Auth0 · Schema

RecoveryCode

Some multi-factor authentication (MFA) providers (such as Guardian) support using a recovery code to login. Use this method to authenticate when the user's enrolled device is unavailable, or the user cannot receive the challenge or accept it due to connectivity issues.

AI AgentsAuthenticationAuthorizationFGAIdentity ManagementMCPOAuthOktaOpenID ConnectSAMLSecuritySCIM

Properties

Name Type Description
grant_type string Denotes the flow you are using. For recovery code use http://auth0.com/oauth/grant-type/mfa-recovery-code.
client_id string Your application's Client ID.
client_assertion string A JWT containing a signed assertion with your application credentials. Required when Private Key JWT is your application authentication method.
client_assertion_type string The value is urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method.
client_secret string Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic.
mfa_token string The mfa_token you received from mfa_required error.
recovery_code string Recovery code provided by the end-user.
View JSON Schema on GitHub

JSON Schema

auth0-recoverycode-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/RecoveryCode",
  "title": "RecoveryCode",
  "description": "Some multi-factor authentication (MFA) providers (such as Guardian) support using a recovery code to login. Use this method to authenticate when the user's enrolled device is unavailable, or the user cannot receive the challenge or accept it due to connectivity issues.",
  "type": "object",
  "properties": {
    "grant_type": {
      "type": "string",
      "description": "Denotes the flow you are using. For recovery code use http://auth0.com/oauth/grant-type/mfa-recovery-code."
    },
    "client_id": {
      "type": "string",
      "description": "Your application's Client ID."
    },
    "client_assertion": {
      "type": "string",
      "description": "A JWT containing a signed assertion with your application credentials. Required when Private Key JWT is your application authentication method."
    },
    "client_assertion_type": {
      "type": "string",
      "description": "The value is urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method."
    },
    "client_secret": {
      "type": "string",
      "description": "Your application's Client Secret. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic."
    },
    "mfa_token": {
      "type": "string",
      "description": "The mfa_token you received from mfa_required error."
    },
    "recovery_code": {
      "type": "string",
      "description": "Recovery code provided by the end-user."
    }
  }
}