Problem statement
When considering whether to use the “Global_Client_ID” in the development of a custom SSO solution for which SAML connections will be provisioned, the plan is to create a User Interface in a custom dashboard that would allow trusted ‘downstream’ customers to add their Identity Provider as SSO entities.
However, the Auth0 documentation provides very little information about the role of the Global Client.
- Explain the role of the Global Client, the Global Client ID, and the Global Client Secret.
- Describe what relevance they have to modern customer Identity Management and Access projects.
Cause
The concept of the Global Client is largely a legacy feature. For this reason, there is no detailed public documentation.
Solution
The origins of the Global Client
During the process of tenant creation, a Global Client is created and assigned a unique Global Client ID and a Global Client Secret. It is a special client that is not normally visible in the “Applications” section of the dashboard.
The Global Client is also known as the “All Applications” client, so it may reasonably expected to be found in the Applications section of the dashboard:
- Login to the Auth0 dashboard as a tenant member ( Administrator ).
- Navigate Applications > Applications.
- Inspect the list of deployed Applications.
However, no “All Applications” client will be found in the list of deployed applications.
View configuration settings
An examination of the tenant settings will confirm that the Global Client does indeed exist:
- Login to the Auth0 dashboard as a tenant member ( Administrator ).
- Click Settings from the menu.
- Click Advanced option from the horizontal menu.
- Scroll down to see the section called “Global Client Information”.
- The panel shows the unique Global Client ID (omitted from the graphic below) and its associated Global Client Secret.
Further information about the Global Client can be obtained via the Management API. Make a call to the Get-a-Client endpoint ( GET /api/v2/clients/{client-id} ). Provide the Global Client ID as the argument to the call.
Avoid use in new projects
The Global Client ID and Global Client Secret are legacy features, originally intended for use with the old Auth0 API ( Version 1 ), which became end-of-life in July 2020. These parameters are likely to be removed in a future release of Auth0. The Global Client ID should not be used in any new projects.