auth0 · sergiught · Jan 10, 2023 · Dec 5, 2022 · Dec 13, 2022 · Dec 15, 2022
diff --git a/docs/auth0_apps_create.md b/docs/auth0_apps_create.md
@@ -21,29 +21,29 @@ auth0 apps create [flags]
   auth0 apps create --name myapp 
   auth0 apps create --name myapp --description <description>
   auth0 apps create --name myapp --description <description> --type [native|spa|regular|m2m]
-  auth0 apps create --name myapp --description <description> --type [native|spa|regular|m2m] --reveal
+  auth0 apps create --name myapp --description <description> --type [native|spa|regular|m2m] --reveal-client-secret
   auth0 apps create -n myapp -d <description> -t [native|spa|regular|m2m] -r --json
 ```
 
 
 ## Flags
 
 ```
-  -a, --auth-method string    Defines the requested authentication method for the token endpoint. Possible values are 'None' (public application without a client secret), 'Post' (application uses HTTP POST parameters) or 'Basic' (application uses HTTP Basic).
-  -c, --callbacks strings     After the user authenticates we will only call back to any of these URLs. You can specify multiple valid URLs by comma-separating them (typically to handle different environments like QA or testing). Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native apps, all callbacks should use protocol https://.
-  -d, --description string    Description of the application. Max character count is 140.
-  -g, --grants strings        List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code.
-      --json                  Output in json format.
-  -l, --logout-urls strings   Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains.
-  -n, --name string           Name of the application.
-  -o, --origins strings       Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.
-  -r, --reveal                Display the Client Secret as part of the command output.
-  -t, --type string           Type of application:
-                              - native: mobile, desktop, CLI and smart device apps running natively.
-                              - spa (single page application): a JavaScript front-end app that uses an API.
-                              - regular: Traditional web app using redirects.
-                              - m2m (machine to machine): CLIs, daemons or services running on your backend.
-  -w, --web-origins strings   Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode.
+  -a, --auth-method string     Defines the requested authentication method for the token endpoint. Possible values are 'None' (public application without a client secret), 'Post' (application uses HTTP POST parameters) or 'Basic' (application uses HTTP Basic).
+  -c, --callbacks strings      After the user authenticates we will only call back to any of these URLs. You can specify multiple valid URLs by comma-separating them (typically to handle different environments like QA or testing). Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native apps, all callbacks should use protocol https://.
+  -d, --description string     Description of the application. Max character count is 140.
+  -g, --grants strings         List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code.
+      --json                   Output in json format.
+  -l, --logout-urls strings    Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains.
+  -n, --name string            Name of the application.
+  -o, --origins strings        Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.
+  -r, --reveal-client-secret   Display the Client Secret as part of the command output.
+  -t, --type string            Type of application:
+                               - native: mobile, desktop, CLI and smart device apps running natively.
+                               - spa (single page application): a JavaScript front-end app that uses an API.
+                               - regular: Traditional web app using redirects.
+                               - m2m (machine to machine): CLIs, daemons or services running on your backend.
+  -w, --web-origins strings    Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode.
 ```
 
 

diff --git a/docs/auth0_apps_list.md b/docs/auth0_apps_list.md
@@ -15,18 +15,18 @@ auth0 apps list [flags]
 ```
   auth0 apps list
   auth0 apps ls
-  auth0 apps list --reveal
-  auth0 apps list --reveal --number 100
+  auth0 apps list --reveal-client-secret
+  auth0 apps list --reveal-client-secret --number 100
   auth0 apps ls -r -n 100 --json
 ```
 
 
 ## Flags
 
 ```
-      --json         Output in json format.
-  -n, --number int   Number of apps to retrieve (default 50)
-  -r, --reveal       Display the Client Secret as part of the command output.
+      --json                   Output in json format.
+  -n, --number int             Number of apps to retrieve (default 50)
+  -r, --reveal-client-secret   Display the Client Secret as part of the command output.
 ```
 
 

diff --git a/docs/auth0_apps_show.md b/docs/auth0_apps_show.md
@@ -15,16 +15,16 @@ auth0 apps show [flags]
 ```
   auth0 apps show
   auth0 apps show <app-id>
-  auth0 apps show <app-id> --reveal
-  auth0 apps show <app-id> --reveal --json
+  auth0 apps show <app-id> --reveal-client-secret
+  auth0 apps show <app-id> --reveal-client-secret --json
 ```
 
 
 ## Flags
 
 ```
-      --json     Output in json format.
-  -r, --reveal   Display the Client Secret as part of the command output.
+      --json                   Output in json format.
+  -r, --reveal-client-secret   Display the Client Secret as part of the command output.
 ```
 
 

diff --git a/docs/auth0_apps_update.md b/docs/auth0_apps_update.md
@@ -21,29 +21,29 @@ auth0 apps update [flags]
   auth0 apps update <app-id> --name myapp
   auth0 apps update <app-id> --name myapp --description <description>
   auth0 apps update <app-id> --name myapp --description <description> --type [native|spa|regular|m2m]
-  auth0 apps update <app-id> --name myapp --description <description> --type [native|spa|regular|m2m] --reveal
+  auth0 apps update <app-id> --name myapp --description <description> --type [native|spa|regular|m2m] --reveal-client-secret
   auth0 apps update <app-id> -n myapp -d <description> -t [native|spa|regular|m2m] -r --json
 ```
 
 
 ## Flags
 
 ```
-  -a, --auth-method string    Defines the requested authentication method for the token endpoint. Possible values are 'None' (public application without a client secret), 'Post' (application uses HTTP POST parameters) or 'Basic' (application uses HTTP Basic).
-  -c, --callbacks strings     After the user authenticates we will only call back to any of these URLs. You can specify multiple valid URLs by comma-separating them (typically to handle different environments like QA or testing). Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native apps, all callbacks should use protocol https://.
-  -d, --description string    Description of the application. Max character count is 140.
-  -g, --grants strings        List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code.
-      --json                  Output in json format.
-  -l, --logout-urls strings   Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains.
-  -n, --name string           Name of the application.
-  -o, --origins strings       Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.
-  -r, --reveal                Display the Client Secret as part of the command output.
-  -t, --type string           Type of application:
-                              - native: mobile, desktop, CLI and smart device apps running natively.
-                              - spa (single page application): a JavaScript front-end app that uses an API.
-                              - regular: Traditional web app using redirects.
-                              - m2m (machine to machine): CLIs, daemons or services running on your backend.
-  -w, --web-origins strings   Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode.
+  -a, --auth-method string     Defines the requested authentication method for the token endpoint. Possible values are 'None' (public application without a client secret), 'Post' (application uses HTTP POST parameters) or 'Basic' (application uses HTTP Basic).
+  -c, --callbacks strings      After the user authenticates we will only call back to any of these URLs. You can specify multiple valid URLs by comma-separating them (typically to handle different environments like QA or testing). Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native apps, all callbacks should use protocol https://.
+  -d, --description string     Description of the application. Max character count is 140.
+  -g, --grants strings         List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code.
+      --json                   Output in json format.
+  -l, --logout-urls strings    Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains.
+  -n, --name string            Name of the application.
+  -o, --origins strings        Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.
+  -r, --reveal-client-secret   Display the Client Secret as part of the command output.
+  -t, --type string            Type of application:
+                               - native: mobile, desktop, CLI and smart device apps running natively.
+                               - spa (single page application): a JavaScript front-end app that uses an API.
+                               - regular: Traditional web app using redirects.
+                               - m2m (machine to machine): CLIs, daemons or services running on your backend.
+  -w, --web-origins strings    Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode.
 ```
 
 

diff --git a/internal/cli/apps.go b/internal/cli/apps.go
@@ -113,9 +113,9 @@ var (
 		Help:       "List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code.",
 		IsRequired: false,
 	}
-	reveal = Flag{
+	revealClientSecret = Flag{
 		Name:      "Reveal",
-		LongForm:  "reveal",
+		LongForm:  "reveal-client-secret",
 		ShortForm: "r",
 		Help:      "Display the Client Secret as part of the command output.",
 	}
@@ -200,8 +200,8 @@ func useAppCmd(cli *cli) *cobra.Command {
 
 func listAppsCmd(cli *cli) *cobra.Command {
 	var inputs struct {
-		Reveal bool
-		Number int
+		RevealClientSecret bool
+		Number             int
 	}
 
 	cmd := &cobra.Command{
@@ -212,8 +212,8 @@ func listAppsCmd(cli *cli) *cobra.Command {
 		Long:    "List your existing applications. To create one, run: `auth0 apps create`.",
 		Example: `  auth0 apps list
   auth0 apps ls
-  auth0 apps list --reveal
-  auth0 apps list --reveal --number 100
+  auth0 apps list --reveal-client-secret
+  auth0 apps list --reveal-client-secret --number 100
   auth0 apps ls -r -n 100 --json`,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			list, err := getWithPagination(
@@ -237,22 +237,22 @@ func listAppsCmd(cli *cli) *cobra.Command {
 			for _, item := range list {
 				typedList = append(typedList, item.(*management.Client))
 			}
-			cli.renderer.ApplicationList(typedList, inputs.Reveal)
+			cli.renderer.ApplicationList(typedList, inputs.RevealClientSecret)
 			return nil
 		},
 	}
 
 	cmd.Flags().BoolVar(&cli.json, "json", false, "Output in json format.")
-	reveal.RegisterBool(cmd, &inputs.Reveal, false)
+	revealClientSecret.RegisterBool(cmd, &inputs.RevealClientSecret, false)
 	number.RegisterInt(cmd, &inputs.Number, defaultPageSize)
 
 	return cmd
 }
 
 func showAppCmd(cli *cli) *cobra.Command {
 	var inputs struct {
-		ID     string
-		Reveal bool
+		ID                 string
+		RevealClientSecret bool
 	}
 
 	cmd := &cobra.Command{
@@ -262,8 +262,8 @@ func showAppCmd(cli *cli) *cobra.Command {
 		Long:  "Display the name, description, app type, and other information about an application.",
 		Example: `  auth0 apps show
   auth0 apps show <app-id>
-  auth0 apps show <app-id> --reveal
-  auth0 apps show <app-id> --reveal --json`,
+  auth0 apps show <app-id> --reveal-client-secret
+  auth0 apps show <app-id> --reveal-client-secret --json`,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			if len(args) == 0 {
 				err := appID.Pick(cmd, &inputs.ID, cli.appPickerOptions)
@@ -284,13 +284,13 @@ func showAppCmd(cli *cli) *cobra.Command {
 				return fmt.Errorf("Unable to load application: %w", err)
 			}
 
-			cli.renderer.ApplicationShow(a, inputs.Reveal)
+			cli.renderer.ApplicationShow(a, inputs.RevealClientSecret)
 			return nil
 		},
 	}
 
 	cmd.Flags().BoolVar(&cli.json, "json", false, "Output in json format.")
-	reveal.RegisterBool(cmd, &inputs.Reveal, false)
+	revealClientSecret.RegisterBool(cmd, &inputs.RevealClientSecret, false)
 
 	return cmd
 }
@@ -348,16 +348,16 @@ func deleteAppCmd(cli *cli) *cobra.Command {
 
 func createAppCmd(cli *cli) *cobra.Command {
 	var inputs struct {
-		Name              string
-		Type              string
-		Description       string
-		Callbacks         []string
-		AllowedOrigins    []string
-		AllowedWebOrigins []string
-		AllowedLogoutURLs []string
-		AuthMethod        string
-		Grants            []string
-		Reveal            bool
+		Name               string
+		Type               string
+		Description        string
+		Callbacks          []string
+		AllowedOrigins     []string
+		AllowedWebOrigins  []string
+		AllowedLogoutURLs  []string
+		AuthMethod         string
+		Grants             []string
+		RevealClientSecret bool
 	}
 	var oidcConformant = true
 	var algorithm = "RS256"
@@ -373,7 +373,7 @@ func createAppCmd(cli *cli) *cobra.Command {
   auth0 apps create --name myapp 
   auth0 apps create --name myapp --description <description>
   auth0 apps create --name myapp --description <description> --type [native|spa|regular|m2m]
-  auth0 apps create --name myapp --description <description> --type [native|spa|regular|m2m] --reveal
+  auth0 apps create --name myapp --description <description> --type [native|spa|regular|m2m] --reveal-client-secret
   auth0 apps create -n myapp -d <description> -t [native|spa|regular|m2m] -r --json`,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			// Prompt for app name
@@ -478,7 +478,7 @@ func createAppCmd(cli *cli) *cobra.Command {
 			}
 
 			// Render result
-			cli.renderer.ApplicationCreate(a, inputs.Reveal)
+			cli.renderer.ApplicationCreate(a, inputs.RevealClientSecret)
 
 			return nil
 		},
@@ -494,24 +494,24 @@ func createAppCmd(cli *cli) *cobra.Command {
 	appLogoutURLs.RegisterStringSlice(cmd, &inputs.AllowedLogoutURLs, nil)
 	appAuthMethod.RegisterString(cmd, &inputs.AuthMethod, "")
 	appGrants.RegisterStringSlice(cmd, &inputs.Grants, nil)
-	reveal.RegisterBool(cmd, &inputs.Reveal, false)
+	revealClientSecret.RegisterBool(cmd, &inputs.RevealClientSecret, false)
 
 	return cmd
 }
 
 func updateAppCmd(cli *cli) *cobra.Command {
 	var inputs struct {
-		ID                string
-		Name              string
-		Type              string
-		Description       string
-		Callbacks         []string
-		AllowedOrigins    []string
-		AllowedWebOrigins []string
-		AllowedLogoutURLs []string
-		AuthMethod        string
-		Grants            []string
-		Reveal            bool
+		ID                 string
+		Name               string
+		Type               string
+		Description        string
+		Callbacks          []string
+		AllowedOrigins     []string
+		AllowedWebOrigins  []string
+		AllowedLogoutURLs  []string
+		AuthMethod         string
+		Grants             []string
+		RevealClientSecret bool
 	}
 
 	cmd := &cobra.Command{
@@ -526,7 +526,7 @@ func updateAppCmd(cli *cli) *cobra.Command {
   auth0 apps update <app-id> --name myapp
   auth0 apps update <app-id> --name myapp --description <description>
   auth0 apps update <app-id> --name myapp --description <description> --type [native|spa|regular|m2m]
-  auth0 apps update <app-id> --name myapp --description <description> --type [native|spa|regular|m2m] --reveal
+  auth0 apps update <app-id> --name myapp --description <description> --type [native|spa|regular|m2m] --reveal-client-secret
   auth0 apps update <app-id> -n myapp -d <description> -t [native|spa|regular|m2m] -r --json`,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			var current *management.Client
@@ -688,7 +688,7 @@ func updateAppCmd(cli *cli) *cobra.Command {
 			}
 
 			// Render result
-			cli.renderer.ApplicationUpdate(a, inputs.Reveal)
+			cli.renderer.ApplicationUpdate(a, inputs.RevealClientSecret)
 
 			return nil
 		},
@@ -704,7 +704,7 @@ func updateAppCmd(cli *cli) *cobra.Command {
 	appLogoutURLs.RegisterStringSliceU(cmd, &inputs.AllowedLogoutURLs, nil)
 	appAuthMethod.RegisterStringU(cmd, &inputs.AuthMethod, "")
 	appGrants.RegisterStringSliceU(cmd, &inputs.Grants, nil)
-	reveal.RegisterBool(cmd, &inputs.Reveal, false)
+	revealClientSecret.RegisterBool(cmd, &inputs.RevealClientSecret, false)
 
 	return cmd
 }

diff --git a/internal/cli/apps_test.go b/internal/cli/apps_test.go
@@ -31,7 +31,7 @@ func TestAppsListCmd(t *testing.T) {
 		},
 		{
 			name: "reveal secrets",
-			args: []string{"--reveal"},
+			args: []string{"--reveal-client-secret"},
 			assertOutput: func(t testing.TB, out string) {
 				expectTable(t, out,
 					[]string{"CLIENT ID", "NAME", "TYPE", "CLIENT SECRET"},