auth0 · avanscoy · Jan 24, 2025 · Jan 24, 2025
diff --git a/articles/api/authentication/_login.md b/articles/api/authentication/_login.md
@@ -245,8 +245,8 @@ curl --location 'https://[TENANT_DOMAIN]/bc-authorize' \
 | `binding_message` <br/><span class="label label-danger">Required</span> | Human-readable string displayed on both the device calling `/bc-authorize` and the user’s authentication device (e.g. phone) to ensure the user is approves the correct request. For example: `ABC-123-XYZ`. |
 | `login_hint` <br/><span class="label label-danger">Required</span> | String containing information about the user to contact for authentication. It uses the [IETF9493 standard for Subject Identifiers for Security Event Tokens](https://datatracker.ietf.org/doc/html/rfc9493). Auth0 only supports the [Issuer and Identifier format](https://datatracker.ietf.org/doc/html/rfc9493#name-issuer-and-subject-identifi). For an example login hint, review the [Remarks](#remarks). |
 | `scope` <br/><span class="label label-danger">Required</span> | Space-separated list of OIDC and custom API scopes. For example: `openid read:timesheets edit:timesheets`. Include `offline_access` to get a refresh token. At a minimum, you must include the scope `openid`. |
-| `audience` <br/><span class="label label-danger">Optional</span> | Unique identifier of the audience for an issued token. If you require an access token for an API, pass the unique identifier of the target API you want to access. |
-| `request_expiry` <br/><span class="label label-danger">Optional</span> | To configure a custom expiry time in seconds for this request, pass a number between 1 and 300. If not provided, expiry defaults to 300 seconds. |
+| `audience` <br/><span class="label label-primary">Optional</span> | Unique identifier of the audience for an issued token. If you require an access token for an API, pass the unique identifier of the target API you want to access. |
+| `request_expiry` <br/><span class="label label-primary">Optional</span> | To configure a custom expiry time in seconds for this request, pass a number between 1 and 300. If not provided, expiry defaults to 300 seconds. |
 
 ### Response Body
 

diff --git a/articles/api/authentication/_logout.md b/articles/api/authentication/_logout.md
@@ -1,3 +1,4 @@
+<!-- markdownlint-disable MD024 MD012 -->
 # Logout
 ## Auth0 Logout
 
@@ -121,13 +122,13 @@ Use this endpoint to logout a user. If you want to navigate the user to a specif
 
 | Parameter                             | Description                                                                                                                                                     |
 | :------------------------------------ | :-------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `id_token_hint` (Recommended)         | Previously issued ID Token for the user. This is used to indicate which user to log out.                                                                         |
-| `logout_hint` (Optional)              | Optional `sid` (session ID) value to indicate which user to log out. Should be provided when `id_token_hint` is not available.                                                                       |
-| `post_logout_redirect_uri` (Optional) | URL to redirect the user after the logout.                                                                                                                      |
-| `client_id` (Optional)                | The `client_id` of your application.                                                                                                                            |
-| `federated` (Optional)                | Add this query string parameter to log the user out of their identity provider: `https://YOUR_DOMAIN/oidc/logout?federated`.        |
-| `state` (Optional)                    | An opaque value the applications adds to the initial request that the authorization server includes when redirecting the back to the`post_logout_redirect_uri`. |
-| `ui_locales` (Optional)               | Space-delimited list of locales used to constrain the language list for the request. The first locale on the list must match the enabled locale in your tenant  |
+| `id_token_hint` <br/><span class="label label-primary">Recommended</span> | Previously issued ID Token for the user. This is used to indicate which user to log out.                                                                         |
+| `logout_hint` <br/><span class="label label-primary">Optional</span> | Optional `sid` (session ID) value to indicate which user to log out. Should be provided when `id_token_hint` is not available.                                                                       |
+| `post_logout_redirect_uri` <br/><span class="label label-primary">Optional</span> | URL to redirect the user after the logout.                                                                                                                      |
+| `client_id` <br/><span class="label label-primary">Optional</span> | The `client_id` of your application.                                                                                                                            |
+| `federated` <br/><span class="label label-primary">Optional</span> | Add this query string parameter to log the user out of their identity provider: `https://YOUR_DOMAIN/oidc/logout?federated`.        |
+| `state` <br/><span class="label label-primary">Optional</span> | An opaque value the applications adds to the initial request that the authorization server includes when redirecting the back to the`post_logout_redirect_uri`. |
+| `ui_locales` <br/><span class="label label-primary">Optional</span> | Space-delimited list of locales used to constrain the language list for the request. The first locale on the list must match the enabled locale in your tenant  |
 
 ### Remarks
 

diff --git a/articles/api/authentication/api-authz/_client-credential.md b/articles/api/authentication/api-authz/_client-credential.md
@@ -64,6 +64,7 @@ This is the OAuth 2.0 grant that server processes use to access an API. Use this
 | `client_id` <br/><span class="label label-danger">Required</span> | Your application's Client ID. |
 | `client_secret` <br/><span class="label label-danger">Required</span> | Your application's Client Secret. |
 | `audience` <br/><span class="label label-danger">Required</span> | The unique identifier of the target API you want to access. |
+| `organizations` <br/><span class="label label-primary">Optional</span>| The organization or identifier with which you want the request to be associated. To learn more, read [Machine-to-Machine Access for Organizations](https://auth0.com/docs/manage-users/organizations/organizations-for-m2m-applications)|
 
 ### Learn More