AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS AppSync GraphQLApi OpenId Connect Config

The OpenIDConnectConfig property type specifies the optional authorization configuration for using an Open Id Connect compliant service with your GraphQL endpoint for an AWS AppSync GraphQL API.

OpenIDConnectConfig is a property of the AWS::AppSync::GraphQLApi property type.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Issuer" : String, "ClientId" : String, "IatTTL" : Number, "AuthTTL" : Number }

YAML

Issuer: String ClientId: String IatTTL: Number AuthTTL: Number

Properties

Issuer

The issuer for the open id connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.

Required: Yes

Type: String

Update requires: No interruption

ClientId

The client identifier of the Relying party at the OpenID Provider. This identifier is typically obtained when the Relying party is registered with the OpenID Provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time

Required: No

Type: String

Update requires: No interruption

IatTTL

The number of milliseconds a token is valid after being issued to a user.

Required: No

Type: Number

Update requires: No interruption

AuthTTL

The number of milliseconds a token is valid after being authenticated.

Required: No

Type: Number

Update requires: No interruption

See Also

On this page: