Last Updated: Dec 16, 2024
Overview
The document Application Settings) describes how the “Allowed Apps / APIs” section should be filled out in an Application. However, there seems to be no information about what a “delegation request” is and make sure delegation requests are completely disabled.
Applies To
- Application Settings
- Advanced Settings
Solution
Delegation is a legacy Auth0 feature that allows the exchange of one token for a different one in some cases. This was deprecated long ago and is not enabled in any new tenants. The “Allowed Apps / APIs” textfield is still shown in all tenants, despite that being disabled.
If the tenant was created after June 8th, 2017, it does not have this enabled, and users will not be able to make any delegation requests. So this can be safely ignored and keep the text field empty.