Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

AWS::QBusiness::Plugin OAuth2ClientCredentialConfiguration

Focus mode
AWS::QBusiness::Plugin OAuth2ClientCredentialConfiguration - AWS CloudFormation
Filter View

Information about the OAuth 2.0 authentication credential/token used to configure a plugin.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "AuthorizationUrl" : String, "RoleArn" : String, "SecretArn" : String, "TokenUrl" : String }

YAML

AuthorizationUrl: String RoleArn: String SecretArn: String TokenUrl: String

Properties

AuthorizationUrl

The redirect URL required by the OAuth 2.0 protocol for Amazon Q Business to authenticate a plugin user through a third party authentication server.

Required: No

Type: String

Pattern: ^(https?|ftp|file)://([^\s]*)$

Minimum: 1

Maximum: 2048

Update requires: No interruption

RoleArn

The ARN of an IAM role used by Amazon Q Business to access the OAuth 2.0 authentication credentials stored in a Secrets Manager secret.

Required: Yes

Type: String

Pattern: ^arn:[a-z0-9-\.]{1,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[^/].{0,1023}$

Minimum: 0

Maximum: 1284

Update requires: No interruption

SecretArn

The ARN of the Secrets Manager secret that stores the OAuth 2.0 credentials/token used for plugin configuration.

Required: Yes

Type: String

Pattern: ^arn:[a-z0-9-\.]{1,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[^/].{0,1023}$

Minimum: 0

Maximum: 1284

Update requires: No interruption

TokenUrl

The URL required by the OAuth 2.0 protocol to exchange an end user authorization code for an access token.

Required: No

Type: String

Pattern: ^(https?|ftp|file)://([^\s]*)$

Minimum: 1

Maximum: 2048

Update requires: No interruption

On this page

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.