Skip to content

Commit

Permalink
Docs 3689 auth explorer update (#10394)
Browse files Browse the repository at this point in the history
* Authentication API updates

HRI addition

* Updates for Auth API Exp

HRI update
Break out client grants
#Learn More standardization
Error pages into Markdown tables

* Commits

Clean-up
Final markdown tables
addition of fapi to glossary for HRI entry

* Update _device-code.md

Duplicate Learn More

* Updates after local run review

* Last commits for final fixes

Fixes for the nav, flow files, updated error codes

* Update articles/api/authentication/index.md

Co-authored-by: Patrick Dillon <[email protected]>

* Revoke has been added the the Refresh Token page

* Update _introduction.md

* First batch of commits

* Small edits for older content

* Last commits from HRI

* Last edits for the smaller project

* Remove pending redirect

---------

Co-authored-by: Patrick Dillon <[email protected]>
Co-authored-by: Nick Gagliardi <[email protected]>
  • Loading branch information
3 people authored Apr 29, 2024
1 parent 6c832b4 commit 248e423
Show file tree
Hide file tree
Showing 38 changed files with 1,331 additions and 1,639 deletions.
8 changes: 4 additions & 4 deletions .markdownlint.json
Original file line number Diff line number Diff line change
@@ -1,20 +1,20 @@
{
"default": false,
"resultVersion": 1,
"MD001": true,
"MD001": false,
"MD002": true,
"MD003": true,
"MD005": true,
"MD006": true,
"MD011": true,
"MD012": true,
"MD012": false,
"MD018": true,
"MD019": true,
"MD023": true,
"MD024": true,
"MD024": false,
"MD025": true,
"MD027": true,
"MD031": true,
"MD031": false,
"MD034": true,
"MD035": true,
"MD037": true,
Expand Down
4 changes: 2 additions & 2 deletions articles/_includes/_http-method.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<h5 class="http-method-box">
<h3 class="http-method-box">
<span class="badge ${http_badge.toLowerCase()}" href="${link}">${http_method}</span>
<span class="path" href="${link}">${path}</span>
</h5>
</h3>
3 changes: 1 addition & 2 deletions articles/_includes/_test-this-endpoint.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
You can use our **Authentication API Debugger** extension to test this endpoint. To do so, you need to be logged in and have installed the [Authentication API Debugger extension](/extensions/authentication-api-debugger).

<!-- markdownlint-disable MD024 MD034 MD041-->
Click on **Install Debugger** to go to the article that explains how (you only have to do this once).

<%
Expand Down
6 changes: 3 additions & 3 deletions articles/api/authentication/_change-password.md
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ curl --request POST \

Send a change password email to the user's provided email address and `connection`.

Optionally, you may provide an Organization ID to support Organization-specific variables in [customized email templates](https://auth0.com/docs/customize/email/email-templates#common-variables) and to include the `organization_id` and `organization_name` parameters in the **Redirect To** URL.
Optionally, you may provide an Organization ID to support Organization-specific variables in [customized email templates](/customize/email/email-templates#common-variables) and to include the `organization_id` and `organization_name` parameters in the **Redirect To** URL.

Note: This endpoint only works for database connections.

Expand All @@ -79,9 +79,9 @@ Note: This endpoint only works for database connections.
* `X-RateLimit-Reset`: Remaining time until the rate limit (`X-RateLimit-Limit`) resets. The value is in [UTC epoch seconds](https://en.wikipedia.org/wiki/Unix_time).


### More Information
### Learn More

- [Changing a User's Password](/connections/database/password-change)
- [Password Strength in Auth0 Database Connections](/connections/database/password-strength)
- [Password Options in Auth0 Database Connections](/connections/database/password-options)
- [Auth0 API Rate Limit Policy](/policies/rate-limits)
- [Auth0 API Rate Limit Policy](/troubleshoot/customer-support/operational-policies/rate-limit-policy/rate-limit-configurations)
40 changes: 31 additions & 9 deletions articles/api/authentication/_introduction.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

The Authentication API enables you to manage all aspects of user identity when you use Auth0. It offers endpoints so your users can log in, sign up, log out, access APIs, and more.

The API supports various identity protocols, like <dfn data-key="openid">[OpenID Connect](/protocols/oidc)</dfn>, [OAuth 2.0](/protocols/oauth2), and <dfn data-key="security-assertion-markup-language">[SAML](/protocols/saml)</dfn>.
The API supports various identity protocols, like <dfn data-key="openid">[OpenID Connect](/protocols/oidc)</dfn>, <dfn data-key="oath2"> [OAuth 2.0](/protocols/oauth2)</dfn>, <dfn data-key="fapi">[FAPI](/secure/highly-regulated-identity#advanced-security-with-openid-connect-fapi-)</dfn> and <dfn data-key="security-assertion-markup-language">[SAML](/protocols/saml)</dfn>.

:::note
This API is designed for people who feel comfortable integrating with RESTful APIs. If you prefer a more guided approach check out our [Quickstarts](/quickstarts) or our [Libraries](/libraries).
Expand Down Expand Up @@ -32,7 +32,7 @@ Generate a [client assertion](https://auth0.com/docs/get-started/authentication-

### Client ID and Client Secret

Send the Client ID and Client Secret. The method you can use to send this data is determined by the [Token Endpoint Authentication Method](https://auth0.com/docs/get-started/applications/confidential-and-public-applications/view-application-type) configured for your application.
Send the Client ID and Client Secret. The method you can use to send this data is determined by the [Token Endpoint Authentication Method](/get-started/applications/confidential-and-public-applications/view-application-type) configured for your application.

If you are using **Post**, you must send this data in the JSON body of your request.

Expand All @@ -44,7 +44,7 @@ An example is the [Revoke Refresh Token endpoint](#revoke-refresh-token). This o

Send the Client ID. For public applications (applications that cannot hold credentials securely, such as SPAs or mobile apps), we offer some endpoints that can be accessed using only the Client ID.

An example is the [Implicit Grant](#implicit-grant).
An example is the [Implicit Grant](#implicit-flow).

### mTLS Authentication

Expand Down Expand Up @@ -85,16 +85,38 @@ Each request should be sent with a Content-Type of `application/json`.

You can test the endpoints using the [Authentication API Debugger](/extensions/authentication-api-debugger).

### Test with the Authentication API Debugger
### Authentication API Debugger

The [Authentication API Debugger](/extensions/authentication-api-debugger) is an Auth0 extension you can use to test several endpoints of the Authentication API.

If it's the first time you use it, you have to install it using the [dashboard](${manage_url}/#/extensions). Once you do, you are ready to configure your app's settings and run your tests.
<%= include('../../_includes/_test-this-endpoint') %>

### Configure Connections

1. On the *Configuration* tab, set the fields **Application** (select the application you want to use for the test) and **Connection** (the name of the social connection to use).

1. Copy the <dfn data-key="callback">**Callback URL**</dfn> and set it as part of the **Allowed Callback URLs** of your [Application Settings](${manage_url}/#/applications).

1. At the *OAuth2 / OIDC* tab, select **OAuth2 / OIDC Login**.

### Use Authentication API Debugger
Configure other endpoints with the following options:

- Passwordless: On the *OAuth2 / OIDC* tab, set **Username** to the user's phone number if `connection=sms`, or the user's email if `connection=email`, and **Password** to the user's verification code. Click **Resource Owner Endpoint**.
- SAML SSO: On the *Other Flows* tab, select **SAML**.
- WS-Federation: On the *Other Flows* tab, select **WS-Federation**.
- Logout: On the *Other Flows* tab, select **Logout**, or **Logout (Federated)** to log the user out of the identity provider as well.
- Legacy Login: On the *OAuth2 / OIDC* tab, set the fields **ID Token**, **Refresh Token** and **Target Client ID**. Click **Delegation**.
- Legacy Delegation: On the *OAuth2 / OIDC* tab, set **Username** and **Password**. Click **Resource Owner Endpoint**.
- Legacy Resource Owner: On the *OAuth2 / OIDC* tab, set the **Username** and **Password**, then select **Resource Owner Endpoint**.

### Use Authentication API Debugger with authentications flows

Configure authentication flows with the following options:
- Authorization Code Flow: On the *OAuth2 / OIDC* tab, set the field **Authorization Code** to the code you retrieved from [Authorization Code Grant](/get-started/authentication-and-authorization-flow/authorization-code-flow), and the **Code Verifier** to the key. Click **OAuth2 Code Exchange**.
- Authorization Code Flow + PKCE: On the *OAuth2 / OIDC* tab, set the field **Authorization Code** to the code you retrieved from [Authorization Code Grant](/get-started/authentication-and-authorization-flow/authorization-code-flow-with-pkce), and the **Code Verifier** to the key. Click **OAuth2 Code Exchange**.
- Client Credential Flow: On the *OAuth2 / OIDC* tab, select **OAuth2 Client Credentials**.

Note that its URL varies according to your tenant's region:
- <a href="https://${account.tenant}.us.webtask.io/auth0-authentication-api-debugger" target="_blank">US West</a>
- <a href="https://${account.tenant}.eu.webtask.io/auth0-authentication-api-debugger" target="_blank">Europe Central</a>
- <a href="https://${account.tenant}.au.webtask.io/auth0-authentication-api-debugger" target="_blank">Australia</a>

## Errors

Expand Down
Loading

0 comments on commit 248e423

Please sign in to comment.