diff --git a/modules/auth0/app/README.md b/modules/auth0/app/README.md
index 87f22e1ed..77a465ae4 100644
--- a/modules/auth0/app/README.md
+++ b/modules/auth0/app/README.md
@@ -104,6 +104,7 @@ components:
 | <a name="input_authentication_method"></a> [authentication\_method](#input\_authentication\_method) | The authentication method for the client credentials | `string` | `"client_secret_post"` | no |
 | <a name="input_callbacks"></a> [callbacks](#input\_callbacks) | Allowed Callback URLs | `list(string)` | `[]` | no |
 | <a name="input_context"></a> [context](#input\_context) | Single object for setting entire context at once.<br>See description of individual variables for details.<br>Leave string and numeric variables as `null` to use default value.<br>Individual variable settings (non-null) override settings in context object,<br>except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | <pre>{<br>  "additional_tag_map": {},<br>  "attributes": [],<br>  "delimiter": null,<br>  "descriptor_formats": {},<br>  "enabled": true,<br>  "environment": null,<br>  "id_length_limit": null,<br>  "label_key_case": null,<br>  "label_order": [],<br>  "label_value_case": null,<br>  "labels_as_tags": [<br>    "unset"<br>  ],<br>  "name": null,<br>  "namespace": null,<br>  "regex_replace_chars": null,<br>  "stage": null,<br>  "tags": {},<br>  "tenant": null<br>}</pre> | no |
+| <a name="input_cross_origin_auth"></a> [cross\_origin\_auth](#input\_cross\_origin\_auth) | Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false). | `bool` | `false` | no |
 | <a name="input_delimiter"></a> [delimiter](#input\_delimiter) | Delimiter to be used between ID elements.<br>Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
 | <a name="input_descriptor_formats"></a> [descriptor\_formats](#input\_descriptor\_formats) | Describe additional descriptors to be output in the `descriptors` output map.<br>Map of maps. Keys are names of descriptors. Values are maps of the form<br>`{<br>   format = string<br>   labels = list(string)<br>}`<br>(Type is `any` so the map values can later be enhanced to provide additional options.)<br>`format` is a Terraform format string to be passed to the `format()` function.<br>`labels` is a list of labels, in order, to pass to `format()` function.<br>Label values will be normalized before being passed to `format()` so they will be<br>identical to how they appear in `id`.<br>Default is `{}` (`descriptors` output will be empty). | `any` | `{}` | no |
 | <a name="input_enabled"></a> [enabled](#input\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `null` | no |
diff --git a/modules/auth0/app/main.tf b/modules/auth0/app/main.tf
index 294a4db55..af9dd6790 100644
--- a/modules/auth0/app/main.tf
+++ b/modules/auth0/app/main.tf
@@ -20,11 +20,12 @@ resource "auth0_client" "this" {
     alg                 = var.jwt_alg
   }
 
-  callbacks       = var.callbacks
-  allowed_origins = var.allowed_origins
-  web_origins     = var.web_origins
-  grant_types     = var.grant_types
-  logo_uri        = var.logo_uri
+  callbacks         = var.callbacks
+  cross_origin_auth = var.cross_origin_auth
+  allowed_origins   = var.allowed_origins
+  web_origins       = var.web_origins
+  grant_types       = var.grant_types
+  logo_uri          = var.logo_uri
 
 }
 
diff --git a/modules/auth0/app/variables.tf b/modules/auth0/app/variables.tf
index 62fb09e71..07db907f8 100644
--- a/modules/auth0/app/variables.tf
+++ b/modules/auth0/app/variables.tf
@@ -9,6 +9,12 @@ variable "callbacks" {
   default     = []
 }
 
+variable "cross_origin_auth" {
+  type        = bool
+  description = "Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."
+  default     = false
+}
+
 variable "allowed_origins" {
   type        = list(string)
   description = "Allowed Origins"