diff --git a/docs/data-sources/client.md b/docs/data-sources/client.md index 4df512c05..b0970f9fb 100644 --- a/docs/data-sources/client.md +++ b/docs/data-sources/client.md @@ -62,6 +62,7 @@ data "auth0_client" "some-client-by-id" { - `organization_require_behavior` (String) Defines how to proceed during an authentication transaction when `organization_usage = "require"`. Can be `no_prompt` (default), `pre_login_prompt` or `post_login_prompt`. - `organization_usage` (String) Defines how to proceed during an authentication transaction with regards to an organization. Can be `deny` (default), `allow` or `require`. - `refresh_token` (List of Object) Configuration settings for the refresh tokens issued for this client. (see [below for nested schema](#nestedatt--refresh_token)) +- `require_pushed_authorization_requests` (Boolean) Makes the use of Pushed Authorization Requests mandatory for this client. - `signing_keys` (List of Map of String) List containing a map of the public cert of the signing key and the public cert of the signing key in PKCS7. - `sso` (Boolean) Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false). - `sso_disabled` (Boolean) Indicates whether or not SSO is disabled. diff --git a/docs/data-sources/tenant.md b/docs/data-sources/tenant.md index 1bcb8f6b6..d4023bf31 100644 --- a/docs/data-sources/tenant.md +++ b/docs/data-sources/tenant.md @@ -62,6 +62,7 @@ Read-Only: - `enable_public_signup_user_exists_error` (Boolean) - `mfa_show_factor_list_on_enrollment` (Boolean) - `no_disclose_enterprise_connections` (Boolean) +- `require_pushed_authorization_requests` (Boolean) - `revoke_refresh_token_grant` (Boolean) - `use_scope_descriptions_for_consent` (Boolean) diff --git a/docs/resources/client.md b/docs/resources/client.md index 49d29f41f..40e36c865 100644 --- a/docs/resources/client.md +++ b/docs/resources/client.md @@ -117,6 +117,7 @@ resource "auth0_client" "my_client" { - `organization_require_behavior` (String) Defines how to proceed during an authentication transaction when `organization_usage = "require"`. Can be `no_prompt` (default), `pre_login_prompt` or `post_login_prompt`. - `organization_usage` (String) Defines how to proceed during an authentication transaction with regards to an organization. Can be `deny` (default), `allow` or `require`. - `refresh_token` (Block List, Max: 1) Configuration settings for the refresh tokens issued for this client. (see [below for nested schema](#nestedblock--refresh_token)) +- `require_pushed_authorization_requests` (Boolean) Makes the use of Pushed Authorization Requests mandatory for this client. - `sso` (Boolean) Applies only to SSO clients and determines whether Auth0 will handle Single Sign-On (true) or whether the identity provider will (false). - `sso_disabled` (Boolean) Indicates whether or not SSO is disabled. - `web_origins` (List of String) URLs that represent valid web origins for use with web message response mode. diff --git a/docs/resources/tenant.md b/docs/resources/tenant.md index 0f7848dda..3c87766fd 100644 --- a/docs/resources/tenant.md +++ b/docs/resources/tenant.md @@ -88,6 +88,7 @@ Optional: - `enable_public_signup_user_exists_error` (Boolean) Indicates whether the public sign up process shows a `user_exists` error if the user already exists. - `mfa_show_factor_list_on_enrollment` (Boolean) Used to allow users to pick which factor to enroll with from the list of available MFA factors. - `no_disclose_enterprise_connections` (Boolean) Do not Publish Enterprise Connections Information with IdP domains on the lock configuration file. +- `require_pushed_authorization_requests` (Boolean) Makes the use of Pushed Authorization Requests mandatory for all clients across the tenant. - `revoke_refresh_token_grant` (Boolean) Delete underlying grant when a refresh token is revoked via the Authentication API. - `use_scope_descriptions_for_consent` (Boolean) Indicates whether to use scope descriptions for consent. diff --git a/internal/auth0/client/expand.go b/internal/auth0/client/expand.go index 45b05669c..1dacc0479 100644 --- a/internal/auth0/client/expand.go +++ b/internal/auth0/client/expand.go @@ -13,37 +13,38 @@ func expandClient(d *schema.ResourceData) *management.Client { config := d.GetRawConfig() client := &management.Client{ - Name: value.String(config.GetAttr("name")), - Description: value.String(config.GetAttr("description")), - AppType: value.String(config.GetAttr("app_type")), - LogoURI: value.String(config.GetAttr("logo_uri")), - IsFirstParty: value.Bool(config.GetAttr("is_first_party")), - OIDCConformant: value.Bool(config.GetAttr("oidc_conformant")), - ClientAliases: value.Strings(config.GetAttr("client_aliases")), - Callbacks: value.Strings(config.GetAttr("callbacks")), - AllowedLogoutURLs: value.Strings(config.GetAttr("allowed_logout_urls")), - AllowedOrigins: value.Strings(config.GetAttr("allowed_origins")), - AllowedClients: value.Strings(config.GetAttr("allowed_clients")), - GrantTypes: value.Strings(config.GetAttr("grant_types")), - OrganizationUsage: value.String(config.GetAttr("organization_usage")), - OrganizationRequireBehavior: value.String(config.GetAttr("organization_require_behavior")), - WebOrigins: value.Strings(config.GetAttr("web_origins")), - SSO: value.Bool(config.GetAttr("sso")), - SSODisabled: value.Bool(config.GetAttr("sso_disabled")), - CrossOriginAuth: value.Bool(config.GetAttr("cross_origin_auth")), - CrossOriginLocation: value.String(config.GetAttr("cross_origin_loc")), - CustomLoginPageOn: value.Bool(config.GetAttr("custom_login_page_on")), - CustomLoginPage: value.String(config.GetAttr("custom_login_page")), - FormTemplate: value.String(config.GetAttr("form_template")), - InitiateLoginURI: value.String(config.GetAttr("initiate_login_uri")), - EncryptionKey: value.MapOfStrings(config.GetAttr("encryption_key")), - OIDCBackchannelLogout: expandOIDCBackchannelLogout(d), - ClientMetadata: expandClientMetadata(d), - RefreshToken: expandClientRefreshToken(d), - JWTConfiguration: expandClientJWTConfiguration(d), - Addons: expandClientAddons(d), - NativeSocialLogin: expandClientNativeSocialLogin(d), - Mobile: expandClientMobile(d), + Name: value.String(config.GetAttr("name")), + Description: value.String(config.GetAttr("description")), + AppType: value.String(config.GetAttr("app_type")), + LogoURI: value.String(config.GetAttr("logo_uri")), + IsFirstParty: value.Bool(config.GetAttr("is_first_party")), + OIDCConformant: value.Bool(config.GetAttr("oidc_conformant")), + ClientAliases: value.Strings(config.GetAttr("client_aliases")), + Callbacks: value.Strings(config.GetAttr("callbacks")), + AllowedLogoutURLs: value.Strings(config.GetAttr("allowed_logout_urls")), + AllowedOrigins: value.Strings(config.GetAttr("allowed_origins")), + AllowedClients: value.Strings(config.GetAttr("allowed_clients")), + GrantTypes: value.Strings(config.GetAttr("grant_types")), + OrganizationUsage: value.String(config.GetAttr("organization_usage")), + OrganizationRequireBehavior: value.String(config.GetAttr("organization_require_behavior")), + WebOrigins: value.Strings(config.GetAttr("web_origins")), + RequirePushedAuthorizationRequests: value.Bool(config.GetAttr("require_pushed_authorization_requests")), + SSO: value.Bool(config.GetAttr("sso")), + SSODisabled: value.Bool(config.GetAttr("sso_disabled")), + CrossOriginAuth: value.Bool(config.GetAttr("cross_origin_auth")), + CrossOriginLocation: value.String(config.GetAttr("cross_origin_loc")), + CustomLoginPageOn: value.Bool(config.GetAttr("custom_login_page_on")), + CustomLoginPage: value.String(config.GetAttr("custom_login_page")), + FormTemplate: value.String(config.GetAttr("form_template")), + InitiateLoginURI: value.String(config.GetAttr("initiate_login_uri")), + EncryptionKey: value.MapOfStrings(config.GetAttr("encryption_key")), + OIDCBackchannelLogout: expandOIDCBackchannelLogout(d), + ClientMetadata: expandClientMetadata(d), + RefreshToken: expandClientRefreshToken(d), + JWTConfiguration: expandClientJWTConfiguration(d), + Addons: expandClientAddons(d), + NativeSocialLogin: expandClientNativeSocialLogin(d), + Mobile: expandClientMobile(d), } if !d.IsNewResource() { diff --git a/internal/auth0/client/flatten.go b/internal/auth0/client/flatten.go index 4148f38ad..44d887d61 100644 --- a/internal/auth0/client/flatten.go +++ b/internal/auth0/client/flatten.go @@ -518,6 +518,7 @@ func flattenClient(d *schema.ResourceData, client *management.Client) error { d.Set("organization_usage", client.GetOrganizationUsage()), d.Set("organization_require_behavior", client.GetOrganizationRequireBehavior()), d.Set("web_origins", client.GetWebOrigins()), + d.Set("require_pushed_authorization_requests", client.GetRequirePushedAuthorizationRequests()), d.Set("sso", client.GetSSO()), d.Set("sso_disabled", client.GetSSODisabled()), d.Set("cross_origin_auth", client.GetCrossOriginAuth()), diff --git a/internal/auth0/client/resource.go b/internal/auth0/client/resource.go index 901c713bf..48c96d054 100644 --- a/internal/auth0/client/resource.go +++ b/internal/auth0/client/resource.go @@ -246,6 +246,11 @@ func NewResource() *schema.Resource { "alphanumeric and may only include the following special characters: " + "`:,-+=_*?\"/\\()<>@ [Tab] [Space]`.", }, + "require_pushed_authorization_requests": { + Type: schema.TypeBool, + Optional: true, + Description: "Makes the use of Pushed Authorization Requests mandatory for this client.", + }, "mobile": { Type: schema.TypeList, Optional: true, diff --git a/internal/auth0/client/resource_test.go b/internal/auth0/client/resource_test.go index 3aa6cc2c2..815c6a9aa 100644 --- a/internal/auth0/client/resource_test.go +++ b/internal/auth0/client/resource_test.go @@ -460,6 +460,7 @@ resource "auth0_client" "my_client" { logo_uri = "https://example.com/logoUri" organization_require_behavior = "no_prompt" organization_usage = "deny" + require_pushed_authorization_requests = false sso = false sso_disabled = false custom_login_page_on = true @@ -491,6 +492,7 @@ resource "auth0_client" "my_client" { logo_uri = "https://another-example.com/logoUri" organization_require_behavior = "no_prompt" organization_usage = "deny" + require_pushed_authorization_requests = true sso = true sso_disabled = true custom_login_page_on = true @@ -581,6 +583,7 @@ func TestAccClient(t *testing.T) { resource.TestCheckResourceAttr("auth0_client.my_client", "organization_require_behavior", "no_prompt"), resource.TestCheckResourceAttr("auth0_client.my_client", "organization_usage", "deny"), resource.TestCheckResourceAttr("auth0_client.my_client", "sso", "false"), + resource.TestCheckResourceAttr("auth0_client.my_client", "require_pushed_authorization_requests", "false"), resource.TestCheckResourceAttr("auth0_client.my_client", "sso_disabled", "false"), resource.TestCheckResourceAttr("auth0_client.my_client", "custom_login_page_on", "true"), resource.TestCheckResourceAttr("auth0_client.my_client", "is_first_party", "true"), @@ -643,6 +646,7 @@ func TestAccClient(t *testing.T) { resource.TestCheckResourceAttr("auth0_client.my_client", "logo_uri", "https://another-example.com/logoUri"), resource.TestCheckResourceAttr("auth0_client.my_client", "organization_require_behavior", "no_prompt"), resource.TestCheckResourceAttr("auth0_client.my_client", "organization_usage", "deny"), + resource.TestCheckResourceAttr("auth0_client.my_client", "require_pushed_authorization_requests", "true"), resource.TestCheckResourceAttr("auth0_client.my_client", "sso", "true"), resource.TestCheckResourceAttr("auth0_client.my_client", "sso_disabled", "true"), resource.TestCheckResourceAttr("auth0_client.my_client", "custom_login_page_on", "true"), diff --git a/internal/auth0/tenant/expand.go b/internal/auth0/tenant/expand.go index 2a40ba488..cb44561a7 100644 --- a/internal/auth0/tenant/expand.go +++ b/internal/auth0/tenant/expand.go @@ -64,6 +64,7 @@ func expandTenantFlags(config cty.Value) *management.TenantFlags { DashboardInsightsView: value.Bool(flags.GetAttr("dashboard_insights_view")), DisableFieldsMapFix: value.Bool(flags.GetAttr("disable_fields_map_fix")), MFAShowFactorListOnEnrollment: value.Bool(flags.GetAttr("mfa_show_factor_list_on_enrollment")), + RequirePushedAuthorizationRequests: value.Bool(flags.GetAttr("require_pushed_authorization_requests")), } return stop diff --git a/internal/auth0/tenant/flatten.go b/internal/auth0/tenant/flatten.go index 4219f3cf0..90f091889 100644 --- a/internal/auth0/tenant/flatten.go +++ b/internal/auth0/tenant/flatten.go @@ -55,6 +55,7 @@ func flattenTenantFlags(flags *management.TenantFlags) []interface{} { m["dashboard_insights_view"] = flags.DashboardInsightsView m["disable_fields_map_fix"] = flags.DisableFieldsMapFix m["mfa_show_factor_list_on_enrollment"] = flags.MFAShowFactorListOnEnrollment + m["require_pushed_authorization_requests"] = flags.RequirePushedAuthorizationRequests return []interface{}{m} } diff --git a/internal/auth0/tenant/resource.go b/internal/auth0/tenant/resource.go index 185ab4c6d..69bd717c8 100644 --- a/internal/auth0/tenant/resource.go +++ b/internal/auth0/tenant/resource.go @@ -241,6 +241,12 @@ func NewResource() *schema.Resource { Computed: true, Description: "Used to allow users to pick which factor to enroll with from the list of available MFA factors.", }, + "require_pushed_authorization_requests": { + Type: schema.TypeBool, + Optional: true, + Computed: true, + Description: "Makes the use of Pushed Authorization Requests mandatory for all clients across the tenant.", + }, }, }, }, diff --git a/internal/auth0/tenant/resource_test.go b/internal/auth0/tenant/resource_test.go index 78c315769..d5e67e0ea 100644 --- a/internal/auth0/tenant/resource_test.go +++ b/internal/auth0/tenant/resource_test.go @@ -100,6 +100,7 @@ resource "auth0_tenant" "my_tenant" { disable_management_api_sms_obfuscation = false disable_fields_map_fix = false mfa_show_factor_list_on_enrollment = false + require_pushed_authorization_requests = false } session_cookie { @@ -130,6 +131,7 @@ resource "auth0_tenant" "my_tenant" { disable_management_api_sms_obfuscation = true disable_fields_map_fix = true mfa_show_factor_list_on_enrollment = true + require_pushed_authorization_requests = true } session_cookie { diff --git a/test/data/recordings/TestAccClient.yaml b/test/data/recordings/TestAccClient.yaml index 21176179b..6a4ee10d2 100644 --- a/test/data/recordings/TestAccClient.yaml +++ b/test/data/recordings/TestAccClient.yaml @@ -30,13 +30,13 @@ interactions: trailer: {} content_length: -1 uncompressed: false - body: '{"name":"Acceptance Test - TestAccClient","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' + body: '{"name":"Acceptance Test - TestAccClient","client_id":"z5h9bq52vgJJebBrvWqx5sdJjvdJ2jhj","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' headers: Content-Type: - application/json; charset=utf-8 status: 201 Created code: 201 - duration: 998.734417ms + duration: 329.331167ms - id: 1 request: proto: HTTP/1.1 @@ -56,7 +56,7 @@ interactions: - application/json User-Agent: - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/z5h9bq52vgJJebBrvWqx5sdJjvdJ2jhj method: GET response: proto: HTTP/2.0 @@ -66,13 +66,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' + body: '{"name":"Acceptance Test - TestAccClient","client_id":"z5h9bq52vgJJebBrvWqx5sdJjvdJ2jhj","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 109.099208ms + duration: 104.418125ms - id: 2 request: proto: HTTP/1.1 @@ -92,7 +92,7 @@ interactions: - application/json User-Agent: - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/z5h9bq52vgJJebBrvWqx5sdJjvdJ2jhj method: GET response: proto: HTTP/2.0 @@ -102,13 +102,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' + body: '{"name":"Acceptance Test - TestAccClient","client_id":"z5h9bq52vgJJebBrvWqx5sdJjvdJ2jhj","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 163.568584ms + duration: 111.033541ms - id: 3 request: proto: HTTP/1.1 @@ -128,7 +128,7 @@ interactions: - application/json User-Agent: - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/z5h9bq52vgJJebBrvWqx5sdJjvdJ2jhj method: GET response: proto: HTTP/2.0 @@ -138,33 +138,33 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' + body: '{"name":"Acceptance Test - TestAccClient","client_id":"z5h9bq52vgJJebBrvWqx5sdJjvdJ2jhj","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 96.457792ms + duration: 133.424917ms - id: 4 request: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 1017 + content_length: 1063 transfer_encoding: [] trailer: {} host: terraform-provider-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" body: | - {"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}} + {"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","organization_usage":"deny","organization_require_behavior":"no_prompt","require_pushed_authorization_requests":false,"oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}} form: {} headers: Content-Type: - application/json User-Agent: - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/z5h9bq52vgJJebBrvWqx5sdJjvdJ2jhj method: PATCH response: proto: HTTP/2.0 @@ -174,230 +174,14 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}}' + body: '{"signing_keys":[{"cert":"[REDACTED]"}]}' headers: Content-Type: - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 113.528042ms + status: 403 Forbidden + code: 403 + duration: 110.966458ms - id: 5 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 98.704292ms - - id: 6 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 102.95125ms - - id: 7 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 148.998209ms - - id: 8 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 662 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - {"name":"Acceptance Test - TestAccClient","description":"","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","client_metadata":{"foo":null},"initiate_login_uri":"","organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":[]}} - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF - method: PATCH - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","client_metadata":{},"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":[]}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 104.6775ms - - id: 9 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","client_metadata":{},"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":[]}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 112.776584ms - - id: 10 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"","client_id":"2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","client_metadata":{},"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":[]}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 91.738209ms - - id: 11 request: proto: HTTP/1.1 proto_major: 1 @@ -415,7 +199,7 @@ interactions: - application/json User-Agent: - Go-Auth0/1.0.0-beta.0 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/2jpgw2om3tG6WEXuJ0ZyyaVKx9B7AwLF + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/z5h9bq52vgJJebBrvWqx5sdJjvdJ2jhj method: DELETE response: proto: HTTP/2.0 @@ -431,4 +215,4 @@ interactions: - application/json; charset=utf-8 status: 204 No Content code: 204 - duration: 206.960542ms + duration: 213.719042ms