Skip to main content
POST
https://{tenantDomain}/api/v2
/
organizations
/
{id}
/
client-grants
C#
using Auth0.ManagementApi;
using System.Threading.Tasks;
using Auth0.ManagementApi.Organizations;

public partial class Examples
{
    public async Task Example() {
        var client = new ManagementClient(
            token: "<token>"
        );

        await client.Organizations.ClientGrants.CreateAsync(
            id: "id",
            request: new AssociateOrganizationClientGrantRequestContent {
                GrantId = "grant_id"
            }
        );
    }

}
package example

import (
    context "context"

    client "github.com/auth0/go-auth0/management/management/client"
    option "github.com/auth0/go-auth0/management/management/option"
    organizations "github.com/auth0/go-auth0/management/management/organizations"
)

func do() {
    client := client.NewClient(
        option.WithToken(
            "<token>",
        ),
    )
    request := &organizations.AssociateOrganizationClientGrantRequestContent{
        GrantId: "grant_id",
    }
    client.Organizations.ClientGrants.Create(
        context.TODO(),
        "id",
        request,
    )
}
package com.example.usage;

import com.auth0.client.mgmt.ManagementApi;
import com.auth0.client.mgmt.resources.organizations.clientgrants.requests.AssociateOrganizationClientGrantRequestContent;

public class Example {
    public static void main(String[] args) {
        ManagementApi client = ManagementApi
            .builder()
            .token("<token>")
            .build();

        client.organizations().clientGrants().create(
            "id",
            AssociateOrganizationClientGrantRequestContent
                .builder()
                .grantId("grant_id")
                .build()
        );
    }
}
<?php

namespace Example;

use Auth0\SDK\API\Management\Management;
use Auth0\SDK\API\Management\Organizations\ClientGrants\Requests\AssociateOrganizationClientGrantRequestContent;

$client = new Management(
    token: '<token>',
);
$client->organizations->clientGrants->create(
    'id',
    new AssociateOrganizationClientGrantRequestContent([
        'grantId' => 'grant_id',
    ]),
);
from auth0.management import ManagementClient

client = ManagementClient(
    token="<token>",
)

client.organizations.client_grants.create(
    id="id",
    grant_id="grant_id",
)
require "auth0"

client = Auth0::Management.new(token: "<token>")

client.organizations.client_grants.create(
  id: "id",
  grant_id: "grant_id"
)
import { ManagementClient } from "auth0";

async function main() {
    const client = new ManagementClient({
        token: "<token>",
    });
    await client.organizations.clientGrants.create("id", {
        grantId: "grant_id",
    });
}
main();
import { ManagementClient } from "auth0";

async function main() {
    const client = new ManagementClient({
        token: "<token>",
    });
    await client.organizations.clientGrants.create("id", {
        grantId: "grant_id",
    });
}
main();
curl --request POST \
  --url https://{tenantDomain}/api/v2/organizations/{id}/client-grants \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "grant_id": "<string>"
}
'
{
  "id": "<string>",
  "client_id": "<string>",
  "audience": "<string>",
  "scope": [
    "<string>"
  ],
  "allow_any_organization": true
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

id
string
required

Organization identifier.

Maximum string length: 50

Body

grant_id
string<client-grant-id>
required

A Client Grant ID to add to the organization.

Response

Client Grant successfully associated with Organization.

id
string

ID of the client grant.

client_id
string

ID of the client.

audience
string

The audience (API identifier) of this client grant

Minimum string length: 1
scope
string[]

Scopes allowed for this client grant.

Minimum string length: 1
organization_usage
enum<string>

Defines whether organizations can be used with client credentials exchanges for this grant.

Available options:
deny,
allow,
require
allow_any_organization
boolean

If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations.