You can check whether an application is registered with Auth0 as a confidential or public application. To learn more, read Confidential and Public Application. Auth0 determines this based on the Token Endpoint Authentication Method setting, which defines how an application authenticates against the Authentication API /get_token endpoint.

1. Go to Dashboard > Applications > Applications and select the name of the application to view.

2. Under Application Properties, locate the Token Endpoint Authentication Method field.

   

The methods have the following meanings:

• None: Public application without a client secret.

• Post: Application using request body parameters to send a client secret.

• Basic: Application using the HTTP BASIC authentication scheme.

These values map to confidential and public applications as follows:

Application Type	Example	Token Endpoint Authentication Method
Public	Single-page or native	None
Confidential	Regular web or machine-to-machine	Basic, Post, unspecified

Public applications cannot maintain the confidentiality of the credentials required for Token endpoint authentication methods like Post and Basic.