This page documents the Connection Management functionality provided by the ConnectionsClient class in the Auth0.NET SDK. Connections represent authentication sources (identity providers) such as database connections, social providers (Google, Facebook), enterprise connections (SAML, AD/LDAP), and passwordless methods.
Connection Management covers:
Sources: src/Auth0.ManagementApi/Clients/ClientsClient.cs15-20 src/Auth0.ManagementApi/Clients/IClientsClient.cs9-10
The ConnectionsClient implements the IConnectionsClient interface. In the latest SDK architecture, it is integrated into the ManagementApiClient facade and is also accessible via the ClientsClient to manage client-specific connection associations.
The following diagram maps the natural language concepts of "Connections" and "Provisioning" to the specific code entities used in the SDK.
Title: Connection Management Entity Mapping
Sources: tests/Auth0.ManagementApi.IntegrationTests/ConnectionTests.cs45-50 tests/Auth0.ManagementApi.IntegrationTests/ConnectionTests.cs64-67 tests/Auth0.ManagementApi.IntegrationTests/ConnectionTests.cs139-144 src/Auth0.ManagementApi/Connections/ScimConfiguration/IScimConfigurationClient.cs32-34
Title: ConnectionsClient Implementation Flow
Sources: src/Auth0.ManagementApi/Clients/ClientsClient.cs11-16 src/Auth0.ManagementApi/Clients/ClientsClient.cs76-119
Connections are managed using CreateConnectionRequestContent and UpdateConnectionRequestContent. Database connections (strategy Auth0) allow for complex ConnectionPropertiesOptions including password policies and script contexts.
Example: Creating a Database Connection tests/Auth0.ManagementApi.IntegrationTests/ConnectionTests.cs43-50 shows the creation pattern:
Key Request Models:
| Class | Usage | Source |
|---|---|---|
CreateConnectionRequestContent | Define name, strategy, and initial options | tests/Auth0.ManagementApi.IntegrationTests/ConnectionTests.cs45 |
UpdateConnectionRequestContent | Update metadata, display name, or options | tests/Auth0.ManagementApi.IntegrationTests/ConnectionTests.cs64 |
ConnectionPropertiesOptions | Strategy-specific settings (scripts, policies) | tests/Auth0.ManagementApi.IntegrationTests/ConnectionTests.cs139 |
ListConnectionsQueryParameters | Filter connections by strategy or name | tests/Auth0.ManagementApi.IntegrationTests/ConnectionTests.cs86-89 |
The ConnectionPropertiesOptions class (often returned as a dictionary in responses) contains granular settings for identity providers.
| Property | Type | Description |
|---|---|---|
PasswordPolicy | ConnectionPasswordPolicyEnum | Security level (None, Low, Fair, Good, Excellent) |
EnableScriptContext | bool | Enables context in custom scripts |
DisableSelfServiceChangePassword | bool | Disables password change UI |
Sources: tests/Auth0.ManagementApi.IntegrationTests/ConnectionTests.cs130-145
The SDK supports SCIM (System for Cross-domain Identity Management) for connections that support automated user provisioning via the ScimConfigurationClient.
Configuration is managed via the ScimConfiguration property on the ConnectionsClient.
| Method | Purpose | Source |
|---|---|---|
ListAsync | Retrieve a list of SCIM configurations of a tenant | src/Auth0.ManagementApi/Connections/ScimConfiguration/IScimConfigurationClient.cs14-18 |
CreateAsync | Create a SCIM configuration for a connection | src/Auth0.ManagementApi/Connections/ScimConfiguration/IScimConfigurationClient.cs32-37 |
GetAsync | Retrieves a SCIM configuration by connection ID | src/Auth0.ManagementApi/Connections/ScimConfiguration/IScimConfigurationClient.cs23-27 |
UpdateAsync | Update attribute mappings or settings | src/Auth0.ManagementApi/Connections/ScimConfiguration/IScimConfigurationClient.cs51-56 |
DeleteAsync | Deletes a SCIM configuration | src/Auth0.ManagementApi/Connections/ScimConfiguration/IScimConfigurationClient.cs42-46 |
Provisioning requires bearer tokens generated for the specific connection, managed via the Tokens property on the SCIM client.
Tokens.CreateAsync takes a CreateScimTokenRequestContent defining scopes and lifetime.Tokens.ListAsync returns a list of existing tokens (metadata only).Sources: src/Auth0.ManagementApi/Connections/ScimConfiguration/IScimConfigurationClient.cs9 src/Auth0.ManagementApi/Connections/ScimConfiguration/ScimConfigurationClient.cs15
Connections must be enabled for specific Auth0 Clients (Applications) to be usable during authentication.
The ConnectionsClient provides methods to query and update which applications can use a connection.
GetEnabledClientsAsync returns a list of clients associated with the connection.UpdateEnabledClientsAsync uses UpdateEnabledClientsRequestContent to bulk enable or disable applications.Conversely, the ClientsClient allows looking up which connections are enabled for a specific application.
src/Auth0.ManagementApi/Clients/ClientsClient.cs20-21 exposes the Connections sub-client on ClientsClient:
Sources: src/Auth0.ManagementApi/Clients/ClientsClient.cs15-20 src/Auth0.ManagementApi/Clients/IClientsClient.cs9
Connection Profiles allow for deeper customization of the user experience and metadata associated with specific identity provider connections.
The ConnectionsClient includes support for the ConnectionProfiles feature, allowing for CRUD operations on profiles linked to a connection ID.
| Method | Request Model |
|---|---|
CreateProfileAsync | CreateConnectionProfileRequestContent |
GetProfileAsync | Retrieves profile by connection ID |
UpdateProfileAsync | UpdateConnectionProfileRequestContent |
DeleteProfileAsync | Removes profile association |
The ConnectionsClient utilizes the RawClient to perform HTTP operations. Responses are deserialized using JsonUtils which leverages System.Text.Json with specific converters for the Fern-generated models.
Title: Connection Data Deserialization Flow
Sources: src/Auth0.ManagementApi/Clients/ClientsClient.cs107-139 tests/Auth0.ManagementApi.IntegrationTests/ConnectionTests.cs58-61 src/Auth0.ManagementApi/Connections/ScimConfiguration/ScimConfigurationClient.cs66-85
Refresh this wiki