import type { BaseClientOptions, BaseRequestOptions } from "../../../../BaseClient.js"; import { type NormalizedClientOptionsWithAuth } from "../../../../BaseClient.js"; import * as core from "../../../../core/index.js"; import * as Management from "../../../index.js"; import { ConnectionsClient } from "../resources/connections/client/Client.js"; import { CredentialsClient } from "../resources/credentials/client/Client.js"; export declare namespace ClientsClient { type Options = BaseClientOptions; interface RequestOptions extends BaseRequestOptions { } } export declare class ClientsClient { protected readonly _options: NormalizedClientOptionsWithAuth; protected _credentials: CredentialsClient | undefined; protected _connections: ConnectionsClient | undefined; constructor(options: ClientsClient.Options); get credentials(): CredentialsClient; get connections(): ConnectionsClient; /** * Retrieve clients (applications and SSO integrations) matching provided filters. A list of fields to include or exclude may also be specified. * For more information, read Applications in Auth0 and Single Sign-On. * *

* The following can be retrieved with any scope: * client_id, app_type, name, and description. *
* The following properties can only be retrieved with the read:clients or * read:client_keys scope: * callbacks, oidc_logout, allowed_origins, * web_origins, tenant, global, config_route, * callback_url_template, jwt_configuration, * jwt_configuration.lifetime_in_seconds, jwt_configuration.secret_encoded, * jwt_configuration.scopes, jwt_configuration.alg, api_type, * logo_uri, allowed_clients, owners, custom_login_page, * custom_login_page_off, sso, addons, form_template, * custom_login_page_codeview, resource_servers, client_metadata, * mobile, mobile.android, mobile.ios, allowed_logout_urls, * token_endpoint_auth_method, is_first_party, oidc_conformant, * is_token_endpoint_ip_header_trusted, initiate_login_uri, grant_types, * refresh_token, refresh_token.rotation_type, refresh_token.expiration_type, * refresh_token.leeway, refresh_token.token_lifetime, refresh_token.policies, organization_usage, * organization_require_behavior. *
* The following properties can only be retrieved with the * read:client_keys or read:client_credentials scope: * encryption_key, encryption_key.pub, encryption_key.cert, * client_secret, client_authentication_methods and signing_key. *

* * @param {Management.ListClientsRequestParameters} request * @param {ClientsClient.RequestOptions} requestOptions - Request-specific configuration. * * @throws {@link Management.BadRequestError} * @throws {@link Management.UnauthorizedError} * @throws {@link Management.ForbiddenError} * @throws {@link Management.TooManyRequestsError} * * @example * await client.clients.list({ * fields: "fields", * include_fields: true, * page: 1, * per_page: 1, * include_totals: true, * is_global: true, * is_first_party: true, * app_type: "app_type", * external_client_id: "external_client_id", * q: "q" * }) */ list(request?: Management.ListClientsRequestParameters, requestOptions?: ClientsClient.RequestOptions): Promise>; /** * Create a new client (application or SSO integration). For more information, read Create Applications * API Endpoints for Single Sign-On. * * Notes: * - We recommend leaving the `client_secret` parameter unspecified to allow the generation of a safe secret. * - The client_authentication_methods and token_endpoint_auth_method properties are mutually exclusive. Use * client_authentication_methods to configure the client with Private Key JWT authentication method. Otherwise, use token_endpoint_auth_method * to configure the client with client secret (basic or post) or with no authentication method (none). * - When using client_authentication_methods to configure the client with Private Key JWT authentication method, specify fully defined credentials. * These credentials will be automatically enabled for Private Key JWT authentication on the client. * - To configure client_authentication_methods, the create:client_credentials scope is required. * - To configure client_authentication_methods, the property jwt_configuration.alg must be set to RS256. * *

SSO Integrations created via this endpoint will accept login requests and share user profile information.

* * @param {Management.CreateClientRequestContent} request * @param {ClientsClient.RequestOptions} requestOptions - Request-specific configuration. * * @throws {@link Management.BadRequestError} * @throws {@link Management.UnauthorizedError} * @throws {@link Management.ForbiddenError} * @throws {@link Management.ConflictError} * @throws {@link Management.TooManyRequestsError} * * @example * await client.clients.create({ * name: "name" * }) */ create(request: Management.CreateClientRequestContent, requestOptions?: ClientsClient.RequestOptions): core.HttpResponsePromise; private __create; /** * * Fetches and validates a Client ID Metadata Document without creating a client. * Returns the raw metadata and how it would be mapped to Auth0 client fields. * This endpoint is useful for testing metadata URIs before creating CIMD clients. * * * @param {Management.PreviewCimdMetadataRequestContent} request * @param {ClientsClient.RequestOptions} requestOptions - Request-specific configuration. * * @throws {@link Management.BadRequestError} * @throws {@link Management.UnauthorizedError} * @throws {@link Management.ForbiddenError} * @throws {@link Management.TooManyRequestsError} * @throws {@link Management.InternalServerError} * * @example * await client.clients.previewCimdMetadata({ * external_client_id: "external_client_id" * }) */ previewCimdMetadata(request: Management.PreviewCimdMetadataRequestContent, requestOptions?: ClientsClient.RequestOptions): core.HttpResponsePromise; private __previewCimdMetadata; /** * * Idempotent registration for Client ID Metadata Document (CIMD) clients. * Uses external_client_id as the unique identifier for upsert operations. * **Create:** Returns 201 when a new client is created (requires \ * * @param {Management.RegisterCimdClientRequestContent} request * @param {ClientsClient.RequestOptions} requestOptions - Request-specific configuration. * * @throws {@link Management.BadRequestError} * @throws {@link Management.UnauthorizedError} * @throws {@link Management.ForbiddenError} * @throws {@link Management.TooManyRequestsError} * @throws {@link Management.InternalServerError} * * @example * await client.clients.registerCimdClient({ * external_client_id: "external_client_id" * }) */ registerCimdClient(request: Management.RegisterCimdClientRequestContent, requestOptions?: ClientsClient.RequestOptions): core.HttpResponsePromise; private __registerCimdClient; /** * Retrieve client details by ID. Clients are SSO connections or Applications linked with your Auth0 tenant. A list of fields to include or exclude may also be specified. * For more information, read Applications in Auth0 and Single Sign-On. *

* The following properties can be retrieved with any of the scopes: * client_id, app_type, name, and description. *
* The following properties can only be retrieved with the read:clients or * read:client_keys scopes: * callbacks, oidc_logout, allowed_origins, * web_origins, tenant, global, config_route, * callback_url_template, jwt_configuration, * jwt_configuration.lifetime_in_seconds, jwt_configuration.secret_encoded, * jwt_configuration.scopes, jwt_configuration.alg, api_type, * logo_uri, allowed_clients, owners, custom_login_page, * custom_login_page_off, sso, addons, form_template, * custom_login_page_codeview, resource_servers, client_metadata, * mobile, mobile.android, mobile.ios, allowed_logout_urls, * token_endpoint_auth_method, is_first_party, oidc_conformant, * is_token_endpoint_ip_header_trusted, initiate_login_uri, grant_types, * refresh_token, refresh_token.rotation_type, refresh_token.expiration_type, * refresh_token.leeway, refresh_token.token_lifetime, refresh_token.policies, organization_usage, * organization_require_behavior. *
* The following properties can only be retrieved with the read:client_keys or read:client_credentials scopes: * encryption_key, encryption_key.pub, encryption_key.cert, * client_secret, client_authentication_methods and signing_key. *

* * @param {string} id - ID of the client to retrieve. * @param {Management.GetClientRequestParameters} request * @param {ClientsClient.RequestOptions} requestOptions - Request-specific configuration. * * @throws {@link Management.BadRequestError} * @throws {@link Management.UnauthorizedError} * @throws {@link Management.ForbiddenError} * @throws {@link Management.NotFoundError} * @throws {@link Management.TooManyRequestsError} * * @example * await client.clients.get("id", { * fields: "fields", * include_fields: true * }) */ get(id: string, request?: Management.GetClientRequestParameters, requestOptions?: ClientsClient.RequestOptions): core.HttpResponsePromise; private __get; /** * Delete a client and related configuration (rules, connections, etc). * * @param {string} id - ID of the client to delete. * @param {ClientsClient.RequestOptions} requestOptions - Request-specific configuration. * * @throws {@link Management.BadRequestError} * @throws {@link Management.UnauthorizedError} * @throws {@link Management.ForbiddenError} * @throws {@link Management.TooManyRequestsError} * * @example * await client.clients.delete("id") */ delete(id: string, requestOptions?: ClientsClient.RequestOptions): core.HttpResponsePromise; private __delete; /** * Updates a client's settings. For more information, read Applications in Auth0 and Single Sign-On. * * Notes: * - The `client_secret` and `signing_key` attributes can only be updated with the `update:client_keys` scope. * - The client_authentication_methods and token_endpoint_auth_method properties are mutually exclusive. Use client_authentication_methods to configure the client with Private Key JWT authentication method. Otherwise, use token_endpoint_auth_method to configure the client with client secret (basic or post) or with no authentication method (none). * - When using client_authentication_methods to configure the client with Private Key JWT authentication method, only specify the credential IDs that were generated when creating the credentials on the client. * - To configure client_authentication_methods, the update:client_credentials scope is required. * - To configure client_authentication_methods, the property jwt_configuration.alg must be set to RS256. * - To change a client's is_first_party property to false, the organization_usage and organization_require_behavior properties must be unset. * * @param {string} id - ID of the client to update. * @param {Management.UpdateClientRequestContent} request * @param {ClientsClient.RequestOptions} requestOptions - Request-specific configuration. * * @throws {@link Management.BadRequestError} * @throws {@link Management.UnauthorizedError} * @throws {@link Management.ForbiddenError} * @throws {@link Management.NotFoundError} * @throws {@link Management.TooManyRequestsError} * * @example * await client.clients.update("id") */ update(id: string, request?: Management.UpdateClientRequestContent, requestOptions?: ClientsClient.RequestOptions): core.HttpResponsePromise; private __update; /** * Rotate a client secret. * * This endpoint cannot be used with clients configured with Private Key JWT authentication method (client_authentication_methods configured with private_key_jwt). The generated secret is NOT base64 encoded. * * For more information, read Rotate Client Secrets. * * @param {string} id - ID of the client that will rotate secrets. * @param {ClientsClient.RequestOptions} requestOptions - Request-specific configuration. * * @throws {@link Management.BadRequestError} * @throws {@link Management.UnauthorizedError} * @throws {@link Management.ForbiddenError} * @throws {@link Management.NotFoundError} * @throws {@link Management.TooManyRequestsError} * * @example * await client.clients.rotateSecret("id") */ rotateSecret(id: string, requestOptions?: ClientsClient.RequestOptions): core.HttpResponsePromise; private __rotateSecret; }