> ## Documentation Index
> Fetch the complete documentation index at: https://ngrok.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Replace



## OpenAPI

````yaml https://raw.githubusercontent.com/ngrok/ngrok-openapi/refs/heads/main/ngrok.yaml put /edges/https/{edge_id}/routes/{id}/oauth
openapi: 3.0.0
info:
  title: ngrok OpenAPI
  version: 1.0.0
servers:
  - url: https://api.ngrok.com
security:
  - authentication: []
paths:
  /edges/https/{edge_id}/routes/{id}/oauth:
    put:
      tags:
        - EdgeRouteOAuthModule
      summary: Replace
      operationId: EdgeRouteOAuthModuleReplace
      parameters:
        - $ref: '#/components/parameters/ngrokVersion'
        - name: edge_id
          in: path
          required: true
          schema:
            type: string
        - name: id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EdgeRouteOAuthReplace'
      responses:
        '200':
          description: n/a
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EndpointOAuth'
components:
  parameters:
    ngrokVersion:
      name: ngrok-version
      in: header
      required: true
      schema:
        type: integer
        default: 2
  schemas:
    EdgeRouteOAuthReplace:
      type: object
      properties:
        edge_id:
          description: n/a
          type: string
        id:
          description: n/a
          type: string
        module:
          $ref: '#/components/schemas/EndpointOAuth'
          description: n/a
    EndpointOAuth:
      type: object
      properties:
        enabled:
          description: >
            `true` if the module will be applied to traffic, `false` to disable.
            default `true` if unspecified
          type: boolean
        provider:
          $ref: '#/components/schemas/EndpointOAuthProvider'
          description: >
            an object which defines the identity provider to use for
            authentication and configuration for who may access the endpoint
        options_passthrough:
          description: >
            Do not enforce authentication on HTTP OPTIONS requests. necessary if
            you are supporting CORS.
          type: boolean
        cookie_prefix:
          description: >
            the prefix of the session cookie that ngrok sets on the http client
            to cache authentication. default is 'ngrok.'
          type: string
        inactivity_timeout:
          description: >
            Integer number of seconds of inactivity after which if the user has
            not accessed the endpoint, their session will time out and they will
            be forced to reauthenticate.
          type: integer
        maximum_duration:
          description: >
            Integer number of seconds of the maximum duration of an
            authenticated session. After this period is exceeded, a user must
            reauthenticate.
          type: integer
        auth_check_interval:
          description: >
            Integer number of seconds after which ngrok guarantees it will
            refresh user state from the identity provider and recheck whether
            the user is still authorized to access the endpoint. This is the
            preferred tunable to use to enforce a minimum amount of time after
            which a revoked user will no longer be able to access the resource.
          type: integer
    EndpointOAuthProvider:
      type: object
      properties:
        github:
          $ref: '#/components/schemas/EndpointOAuthGitHub'
          description: |
            configuration for using github as the identity provider
        facebook:
          $ref: '#/components/schemas/EndpointOAuthFacebook'
          description: |
            configuration for using facebook as the identity provider
        microsoft:
          $ref: '#/components/schemas/EndpointOAuthMicrosoft'
          description: |
            configuration for using microsoft as the identity provider
        google:
          $ref: '#/components/schemas/EndpointOAuthGoogle'
          description: |
            configuration for using google as the identity provider
        linkedin:
          $ref: '#/components/schemas/EndpointOAuthLinkedIn'
          description: |
            configuration for using linkedin as the identity provider
        gitlab:
          $ref: '#/components/schemas/EndpointOAuthGitLab'
          description: |
            configuration for using gitlab as the identity provider
        twitch:
          $ref: '#/components/schemas/EndpointOAuthTwitch'
          description: |
            configuration for using twitch as the identity provider
        amazon:
          $ref: '#/components/schemas/EndpointOAuthAmazon'
          description: |
            configuration for using amazon as the identity provider
    EndpointOAuthGitHub:
      type: object
      properties:
        client_id:
          description: >
            the OAuth app client ID. retrieve it from the identity provider's
            dashboard where you created your own OAuth app. optional. if
            unspecified, ngrok will use its own managed oauth application which
            has additional restrictions. see the OAuth module docs for more
            details. if present, client_secret must be present as well.
          type: string
        client_secret:
          description: >
            the OAuth app client secret. retrieve if from the identity
            provider's dashboard where you created your own OAuth app. optional,
            see all of the caveats in the docs for `client_id`.
          type: string
        scopes:
          description: >
            a list of provider-specific OAuth scopes with the permissions your
            OAuth app would like to ask for. these may not be set if you are
            using the ngrok-managed oauth app (i.e. you must pass both
            `client_id` and `client_secret` to set scopes)
          type: array
          items:
            type: string
        email_addresses:
          description: >
            a list of email addresses of users authenticated by identity
            provider who are allowed access to the endpoint
          type: array
          items:
            type: string
        email_domains:
          description: >
            a list of email domains of users authenticated by identity provider
            who are allowed access to the endpoint
          type: array
          items:
            type: string
        teams:
          description: >
            a list of github teams identifiers. users will be allowed access to
            the endpoint if they are a member of any of these teams. identifiers
            should be in the 'slug' format qualified with the org name, e.g.
            `org-name/team-name`
          type: array
          items:
            type: string
        organizations:
          description: >
            a list of github org identifiers. users who are members of any of
            the listed organizations will be allowed access. identifiers should
            be the organization's 'slug'
          type: array
          items:
            type: string
    EndpointOAuthFacebook:
      type: object
      properties:
        client_id:
          description: >
            the OAuth app client ID. retrieve it from the identity provider's
            dashboard where you created your own OAuth app. optional. if
            unspecified, ngrok will use its own managed oauth application which
            has additional restrictions. see the OAuth module docs for more
            details. if present, client_secret must be present as well.
          type: string
        client_secret:
          description: >
            the OAuth app client secret. retrieve if from the identity
            provider's dashboard where you created your own OAuth app. optional,
            see all of the caveats in the docs for `client_id`.
          type: string
        scopes:
          description: >
            a list of provider-specific OAuth scopes with the permissions your
            OAuth app would like to ask for. these may not be set if you are
            using the ngrok-managed oauth app (i.e. you must pass both
            `client_id` and `client_secret` to set scopes)
          type: array
          items:
            type: string
        email_addresses:
          description: >
            a list of email addresses of users authenticated by identity
            provider who are allowed access to the endpoint
          type: array
          items:
            type: string
        email_domains:
          description: >
            a list of email domains of users authenticated by identity provider
            who are allowed access to the endpoint
          type: array
          items:
            type: string
    EndpointOAuthMicrosoft:
      type: object
      properties:
        client_id:
          description: >
            the OAuth app client ID. retrieve it from the identity provider's
            dashboard where you created your own OAuth app. optional. if
            unspecified, ngrok will use its own managed oauth application which
            has additional restrictions. see the OAuth module docs for more
            details. if present, client_secret must be present as well.
          type: string
        client_secret:
          description: >
            the OAuth app client secret. retrieve if from the identity
            provider's dashboard where you created your own OAuth app. optional,
            see all of the caveats in the docs for `client_id`.
          type: string
        scopes:
          description: >
            a list of provider-specific OAuth scopes with the permissions your
            OAuth app would like to ask for. these may not be set if you are
            using the ngrok-managed oauth app (i.e. you must pass both
            `client_id` and `client_secret` to set scopes)
          type: array
          items:
            type: string
        email_addresses:
          description: >
            a list of email addresses of users authenticated by identity
            provider who are allowed access to the endpoint
          type: array
          items:
            type: string
        email_domains:
          description: >
            a list of email domains of users authenticated by identity provider
            who are allowed access to the endpoint
          type: array
          items:
            type: string
    EndpointOAuthGoogle:
      type: object
      properties:
        client_id:
          description: >
            the OAuth app client ID. retrieve it from the identity provider's
            dashboard where you created your own OAuth app. optional. if
            unspecified, ngrok will use its own managed oauth application which
            has additional restrictions. see the OAuth module docs for more
            details. if present, client_secret must be present as well.
          type: string
        client_secret:
          description: >
            the OAuth app client secret. retrieve if from the identity
            provider's dashboard where you created your own OAuth app. optional,
            see all of the caveats in the docs for `client_id`.
          type: string
        scopes:
          description: >
            a list of provider-specific OAuth scopes with the permissions your
            OAuth app would like to ask for. these may not be set if you are
            using the ngrok-managed oauth app (i.e. you must pass both
            `client_id` and `client_secret` to set scopes)
          type: array
          items:
            type: string
        email_addresses:
          description: >
            a list of email addresses of users authenticated by identity
            provider who are allowed access to the endpoint
          type: array
          items:
            type: string
        email_domains:
          description: >
            a list of email domains of users authenticated by identity provider
            who are allowed access to the endpoint
          type: array
          items:
            type: string
    EndpointOAuthLinkedIn:
      type: object
      properties:
        client_id:
          description: n/a
          type: string
        client_secret:
          description: n/a
          type: string
        scopes:
          description: n/a
          type: array
          items:
            type: string
        email_addresses:
          description: n/a
          type: array
          items:
            type: string
        email_domains:
          description: n/a
          type: array
          items:
            type: string
    EndpointOAuthGitLab:
      type: object
      properties:
        client_id:
          description: n/a
          type: string
        client_secret:
          description: n/a
          type: string
        scopes:
          description: n/a
          type: array
          items:
            type: string
        email_addresses:
          description: n/a
          type: array
          items:
            type: string
        email_domains:
          description: n/a
          type: array
          items:
            type: string
    EndpointOAuthTwitch:
      type: object
      properties:
        client_id:
          description: n/a
          type: string
        client_secret:
          description: n/a
          type: string
        scopes:
          description: n/a
          type: array
          items:
            type: string
        email_addresses:
          description: n/a
          type: array
          items:
            type: string
        email_domains:
          description: n/a
          type: array
          items:
            type: string
    EndpointOAuthAmazon:
      type: object
      properties:
        client_id:
          description: n/a
          type: string
        client_secret:
          description: n/a
          type: string
        scopes:
          description: n/a
          type: array
          items:
            type: string
        email_addresses:
          description: n/a
          type: array
          items:
            type: string
        email_domains:
          description: n/a
          type: array
          items:
            type: string
  securitySchemes:
    authentication:
      type: http
      scheme: bearer

````