+ assert.Equal(t, newTenantSettings.GetAcrValuesSupported(), actualTenantSettings.GetAcrValuesSupported())
+ assert.Equal(t, newTenantSettings.GetPushedAuthorizationRequestsSupported(), actualTenantSettings.GetPushedAuthorizationRequestsSupported())
+ assert.Equal(t, newTenantSettings.GetMTLS().GetEnableEndpointAliases(), actualTenantSettings.GetMTLS().GetEnableEndpointAliases())
+
+ // If AcrValuesSupported and MTLS is not Passed Should not change the values.
+ updatedNewTenant := &Tenant{
+ MTLS: nil,
+ AcrValuesSupported: nil,
+ FriendlyName: auth0.String("My Example Tenant"),
+ }
+ err = api.Tenant.Update(context.Background(), updatedNewTenant)
+ assert.NoError(t, err)
+
+ newActualTenantSettings, err := api.Tenant.Read(context.Background())
+ assert.NoError(t, err)
+ assert.Equal(t, newActualTenantSettings.GetFriendlyName(), actualTenantSettings.GetFriendlyName())
+ assert.Equal(t, newActualTenantSettings.GetIdleSessionLifetime(), actualTenantSettings.GetIdleSessionLifetime())
+ assert.Equal(t, newActualTenantSettings.GetIdleSessionLifetime(), 720.0) // it got rounded off
+ assert.Equal(t, newActualTenantSettings.GetSessionLifetime(), actualTenantSettings.GetSessionLifetime())
+ assert.Equal(t, newActualTenantSettings.GetSupportEmail(), actualTenantSettings.GetSupportEmail())
+ assert.Equal(t, newActualTenantSettings.GetSupportURL(), actualTenantSettings.GetSupportURL())
+ assert.Equal(t, newActualTenantSettings.GetSessionCookie().GetMode(), actualTenantSettings.GetSessionCookie().GetMode())
+ assert.Equal(t, newActualTenantSettings.GetAllowedLogoutURLs(), actualTenantSettings.GetAllowedLogoutURLs())
+ assert.Equal(t, newActualTenantSettings.GetEnabledLocales(), actualTenantSettings.GetEnabledLocales())
+ assert.Equal(t, newActualTenantSettings.GetSandboxVersion(), actualTenantSettings.GetSandboxVersion())
+ assert.Equal(t, newActualTenantSettings.GetSessions().GetOIDCLogoutPromptEnabled(), actualTenantSettings.GetSessions().GetOIDCLogoutPromptEnabled())
+ assert.Equal(t, newActualTenantSettings.GetAcrValuesSupported(), actualTenantSettings.GetAcrValuesSupported())
+ assert.Equal(t, newActualTenantSettings.GetPushedAuthorizationRequestsSupported(), actualTenantSettings.GetPushedAuthorizationRequestsSupported())
+ assert.Equal(t, newActualTenantSettings.GetMTLS().GetEnableEndpointAliases(), actualTenantSettings.GetMTLS().GetEnableEndpointAliases())
+}
+
+func TestTenantManager_NullableFields(t *testing.T) {
+ configureHTTPTestRecordings(t)
+
+ initialSettings, err := api.Tenant.Read(context.Background())
+ assert.NoError(t, err)
+
+ t.Cleanup(func() {
+ initialSettings.SandboxVersionAvailable = nil
+ initialSettings.UniversalLogin = nil
+ initialSettings.Flags = nil
+ err := api.Tenant.Update(context.Background(), initialSettings)
+ require.NoError(t, err)
+ })
+ newTenantSettings := &Tenant{
+ AcrValuesSupported: &[]string{"foo", "bar"},
+ MTLS: &MTLSConfiguration{
+ EnableEndpointAliases: auth0.Bool(true),
+ },
+ }
+ err = api.Tenant.Update(context.Background(), newTenantSettings)
+ assert.NoError(t, err)
+ actualTenantSettings, err := api.Tenant.Read(context.Background())
+ assert.NoError(t, err)
+ assert.Equal(t, newTenantSettings.GetAcrValuesSupported(), actualTenantSettings.GetAcrValuesSupported())
+ assert.Equal(t, newTenantSettings.GetMTLS().GetEnableEndpointAliases(), actualTenantSettings.GetMTLS().GetEnableEndpointAliases())
+
+ // Set empty array values for AcrValuesSupported
+ emptyAcrValuesSupported := &Tenant{
+ AcrValuesSupported: &[]string{},
+ }
+ err = api.Tenant.Update(context.Background(), emptyAcrValuesSupported)
+ assert.NoError(t, err)
+ actualTenantSettings, err = api.Tenant.Read(context.Background())
+ assert.NoError(t, err)
+ assert.Equal(t, emptyAcrValuesSupported.GetAcrValuesSupported(), actualTenantSettings.GetAcrValuesSupported())
+
+ // Set null values create a new Tenant Struct without omitting the fields
+ type CustomTenant struct {
+ AcrValuesSupported *[]string `json:"acr_values_supported"`
+ MTLS *MTLSConfiguration `json:"mtls"`
+ }
+ nullableTenantSettings := &CustomTenant{
+ AcrValuesSupported: nil,
+ MTLS: nil,
+ }
+ err = api.Request(context.Background(), http.MethodPatch, api.URI("tenants", "settings"), nullableTenantSettings)
+ assert.NoError(t, err)
+ actualTenantSettings, err = api.Tenant.Read(context.Background())
+ assert.NoError(t, err)
+ assert.Nil(t, actualTenantSettings.GetAcrValuesSupported())
+ assert.Nil(t, actualTenantSettings.GetMTLS())
}
func TestTenant_MarshalJSON(t *testing.T) {
diff --git a/test/data/recordings/TestClientAuthenticationMethods/GetPrivateKeyJWT.yaml b/test/data/recordings/TestClientAuthenticationMethods/GetPrivateKeyJWT.yaml
new file mode 100644
index 00000000..1d88c5fa
--- /dev/null
+++ b/test/data/recordings/TestClientAuthenticationMethods/GetPrivateKeyJWT.yaml
@@ -0,0 +1,110 @@
+---
+version: 2
+interactions:
+ - id: 0
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 1180
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:13:39.570)","description":"This is just a test client.","jwt_configuration":{"alg":"PS256"},"client_authentication_methods":{"private_key_jwt":{"credentials":[{"name":"Test Credential (Aug 6 16:13:39.570)","credential_type":"public_key","pem":"-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3njxXJoHnuN4hByBhSUo\n0kIbXkJTA0wP0fig87MyVz5KgohPrPJgbRSZ7yz/MmXa4qRNHkWiClJybMS2a98M\n6ELOFG8pfDb6J7JaJqx0Kvqn6xsGInbpwsth3K582Cxrp+Y+GBNja++8wDY5IqAi\nTSKSZRNies0GO0grzQ7kj2p0+R7a0c86mdLO4JnGrHoBqEY1HcsfnJvkJkqETlGi\nyMzDQw8Wkux7P59N/3wuroAI83+HMYl1fV39ek3L/GrsLjECrNe5/CVFtblNltyb\n/va9+pAP7Ye5p6tTW2oj3fzUvdX3dYzENWEtRB7DBHXnfEHMjTaBiQeWb2yDHBCw\n++Uh1OCKw9ZLYzoE6gcDQspYf+fFU3F0kuU4c//gSoNuj/iEjaNmOEK6S3xGy8fE\nTjsC+0oF6YaokDZO9+NreL/sGxFfOAysybrKWrMoaYwa81RlpcmBGZM7H1M00zLH\nPPfCYVhGhFs5X3Qzzt6MQE+msgMt9zeGH7liJbOSW2NGSJwbmn7q35YYIfJEoXRF\n1iefT/9fJB9vhQhtYfCOe3AEpTQq6Yz5ViLhToBdsVDBbz2gmRLALs9/D91SE9T4\nXzvXjHGyxWVu0jdvS9hyhJzP4165k1cYDgx8mmg0VxR7j79LmCUDsFcvvSrAOf6y\n0zY7r4pmNyQQ0r4in/gs/wkCAwEAAQ==\n-----END PUBLIC KEY-----"}]}},"require_pushed_authorization_requests":true,"compliance_level":"fapi1_adv_pkj_par"}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients
+ method: POST
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: false
+ body: '{"name":"Test Client (Aug 6 16:13:39.570)","description":"This is just a test client.","client_id":"LuhY9GRvYy4VCFUWgsDo60Xp7wBaVn7X","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"PS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"client_authentication_methods":{"private_key_jwt":{"credentials":[{"id":"cred_qNv47ogmUPrVAsjjTDe6iE","name":"Test Credential (Aug 6 16:13:39.570)","kid":"QTtPEeOT2gWWuID0QDg6nHgh7foYRcWkOyJ9DhNIn_A","credential_type":"public_key","alg":"RS256","created_at":"2024-08-06T10:43:39.774Z","updated_at":"2024-08-06T10:43:39.774Z"}]}},"require_pushed_authorization_requests":true,"compliance_level":"fapi1_adv_pkj_par"}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 201 Created
+ code: 201
+ duration: 448.114208ms
+ - id: 1
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 757
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:13:39.570)","description":"This is just a test client.","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"alg":"RS256"},"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"client_authentication_methods":{"private_key_jwt":{"credentials":[{"id":"cred_qNv47ogmUPrVAsjjTDe6iE"}]}},"require_pushed_authorization_requests":false,"compliance_level":"fapi1_adv_mtls_par"}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/LuhY9GRvYy4VCFUWgsDo60Xp7wBaVn7X
+ method: PATCH
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"name":"Test Client (Aug 6 16:13:39.570)","description":"This is just a test client.","client_id":"LuhY9GRvYy4VCFUWgsDo60Xp7wBaVn7X","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"RS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"client_authentication_methods":{"private_key_jwt":{"credentials":[{"id":"cred_qNv47ogmUPrVAsjjTDe6iE"}]}},"require_pushed_authorization_requests":false,"compliance_level":"fapi1_adv_mtls_par"}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 308.812708ms
+ - id: 2
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/LuhY9GRvYy4VCFUWgsDo60Xp7wBaVn7X
+ method: DELETE
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 0
+ uncompressed: false
+ body: ""
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 204 No Content
+ code: 204
+ duration: 267.545417ms
diff --git a/test/data/recordings/TestClientAuthenticationMethods/GetSelfSignedTLSClientAuth.yaml b/test/data/recordings/TestClientAuthenticationMethods/GetSelfSignedTLSClientAuth.yaml
new file mode 100644
index 00000000..1861badc
--- /dev/null
+++ b/test/data/recordings/TestClientAuthenticationMethods/GetSelfSignedTLSClientAuth.yaml
@@ -0,0 +1,110 @@
+---
+version: 2
+interactions:
+ - id: 0
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 1763
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:13:38.471)","description":"This is just a test client.","jwt_configuration":{"alg":"PS256"},"client_authentication_methods":{"self_signed_tls_client_auth":{"credentials":[{"name":"Test Credential (Aug 6 16:13:38.471)","credential_type":"x509_cert","pem":"-----BEGIN CERTIFICATE-----\nMIIDwTCCAyqgAwIBAgICDh4wDQYJKoZIhvcNAQEFBQAwgZsxCzAJBgNVBAYTAkpQ\nMQ4wDAYDVQQIEwVUb2t5bzEQMA4GA1UEBxMHQ2h1by1rdTERMA8GA1UEChMIRnJh\nbms0REQxGDAWBgNVBAsTD1dlYkNlcnQgU3VwcG9ydDEYMBYGA1UEAxMPRnJhbms0\nREQgV2ViIENBMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZyYW5rNGRkLmNvbTAi\nGA8wMDAwMDEwMTAwMDAwMVoYDzk5OTkxMjMxMjM1OTU5WjCBgTELMAkGA1UEBhMC\nSlAxDjAMBgNVBAgTBVRva3lvMREwDwYDVQQKEwhGcmFuazRERDEQMA4GA1UECxMH\nU3VwcG9ydDEiMCAGCSqGSIb3DQEJARYTcHVibGljQGZyYW5rNGRkLmNvbTEZMBcG\nA1UEAxMQd3d3LmZyYW5rNGRkLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\ngYEA4rkBL30FzR2ZHZ1vpF9kGBO0DMwhu2pcrkcLJ0SEuf52ggo+md0tPis8f1KN\nTchxj6DtxWT3c7ECW0c1ALpu6mNVE+GaM94KsckSDehoPfbLjT9Apcc/F0mqvDsC\nN6fPdDixWrjx6xKT7xXi3lCy1yIKRMHA6Ha+T4qPyyCyMPECAwEAAaOCASYwggEi\nMAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgWgMB0GA1UdDgQWBBRWKE5tXPIyS0pC\nfE5taGO5Q84gyTCB0AYDVR0jBIHIMIHFgBRi83vtBtSx1Zx/SOXvxckVYf3ZEaGB\noaSBnjCBmzELMAkGA1UEBhMCSlAxDjAMBgNVBAgTBVRva3lvMRAwDgYDVQQHEwdD\naHVvLWt1MREwDwYDVQQKEwhGcmFuazRERDEYMBYGA1UECxMPV2ViQ2VydCBTdXBw\nb3J0MRgwFgYDVQQDEw9GcmFuazRERCBXZWIgQ0ExIzAhBgkqhkiG9w0BCQEWFHN1\ncHBvcnRAZnJhbms0ZGQuY29tggkAxscECbwiW6AwEwYDVR0lBAwwCgYIKwYBBQUH\nAwEwDQYJKoZIhvcNAQEFBQADgYEAfXCfXcePJwnMKc06qLa336cEPpXEsPed1bw4\nxiIXfgZ39duBnN+Nv4a49Yl2kbh4JO8tcr5h8WYAI/a/69w8qBFQBUAjTEY/+lcw\n9/6wU7UA3kh7yexeqDiNTRflnPUv3sfiVdLDTjqLWWAxGS8L26PjVaCUFfJLNiYJ\njerREgM=\n-----END CERTIFICATE-----"}]}},"require_pushed_authorization_requests":true,"compliance_level":"fapi1_adv_pkj_par"}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients
+ method: POST
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: false
+ body: '{"name":"Test Client (Aug 6 16:13:38.471)","description":"This is just a test client.","client_id":"T0F8eusctjE3OQjAVDes0kFySDBZVInJ","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"PS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"client_authentication_methods":{"self_signed_tls_client_auth":{"credentials":[{"id":"cred_ec4qP1i6vDL4AoNZXxJNzT","name":"Test Credential (Aug 6 16:13:38.471)","credential_type":"x509_cert","created_at":"2024-08-06T10:43:38.677Z","updated_at":"2024-08-06T10:43:38.677Z","expires_at":"9999-12-31T23:59:59Z","thumbprint_sha256":"NTkulT-DcSrRSevqZd26aq0DCz8YbOFGjKVs-Expu4w"}]}},"require_pushed_authorization_requests":true,"compliance_level":"fapi1_adv_pkj_par"}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 201 Created
+ code: 201
+ duration: 421.29475ms
+ - id: 1
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 769
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:13:38.471)","description":"This is just a test client.","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"alg":"RS256"},"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"client_authentication_methods":{"self_signed_tls_client_auth":{"credentials":[{"id":"cred_ec4qP1i6vDL4AoNZXxJNzT"}]}},"require_pushed_authorization_requests":false,"compliance_level":"fapi1_adv_mtls_par"}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/T0F8eusctjE3OQjAVDes0kFySDBZVInJ
+ method: PATCH
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"name":"Test Client (Aug 6 16:13:38.471)","description":"This is just a test client.","client_id":"T0F8eusctjE3OQjAVDes0kFySDBZVInJ","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"RS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"client_authentication_methods":{"self_signed_tls_client_auth":{"credentials":[{"id":"cred_ec4qP1i6vDL4AoNZXxJNzT"}]}},"require_pushed_authorization_requests":false,"compliance_level":"fapi1_adv_mtls_par"}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 292.8755ms
+ - id: 2
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/T0F8eusctjE3OQjAVDes0kFySDBZVInJ
+ method: DELETE
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 0
+ uncompressed: false
+ body: ""
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 204 No Content
+ code: 204
+ duration: 382.640375ms
diff --git a/test/data/recordings/TestClientAuthenticationMethods/GetTLSClientAuth.yaml b/test/data/recordings/TestClientAuthenticationMethods/GetTLSClientAuth.yaml
new file mode 100644
index 00000000..285c6d39
--- /dev/null
+++ b/test/data/recordings/TestClientAuthenticationMethods/GetTLSClientAuth.yaml
@@ -0,0 +1,110 @@
+---
+version: 2
+interactions:
+ - id: 0
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 1575
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:13:36.889)","description":"This is just a test client.","jwt_configuration":{"alg":"PS256"},"client_authentication_methods":{"tls_client_auth":{"credentials":[{"name":"Test Credential (Aug 6 16:13:36.889)","credential_type":"cert_subject_dn","pem":"-----BEGIN CERTIFICATE-----\nMIIDPDCCAiQCCQDWNMOIuzwDfzANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJK\nUDEOMAwGA1UECAwFVG9reW8xEzARBgNVBAcMCkNoaXlvZGEta3UxDzANBgNVBAoM\nBkNsaWVudDEbMBkGA1UEAwwSY2xpZW50LmV4YW1wbGUub3JnMB4XDTE5MTAyODA3\nMjczMFoXDTIwMTAyNzA3MjczMFowYDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRv\na3lvMRMwEQYDVQQHDApDaGl5b2RhLWt1MQ8wDQYDVQQKDAZDbGllbnQxGzAZBgNV\nBAMMEmNsaWVudC5leGFtcGxlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\nAQoCggEBAK2Oyc+BV4N5pYcp47opUwsb2NaJq4X+d5Itq8whpFlZ9uCCHzF5TWSF\nXrpYscOp95veGPF42eT1grfxYyvjFotE76caHhBLCkIbBh6Vf222IGMwwBbSZfO9\nJ3eURtEADBvsZ117HkPVdjYqvt3Pr4RxdR12zG1TcBAoTLGchyr8nBqRADFhUTCL\nmsYaz1ADiQ/xbJN7VUNQpKhzRWHCdYS03HpbGjYCtAbl9dJnH2EepNF0emGiSPFq\ndf6taToyCr7oZjM7ufmKPjiiEDbeSYTf6kbPNmmjtoPNNLeejHjP9p0IYx7l0Gkj\nmx4kSMLp4vSDftrFgGfcxzaMmKBsosMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA\nqzdDYbntFLPBlbwAQlpwIjvmvwzvkQt6qgZ9Y0oMAf7pxq3i9q7W1bDol0UF4pIM\nz3urEJCHO8w18JRlfOnOENkcLLLntrjOUXuNkaCDLrnv8pnp0yeTQHkSpsyMtJi9\nR6r6JT9V57EJ/pWQBgKlN6qMiBkIvX7U2hEMmhZ00h/E5xMmiKbySBiJV9fBzDRf\nmAy1p9YEgLsEMLnGjKHTok+hd0BLvcmXVejdUsKCg84F0zqtXEDXLCiKcpXCeeWv\nlmmXxC5PH/GEMkSPiGSR7+b1i0sSotsq+M3hbdwabpJ6nQLLbKkFSGcsQ87yL+gr\nSo6zun26vAUJTu1o9CIjxw==\n-----END CERTIFICATE-----"}]}},"require_pushed_authorization_requests":true,"compliance_level":"fapi1_adv_pkj_par"}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients
+ method: POST
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: false
+ body: '{"name":"Test Client (Aug 6 16:13:36.889)","description":"This is just a test client.","client_id":"8uDprY0eL5b8gqQRSumRNoNfDTUjYY0E","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"PS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"client_authentication_methods":{"tls_client_auth":{"credentials":[{"id":"cred_1xDDe5pMRUnr2Pnqzvi3t7","name":"Test Credential (Aug 6 16:13:36.889)","credential_type":"cert_subject_dn","created_at":"2024-08-06T10:43:37.617Z","updated_at":"2024-08-06T10:43:37.617Z","subject_dn":"C=JP\nST=Tokyo\nL=Chiyoda-ku\nO=Client\nCN=client.example.org"}]}},"require_pushed_authorization_requests":true,"compliance_level":"fapi1_adv_pkj_par"}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 201 Created
+ code: 201
+ duration: 919.919542ms
+ - id: 1
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 757
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:13:36.889)","description":"This is just a test client.","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"alg":"RS256"},"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"client_authentication_methods":{"tls_client_auth":{"credentials":[{"id":"cred_1xDDe5pMRUnr2Pnqzvi3t7"}]}},"require_pushed_authorization_requests":false,"compliance_level":"fapi1_adv_mtls_par"}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/8uDprY0eL5b8gqQRSumRNoNfDTUjYY0E
+ method: PATCH
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"name":"Test Client (Aug 6 16:13:36.889)","description":"This is just a test client.","client_id":"8uDprY0eL5b8gqQRSumRNoNfDTUjYY0E","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"RS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"client_authentication_methods":{"tls_client_auth":{"credentials":[{"id":"cred_1xDDe5pMRUnr2Pnqzvi3t7"}]}},"require_pushed_authorization_requests":false,"compliance_level":"fapi1_adv_mtls_par"}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 311.838833ms
+ - id: 2
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/8uDprY0eL5b8gqQRSumRNoNfDTUjYY0E
+ method: DELETE
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 0
+ uncompressed: false
+ body: ""
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 204 No Content
+ code: 204
+ duration: 344.8815ms
diff --git a/test/data/recordings/TestClientSignedRequestObject.yaml b/test/data/recordings/TestClientSignedRequestObject.yaml
new file mode 100644
index 00000000..39945735
--- /dev/null
+++ b/test/data/recordings/TestClientSignedRequestObject.yaml
@@ -0,0 +1,110 @@
+---
+version: 2
+interactions:
+ - id: 0
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 1203
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:13:21.502)","description":"This is just a test client.","jwt_configuration":{"alg":"PS256"},"require_pushed_authorization_requests":true,"signed_request_object":{"required":true,"credentials":[{"name":"Test Credential (Aug 6 16:13:21.503)","credential_type":"public_key","pem":"-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAua6LXMfgDE/tDdkOL1Oe\n3oWUwg1r4dSTg9L7RCcI5hItUzmkVofHtWN0H4CH2lm2ANmaJUsnhzctYowYW2+R\ntHvU9afTmtbdhpy993972hUqZSYLsE3iGziphYkOKVsqq38+VRH3TNg93zSLoRao\nJnTTkMXseVqiyqYRmFN8+gQQoEclHSGPUWQG5XMZ+hhuXeFyo+Yw/qbZWca/6/2I\n3rsca9jXR1alhxhHrXrg8N4Dm3gBgGbmiht6YYYT2Tyl1OqB9+iOI/9D7dfoCF6X\nAWJXRE454cmC8k8oucpjZVpflA+ocKshwPDR6YTLQYbXYiaWxEoaz0QGUErNQBnG\nI+sr9jDY3ua/s6HF6h0qyi/HVZH4wx+m4CtOfJoYTjrGBbaRszzUxhtSN2/MhXDu\n+a35q9/2zcu/3fjkkfVvGUt+NyyiYOKQ9vsJC1g/xxdUWtowjNwjfZE2zcG4usi8\nr38Bp0lmiipAsMLduZM/D5dFXkRdWCBNDfULmmg/4nv2wwjbjQuLemAMh7mmrztW\ni/85WMnjKQZT8NqS43pmgyIzg1gK1neMqdS90YmQ/PvJ36qALxCs245w1JpN9BAL\nJbwxCg/dbmKT7PalfWrksx9hGcJxtGqebldaOpw+5GVIPxxtC1C0gVr9BKeiDS3f\naibASY5pIRiKENmbZELDtucCAwEAAQ==\n-----END PUBLIC KEY-----"}]},"compliance_level":"fapi1_adv_pkj_par","require_proof_of_possession":true}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients
+ method: POST
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: false
+ body: '{"name":"Test Client (Aug 6 16:13:21.502)","description":"This is just a test client.","client_id":"PvsSTwMgPQ9KOCVolhpG2OX9fhEAy28W","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"PS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"require_pushed_authorization_requests":true,"signed_request_object":{"required":true,"credentials":[{"id":"cred_2gJgywmzp5d8bnr7aFRv1H","name":"Test Credential (Aug 6 16:13:21.503)","kid":"4e7yYf0TKdyTLbVnpq2wLN6mZ8t7eb9UJkMksyHj9iU","credential_type":"public_key","alg":"RS256","created_at":"2024-08-06T10:43:22.182Z","updated_at":"2024-08-06T10:43:22.182Z"}]},"compliance_level":"fapi1_adv_pkj_par","require_proof_of_possession":true}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 201 Created
+ code: 201
+ duration: 937.416167ms
+ - id: 1
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 865
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:13:21.502)","description":"This is just a test client.","client_secret":"513sOsQQTUeCC2ypir7PO1HwgV2r1hexW9rt3cVyhD9W2IB6i-s0FhXWahXU1DTb","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"alg":"RS256"},"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"require_pushed_authorization_requests":false,"signed_request_object":{"required":false,"credentials":[{"id":"cred_2gJgywmzp5d8bnr7aFRv1H"}]},"compliance_level":"fapi1_adv_mtls_par","require_proof_of_possession":false}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/PvsSTwMgPQ9KOCVolhpG2OX9fhEAy28W
+ method: PATCH
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"name":"Test Client (Aug 6 16:13:21.502)","description":"This is just a test client.","client_id":"PvsSTwMgPQ9KOCVolhpG2OX9fhEAy28W","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"RS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"require_pushed_authorization_requests":false,"signed_request_object":{"required":false,"credentials":[{"id":"cred_2gJgywmzp5d8bnr7aFRv1H"}]},"compliance_level":"fapi1_adv_mtls_par","require_proof_of_possession":false}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 348.067458ms
+ - id: 2
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/PvsSTwMgPQ9KOCVolhpG2OX9fhEAy28W
+ method: DELETE
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 0
+ uncompressed: false
+ body: ""
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 204 No Content
+ code: 204
+ duration: 357.361792ms
diff --git a/test/data/recordings/TestClient_CreateAllCredential/Should_create_PrivateJWT_Credential.yaml b/test/data/recordings/TestClient_CreateAllCredential/Should_create_PrivateJWT_Credential.yaml
new file mode 100644
index 00000000..3997c986
--- /dev/null
+++ b/test/data/recordings/TestClient_CreateAllCredential/Should_create_PrivateJWT_Credential.yaml
@@ -0,0 +1,145 @@
+---
+version: 2
+interactions:
+ - id: 0
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 1125
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:14:42.294)","description":"This is just a test client.","jwt_configuration":{"alg":"RS256"},"organization_usage":"allow","client_authentication_methods":{"private_key_jwt":{"credentials":[{"name":"Test Credential (Aug 6 16:14:42.294)","credential_type":"public_key","pem":"-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAua6LXMfgDE/tDdkOL1Oe\n3oWUwg1r4dSTg9L7RCcI5hItUzmkVofHtWN0H4CH2lm2ANmaJUsnhzctYowYW2+R\ntHvU9afTmtbdhpy993972hUqZSYLsE3iGziphYkOKVsqq38+VRH3TNg93zSLoRao\nJnTTkMXseVqiyqYRmFN8+gQQoEclHSGPUWQG5XMZ+hhuXeFyo+Yw/qbZWca/6/2I\n3rsca9jXR1alhxhHrXrg8N4Dm3gBgGbmiht6YYYT2Tyl1OqB9+iOI/9D7dfoCF6X\nAWJXRE454cmC8k8oucpjZVpflA+ocKshwPDR6YTLQYbXYiaWxEoaz0QGUErNQBnG\nI+sr9jDY3ua/s6HF6h0qyi/HVZH4wx+m4CtOfJoYTjrGBbaRszzUxhtSN2/MhXDu\n+a35q9/2zcu/3fjkkfVvGUt+NyyiYOKQ9vsJC1g/xxdUWtowjNwjfZE2zcG4usi8\nr38Bp0lmiipAsMLduZM/D5dFXkRdWCBNDfULmmg/4nv2wwjbjQuLemAMh7mmrztW\ni/85WMnjKQZT8NqS43pmgyIzg1gK1neMqdS90YmQ/PvJ36qALxCs245w1JpN9BAL\nJbwxCg/dbmKT7PalfWrksx9hGcJxtGqebldaOpw+5GVIPxxtC1C0gVr9BKeiDS3f\naibASY5pIRiKENmbZELDtucCAwEAAQ==\n-----END PUBLIC KEY-----"}]}}}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients
+ method: POST
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: false
+ body: '{"name":"Test Client (Aug 6 16:14:42.294)","description":"This is just a test client.","client_id":"e39BM6w1btNy0Rf6Col8jI3nloH9Trvz","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"RS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"allow","client_authentication_methods":{"private_key_jwt":{"credentials":[{"id":"cred_uePxAqu3pekDAL8jJcwo81","name":"Test Credential (Aug 6 16:14:42.294)","kid":"4e7yYf0TKdyTLbVnpq2wLN6mZ8t7eb9UJkMksyHj9iU","credential_type":"public_key","alg":"RS256","created_at":"2024-08-06T10:44:42.999Z","updated_at":"2024-08-06T10:44:42.999Z"}]}}}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 201 Created
+ code: 201
+ duration: 981.620542ms
+ - id: 1
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 901
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Credential (Aug 6 16:14:43.277)","credential_type":"public_key","pem":"-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3njxXJoHnuN4hByBhSUo\n0kIbXkJTA0wP0fig87MyVz5KgohPrPJgbRSZ7yz/MmXa4qRNHkWiClJybMS2a98M\n6ELOFG8pfDb6J7JaJqx0Kvqn6xsGInbpwsth3K582Cxrp+Y+GBNja++8wDY5IqAi\nTSKSZRNies0GO0grzQ7kj2p0+R7a0c86mdLO4JnGrHoBqEY1HcsfnJvkJkqETlGi\nyMzDQw8Wkux7P59N/3wuroAI83+HMYl1fV39ek3L/GrsLjECrNe5/CVFtblNltyb\n/va9+pAP7Ye5p6tTW2oj3fzUvdX3dYzENWEtRB7DBHXnfEHMjTaBiQeWb2yDHBCw\n++Uh1OCKw9ZLYzoE6gcDQspYf+fFU3F0kuU4c//gSoNuj/iEjaNmOEK6S3xGy8fE\nTjsC+0oF6YaokDZO9+NreL/sGxFfOAysybrKWrMoaYwa81RlpcmBGZM7H1M00zLH\nPPfCYVhGhFs5X3Qzzt6MQE+msgMt9zeGH7liJbOSW2NGSJwbmn7q35YYIfJEoXRF\n1iefT/9fJB9vhQhtYfCOe3AEpTQq6Yz5ViLhToBdsVDBbz2gmRLALs9/D91SE9T4\nXzvXjHGyxWVu0jdvS9hyhJzP4165k1cYDgx8mmg0VxR7j79LmCUDsFcvvSrAOf6y\n0zY7r4pmNyQQ0r4in/gs/wkCAwEAAQ==\n-----END PUBLIC KEY-----"}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/e39BM6w1btNy0Rf6Col8jI3nloH9Trvz/credentials
+ method: POST
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 260
+ uncompressed: false
+ body: '{"id":"cred_n2FhK8PGRa9oQub38vNng1","credential_type":"public_key","kid":"QTtPEeOT2gWWuID0QDg6nHgh7foYRcWkOyJ9DhNIn_A","alg":"RS256","name":"Test Credential (Aug 6 16:14:43.277)","created_at":"2024-08-06T10:44:43.477Z","updated_at":"2024-08-06T10:44:43.477Z"}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 201 Created
+ code: 201
+ duration: 290.07175ms
+ - id: 2
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/e39BM6w1btNy0Rf6Col8jI3nloH9Trvz/credentials/cred_n2FhK8PGRa9oQub38vNng1
+ method: DELETE
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 0
+ uncompressed: false
+ body: ""
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 204 No Content
+ code: 204
+ duration: 265.03525ms
+ - id: 3
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/e39BM6w1btNy0Rf6Col8jI3nloH9Trvz
+ method: DELETE
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 0
+ uncompressed: false
+ body: ""
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 204 No Content
+ code: 204
+ duration: 335.680542ms
diff --git a/test/data/recordings/TestClient_CreateAllCredential/Should_create_SelfSignedTLSClientAuth_Credential.yaml b/test/data/recordings/TestClient_CreateAllCredential/Should_create_SelfSignedTLSClientAuth_Credential.yaml
new file mode 100644
index 00000000..d824cb8b
--- /dev/null
+++ b/test/data/recordings/TestClient_CreateAllCredential/Should_create_SelfSignedTLSClientAuth_Credential.yaml
@@ -0,0 +1,145 @@
+---
+version: 2
+interactions:
+ - id: 0
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 1125
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:14:45.584)","description":"This is just a test client.","jwt_configuration":{"alg":"RS256"},"organization_usage":"allow","client_authentication_methods":{"private_key_jwt":{"credentials":[{"name":"Test Credential (Aug 6 16:14:45.584)","credential_type":"public_key","pem":"-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAua6LXMfgDE/tDdkOL1Oe\n3oWUwg1r4dSTg9L7RCcI5hItUzmkVofHtWN0H4CH2lm2ANmaJUsnhzctYowYW2+R\ntHvU9afTmtbdhpy993972hUqZSYLsE3iGziphYkOKVsqq38+VRH3TNg93zSLoRao\nJnTTkMXseVqiyqYRmFN8+gQQoEclHSGPUWQG5XMZ+hhuXeFyo+Yw/qbZWca/6/2I\n3rsca9jXR1alhxhHrXrg8N4Dm3gBgGbmiht6YYYT2Tyl1OqB9+iOI/9D7dfoCF6X\nAWJXRE454cmC8k8oucpjZVpflA+ocKshwPDR6YTLQYbXYiaWxEoaz0QGUErNQBnG\nI+sr9jDY3ua/s6HF6h0qyi/HVZH4wx+m4CtOfJoYTjrGBbaRszzUxhtSN2/MhXDu\n+a35q9/2zcu/3fjkkfVvGUt+NyyiYOKQ9vsJC1g/xxdUWtowjNwjfZE2zcG4usi8\nr38Bp0lmiipAsMLduZM/D5dFXkRdWCBNDfULmmg/4nv2wwjbjQuLemAMh7mmrztW\ni/85WMnjKQZT8NqS43pmgyIzg1gK1neMqdS90YmQ/PvJ36qALxCs245w1JpN9BAL\nJbwxCg/dbmKT7PalfWrksx9hGcJxtGqebldaOpw+5GVIPxxtC1C0gVr9BKeiDS3f\naibASY5pIRiKENmbZELDtucCAwEAAQ==\n-----END PUBLIC KEY-----"}]}}}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients
+ method: POST
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: false
+ body: '{"name":"Test Client (Aug 6 16:14:45.584)","description":"This is just a test client.","client_id":"B1h6RVXJBx48NSLDvambwNrPLHQgzV8l","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"RS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"allow","client_authentication_methods":{"private_key_jwt":{"credentials":[{"id":"cred_qJCg1RtcTsELNSBFtZgNkw","name":"Test Credential (Aug 6 16:14:45.584)","kid":"4e7yYf0TKdyTLbVnpq2wLN6mZ8t7eb9UJkMksyHj9iU","credential_type":"public_key","alg":"RS256","created_at":"2024-08-06T10:44:45.785Z","updated_at":"2024-08-06T10:44:45.785Z"}]}}}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 201 Created
+ code: 201
+ duration: 427.570292ms
+ - id: 1
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 1472
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Credential (Aug 6 16:14:46.012)","credential_type":"x509_cert","pem":"-----BEGIN CERTIFICATE-----\nMIIDwTCCAyqgAwIBAgICDh4wDQYJKoZIhvcNAQEFBQAwgZsxCzAJBgNVBAYTAkpQ\nMQ4wDAYDVQQIEwVUb2t5bzEQMA4GA1UEBxMHQ2h1by1rdTERMA8GA1UEChMIRnJh\nbms0REQxGDAWBgNVBAsTD1dlYkNlcnQgU3VwcG9ydDEYMBYGA1UEAxMPRnJhbms0\nREQgV2ViIENBMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZyYW5rNGRkLmNvbTAi\nGA8wMDAwMDEwMTAwMDAwMVoYDzk5OTkxMjMxMjM1OTU5WjCBgTELMAkGA1UEBhMC\nSlAxDjAMBgNVBAgTBVRva3lvMREwDwYDVQQKEwhGcmFuazRERDEQMA4GA1UECxMH\nU3VwcG9ydDEiMCAGCSqGSIb3DQEJARYTcHVibGljQGZyYW5rNGRkLmNvbTEZMBcG\nA1UEAxMQd3d3LmZyYW5rNGRkLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\ngYEA4rkBL30FzR2ZHZ1vpF9kGBO0DMwhu2pcrkcLJ0SEuf52ggo+md0tPis8f1KN\nTchxj6DtxWT3c7ECW0c1ALpu6mNVE+GaM94KsckSDehoPfbLjT9Apcc/F0mqvDsC\nN6fPdDixWrjx6xKT7xXi3lCy1yIKRMHA6Ha+T4qPyyCyMPECAwEAAaOCASYwggEi\nMAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgWgMB0GA1UdDgQWBBRWKE5tXPIyS0pC\nfE5taGO5Q84gyTCB0AYDVR0jBIHIMIHFgBRi83vtBtSx1Zx/SOXvxckVYf3ZEaGB\noaSBnjCBmzELMAkGA1UEBhMCSlAxDjAMBgNVBAgTBVRva3lvMRAwDgYDVQQHEwdD\naHVvLWt1MREwDwYDVQQKEwhGcmFuazRERDEYMBYGA1UECxMPV2ViQ2VydCBTdXBw\nb3J0MRgwFgYDVQQDEw9GcmFuazRERCBXZWIgQ0ExIzAhBgkqhkiG9w0BCQEWFHN1\ncHBvcnRAZnJhbms0ZGQuY29tggkAxscECbwiW6AwEwYDVR0lBAwwCgYIKwYBBQUH\nAwEwDQYJKoZIhvcNAQEFBQADgYEAfXCfXcePJwnMKc06qLa336cEPpXEsPed1bw4\nxiIXfgZ39duBnN+Nv4a49Yl2kbh4JO8tcr5h8WYAI/a/69w8qBFQBUAjTEY/+lcw\n9/6wU7UA3kh7yexeqDiNTRflnPUv3sfiVdLDTjqLWWAxGS8L26PjVaCUFfJLNiYJ\njerREgM=\n-----END CERTIFICATE-----"}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/B1h6RVXJBx48NSLDvambwNrPLHQgzV8l/credentials
+ method: POST
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 299
+ uncompressed: false
+ body: '{"id":"cred_2dDJX2xyhm3Ho5ADp6KVUk","credential_type":"x509_cert","name":"Test Credential (Aug 6 16:14:46.012)","thumbprint_sha256":"NTkulT-DcSrRSevqZd26aq0DCz8YbOFGjKVs-Expu4w","created_at":"2024-08-06T10:44:46.311Z","updated_at":"2024-08-06T10:44:46.311Z","expires_at":"9999-12-31T23:59:59.000Z"}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 201 Created
+ code: 201
+ duration: 462.588959ms
+ - id: 2
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/B1h6RVXJBx48NSLDvambwNrPLHQgzV8l/credentials/cred_2dDJX2xyhm3Ho5ADp6KVUk
+ method: DELETE
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 0
+ uncompressed: false
+ body: ""
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 204 No Content
+ code: 204
+ duration: 239.831375ms
+ - id: 3
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/B1h6RVXJBx48NSLDvambwNrPLHQgzV8l
+ method: DELETE
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 0
+ uncompressed: false
+ body: ""
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 204 No Content
+ code: 204
+ duration: 341.571792ms
diff --git a/test/data/recordings/TestClient_CreateAllCredential/Should_create_TLSClientAuth_Credential.yaml b/test/data/recordings/TestClient_CreateAllCredential/Should_create_TLSClientAuth_Credential.yaml
new file mode 100644
index 00000000..22045fab
--- /dev/null
+++ b/test/data/recordings/TestClient_CreateAllCredential/Should_create_TLSClientAuth_Credential.yaml
@@ -0,0 +1,145 @@
+---
+version: 2
+interactions:
+ - id: 0
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 1125
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Client (Aug 6 16:14:44.169)","description":"This is just a test client.","jwt_configuration":{"alg":"RS256"},"organization_usage":"allow","client_authentication_methods":{"private_key_jwt":{"credentials":[{"name":"Test Credential (Aug 6 16:14:44.169)","credential_type":"public_key","pem":"-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAua6LXMfgDE/tDdkOL1Oe\n3oWUwg1r4dSTg9L7RCcI5hItUzmkVofHtWN0H4CH2lm2ANmaJUsnhzctYowYW2+R\ntHvU9afTmtbdhpy993972hUqZSYLsE3iGziphYkOKVsqq38+VRH3TNg93zSLoRao\nJnTTkMXseVqiyqYRmFN8+gQQoEclHSGPUWQG5XMZ+hhuXeFyo+Yw/qbZWca/6/2I\n3rsca9jXR1alhxhHrXrg8N4Dm3gBgGbmiht6YYYT2Tyl1OqB9+iOI/9D7dfoCF6X\nAWJXRE454cmC8k8oucpjZVpflA+ocKshwPDR6YTLQYbXYiaWxEoaz0QGUErNQBnG\nI+sr9jDY3ua/s6HF6h0qyi/HVZH4wx+m4CtOfJoYTjrGBbaRszzUxhtSN2/MhXDu\n+a35q9/2zcu/3fjkkfVvGUt+NyyiYOKQ9vsJC1g/xxdUWtowjNwjfZE2zcG4usi8\nr38Bp0lmiipAsMLduZM/D5dFXkRdWCBNDfULmmg/4nv2wwjbjQuLemAMh7mmrztW\ni/85WMnjKQZT8NqS43pmgyIzg1gK1neMqdS90YmQ/PvJ36qALxCs245w1JpN9BAL\nJbwxCg/dbmKT7PalfWrksx9hGcJxtGqebldaOpw+5GVIPxxtC1C0gVr9BKeiDS3f\naibASY5pIRiKENmbZELDtucCAwEAAQ==\n-----END PUBLIC KEY-----"}]}}}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients
+ method: POST
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: false
+ body: '{"name":"Test Client (Aug 6 16:14:44.169)","description":"This is just a test client.","client_id":"IxqGVjVrF23k6dyhBSuqM5OGzBAqUrq9","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"alg":"RS256"},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"allow","client_authentication_methods":{"private_key_jwt":{"credentials":[{"id":"cred_n8CtWJe6dK4V3jz3Awg49G","name":"Test Credential (Aug 6 16:14:44.169)","kid":"4e7yYf0TKdyTLbVnpq2wLN6mZ8t7eb9UJkMksyHj9iU","credential_type":"public_key","alg":"RS256","created_at":"2024-08-06T10:44:44.374Z","updated_at":"2024-08-06T10:44:44.374Z"}]}}}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 201 Created
+ code: 201
+ duration: 463.714375ms
+ - id: 1
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 1296
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"name":"Test Credential (Aug 6 16:14:44.633)","credential_type":"cert_subject_dn","pem":"-----BEGIN CERTIFICATE-----\nMIIDPDCCAiQCCQDWNMOIuzwDfzANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJK\nUDEOMAwGA1UECAwFVG9reW8xEzARBgNVBAcMCkNoaXlvZGEta3UxDzANBgNVBAoM\nBkNsaWVudDEbMBkGA1UEAwwSY2xpZW50LmV4YW1wbGUub3JnMB4XDTE5MTAyODA3\nMjczMFoXDTIwMTAyNzA3MjczMFowYDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRv\na3lvMRMwEQYDVQQHDApDaGl5b2RhLWt1MQ8wDQYDVQQKDAZDbGllbnQxGzAZBgNV\nBAMMEmNsaWVudC5leGFtcGxlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\nAQoCggEBAK2Oyc+BV4N5pYcp47opUwsb2NaJq4X+d5Itq8whpFlZ9uCCHzF5TWSF\nXrpYscOp95veGPF42eT1grfxYyvjFotE76caHhBLCkIbBh6Vf222IGMwwBbSZfO9\nJ3eURtEADBvsZ117HkPVdjYqvt3Pr4RxdR12zG1TcBAoTLGchyr8nBqRADFhUTCL\nmsYaz1ADiQ/xbJN7VUNQpKhzRWHCdYS03HpbGjYCtAbl9dJnH2EepNF0emGiSPFq\ndf6taToyCr7oZjM7ufmKPjiiEDbeSYTf6kbPNmmjtoPNNLeejHjP9p0IYx7l0Gkj\nmx4kSMLp4vSDftrFgGfcxzaMmKBsosMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA\nqzdDYbntFLPBlbwAQlpwIjvmvwzvkQt6qgZ9Y0oMAf7pxq3i9q7W1bDol0UF4pIM\nz3urEJCHO8w18JRlfOnOENkcLLLntrjOUXuNkaCDLrnv8pnp0yeTQHkSpsyMtJi9\nR6r6JT9V57EJ/pWQBgKlN6qMiBkIvX7U2hEMmhZ00h/E5xMmiKbySBiJV9fBzDRf\nmAy1p9YEgLsEMLnGjKHTok+hd0BLvcmXVejdUsKCg84F0zqtXEDXLCiKcpXCeeWv\nlmmXxC5PH/GEMkSPiGSR7+b1i0sSotsq+M3hbdwabpJ6nQLLbKkFSGcsQ87yL+gr\nSo6zun26vAUJTu1o9CIjxw==\n-----END CERTIFICATE-----"}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/IxqGVjVrF23k6dyhBSuqM5OGzBAqUrq9/credentials
+ method: POST
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 276
+ uncompressed: false
+ body: '{"id":"cred_5XaGkLkUJFv4ZaLhqajHMG","credential_type":"cert_subject_dn","name":"Test Credential (Aug 6 16:14:44.633)","subject_dn":"C=JP\nST=Tokyo\nL=Chiyoda-ku\nO=Client\nCN=client.example.org","created_at":"2024-08-06T10:44:44.931Z","updated_at":"2024-08-06T10:44:44.931Z"}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 201 Created
+ code: 201
+ duration: 386.010875ms
+ - id: 2
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/IxqGVjVrF23k6dyhBSuqM5OGzBAqUrq9/credentials/cred_5XaGkLkUJFv4ZaLhqajHMG
+ method: DELETE
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 0
+ uncompressed: false
+ body: ""
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 204 No Content
+ code: 204
+ duration: 244.576958ms
+ - id: 3
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/clients/IxqGVjVrF23k6dyhBSuqM5OGzBAqUrq9
+ method: DELETE
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: 0
+ uncompressed: false
+ body: ""
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 204 No Content
+ code: 204
+ duration: 318.35275ms
diff --git a/test/data/recordings/TestResourceServer_Create.yaml b/test/data/recordings/TestResourceServer_Create.yaml
index af134b70..0253695b 100644
--- a/test/data/recordings/TestResourceServer_Create.yaml
+++ b/test/data/recordings/TestResourceServer_Create.yaml
@@ -6,20 +6,20 @@ interactions:
proto: HTTP/1.1
proto_major: 1
proto_minor: 1
- content_length: 303
+ content_length: 1446
transfer_encoding: []
trailer: {}
host: go-auth0-dev.eu.auth0.com
remote_addr: ""
request_uri: ""
body: |
- {"name":"Test Resource Server (Jun 11 18:23:31.182)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":true,"token_dialect":"rfc9068_profile_authz"}
+ {"name":"Test Resource Server (Aug 6 16:12:15.127)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"PS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":true,"token_dialect":"rfc9068_profile_authz","consent_policy":"transactional-authorization-with-mfa","authorization_details":[{"type":"payment"},{"type":"my custom type"}],"token_encryption":{"format":"compact-nested-jwe","encryption_key":{"name":"my JWE public key","alg":"RSA-OAEP-256","kid":"my-key-id","pem":"-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAua6LXMfgDE/tDdkOL1Oe\n3oWUwg1r4dSTg9L7RCcI5hItUzmkVofHtWN0H4CH2lm2ANmaJUsnhzctYowYW2+R\ntHvU9afTmtbdhpy993972hUqZSYLsE3iGziphYkOKVsqq38+VRH3TNg93zSLoRao\nJnTTkMXseVqiyqYRmFN8+gQQoEclHSGPUWQG5XMZ+hhuXeFyo+Yw/qbZWca/6/2I\n3rsca9jXR1alhxhHrXrg8N4Dm3gBgGbmiht6YYYT2Tyl1OqB9+iOI/9D7dfoCF6X\nAWJXRE454cmC8k8oucpjZVpflA+ocKshwPDR6YTLQYbXYiaWxEoaz0QGUErNQBnG\nI+sr9jDY3ua/s6HF6h0qyi/HVZH4wx+m4CtOfJoYTjrGBbaRszzUxhtSN2/MhXDu\n+a35q9/2zcu/3fjkkfVvGUt+NyyiYOKQ9vsJC1g/xxdUWtowjNwjfZE2zcG4usi8\nr38Bp0lmiipAsMLduZM/D5dFXkRdWCBNDfULmmg/4nv2wwjbjQuLemAMh7mmrztW\ni/85WMnjKQZT8NqS43pmgyIzg1gK1neMqdS90YmQ/PvJ36qALxCs245w1JpN9BAL\nJbwxCg/dbmKT7PalfWrksx9hGcJxtGqebldaOpw+5GVIPxxtC1C0gVr9BKeiDS3f\naibASY5pIRiKENmbZELDtucCAwEAAQ==\n-----END PUBLIC KEY-----"}},"proof_of_possession":{"mechanism":"mtls","required":true}}
form: {}
headers:
Content-Type:
- application/json
User-Agent:
- - Go-Auth0/1.6.0
+ - Go-Auth0/1.8.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers
method: POST
response:
@@ -28,15 +28,15 @@ interactions:
proto_minor: 0
transfer_encoding: []
trailer: {}
- content_length: 471
+ content_length: 807
uncompressed: false
- body: '{"id":"666848cb019f67554fa3c298","name":"Test Resource Server (Jun 11 18:23:31.182)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":true,"token_dialect":"rfc9068_profile_authz"}'
+ body: '{"id":"66b1fe07da0f5b2d35c5c011","name":"Test Resource Server (Aug 6 16:12:15.127)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"PS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":true,"token_dialect":"rfc9068_profile_authz","consent_policy":"transactional-authorization-with-mfa","authorization_details":[{"type":"payment"},{"type":"my custom type"}],"token_encryption":{"format":"compact-nested-jwe","encryption_key":{"name":"my JWE public key","alg":"RSA-OAEP-256","kid":"my-key-id"}},"proof_of_possession":{"mechanism":"mtls","required":true}}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 201 Created
code: 201
- duration: 675.655583ms
+ duration: 937.989542ms
- id: 1
request:
proto: HTTP/1.1
@@ -54,8 +54,8 @@ interactions:
Content-Type:
- application/json
User-Agent:
- - Go-Auth0/1.6.0
- url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/666848cb019f67554fa3c298
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/66b1fe07da0f5b2d35c5c011
method: DELETE
response:
proto: HTTP/2.0
@@ -71,4 +71,4 @@ interactions:
- application/json; charset=utf-8
status: 204 No Content
code: 204
- duration: 377.692875ms
+ duration: 318.871542ms
diff --git a/test/data/recordings/TestTenantManager.yaml b/test/data/recordings/TestTenantManager.yaml
index 1a048ac3..47000fce 100644
--- a/test/data/recordings/TestTenantManager.yaml
+++ b/test/data/recordings/TestTenantManager.yaml
@@ -6,20 +6,19 @@ interactions:
proto: HTTP/1.1
proto_major: 1
proto_minor: 1
- content_length: 5
+ content_length: 0
transfer_encoding: []
trailer: {}
host: go-auth0-dev.eu.auth0.com
remote_addr: ""
request_uri: ""
- body: |
- null
+ body: ""
form: {}
headers:
Content-Type:
- application/json
User-Agent:
- - Go-Auth0/latest
+ - Go-Auth0/1.8.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
method: GET
response:
@@ -30,32 +29,32 @@ interactions:
trailer: {}
content_length: -1
uncompressed: true
- body: '{"allowed_logout_urls":[],"change_password":{"enabled":false,"html":"My Custom Reset Password Page"},"default_audience":"","default_directory":"","default_redirection_uri":"https://example.com/login","enabled_locales":["de","fr"],"error_page":{"html":"","show_log_link":false,"url":""},"flags":{"allow_changing_enable_sso":false,"disable_impersonation":true,"disable_management_api_sms_obfuscation":true,"enable_public_signup_user_exists_error":true,"enable_sso":true,"new_universal_login_experience_enabled":true,"universal_login":true,"use_scope_descriptions_for_consent":false,"no_disclose_enterprise_connections":false,"revoke_refresh_token_grant":false,"disable_fields_map_fix":true,"require_signed_request_object":false,"dashboard_new_onboarding":false,"mfa_show_factor_list_on_enrollment":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Test Tenant","guardian_mfa_page":{"enabled":false,"html":"My Custom MFA Page"},"idle_session_lifetime":72,"picture_url":"https://mycompany.org/logo.png","sandbox_version":"16","session_lifetime":168,"support_email":"support@mycompany.org","support_url":"https://mycompany.org/support","sessions":{"oidc_logout_prompt_enabled":true},"universal_login":{"colors":{"primary":"#0059d6","page_background":"#000000"}},"session_cookie":{"mode":"persistent"},"sandbox_versions_available":["18","16"]}'
+ body: '{"allowed_logout_urls":[],"acr_values_supported":[],"default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"flags":{"allow_changing_enable_sso":false,"disable_impersonation":true,"enable_sso":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true}},"session_cookie":{"mode":"non-persistent"},"sandbox_versions_available":["18","16","12"]}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 200 OK
code: 200
- duration: 295.362625ms
+ duration: 590.746791ms
- id: 1
request:
proto: HTTP/1.1
proto_major: 1
proto_minor: 1
- content_length: 427
+ content_length: 551
transfer_encoding: []
trailer: {}
host: go-auth0-dev.eu.auth0.com
remote_addr: ""
request_uri: ""
body: |
- {"friendly_name":"My Example Tenant","support_email":"support@example.com","support_url":"https://support.example.com","allowed_logout_urls":["https://app.com/logout","http://localhost/logout"],"session_lifetime":1080,"idle_session_lifetime":720,"default_redirection_uri":"https://example.com/login","enabled_locales":["fr","en","es"],"session_cookie":{"mode":"non-persistent"},"sessions":{"oidc_logout_prompt_enabled":false}}
+ {"friendly_name":"My Example Tenant","support_email":"support@example.com","support_url":"https://support.example.com","allowed_logout_urls":["https://app.com/logout","http://localhost/logout"],"session_lifetime":1080,"idle_session_lifetime":720,"default_redirection_uri":"https://example.com/login","enabled_locales":["fr","en","es"],"session_cookie":{"mode":"non-persistent"},"sessions":{"oidc_logout_prompt_enabled":false},"acr_values_supported":["foo","bar"],"mtls":{"enable_endpoint_aliases":true},"pushed_authorization_requests_supported":true}
form: {}
headers:
Content-Type:
- application/json
User-Agent:
- - Go-Auth0/latest
+ - Go-Auth0/1.8.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
method: PATCH
response:
@@ -66,32 +65,31 @@ interactions:
trailer: {}
content_length: -1
uncompressed: true
- body: '{"allowed_logout_urls":["https://app.com/logout","http://localhost/logout"],"change_password":{"enabled":false,"html":"My Custom Reset Password Page"},"default_audience":"","default_directory":"","default_redirection_uri":"https://example.com/login","enabled_locales":["fr","en","es"],"error_page":{"html":"","show_log_link":false,"url":""},"flags":{"allow_changing_enable_sso":false,"cannot_change_enforce_client_authentication_on_passwordless_start":true,"disable_impersonation":true,"disable_management_api_sms_obfuscation":true,"enable_public_signup_user_exists_error":true,"enable_sso":true,"enforce_client_authentication_on_passwordless_start":true,"new_universal_login_experience_enabled":true,"universal_login":true,"use_scope_descriptions_for_consent":false,"no_disclose_enterprise_connections":false,"revoke_refresh_token_grant":false,"disable_fields_map_fix":true,"require_signed_request_object":false,"dashboard_new_onboarding":false,"mfa_show_factor_list_on_enrollment":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":false,"html":"My Custom MFA Page"},"idle_session_lifetime":720,"picture_url":"https://mycompany.org/logo.png","sandbox_version":"16","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"universal_login":{"colors":{"primary":"#0059d6","page_background":"#000000"},"is_custom_theme_set":false,"is_custom_template_set":false},"session_cookie":{"mode":"non-persistent"}}'
+ body: '{"allowed_logout_urls":["https://app.com/logout","http://localhost/logout"],"acr_values_supported":["foo","bar"],"default_redirection_uri":"https://example.com/login","enabled_locales":["fr","en","es"],"flags":{"allow_changing_enable_sso":false,"cannot_change_enforce_client_authentication_on_passwordless_start":true,"disable_impersonation":true,"enable_sso":true,"enforce_client_authentication_on_passwordless_start":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true},"is_custom_template_set":true,"identifier_first":false,"webauthn_platform_first_factor":false},"session_cookie":{"mode":"non-persistent"}}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 200 OK
code: 200
- duration: 202.159625ms
+ duration: 254.967583ms
- id: 2
request:
proto: HTTP/1.1
proto_major: 1
proto_minor: 1
- content_length: 5
+ content_length: 0
transfer_encoding: []
trailer: {}
host: go-auth0-dev.eu.auth0.com
remote_addr: ""
request_uri: ""
- body: |
- null
+ body: ""
form: {}
headers:
Content-Type:
- application/json
User-Agent:
- - Go-Auth0/latest
+ - Go-Auth0/1.8.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
method: GET
response:
@@ -102,32 +100,103 @@ interactions:
trailer: {}
content_length: -1
uncompressed: true
- body: '{"allowed_logout_urls":["https://app.com/logout","http://localhost/logout"],"change_password":{"enabled":false,"html":"My Custom Reset Password Page"},"default_audience":"","default_directory":"","default_redirection_uri":"https://example.com/login","enabled_locales":["fr","en","es"],"error_page":{"html":"","show_log_link":false,"url":""},"flags":{"allow_changing_enable_sso":false,"disable_impersonation":true,"disable_management_api_sms_obfuscation":true,"enable_public_signup_user_exists_error":true,"enable_sso":true,"new_universal_login_experience_enabled":true,"universal_login":true,"use_scope_descriptions_for_consent":false,"no_disclose_enterprise_connections":false,"revoke_refresh_token_grant":false,"disable_fields_map_fix":true,"require_signed_request_object":false,"dashboard_new_onboarding":false,"mfa_show_factor_list_on_enrollment":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":false,"html":"My Custom MFA Page"},"idle_session_lifetime":720,"picture_url":"https://mycompany.org/logo.png","sandbox_version":"16","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"universal_login":{"colors":{"primary":"#0059d6","page_background":"#000000"}},"session_cookie":{"mode":"non-persistent"},"sandbox_versions_available":["18","16"]}'
+ body: '{"allowed_logout_urls":["https://app.com/logout","http://localhost/logout"],"acr_values_supported":["foo","bar"],"default_redirection_uri":"https://example.com/login","enabled_locales":["fr","en","es"],"flags":{"allow_changing_enable_sso":false,"disable_impersonation":true,"enable_sso":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true}},"session_cookie":{"mode":"non-persistent"},"sandbox_versions_available":["18","16","12"]}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 200 OK
code: 200
- duration: 102.815625ms
+ duration: 215.02ms
- id: 3
request:
proto: HTTP/1.1
proto_major: 1
proto_minor: 1
- content_length: 810
+ content_length: 38
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"friendly_name":"My Example Tenant"}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
+ method: PATCH
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"allowed_logout_urls":["https://app.com/logout","http://localhost/logout"],"acr_values_supported":["foo","bar"],"default_redirection_uri":"https://example.com/login","enabled_locales":["fr","en","es"],"flags":{"allow_changing_enable_sso":false,"cannot_change_enforce_client_authentication_on_passwordless_start":true,"disable_impersonation":true,"enable_sso":true,"enforce_client_authentication_on_passwordless_start":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true},"is_custom_template_set":true,"identifier_first":false,"webauthn_platform_first_factor":false},"session_cookie":{"mode":"non-persistent"}}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 276.706708ms
+ - id: 4
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
+ method: GET
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"allowed_logout_urls":["https://app.com/logout","http://localhost/logout"],"acr_values_supported":["foo","bar"],"default_redirection_uri":"https://example.com/login","enabled_locales":["fr","en","es"],"flags":{"allow_changing_enable_sso":false,"disable_impersonation":true,"enable_sso":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true}},"session_cookie":{"mode":"non-persistent"},"sandbox_versions_available":["18","16","12"]}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 220.032958ms
+ - id: 5
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 3370
transfer_encoding: []
trailer: {}
host: go-auth0-dev.eu.auth0.com
remote_addr: ""
request_uri: ""
body: |
- {"change_password":{"enabled":false,"html":"\u003chtml\u003e\u003cbody\u003eMy Custom Reset Password Page\u003c/body\u003e\u003c/html\u003e"},"guardian_mfa_page":{"enabled":false,"html":"\u003chtml\u003e\u003cbody\u003eMy Custom MFA Page\u003c/body\u003e\u003c/html\u003e"},"default_audience":"","default_directory":"","error_page":{"html":"","show_log_link":false,"url":""},"friendly_name":"My Test Tenant","picture_url":"https://mycompany.org/logo.png","support_email":"support@mycompany.org","support_url":"https://mycompany.org/support","allowed_logout_urls":[],"session_lifetime":168,"idle_session_lifetime":72,"sandbox_version":"16","default_redirection_uri":"https://example.com/login","enabled_locales":["de","fr"],"session_cookie":{"mode":"persistent"},"sessions":{"oidc_logout_prompt_enabled":true}}
+ {"guardian_mfa_page":{"enabled":true,"html":"\u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n\u003chead\u003e\n \u003ctitle\u003e2nd Factor Authentication\u003c/title\u003e\n \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no\" /\u003e\n \u003cmeta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"\u003e\n \u003cstyle type=\"text/css\"\u003e\n\n html, body { padding: 0; margin: 0; }\n\n .table {\n display: table;\n position: absolute;\n height: 100%;\n width: 100%;\n background-color: {{ pageBackgroundColor | default: '#2b2b33' }};\n }\n\n .cell {\n display: table-cell;\n vertical-align: middle;\n }\n\n .content {\n padding: 25px 0px 25px 0px;\n margin-left: auto;\n margin-right: auto;\n width: 280px; /* login widget width */\n }\n\n \u003c/style\u003e\n\u003c/head\u003e\n\n\u003cbody\u003e\n\n \u003cdiv class=\"table\"\u003e\n \u003cdiv class=\"cell\"\u003e\n \u003cdiv class=\"content\"\u003e\n \u003c!-- WIDGET --\u003e\n \u003cdiv class=\"js-mfa-container mfa-container\" id=\"container\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cscript src=\"//cdn.auth0.com/js/mfa-widget/mfa-widget-1.8.min.js\"\u003e\u003c/script\u003e\n\n \u003cscript\u003e\n (function() {\n return new Auth0MFAWidget({\n container: \"container\",\n\n theme: {\n icon: \"{{ iconUrl | default: '//cdn.auth0.com/styleguide/1.0.0/img/badge.png' }}\",\n primaryColor: \"{{ primaryColor | default: '#ea5323' }}\"\n },\n\n requesterErrors: [\n {% for error in errors %}\n { message: \"{{ error.message }}\", errorCode: \"{{ error.code }}\" }\n {% endfor %}\n ],\n\n mfaServerUrl: \"{{ mfaServerUrl }}\",\n {% if ticket %}\n ticket: \"{{ ticket }}\",\n {% else %}\n requestToken: \"{{ requestToken }}\",\n {% endif %}\n postActionURL: \"{{ postActionURL }}\",\n\n userData: {\n userId: \"{{ userData.userId }}\",\n email: \"{{ userData.email }}\",\n friendlyUserId: \"{{ userData.friendlyUserId }}\",\n tenant: \"{{ userData.tenant }}\",\n {% if userData.tenantFriendlyName %}\n tenantFriendlyName: \"{{ userData.tenantFriendlyName }}\"\n {% endif %}\n },\n globalTrackingId: \"{{ globalTrackingId }}\",\n {% if allowRememberBrowser %}allowRememberBrowser: {{ allowRememberBrowser }}, {% endif %}\n {% if stateCheckingMechanism %}stateCheckingMechanism: \"{{ stateCheckingMechanism }}\", {% endif %}\n });\n })();\n \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n"},"friendly_name":"My Example Tenant","support_email":"support@example.com","support_url":"https://support.example.com","allowed_logout_urls":[],"session_lifetime":1080,"idle_session_lifetime":720,"sandbox_version":"12","default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"session_cookie":{"mode":"non-persistent"},"sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"acr_values_supported":[],"mtls":{"enable_endpoint_aliases":true},"pushed_authorization_requests_supported":true}
form: {}
headers:
Content-Type:
- application/json
User-Agent:
- - Go-Auth0/latest
+ - Go-Auth0/1.8.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
method: PATCH
response:
@@ -138,10 +207,10 @@ interactions:
trailer: {}
content_length: -1
uncompressed: true
- body: '{"allowed_logout_urls":[],"change_password":{"enabled":false,"html":"My Custom Reset Password Page"},"default_audience":"","default_directory":"","default_redirection_uri":"https://example.com/login","enabled_locales":["de","fr"],"error_page":{"html":"","show_log_link":false,"url":""},"flags":{"allow_changing_enable_sso":false,"cannot_change_enforce_client_authentication_on_passwordless_start":true,"disable_impersonation":true,"disable_management_api_sms_obfuscation":true,"enable_public_signup_user_exists_error":true,"enable_sso":true,"enforce_client_authentication_on_passwordless_start":true,"new_universal_login_experience_enabled":true,"universal_login":true,"use_scope_descriptions_for_consent":false,"no_disclose_enterprise_connections":false,"revoke_refresh_token_grant":false,"disable_fields_map_fix":true,"require_signed_request_object":false,"dashboard_new_onboarding":false,"mfa_show_factor_list_on_enrollment":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Test Tenant","guardian_mfa_page":{"enabled":false,"html":"My Custom MFA Page"},"idle_session_lifetime":72,"picture_url":"https://mycompany.org/logo.png","sandbox_version":"16","session_lifetime":168,"support_email":"support@mycompany.org","support_url":"https://mycompany.org/support","sessions":{"oidc_logout_prompt_enabled":true},"universal_login":{"colors":{"primary":"#0059d6","page_background":"#000000"},"is_custom_theme_set":false,"is_custom_template_set":false},"session_cookie":{"mode":"persistent"}}'
+ body: '{"allowed_logout_urls":[],"acr_values_supported":[],"default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"flags":{"allow_changing_enable_sso":false,"cannot_change_enforce_client_authentication_on_passwordless_start":true,"disable_impersonation":true,"enable_sso":true,"enforce_client_authentication_on_passwordless_start":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true},"is_custom_template_set":true,"identifier_first":false,"webauthn_platform_first_factor":false},"session_cookie":{"mode":"non-persistent"}}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 200 OK
code: 200
- duration: 200.583709ms
+ duration: 269.356792ms
diff --git a/test/data/recordings/TestTenantManager_NullableFields.yaml b/test/data/recordings/TestTenantManager_NullableFields.yaml
new file mode 100644
index 00000000..b84e0514
--- /dev/null
+++ b/test/data/recordings/TestTenantManager_NullableFields.yaml
@@ -0,0 +1,287 @@
+---
+version: 2
+interactions:
+ - id: 0
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
+ method: GET
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"allowed_logout_urls":[],"acr_values_supported":[],"default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"flags":{"allow_changing_enable_sso":false,"disable_impersonation":true,"enable_sso":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true}},"session_cookie":{"mode":"non-persistent"},"sandbox_versions_available":["18","16","12"]}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 662.812ms
+ - id: 1
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 79
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"acr_values_supported":["foo","bar"],"mtls":{"enable_endpoint_aliases":true}}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
+ method: PATCH
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"allowed_logout_urls":[],"acr_values_supported":["foo","bar"],"default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"flags":{"allow_changing_enable_sso":false,"cannot_change_enforce_client_authentication_on_passwordless_start":true,"disable_impersonation":true,"enable_sso":true,"enforce_client_authentication_on_passwordless_start":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true},"is_custom_template_set":true,"identifier_first":false,"webauthn_platform_first_factor":false},"session_cookie":{"mode":"non-persistent"}}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 243.27225ms
+ - id: 2
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
+ method: GET
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"allowed_logout_urls":[],"acr_values_supported":["foo","bar"],"default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"flags":{"allow_changing_enable_sso":false,"disable_impersonation":true,"enable_sso":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true}},"session_cookie":{"mode":"non-persistent"},"sandbox_versions_available":["18","16","12"]}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 227.861667ms
+ - id: 3
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 28
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"acr_values_supported":[]}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
+ method: PATCH
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"allowed_logout_urls":[],"acr_values_supported":[],"default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"flags":{"allow_changing_enable_sso":false,"cannot_change_enforce_client_authentication_on_passwordless_start":true,"disable_impersonation":true,"enable_sso":true,"enforce_client_authentication_on_passwordless_start":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true},"is_custom_template_set":true,"identifier_first":false,"webauthn_platform_first_factor":false},"session_cookie":{"mode":"non-persistent"}}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 258.725083ms
+ - id: 4
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
+ method: GET
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"allowed_logout_urls":[],"acr_values_supported":[],"default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"flags":{"allow_changing_enable_sso":false,"disable_impersonation":true,"enable_sso":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true}},"session_cookie":{"mode":"non-persistent"},"sandbox_versions_available":["18","16","12"]}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 209.557958ms
+ - id: 5
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 42
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"acr_values_supported":null,"mtls":null}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
+ method: PATCH
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"allowed_logout_urls":[],"default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"flags":{"allow_changing_enable_sso":false,"cannot_change_enforce_client_authentication_on_passwordless_start":true,"disable_impersonation":true,"enable_sso":true,"enforce_client_authentication_on_passwordless_start":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true},"is_custom_template_set":true,"identifier_first":false,"webauthn_platform_first_factor":false},"session_cookie":{"mode":"non-persistent"}}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 251.500375ms
+ - id: 6
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: ""
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
+ method: GET
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"allowed_logout_urls":[],"default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"flags":{"allow_changing_enable_sso":false,"disable_impersonation":true,"enable_sso":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true}},"session_cookie":{"mode":"non-persistent"},"sandbox_versions_available":["18","16","12"]}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 209.123958ms
+ - id: 7
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 3370
+ transfer_encoding: []
+ trailer: {}
+ host: go-auth0-dev.eu.auth0.com
+ remote_addr: ""
+ request_uri: ""
+ body: |
+ {"guardian_mfa_page":{"enabled":true,"html":"\u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n\u003chead\u003e\n \u003ctitle\u003e2nd Factor Authentication\u003c/title\u003e\n \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no\" /\u003e\n \u003cmeta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"\u003e\n \u003cstyle type=\"text/css\"\u003e\n\n html, body { padding: 0; margin: 0; }\n\n .table {\n display: table;\n position: absolute;\n height: 100%;\n width: 100%;\n background-color: {{ pageBackgroundColor | default: '#2b2b33' }};\n }\n\n .cell {\n display: table-cell;\n vertical-align: middle;\n }\n\n .content {\n padding: 25px 0px 25px 0px;\n margin-left: auto;\n margin-right: auto;\n width: 280px; /* login widget width */\n }\n\n \u003c/style\u003e\n\u003c/head\u003e\n\n\u003cbody\u003e\n\n \u003cdiv class=\"table\"\u003e\n \u003cdiv class=\"cell\"\u003e\n \u003cdiv class=\"content\"\u003e\n \u003c!-- WIDGET --\u003e\n \u003cdiv class=\"js-mfa-container mfa-container\" id=\"container\"\u003e\u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n \u003c/div\u003e\n\n \u003cscript src=\"//cdn.auth0.com/js/mfa-widget/mfa-widget-1.8.min.js\"\u003e\u003c/script\u003e\n\n \u003cscript\u003e\n (function() {\n return new Auth0MFAWidget({\n container: \"container\",\n\n theme: {\n icon: \"{{ iconUrl | default: '//cdn.auth0.com/styleguide/1.0.0/img/badge.png' }}\",\n primaryColor: \"{{ primaryColor | default: '#ea5323' }}\"\n },\n\n requesterErrors: [\n {% for error in errors %}\n { message: \"{{ error.message }}\", errorCode: \"{{ error.code }}\" }\n {% endfor %}\n ],\n\n mfaServerUrl: \"{{ mfaServerUrl }}\",\n {% if ticket %}\n ticket: \"{{ ticket }}\",\n {% else %}\n requestToken: \"{{ requestToken }}\",\n {% endif %}\n postActionURL: \"{{ postActionURL }}\",\n\n userData: {\n userId: \"{{ userData.userId }}\",\n email: \"{{ userData.email }}\",\n friendlyUserId: \"{{ userData.friendlyUserId }}\",\n tenant: \"{{ userData.tenant }}\",\n {% if userData.tenantFriendlyName %}\n tenantFriendlyName: \"{{ userData.tenantFriendlyName }}\"\n {% endif %}\n },\n globalTrackingId: \"{{ globalTrackingId }}\",\n {% if allowRememberBrowser %}allowRememberBrowser: {{ allowRememberBrowser }}, {% endif %}\n {% if stateCheckingMechanism %}stateCheckingMechanism: \"{{ stateCheckingMechanism }}\", {% endif %}\n });\n })();\n \u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n"},"friendly_name":"My Example Tenant","support_email":"support@example.com","support_url":"https://support.example.com","allowed_logout_urls":[],"session_lifetime":1080,"idle_session_lifetime":720,"sandbox_version":"12","default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"session_cookie":{"mode":"non-persistent"},"sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"acr_values_supported":[],"mtls":{"enable_endpoint_aliases":true},"pushed_authorization_requests_supported":true}
+ form: {}
+ headers:
+ Content-Type:
+ - application/json
+ User-Agent:
+ - Go-Auth0/1.8.0
+ url: https://go-auth0-dev.eu.auth0.com/api/v2/tenants/settings
+ method: PATCH
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ transfer_encoding: []
+ trailer: {}
+ content_length: -1
+ uncompressed: true
+ body: '{"allowed_logout_urls":[],"acr_values_supported":[],"default_redirection_uri":"https://example.com/login","enabled_locales":["en"],"flags":{"allow_changing_enable_sso":false,"cannot_change_enforce_client_authentication_on_passwordless_start":true,"disable_impersonation":true,"enable_sso":true,"enforce_client_authentication_on_passwordless_start":true,"new_universal_login_experience_enabled":true,"universal_login":true,"revoke_refresh_token_grant":false,"mfa_show_factor_list_on_enrollment":false,"remove_alg_from_jwks":true,"disable_clickjack_protection_headers":false},"friendly_name":"My Example Tenant","guardian_mfa_page":{"enabled":true,"html":"\n\n\n 2nd Factor Authentication\n \n \n \n\n\n\n\n \n\n \n\n \n\n\n"},"idle_session_lifetime":720,"sandbox_version":"12","session_lifetime":1080,"support_email":"support@example.com","support_url":"https://support.example.com","sessions":{"oidc_logout_prompt_enabled":false},"customize_mfa_in_postlogin_action":true,"pushed_authorization_requests_supported":true,"mtls":{"enable_endpoint_aliases":true},"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true},"is_custom_template_set":true,"identifier_first":false,"webauthn_platform_first_factor":false},"session_cookie":{"mode":"non-persistent"}}'
+ headers:
+ Content-Type:
+ - application/json; charset=utf-8
+ status: 200 OK
+ code: 200
+ duration: 252.963792ms