Skip to content

Commit

Permalink
Updated (#10408)
Browse files Browse the repository at this point in the history
Updated spacing, incorrectly tagged badges in error, and full links showing as external. Also, missed updating the API Debugger headings
  • Loading branch information
avanscoy committed May 1, 2024
1 parent 248e423 commit 06c64f1
Show file tree
Hide file tree
Showing 16 changed files with 14 additions and 24 deletions.
10 changes: 5 additions & 5 deletions articles/api/authentication/_introduction.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,15 +48,15 @@ An example is the [Implicit Grant](#implicit-flow).

### mTLS Authentication

Generate a certificate, either [self-signed](https://auth0.com/docs/get-started/applications/configure-mtls/configure-mtls-for-a-client#self-signed-certificates) or [certificate authority signed](https://auth0.com/docs/get-started/applications/configure-mtls/configure-mtls-for-a-client#certificate-authority-signed-certificates). Then, [set up the customer edge network](https://auth0.com/docs/get-started/applications/configure-mtls/set-up-the-customer-edge) that performs the mTLS handshake.
Generate a certificate, either [self-signed](/get-started/applications/configure-mtls/configure-mtls-for-a-client#self-signed-certificates) or [certificate authority signed](/get-started/applications/configure-mtls/configure-mtls-for-a-client#certificate-authority-signed-certificates). Then, [set up the customer edge network](/get-started/applications/configure-mtls/set-up-the-customer-edge) that performs the mTLS handshake.

Once your edge network verifies the certificate, forward the request to the Auth0 edge network with the following headers:

- The Custom Domain API key as the `cname-api-key` header.
- The client certificate as the `client-certificate` header.
- The client certificate CA verification status as the `client-certificate-ca-verified` header. For more information, see [Forward the Request](https://auth0.com/docs/get-started/applications/configure-mtls/set-up-the-customer-edge#forward-the-request-).
- The client certificate CA verification status as the `client-certificate-ca-verified` header. For more information, see [Forward the Request](/get-started/applications/configure-mtls/set-up-the-customer-edge#forward-the-request-).

To learn more, read [Authenticate with mTLS](https://auth0.com/docs/get-started/authentication-and-authorization-flow/authenticate-with-mtls).
To learn more, read [Authenticate with mTLS](/get-started/authentication-and-authorization-flow/authenticate-with-mtls).

## Parameters

Expand Down Expand Up @@ -99,7 +99,7 @@ The [Authentication API Debugger](/extensions/authentication-api-debugger) is an

1. At the *OAuth2 / OIDC* tab, select **OAuth2 / OIDC Login**.

### Use Authentication API Debugger
### Endpoint options
Configure other endpoints with the following options:

- Passwordless: On the *OAuth2 / OIDC* tab, set **Username** to the user's phone number if `connection=sms`, or the user's email if `connection=email`, and **Password** to the user's verification code. Click **Resource Owner Endpoint**.
Expand All @@ -110,7 +110,7 @@ Configure other endpoints with the following options:
- Legacy Delegation: On the *OAuth2 / OIDC* tab, set **Username** and **Password**. Click **Resource Owner Endpoint**.
- Legacy Resource Owner: On the *OAuth2 / OIDC* tab, set the **Username** and **Password**, then select **Resource Owner Endpoint**.

### Use Authentication API Debugger with authentications flows
### Authentications flows

Configure authentication flows with the following options:
- Authorization Code Flow: On the *OAuth2 / OIDC* tab, set the field **Authorization Code** to the code you retrieved from [Authorization Code Grant](/get-started/authentication-and-authorization-flow/authorization-code-flow), and the **Code Verifier** to the key. Click **OAuth2 Code Exchange**.
Expand Down
1 change: 0 additions & 1 deletion articles/api/authentication/_login.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
<!-- markdownlint-disable MD024 MD033 -->

# Login

<%= include('../../_includes/_http-method', {
Expand Down
2 changes: 1 addition & 1 deletion articles/api/authentication/_logout.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Logout

## Auth0 Logout

<%= include('../../_includes/_http-method', {
"http_badge": "badge-primary",
"http_method": "GET",
Expand Down
1 change: 0 additions & 1 deletion articles/api/authentication/_userinfo.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# User Profile

## Get User Info

```http
Expand Down
1 change: 0 additions & 1 deletion articles/api/authentication/_wsfed-req.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# WS-Federation

## Accept Request

```http
Expand Down
1 change: 0 additions & 1 deletion articles/api/authentication/api-authz/_auth-code-flow.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# Authorization Code Flow

## Authorize

```http
Expand Down
2 changes: 1 addition & 1 deletion articles/api/authentication/api-authz/_auth-code-pkce.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Authorization Code Flow with PKCE

## Authorize

```http
GET https://${account.namespace}/authorize?
audience=API_IDENTIFIER&
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# Client Credential Flow

## Get Token

```http
Expand Down
1 change: 0 additions & 1 deletion articles/api/authentication/api-authz/_device-code.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# Device Authorization Flow

## Authorize

```http
Expand Down
8 changes: 4 additions & 4 deletions articles/api/authentication/api-authz/_highly-regulated.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
# Authorization Code Flow with Enhanced Privacy Protection

## Push Authorization Requests (PAR)

<%= include('../../../_includes/_http-method', {
Expand Down Expand Up @@ -85,13 +86,12 @@ Content-Type: application/json
::: note
Highly Regulated Identity is currently available for Enterprise customers under Limited Early Access. To learn more about this program, contact [Auth0 Support](http://support.auth0.com/).
:::
<br></br>

Authorization Code Flow with [Pushed Authorization Requests (PAR)](/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-par) uses the `/oauth/par` endpoint to allow applications to send the authorization parameters usually sent in a `GET` request to `/authorize`. PAR uses a POST method from the backend to keep parameter values secure. The `/oauth/par` endpoint accepts all authorization parameters which can be proivided to `/authorize`. Assuming the call to the `/oauth/par` endpoint is valid, Auth0 will respond with a `redirect_uri` value that can be used as a parameter for the `/authorize` endpoint.

Assuming the call to the `/oauth/par` endpoint is valid, Auth0 will respond with a `redirect_uri` value also used as a parameter for the `/authorize` endpoint. To learn more about configuring PAR, read [Configure Pushed Authorization Requests (PAR)](/get-started/applications/configure-par).

## Request Parameters
### Request Parameters
| Parameter | Description |
|:-----------------|:------------|
|`authorization_details`| Requested permissions for each resource. Similar to scopes. To learn more, read [RAR reference documention](https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-rar). |
Expand All @@ -108,7 +108,7 @@ Assuming the call to the `/oauth/par` endpoint is valid, Auth0 will respond with
| `prompt` | Can be used to force a particular prompt to display, e.g. `prompt=consent` will always display the consent prompt.|
| `organization` | ID of the organization to use when authenticating a user. When not provided, if your application is configured to **Display Organization Prompt**, the user will be able to enter the organization name when authenticating. |

## Remarks
### Remarks
- To make a call to the PAR endpoint, you must:
- Set the request content type as `application/x-www-form-urlencoded`
- Use `strings` for all passed parameters
Expand Down Expand Up @@ -142,7 +142,7 @@ The `/authorize` endpoint will respond based on the parameters passed to the `/o
| `client_id` <br/><span class="label label-danger">Required</span> | The `client_id` of your application. |
| `request_uri` <br/><span class="label label-danger">Required</span> | The `request_uri` value that was received from the `/oauth/par` endpoint. |

### Exchange an Authorization Code for a Token
## Exchange an Authorization Code for a Token

<%= include('../../../_includes/_http-method', {
"http_badge": "badge-primary",
Expand Down
1 change: 0 additions & 1 deletion articles/api/authentication/api-authz/_implicit.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# Implicit Flow

## Authorize

```http
Expand Down
2 changes: 1 addition & 1 deletion articles/api/authentication/api-authz/_resource-owner.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Resource Owner Password Flow

## Get Token

```http
POST https://${account.namespace}/oauth/token
Content-Type: application/x-www-form-urlencoded
Expand Down
4 changes: 2 additions & 2 deletions articles/api/authentication/errors/_oauth-revoke.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@
| Status | JSON Response |
| :--------------- | :------------ |
|<span class="badge badge-info">200</span> Success | `{"error": "invalid_request", "error_description": "..."}`</br> The <dfn data-key="refresh-token">Refresh Token</dfn> is revoked, does not exist, or was not issued to the client making the revocation request|
|<span class="badge badge-info">400</span> Bad Request | `{"error": "invalid_request", "error_description": "..."}` he required parameters were not sent in the request.|
|<span class="badge badge-info">401</span> Unauthorized | `{"error": "invalid_client", "error_description": "..."}`</br> The request is not authorized. Check that the client credentials `client_id` and client_secret` are present in the request and hold valid values. |
|<span class="badge badge-danger">400</span> Bad Request | `{"error": "invalid_request", "error_description": "..."}` The required parameters were not sent in the request.|
|<span class="badge badge-danger">401</span> Unauthorized | `{"error": "invalid_client", "error_description": "..."}`</br> The request is not authorized. Check that the client credentials `client_id` and client_secret` are present in the request and hold valid values. |
1 change: 0 additions & 1 deletion articles/api/authentication/legacy/_linking.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# Account Linking

## Link

::: warning
Expand Down
1 change: 0 additions & 1 deletion articles/api/authentication/legacy/_login.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
<!-- markdownlint-disable -->
# Login

## Social with Provider's Access Token

```http
Expand Down
1 change: 0 additions & 1 deletion articles/api/authentication/legacy/_userinfo.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
<!-- markdownlint-disable MD024 MD033 -->

# User Profile

## Get Token Info

```http
Expand Down

0 comments on commit 06c64f1

Please sign in to comment.