Class OpenIdConnectConfig
(experimental) Configuration for OpenID Connect authorization in AppSync.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.AppSync
Assembly: Amazon.CDK.AWS.AppSync.dll
Syntax (csharp)
public class OpenIdConnectConfig : Object, IOpenIdConnectConfig
Syntax (vb)
Public Class OpenIdConnectConfig
Inherits Object
Implements IOpenIdConnectConfig
Remarks
Stability: Experimental
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.AppSync;
var openIdConnectConfig = new OpenIdConnectConfig {
OidcProvider = "oidcProvider",
// the properties below are optional
ClientId = "clientId",
TokenExpiryFromAuth = 123,
TokenExpiryFromIssue = 123
};
Synopsis
Constructors
OpenIdConnectConfig() |
Properties
ClientId | (experimental) The client identifier of the Relying party at the OpenID identity provider. |
OidcProvider | (experimental) The issuer for the OIDC configuration. |
TokenExpiryFromAuth | (experimental) The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider. |
TokenExpiryFromIssue | (experimental) The number of milliseconds an OIDC token is valid after being issued to a user. |
Constructors
OpenIdConnectConfig()
public OpenIdConnectConfig()
Properties
ClientId
(experimental) The client identifier of the Relying party at the OpenID identity provider.
public string ClientId { get; set; }
Property Value
System.String
Remarks
A regular expression can be specified so AppSync can validate against multiple client identifiers at a time.
Default: - * (All)
Stability: Experimental
Examples
-"ABCD|CDEF";
OidcProvider
(experimental) The issuer for the OIDC configuration.
public string OidcProvider { get; set; }
Property Value
System.String
Remarks
The issuer returned by discovery must exactly match the value of iss
in the OIDC token.
Stability: Experimental
TokenExpiryFromAuth
(experimental) The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.
public Nullable<double> TokenExpiryFromAuth { get; set; }
Property Value
System.Nullable<System.Double>
Remarks
auth_time
claim in OIDC token is required for this validation to work.
Default: - no validation
Stability: Experimental
TokenExpiryFromIssue
(experimental) The number of milliseconds an OIDC token is valid after being issued to a user.
public Nullable<double> TokenExpiryFromIssue { get; set; }
Property Value
System.Nullable<System.Double>
Remarks
This validation uses iat
claim of OIDC token.
Default: - no validation
Stability: Experimental