terraform-provider-auth0

FEATURES:

• resource/auth0_connection_scim_configuration: Add a resource for managing SCIM(System for Cross-domain Identity Management) configuration. (#980)
• resource/auth0_prompt_custom_text: Add new prompt values (captcha, custom-form, customized-consent, passkeys, phone-identifier-challenge, phone-identifier-enrollment) to the auth0_prompt_custom_text resource. (#985)
• data-source/auth0_connection_scim_configuration: Add a data source for managing SCIM(System for Cross-domain Identity Management) configuration. (#980)

ENHANCEMENTS:

• resource/auth0_tenant: Add support for enable_sso flag (#972)

NOTES:

• resource/auth0_tenant: Deprecated the require-pushed-authorization-requests attribute. (#986)

FEATURES:

• resource/auth0_connection: Add support for is_signup_enabled to support configuring sign-ups with Organization Membership (#974)
• resource/auth0_connection: Add support for show_as_button to allow the button to be disabled in Organization Enterprise connections (#974)
• resource/auth0_resource_server: Add Support for rfc9068_profile and rfc9068_profile_authz Token Dialects in Resource Server Configuration
• data-source/auth0_organization: Add is_signup_enabled to connections to indicate if sign-ups with Organization Membership are enabled (#974)
• data-source/auth0_organization: Add show_as_button to connections to indicatate if button is disabled in Organization Enterprise connections (#974)
  (#973)

ENHANCEMENTS:

• Switched from offset pagination to checkpoint pagination when listing organizations/members to remove the 1000 result limit (#965)

BUG FIXES:

• resource/auth0_organization_member: Resolve an issue where organization members were searched among a limited paginated result (#964)

NOTES:

• resource/auth0_role_permission: Improved documentation by adding resource config and import examples (#963)
• resource/auth0_role_permissions: Improved documentation by adding resource config and import examples (#963)

FEATURES:

• resource/auth0_prompt_partials: Add new resource to manage prompt partials (#918)

ENHANCEMENTS:

• resource/auth0_action: Prevent sending secrets and dependencies config if no changes triggered (#903)

BUG FIXES:

• resource/auth0_connection: Fix PKCE values for OIDC connections (#896)
• resource/auth0_connection: Allow samlp block to be defined as empty and inherit default values (#905)

BUG FIXES:

• resource/auth0_client_grant: Allowing scopes to be set as empty (#888)

FEATURES:

• resource/auth0_tenant: Add support for customize_mfa_in_postlogin_action setting (#871)

ENHANCEMENTS:

• resource/auth0_client: Set default token_endpoint_auth_method based on app_type on creation (#878)

BUG FIXES:

• resource/auth0_tenant: Set default idle_session_lifetime and session_lifetime on import (#849)
• resource/auth0_connection: Prevent panic when checking for database config secrets (#864)
• resource/auth0_branding: Allow deleting the resource even on free tenants (#875)
• data-source/auth0_organization: Fix how we fetch organizations by name (#877)
• resource/auth0_connection: Add support for disable_self_service_change_password on AD connection options (#874)

v1.0.0

NOTES:

• ⚠️ Check our migration guide to navigate the breaking changes that were added in this release.
• This release supports auto generated terraform configuration. Check our guide for more info.

FEATURES:

• resource/auth0_connection: Add support for Line strategy (#818)
• resource/auth0_connection: Add pkce and attribute_map settings to OIDC and Okta Workforce connection options (#815)
• resource/auth0_client: Add support for pushed authorization requests setting (#756)
• resource/auth0_tenant: Add support for pushed authorization requests setting (#756)
• resource/auth0_tenant: Add support for allow_organization_name_in_authentication_api toggle (#832)
• data-source/auth0_pages: Add new data source to retrieve Auth0 pages (#706)
• data-source/auth0_signing_keys: Add new data source to retrieve signing keys for applications (#839)

ENHANCEMENTS:

• resource/auth0_branding: Improve validation for universal login template body (#819)
• resource/auth0_client: Improve DX for managing is_token_endpoint_ip_header_trusted (#796)
• resource/auth0_log_stream: Improve resource schema (#798)
• data-source/auth0_role: Add ability to retrieve users assigned to a role (#758)
• resource/auth0_email_provider: Add support for azure_cs and ms365 email providers (#752)
• resource/auth0_connection: Add support for decryption_key on SAML Connection Options (#755)
• resource/auth0_tenant: Add support for OIDCLogoutPrompt toggle (#754)
• resource/auth0_action: Add support for GA version of Node 18 within runtime field (#709, #722)
• resource/auth0_trigger_actions: Add password-reset-post-challenge to available trigger bindings (#726)
• resource/auth0_trigger_action: Add password-reset-post-challenge to available trigger bindings (#746)
• resource/auth0_*: Improve how we check for 404 errors (#727)
• resource/auth0_client: Add validation to prevent empty mobile block (#742)
• resource/auth0_prompt_custom_text: Add support for six new languages (#732)
• resource/auth0_connection: Add support for map_user_id_to_id options field for Google Workspace connections (#840)

BUG FIXES:

• resource/auth0_prompt_custom_text: Prevent "null" string literal when importing resource (#821)
• resource/auth0_guardian: Remove minor phone.message_types validation (#820)
• resource/auth0_connection: Allow sending null values for from and messagingServiceSID in SMS connection options (#829)
• resource/auth0_connection: Passing-through Google Workspace admin tokens when managing the connection (#830)
• resource/auth0_tenant: Allow creating native apps with device code grant (#833)
• resource/auth0_client_credentials: Stop requiring read:client_keys permission when reading the resource (#795)
• resource/auth0_connection: Passing-through critical connection options for following connection types: Ping Federate, AD, Azure AD, SAML (#802)
• resource/*: Fix pagination issues when fetching resources (#807)
• data-source/*: Fix pagination issues when fetching data sources (#807)
• resource/auth0_client_grant: Add validation to prevent empty string scope values (#793)
• provider: Fix issue with rate limit retry mechanism (#788)
• resource/auth0_client: Prevent sending empty payloads for client addons (#759)
• resource/auth0_connection: Correctly expand shopify connection strategy types (#728)
• data-source/auth0_*: Raise 404 errors when retrieving data sources (#698)

BREAKING CHANGES:

• resource/auth0_client: Formally type the addons sub-properties (#655, #656, #657, #658, #661, #662, #663, #664, #665, #666, #667, #668, #669, #670, #671, #672, #673, #674, #675, #676, #677, #678, #681, #682)
• resource/auth0_user: Remove roles and permissions fields (#703)
• resource/auth0_resource_server: Remove scopes field (#703)
• resource/auth0_global_client: Remove resource (#704)
• data-source/auth0_global_client: Remove data source (#704)
• resource/auth0_tenant: Remove change_password, error_page and guardian_mfa_page fields (#711)
• resource/auth0_tenant: Remove universal_login block (#712)
• resource/auth0_client: Remove client_secret_rotation_trigger field (#711)
• resource/auth0_role: Remove permissions field (#714)
• resource/auth0_organization_member: Remove roles field (#715)
• resource/auth0_client_grant: Rename scope field to scopes (#717)
• resource/auth0_*: Align resource import separators (#718)
• resource/auth0_client: Remove client_secret and token_endpoint_auth_method fields (#725)
• resource/auth0_email: Remove api_user field (#730)
• resource/auth0_connection: Remove enabled_clients field (#730)
• resource/auth0_trigger_binding: Remove resource (#730)
• resource/auth0_email: Rename resource to auth0_email_provider (#731)

NOTES:

• This release supports auto generated terraform configuration. Check our guide for more info.
• ⚠️ Check our migration guide to navigate the breaking changes that were added in this release.

FEATURES:

• resource/auth0_connection: Add support for Line strategy (#818)
• resource/auth0_connection: Add pkce and attribute_map settings to OIDC and Okta Workforce connection options (#815)
• resource/auth0_client: Add support for pushed authorization requests setting (#756)
• resource/auth0_tenant: Add support for pushed authorization requests setting (#756)
• resource/auth0_tenant: Add support for allow_organization_name_in_authentication_api toggle (#832)

ENHANCEMENTS:

• resource/auth0_branding: Improve validation for universal login template body (#819)

BUG FIXES:

• resource/auth0_prompt_custom_text: Prevent "null" string literal when importing resource (#821)
• resource/auth0_guardian: Remove minor phone.message_types validation (#820)
• resource/auth0_connection: Allow sending null values for from and messagingServiceSID in SMS connection options (#829)
• resource/auth0_connection: Passing-through Google Workspace admin tokens when managing the connection (#830)
• resource/auth0_tenant: Allow creating native apps with device code grant (#833)

NOTES:

• ⚠️ Check our migration guide to navigate the breaking changes that were added in this release.

ENHANCEMENTS:

• resource/auth0_client: Improve DX for managing is_token_endpoint_ip_header_trusted (#796)
• resource/auth0_log_stream: Improve resource schema (#798)

BUG FIXES:

• resource/auth0_client_credentials: Stop requiring read:client_keys permission when reading the resource (#795)
• resource/auth0_connection: Passing-through critical connection options for following connection types: Ping Federate, AD, Azure AD, SAML(#802)
• resource/*: Fix pagination issues when fetching resources (#807)
• data-source/*: Fix pagination issues when fetching data sources (#807)

ENHANCEMENTS:

• resource/auth0_action: Add node18 GA (node18-actions) option to runtime(#803)

NOTES:

• ⚠️ Check our migration guide to navigate the breaking changes that were added in this release.

BUG FIXES:

• resource/auth0_client_grant: Add validation to prevent empty string scope values (#793)
• provider: Fix issue with rate limit retry mechanism (#788)

BUG FIXES:

• resource/auth0_connection: Passing-through critical connection options for following connection types: Ping Federate, AD, Azure AD, SAML(#786)

NOTES:

• ⚠️ Check our migration guide to navigate the breaking changes that were added in this release.

ENHANCEMENTS:

• data-source/auth0_role: Add ability to retrieve users assigned to a role (#758)
• resource/auth0_email_provider: Add support for azure_cs and ms365 email providers (#752)
• resource/auth0_connection: Add support for decryption_key on SAML Connection Options (#755)
• resource/auth0_tenant: Add support for OIDCLogoutPrompt toggle (#754)

BUG FIXES:

• resource/auth0_client: Prevent sending empty payloads for client addons (#759)

NOTES:

• ⚠️ Check our migration guide to navigate the breaking changes that were added in this release.

FEATURES:

• data-source/auth0_pages: Add new data source to retrieve Auth0 pages (#706)

ENHANCEMENTS:

• resource/auth0_action: Add support for GA version of Node 18 within runtime field (#709, #722)
• resource/auth0_trigger_actions: Add password-reset-post-challenge to available trigger bindings (#726)
• resource/auth0_trigger_action: Add password-reset-post-challenge to available trigger bindings (#746)
• resource/auth0_*: Improve how we check for 404 errors (#727)
• resource/auth0_client: Add validation to prevent empty mobile block (#742)
• resource/auth0_prompt_custom_text: Add support for six new languages (#732)

BUG FIXES:

• resource/auth0_connection: Correctly expand shopify connection strategy types (#728)
• data-source/auth0_*: Raise 404 errors when retrieving data sources (#698)

BREAKING CHANGES:

• resource/auth0_client: Formally type the addons sub-properties (#655, #656, #657, #658, #661, #662, #663, #664, #665, #666, #667, #668, #669, #670, #671, #672, #673, #674, #675, #676, #677, #678, #681, #682)
• resource/auth0_user: Remove roles and permissions fields (#703)
• resource/auth0_resource_server: Remove scopes field (#703)
• resource/auth0_global_client: Remove resource (#704)
• data-source/auth0_global_client: Remove data source (#704)
• resource/auth0_tenant: Remove change_password, error_page and guardian_mfa_page fields (#711)
• resource/auth0_tenant: Remove universal_login block (#712)
• resource/auth0_client: Remove client_secret_rotation_trigger field (#711)
• resource/auth0_role: Remove permissions field (#714)
• resource/auth0_organization_member: Remove roles field (#715)
• resource/auth0_client_grant: Rename scope field to scopes (#717)
• resource/auth0_*: Align resource import separators (#718)
• resource/auth0_client: Remove client_secret and token_endpoint_auth_method fields (#725)
• resource/auth0_email: Remove api_user field (#730)
• resource/auth0_connection: Remove enabled_clients field (#730)
• resource/auth0_trigger_binding: Remove resource (#730)
• resource/auth0_email: Rename resource to auth0_email_provider (#731)

FEATURES:

• auth0_pages: Add new resource to manage Auth0 pages (change_password, error, guardian_mfa, login) (#691)

ENHANCEMENTS:

• resource/auth0_client: Add post_login_prompt to available options for the organization_require_behavior attribute (#680)
• resource/auth0_connection: Relax metadata validation by not requiring key length to be between 0 and 10 characters (#685)

BUG FIXES:

• resource/auth0_organization_connections, resource/auth0_organization_members: Address a bug causing inconsistencies in the safeguarding process, ensuring reliable protection against erasing unintended modifications (#645)
• resource/auth0_organization_members: Address a bug that prevented the creation of organization members when the member list was empty (#646)
• resource/auth0_connection, resource/auth0_organization_member,resource/auth0_user: Update diffing algorithm to address a bug where the order of additions and removals was causing incorrect results (#650)
• resource/auth0_connection: Remove invalid connection strategies (#694)
• resource/auth0_client: Modify the behavior to only allow the update of the is_token_endpoint_ip_header_trusted setting after the client has been created successfully (#696)
• resource/auth0_branding: Addressed a bug that prevented the deletion of the template when the universal login block was removed (#695)

NOTES:

• ⚠️ Check our migration guide to navigate the deprecations that were added in this release.

FEATURES:

• data-source/auth0_organization: Add members (#615)
• resource/auth0_organization_connections: Add new resource to manage a 1:many relationship between an organization and its enabled connections (#610)
• resource/auth0_organization_members: Add new resource to manage a 1:many relationship between an organization and its members (#614)
• resource/auth0_organization_member_role: Add new resource to manage a 1:1 relationship between an organization member and its roles (#622)
• resource/auth0_organization_member_roles: Add new resource to manage a 1:many relationship between an organization member and its roles (#617)
• resource/auth0_trigger_action: Add new resource to manage a 1:1 relationship between a trigger binding and an action (#612, #621)
• resource/auth0_trigger_actions: Add new resource to manage a 1:many relationship between a trigger binding and actions (#613)

BUG FIXES:

• resource/auth0_client_credentials: Correctly set ID when importing (#608)
• resource/auth0_connection: More consistent set_user_root_attributes behavior for enterprise connections (#619)
• resource/auth0_user_role: Enable importing of resource (#629)
• resource/auth0_user_permissions: Update diffing algorithm to address a bug where the order of additions and removals was causing incorrect results (#630)
• resource/auth0_role_permissions: Update diffing algorithm to address a bug where the order of additions and removals was causing incorrect results (#632)
• resource/auth0_trigger_action: Fix delete logic (#639)

NOTES:

• ⚠️ Check our migration guide
  to navigate the deprecations that were added in this release.

FEATURES:

• resource/auth0_client_credentials: Add new resource to manage client credentials (client_secret, private_key_jwt, authentication_methods) (#588)
• resource/auth0_resource_server_scopes: Add new resource to manage a 1:many relationship between the resource server (API) and its scopes (permissions) (#600)
• resource/auth0_resource_server_scope: Add new resource to manage a 1:1 relationship between the resource server (API) and its scopes (permissions) (#589)

BUG FIXES:

• resource/auth0_connection: Fix json tag for forward_request_info attribute (#591)
• Fix import issue on several resources (auth0_connection_clients, auth0_user_permissions, auth0_user_roles, auth0_role_permissions) (#594, #595, #596, #597)
• resource/auth0_connection: Fix issue with setting set_user_root_attributes to on_each_login for Microsoft Azure AD Connections (#602)

NOTES:

• New guides on how to achieve 0 downtime client credentials were added in this release (#592)
• ⚠️ Check our migration guide to navigate the deprecations that were added in this release.

FEATURES:

• resource/auth0_connection_clients: Add new resource to manage a 1:many relationship between the connection and its enabled clients (#568)
• resource/auth0_user_permission: Add new resource to manage a 1:1 relationship between the user and its permissions (#574)
• resource/auth0_user_permissions: Add new resource to manage a 1:many relationship between the user and its permissions (#578)
• resource/auth0_user_role: Add new resource to manage a 1:1 relationship between the user and its roles (#580)
• resource/auth0_user_roles: Add new resource to manage a 1:many relationship between the user and its roles (#579)
• resource/auth0_role_permission: Add new resource to manage a 1:1 relationship between the role and its permissions (#582)
• resource/auth0_role_permissions: Add new resource to manage a 1:many relationship between the role and its permissions (#583)
• resource/auth0_user: Add new readonly permissions attribute (#572)
• resource/auth0_client: Add OIDC Back-Channel Logout support (#581)
• resource/auth0_role: Add description and resource_server_name read-only fields to permissions (#581)

BUG FIXES:

• Fix created import ID on association resource (#569)

NOTES:

• ⚠️ Check our migration guide to navigate the deprecations that were added in this release.

BUG FIXES:

• resource/auth0_resource_server: Remove invalid options attribute from schema (#551)
• resource/auth0_trigger_binding: Fix trigger import issue (#554)
• data-source/auth0_resource_server: Fix auth0 management api data source not reading scopes (#555)
• resource/auth0_connection: Fix faulty diffs when setting the metadata_xml on a SAML connection (#559)
• resource/auth0_connection_client: Stop overriding internally the imported ID for this resource (#562)
• resource/auth0_organization_connection: Stop overriding internally the imported ID for this resource (#562)
• resource/auth0_organization_member: Stop overriding internally the imported ID for this resource (#562)

FEATURES:

• resource/auth0_guardian: Add support for direct provider within push MFA (#535)

ENHANCEMENTS:

• resource/auth0_tenant: Add support for mfa_show_factor_list_on_enrollment flag (#561)

NOTES:

• ⚠️ The removal of the options attribute from the auth0_resource_server resource, while technically a breaking change,
  should not cause any issues as the API wasn't accepting this parameter.