Class CfnUserPoolIdentityProviderProps
Properties for defining a CfnUserPoolIdentityProvider
.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.Cognito
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnUserPoolIdentityProviderProps : Object, ICfnUserPoolIdentityProviderProps
Syntax (vb)
Public Class CfnUserPoolIdentityProviderProps
Inherits Object
Implements ICfnUserPoolIdentityProviderProps
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.Cognito;
var attributeMapping;
var providerDetails;
var cfnUserPoolIdentityProviderProps = new CfnUserPoolIdentityProviderProps {
ProviderName = "providerName",
ProviderType = "providerType",
UserPoolId = "userPoolId",
// the properties below are optional
AttributeMapping = attributeMapping,
IdpIdentifiers = new [] { "idpIdentifiers" },
ProviderDetails = providerDetails
};
Synopsis
Constructors
CfnUserPoolIdentityProviderProps() |
Properties
AttributeMapping | A mapping of IdP attributes to standard and custom user pool attributes. |
IdpIdentifiers | A list of IdP identifiers. |
ProviderDetails | The scopes, URLs, and identifiers for your external identity provider. |
ProviderName | The IdP name. |
ProviderType | The IdP type. |
UserPoolId | The user pool ID. |
Constructors
CfnUserPoolIdentityProviderProps()
public CfnUserPoolIdentityProviderProps()
Properties
AttributeMapping
A mapping of IdP attributes to standard and custom user pool attributes.
public object AttributeMapping { get; set; }
Property Value
System.Object
Remarks
IdpIdentifiers
A list of IdP identifiers.
public string[] IdpIdentifiers { get; set; }
Property Value
System.String[]
Remarks
ProviderDetails
The scopes, URLs, and identifiers for your external identity provider.
public object ProviderDetails { get; set; }
Property Value
System.Object
Remarks
The following
examples describe the provider detail keys for each IdP type. These values and their
schema are subject to change. Social IdP authorize_scopes
values must match
the values listed here.
Create or update request: "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
Describe response: "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
Create or update request with Metadata file: "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
The value of MetadataFile
must be the plaintext metadata document with all quote (") characters escaped by backslashes.
Describe response: "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
Describe response: "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
Describe response: "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
Describe response: "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
Describe response: "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
ProviderName
The IdP name.
public string ProviderName { get; set; }
Property Value
System.String
Remarks
ProviderType
The IdP type.
public string ProviderType { get; set; }
Property Value
System.String
Remarks
UserPoolId
The user pool ID.
public string UserPoolId { get; set; }
Property Value
System.String