Interface CfnIdentityProviderConfig.OidcIdentityProviderConfigProperty

All Superinterfaces:
All Known Implementing Classes:
Enclosing class:

@Stability(Stable) public static interface CfnIdentityProviderConfig.OidcIdentityProviderConfigProperty extends
An object representing the configuration for an OpenID Connect (OIDC) identity provider.


 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 OidcIdentityProviderConfigProperty oidcIdentityProviderConfigProperty = OidcIdentityProviderConfigProperty.builder()
         // the properties below are optional
  • Method Details

    • getClientId

      @Stability(Stable) @NotNull String getClientId()
      This is also known as audience .

      The ID of the client application that makes authentication requests to the OIDC identity provider.

    • getIssuerUrl

      @Stability(Stable) @NotNull String getIssuerUrl()
      The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.
    • getGroupsClaim

      @Stability(Stable) @Nullable default String getGroupsClaim()
      The JSON web token (JWT) claim that the provider uses to return your groups.
    • getGroupsPrefix

      @Stability(Stable) @Nullable default String getGroupsPrefix()
      The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups).

      For example, the value oidc: creates group names like oidc:engineering and oidc:infra . The prefix can't contain system:

    • getRequiredClaims

      @Stability(Stable) @Nullable default Object getRequiredClaims()
      The key-value pairs that describe required claims in the identity token.

      If set, each claim is verified to be present in the token with a matching value.

    • getUsernameClaim

      @Stability(Stable) @Nullable default String getUsernameClaim()
      The JSON Web token (JWT) claim that is used as the username.
    • getUsernamePrefix

      @Stability(Stable) @Nullable default String getUsernamePrefix()
      The prefix that is prepended to username claims to prevent clashes with existing names.

      The prefix can't contain system:

    • builder

      a CfnIdentityProviderConfig.OidcIdentityProviderConfigProperty.Builder of CfnIdentityProviderConfig.OidcIdentityProviderConfigProperty