auth0 · kailash-b · Jun 17, 2025 · May 19, 2025 · May 19, 2025 · May 20, 2025
@@ -3,6 +3,7 @@
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
     <IsPackable>false</IsPackable>
+    <LangVersion>latest</LangVersion>
   </PropertyGroup>
 
   <ItemGroup>

@@ -3,6 +3,7 @@
   <PropertyGroup>
     <TargetFramework>netcoreapp3.1</TargetFramework>
     <IsPackable>false</IsPackable>
+    <LangVersion>latest</LangVersion>
   </PropertyGroup>
 
   <ItemGroup>

@@ -25,6 +25,7 @@
     <NuGetPackageImportStamp>
     </NuGetPackageImportStamp>
     <IsPackable>false</IsPackable>
+    <LangVersion>latest</LangVersion>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <DebugSymbols>true</DebugSymbols>

@@ -4,6 +4,7 @@
     <AssemblyTitle>Auth0.AuthenticationApi</AssemblyTitle>
     <AssemblyName>Auth0.AuthenticationApi</AssemblyName>
     <PackageId>Auth0.AuthenticationApi</PackageId>
+    <LangVersion>latest</LangVersion>
   </PropertyGroup>
   <ItemGroup>
     <ProjectReference Include="..\Auth0.Core\Auth0.Core.csproj" />

@@ -4,6 +4,8 @@
     <AssemblyTitle>Auth0.Core</AssemblyTitle>
     <AssemblyName>Auth0.Core</AssemblyName>
     <PackageId>Auth0.Core</PackageId>
+    <LangVersion>latest</LangVersion>
+    <WarningsAsErrors>nullable</WarningsAsErrors>
   </PropertyGroup>
   <ItemGroup>
     <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />

@@ -16,19 +16,19 @@ public class ApiError
         /// Description of the failing HTTP Status Code.
         /// </summary>
         [JsonProperty("error")]
-        public string Error { get; set; }
+        public string? Error { get; set; }
 
         /// <summary>
         /// Error code returned by the API.
         /// </summary>
         [JsonProperty("errorCode")]
-        public string ErrorCode { get; set; }
+        public string? ErrorCode { get; set; }
 
         /// <summary>
         /// Description of the error.
         /// </summary>
         [JsonProperty("message")]
-        public string Message { get; set; }
+        public string? Message { get; set; }
 
         /// <summary>
         /// Additional key/values that might be returned by the error such as `mfa_required`.
@@ -42,7 +42,7 @@ public class ApiError
         /// <param name="response"><see cref="HttpResponseMessage"/> to parse.</param>
         /// <returns><see cref="Task"/> representing the operation and associated <see cref="ApiError"/> on
         /// successful completion.</returns>
-        public static async Task<ApiError> Parse(HttpResponseMessage response)
+        public static async Task<ApiError?> Parse(HttpResponseMessage? response)
         {
             if (response == null || response.Content == null)
                 return null;
@@ -54,7 +54,7 @@ public static async Task<ApiError> Parse(HttpResponseMessage response)
             return Parse(content);
         }
 
-        internal static ApiError Parse(string content)
+        internal static ApiError? Parse(string content)
         {
             try
             {

@@ -23,7 +23,7 @@ protected ApiException()
         /// Initializes a new instance of the <see cref="ApiException"/> class with a specified error message.
         /// </summary>
         /// <param name="message">The error message that explains the reason for the exception.</param>
-        protected ApiException(string message)
+        protected ApiException(string? message)
             : base(message)
         {
         }

@@ -15,7 +15,7 @@
         /// <summary>
         /// Optional <see cref="Exceptions.ApiError"/> from the failing API call.
         /// </summary>
-        public ApiError ApiError { get; }
+        public ApiError? ApiError { get; }
 
         /// <summary>
         /// <see cref="HttpStatusCode"/> code from the failing API call.
@@ -33,7 +33,7 @@
         /// Initializes a new instance of the <see cref="ErrorApiException"/> class with a specified error message.
         /// </summary>
         /// <param name="message">The error message that explains the reason for the exception.</param>
-        public ErrorApiException(string message)
+        public ErrorApiException(string? message)
             : base(message)
         {
         }
@@ -56,7 +56,7 @@
         /// </summary>
         /// <param name="statusCode"><see cref="HttpStatusCode"/>code of the failing API call.</param>
         /// <param name="apiError">Optional <see cref="ApiError"/> of the failing API call.</param>
-        public ErrorApiException(HttpStatusCode statusCode, ApiError apiError = null)
+        public ErrorApiException(HttpStatusCode statusCode, ApiError? apiError = null)
             : this(apiError == null ? statusCode.ToString() : apiError.Message)
         {
             StatusCode = statusCode;

@@ -5,17 +5,17 @@ namespace Auth0.Core.Exceptions
     /// </summary>
     public class ClientQuotaLimit
     {
-        public QuotaLimit PerHour { get; set; }
-        public QuotaLimit PerDay { get; set; }
+        public QuotaLimit? PerHour { get; set; }
+        public QuotaLimit? PerDay { get; set; }
     }
 
     /// <summary>
     /// Represents the Organization Quota Headers returned as part of the response.
     /// </summary>
     public class OrganizationQuotaLimit
     {
-        public QuotaLimit PerHour { get; set; }
-        public QuotaLimit PerDay { get; set; }
+        public QuotaLimit? PerHour { get; set; }
+        public QuotaLimit? PerDay { get; set; }
     }
 
     /// <summary>

@@ -35,19 +35,19 @@ public class RateLimit
         /// <summary>
         /// Represents Client Quota Headers returned.  
         /// </summary>
-        public ClientQuotaLimit ClientQuotaLimit { get; internal set; }
+        public ClientQuotaLimit? ClientQuotaLimit { get; internal set; }
 
         /// <summary>
         /// Represents Client Quota Headers returned.  
         /// </summary>
-        public OrganizationQuotaLimit OrganizationQuotaLimit { get; internal set; }
+        public OrganizationQuotaLimit? OrganizationQuotaLimit { get; internal set; }
 
         /// <summary>
         /// Parse the rate limit headers into a <see cref="RateLimit"/> object.
         /// </summary>
         /// <param name="headers"><see cref="HttpHeaders"/> to parse.</param>
         /// <returns>Instance of <see cref="RateLimit"/> containing parsed rate limit headers.</returns>
-        public static RateLimit Parse(HttpHeaders headers)
+        public static RateLimit? Parse(HttpHeaders headers)
         {
             var headersKvp = 
                 headers?.ToDictionary(h => h.Key, h => h.Value);
@@ -58,14 +58,14 @@ public static RateLimit Parse(HttpHeaders headers)
                 Remaining = GetHeaderValue(headersKvp, "x-ratelimit-remaining"),
                 Reset = reset == 0 ? null : (DateTimeOffset?)epoch.AddSeconds(reset),
                 RetryAfter = GetHeaderValue(headersKvp, "Retry-After"),
-                ClientQuotaLimit = headersKvp.GetClientQuotaLimit(),
-                OrganizationQuotaLimit = headersKvp.GetOrganizationQuotaLimit()
+                ClientQuotaLimit = headersKvp?.GetClientQuotaLimit(),
+                OrganizationQuotaLimit = headersKvp?.GetOrganizationQuotaLimit()
             };
         }
 
-        private static long GetHeaderValue(IDictionary<string, IEnumerable<string>> headers, string name)
+        private static long GetHeaderValue(IDictionary<string, IEnumerable<string>>? headers, string name)
         {
-            if (headers.TryGetValue(name, out var v) && long.TryParse(v?.FirstOrDefault(), out var value))
+            if (headers != null && headers.TryGetValue(name, out var v) && long.TryParse(v?.FirstOrDefault(), out var value))
                 return value;
 
             return 0;

@@ -14,12 +14,12 @@ public class RateLimitApiException : ApiException
         /// <summary>
         /// <see cref="RateLimit"/> as determined by the server.
         /// </summary>
-        public RateLimit RateLimit { get; }
+        public RateLimit? RateLimit { get; }
 
         /// <summary>
         /// Optional <see cref="Exceptions.ApiError"/> from the failing API call.
         /// </summary>
-        public ApiError ApiError { get; }
+        public ApiError? ApiError { get; }
 
         /// <summary>
         /// Initializes a new instance of the <see cref="RateLimitApiException"/> class.
@@ -31,7 +31,7 @@ public RateLimitApiException() {
         /// Initializes a new instance of the <see cref="RateLimitApiException"/> class with a specified error message.
         /// </summary>
         /// <param name="message">The error message that explains the reason for the exception.</param>
-        public RateLimitApiException(string message) : base(message)
+        public RateLimitApiException(string? message) : base(message)
         {
         }
 
@@ -53,7 +53,7 @@ public RateLimitApiException(string message, Exception innerException)
         /// </summary>
         /// <param name="rateLimit"><see cref="Exceptions.RateLimit"/> received on the API call that failed.</param>
         /// <param name="apiError"><see cref="Exceptions.ApiError"/> received on the API call that failed.</param>
-        public RateLimitApiException(RateLimit rateLimit, ApiError apiError = null)
+        public RateLimitApiException(RateLimit? rateLimit, ApiError? apiError = null)
             : this("Rate limits exceeded")
         {
             RateLimit = rateLimit;

@@ -12,7 +12,7 @@ public static class Extensions
         /// </summary>
         /// <param name="headers">The source response headers</param>
         /// <returns><see cref="ClientQuotaLimit"/></returns>
-        public static ClientQuotaLimit GetClientQuotaLimit(this IDictionary<string, IEnumerable<string>> headers)
+        public static ClientQuotaLimit? GetClientQuotaLimit(this IDictionary<string, IEnumerable<string>> headers)
         {
             return ParseClientLimit(GetRawHeaders(headers, "Auth0-Client-Quota-Limit"));
         }
@@ -22,13 +22,13 @@ public static ClientQuotaLimit GetClientQuotaLimit(this IDictionary<string, IEnu
         /// </summary>
         /// <param name="headers">The source response headers</param>
         /// <returns><see cref="OrganizationQuotaLimit"/></returns>
-        public static OrganizationQuotaLimit GetOrganizationQuotaLimit(
+        public static OrganizationQuotaLimit? GetOrganizationQuotaLimit(
             this IDictionary<string, IEnumerable<string>> headers)
         {
             return ParseOrganizationLimit(GetRawHeaders(headers, "Auth0-Organization-Quota-Limit"));
         }
 
-        internal static string GetRawHeaders(IDictionary<string, IEnumerable<string>> headers, string headerName)
+        internal static string? GetRawHeaders(IDictionary<string, IEnumerable<string>> headers, string headerName)
         {
             if (headers == null)
             {
@@ -37,13 +37,13 @@ internal static string GetRawHeaders(IDictionary<string, IEnumerable<string>> he
             return !headers.TryGetValue(headerName, out var values) ? null : values.FirstOrDefault();
         }
 
-        internal static ClientQuotaLimit ParseClientLimit(string headerValue)
+        internal static ClientQuotaLimit? ParseClientLimit(string? headerValue)
         {
             if (string.IsNullOrEmpty(headerValue))
             {
                 return null;
             }
-            var buckets = headerValue.Split(',');
+            var buckets = headerValue!.Split(',');
             var quotaClientLimit = new ClientQuotaLimit();
             foreach (var eachBucket in buckets)
             {
@@ -61,14 +61,14 @@ internal static ClientQuotaLimit ParseClientLimit(string headerValue)
             return quotaClientLimit;
         }
 
-        internal static OrganizationQuotaLimit ParseOrganizationLimit(string headerValue)
+        internal static OrganizationQuotaLimit? ParseOrganizationLimit(string? headerValue)
         {
             if (string.IsNullOrEmpty(headerValue))
             {
                 return null;
             }
 
-            var buckets = headerValue.Split(',');
+            var buckets = headerValue!.Split(',');
             var quotaOrganizationLimit = new OrganizationQuotaLimit();
             foreach (var eachBucket in buckets)
             {
@@ -85,7 +85,7 @@ internal static OrganizationQuotaLimit ParseOrganizationLimit(string headerValue
             return quotaOrganizationLimit;
         }
 
-        internal static QuotaLimit ParseQuotaLimit(string headerValue, out string bucket)
+        internal static QuotaLimit? ParseQuotaLimit(string headerValue, out string? bucket)
         {
             bucket = null;
 

@@ -19,7 +19,7 @@ internal class ApiErrorConverter : JsonConverter
 
         public override bool CanWrite => false;
 
-        public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
+        public override void WriteJson(JsonWriter writer, object? value, JsonSerializer serializer)
         {
             throw new NotImplementedException();
         }
@@ -29,7 +29,7 @@ public override bool CanConvert(Type objectType)
             return objectType.GetTypeInfo().IsClass;
         }
 
-        public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
+        public override object ReadJson(JsonReader reader, Type objectType, object? existingValue, JsonSerializer serializer)
         {
             var instance = Activator.CreateInstance(objectType);
             var props = objectType.GetTypeInfo().DeclaredProperties.Where(p => p.CanWrite).ToList();
@@ -48,7 +48,7 @@ public override object ReadJson(JsonReader reader, Type objectType, object exist
                 }
                 else if (extraDataProp != null)
                 {
-                    ((IDictionary<string, string>)extraDataProp.GetValue(instance))[name] = jp.Value.ToObject<string>(serializer);
+                    ((IDictionary<string, string?>)extraDataProp.GetValue(instance))[name] = jp.Value.ToObject<string>(serializer);
                 }
             }
 

@@ -8,7 +8,7 @@ internal class StringOrObjectAsStringConverter : JsonConverter
     {
         public override bool CanWrite => false;
 
-        public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
+        public override void WriteJson(JsonWriter writer, object? value, JsonSerializer serializer)
         {
             throw new NotImplementedException();
         }
@@ -18,7 +18,7 @@ public override bool CanConvert(Type objectType)
             return true;
         }
 
-        public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
+        public override object? ReadJson(JsonReader reader, Type objectType, object? existingValue, JsonSerializer serializer)
         {
             var instance = "";
 

@@ -13,8 +13,8 @@ public override bool CanConvert(Type objectType)
             return true;
         }
 
-        public override object ReadJson(
-            JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
+        public override object? ReadJson(
+            JsonReader reader, Type objectType, object? existingValue, JsonSerializer serializer)
         {
             if (reader.TokenType == JsonToken.StartArray)
             {
@@ -32,7 +32,7 @@ public override object ReadJson(
             return null;
         }
 
-        public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
+        public override void WriteJson(JsonWriter writer, object? value, JsonSerializer serializer)
         {
             throw new NotImplementedException();
         }

@@ -34,7 +34,7 @@ internal static string Base64UrlEncode(byte[] input)
             return output;
         }
 
-        internal static Uri BuildUri(string baseUrl, string resource, IDictionary<string, string> urlSegments, IDictionary<string, string> queryStrings, bool includeEmptyParameters = false)
+        internal static Uri BuildUri(string baseUrl, string resource, IDictionary<string, string>? urlSegments, IDictionary<string, string> queryStrings, bool includeEmptyParameters = false)
         {
             resource = ReplaceUrlSegments(resource, urlSegments);
 
@@ -50,7 +50,7 @@ internal static Uri BuildUri(string baseUrl, string resource, IDictionary<string
 
             return new Uri(resource, UriKind.RelativeOrAbsolute);
         }
-        internal static Uri BuildUri(string baseUrl, string resource, IDictionary<string, string> urlSegments, IList<Tuple<string, string>> queryStringsTuple, bool includeEmptyParameters = false)
+        internal static Uri BuildUri(string baseUrl, string resource, IDictionary<string, string>? urlSegments, IList<Tuple<string, string>> queryStringsTuple, bool includeEmptyParameters = false)
         {
             resource = ReplaceUrlSegments(resource, urlSegments);
 
@@ -72,7 +72,7 @@ internal static Uri BuildUri(string baseUrl, string resource, IDictionary<string
         /// See http://stackoverflow.com/a/6704287
         /// </summary>
         /// <param name="uriParts">The URI parts to combine.</param>
-        internal static string CombineUriParts(params string[] uriParts)
+        internal static string CombineUriParts(params string[]? uriParts)
         {
             var uri = string.Empty;
             if (uriParts != null && uriParts.Any())
@@ -110,7 +110,7 @@ private static string AddQueryString(IList<Tuple<string, string>> queryStrings,
             }
             return sb.ToString();
         }
-        private static string AddQueryString(IDictionary<string, string> queryStrings, bool includeEmptyParameters)
+        private static string? AddQueryString(IDictionary<string, string> queryStrings, bool includeEmptyParameters)
         {
             // Add the query strings
             var queryString = queryStrings?.Aggregate(new StringBuilder(), (sb, kvp) =>
@@ -135,7 +135,7 @@ private static string AddQueryString(IDictionary<string, string> queryStrings, b
                 .ToString();
             return queryString;
         }
-        private static string ReplaceUrlSegments(string resource, IDictionary<string, string> urlSegments)
+        private static string ReplaceUrlSegments(string resource, IDictionary<string, string>? urlSegments)
         {
             // Replace the URL Segments
             if (urlSegments == null) return resource;