aid: auth0 name: Auth0 description: > Auth0 (now part of Okta) is a leading identity-as-a-service platform providing authentication and authorization for applications, APIs, and AI agents. It implements OpenID Connect, OAuth 2.0, SAML 2.0, WS-Federation, and SCIM, and exposes a Management API (OpenAPI 3.1, 221 paths, 2,567 schemas), an Authentication API, a My Account API, a My Organization API, FGA (Fine-Grained Authorization, OpenFGA / Zanzibar-based), and Auth0 for AI Agents — covering Token Vault, asynchronous authorization, Auth for MCP, and FGA for RAG. type: Index image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg tags: - AI Agents - Authentication - Authorization - FGA - Identity Management - MCP - OAuth - Okta - OpenID Connect - SAML - Security - SCIM url: https://raw.githubusercontent.com/api-evangelist/auth0/refs/heads/main/apis.yml created: '2024-04-14' modified: '2026-05-30' specificationVersion: '0.19' apis: - aid: auth0:auth0-management-api name: Auth0 Management API description: > Comprehensive administrative API for managing Auth0 tenants — users, clients, connections, organizations, actions, event streams, branding, logs, roles, resource servers, and more. Published as OpenAPI 3.1 (Beta) with 221 paths and 2,567 schemas. Requires Management API access tokens (Bearer JWT or OAuth 2.0 client credentials). humanURL: https://auth0.com/docs/api/management/v2 baseURL: https://your-tenant.auth0.com/api/v2 tags: - Authentication - Identity - Management - User Management properties: - type: Documentation url: https://auth0.com/docs/api/management/v2 - type: APIReference url: https://auth0.com/docs/api/management/v2 - type: GettingStarted url: https://auth0.com/docs/get-started - type: Authentication url: https://auth0.com/docs/secure/tokens - type: OpenAPI url: openapi/auth0-management-api-openapi.yml - type: OpenAPISource url: https://auth0.com/docs/api/management/openapi.json - type: AsyncAPI url: asyncapi/auth0-log-streams-and-actions-asyncapi.yml - type: SpectralRules url: rules/auth0-management-rules.yml - url: graphql/auth0-graphql.md type: GraphQL - aid: auth0:auth0-authentication-api name: Auth0 Authentication API description: > Authentication endpoints implementing OpenID Connect, OAuth 2.0, SAML 2.0, WS-Federation, and Passwordless. Covers /authorize, /oauth/token (including Token Exchange and Device Code), /v2/logout, /samlp/*, /mfa/*, /passwordless/*, /userinfo, and /dbconnections/*. humanURL: https://auth0.com/docs/api/authentication baseURL: https://your-tenant.auth0.com tags: - Authentication - OAuth - OpenID Connect - SAML - WS-Federation - Passwordless - MFA properties: - type: Documentation url: https://auth0.com/docs/api/authentication - type: APIReference url: https://auth0.com/docs/api/authentication - type: OpenAPI url: openapi/auth0-authentication-api-openapi.yml - type: SpectralRules url: rules/auth0-authentication-rules.yml - aid: auth0:auth0-my-account-api name: Auth0 My Account API description: > User self-service endpoints for managing authentication factors and account settings. Recently extended with ACR enforcement for sensitive scopes. humanURL: https://auth0.com/docs/api/myaccount baseURL: https://your-tenant.auth0.com tags: - Account Management - Authentication - MFA - Self-Service properties: - type: Documentation url: https://auth0.com/docs/api/myaccount - aid: auth0:auth0-my-organization-api name: Auth0 My Organization API description: > Organization-scoped endpoints for B2B customers to manage their own Organizations — IdP configuration, SCIM provisioning, and Home Realm Discovery. humanURL: https://auth0.com/docs/api/myorganization baseURL: https://your-tenant.auth0.com tags: - Authentication - B2B - Identity - Organizations - SCIM properties: - type: Documentation url: https://auth0.com/docs/api/myorganization - aid: auth0:auth0-fga name: Auth0 FGA (Fine-Grained Authorization) description: > Auth0 FGA is the hosted offering of OpenFGA, the CNCF authorization service inspired by Google's Zanzibar. Provides relationship-based access control via stores, authorization models, tuples, check, expand, list-objects, and list-users endpoints. Used for B2B hierarchical permissions and FGA for RAG in AI agent retrieval pipelines. humanURL: https://docs.fga.dev baseURL: https://api.{region}.fga.dev tags: - Authorization - FGA - OpenFGA - Zanzibar - ReBAC properties: - type: Documentation url: https://docs.fga.dev - type: OpenAPI url: openapi/auth0-fga-openapi.yml - type: SpectralRules url: rules/auth0-fga-rules.yml - type: Project url: https://openfga.dev - type: Repository url: https://github.com/openfga/openfga - aid: auth0:auth0-for-ai-agents name: Auth0 for AI Agents description: > Identity and authorization product line for AI agents. Bundles Token Vault (delegated API credentials for Google/GitHub/Slack etc.), asynchronous authorization (human-in-the-loop), Fine-Grained Authorization for RAG, and Auth for MCP (Client ID Metadata Registration + On-Behalf-Of Token Exchange + Resource Parameter Compatibility Mode). GA as of 2026. humanURL: https://auth0.com/ai tags: - AI Agents - MCP - Token Vault - GenAI - RAG properties: - type: Documentation url: https://auth0.com/ai - type: MCPServer url: https://github.com/auth0/auth0-mcp-server - type: AgentSkill url: https://github.com/auth0/agent-skills - type: SDK url: https://auth0.com/docs/libraries common: - type: PostmanWorkspace url: https://www.postman.com/kinlaneapi/auth0/overview - type: ArazzoWorkflows url: arazzo/ workflows: - url: arazzo/auth0-create-client-create-connection-enable-workflow.yml name: Auth0 Create Client, Create Connection and Enable summary: Create a client application, create a connection, and enable the connection for the new client. - url: arazzo/auth0-create-client-grant-to-api-workflow.yml name: Auth0 Create Client and Grant Access to an Existing API summary: Create a client application, grant it access to an existing API audience, then read the grant back. - url: arazzo/auth0-create-connection-enable-client-workflow.yml name: Auth0 Create Connection and Enable for a Client summary: Create an identity connection, enable it for a client application, then list the connection's enabled clients. - url: arazzo/auth0-create-org-add-connection-workflow.yml name: Auth0 Create Organization and Add Connection summary: Create an organization, associate an existing connection with it, then read the association back. - url: arazzo/auth0-create-org-add-members-workflow.yml name: Auth0 Create Organization and Add Members summary: Create an organization, add existing users as members, then list the members. - url: arazzo/auth0-create-org-assign-member-roles-workflow.yml name: Auth0 Create Organization, Add Member and Assign Member Roles summary: Create an organization, add a single user as a member, and assign that member organization-scoped roles. - url: arazzo/auth0-create-org-connection-and-invite-workflow.yml name: Auth0 Create Organization, Attach Connection and Invite a User summary: Create an organization, attach an existing connection, and invite a user to authenticate through it. - url: arazzo/auth0-create-resource-server-role-permissions-workflow.yml name: Auth0 Create API, Role and Bind Permissions summary: Register an API with scopes, create a role, and associate the API's scopes with that role as permissions. - url: arazzo/auth0-create-role-add-permissions-workflow.yml name: Auth0 Create Role and Add Permissions summary: Create a role, associate API permissions with it, then list the role's permissions to confirm. - url: arazzo/auth0-create-role-assign-to-user-workflow.yml name: Auth0 Create Role and Assign to a User summary: Create a role, assign an existing user to it, then list the role's users. - url: arazzo/auth0-create-user-add-to-org-with-roles-workflow.yml name: Auth0 Create User, Add to Organization with Roles summary: >- Create a database user, add them as a member of an existing organization, and assign organization-scoped roles. - url: arazzo/auth0-create-user-assign-permissions-workflow.yml name: Auth0 Create User and Assign Direct Permissions summary: Create a database user, assign direct API permissions, then list those permissions. - url: arazzo/auth0-create-user-assign-roles-workflow.yml name: Auth0 Create User and Assign Roles summary: Create a database user, assign one or more tenant roles, then read the enriched profile back. - url: arazzo/auth0-find-role-assign-users-workflow.yml name: Auth0 Find Role by Name and Assign Users summary: Resolve a role by name filter and, when found, assign users to it. - url: arazzo/auth0-find-user-add-to-org-workflow.yml name: Auth0 Find User by Email and Add to an Organization summary: Resolve a user by email and, when found, add them as a member of an existing organization. - url: arazzo/auth0-find-user-assign-role-workflow.yml name: Auth0 Find User by Email and Assign Role summary: Look up a user by email and, when found, assign tenant roles to that user. - url: arazzo/auth0-invite-user-to-org-workflow.yml name: Auth0 Create Organization and Invite a User summary: Create an organization, create an invitation for a new member, then read the invitation back. - url: arazzo/auth0-offboard-user-revoke-grants-workflow.yml name: Auth0 Offboard User and Revoke Grants summary: Find a user by email, list their authorization grants, and revoke the first grant when present. - url: arazzo/auth0-provision-m2m-app-workflow.yml name: Auth0 Provision Machine-to-Machine Application summary: Create an API (resource server), create a non-interactive client, and grant the client access to the API. - type: LinkedIn url: https://www.linkedin.com/company/auth0 - type: Website url: https://auth0.com/ - type: Documentation url: https://auth0.com/docs/ - type: GettingStarted url: https://auth0.com/docs/get-started - type: Blog url: https://auth0.com/blog/ - type: SignUp url: https://auth0.com/signup - type: Login url: https://manage.auth0.com/ - type: Pricing url: https://auth0.com/pricing - type: Plans url: plans/auth0-plans-pricing.yml - type: RateLimits url: rate-limits/auth0-rate-limits.yml - type: FinOps url: finops/auth0-finops.yml - type: GitHubOrganization url: https://github.com/auth0 - type: StatusPage url: https://status.auth0.com/ - type: Community url: https://community.auth0.com/ - type: Support url: https://support.auth0.com/ - type: TermsOfService url: https://auth0.com/legal/tos - type: PrivacyPolicy url: https://auth0.com/privacy - type: SDK url: https://auth0.com/docs/libraries - type: ChangeLog url: https://auth0.com/changelog - type: AI url: https://auth0.com/ai - type: MCPServer url: https://github.com/auth0/auth0-mcp-server - type: AgentSkill url: https://github.com/auth0/agent-skills - type: Vocabulary url: vocabulary/auth0-vocabulary.yml - type: JSONLD url: json-ld/auth0-context.jsonld - type: SDKLanguages data: - name: JavaScript / TypeScript repos: auth0-spa-js, auth0-react, auth0.js, nextjs-auth0, node-auth0 - name: Go repos: go-jwt-middleware (1,203 stars) - name: Java repos: auth0-java (319 stars) - name: Swift repos: Auth0.swift (445 stars) - name: Kotlin repos: Auth0.Android (287 stars) - name: Ruby repos: ruby-auth0 (204 stars) - name: Python repos: auth0-python - name: PHP repos: auth0-PHP - name: .NET repos: auth0.net - name: Terraform repos: terraform-provider-auth0 (213 stars) - type: Features data: - 'Free: 25,000 MAUs, passwordless, social connections, SCIM, Self-Service SSO' - 'Essentials: $35/mo (B2C) or $150/mo (B2B) starting at 500 MAUs' - 'Professional: $240/mo (B2C) or $800/mo (B2B)' - 'Enterprise custom: 99.99% SLA, private deployment' - Authentication API (OAuth 2.0 / OIDC / SAML / WS-Federation) - Management API (OpenAPI 3.1 Beta, 221 paths, 2,567 schemas) - My Account API (user self-service) - My Organization API (B2B org self-service, SCIM) - FGA — Fine-Grained Authorization (OpenFGA / Zanzibar) - Auth0 for AI Agents — Token Vault, async auth, Auth for MCP, FGA for RAG (GA, 50% of base) - M2M Tokens add-on ($30–$1,200/mo) - 'Authentication API: 100 RPS Free, 200 RPS Paid' - 'Management API: 2 RPS Free, 15 RPS Paid' - Public Performance Burst — Enterprise add-on (2x/3x/4x for up to 48h/month) - Universal Login + Lock customizable UI + ACUL Screen Generator - Actions for custom auth pipeline logic (Node.js) - Event Streams (GA) to EventBridge, Actions, webhooks - Multi-Resource Refresh Tokens (MRRT) GA - Online Refresh Tokens (Beta, session-bound for SPAs) - FGA Permissions Index (Developer Preview) - Organization Discovery by Domain (GA) - Tenant log streaming to SIEM - Bot Detection and Anomaly Detection - Self-Service SSO with SCIM provisioning - Verifiable Credentials - 3B+ attacks blocked monthly; 10B+ authentications monthly; 99.99% uptime SLA sources: - https://auth0.com/ - https://auth0.com/pricing - https://auth0.com/changelog - https://auth0.com/ai updated: '2026-05-22' - type: UseCases data: - name: Customer Identity description: >- Add secure, scalable authentication to customer-facing web and mobile applications with social login and passwordless options. - name: Workforce Identity description: Federate with enterprise IdPs for employee authentication with SSO, MFA, and SCIM provisioning. - name: B2B Identity description: >- Provide multi-tenant identity for SaaS applications with per-customer organization management and custom login flows. - name: API Authorization description: Secure REST and GraphQL APIs using OAuth 2.0 access tokens with audience and scope validation. - name: Machine-to-Machine Auth description: Issue OAuth 2.0 client credentials tokens for service-to-service API authentication without user involvement. - name: AI Agent Identity description: >- Issue dedicated agent identities; broker user-delegated tokens to third-party APIs via Token Vault; enforce FGA on RAG retrieval. - name: MCP Server Authentication description: >- Auth for MCP (GA) secures Model Context Protocol servers using Client ID Metadata Registration and On-Behalf-Of Token Exchange. - type: Integrations data: - name: Okta description: Auth0 is part of Okta, enabling combined workforce and customer identity capabilities. - name: Active Directory / LDAP description: Connect on-premises Active Directory and LDAP directories for enterprise user authentication. - name: Azure AD / Entra ID description: Federate with Azure Active Directory for Microsoft ecosystem authentication and SSO. - name: Salesforce description: Use Auth0 as identity provider for Salesforce apps and customer communities. - name: AWS description: >- Secure AWS API Gateway and Lambda functions with Auth0-issued JWT access tokens; deliver Event Streams to EventBridge. - name: Twilio description: Send OTP and MFA verification codes via Twilio SMS and voice using Auth0 MFA integration. - name: Stripe description: Auth0 is available in the Stripe Projects developer preview. - name: LangChain / LlamaIndex / Vercel AI SDK / Cloudflare Agents / Firebase Genkit description: Auth0 for AI Agents ships SDKs and adapters for the major agent frameworks. - name: Claude Code / Cursor / GitHub Copilot description: >- 27 Auth0 Agent Skills usable with Claude Code, Cursor, GitHub Copilot, and 40+ Agent-Skills-compatible coding assistants. - type: Solutions data: - name: Customer Identity Access Management description: >- Comprehensive CIAM solution for customer-facing applications with self-service registration, social login, and adaptive MFA. - name: Workforce Identity description: Enterprise identity management for employees with federation, MFA, and SSO across all applications. - name: B2B SaaS Identity description: >- Multi-tenant identity infrastructure for SaaS platforms requiring per-customer branding, SSO, and user management. - name: AI Agent Security description: >- Secure agent identity, token vaulting, async authorization, and FGA-powered RAG; named "Most Innovative AI Infrastructure Security Solution 2026." maintainers: - FN: Kin Lane email: kin@apievangelist.com