Auth0 · Schema
ClientSessionTransferConfiguration
Native to Web SSO Configuration
AI AgentsAuthenticationAuthorizationFGAIdentity ManagementMCPOAuthOktaOpenID ConnectSAMLSecuritySCIM
Properties
| Name | Type | Description |
|---|---|---|
| can_create_session_transfer_token | boolean | Indicates whether an app can issue a Session Transfer Token through Token Exchange. If set to 'false', the app will not be able to issue a Session Transfer Token. Usually configured in the native appl |
| enforce_cascade_revocation | boolean | Indicates whether revoking the parent Refresh Token that initiated a Native to Web flow and was used to issue a Session Transfer Token should trigger a cascade revocation affecting its dependent child |
| allowed_authentication_methods | arraynull | Indicates whether an app can create a session from a Session Transfer Token received via indicated methods. Can include `cookie` and/or `query`. Usually configured in the web application. Default valu |
| enforce_device_binding | object | |
| allow_refresh_token | boolean | Indicates whether Refresh Tokens are allowed to be issued when authenticating with a Session Transfer Token. Usually configured in the web application. Default value is `false`. |
| enforce_online_refresh_tokens | boolean | Indicates whether Refresh Tokens created during a Native to Web session are tied to that session's lifetime. This determines if such refresh tokens should be automatically revoked when their correspon |
| delegation | object |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/ClientSessionTransferConfiguration",
"title": "ClientSessionTransferConfiguration",
"type": [
"object",
"null"
],
"description": "Native to Web SSO Configuration",
"additionalProperties": false,
"properties": {
"can_create_session_transfer_token": {
"type": "boolean",
"description": "Indicates whether an app can issue a Session Transfer Token through Token Exchange. If set to 'false', the app will not be able to issue a Session Transfer Token. Usually configured in the native application. Default value is `false`.",
"default": false
},
"enforce_cascade_revocation": {
"type": "boolean",
"description": "Indicates whether revoking the parent Refresh Token that initiated a Native to Web flow and was used to issue a Session Transfer Token should trigger a cascade revocation affecting its dependent child entities. Usually configured in the native application. Default value is `true`, applicable only in Native to Web SSO context.",
"default": true
},
"allowed_authentication_methods": {
"type": [
"array",
"null"
],
"description": "Indicates whether an app can create a session from a Session Transfer Token received via indicated methods. Can include `cookie` and/or `query`. Usually configured in the web application. Default value is an empty array [].",
"items": {
"$ref": "#/components/schemas/ClientSessionTransferAllowedAuthenticationMethodsEnum"
}
},
"enforce_device_binding": {
"$ref": "#/components/schemas/ClientSessionTransferDeviceBindingEnum"
},
"allow_refresh_token": {
"type": "boolean",
"description": "Indicates whether Refresh Tokens are allowed to be issued when authenticating with a Session Transfer Token. Usually configured in the web application. Default value is `false`.",
"default": false
},
"enforce_online_refresh_tokens": {
"type": "boolean",
"description": "Indicates whether Refresh Tokens created during a Native to Web session are tied to that session's lifetime. This determines if such refresh tokens should be automatically revoked when their corresponding sessions are. Usually configured in the web application. Default value is `true`, applicable only in Native to Web SSO context.",
"default": true
},
"delegation": {
"$ref": "#/components/schemas/ClientSessionTransferDelegationConfiguration",
"x-release-lifecycle": "EA"
}
}
}