Auth0 · Schema

PublicKeyCredential

AI AgentsAuthenticationAuthorizationFGAIdentity ManagementMCPOAuthOktaOpenID ConnectSAMLSecuritySCIM

Properties

Name Type Description
credential_type object
name string Friendly name for a credential.
pem string PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.
alg object
parse_expiry_from_cert boolean Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. Applies to `public_key` credential type.
expires_at string The ISO 8601 formatted date representing the expiration of the credential. If not specified (not recommended), the credential never expires. Applies to `public_key` credential type.
kid string Optional kid (Key ID), used to uniquely identify the credential. If not specified, a kid value will be auto-generated. The kid header parameter in JWTs sent by your client should match this value. Val
View JSON Schema on GitHub

JSON Schema

auth0-publickeycredential-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/PublicKeyCredential",
  "title": "PublicKeyCredential",
  "type": "object",
  "additionalProperties": false,
  "required": [
    "credential_type",
    "pem"
  ],
  "properties": {
    "credential_type": {
      "$ref": "#/components/schemas/PublicKeyCredentialTypeEnum"
    },
    "name": {
      "type": "string",
      "description": "Friendly name for a credential.",
      "default": "",
      "maxLength": 128
    },
    "pem": {
      "type": "string",
      "description": "PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.",
      "default": "-----BEGIN PUBLIC KEY-----\r\nMIIBIjANBg...\r\n-----END PUBLIC KEY-----\r\n"
    },
    "alg": {
      "$ref": "#/components/schemas/PublicKeyCredentialAlgorithmEnum"
    },
    "parse_expiry_from_cert": {
      "type": "boolean",
      "description": "Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. Applies to `public_key` credential type.",
      "default": false
    },
    "expires_at": {
      "type": "string",
      "description": "The ISO 8601 formatted date representing the expiration of the credential. If not specified (not recommended), the credential never expires. Applies to `public_key` credential type.",
      "default": "2023-02-07T12:40:17.807Z",
      "format": "date-time"
    },
    "kid": {
      "type": "string",
      "description": "Optional kid (Key ID), used to uniquely identify the credential. If not specified, a kid value will be auto-generated. The kid header parameter in JWTs sent by your client should match this value. Valid format is [0-9a-zA-Z-_]{10,64}",
      "minLength": 10,
      "maxLength": 64,
      "pattern": "^([0-9a-zA-Z-_]{10,64})$"
    }
  }
}