Deprecate Authentication API endpoints #121
Conversation
| @@ -138,7 +138,93 @@ def start_passwordless_sms_flow(phone_number) | |||
| post('/passwordless/start', request_params) | |||
| end | |||
|
|
|||
| # Retrive SAML 2.0 metadata XMLfor an Application. | |||
There was a problem hiding this comment.
typos retrieve and xmlfor
| # @see https://auth0.com/docs/api/authentication#get-user-info | ||
| # @return [json] User information based on the Auth0 access token | ||
| def user_info | ||
| get('/userinfo') |
There was a problem hiding this comment.
this call requires an access_token. How is the user able to pass it? Please add a sample here below my comment, as the tokeninfo method looks different. Also would be nice to validate the presence like here
raise Auth0::InvalidParameter, 'Must supply a valid access_token' if access_token.to_s.empty?There was a problem hiding this comment.
Method was not changed from the original. Will be replacing in another PR/task and deprecating this one. Not added, just moved.
| response_type: options.fetch(:response_type, 'code'), | ||
| connection: options.fetch(:connection, nil), | ||
| redirect_uri: redirect_uri, | ||
| state: options.fetch(:state, nil), |
There was a problem hiding this comment.
It seems I'm not able to pass a nonce value on this call. If true, please track this issue as needs to be solved.
There was a problem hiding this comment.
Method was not changed from the original. Will be replacing in another PR/task and deprecating this one. Not added, just moved.
| # Login using phone number + verification code. | ||
| # @deprecated 4.5.0 - Legacy authentication pipeline; use a Password Grant instead |
There was a problem hiding this comment.
| @@ -204,6 +278,7 @@ def refresh_delegation(refresh_token, target, scope = 'openid', api_type = 'app' | |||
| end | |||
|
|
|||
| # Retrieve a delegation token. | |||
| # @deprecated 4.5.0 - feature is disabled, no replacement currently. | |||
There was a problem hiding this comment.
| @@ -182,6 +255,7 @@ def token_info(id_token) | |||
| end | |||
|
|
|||
| # Refresh a delegation token. | |||
| # @deprecated 4.5.0 - feature is disabled, no replacement currently. | |||
There was a problem hiding this comment.
| @@ -257,6 +333,7 @@ def impersonate(user_id, app_client_id, impersonator_id, options) | |||
| # rubocop:enable Metrics/MethodLength, Metrics/AbcSize | |||
|
|
|||
| # Unlink a user's account from the identity provider. | |||
| # @deprecated 4.5.0 - endpoint is disabled, use the Management API instead. | |||
There was a problem hiding this comment.
joshcanhelp
force-pushed
the
deprecate-auth-endpoints
branch
from
3feba0c to
040f17e
Compare
Note: No functional changes, just an added docblock line and moving the methods in the file.
phone_login- Uses the legacy oauth/ro endpoint. Use a Password Grant instead.token_info- Uses the legacy tokeninfo endpoint. Refer touser_infomethod.delegation- Endpoint is disabled for new tenants. Refer to migration guide.refresh_delegation- Feature is disabled for new tenants. Refer to migration guide.impersonate- Endpoint is disabled. Replacement forthcoming.unlink_user- Endpoint is deprecated. Refer to API v2.