From 06c64f129b8ba1be9ba41a4ee4b0deac17aced0b Mon Sep 17 00:00:00 2001 From: Amanda VS Date: Wed, 1 May 2024 13:32:54 -0400 Subject: [PATCH] Updated (#10408) Updated spacing, incorrectly tagged badges in error, and full links showing as external. Also, missed updating the API Debugger headings --- articles/api/authentication/_introduction.md | 10 +++++----- articles/api/authentication/_login.md | 1 - articles/api/authentication/_logout.md | 2 +- articles/api/authentication/_userinfo.md | 1 - articles/api/authentication/_wsfed-req.md | 1 - .../api/authentication/api-authz/_auth-code-flow.md | 1 - .../api/authentication/api-authz/_auth-code-pkce.md | 2 +- .../api/authentication/api-authz/_client-credential.md | 1 - articles/api/authentication/api-authz/_device-code.md | 1 - .../api/authentication/api-authz/_highly-regulated.md | 8 ++++---- articles/api/authentication/api-authz/_implicit.md | 1 - .../api/authentication/api-authz/_resource-owner.md | 2 +- articles/api/authentication/errors/_oauth-revoke.md | 4 ++-- articles/api/authentication/legacy/_linking.md | 1 - articles/api/authentication/legacy/_login.md | 1 - articles/api/authentication/legacy/_userinfo.md | 1 - 16 files changed, 14 insertions(+), 24 deletions(-) diff --git a/articles/api/authentication/_introduction.md b/articles/api/authentication/_introduction.md index 0e9b16db4c..0df041af98 100644 --- a/articles/api/authentication/_introduction.md +++ b/articles/api/authentication/_introduction.md @@ -48,15 +48,15 @@ An example is the [Implicit Grant](#implicit-flow). ### mTLS Authentication -Generate a certificate, either [self-signed](https://auth0.com/docs/get-started/applications/configure-mtls/configure-mtls-for-a-client#self-signed-certificates) or [certificate authority signed](https://auth0.com/docs/get-started/applications/configure-mtls/configure-mtls-for-a-client#certificate-authority-signed-certificates). Then, [set up the customer edge network](https://auth0.com/docs/get-started/applications/configure-mtls/set-up-the-customer-edge) that performs the mTLS handshake. +Generate a certificate, either [self-signed](/get-started/applications/configure-mtls/configure-mtls-for-a-client#self-signed-certificates) or [certificate authority signed](/get-started/applications/configure-mtls/configure-mtls-for-a-client#certificate-authority-signed-certificates). Then, [set up the customer edge network](/get-started/applications/configure-mtls/set-up-the-customer-edge) that performs the mTLS handshake. Once your edge network verifies the certificate, forward the request to the Auth0 edge network with the following headers: - The Custom Domain API key as the `cname-api-key` header. - The client certificate as the `client-certificate` header. -- The client certificate CA verification status as the `client-certificate-ca-verified` header. For more information, see [Forward the Request](https://auth0.com/docs/get-started/applications/configure-mtls/set-up-the-customer-edge#forward-the-request-). +- The client certificate CA verification status as the `client-certificate-ca-verified` header. For more information, see [Forward the Request](/get-started/applications/configure-mtls/set-up-the-customer-edge#forward-the-request-). -To learn more, read [Authenticate with mTLS](https://auth0.com/docs/get-started/authentication-and-authorization-flow/authenticate-with-mtls). +To learn more, read [Authenticate with mTLS](/get-started/authentication-and-authorization-flow/authenticate-with-mtls). ## Parameters @@ -99,7 +99,7 @@ The [Authentication API Debugger](/extensions/authentication-api-debugger) is an 1. At the *OAuth2 / OIDC* tab, select **OAuth2 / OIDC Login**. -### Use Authentication API Debugger +### Endpoint options Configure other endpoints with the following options: - Passwordless: On the *OAuth2 / OIDC* tab, set **Username** to the user's phone number if `connection=sms`, or the user's email if `connection=email`, and **Password** to the user's verification code. Click **Resource Owner Endpoint**. @@ -110,7 +110,7 @@ Configure other endpoints with the following options: - Legacy Delegation: On the *OAuth2 / OIDC* tab, set **Username** and **Password**. Click **Resource Owner Endpoint**. - Legacy Resource Owner: On the *OAuth2 / OIDC* tab, set the **Username** and **Password**, then select **Resource Owner Endpoint**. -### Use Authentication API Debugger with authentications flows +### Authentications flows Configure authentication flows with the following options: - Authorization Code Flow: On the *OAuth2 / OIDC* tab, set the field **Authorization Code** to the code you retrieved from [Authorization Code Grant](/get-started/authentication-and-authorization-flow/authorization-code-flow), and the **Code Verifier** to the key. Click **OAuth2 Code Exchange**. diff --git a/articles/api/authentication/_login.md b/articles/api/authentication/_login.md index 8dd70dbe3a..aede82e860 100644 --- a/articles/api/authentication/_login.md +++ b/articles/api/authentication/_login.md @@ -1,5 +1,4 @@ - # Login <%= include('../../_includes/_http-method', { diff --git a/articles/api/authentication/_logout.md b/articles/api/authentication/_logout.md index f14e9184e5..751cd42692 100644 --- a/articles/api/authentication/_logout.md +++ b/articles/api/authentication/_logout.md @@ -1,6 +1,6 @@ # Logout - ## Auth0 Logout + <%= include('../../_includes/_http-method', { "http_badge": "badge-primary", "http_method": "GET", diff --git a/articles/api/authentication/_userinfo.md b/articles/api/authentication/_userinfo.md index d636bbb3d5..b1ba9ef668 100644 --- a/articles/api/authentication/_userinfo.md +++ b/articles/api/authentication/_userinfo.md @@ -1,5 +1,4 @@ # User Profile - ## Get User Info ```http diff --git a/articles/api/authentication/_wsfed-req.md b/articles/api/authentication/_wsfed-req.md index e2e4005875..c8e94025b2 100644 --- a/articles/api/authentication/_wsfed-req.md +++ b/articles/api/authentication/_wsfed-req.md @@ -1,5 +1,4 @@ # WS-Federation - ## Accept Request ```http diff --git a/articles/api/authentication/api-authz/_auth-code-flow.md b/articles/api/authentication/api-authz/_auth-code-flow.md index 01732638b9..2a3e3d4f27 100644 --- a/articles/api/authentication/api-authz/_auth-code-flow.md +++ b/articles/api/authentication/api-authz/_auth-code-flow.md @@ -1,5 +1,4 @@ # Authorization Code Flow - ## Authorize ```http diff --git a/articles/api/authentication/api-authz/_auth-code-pkce.md b/articles/api/authentication/api-authz/_auth-code-pkce.md index 8c3d58f5cf..23edc9a190 100644 --- a/articles/api/authentication/api-authz/_auth-code-pkce.md +++ b/articles/api/authentication/api-authz/_auth-code-pkce.md @@ -1,6 +1,6 @@ # Authorization Code Flow with PKCE - ## Authorize + ```http GET https://${account.namespace}/authorize? audience=API_IDENTIFIER& diff --git a/articles/api/authentication/api-authz/_client-credential.md b/articles/api/authentication/api-authz/_client-credential.md index d80df51e58..99de17f1d3 100644 --- a/articles/api/authentication/api-authz/_client-credential.md +++ b/articles/api/authentication/api-authz/_client-credential.md @@ -1,5 +1,4 @@ # Client Credential Flow - ## Get Token ```http diff --git a/articles/api/authentication/api-authz/_device-code.md b/articles/api/authentication/api-authz/_device-code.md index 1fc4a27933..11a26b9470 100644 --- a/articles/api/authentication/api-authz/_device-code.md +++ b/articles/api/authentication/api-authz/_device-code.md @@ -1,5 +1,4 @@ # Device Authorization Flow - ## Authorize ```http diff --git a/articles/api/authentication/api-authz/_highly-regulated.md b/articles/api/authentication/api-authz/_highly-regulated.md index b013129593..e9170a0461 100644 --- a/articles/api/authentication/api-authz/_highly-regulated.md +++ b/articles/api/authentication/api-authz/_highly-regulated.md @@ -1,4 +1,5 @@ # Authorization Code Flow with Enhanced Privacy Protection + ## Push Authorization Requests (PAR) <%= include('../../../_includes/_http-method', { @@ -85,13 +86,12 @@ Content-Type: application/json ::: note Highly Regulated Identity is currently available for Enterprise customers under Limited Early Access. To learn more about this program, contact [Auth0 Support](http://support.auth0.com/). ::: -

Authorization Code Flow with [Pushed Authorization Requests (PAR)](/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-par) uses the `/oauth/par` endpoint to allow applications to send the authorization parameters usually sent in a `GET` request to `/authorize`. PAR uses a POST method from the backend to keep parameter values secure. The `/oauth/par` endpoint accepts all authorization parameters which can be proivided to `/authorize`. Assuming the call to the `/oauth/par` endpoint is valid, Auth0 will respond with a `redirect_uri` value that can be used as a parameter for the `/authorize` endpoint. Assuming the call to the `/oauth/par` endpoint is valid, Auth0 will respond with a `redirect_uri` value also used as a parameter for the `/authorize` endpoint. To learn more about configuring PAR, read [Configure Pushed Authorization Requests (PAR)](/get-started/applications/configure-par). -## Request Parameters +### Request Parameters | Parameter | Description | |:-----------------|:------------| |`authorization_details`| Requested permissions for each resource. Similar to scopes. To learn more, read [RAR reference documention](https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-rar). | @@ -108,7 +108,7 @@ Assuming the call to the `/oauth/par` endpoint is valid, Auth0 will respond with | `prompt` | Can be used to force a particular prompt to display, e.g. `prompt=consent` will always display the consent prompt.| | `organization` | ID of the organization to use when authenticating a user. When not provided, if your application is configured to **Display Organization Prompt**, the user will be able to enter the organization name when authenticating. | -## Remarks +### Remarks - To make a call to the PAR endpoint, you must: - Set the request content type as `application/x-www-form-urlencoded` - Use `strings` for all passed parameters @@ -142,7 +142,7 @@ The `/authorize` endpoint will respond based on the parameters passed to the `/o | `client_id`
Required | The `client_id` of your application. | | `request_uri`
Required | The `request_uri` value that was received from the `/oauth/par` endpoint. | -### Exchange an Authorization Code for a Token +## Exchange an Authorization Code for a Token <%= include('../../../_includes/_http-method', { "http_badge": "badge-primary", diff --git a/articles/api/authentication/api-authz/_implicit.md b/articles/api/authentication/api-authz/_implicit.md index a938f156f3..a6bf10fdb7 100644 --- a/articles/api/authentication/api-authz/_implicit.md +++ b/articles/api/authentication/api-authz/_implicit.md @@ -1,5 +1,4 @@ # Implicit Flow - ## Authorize ```http diff --git a/articles/api/authentication/api-authz/_resource-owner.md b/articles/api/authentication/api-authz/_resource-owner.md index 12aa1927eb..c8ce53f4ab 100644 --- a/articles/api/authentication/api-authz/_resource-owner.md +++ b/articles/api/authentication/api-authz/_resource-owner.md @@ -1,6 +1,6 @@ # Resource Owner Password Flow - ## Get Token + ```http POST https://${account.namespace}/oauth/token Content-Type: application/x-www-form-urlencoded diff --git a/articles/api/authentication/errors/_oauth-revoke.md b/articles/api/authentication/errors/_oauth-revoke.md index 5b97ccb4f9..cbca1e2779 100644 --- a/articles/api/authentication/errors/_oauth-revoke.md +++ b/articles/api/authentication/errors/_oauth-revoke.md @@ -3,5 +3,5 @@ | Status | JSON Response | | :--------------- | :------------ | |200 Success | `{"error": "invalid_request", "error_description": "..."}`
The Refresh Token is revoked, does not exist, or was not issued to the client making the revocation request| -|400 Bad Request | `{"error": "invalid_request", "error_description": "..."}` he required parameters were not sent in the request.| -|401 Unauthorized | `{"error": "invalid_client", "error_description": "..."}`
The request is not authorized. Check that the client credentials `client_id` and client_secret` are present in the request and hold valid values. | \ No newline at end of file +|400 Bad Request | `{"error": "invalid_request", "error_description": "..."}` The required parameters were not sent in the request.| +|401 Unauthorized | `{"error": "invalid_client", "error_description": "..."}`
The request is not authorized. Check that the client credentials `client_id` and client_secret` are present in the request and hold valid values. | \ No newline at end of file diff --git a/articles/api/authentication/legacy/_linking.md b/articles/api/authentication/legacy/_linking.md index a100e26e04..0e4b6657ce 100644 --- a/articles/api/authentication/legacy/_linking.md +++ b/articles/api/authentication/legacy/_linking.md @@ -1,5 +1,4 @@ # Account Linking - ## Link ::: warning diff --git a/articles/api/authentication/legacy/_login.md b/articles/api/authentication/legacy/_login.md index 6396f6b091..4c197080e9 100644 --- a/articles/api/authentication/legacy/_login.md +++ b/articles/api/authentication/legacy/_login.md @@ -1,6 +1,5 @@ # Login - ## Social with Provider's Access Token ```http diff --git a/articles/api/authentication/legacy/_userinfo.md b/articles/api/authentication/legacy/_userinfo.md index 13f5c8a8c1..d35e12a99e 100644 --- a/articles/api/authentication/legacy/_userinfo.md +++ b/articles/api/authentication/legacy/_userinfo.md @@ -1,7 +1,6 @@ # User Profile - ## Get Token Info ```http