Interface OpenIdConnectConfig

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
OpenIdConnectConfig.Jsii$Proxy

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:49.556Z") @Stability(Experimental) public interface OpenIdConnectConfig extends software.amazon.jsii.JsiiSerializable
(experimental) Configuration for OpenID Connect authorization in AppSync.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.appsync.*;
 OpenIdConnectConfig openIdConnectConfig = OpenIdConnectConfig.builder()
         .oidcProvider("oidcProvider")
         // the properties below are optional
         .clientId("clientId")
         .tokenExpiryFromAuth(123)
         .tokenExpiryFromIssue(123)
         .build();
 
  • Method Details

    • getOidcProvider

      @Stability(Experimental) @NotNull String getOidcProvider()
      (experimental) The issuer for the OIDC configuration.

      The issuer returned by discovery must exactly match the value of iss in the OIDC token.

    • getClientId

      @Stability(Experimental) @Nullable default String getClientId()
      (experimental) The client identifier of the Relying party at the OpenID identity provider.

      A regular expression can be specified so AppSync can validate against multiple client identifiers at a time.

      Default: - * (All)

      Example:

       -"ABCD|CDEF";
       
    • getTokenExpiryFromAuth

      @Stability(Experimental) @Nullable default Number getTokenExpiryFromAuth()
      (experimental) The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.

      auth_time claim in OIDC token is required for this validation to work.

      Default: - no validation

    • getTokenExpiryFromIssue

      @Stability(Experimental) @Nullable default Number getTokenExpiryFromIssue()
      (experimental) The number of milliseconds an OIDC token is valid after being issued to a user.

      This validation uses iat claim of OIDC token.

      Default: - no validation

    • builder

      @Stability(Experimental) static OpenIdConnectConfig.Builder builder()
      Returns:
      a OpenIdConnectConfig.Builder of OpenIdConnectConfig