feat: add on_behalf_of_token_exchange support to client token_exchange schema

[ankita10119]

This PR extends the Auth0 Deploy CLI to support the On-Behalf-Of (OBO) Token Exchange feature, which allows MCP servers and backend APIs to exchange an incoming user-bound access token for a new token scoped to a downstream first-party API, preserving user identity (sub) and actor attribution (act)

🔧 Changes

The token_exchange object on clients was introduced to support Custom Token Exchange (custom_authentication). OBO Token Exchange reuses the same client-level toggle mechanism but targets a different flow: instead of exchanging an external/custom token, the MCP server exchanges an Auth0-issued access token (scoped to itself) for a short-lived token scoped to a downstream API.

src/tools/auth0/handlers/clients.ts

Adds on_behalf_of_token_exchange as a valid value in the token_exchange.allow_any_profile_of_type enum in the client JSON schema:

• enum: ['custom_authentication']

• enum: ['custom_authentication', 'on_behalf_of_token_exchange']

This allows tenant configurations managed via Deploy CLI to declare the OBO toggle on a client, enabling it to perform token exchanges using the urn:ietf:params:oauth:grant-type:token-exchange grant type.

test/tools/auth0/handlers/clients.tests.js

Adds two new test cases covering the full lifecycle of the new profile type

📚 References

🔬 Testing

📝 Checklist

• All new/changed/fixed functionality is covered by tests (or N/A)
• I have added documentation for all new/changed functionality (or N/A)

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 80.15%. Comparing base (6856564) to head (e162951).

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #1366   +/-   ##
=======================================
  Coverage   80.15%   80.15%           
=======================================
  Files         152      152           
  Lines        6319     6319           
  Branches     1328     1328           
=======================================
  Hits         5065     5065           
  Misses        708      708           
  Partials      546      546           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.