The auth0-java SDK is a Java client library that provides programmatic access to the Auth0 Authentication API and Management API. It enables server-side Java applications (Java 8+) to authenticate users, manage tokens, and administer Auth0 resources such as users, roles, organizations, clients, and connections.
This page provides a high-level overview of the SDK's architecture, components, and capabilities. For installation and initial setup instructions, see Getting Started. For detailed information about specific components, refer to the respective sections: Authentication Flows, Token Management, Management API Resources, and HTTP Infrastructure.
The auth0-java SDK serves as the official Java client for interacting with Auth0's platform. It abstracts the complexities of HTTP communication, token management, and API request/response handling, providing a type-safe, fluent interface for Java developers.
Current Version: 3.2.0
Maven Coordinates: com.auth0:auth0:3.2.0
Minimum Java Version: Java 8
Platform Target: Server-side JVM applications (Android applications should use Auth0.Android SDK)
Sources: README.md1-50 .version1 gradle.properties1-7
The SDK provides comprehensive functionality across authentication, authorization, and resource management:
| Feature Category | Capabilities |
|---|---|
| Authentication | OAuth 2.0 flows, PKCE, client credentials, authorization code exchange, refresh tokens, passwordless authentication (email/SMS) |
| Multi-Factor Authentication | OTP, OOB, recovery codes, authenticator enrollment and verification |
| Advanced Auth Flows | Pushed Authorization Requests (PAR), JWT-Secured Authorization Requests (JAR), Rich Authorization Requests (RAR), back-channel authentication (CIBA) |
| Token Management | Automatic token refresh, token verification (ID tokens with HS256/RS256), JWKS integration, token revocation |
| Resource Management | Full CRUD operations on users, roles, organizations, clients, connections, actions, log streams, and other Auth0 entities |
| Pagination | Automatic pagination via SyncPagingIterable<T>, checkpoint pagination support |
| Type Safety | Immutable request/response models, nullability annotations, type-safe enums (v3.0+) |
| HTTP Infrastructure | Configurable HTTP client (OkHttp 5.2.1), rate limit handling, telemetry, retry mechanisms |
Sources: README.md17-101 CHANGELOG.md3-79
The auth0-java SDK is organized into two primary API clients that share common infrastructure:
Sources: README.md52-96 Diagram 1 from high-level architecture
Version 3.0 introduced a fundamental architectural change using Fern for code generation. The Management API is now entirely generated from OpenAPI specifications, while the Authentication API and supporting infrastructure remain manually maintained:
Sources: CHANGELOG.md17-79 Diagram 5 from high-level architecture
The AuthAPI class src/main/java/com/auth0/client/auth/AuthAPI.java provides methods for user authentication and token operations:
Key Classes:
AuthAPI src/main/java/com/auth0/client/auth/AuthAPI.javaAuthorizeUrlBuilder src/main/java/com/auth0/client/auth/AuthorizeUrlBuilder.javaIdTokenVerifier src/main/java/com/auth0/json/auth/IdTokenVerifier.javaFor detailed information, see AuthAPI Client and Authentication Flows.
Sources: README.md52-60 Diagram 1 and Diagram 4 from high-level architecture
The ManagementApi class src/main/java/com/auth0/client/mgmt/ManagementApi.java provides hierarchical access to Auth0 resource management operations through sub-clients:
Key Pattern: Hierarchical sub-client access:
ManagementApi client = ManagementApi.builder()
.url("https://tenant.auth0.com/api/v2")
.token(accessToken)
.build();
User user = client.users().get("auth0|user-id", new UserFilter()).execute().getBody();
Role role = client.roles().get("role-id").execute().getBody();
For detailed information, see ManagementAPI Client and Management API Resources.
Sources: README.md62-86 CHANGELOG.md32-40 Diagram 6 from high-level architecture
The SDK provides multiple token management strategies through the TokenProvider interface:
| Implementation | Use Case | Lifecycle |
|---|---|---|
SimpleTokenProvider | Static tokens | Manual management |
ClientCredentialsTokenProvider | M2M applications | Automatic refresh |
| Custom implementations | Specialized scenarios | User-defined |
Token Flow:
AuthAPI → requestToken() → TokenHolder → TokenProvider → ManagementApi
For detailed information, see Token Providers & Strategies.
Sources: README.md74-96 Diagram 4 from high-level architecture
All API requests flow through a layered HTTP architecture:
Key Features:
execute() / executeAsync())For detailed information, see HTTP Infrastructure.
Sources: Diagram 3 from high-level architecture, CHANGELOG.md29-30
Version: 3.2.0 (January 2026)
Major Changes in 3.x:
client.users(), client.roles())SyncPagingIterable<T>ManagementApiExceptionBreaking Changes: Applications migrating from v2.x require code updates. See v3.0 Migration Guide for detailed upgrade instructions.
Sources: .version1 CHANGELOG.md3-79 README.md1-6
| Requirement | Version/Details |
|---|---|
| Java | Java 8 or higher (tested up to Java 17) |
| Build System | Gradle 8.12 or Maven |
| Key Dependencies | OkHttp 5.2.1, Jackson 2.18.2, java-jwt 4.4.0 |
| Platform | Server-side JVM (not Android) |
Sources: README.md26-30 Diagram 2 from high-level architecture
The SDK uses an automated CI/CD pipeline for quality assurance and release management:
Version Management: Centralized in .version1 file, with snapshot support via gradle/versioning.gradle1-18
Sources: gradle/versioning.gradle1-18 gradle/maven-publish.gradle1-102 Diagram 2 from high-level architecture
For more detailed information about specific SDK components and features:
Sources: README.md17-22
Refresh this wiki
This wiki was recently refreshed. Please wait 6 days to refresh again.