interface UserPoolIdentityProviderOidcProps
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Cognito.UserPoolIdentityProviderOidcProps |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awscognito#UserPoolIdentityProviderOidcProps |
 Java | software.amazon.awscdk.services.cognito.UserPoolIdentityProviderOidcProps |
 Python | aws_cdk.aws_cognito.UserPoolIdentityProviderOidcProps |
 TypeScript (source) | aws-cdk-lib » aws_cognito » UserPoolIdentityProviderOidcProps |
Properties to initialize UserPoolIdentityProviderOidc.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_cognito as cognito } from 'aws-cdk-lib';
declare const providerAttribute: cognito.ProviderAttribute;
declare const userPool: cognito.UserPool;
const userPoolIdentityProviderOidcProps: cognito.UserPoolIdentityProviderOidcProps = {
clientId: 'clientId',
clientSecret: 'clientSecret',
issuerUrl: 'issuerUrl',
userPool: userPool,
// the properties below are optional
attributeMapping: {
address: providerAttribute,
birthdate: providerAttribute,
custom: {
customKey: providerAttribute,
},
email: providerAttribute,
emailVerified: providerAttribute,
familyName: providerAttribute,
fullname: providerAttribute,
gender: providerAttribute,
givenName: providerAttribute,
lastUpdateTime: providerAttribute,
locale: providerAttribute,
middleName: providerAttribute,
nickname: providerAttribute,
phoneNumber: providerAttribute,
preferredUsername: providerAttribute,
profilePage: providerAttribute,
profilePicture: providerAttribute,
timezone: providerAttribute,
website: providerAttribute,
},
attributeRequestMethod: cognito.OidcAttributeRequestMethod.GET,
endpoints: {
authorization: 'authorization',
jwksUri: 'jwksUri',
token: 'token',
userInfo: 'userInfo',
},
identifiers: ['identifiers'],
name: 'name',
scopes: ['scopes'],
};
Properties
| Name | Type | Description |
|---|---|---|
| client | string | The client id. |
| client | string | The client secret. |
| issuer | string | Issuer URL. |
| user | IUser | The user pool to which this construct provides identities. |
| attribute | Attribute | Mapping attributes from the identity provider to standard and custom attributes of the user pool. |
| attribute | Oidc | The method to use to request attributes. |
| endpoints? | Oidc | OpenID connect endpoints. |
| identifiers? | string[] | Identifiers. |
| name? | string | The name of the provider. |
| scopes? | string[] | The OAuth 2.0 scopes that you will request from OpenID Connect. Scopes are groups of OpenID Connect user attributes to exchange with your app. |
clientId
Type:
string
The client id.
clientSecret
Type:
string
The client secret.
issuerUrl
Type:
string
Issuer URL.
userPool
Type:
IUser
The user pool to which this construct provides identities.
attributeMapping?
Type:
Attribute
(optional, default: no attribute mapping)
Mapping attributes from the identity provider to standard and custom attributes of the user pool.
attributeRequestMethod?
Type:
Oidc
(optional, default: OidcAttributeRequestMethod.GET)
The method to use to request attributes.
endpoints?
Type:
Oidc
(optional, default: auto discovered with issuer URL)
OpenID connect endpoints.
identifiers?
Type:
string[]
(optional, default: no identifiers used)
Identifiers.
Identifiers can be used to redirect users to the correct IdP in multitenant apps.
name?
Type:
string
(optional, default: the unique ID of the construct)
The name of the provider.
scopes?
Type:
string[]
(optional, default: ['openid'])
The OAuth 2.0 scopes that you will request from OpenID Connect. Scopes are groups of OpenID Connect user attributes to exchange with your app.