Class OAuthSettings
OAuth settings to configure the interaction between the app and this client.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.Cognito
Assembly: Amazon.CDK.AWS.Cognito.dll
Syntax (csharp)
public class OAuthSettings : Object, IOAuthSettings
Syntax (vb)
Public Class OAuthSettings
Inherits Object
Implements IOAuthSettings
Remarks
ExampleMetadata: infused
Examples
var pool = new UserPool(this, "Pool");
var readOnlyScope = new ResourceServerScope(new ResourceServerScopeProps { ScopeName = "read", ScopeDescription = "Read-only access" });
var fullAccessScope = new ResourceServerScope(new ResourceServerScopeProps { ScopeName = "*", ScopeDescription = "Full access" });
var userServer = pool.AddResourceServer("ResourceServer", new UserPoolResourceServerOptions {
Identifier = "users",
Scopes = new [] { readOnlyScope, fullAccessScope }
});
var readOnlyClient = pool.AddClient("read-only-client", new UserPoolClientOptions {
// ...
OAuth = new OAuthSettings {
// ...
Scopes = new [] { OAuthScope.ResourceServer(userServer, readOnlyScope) }
}
});
var fullAccessClient = pool.AddClient("full-access-client", new UserPoolClientOptions {
// ...
OAuth = new OAuthSettings {
// ...
Scopes = new [] { OAuthScope.ResourceServer(userServer, fullAccessScope) }
}
});
Synopsis
Constructors
OAuthSettings() |
Properties
CallbackUrls | List of allowed redirect URLs for the identity providers. |
Flows | OAuth flows that are allowed with this client. |
LogoutUrls | List of allowed logout URLs for the identity providers. |
Scopes | OAuth scopes that are allowed with this client. |
Constructors
OAuthSettings()
public OAuthSettings()
Properties
CallbackUrls
List of allowed redirect URLs for the identity providers.
public string[] CallbackUrls { get; set; }
Property Value
System.String[]
Remarks
Default: - ['https://example.com'] if either authorizationCodeGrant or implicitCodeGrant flows are enabled, no callback URLs otherwise.
Flows
OAuth flows that are allowed with this client.
public IOAuthFlows Flows { get; set; }
Property Value
Remarks
Default: {authorizationCodeGrant:true,implicitCodeGrant:true}
See: - the 'Allowed OAuth Flows' section at https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html
LogoutUrls
List of allowed logout URLs for the identity providers.
public string[] LogoutUrls { get; set; }
Property Value
System.String[]
Remarks
Default: - no logout URLs
Scopes
OAuth scopes that are allowed with this client.
public OAuthScope[] Scopes { get; set; }
Property Value
Remarks
Default: [OAuthScope.PHONE,OAuthScope.EMAIL,OAuthScope.OPENID,OAuthScope.PROFILE,OAuthScope.COGNITO_ADMIN]
See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html