Connection Options in the Management API
When creating or updating a connection in the Management API, you can include a variety of custom options in the options attribute, such as a password strength for the connection or provider-specific parameters to pass to an Identity Provider.
The following elements are available for the options attribute. These are optional when calling the Create a Connection endpoint or Update a Connection endpoint.
| Element | Type | Description |
|---|---|---|
validation |
object | Allows you to set validation options for this connection. Properties include:
|
passwordPolicy |
string | The strength level of the password. Allowed values include none, low, fair, good, and excellent. Used with database connections. |
password_complexity_options |
object | Allows you to set password complexity options for this connection. Properties include:
|
password_history |
object | When enabled, the system will maintain a password history for each user and prevent the reuse of passwords included in the history. Any existing users in the connection will be unaffected; the system will maintain their password history going forward. Properties include:
|
password_no_personal_info |
object | When enabled, the system will disallow passwords that contain any part of the user's personal data, including the user's name, username, nickname, email, local-part of email, user_metadata.name, user_metadata.first, and user_metadata.last. Properties include:
|
password_dictionary |
object | When enabled, the system will disallow passwords that are part of the password dictionary, which includes a list of the 10,000 most common passwords. You may also customize the dictionary with your own entries. Properties include:
|
basic_profile |
boolean | Indicates that you want basic profile information (email address and email verified flag) stored in the Auth0 User Profile. Used with social and enterprise connections. |
ext_profile |
boolean | Indicates that you want extended profile information (name, public profile URL, photo, gender, birthdate, country, language, and timezone) stored in the Auth0 User Profile. Used with social and enterprise connections. |
ext_admin |
boolean | Indicates that you want to store whether or not the user is a domain administrator. Used with enterprise connections. |
ext_is_suspended |
boolean | Indicates that you want to store whether or not a user's account is suspended. Used with enterprise connections. |
ext_agreed_terms |
boolean | Indicates that you want to store whether or not a user has agreed to the terms of service. Used with enterprise connections. |
ext_groups |
boolean | Indicates that you want to store the distribution list(s) to which a user belongs. Used with enterprise connections. |
ext_assigned_plans |
boolean | Indicates that you want to store a list of the Office 365 assigned plans for the user. Used with the Office 365 enterprise connection, which is deprecated; these connections should be migrated to Azure AD connections. |
api_enable_users |
boolean | When enabled, allows users to make calls to the Google Directory API. Used with enterprise connections. |
upstream_params |
object | Allows you to pass static provider-specific parameters to an Identity Provider for this connection. Not all Identity Providers support upstream parameters, so you will need to check with the Identity Provider before using this element. Properties include:
Used with connections that use Identity Providers. |
requires_username |
boolean | Indicates whether or not a user must provide a username in addition to their email address. |