aid: auth0 name: Auth0 description: > Auth0 (now part of Okta) is a leading identity-as-a-service platform providing authentication and authorization for applications, APIs, and AI agents. It implements OpenID Connect, OAuth 2.0, SAML 2.0, WS-Federation, and SCIM, and exposes a Management API (OpenAPI 3.1, 221 paths, 2,567 schemas), an Authentication API, a My Account API, a My Organization API, FGA (Fine-Grained Authorization, OpenFGA / Zanzibar-based), and Auth0 for AI Agents — covering Token Vault, asynchronous authorization, Auth for MCP, and FGA for RAG. type: Index image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg tags: - AI Agents - Authentication - Authorization - FGA - Identity Management - MCP - OAuth - Okta - OpenID Connect - SAML - Security - SCIM url: https://raw.githubusercontent.com/api-evangelist/auth0/refs/heads/main/apis.yml created: '2024-04-14' modified: '2026-05-22' specificationVersion: '0.19' apis: - aid: auth0:auth0-management-api name: Auth0 Management API description: > Comprehensive administrative API for managing Auth0 tenants — users, clients, connections, organizations, actions, event streams, branding, logs, roles, resource servers, and more. Published as OpenAPI 3.1 (Beta) with 221 paths and 2,567 schemas. Requires Management API access tokens (Bearer JWT or OAuth 2.0 client credentials). humanURL: https://auth0.com/docs/api/management/v2 baseURL: https://your-tenant.auth0.com/api/v2 tags: - Authentication - Identity - Management - User Management properties: - type: Documentation url: https://auth0.com/docs/api/management/v2 - type: APIReference url: https://auth0.com/docs/api/management/v2 - type: GettingStarted url: https://auth0.com/docs/get-started - type: Authentication url: https://auth0.com/docs/secure/tokens - type: OpenAPI url: openapi/auth0-management-api-openapi.yml - type: OpenAPISource url: https://auth0.com/docs/api/management/openapi.json - type: SpectralRules url: rules/auth0-management-rules.yml - type: NaftikoCapability url: capabilities/auth0-management-actions.yaml - type: NaftikoCapability url: capabilities/auth0-management-anomaly.yaml - type: NaftikoCapability url: capabilities/auth0-management-attack-protection.yaml - type: NaftikoCapability url: capabilities/auth0-management-branding.yaml - type: NaftikoCapability url: capabilities/auth0-management-client-grants.yaml - type: NaftikoCapability url: capabilities/auth0-management-clients.yaml - type: NaftikoCapability url: capabilities/auth0-management-connection-profiles.yaml - type: NaftikoCapability url: capabilities/auth0-management-connections.yaml - type: NaftikoCapability url: capabilities/auth0-management-connections-directory-provisionings.yaml - type: NaftikoCapability url: capabilities/auth0-management-connections-scim-configurations.yaml - type: NaftikoCapability url: capabilities/auth0-management-custom-domains.yaml - type: NaftikoCapability url: capabilities/auth0-management-device-credentials.yaml - type: NaftikoCapability url: capabilities/auth0-management-email-templates.yaml - type: NaftikoCapability url: capabilities/auth0-management-emails.yaml - type: NaftikoCapability url: capabilities/auth0-management-event-streams.yaml - type: NaftikoCapability url: capabilities/auth0-management-events.yaml - type: NaftikoCapability url: capabilities/auth0-management-flows.yaml - type: NaftikoCapability url: capabilities/auth0-management-forms.yaml - type: NaftikoCapability url: capabilities/auth0-management-grants.yaml - type: NaftikoCapability url: capabilities/auth0-management-groups.yaml - type: NaftikoCapability url: capabilities/auth0-management-guardian.yaml - type: NaftikoCapability url: capabilities/auth0-management-hooks.yaml - type: NaftikoCapability url: capabilities/auth0-management-jobs.yaml - type: NaftikoCapability url: capabilities/auth0-management-keys.yaml - type: NaftikoCapability url: capabilities/auth0-management-log-streams.yaml - type: NaftikoCapability url: capabilities/auth0-management-logs.yaml - type: NaftikoCapability url: capabilities/auth0-management-network-acls.yaml - type: NaftikoCapability url: capabilities/auth0-management-organizations.yaml - type: NaftikoCapability url: capabilities/auth0-management-prompts.yaml - type: NaftikoCapability url: capabilities/auth0-management-refresh-tokens.yaml - type: NaftikoCapability url: capabilities/auth0-management-resource-servers.yaml - type: NaftikoCapability url: capabilities/auth0-management-risk-assessments.yaml - type: NaftikoCapability url: capabilities/auth0-management-roles.yaml - type: NaftikoCapability url: capabilities/auth0-management-rules.yaml - type: NaftikoCapability url: capabilities/auth0-management-rules-configs.yaml - type: NaftikoCapability url: capabilities/auth0-management-self-service-profiles.yaml - type: NaftikoCapability url: capabilities/auth0-management-sessions.yaml - type: NaftikoCapability url: capabilities/auth0-management-stats.yaml - type: NaftikoCapability url: capabilities/auth0-management-supplemental-signals.yaml - type: NaftikoCapability url: capabilities/auth0-management-tenants.yaml - type: NaftikoCapability url: capabilities/auth0-management-tickets.yaml - type: NaftikoCapability url: capabilities/auth0-management-token-exchange-profiles.yaml - type: NaftikoCapability url: capabilities/auth0-management-user-attribute-profiles.yaml - type: NaftikoCapability url: capabilities/auth0-management-user-blocks.yaml - type: NaftikoCapability url: capabilities/auth0-management-users.yaml - type: NaftikoCapability url: capabilities/auth0-management-users-by-email.yaml - type: NaftikoCapability url: capabilities/auth0-management-verifiable-credentials.yaml - aid: auth0:auth0-authentication-api name: Auth0 Authentication API description: > Authentication endpoints implementing OpenID Connect, OAuth 2.0, SAML 2.0, WS-Federation, and Passwordless. Covers /authorize, /oauth/token (including Token Exchange and Device Code), /v2/logout, /samlp/*, /mfa/*, /passwordless/*, /userinfo, and /dbconnections/*. humanURL: https://auth0.com/docs/api/authentication baseURL: https://your-tenant.auth0.com tags: - Authentication - OAuth - OpenID Connect - SAML - WS-Federation - Passwordless - MFA properties: - type: Documentation url: https://auth0.com/docs/api/authentication - type: APIReference url: https://auth0.com/docs/api/authentication - type: OpenAPI url: openapi/auth0-authentication-api-openapi.yml - type: SpectralRules url: rules/auth0-authentication-rules.yml - type: NaftikoCapability url: capabilities/auth0-authorize-user.yaml - type: NaftikoCapability url: capabilities/auth0-db-connections.yaml - type: NaftikoCapability url: capabilities/auth0-dbconnections.yaml - type: NaftikoCapability url: capabilities/auth0-deprecated-authenticate.yaml - type: NaftikoCapability url: capabilities/auth0-deprecated-delegated-authentication.yaml - type: NaftikoCapability url: capabilities/auth0-deprecated-impersonation.yaml - type: NaftikoCapability url: capabilities/auth0-deprecated-link-accounts.yaml - type: NaftikoCapability url: capabilities/auth0-deprecated-passwordless.yaml - type: NaftikoCapability url: capabilities/auth0-device-flow.yaml - type: NaftikoCapability url: capabilities/auth0-logout.yaml - type: NaftikoCapability url: capabilities/auth0-mfa.yaml - type: NaftikoCapability url: capabilities/auth0-oauth-token.yaml - type: NaftikoCapability url: capabilities/auth0-oidc.yaml - type: NaftikoCapability url: capabilities/auth0-passwordless.yaml - type: NaftikoCapability url: capabilities/auth0-revoke-refresh-token.yaml - type: NaftikoCapability url: capabilities/auth0-saml.yaml - type: NaftikoCapability url: capabilities/auth0-sso.yaml - type: NaftikoCapability url: capabilities/auth0-user-profile.yaml - type: NaftikoCapability url: capabilities/auth0-ws-fed.yaml - type: NaftikoCapability url: capabilities/auth0-ws-federation.yaml - aid: auth0:auth0-my-account-api name: Auth0 My Account API description: > User self-service endpoints for managing authentication factors and account settings. Recently extended with ACR enforcement for sensitive scopes. humanURL: https://auth0.com/docs/api/myaccount baseURL: https://your-tenant.auth0.com tags: - Account Management - Authentication - MFA - Self-Service properties: - type: Documentation url: https://auth0.com/docs/api/myaccount - aid: auth0:auth0-my-organization-api name: Auth0 My Organization API description: > Organization-scoped endpoints for B2B customers to manage their own Organizations — IdP configuration, SCIM provisioning, and Home Realm Discovery. humanURL: https://auth0.com/docs/api/myorganization baseURL: https://your-tenant.auth0.com tags: - Authentication - B2B - Identity - Organizations - SCIM properties: - type: Documentation url: https://auth0.com/docs/api/myorganization - aid: auth0:auth0-fga name: Auth0 FGA (Fine-Grained Authorization) description: > Auth0 FGA is the hosted offering of OpenFGA, the CNCF authorization service inspired by Google's Zanzibar. Provides relationship-based access control via stores, authorization models, tuples, check, expand, list-objects, and list-users endpoints. Used for B2B hierarchical permissions and FGA for RAG in AI agent retrieval pipelines. humanURL: https://docs.fga.dev baseURL: https://api.{region}.fga.dev tags: - Authorization - FGA - OpenFGA - Zanzibar - ReBAC properties: - type: Documentation url: https://docs.fga.dev - type: OpenAPI url: openapi/auth0-fga-openapi.yml - type: SpectralRules url: rules/auth0-fga-rules.yml - type: NaftikoCapability url: capabilities/auth0-fga.yaml - type: Project url: https://openfga.dev - type: Repository url: https://github.com/openfga/openfga - aid: auth0:auth0-for-ai-agents name: Auth0 for AI Agents description: > Identity and authorization product line for AI agents. Bundles Token Vault (delegated API credentials for Google/GitHub/Slack etc.), asynchronous authorization (human-in-the-loop), Fine-Grained Authorization for RAG, and Auth for MCP (Client ID Metadata Registration + On-Behalf-Of Token Exchange + Resource Parameter Compatibility Mode). GA as of 2026. humanURL: https://auth0.com/ai tags: - AI Agents - MCP - Token Vault - GenAI - RAG properties: - type: Documentation url: https://auth0.com/ai - type: MCPServer url: https://github.com/auth0/auth0-mcp-server - type: AgentSkill url: https://github.com/auth0/agent-skills - type: SDK url: https://auth0.com/docs/libraries common: - type: LinkedIn url: https://www.linkedin.com/company/auth0 - type: Website url: https://auth0.com/ - type: Documentation url: https://auth0.com/docs/ - type: GettingStarted url: https://auth0.com/docs/get-started - type: Blog url: https://auth0.com/blog/ - type: SignUp url: https://auth0.com/signup - type: Login url: https://manage.auth0.com/ - type: Pricing url: https://auth0.com/pricing - type: Plans url: plans/auth0-plans-pricing.yml - type: RateLimits url: rate-limits/auth0-rate-limits.yml - type: FinOps url: finops/auth0-finops.yml - type: GitHubOrganization url: https://github.com/auth0 - type: StatusPage url: https://status.auth0.com/ - type: Community url: https://community.auth0.com/ - type: Support url: https://support.auth0.com/ - type: TermsOfService url: https://auth0.com/legal/tos - type: PrivacyPolicy url: https://auth0.com/privacy - type: SDK url: https://auth0.com/docs/libraries - type: ChangeLog url: https://auth0.com/changelog - type: AI url: https://auth0.com/ai - type: MCPServer url: https://github.com/auth0/auth0-mcp-server - type: AgentSkill url: https://github.com/auth0/agent-skills - type: Vocabulary url: vocabulary/auth0-vocabulary.yml - type: JSONLD url: json-ld/auth0-context.jsonld - type: SDKLanguages data: - name: JavaScript / TypeScript repos: auth0-spa-js, auth0-react, auth0.js, nextjs-auth0, node-auth0 - name: Go repos: go-jwt-middleware (1,203 stars) - name: Java repos: auth0-java (319 stars) - name: Swift repos: Auth0.swift (445 stars) - name: Kotlin repos: Auth0.Android (287 stars) - name: Ruby repos: ruby-auth0 (204 stars) - name: Python repos: auth0-python - name: PHP repos: auth0-PHP - name: .NET repos: auth0.net - name: Terraform repos: terraform-provider-auth0 (213 stars) - type: Features data: - 'Free: 25,000 MAUs, passwordless, social connections, SCIM, Self-Service SSO' - 'Essentials: $35/mo (B2C) or $150/mo (B2B) starting at 500 MAUs' - 'Professional: $240/mo (B2C) or $800/mo (B2B)' - 'Enterprise custom: 99.99% SLA, private deployment' - Authentication API (OAuth 2.0 / OIDC / SAML / WS-Federation) - Management API (OpenAPI 3.1 Beta, 221 paths, 2,567 schemas) - My Account API (user self-service) - My Organization API (B2B org self-service, SCIM) - FGA — Fine-Grained Authorization (OpenFGA / Zanzibar) - Auth0 for AI Agents — Token Vault, async auth, Auth for MCP, FGA for RAG (GA, 50% of base) - M2M Tokens add-on ($30–$1,200/mo) - 'Authentication API: 100 RPS Free, 200 RPS Paid' - 'Management API: 2 RPS Free, 15 RPS Paid' - Public Performance Burst — Enterprise add-on (2x/3x/4x for up to 48h/month) - Universal Login + Lock customizable UI + ACUL Screen Generator - Actions for custom auth pipeline logic (Node.js) - Event Streams (GA) to EventBridge, Actions, webhooks - Multi-Resource Refresh Tokens (MRRT) GA - Online Refresh Tokens (Beta, session-bound for SPAs) - FGA Permissions Index (Developer Preview) - Organization Discovery by Domain (GA) - Tenant log streaming to SIEM - Bot Detection and Anomaly Detection - Self-Service SSO with SCIM provisioning - Verifiable Credentials - 3B+ attacks blocked monthly; 10B+ authentications monthly; 99.99% uptime SLA sources: - https://auth0.com/ - https://auth0.com/pricing - https://auth0.com/changelog - https://auth0.com/ai updated: '2026-05-22' - type: UseCases data: - name: Customer Identity description: Add secure, scalable authentication to customer-facing web and mobile applications with social login and passwordless options. - name: Workforce Identity description: Federate with enterprise IdPs for employee authentication with SSO, MFA, and SCIM provisioning. - name: B2B Identity description: Provide multi-tenant identity for SaaS applications with per-customer organization management and custom login flows. - name: API Authorization description: Secure REST and GraphQL APIs using OAuth 2.0 access tokens with audience and scope validation. - name: Machine-to-Machine Auth description: Issue OAuth 2.0 client credentials tokens for service-to-service API authentication without user involvement. - name: AI Agent Identity description: Issue dedicated agent identities; broker user-delegated tokens to third-party APIs via Token Vault; enforce FGA on RAG retrieval. - name: MCP Server Authentication description: Auth for MCP (GA) secures Model Context Protocol servers using Client ID Metadata Registration and On-Behalf-Of Token Exchange. - type: Integrations data: - name: Okta description: Auth0 is part of Okta, enabling combined workforce and customer identity capabilities. - name: Active Directory / LDAP description: Connect on-premises Active Directory and LDAP directories for enterprise user authentication. - name: Azure AD / Entra ID description: Federate with Azure Active Directory for Microsoft ecosystem authentication and SSO. - name: Salesforce description: Use Auth0 as identity provider for Salesforce apps and customer communities. - name: AWS description: Secure AWS API Gateway and Lambda functions with Auth0-issued JWT access tokens; deliver Event Streams to EventBridge. - name: Twilio description: Send OTP and MFA verification codes via Twilio SMS and voice using Auth0 MFA integration. - name: Stripe description: Auth0 is available in the Stripe Projects developer preview. - name: LangChain / LlamaIndex / Vercel AI SDK / Cloudflare Agents / Firebase Genkit description: Auth0 for AI Agents ships SDKs and adapters for the major agent frameworks. - name: Claude Code / Cursor / GitHub Copilot description: 27 Auth0 Agent Skills usable with Claude Code, Cursor, GitHub Copilot, and 40+ Agent-Skills-compatible coding assistants. - type: Solutions data: - name: Customer Identity Access Management description: Comprehensive CIAM solution for customer-facing applications with self-service registration, social login, and adaptive MFA. - name: Workforce Identity description: Enterprise identity management for employees with federation, MFA, and SSO across all applications. - name: B2B SaaS Identity description: Multi-tenant identity infrastructure for SaaS platforms requiring per-customer branding, SSO, and user management. - name: AI Agent Security description: Secure agent identity, token vaulting, async authorization, and FGA-powered RAG; named "Most Innovative AI Infrastructure Security Solution 2026." maintainers: - FN: Kin Lane email: kin@apievangelist.com