Interface IOpenIdConnectConfig
Configuration for OpenID Connect authorization in AppSync.
Namespace: Amazon.CDK.AWS.AppSync
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface IOpenIdConnectConfig
Syntax (vb)
Public Interface IOpenIdConnectConfig
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.AppSync;
var openIdConnectConfig = new OpenIdConnectConfig {
OidcProvider = "oidcProvider",
// the properties below are optional
ClientId = "clientId",
TokenExpiryFromAuth = 123,
TokenExpiryFromIssue = 123
};
Synopsis
Properties
ClientId | The client identifier of the Relying party at the OpenID identity provider. |
OidcProvider | The issuer for the OIDC configuration. |
TokenExpiryFromAuth | The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider. |
TokenExpiryFromIssue | The number of milliseconds an OIDC token is valid after being issued to a user. |
Properties
ClientId
The client identifier of the Relying party at the OpenID identity provider.
virtual string ClientId { get; }
Property Value
System.String
Remarks
A regular expression can be specified so AppSync can validate against multiple client identifiers at a time.
Default: - * (All)
Examples
-"ABCD|CDEF";
OidcProvider
The issuer for the OIDC configuration.
string OidcProvider { get; }
Property Value
System.String
Remarks
The issuer returned by discovery must exactly match the value of iss
in the OIDC token.
TokenExpiryFromAuth
The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.
virtual Nullable<double> TokenExpiryFromAuth { get; }
Property Value
System.Nullable<System.Double>
Remarks
auth_time
claim in OIDC token is required for this validation to work.
Default: - no validation
TokenExpiryFromIssue
The number of milliseconds an OIDC token is valid after being issued to a user.
virtual Nullable<double> TokenExpiryFromIssue { get; }
Property Value
System.Nullable<System.Double>
Remarks
This validation uses iat
claim of OIDC token.
Default: - no validation