diff --git a/CLAUDE.md b/CLAUDE.md index 10c27f65c..e4cc68949 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -80,27 +80,35 @@ This is **not a managed monorepo** (no Lerna, pnpm workspaces, etc.). Each folde ### Documentation Organization **Content Structure:** + - `.mdx` and `.md` files for documentation pages - YAML frontmatter for metadata (title, description, og/twitter tags) - `docs.json` defines navigation structure and Mintlify configuration **Reusable Components:** + - `/snippets` directories contain reusable `.mdx` and `.jsx` components - Import snippets into documentation pages to avoid duplication - Commonly used for multi-language code examples in quickstart guides **Code Block Convention:** -````markdown -```[language] [filename] wrap lines highlight={lines} + +`````markdown +````[language] [filename] wrap lines highlight={lines} Example: ```typescript ./src/auth0/app wrap lines highlight={1,7-10} ```` +````` + +````` **Localization:** + - Main docs support French Canadian (`main/docs/fr-ca/`) and Japanese (`main/docs/ja-jp/`) ### UI Component Library Architecture **Technology Stack:** + - React 19 + TypeScript - Vite 7 for building - TailwindCSS 4 for styling @@ -108,28 +116,33 @@ Example: ```typescript ./src/auth0/app wrap lines highlight={1,7-10} - MobX 6 for state management **State Management:** + - MobX stores pattern with `RootStore` as central container - Key stores: `SessionStore`, `ClientStore`, `TenantStore`, `ResourceServerStore`, `VariableStore` - Components use MobX `observer` wrapper for reactivity **Build Output:** + - UMD bundle: `auth0-docs-ui-{version}.umd.js` - CSS: `auth0-docs-ui-{version}.css` - Exposed as `window.Auth0DocsUI` in browser - Exports: components, stores, and MobX utilities **Path Aliases:** + - `@/*` maps to `/ui/src/*` for clean imports ### Theme Configuration **Main Docs (`main/docs.json`):** + - Theme: "aspen" - Colors: Black primary (#000) - Breadcrumb navigation style - Traditional layout **Auth4GenAI Docs (`auth4genai/docs.json`):** + - Theme: "mint" - Colors: Purple primary (#6742D5) - Dark mode by default @@ -191,88 +204,105 @@ Mintlify supports several admonition types for highlighting important informatio #### When to Use Each Admonition **``** - ONLY for Early Access features requiring legal agreement acceptance: + ```mdx -Native to Web SSO is currently available in Early Access. To use this feature, you must have an Enterprise plan. By using this feature, you agree to the applicable Free Trial terms in Okta's Master Subscription Agreement. + Native to Web SSO is currently available in Early Access. To use this feature, + you must have an Enterprise plan. By using this feature, you agree to the + applicable Free Trial terms in Okta's Master Subscription Agreement. ``` + - Must include legal agreement links and Product Release Stages reference - Used when features require explicit Free Trial terms acceptance **``** - For plan-based restrictions, Enterprise features, and important context: + ```mdx -These security options are available to Enterprise customers only. To upgrade your plan, contact Auth0 Sales. + These security options are available to Enterprise customers only. To upgrade + your plan, contact Auth0 Sales. ``` + - Standard for Professional/Enterprise plan restrictions - Used for features like Tenant ACL, Self-Service SSO, etc. - Always use `icon="file-lines" color="#0EA5E9" iconType="regular"` for consistency **``** - For supplementary information or clarifications: + ```mdx -Both approaches can be used together for defense-in-depth security. Monitor your tenant logs regularly to detect suspicious registration patterns. + Both approaches can be used together for defense-in-depth security. Monitor + your tenant logs regularly to detect suspicious registration patterns. ``` For brief inline notes, you can also use markdown blockquote style: + ```mdx > **Note:** These options are available to Enterprise customers only. ``` **``** - For helpful contextual information: + ```mdx -If you don't see tools listed on the consent screen that's because you are not logging in with the correct user + If you don't see tools listed on the consent screen that's because you are not + logging in with the correct user ``` **``** - For helpful suggestions or shortcuts: + ```mdx -To automatically connect VS Code to the Auth0 for AI Agents MCP Server, click the down arrow icon next to **Copy page** and select **Connect to VS Code**. + To automatically connect VS Code to the Auth0 for AI Agents MCP Server, click + the down arrow icon next to **Copy page** and select **Connect to VS Code**. ``` ### Structured Content Components **Steps** - For sequential instructions: + ```mdx - Follow the [Auth0 CLI installation instructions](https://auth0.github.io/auth0-cli/). - - - Run: `auth0 login` + Follow the [Auth0 CLI installation + instructions](https://auth0.github.io/auth0-cli/). + Run: `auth0 login` ``` **Tabs** - For multi-language or multi-option content: -```mdx + +````mdx - ```python - # Python code here - ``` - - - ```javascript - // JavaScript code here - ``` + ```python # Python code here ``` + ```javascript // JavaScript code here ``` -``` +````` **Cards** - For navigation or feature highlights: + ```mdx - + Secure your application with Auth0 authentication. ``` **Columns** - For side-by-side layouts: + ```mdx @@ -285,6 +315,7 @@ To automatically connect VS Code to the Auth0 for AI Agents MCP Server, click th ``` **Frame** - For images with optional captions: + ```mdx Auth flow diagram @@ -292,15 +323,17 @@ To automatically connect VS Code to the Auth0 for AI Agents MCP Server, click th ``` **CodeGroup** - For showing multiple code examples: -```mdx + +````mdx ```bash npm npm i -g mint - ``` +```` + +```bash pnpm +pnpm add -g mint +``` - ```bash pnpm - pnpm add -g mint - ``` ``` @@ -315,6 +348,7 @@ Code blocks support language specification, file names, line wrapping, and highl ```` Common attributes: + - **Language**: `bash`, `javascript`, `typescript`, `python`, `json`, etc. - **Filename**: `./path/to/file` (optional) - **`wrap lines`**: Enable line wrapping for long lines @@ -325,17 +359,21 @@ Common attributes: When including placeholders in code examples and commands, follow these consistent patterns: **`YOUR_SOMETHING`** - For general configuration values that users need to replace: + ```bash auth0 api patch connections/YOUR_CONNECTION_ID --data '{"is_domain_connection": true}' ``` + - Examples: `YOUR_TENANT`, `YOUR_AUTH0_DOMAIN`, `YOUR_CONNECTION_ID`, `YOUR_MANAGEMENT_API_TOKEN` - Used for domains, tokens, API keys, and other configuration values - Always use uppercase with underscores **``** - For specific IDs or values extracted from previous commands: + ```bash auth0 api patch clients/ --data '{...}' ``` + - Examples: ``, ``, `` - Used for IDs returned by API calls or CLI commands - Typically lowercase with hyphens @@ -343,6 +381,7 @@ auth0 api patch clients/ --data '{...}' **DO NOT use** `{{VAR}}` syntax - This is not the established pattern in this repository. **Example combining both patterns:** + ```bash curl --location 'https://YOUR_TENANT/api/v2/token-exchange-profiles' \ --header 'Authorization: Bearer YOUR_MANAGEMENT_API_TOKEN' \ @@ -357,44 +396,41 @@ Always provide clear instructions before code blocks explaining what each placeh ### Accordion Groups For collapsible content sections: + ```mdx - - Answer to question 1 - - - Answer to question 2 - + Answer to question 1 + Answer to question 2 ``` ### Presenting Multiple Options **Use `` for:** Different implementation methods for the SAME action + ```mdx - -1. Go to Dashboard > Settings -2. Click the toggle - - -1. Get an access token -2. Call the API endpoint - + 1. Go to Dashboard > Settings 2. Click the toggle + + 1. Get an access token 2. Call the API endpoint + ``` + - Dashboard vs API configuration - Different SDK implementations - Same outcome, different tools **Use bullet lists for:** Different approaches or solutions to a problem + ```mdx There are two approaches you can implement: -* **[Tenant Access Control List](link)** (Recommended) - Description of when to use, how it works, and any limitations or benefits. +- **[Tenant Access Control List](link)** (Recommended) - Description of when to use, how it works, and any limitations or benefits. -* **[Reverse Proxy](link)** - Description of when to use, how it works, and any limitations or benefits. +- **[Reverse Proxy](link)** - Description of when to use, how it works, and any limitations or benefits. ``` + - Different security strategies - Alternative architectural patterns - Multiple remediation options for an issue @@ -470,39 +506,37 @@ You are an AI writing assistant specialized in creating exceptional technical do ```mdx -Supplementary information that supports the main content without interrupting flow + Supplementary information that supports the main content without interrupting + flow ``` #### Tip - Best Practices and Pro Tips ```mdx - -Expert advice, shortcuts, or best practices that enhance user success - +Expert advice, shortcuts, or best practices that enhance user success ``` #### Warning - Important Cautions ```mdx -Critical information about potential issues, breaking changes, or destructive actions + Critical information about potential issues, breaking changes, or destructive + actions ``` #### Info - Neutral Contextual Information ```mdx - -Background information, context, or neutral announcements - +Background information, context, or neutral announcements ``` #### Check - Success Confirmations ```mdx -Positive confirmations, successful completions, or achievement indicators + Positive confirmations, successful completions, or achievement indicators ``` @@ -515,11 +549,11 @@ Example of a single code block: ````mdx ```javascript config.js const apiConfig = { - baseURL: 'https://api.example.com', + baseURL: "https://api.example.com", timeout: 5000, headers: { - 'Authorization': `Bearer ${process.env.API_TOKEN}` - } + Authorization: `Bearer ${process.env.API_TOKEN}`, + }, }; ``` ```` @@ -546,6 +580,7 @@ response = requests.get('/api/endpoint', curl -X GET '/api/endpoint' \ -H 'Authorization: Bearer YOUR_API_KEY' ``` + ```` @@ -580,7 +615,7 @@ curl -X POST 'https://api.example.com/users' \ Example of step-by-step instructions: -```mdx +````mdx Run `npm install` to install required packages. @@ -593,9 +628,10 @@ Example of step-by-step instructions: Create a `.env` file with your API credentials. - ```bash - API_KEY=your_api_key_here - ``` +```bash +API_KEY=your_api_key_here +``` +```` Never commit API keys to version control. @@ -608,13 +644,14 @@ Example of step-by-step instructions: Example of tabbed content: -```mdx +````mdx ```bash brew install node npm install -g package-name - ``` +```` + @@ -637,7 +674,7 @@ Example of tabbed content: Example of accordion groups: -```mdx +````mdx - **Firewall blocking**: Ensure ports 80 and 443 are open @@ -651,7 +688,8 @@ Example of accordion groups: performance: { cache: true, timeout: 30000 }, security: { encryption: 'AES-256' } }; - ``` +```` + ``` @@ -662,7 +700,8 @@ Example of cards and card groups: ```mdx -Complete walkthrough from installation to your first API call in under 10 minutes. + Complete walkthrough from installation to your first API call in under 10 + minutes. @@ -684,19 +723,19 @@ Example of parameter documentation: ```mdx -Unique identifier for the user. Must be a valid UUID v4 format. + Unique identifier for the user. Must be a valid UUID v4 format. -User's email address. Must be valid and unique within the system. + User's email address. Must be valid and unique within the system. -Maximum number of results to return. Range: 1-100. + Maximum number of results to return. Range: 1-100. -Bearer token for API authentication. Format: `Bearer YOUR_API_KEY` + Bearer token for API authentication. Format: `Bearer YOUR_API_KEY` ``` @@ -706,15 +745,15 @@ Example of response field documentation: ```mdx -Unique identifier assigned to the newly created user. + Unique identifier assigned to the newly created user. -ISO 8601 formatted timestamp of when the user was created. + ISO 8601 formatted timestamp of when the user was created. -List of permission strings assigned to this user. + List of permission strings assigned to this user. ``` @@ -738,6 +777,7 @@ Complete user object with all associated data. URL to user's profile picture. Returns null if no avatar is set. + @@ -752,11 +792,14 @@ Wrap all images in frames: ```mdx -Main dashboard showing analytics overview + Main dashboard showing analytics overview -Analytics dashboard with charts + Analytics dashboard with charts ``` @@ -767,7 +810,7 @@ Use the HTML video element for self-hosted video content: ```mdx ``` @@ -776,7 +819,7 @@ Embed YouTube videos using iframe elements: ```mdx + In addition, to assist you in building your integration you can leverage our [Social Connection Integration template](https://github.com/auth0-marketplace/TEMPLATE-social-connection). @@ -31,8 +44,8 @@ If you are ready to become a partner and submit your integration, please create **We will need the following configuration and documentation:** -* The Authorization and Token URLs that should be used; if your authorization server uses a tenant architecture, include the pattern to use, and we will include a **Tenant Domain** field or similar. -* A list of fields that the customer configuring the integration should see, including **Client ID** and **Client Secret** -* A list of scopes that can be requested, including whether to require them and/or request them by default -* A profile mapping script (following the [mapping script template](https://gist.github.com/joshcanhelp/26e1fc3581d2ced737c4f50a694ea10f)). This script must map a unique identifier to `user_id` and, if possible, `email`, `email_verified`, and `name` -* An installation guide written in Markdown. \ No newline at end of file +- The Authorization and Token URLs that should be used; if your authorization server uses a tenant architecture, include the pattern to use, and we will include a **Tenant Domain** field or similar. +- A list of fields that the customer configuring the integration should see, including **Client ID** and **Client Secret** +- A list of scopes that can be requested, including whether to require them and/or request them by default +- A profile mapping script (following the [mapping script template](https://gist.github.com/joshcanhelp/26e1fc3581d2ced737c4f50a694ea10f)). This script must map a unique identifier to `user_id` and, if possible, `email`, `email_verified`, and `name` +- An installation guide written in Markdown. diff --git a/main/docs/fr-ca/customize/integrations/marketplace-partners/social-connections-for-partners.mdx b/main/docs/fr-ca/customize/integrations/marketplace-partners/social-connections-for-partners.mdx index 41af0d215..893b752c9 100644 --- a/main/docs/fr-ca/customize/integrations/marketplace-partners/social-connections-for-partners.mdx +++ b/main/docs/fr-ca/customize/integrations/marketplace-partners/social-connections-for-partners.mdx @@ -1,23 +1,35 @@ --- title: "Connexions sociales pour les partenaires" permalink: "social-connections-for-partners" -'description': "Découvrez les Connexions sociales et comment les partenaires d’Auth0 Marketplace peuvent les utiliser, les créer et les tester." -'og:title': "Connexions sociales pour les partenaires" -'og:description': "Découvrez les Connexions sociales et comment les partenaires d’Auth0 Marketplace peuvent les utiliser, les créer et les tester." -'og:image': "https://cdn2.auth0.com/docs/1.14567.0/img/share-image.png" -'twitter:title': "Connexions sociales pour les partenaires" -'twitter:description': "Découvrez les Connexions sociales et comment les partenaires d’Auth0 Marketplace peuvent les utiliser, les créer et les tester." +"description": "Découvrez les Connexions sociales et comment les partenaires d’Auth0 Marketplace peuvent les utiliser, les créer et les tester." +"og:title": "Connexions sociales pour les partenaires" +"og:description": "Découvrez les Connexions sociales et comment les partenaires d’Auth0 Marketplace peuvent les utiliser, les créer et les tester." +"og:image": "https://cdn2.auth0.com/docs/1.14567.0/img/share-image.png" +"twitter:title": "Connexions sociales pour les partenaires" +"twitter:description": "Découvrez les Connexions sociales et comment les partenaires d’Auth0 Marketplace peuvent les utiliser, les créer et les tester." --- Dans Auth0, les connexions sont une source d’identité d’utilisateur pour la connexion dans une ([vidéo](https://auth0-1.wistia.com/medias/tet170a1vt)). La Connexion sociale est le terme que nous utilisons pour une source d’identité au niveau du consommateur, comme Google ou Facebook ([vidéo](https://auth0-1.wistia.com/medias/5kshjcduya)). Les clients peuvent permettre à leurs utilisateurs d’utiliser une ou plusieurs connexion(s) sociale(s) sur le formulaire de connexion, ou opter pour un fournisseur unique en incluant un paramÚtre URL spécifique lors de la redirection vers le formulaire de connexion. -![Social Connections for Partners (Connexions sociales pour partenaires) - Universal Login with Social Connections (Connexion universelle avec connexions sociales) - Exemple de page de connexion](/docs/images/fr-ca/cdy7uua7fh8z/4mQxtOyW7bdSznrNA91eky/cee5df08fbeb04e4a3532ce82f9bc322/Social_Login_-_FR.png) + + ![Social Connections for Partners (Connexions sociales pour partenaires) - + Universal Login with Social Connections (Connexion universelle avec connexions + sociales) - Exemple de page de + connexion](/docs/images/fr-ca/cdy7uua7fh8z/4mQxtOyW7bdSznrNA91eky/cee5df08fbeb04e4a3532ce82f9bc322/Social_Login_-_FR.png) + Une fois l’utilisateur authentifié, son identité auprÚs du fournisseur social est associée à un profil Auth0, et le résultat est transmis à l’application ayant initié la demande de connexion. Cela crée un enregistrement d’utilisateur Auth0 en utilisant l’identité de la Connexion sociale sélectionnée. Les attributs associés à cet enregistrement sont associés depuis la source d’identité externe vers un [Profil utilisateur Auth0](/docs/fr-ca/manage-users/user-accounts/user-profiles/normalized-user-profiles). Votre Connexion sociale Marketplace débutera en tant que [Connexion sociale personnalisée](/docs/fr-ca/authenticate/identity-providers/social-identity-providers/oauth2), pouvant être configurée sur n’importe quel locataire Auth0. Cela vous permettra de visualiser le fonctionnement de la transaction et de vérifier que les utilisateurs peuvent s’authentifier via votre serveur d’autorisation. La vidéo suivante vous montrera comment créer et tester une Connexion sociale dans Auth0. - + En outre, pour vous aider à construire votre intégration, vous pouvez utiliser notre modÚle [Intégration de connexion sociale](https://github.com/auth0-marketplace/TEMPLATE-social-connection). @@ -30,8 +42,8 @@ Une fois que l’intégration fonctionne, Auth0 travaillera avec vous pour publi **Nous aurons besoin de la configuration et de la documentation suivantes :** -* Les URL d’autorisation et de jeton qui doivent être utilisées; si votre serveur d’autorisation utilise une architecture de locataire, incluez le modÚle à utiliser et nous inclurons un champ **Domaine du locataire** ou similaire. -* Une liste de champs que le client qui configure l’intégration doit voir, y compris **ID client** et **Secret client** -* Une liste des permissions pouvant être demandées, précisant si elles doivent être obligatoires et/ou demandées par défaut. -* Un script de mappage de profil (conformément au [modÚle de script de mappage](https://gist.github.com/joshcanhelp/26e1fc3581d2ced737c4f50a694ea10f)). Ce script doit mapper un identifiant unique à `user_id` et, si possible, `email`, `email_verified`, et `name` -* Un guide d’installation rédigé en Markdown. \ No newline at end of file +- Les URL d’autorisation et de jeton qui doivent être utilisées; si votre serveur d’autorisation utilise une architecture de locataire, incluez le modÚle à utiliser et nous inclurons un champ **Domaine du locataire** ou similaire. +- Une liste de champs que le client qui configure l’intégration doit voir, y compris **ID client** et **Secret client** +- Une liste des permissions pouvant être demandées, précisant si elles doivent être obligatoires et/ou demandées par défaut. +- Un script de mappage de profil (conformément au [modÚle de script de mappage](https://gist.github.com/joshcanhelp/26e1fc3581d2ced737c4f50a694ea10f)). Ce script doit mapper un identifiant unique à `user_id` et, si possible, `email`, `email_verified`, et `name` +- Un guide d’installation rédigé en Markdown. diff --git a/main/docs/get-started/onboarding/self-service-m2m.mdx b/main/docs/get-started/onboarding/self-service-m2m.mdx index 4d1837b12..0b5921260 100644 --- a/main/docs/get-started/onboarding/self-service-m2m.mdx +++ b/main/docs/get-started/onboarding/self-service-m2m.mdx @@ -1,16 +1,17 @@ --- description: Describes how to onboard with an M2M business case. -'og:image': https://cdn2.auth0.com/docs/1.14553.0/img/share-image.png -'og:title': Self-Service Machine-to-Machine -'og:url': https://auth0.com/docs/ +"og:image": https://cdn2.auth0.com/docs/1.14553.0/img/share-image.png +"og:title": Self-Service Machine-to-Machine +"og:url": https://auth0.com/docs/ permalink: self-service-m2m title: Self-Service Machine-to-Machine -'twitter:description': Describes how to onboard with an M2M business case. -'twitter:title': Self-Service Machine-to-Machine +"twitter:description": Describes how to onboard with an M2M business case. +"twitter:title": Self-Service Machine-to-Machine --- -import {AuthCodeBlock} from "/snippets/AuthCodeBlock.jsx"; -import {AuthCodeGroup} from "/snippets/AuthCodeGroup.jsx"; +import { AuthCodeBlock } from "/snippets/AuthCodeBlock.jsx"; + +import { AuthCodeGroup } from "/snippets/AuthCodeGroup.jsx"; If your business case services a non-interactive audience, like APIs or backend servers, you will onboard with a machine-to-machine (M2M) configuration. @@ -18,13 +19,13 @@ If your business case services a non-interactive @@ -36,12 +37,12 @@ These services will still need an M2M access token for authentication. This guide is a pathway to create your M2M implementation in Auth0. We provide considerations, best practices, and concepts you should review. -* In Architecture, we advise you to configure Auth0 to support your Software Development Life Cycle and existing infrastructure. -* In Create an account, we provide instructions to create your API instance in Auth0 and an application to support the authentication flow (or grant) needed for machine-to-machine authentication. -* In Authentication, we walk through the grant you need to use for authentication as well as access tokens and permissions (or scopes) you can set. -* In Branding, we advise you where to find information on how to configure Custom Domains depending on how you plan to manage certificates. -* In Deployment Automations, you can read about our tooling to assist with deployment. -* In Quality Assurance, you can learn more about unit testing, and the readiness checks we provide in Auth0 Dashboard. +- In Architecture, we advise you to configure Auth0 to support your Software Development Life Cycle and existing infrastructure. +- In Create an account, we provide instructions to create your API instance in Auth0 and an application to support the authentication flow (or grant) needed for machine-to-machine authentication. +- In Authentication, we walk through the grant you need to use for authentication as well as access tokens and permissions (or scopes) you can set. +- In Branding, we advise you where to find information on how to configure Custom Domains depending on how you plan to manage certificates. +- In Deployment Automations, you can read about our tooling to assist with deployment. +- In Quality Assurance, you can learn more about unit testing, and the readiness checks we provide in Auth0 Dashboard. ## Architecture @@ -55,12 +56,13 @@ You may want to create a visualization of your current tech stack as well as pla Before you create a new account or configure your first tenant, you may want to consider: -* How you partition or group your APIs to call specific endpoints. +- How you partition or group your APIs to call specific endpoints. + + - This may determine the audience and other claims on access tokens. - + This may determine the audience and other claims on access tokens. -* Any third-party consumers to your resource may request an access token for each call. Excessive calls could affect your [rate limit](/docs/troubleshoot/customer-support/operational-policies/rate-limit-policy/rate-limit-configurations/self-service-public). +- Any third-party consumers to your resource may request an access token for each call. Excessive calls could affect your [rate limit](/docs/troubleshoot/customer-support/operational-policies/rate-limit-policy/rate-limit-configurations/self-service-public). - + You can use an API Gateway to limit the number of access tokens a third-party can request. To learn more about API Gateways and Auth0, read [Configure an Identity Provider in Access Gateway](/docs/get-started/auth0-overview/create-applications/configure-an-identity-provider-in-access-gateway). + - You can use an API Gateway to limit the number of access tokens a third-party can request. To learn more about API Gateways and Auth0, read [Configure an Identity Provider in Access Gateway](/docs/get-started/auth0-overview/create-applications/configure-an-identity-provider-in-access-gateway). ## Create an account @@ -70,15 +72,15 @@ Now that you have a plan for your architecture, you’ll configure your Auth0 ac In the Auth0 Dashboard or with the Auth0 Management API, create: -* An API to represent your API -* An M2M application to use the Client Credential Flow +- An API to represent your API +- An M2M application to use the Client Credential Flow You may want to plan some configuration details before you create an account. -* Your tenant name has a role in your Auth0 domain. Before you determine a name, you should review [tenant characteristics](/docs/get-started/auth0-overview/create-tenants#create-a-tenant-and-domain). -* Which Auth0 features you need for your use case. Some features are only available on Professional and Enterprise plans. -* Determine if you need to support multiple environments, such as development, staging, and production. To learn more, read [Set Up Multiple Environments](/docs/get-started/auth0-overview/create-tenants/set-up-multiple-environments). -* If you have a use case involving thirty-party applications you want to register in a tenant, you can use [Dynamic Application Registration](/docs/get-started/applications/dynamic-client-registration) based on the [OIDC Client Registration](https://openid.net/specs/openid-connect-registration-1_0.html) specification. +- Your tenant name has a role in your Auth0 domain. Before you determine a name, you should review [tenant characteristics](/docs/get-started/auth0-overview/create-tenants#create-a-tenant-and-domain). +- Which Auth0 features you need for your use case. Some features are only available on Professional and Enterprise plans. +- Determine if you need to support multiple environments, such as development, staging, and production. To learn more, read [Set Up Multiple Environments](/docs/get-started/auth0-overview/create-tenants/set-up-multiple-environments). +- If you have a use case involving thirty-party applications you want to register in a tenant, you can use [Dynamic Application Registration](/docs/get-started/applications/dynamic-client-registration) based on the [OIDC Client Registration](https://openid.net/specs/openid-connect-registration-1_0.html) specification. @@ -116,35 +118,76 @@ To register an API programmatically, use the Management API. You will need an ac Use the sample provided in Management API Explorer to call the Management API [Create a Resource Server](https://auth0.com/docs/api/management/v2/resource-servers/post-resource-servers) endpoint and include the following parameters in the body: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
FieldDescriptionExample
NameA friendly name for the API. Does not affect any functionality.yourDomain
IdentifierA unique identifier for the API. Auth0 recommends using a URL. Auth0 does differentiate between URLs that include the last forward slash. For example, `https://example.com` and `https://example.com/` are two different identifiers. The URL does not have to be a publicly available URL. Auth0 will not call your API. This value cannot be modified afterwards.`https://{yourDomain}`
JSON Web Token (JWT) ProfileThe profile determines the format of the access tokens issued for the API. The available values are Auth0 and RFC 9068. To learn more, read Access Token Profiles.access_token
JSON Web Token (JWT) Signing AlgorithmThe algorithm to sign the access tokens with. The available values are HS256, PS256, RS256. If you select RS256, the token will be signed with the tenant's private key.HS256
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Field + + Description + + Example +
+ Name + A friendly name for the API. Does not affect any functionality. + yourDomain +
+ Identifier + + A unique identifier for the API. Auth0 recommends using a URL. Auth0 + does differentiate between URLs that include the last forward slash. For + example, `https://example.com` and `https://example.com/` are two + different identifiers. The URL does not have to be a publicly available + URL. Auth0 will not call your API. This value cannot be modified + afterwards. + `https://{yourDomain}`
+ JSON Web Token (JWT) Profile + + The profile determines the format of the access tokens issued for the + API. The available values are Auth0 and{" "} + RFC 9068. To learn more, read{" "} + + Access Token Profiles + + . + + access_token +
+ JSON Web Token (JWT) Signing Algorithm + + The algorithm to sign the access tokens with. The available values are{" "} + HS256, PS256, RS256. If you + select RS256, the token will be signed with the tenant's + private key. + + HS256 +
@@ -171,11 +214,15 @@ If you create your API in the Dashboard, Auth0 automatically generates a test ap You can create another application for development or production later by following the instructions on [Register Machine-to-Machine Applications](/docs/get-started/auth0-overview/create-applications/machine-to-machine-apps). + 3. Switch to the **API** view, and then locate the API you’d like to enable for this application. 4. Enable the **Authorize** toggle, and then select the arrow button on the right to expand the card. 5. Select **Update**. - ![Dashboard > Applications > APIs](/docs/images/cdy7uua7fh8z/6L2R46XVdYw1kifRfMifRz/87e3b9f75039d55af6028be0eb0598ac/Timesheets_API_-_English.png) + + ![Dashboard > Applications > + APIs](/docs/images/cdy7uua7fh8z/6L2R46XVdYw1kifRfMifRz/87e3b9f75039d55af6028be0eb0598ac/Timesheets_API_-_English.png) + @@ -204,13 +251,13 @@ For non-interactive applications or services to authentication, you must select In Auth0 Dashboard or Management API, you will: -* Set your application to use the Client Credentials Flow -* Update the scopes for your M2M access tokens +- Set your application to use the Client Credentials Flow +- Update the scopes for your M2M access tokens Before you configure your authentication method: -* Review the [Client Credentials Flow](/docs/get-started/authentication-and-authorization-flow/client-credentials-flow) for machine-to-machine authentication. This is the workflow for non-interactive authentication and authorization. -* Determine the level of access for your APIs. This helps determine what [scopes](/docs/get-started/apis/scopes/api-scopes), or permissions, you will configure when you create your API. +- Review the [Client Credentials Flow](/docs/get-started/authentication-and-authorization-flow/client-credentials-flow) for machine-to-machine authentication. This is the workflow for non-interactive authentication and authorization. +- Determine the level of access for your APIs. This helps determine what [scopes](/docs/get-started/apis/scopes/api-scopes), or permissions, you will configure when you create your API. @@ -265,51 +312,57 @@ import ( func main() { - url := "https://{yourDomain}/oauth/token" + url := "https://{yourDomain}/oauth/token" - payload := strings.NewReader("grant_type=client_credentials&client_id={yourClientId}&client_secret={yourClientSecret}&audience=YOUR_API_IDENTIFIER") + payload := strings.NewReader("grant_type=client_credentials&client_id={yourClientId}&client_secret={yourClientSecret}&audience=YOUR_API_IDENTIFIER") - req, _ := http.NewRequest("POST", url, payload) + req, _ := http.NewRequest("POST", url, payload) - req.Header.Add("content-type", "application/x-www-form-urlencoded") + req.Header.Add("content-type", "application/x-www-form-urlencoded") - res, _ := http.DefaultClient.Do(req) + res, _ := http.DefaultClient.Do(req) - defer res.Body.Close() - body, _ := ioutil.ReadAll(res.Body) + defer res.Body.Close() + body, _ := ioutil.ReadAll(res.Body) - fmt.Println(res) - fmt.Println(string(body)) + fmt.Println(res) + fmt.Println(string(body)) } -``` + +```` ```java Java HttpResponse response = Unirest.post("https://{yourDomain}/oauth/token") .header("content-type", "application/x-www-form-urlencoded") .body("grant_type=client_credentials&client_id={yourClientId}&client_secret={yourClientSecret}&audience=YOUR_API_IDENTIFIER") .asString(); -``` +```` + ```javascript Node.JS var axios = require("axios").default; var options = { - method: 'POST', - url: 'https://{yourDomain}/oauth/token', - headers: {'content-type': 'application/x-www-form-urlencoded'}, + method: "POST", + url: "https://{yourDomain}/oauth/token", + headers: { "content-type": "application/x-www-form-urlencoded" }, data: new URLSearchParams({ - grant_type: 'client_credentials', - client_id: '{yourClientId}', - client_secret: '{yourClientSecret}', - audience: 'YOUR_API_IDENTIFIER' - }) + grant_type: "client_credentials", + client_id: "{yourClientId}", + client_secret: "{yourClientSecret}", + audience: "YOUR_API_IDENTIFIER", + }), }; -axios.request(options).then(function (response) { - console.log(response.data); -}).catch(function (error) { - console.error(error); -}); +axios + .request(options) + .then(function (response) { + console.log(response.data); + }) + .catch(function (error) { + console.error(error); + }); ``` + ```objc Obj-C #import @@ -339,6 +392,7 @@ NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request }]; [dataTask resume]; ``` + ```php PHP $curl = curl_init(); @@ -367,6 +421,7 @@ if ($err) { echo $response; } ``` + ```python Python import http.client @@ -383,6 +438,7 @@ data = res.read() print(data.decode("utf-8")) ``` + ```ruby Ruby require 'uri' require 'net/http' @@ -401,6 +457,7 @@ request.body = "grant_type=client_credentials&client_id={yourClientId}&client_se response = http.request(request) puts response.read_body ``` + ```swift Swift import Foundation @@ -430,6 +487,7 @@ let dataTask = session.dataTask(with: request as URLRequest, completionHandler: dataTask.resume() ``` + The response should be similar to the sample below: @@ -472,9 +530,9 @@ Auth0 supports the use of custom domains when you call the `/authorize` endpoint In Auth0 Dashboard, you must: -* Register and verify your domain before you can use it with your Auth0 services. -* Determine if you want to manage your own certificate or use an Auth0 managed certificate. To learn more about certificates, read [Certificate management options](/docs/customize/custom-domains#certificate-management-options). -* Verify the TLS (SSL) version and cipher you want to use for self-managed certificates is supported by Auth0. To learn more, read [TLS (SSL) Versions and Ciphers](/docs/customize/custom-domains/self-managed-certificates/tls-ssl). +- Register and verify your domain before you can use it with your Auth0 services. +- Determine if you want to manage your own certificate or use an Auth0 managed certificate. To learn more about certificates, read [Certificate management options](/docs/customize/custom-domains#certificate-management-options). +- Verify the TLS (SSL) version and cipher you want to use for self-managed certificates is supported by Auth0. To learn more, read [TLS (SSL) Versions and Ciphers](/docs/customize/custom-domains/self-managed-certificates/tls-ssl). @@ -487,6 +545,7 @@ In Auth0 Dashboard, you must: You must have an Enterprise subscription to manage certificates in your custom domain. To learn more, read [Auth0 Pricing](https://auth0.com/pricing/) and [Login](/docs/authenticate/login). + 2. Review [API configuration with custom domains](/docs/customize/custom-domains/configure-features-to-use-custom-domains#apis). You may need to adjust your API settings to incorporate a custom domain. If you experience issues with your custom domain, review [Troubleshoot Custom Domains](/docs/troubleshoot/integration-extensibility-issues/troubleshoot-custom-domains). @@ -515,8 +574,8 @@ The Real-time Webtask Logs extension displays all logs for custom code in real-t Quality Assurance is important in identifying issues before you go live. Depending on the nature of your project, there are several different types of quality assurance testing that you’re going to want to consider as part of your integration with Auth0: -* How will your APIs perform when subjected to unexpected production loads? -* How will your rate limits be affected by third-party applications? +- How will your APIs perform when subjected to unexpected production loads? +- How will your rate limits be affected by third-party applications? If you are not using Auth0 widgets or features, like Universal Login, you will not have the built-in usability and accessibility best practices out-of-the-box on a host of browsers and devices. To ensure functional requirements are met and unexpected events are handled correctly, guidance is provided for testing the integration between your application(s) and Auth0, and for unit testing individual extensibility modules, such as Auth0 Actions. We also recommend you review Auth0’s [penetration testing policy](/docs/troubleshoot/customer-support/operational-policies/penetration-testing-policy) and complete Mock testing you can leverage in conjunction with our [load testing policy](/docs/troubleshoot/customer-support/operational-policies/load-testing-policy) to help ensure your application(s) perform under unexpected load. @@ -534,7 +593,10 @@ Our [Deploy and Monitor](/docs/deploy-monitor) section provides guidance for dep To review the Readiness Check, select the drop-down menu below your tenant name and environmental tag at [Auth0 Dashboard > Run Readiness Checks](https://manage.auth0.com/#/production-checks). -![Auth0 Dashboard > Readiness Checklist](/docs/images/cdy7uua7fh8z/7iu1CzH0NgaXJbLBNWXZli/b598b8cdaad0c676e83a0fb0595d4603/Readiness_Checks_-_English.png) + + ![Auth0 Dashboard > Readiness + Checklist](/docs/images/cdy7uua7fh8z/7iu1CzH0NgaXJbLBNWXZli/b598b8cdaad0c676e83a0fb0595d4603/Readiness_Checks_-_English.png) + You can use the filter to apply the Readiness Checks to selected applications. **These checks do not apply to your configured APIs**. @@ -544,8 +606,8 @@ We advise you to review [Deployment Best Practices](/docs/deploy-monitor/deploym ## Learn more -* [Auth0 Overview](/docs/get-started/auth0-overview) -* [Solution Overview (Server Apps + API)](/docs/get-started/architecture-scenarios/server-application-api/part-1) -* [Call Your API Using the Client Credentials Flow](/docs/get-started/authentication-and-authorization-flow/client-credentials-flow/call-your-api-using-the-client-credentials-flow) -* [Retrieve Log Logs Using the Management API](/docs/deploy-monitor/logs/retrieve-log-events-using-mgmt-api) -* [Get Management API Access Tokens for Production](/docs/secure/tokens/access-tokens/management-api-access-tokens/get-management-api-access-tokens-for-production) \ No newline at end of file +- [Auth0 Overview](/docs/get-started/auth0-overview) +- [Solution Overview (Server Apps + API)](/docs/get-started/architecture-scenarios/server-application-api/part-1) +- [Call Your API Using the Client Credentials Flow](/docs/get-started/authentication-and-authorization-flow/client-credentials-flow/call-your-api-using-the-client-credentials-flow) +- [Retrieve Log Logs Using the Management API](/docs/deploy-monitor/logs/retrieve-log-events-using-mgmt-api) +- [Get Management API Access Tokens for Production](/docs/secure/tokens/access-tokens/management-api-access-tokens/get-management-api-access-tokens-for-production) diff --git a/main/docs/ja-jp/customize/integrations/marketplace-partners/social-connections-for-partners.mdx b/main/docs/ja-jp/customize/integrations/marketplace-partners/social-connections-for-partners.mdx index f1cc394c0..f17dd3d0f 100644 --- a/main/docs/ja-jp/customize/integrations/marketplace-partners/social-connections-for-partners.mdx +++ b/main/docs/ja-jp/customize/integrations/marketplace-partners/social-connections-for-partners.mdx @@ -1,37 +1,47 @@ --- title: "パヌトナヌに察する゜ヌシャル接続" permalink: "social-connections-for-partners" -'description': "゜ヌシャル接続に぀いおず、Auth0マヌケットプレむスパヌトナヌがどのように䜿甚、構築、テストするか説明したす。" -'og:title': "パヌトナヌに察する゜ヌシャル接続" -'og:description': "゜ヌシャル接続に぀いおず、Auth0マヌケットプレむスパヌトナヌがどのように䜿甚、構築、テストするか説明したす。" -'og:image': "https://cdn2.auth0.com/docs/1.14567.0/img/share-image.png" -'twitter:title': "パヌトナヌに察する゜ヌシャル接続" -'twitter:description': "゜ヌシャル接続に぀いおず、Auth0マヌケットプレむスパヌトナヌがどのように䜿甚、構築、テストするか説明したす。" +"description": "゜ヌシャル接続に぀いおず、Auth0マヌケットプレむスパヌトナヌがどのように䜿甚、構築、テストするか説明したす。" +"og:title": "パヌトナヌに察する゜ヌシャル接続" +"og:description": "゜ヌシャル接続に぀いおず、Auth0マヌケットプレむスパヌトナヌがどのように䜿甚、構築、テストするか説明したす。" +"og:image": "https://cdn2.auth0.com/docs/1.14567.0/img/share-image.png" +"twitter:title": "パヌトナヌに察する゜ヌシャル接続" +"twitter:description": "゜ヌシャル接続に぀いおず、Auth0マヌケットプレむスパヌトナヌがどのように䜿甚、構築、テストするか説明したす。" --- -Auth0では、接続はログむンに察するナヌザヌIDの゜ヌスです[ビデオ](https://auth0-1.wistia.com/medias/tet170a1vt)。゜ヌシャル接続はGoogleたたはFacebookのような消費者レベルの゜ヌスのこずです[ビデオ](https://auth0-1.wistia.com/medias/5kshjcduya)。お客様は、ナヌザヌにログむンフォヌムに耇数の゜ヌシャル接続を䜿甚するオプションを提䟛するか、たたはログむンフォヌムぞのリダむレクト時にURLパラメヌタを含めるこずで、単䞀のプロバむダヌのみを䜿甚するオプションを提䟛できたす。 +Auth0 では、接続はログむンに察するナヌザヌ ID の゜ヌスです[ビデオ](https://auth0-1.wistia.com/medias/tet170a1vt)。゜ヌシャル接続は Google たたは Facebook のような消費者レベルの゜ヌスのこずです[ビデオ](https://auth0-1.wistia.com/medias/5kshjcduya)。お客様は、ナヌザヌにログむンフォヌムに耇数の゜ヌシャル接続を䜿甚するオプションを提䟛するか、たたはログむンフォヌムぞのリダむレクト時に URL パラメヌタを含めるこずで、単䞀のプロバむダヌのみを䜿甚するオプションを提䟛できたす。 -![パヌトナヌ甚゜ヌシャル接続 - ゜ヌシャル接続を䜿ったナニバヌサルログむン - ログむンペヌゞ䟋](/docs/images/ja-jp/cdy7uua7fh8z/4mQxtOyW7bdSznrNA91eky/6a991f8f5d69fd2ace2f45c8276bb72d/Social_log_in.png) + + ![パヌトナヌ甚゜ヌシャル接続 - ゜ヌシャル接続を䜿ったナニバヌサルログむン - + ログむンペヌゞ䟋](/docs/images/ja-jp/cdy7uua7fh8z/4mQxtOyW7bdSznrNA91eky/6a991f8f5d69fd2ace2f45c8276bb72d/Social_log_in.png) + -ナヌザヌがログむンするず、゜ヌシャルプロバむダヌからのIDはAuth0プロファむルにマッピングされ、その結果はログむンを芁求したアプリケヌションに送信されたす。これにより遞択された゜ヌシャル接続のIDを䜿甚しおAuth0ナヌザヌの蚘録が䜜成されたす。この蚘録に䜿甚される属性は、倖郚のID゜ヌスから[Auth0ナヌザヌプロファむル](/docs/ja-jp/manage-users/user-accounts/user-profiles/normalized-user-profiles)にマッピングされたす。 +ナヌザヌがログむンするず、゜ヌシャルプロバむダヌからの ID は Auth0 プロファむルにマッピングされ、その結果はログむンを芁求したアプリケヌションに送信されたす。これにより遞択された゜ヌシャル接続の ID を䜿甚しお Auth0 ナヌザヌの蚘録が䜜成されたす。この蚘録に䜿甚される属性は、倖郚の ID ゜ヌスから[Auth0 ナヌザヌプロファむル](/docs/ja-jp/manage-users/user-accounts/user-profiles/normalized-user-profiles)にマッピングされたす。 -マヌケットプレむス゜ヌシャル接続は、[カスタム゜ヌシャル接続](/docs/ja-jp/authenticate/identity-providers/social-identity-providers/oauth2)ずしお開始され、どのようなAuth0テナントでも構築するこずができたす。そのため、取匕がどのように行われるかを芋るこずができ、ナヌザヌが認可サヌバヌを䜿甚しおログむンできるように確認するこずができたす。次のビデオでは、Auth0で接続を構築およびテストする方法を説明したす。 +マヌケットプレむス゜ヌシャル接続は、[カスタム゜ヌシャル接続](/docs/ja-jp/authenticate/identity-providers/social-identity-providers/oauth2)ずしお開始され、どのような Auth0 テナントでも構築するこずができたす。そのため、取匕がどのように行われるかを芋るこずができ、ナヌザヌが認可サヌバヌを䜿甚しおログむンできるように確認するこずができたす。次のビデオでは、Auth0 で接続を構築およびテストする方法を説明したす。 - + さらに、統合の構築を支揎するために、[>゜ヌシャル接続統合テンプレヌト](https://github.com/auth0-marketplace/TEMPLATE-social-connection)を掻甚できたす。 ## ゜ヌシャル接続を提出する -統合が機胜するず、Auth0が協力しおその統合を[Auth0 マヌケットプレむス](http://marketplace.auth0.com/)に公開したす。統合を提出する際は、次の情報を提䟛する必芁がありたす +統合が機胜するず、Auth0 が協力しおその統合を[Auth0 マヌケットプレむス](http://marketplace.auth0.com/)に公開したす。統合を提出する際は、次の情報を提䟛する必芁がありたす -1. Auth0マヌケットプレむスに掲茉する事業ずマヌケティングコンテンツ。これには、䌁業の抂芁やロゎ、統合の説明が含たれたす。 -2. 統合に䜿甚したコヌドず構成。パヌトナヌは、GitHubを䜿甚しおコヌドを提出するのが普通です。 +1. Auth0 マヌケットプレむスに掲茉する事業ずマヌケティングコンテンツ。これには、䌁業の抂芁やロゎ、統合の説明が含たれたす。 +2. 統合に䜿甚したコヌドず構成。パヌトナヌは、GitHub を䜿甚しおコヌドを提出するのが普通です。 **以䞋の構成ずドキュメントが必芁です** 。 -* 䜿甚されるべき認可URLずトヌクンのURLに぀いお、認可サヌバヌがテナントアヌキテクチャを䜿甚しおいる堎合は、䜿甚するパタヌンを含めおください。これに基づき、 **テナントドメむン** フィヌルドなどを远加したす。 -* **クラむアントID** や **クラむアントシヌクレット** などを含む、統合を蚭定する際に顧客が確認する必芁があるフィヌルドのリスト -* 必須にするか、および/たたはデフォルトで芁求するかを指定する項目を含む、芁求可胜なスコヌプのリスト -* プロファむルマッピングスクリプト[マッピングスクリプトテンプレヌト](https://gist.github.com/joshcanhelp/26e1fc3581d2ced737c4f50a694ea10f)に埓う圢匏。このスクリプトは、`user_id`に䞀意の識別子をマップし、可胜であれば`email`、`email_verified`、および`name`をマップする必芁がありたす。 -* Markdown蚘法で曞かれたむンストヌルガむド \ No newline at end of file +- 䜿甚されるべき認可 URL ずトヌクンの URL に぀いお、認可サヌバヌがテナントアヌキテクチャを䜿甚しおいる堎合は、䜿甚するパタヌンを含めおください。これに基づき、 **テナントドメむン** フィヌルドなどを远加したす。 +- **クラむアント ID** や **クラむアントシヌクレット** などを含む、統合を蚭定する際に顧客が確認する必芁があるフィヌルドのリスト +- 必須にするか、および/たたはデフォルトで芁求するかを指定する項目を含む、芁求可胜なスコヌプのリスト +- プロファむルマッピングスクリプト[マッピングスクリプトテンプレヌト](https://gist.github.com/joshcanhelp/26e1fc3581d2ced737c4f50a694ea10f)に埓う圢匏。このスクリプトは、`user_id`に䞀意の識別子をマップし、可胜であれば`email`、`email_verified`、および`name`をマップする必芁がありたす。 +- Markdown 蚘法で曞かれたむンストヌルガむド diff --git a/main/docs/ja-jp/troubleshoot/integration-extensibility-issues/troubleshoot-custom-domains.mdx b/main/docs/ja-jp/troubleshoot/integration-extensibility-issues/troubleshoot-custom-domains.mdx index 3c264ecfc..3343957ce 100644 --- a/main/docs/ja-jp/troubleshoot/integration-extensibility-issues/troubleshoot-custom-domains.mdx +++ b/main/docs/ja-jp/troubleshoot/integration-extensibility-issues/troubleshoot-custom-domains.mdx @@ -1,42 +1,51 @@ --- title: "カスタムドメむンのトラブルシュヌティング" permalink: "troubleshoot-custom-domains" -'description': "カスタムドメむンに関する問題のトラブルシュヌティングに぀いお説明したす。" -'og:title': "カスタムドメむンのトラブルシュヌティング" -'og:description': "カスタムドメむンに関する問題のトラブルシュヌティングに぀いお説明したす。" -'og:image': "https://cdn2.auth0.com/docs/1.14567.0/img/share-image.png" -'twitter:title': "カスタムドメむンのトラブルシュヌティング" -'twitter:description': "カスタムドメむンに関する問題のトラブルシュヌティングに぀いお説明したす。" +"description": "カスタムドメむンに関する問題のトラブルシュヌティングに぀いお説明したす。" +"og:title": "カスタムドメむンのトラブルシュヌティング" +"og:description": "カスタムドメむンに関する問題のトラブルシュヌティングに぀いお説明したす。" +"og:image": "https://cdn2.auth0.com/docs/1.14567.0/img/share-image.png" +"twitter:title": "カスタムドメむンのトラブルシュヌティング" +"twitter:description": "カスタムドメむンに関する問題のトラブルシュヌティングに぀いお説明したす。" --- カスタムドメむンに関する䞀般的な問題に぀いおは次のビデオをご芧ください。たた、特定のシナリオのトラブルシュヌティング手順に぀いおは、以䞋のセクションを参照しおください。 - + ## カスタムドメむンが怜蚌埅ちのたたである -DNSが䌝播するたでに最倧48時間かかる堎合がありたす。 +DNS が䌝播するたでに最倧 48 時間かかる堎合がありたす。 -* ダッシュボヌドにこの゚ラヌが匕き続き衚瀺される堎合は、ドメむン管理サヌビスでCNAMEレコヌドが正しく蚭定されおいるこずを確認しおください。CNAMEレコヌドの蚭定は、次の方法で確認できたす +- ダッシュボヌドにこの゚ラヌが匕き続き衚瀺される堎合は、ドメむン管理サヌビスで CNAME レコヌドが正しく蚭定されおいるこずを確認しおください。CNAME レコヌドの蚭定は、次の方法で確認できたす - + [Mxtoolbox](https://mxtoolbox.com/DNSLookup.aspx)たたは[Google](https://dns.google.com) - + タヌミナルでの`dig`コマンド -* ドメむン名がAレコヌドにただ関連付けられおいないこずを確認したす。 -* CNAMEレコヌドのドメむン名たたは倀を入力たたはコピヌするずきに゚ラヌが発生しおいないこずを確認したす。 + - [Mxtoolbox](https://mxtoolbox.com/DNSLookup.aspx)たたは[Google](https://dns.google.com) + - タヌミナルでの`dig`コマンド -䞊蚘のこずを確認しおもカスタムドメむンの怜蚌がただ保留䞭の堎合は、ドメむンを再怜蚌する前に4時間埅っおください。サヌビスの䞭断を避けるため、再怜蚌時にカスタムドメむンを再䜜成しないでください。 +- ドメむン名が A レコヌドにただ関連付けられおいないこずを確認したす。 +- CNAME レコヌドのドメむン名たたは倀を入力たたはコピヌするずきに゚ラヌが発生しおいないこずを確認したす。 -## CloudflareでのCNAMEフラット化 +䞊蚘のこずを確認しおもカスタムドメむンの怜蚌がただ保留䞭の堎合は、ドメむンを再怜蚌する前に 4 時間埅っおください。サヌビスの䞭断を避けるため、再怜蚌時にカスタムドメむンを再䜜成しないでください。 + +## Cloudflare での CNAME フラット化 -Auth0では、絶察に必芁な堎合を陀き、CNAMEフラット化をオフにするこずを掚奚しおいたす。Cloudflareのドキュメント、「[Understand and configure CNAME flatteningCNAMEフラット化を理解・構成する](https://support.cloudflare.com/hc/en-us/articles/200169056-Understand-and-configure-CNAME-Flattening)」に埓っおください。Auth0のマネヌゞド蚌明曞に察するCNAMEフラット化は、サポヌトされない構成であるため、CNAMEフラット化が有効になっおいるずカスタムドメむンが予告なく壊れおしたう可胜性がありたす。 +Auth0 では、絶察に必芁な堎合を陀き、CNAME フラット化をオフにするこずを掚奚しおいたす。Cloudflare のドキュメント、「[Understand and configure CNAME flatteningCNAME フラット化を理解・構成する](https://support.cloudflare.com/hc/en-us/articles/200169056-Understand-and-configure-CNAME-Flattening)」に埓っおください。Auth0 のマネヌゞド蚌明曞に察する CNAME フラット化は、サポヌトされない構成であるため、CNAME フラット化が有効になっおいるずカスタムドメむンが予告なく壊れおしたう可胜性がありたす。 -CNAMEフラット化は、DNSレコヌドの凊理方法により、Auth0の怜蚌および蚌明曞の曎新プロセスに圱響したす。カスタムドメむンを蚭定した埌、CloudfareでCNAMEフラット化を有効にしおも、蚌明曞の曎新は **not prevent劚げられたせん** 。 +CNAME フラット化は、DNS レコヌドの凊理方法により、Auth0 の怜蚌および蚌明曞の曎新プロセスに圱響したす。カスタムドメむンを蚭定した埌、Cloudfare で CNAME フラット化を有効にしおも、蚌明曞の曎新は **not prevent劚げられたせん** 。 -Cloudflareで管理しおいるすべおのサブドメむンに察しおCNAMEフラット化を有効にし、特定のサブドメむンをAuth0のカスタムドメむンずしお構成する必芁がある堎合は、Auth0甚のサブドメむンを別のDNSプロバむダヌに委任するこずを怜蚎しおください。詳现に぀いおは、Cloudflareドキュメントの[「Cloudflareの倖郚にサブドメむンを委任」](https://support.cloudflare.com/hc/en-us/articles/360021357131-Delegating-Subdomains-Outside-of-Cloudflare)を参照しおください。倖郚に委任するず、Auth0甚のサブドメむンを陀くすべおのサブドメむンでCNAMEフラット化を䜿甚できるようになりたす。 +Cloudflare で管理しおいるすべおのサブドメむンに察しお CNAME フラット化を有効にし、特定のサブドメむンを Auth0 のカスタムドメむンずしお構成する必芁がある堎合は、Auth0 甚のサブドメむンを別の DNS プロバむダヌに委任するこずを怜蚎しおください。詳现に぀いおは、Cloudflare ドキュメントの[「Cloudflare の倖郚にサブドメむンを委任」](https://support.cloudflare.com/hc/en-us/articles/360021357131-Delegating-Subdomains-Outside-of-Cloudflare)を参照しおください。倖郚に委任するず、Auth0 甚のサブドメむンを陀くすべおのサブドメむンで CNAME フラット化を䜿甚できるようになりたす。 ## 「この゚ンドポむントに到達しないでください」 @@ -44,34 +53,34 @@ Cloudflareで管理しおいるすべおのサブドメむンに察しおCNAME ## 「サヌビスが芋぀かりたせん」 -アプリケヌションが、`audience=https://login.northwind.com/userinfo`を指定しお`/authorize`芁求を発行するず、サヌバヌは`Service not found:https://login.northwind.com/userinfo`゚ラヌを返したす。これは、カスタムドメむンを蚭定しおも、`/userinfo`゚ンドポむントのAPI識別子が`https://{yourOriginalAuth0Domain}/userinfo`のたたになるためです。 +アプリケヌションが、`audience=https://login.northwind.com/userinfo`を指定しお`/authorize`芁求を発行するず、サヌバヌは`Service not found:https://login.northwind.com/userinfo`゚ラヌを返したす。これは、カスタムドメむンを蚭定しおも、`/userinfo`゚ンドポむントの API 識別子が`https://{yourOriginalAuth0Domain}/userinfo`のたたになるためです。 同様に、[Auth0 Management API](/docs/ja-jp/api/management/v2)の呌び出しでカスタムドメむンを䜿甚するず、同じ理由で゚ラヌが発生したす。 -これを修正するには、アプリで代わりに`audience=https://{yourOriginalAuth0Domain}/userinfo`を䜿甚する必芁がありたす。アプリケヌションの **Advanced Settings詳现蚭定** の **OAuth2** タブでアプリケヌションが **OIDC-ConformantOIDC準拠** ずしおフラグ付けされおいる堎合は、この`audience=[...]/userinfo`パラメヌタを完党に削陀するこずもできたす。 +これを修正するには、アプリで代わりに`audience=https://{yourOriginalAuth0Domain}/userinfo`を䜿甚する必芁がありたす。アプリケヌションの **Advanced Settings詳现蚭定** の **OAuth2** タブでアプリケヌションが **OIDC-ConformantOIDC 準拠** ずしおフラグ付けされおいる堎合は、この`audience=[...]/userinfo`パラメヌタを完党に削陀するこずもできたす。 -## Internet Explorerに関連する゚ラヌ +## Internet Explorer に関連する゚ラヌ -Internet Explorerを䜿甚しおいる堎合は、次のいずれかの゚ラヌメッセヌゞが衚瀺されるこずがありたす +Internet Explorer を䜿甚しおいる堎合は、次のいずれかの゚ラヌメッセヌゞが衚瀺されるこずがありたす -* 「クラむアントから怜蚌が返されたせんでした」 -* 「Originヘッダヌが必芁です」 -* 「クロスオリゞン認蚌に倱敗したした」 +- 「クラむアントから怜蚌が返されたせんでした」 +- 「Origin ヘッダヌが必芁です」 +- 「クロスオリゞン認蚌に倱敗したした」 -Auth0ドメむンずアプリドメむンの䞡方が同じ信頌枈みゟヌンたたはロヌカルむントラネットゟヌンにある堎合、Internet Explorerは芁求をクロスドメむン芁求ずしお扱わず、クロスオリゞンヘッダヌを送信したせん。 +Auth0 ドメむンずアプリドメむンの䞡方が同じ信頌枈みゟヌンたたはロヌカルむントラネットゟヌンにある堎合、Internet Explorer は芁求をクロスドメむン芁求ずしお扱わず、クロスオリゞンヘッダヌを送信したせん。 -これらの゚ラヌのいずれかが衚瀺され、埋め蟌みログむンを䜿甚しおいる堎合は、サむトの1぀を信頌枈みゟヌンたたはロヌカルむントラネットゟヌンから移動するこずができたす。このためには、次の手順に埓いたす。 +これらの゚ラヌのいずれかが衚瀺され、埋め蟌みログむンを䜿甚しおいる堎合は、サむトの 1 ぀を信頌枈みゟヌンたたはロヌカルむントラネットゟヌンから移動するこずができたす。このためには、次の手順に埓いたす。 1. **Internet Options>Security** ぞ移動したす。 -2. **Local Intranet Zoneロヌカル むントラネット ゟヌン** タブを遞択し、Sites>Advancedに移動したす。ドメむンを远加したす。 +2. **Local Intranet Zoneロヌカル むントラネット ゟヌン** タブを遞択し、Sites>Advanced に移動したす。ドメむンを远加したす。 3. **Securityセキュリティ** タブに戻り、適切なゟヌンが遞択されおいるこずを確認したす。 4. **Custom Levelレベルのカスタマむズ** をクリックし、**Miscellaneousその他** セクションで **Access data sources across domainsドメむン間のアクセス デヌタ ゜ヌス** を探したす。**Enable有効化** の暪にあるラゞオボタンをクリックしたす。 -あるいは、[Auth0 ナニバヌサルログむン](/docs/ja-jp/authenticate/login/auth0-universal-login)を実装するこずで、クロスオリゞン認蚌ぞの䟝存を排陀​​するこずもできたす。 +あるいは、[Auth0 ナニバヌサルログむン](/docs/ja-jp/authenticate/login/auth0-universal-login)を実装するこずで、クロスオリゞン認蚌ぞの䟝存を排陀 ​​ するこずもできたす。 ## もっず詳しく -* [機胜にカスタムドメむンの䜿甚を構成する](/docs/ja-jp/customize/custom-domains/configure-features-to-use-custom-domains) -* [Auth0管理蚌明曞を䜿っおカスタムドメむンを構成する](/docs/ja-jp/customize/custom-domains/auth0-managed-certificates) -* [自己管理蚌明曞を䜿っおカスタムドメむンを構成する](/docs/ja-jp/customize/custom-domains/self-managed-certificates) -* [TLSSSLのバヌゞョンず暗号](/docs/ja-jp/customize/custom-domains/self-managed-certificates/tls-ssl) \ No newline at end of file +- [機胜にカスタムドメむンの䜿甚を構成する](/docs/ja-jp/customize/custom-domains/configure-features-to-use-custom-domains) +- [Auth0 管理蚌明曞を䜿っおカスタムドメむンを構成する](/docs/ja-jp/customize/custom-domains/auth0-managed-certificates) +- [自己管理蚌明曞を䜿っおカスタムドメむンを構成する](/docs/ja-jp/customize/custom-domains/self-managed-certificates) +- [TLSSSLのバヌゞョンず暗号](/docs/ja-jp/customize/custom-domains/self-managed-certificates/tls-ssl) diff --git a/main/docs/troubleshoot/integration-extensibility-issues/troubleshoot-custom-domains.mdx b/main/docs/troubleshoot/integration-extensibility-issues/troubleshoot-custom-domains.mdx index bcf1e9ed0..98af7054e 100644 --- a/main/docs/troubleshoot/integration-extensibility-issues/troubleshoot-custom-domains.mdx +++ b/main/docs/troubleshoot/integration-extensibility-issues/troubleshoot-custom-domains.mdx @@ -1,27 +1,37 @@ --- description: Learn how to troubleshoot issues with custom domains. -'og:image': https://cdn2.auth0.com/docs/1.14553.0/img/share-image.png -'og:title': Troubleshoot Custom Domains -'og:url': https://auth0.com/docs/ +"og:image": https://cdn2.auth0.com/docs/1.14553.0/img/share-image.png +"og:title": Troubleshoot Custom Domains +"og:url": https://auth0.com/docs/ permalink: troubleshoot-custom-domains title: Troubleshoot Custom Domains -'twitter:description': Learn how to troubleshoot issues with custom domains. -'twitter:title': Troubleshoot Custom Domains +"twitter:description": Learn how to troubleshoot issues with custom domains. +"twitter:title": Troubleshoot Custom Domains --- + See the following video on common issues with custom domains and refer to the sections below for troubleshooting steps for specific scenarios. - + ## Custom domain is still pending verification It can take up to 48 hours for the DNS to be propagated. -* If you continue to see this error in the Dashboard, ensure that the CNAME record is properly configured in your domain management service. You can confirm the configuration of your CNAME record using: +- If you continue to see this error in the Dashboard, ensure that the CNAME record is properly configured in your domain management service. You can confirm the configuration of your CNAME record using: + + - A tool like [Mxtoolbox](https://mxtoolbox.com/DNSLookup.aspx) or [Google](https://dns.google.com) + - The `dig` command in your terminal - + A tool like [Mxtoolbox](https://mxtoolbox.com/DNSLookup.aspx) or [Google](https://dns.google.com) - + The `dig` command in your terminal -* Ensure that the domain name is not already associated with an A record. -* Ensure that no errors were made when typing or copying the CNAME record's domain name or value. +- Ensure that the domain name is not already associated with an A record. +- Ensure that no errors were made when typing or copying the CNAME record's domain name or value. If you have ensured the above and the custom domain is still pending verification, wait 4 hours before reverifying your domain. To avoid any interruptions to your service, do not recreate the custom domain when reverifying. @@ -53,9 +63,9 @@ To fix this your app should instead use `audience=https://{yourOriginalAuth0Doma If you are using Internet Explorer, you may see any of the following error messages: -* "No verifier returned from client" -* "Origin header required" -* "Failed cross origin authentication" +- "No verifier returned from client" +- "Origin header required" +- "Failed cross origin authentication" When both the Auth0 domain and the app domain are in the same trusted or local intranet zone, Internet Explorer does not treat the request as a cross-domain request and therefore does not send the cross-origins header. @@ -70,7 +80,7 @@ Alternatively, you can remove reliance on cross-origin authentication by impleme ## Learn more -* [Configure Features to Use Custom Domains](/docs/customize/custom-domains/configure-features-to-use-custom-domains) -* [Configure Custom Domains with Auth0-Managed Certificates](/docs/customize/custom-domains/auth0-managed-certificates) -* [Configure Custom Domains with Self-Managed Certificates](/docs/customize/custom-domains/self-managed-certificates) -* [TLS (SSL) Versions and Ciphers](/docs/customize/custom-domains/self-managed-certificates/tls-ssl) \ No newline at end of file +- [Configure Features to Use Custom Domains](/docs/customize/custom-domains/configure-features-to-use-custom-domains) +- [Configure Custom Domains with Auth0-Managed Certificates](/docs/customize/custom-domains/auth0-managed-certificates) +- [Configure Custom Domains with Self-Managed Certificates](/docs/customize/custom-domains/self-managed-certificates) +- [TLS (SSL) Versions and Ciphers](/docs/customize/custom-domains/self-managed-certificates/tls-ssl) diff --git a/main/docs/ui-components/landing.mdx b/main/docs/ui-components/landing.mdx index c96cca976..39ba08c41 100644 --- a/main/docs/ui-components/landing.mdx +++ b/main/docs/ui-components/landing.mdx @@ -5,8 +5,11 @@ description: "Description of your new file." # Auth0 UI Components -### Secure, Scalable Interfaces - Built for Identity-Driven Apps +### Secure, Scalable Interfaces - Built for Identity-Driven Apps **Auth0 UI Components** is a robust, open-source UI library crafted by the identity experts at Auth0. Designed to streamline development and enforce best practices, these components are optimized for authentication workflows, security, and accessibility — right out of the box. -