Passer au contenu principal
POST
/
clients
/
{client_id}
/
credentials
TypeScript
import { ManagementClient } from "auth0";

async function main() {
    const client = new ManagementClient({
        token: "<token>",
    });
    await client.clients.credentials.create("client_id", {
        credentialType: "public_key",
    });
}
main();
{
  "id": "cred_1m7sfABoNTTKYwTQ8qt6tX",
  "name": "",
  "kid": "IZSSTECp...",
  "alg": "RS256",
  "credential_type": "public_key",
  "subject_dn": "<string>",
  "thumbprint_sha256": "<string>",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z",
  "expires_at": "2023-11-07T05:31:56Z"
}

Autorisations

Authorization
string
header
requis

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Paramètres de chemin

client_id
string
requis

ID of the client.

Corps

credential_type
enum<string>
requis

The type of credential.

Options disponibles:
public_key,
cert_subject_dn,
x509_cert
name
string
défaut:""

Friendly name for a credential.

Maximum string length: 128
subject_dn
string

Subject Distinguished Name. Mutually exclusive with pem property. Applies to cert_subject_dn credential type.

Required string length: 1 - 256
pem
string
défaut:-----BEGIN PUBLIC KEY----- MIIBIjANBg... -----END PUBLIC KEY-----

PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.

alg
enum<string>
défaut:RS256

Algorithm which will be used with the credential. Can be one of RS256, RS384, PS256. If not specified, RS256 will be used. Applies to public_key credential type.

Options disponibles:
RS256,
RS384,
PS256
parse_expiry_from_cert
boolean
défaut:false

Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. Applies to public_key credential type.

expires_at
string<date-time>
défaut:2023-02-07T12:40:17.807Z

The ISO 8601 formatted date representing the expiration of the credential. If not specified (not recommended), the credential never expires. Applies to public_key credential type.

kid
string

Optional kid (Key ID), used to uniquely identify the credential. If not specified, a kid value will be auto-generated. The kid header parameter in JWTs sent by your client should match this value. Valid format is [0-9a-zA-Z-_]{10,64}

Required string length: 10 - 64
Pattern: ^([0-9a-zA-Z-_]{10,64})$

Réponse

Credential successfully created.

id
string
défaut:cred_1m7sfABoNTTKYwTQ8qt6tX

ID of the credential. Generated on creation.

name
string
défaut:""

The name given to the credential by the user.

kid
string
défaut:IZSSTECp...

The key identifier of the credential, generated on creation.

alg
enum<string>
défaut:RS256

Algorithm which will be used with the credential. Supported algorithms: RS256,RS384,PS256

Options disponibles:
RS256,
RS384,
PS256
credential_type
enum<string>

The type of credential.

Options disponibles:
public_key,
cert_subject_dn,
x509_cert
subject_dn
string

The X509 certificate's Subject Distinguished Name

thumbprint_sha256
string

The X509 certificate's SHA256 thumbprint

created_at
string<date-time>

The ISO 8601 formatted date the credential was created.

updated_at
string<date-time>

The ISO 8601 formatted date the credential was updated.

expires_at
string<date-time>

The ISO 8601 formatted date representing the expiration of the credential.