Documentation Index Fetch the complete documentation index at: https://auth0-feat-actions-custom-token-exchange-updates.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
The event object for the custom-token-exchange Actions trigger provides contextual information about the trigger execution.
event.clientInformation about the Client with which this transaction was initiated. The client id of the application the user is logging in to.
An object for holding other application properties.
The name of the application (as defined in the Dashboard).
event.organizationDetails about the Organization associated with the current transaction. Hide organization properties
The Organization identifier.
The friendly name of the Organization.
Metadata associated with the Organization.
The name of the Organization.
event.requestDetails about the request that initiated the transaction. The body of the POST request. This data will only be available during refresh token, Client Credential Exchange flows and PreUserRegistration Action.
The hostname that is being used for the authentication flow.
The originating IP address of the request.
The language requested by the browser.
The HTTP method used for the request
The value of the User-Agent header received when initiating the transaction.
event.resource_serverDetails about the resource server to which the access is being requested. Hide resource_server properties
The identifier of the resource server. For example: https://your-api.example.com.
event.secretsSecret values securely associated with this Action.
event.tenantDetails about the Tenant associated with the current transaction. event.transactionDetails about the current custom token exchange transaction. Hide transaction properties
The actor token provided in the token exchange request.
The type of the actor token provided in the token exchange request.
The user represented by the actor token. This will only be present if the actor_token_type is urn:ietf:params:oauth:token-type:id_token and the actor token provided in the token exchange request is a valid Auth0 generated ID token. Hide actor_token_user properties
Custom fields that store info about a user that influences the user’s access, such as support plan, security roles, or access control groups.
Timestamp indicating when the user profile was first created.
(unique) User’s email address.
Indicates whether the user has verified their email address.
Timestamp indicating the last time the user’s password was reset/changed. At user creation, this field does not exist. This property is only available for Database connections.
Indicates whether the user has verified their phone number.
Timestamp indicating when the user’s profile was last updated/modified.
(unique) User’s unique identifier.
Custom fields that store info about a user that does not impact what they can or cannot access, such as work address, home address, or user preferences.
(unique) User’s username.
An array of authentication factors that the user has enrolled. Show enrolledFactors properties
The type of authentication factor such as push-notification, phone, email, otp, webauthn-roaming and webauthn-platform.
Additional options describing this instance of the enrolled factor.
List of multi-factor authentication (MFA) providers with which the user is enrolled. This array is updated when the user enrolls in MFA and when an administrator resets a user’s MFA enrollments.
Contains info retrieved from the identity provider with which the user originally authenticates. Users may also link their profile to multiple identity providers; those identities will then also appear in this array. The contents of an individual identity provider object varies by provider. Show identities element properties
Name of the Auth0 connection used to authenticate the user.
Indicates whether the connection is a social one.
User information associated with the connection. When profiles are linked, it is populated with the associated user info for secondary accounts.
Name of the entity that is authenticating the user, such as Facebook, Google, SAML, or your own provider.
User’s unique identifier for this connection/provider.
The scopes requested (if any) provided in the token exchange request.
The type of token to be generated by Auth0. For example: urn:ietf:params:oauth:token-type:access_token.
The subject token provided in the token exchange request.
The subject_token_type provided in the token exchange request.
Authenticate
Manage Users
Customize
Auth0 AI
Platform