ResourceServerScope

class aws_cdk.aws_cognito.ResourceServerScope(*, scope_description, scope_name)

Bases: object

A scope for ResourceServer.

ExampleMetadata

infused

Example:

pool = cognito.UserPool(self, "Pool")

read_only_scope = cognito.ResourceServerScope(scope_name="read", scope_description="Read-only access")
full_access_scope = cognito.ResourceServerScope(scope_name="*", scope_description="Full access")

user_server = pool.add_resource_server("ResourceServer",
    identifier="users",
    scopes=[read_only_scope, full_access_scope]
)

read_only_client = pool.add_client("read-only-client",
    # ...
    o_auth=cognito.OAuthSettings(
        # ...
        scopes=[cognito.OAuthScope.resource_server(user_server, read_only_scope)]
    )
)

full_access_client = pool.add_client("full-access-client",
    # ...
    o_auth=cognito.OAuthSettings(
        # ...
        scopes=[cognito.OAuthScope.resource_server(user_server, full_access_scope)]
    )
)
Parameters
  • scope_description (str) – A description of the scope.

  • scope_name (str) – The name of the scope.

Attributes

scope_description

A description of the scope.

Return type

str

scope_name

The name of the scope.

Return type

str