Skip to main content
GET
/
resource-servers
TypeScript
import { ManagementClient } from "auth0";

async function main() {
    const client = new ManagementClient({
        token: "<token>",
    });
    await client.resourceServers.list({
        page: 1,
        perPage: 1,
        includeTotals: true,
        includeFields: true,
    });
}
main();
[
  {
    "id": "<string>",
    "name": "<string>",
    "is_system": true,
    "identifier": "<string>",
    "scopes": [
      {
        "value": "<string>",
        "description": "<string>"
      }
    ],
    "signing_alg": "HS256",
    "signing_secret": "<string>",
    "allow_offline_access": true,
    "skip_consent_for_verifiable_first_party_clients": true,
    "token_lifetime": 123,
    "token_lifetime_for_web": 123,
    "enforce_policies": true,
    "token_dialect": "access_token",
    "token_encryption": {
      "format": "compact-nested-jwe",
      "encryption_key": {
        "alg": "RSA-OAEP-256",
        "pem": "-----BEGIN PUBLIC KEY-----\r\nMIIBIjANBg...\r\n-----END PUBLIC KEY-----\r\n",
        "name": "<string>",
        "kid": "<string>"
      }
    },
    "consent_policy": "transactional-authorization-with-mfa",
    "authorization_details": [
      "<unknown>"
    ],
    "proof_of_possession": {
      "mechanism": "mtls",
      "required": true,
      "required_for": "public_clients"
    },
    "subject_type_authorization": {
      "user": {
        "policy": "allow_all"
      },
      "client": {
        "policy": "deny_all"
      }
    },
    "client_id": "<string>"
  }
]

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

identifiers
string[]

An optional filter on the resource server identifier. Must be URL encoded and may be specified multiple times (max 10).
e.g. ../resource-servers?identifiers=id1&identifiers=id2

Minimum string length: 1
page
integer

Page index of the results to return. First page is 0.

Required range: x >= 0
per_page
integer

Number of results per page.

Required range: 1 <= x <= 100
include_totals
boolean

Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).

include_fields
boolean

Whether specified fields are to be included (true) or excluded (false).

Response

Resource servers successfully retrieved.

id
string

ID of the API (resource server).

name
string

Friendly name for this resource server. Can not contain < or > characters.

is_system
boolean

Whether this is an Auth0 system API (true) or a custom API (false).

identifier
string

Unique identifier for the API used as the audience parameter on authorization calls. Can not be changed once set.

scopes
object[]

List of permissions (scopes) that this API uses.

signing_alg
enum<string>
default:HS256

Algorithm used to sign JWTs. Can be HS256 (default) or RS256. PS256 available via addon.

Available options:
HS256,
RS256,
RS512,
PS256
signing_secret
string

Secret used to sign tokens when using symmetric algorithms (HS256).

Minimum string length: 16
allow_offline_access
boolean

Whether refresh tokens can be issued for this API (true) or not (false).

skip_consent_for_verifiable_first_party_clients
boolean

Whether to skip user consent for applications flagged as first party (true) or not (false).

token_lifetime
integer

Expiration value (in seconds) for access tokens issued for this API from the token endpoint.

token_lifetime_for_web
integer

Expiration value (in seconds) for access tokens issued for this API via Implicit or Hybrid Flows. Cannot be greater than the token_lifetime value.

enforce_policies
boolean

Whether authorization polices are enforced (true) or unenforced (false).

token_dialect
enum<string>

Dialect of access tokens that should be issued. access_token is a JWT containing standard Auth0 claims; rfc9068_profile is a JWT conforming to the IETF JWT Access Token Profile. access_token_authz and rfc9068_profile_authz additionally include RBAC permissions claims.

Available options:
access_token,
access_token_authz,
rfc9068_profile,
rfc9068_profile_authz
token_encryption
object
consent_policy
enum<string> | null
Available options:
transactional-authorization-with-mfa,
null
authorization_details
any[] | null
proof_of_possession
object

Proof-of-Possession configuration for access tokens

subject_type_authorization
object

Defines application access permission for a resource server

client_id
string<client-id>

The client ID of the client that this resource server is linked to