Interface IUserPoolClientOptions
Options to create a UserPoolClient.
Namespace: Amazon.CDK.AWS.Cognito
Assembly: Amazon.CDK.AWS.Cognito.dll
Syntax (csharp)
public interface IUserPoolClientOptions
Syntax (vb)
Public Interface IUserPoolClientOptions
Remarks
ExampleMetadata: infused
Examples
var pool = new UserPool(this, "Pool");
pool.AddClient("app-client", new UserPoolClientOptions {
OAuth = new OAuthSettings {
Flows = new OAuthFlows {
AuthorizationCodeGrant = true
},
Scopes = new [] { OAuthScope.OPENID },
CallbackUrls = new [] { "https://my-app-domain.com/welcome" },
LogoutUrls = new [] { "https://my-app-domain.com/signin" }
}
});
Synopsis
Properties
AccessTokenValidity | Validity of the access token. |
AuthFlows | The set of OAuth authentication flows to enable on the client. |
DisableOAuth | Turns off all OAuth interactions for this client. |
EnableTokenRevocation | Enable token revocation for this client. |
GenerateSecret | Whether to generate a client secret. |
IdTokenValidity | Validity of the ID token. |
OAuth | OAuth settings for this client to interact with the app. |
PreventUserExistenceErrors | Whether Cognito returns a UserNotFoundException exception when the user does not exist in the user pool (false), or whether it returns another type of error that doesn't reveal the user's absence. |
ReadAttributes | The set of attributes this client will be able to read. |
RefreshTokenValidity | Validity of the refresh token. |
SupportedIdentityProviders | The list of identity providers that users should be able to use to sign in using this client. |
UserPoolClientName | Name of the application client. |
WriteAttributes | The set of attributes this client will be able to write. |
Properties
AccessTokenValidity
Validity of the access token.
virtual Duration AccessTokenValidity { get; }
Property Value
Remarks
Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity.
Default: Duration.minutes(60)
AuthFlows
The set of OAuth authentication flows to enable on the client.
virtual IAuthFlow AuthFlows { get; }
Property Value
Remarks
Default: - all auth flows disabled
DisableOAuth
Turns off all OAuth interactions for this client.
virtual Nullable<bool> DisableOAuth { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
EnableTokenRevocation
Enable token revocation for this client.
virtual Nullable<bool> EnableTokenRevocation { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: true for new user pool clients
GenerateSecret
Whether to generate a client secret.
virtual Nullable<bool> GenerateSecret { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
IdTokenValidity
Validity of the ID token.
virtual Duration IdTokenValidity { get; }
Property Value
Remarks
Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity.
Default: Duration.minutes(60)
OAuth
OAuth settings for this client to interact with the app.
virtual IOAuthSettings OAuth { get; }
Property Value
Remarks
An error is thrown when this is specified and disableOAuth
is set.
Default: - see defaults in OAuthSettings
. meaningless if disableOAuth
is set.
PreventUserExistenceErrors
Whether Cognito returns a UserNotFoundException exception when the user does not exist in the user pool (false), or whether it returns another type of error that doesn't reveal the user's absence.
virtual Nullable<bool> PreventUserExistenceErrors { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
ReadAttributes
The set of attributes this client will be able to read.
virtual ClientAttributes ReadAttributes { get; }
Property Value
Remarks
Default: - all standard and custom attributes
RefreshTokenValidity
Validity of the refresh token.
virtual Duration RefreshTokenValidity { get; }
Property Value
Remarks
Values between 60 minutes and 10 years are valid.
Default: Duration.days(30)
SupportedIdentityProviders
The list of identity providers that users should be able to use to sign in using this client.
virtual UserPoolClientIdentityProvider[] SupportedIdentityProviders { get; }
Property Value
UserPoolClientIdentityProvider[]
Remarks
Default: - supports all identity providers that are registered with the user pool. If the user pool and/or
identity providers are imported, either specify this option explicitly or ensure that the identity providers are
registered with the user pool using the UserPool.registerIdentityProvider()
API.
UserPoolClientName
Name of the application client.
virtual string UserPoolClientName { get; }
Property Value
System.String
Remarks
Default: - cloudformation generated name
WriteAttributes
The set of attributes this client will be able to write.
virtual ClientAttributes WriteAttributes { get; }
Property Value
Remarks
Default: - all standard and custom attributes