Package software.amazon.awscdk.services.cognito

Interface OAuthSettings

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

OAuthSettings.Jsii$Proxy

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
           date="2023-06-19T16:30:44.028Z")
@Stability(Stable)
public interface OAuthSettings
extends software.amazon.jsii.JsiiSerializable

OAuth settings to configure the interaction between the app and this client.

Example:

 UserPool pool = new UserPool(this, "Pool");
 ResourceServerScope readOnlyScope = ResourceServerScope.Builder.create().scopeName("read").scopeDescription("Read-only access").build();
 ResourceServerScope fullAccessScope = ResourceServerScope.Builder.create().scopeName("*").scopeDescription("Full access").build();
 UserPoolResourceServer userServer = pool.addResourceServer("ResourceServer", UserPoolResourceServerOptions.builder()
         .identifier("users")
         .scopes(List.of(readOnlyScope, fullAccessScope))
         .build());
 UserPoolClient readOnlyClient = pool.addClient("read-only-client", UserPoolClientOptions.builder()
         // ...
         .oAuth(OAuthSettings.builder()
                 // ...
                 .scopes(List.of(OAuthScope.resourceServer(userServer, readOnlyScope)))
                 .build())
         .build());
 UserPoolClient fullAccessClient = pool.addClient("full-access-client", UserPoolClientOptions.builder()
         // ...
         .oAuth(OAuthSettings.builder()
                 // ...
                 .scopes(List.of(OAuthScope.resourceServer(userServer, fullAccessScope)))
                 .build())
         .build());
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	OAuthSettings.Builder	A builder for OAuthSettings
static final class	OAuthSettings.Jsii$Proxy	An implementation for OAuthSettings

Method Summary

Modifier and Type	Method	Description
static OAuthSettings.Builder	builder()
default List<String>	getCallbackUrls()	List of allowed redirect URLs for the identity providers.
default OAuthFlows	getFlows()	OAuth flows that are allowed with this client.
default List<String>	getLogoutUrls()	List of allowed logout URLs for the identity providers.
default List<OAuthScope>	getScopes()	OAuth scopes that are allowed with this client.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getCallbackUrls

@Stability(Stable)
@Nullable
default List<String> getCallbackUrls()

List of allowed redirect URLs for the identity providers.

Default: - ['https://example.com'] if either authorizationCodeGrant or implicitCodeGrant flows are enabled, no callback URLs otherwise.

getFlows

@Stability(Stable)
@Nullable
default OAuthFlows getFlows()

OAuth flows that are allowed with this client.

Default: {authorizationCodeGrant:true,implicitCodeGrant:true}

See Also:

• - the 'Allowed OAuth Flows' section at https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html

getLogoutUrls

@Stability(Stable)
@Nullable
default List<String> getLogoutUrls()

List of allowed logout URLs for the identity providers.

Default: - no logout URLs

getScopes

@Stability(Stable)
@Nullable
default List<OAuthScope> getScopes()

OAuth scopes that are allowed with this client.

Default: [OAuthScope.PHONE,OAuthScope.EMAIL,OAuthScope.OPENID,OAuthScope.PROFILE,OAuthScope.COGNITO_ADMIN]

See Also:

• https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html

builder

@Stability(Stable)
static OAuthSettings.Builder builder()

Returns:

a OAuthSettings.Builder of OAuthSettings