Interface CfnListenerRule.IAuthenticateOidcConfigProperty
Specifies information required using an identity provide (IdP) that is compliant with OpenID Connect (OIDC) to authenticate users.
Namespace: Amazon.CDK.AWS.ElasticLoadBalancingV2
Assembly: Amazon.CDK.AWS.ElasticLoadBalancingV2.dll
Syntax (csharp)
public interface IAuthenticateOidcConfigProperty
Syntax (vb)
Public Interface IAuthenticateOidcConfigProperty
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.ElasticLoadBalancingV2;
var authenticateOidcConfigProperty = new AuthenticateOidcConfigProperty {
AuthorizationEndpoint = "authorizationEndpoint",
ClientId = "clientId",
Issuer = "issuer",
TokenEndpoint = "tokenEndpoint",
UserInfoEndpoint = "userInfoEndpoint",
// the properties below are optional
AuthenticationRequestExtraParams = new Dictionary<string, string> {
{ "authenticationRequestExtraParamsKey", "authenticationRequestExtraParams" }
},
ClientSecret = "clientSecret",
OnUnauthenticatedRequest = "onUnauthenticatedRequest",
Scope = "scope",
SessionCookieName = "sessionCookieName",
SessionTimeout = 123,
UseExistingClientSecret = false
};
Synopsis
Properties
AuthenticationRequestExtraParams | The query parameters (up to 10) to include in the redirect request to the authorization endpoint. |
AuthorizationEndpoint | The authorization endpoint of the IdP. |
ClientId | The OAuth 2.0 client identifier. |
ClientSecret | The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set |
Issuer | The OIDC issuer identifier of the IdP. |
OnUnauthenticatedRequest | The behavior if the user is not authenticated. The following are possible values:. |
Scope | The set of user claims to be requested from the IdP. The default is |
SessionCookieName | The name of the cookie used to maintain session information. |
SessionTimeout | The maximum duration of the authentication session, in seconds. |
TokenEndpoint | The token endpoint of the IdP. |
UseExistingClientSecret | Indicates whether to use the existing client secret when modifying a rule. |
UserInfoEndpoint | The user info endpoint of the IdP. |
Properties
AuthenticationRequestExtraParams
The query parameters (up to 10) to include in the redirect request to the authorization endpoint.
virtual object AuthenticationRequestExtraParams { get; }
Property Value
System.Object
Remarks
AuthorizationEndpoint
The authorization endpoint of the IdP.
string AuthorizationEndpoint { get; }
Property Value
System.String
Remarks
This must be a full URL, including the HTTPS protocol, the domain, and the path.
ClientId
The OAuth 2.0 client identifier.
string ClientId { get; }
Property Value
System.String
Remarks
ClientSecret
The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret
to true.
virtual string ClientSecret { get; }
Property Value
System.String
Remarks
Issuer
The OIDC issuer identifier of the IdP.
string Issuer { get; }
Property Value
System.String
Remarks
This must be a full URL, including the HTTPS protocol, the domain, and the path.
OnUnauthenticatedRequest
The behavior if the user is not authenticated. The following are possible values:.
virtual string OnUnauthenticatedRequest { get; }
Property Value
System.String
Remarks
Scope
The set of user claims to be requested from the IdP. The default is openid
.
virtual string Scope { get; }
Property Value
System.String
Remarks
To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.
SessionCookieName
The name of the cookie used to maintain session information.
virtual string SessionCookieName { get; }
Property Value
System.String
Remarks
SessionTimeout
The maximum duration of the authentication session, in seconds.
virtual Nullable<double> SessionTimeout { get; }
Property Value
System.Nullable<System.Double>
Remarks
TokenEndpoint
The token endpoint of the IdP.
string TokenEndpoint { get; }
Property Value
System.String
Remarks
This must be a full URL, including the HTTPS protocol, the domain, and the path.
UseExistingClientSecret
Indicates whether to use the existing client secret when modifying a rule.
virtual object UseExistingClientSecret { get; }
Property Value
System.Object
Remarks
If you are creating a rule, you can omit this parameter or set it to false.
UserInfoEndpoint
The user info endpoint of the IdP.
string UserInfoEndpoint { get; }
Property Value
System.String
Remarks
This must be a full URL, including the HTTPS protocol, the domain, and the path.