interface AuthenticateCognitoConfigProperty
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.ElasticLoadBalancingV2.CfnListener.AuthenticateCognitoConfigProperty |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awselasticloadbalancingv2#CfnListener_AuthenticateCognitoConfigProperty |
 Java | software.amazon.awscdk.services.elasticloadbalancingv2.CfnListener.AuthenticateCognitoConfigProperty |
 Python | aws_cdk.aws_elasticloadbalancingv2.CfnListener.AuthenticateCognitoConfigProperty |
 TypeScript | aws-cdk-lib » aws_elasticloadbalancingv2 » CfnListener » AuthenticateCognitoConfigProperty |
Specifies information required when integrating with Amazon Cognito to authenticate users.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_elasticloadbalancingv2 as elbv2 } from 'aws-cdk-lib';
const authenticateCognitoConfigProperty: elbv2.CfnListener.AuthenticateCognitoConfigProperty = {
userPoolArn: 'userPoolArn',
userPoolClientId: 'userPoolClientId',
userPoolDomain: 'userPoolDomain',
// the properties below are optional
authenticationRequestExtraParams: {
authenticationRequestExtraParamsKey: 'authenticationRequestExtraParams',
},
onUnauthenticatedRequest: 'onUnauthenticatedRequest',
scope: 'scope',
sessionCookieName: 'sessionCookieName',
sessionTimeout: 'sessionTimeout',
};
Properties
| Name | Type | Description |
|---|---|---|
| user | string | The Amazon Resource Name (ARN) of the Amazon Cognito user pool. |
| user | string | The ID of the Amazon Cognito user pool client. |
| user | string | The domain prefix or fully-qualified domain name of the Amazon Cognito user pool. |
| authentication | { [string]: string } | IResolvable | The query parameters (up to 10) to include in the redirect request to the authorization endpoint. |
| on | string | The behavior if the user is not authenticated. The following are possible values:. |
| scope? | string | The set of user claims to be requested from the IdP. The default is openid . |
| session | string | The name of the cookie used to maintain session information. |
| session | string | The maximum duration of the authentication session, in seconds. |
userPoolArn
Type:
string
The Amazon Resource Name (ARN) of the Amazon Cognito user pool.
userPoolClientId
Type:
string
The ID of the Amazon Cognito user pool client.
userPoolDomain
Type:
string
The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.
authenticationRequestExtraParams?
Type:
{ [string]: string } | IResolvable
(optional)
The query parameters (up to 10) to include in the redirect request to the authorization endpoint.
onUnauthenticatedRequest?
Type:
string
(optional)
The behavior if the user is not authenticated. The following are possible values:.
- deny `` - Return an HTTP 401 Unauthorized error.
- allow `` - Allow the request to be forwarded to the target.
- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.
scope?
Type:
string
(optional)
The set of user claims to be requested from the IdP. The default is openid .
To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.
sessionCookieName?
Type:
string
(optional)
The name of the cookie used to maintain session information.
The default is AWSELBAuthSessionCookie.
sessionTimeout?
Type:
string
(optional)
The maximum duration of the authentication session, in seconds.
The default is 604800 seconds (7 days).