Configure Client for Sender Constraining

To use Highly Regulated Identity features, you must have an Enterprise Plan with the Highly Regulated Identity add-on. Refer to Auth0 Pricing for details.

When you require Sender Constraining for a client application, access tokens are constrained to that application. Auth0 verifies requests to ensure that only the application that requested the token can use it to access the associated resource. To learn more, read Configure Sender Constraining.

Go to Dashboard>Applications>Applications. Select the application you want to configure.
Under Settings, scroll to Token Sender-Constraining.
Toggle on to Require Sender Constraining. Toggle off to remove the requirement for Sender Constraining for the application.

To configure a client for Sender Constraining, use the Management API.

To require Sender Constraining for a client, send a PATCH request to update the client's settings. Set the require_proof_of_possession parameter to true.

"require_proof_of_possession": true

Was this helpful?

To remove the requirement for Sender Constraining, set the require_proof_of_possession parameter to false.

"require_proof_of_possession": false

Was this helpful?

Was this article helpful?