Class AppSyncOpenIdConnectConfig

Configuration for OpenID Connect authorization in AppSync.

Inheritance
object
AppSyncOpenIdConnectConfig
Inherited Members
Namespace: Amazon.CDK.AWS.AppSync
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class AppSyncOpenIdConnectConfig : IAppSyncOpenIdConnectConfig
Syntax (vb)
Public Class AppSyncOpenIdConnectConfig Implements IAppSyncOpenIdConnectConfig
Remarks

ExampleMetadata: fixture=_generated

Examples
// The code below shows an example of how to instantiate this type.
            // The values are placeholders you should change.
            using Amazon.CDK.AWS.AppSync;

            var appSyncOpenIdConnectConfig = new AppSyncOpenIdConnectConfig {
                OidcProvider = "oidcProvider",

                // the properties below are optional
                ClientId = "clientId",
                TokenExpiryFromAuth = 123,
                TokenExpiryFromIssue = 123
            };

Synopsis

Constructors

AppSyncOpenIdConnectConfig()

Configuration for OpenID Connect authorization in AppSync.

Properties

ClientId

The client identifier of the Relying party at the OpenID identity provider.
OidcProvider

The issuer for the OIDC configuration.
TokenExpiryFromAuth

The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.
TokenExpiryFromIssue

The number of milliseconds an OIDC token is valid after being issued to a user.

Constructors

AppSyncOpenIdConnectConfig()

Configuration for OpenID Connect authorization in AppSync.

public AppSyncOpenIdConnectConfig()
Remarks

ExampleMetadata: fixture=_generated

Examples
// The code below shows an example of how to instantiate this type.
            // The values are placeholders you should change.
            using Amazon.CDK.AWS.AppSync;

            var appSyncOpenIdConnectConfig = new AppSyncOpenIdConnectConfig {
                OidcProvider = "oidcProvider",

                // the properties below are optional
                ClientId = "clientId",
                TokenExpiryFromAuth = 123,
                TokenExpiryFromIssue = 123
            };

Properties

ClientId

The client identifier of the Relying party at the OpenID identity provider.

public string? ClientId { get; set; }
Property Value

string

Remarks

A regular expression can be specified so AppSync can validate against multiple client identifiers at a time.

Default: - * (All)

Examples
-"ABCD|CDEF";

OidcProvider

The issuer for the OIDC configuration.

public string OidcProvider { get; set; }
Property Value

string

Remarks

The issuer returned by discovery must exactly match the value of iss in the OIDC token.

TokenExpiryFromAuth

The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.

public double? TokenExpiryFromAuth { get; set; }
Property Value

double?

Remarks

auth_time claim in OIDC token is required for this validation to work.

Default: - no validation

TokenExpiryFromIssue

The number of milliseconds an OIDC token is valid after being issued to a user.

public double? TokenExpiryFromIssue { get; set; }
Property Value

double?

Remarks

This validation uses iat claim of OIDC token.

Default: - no validation

Implements