Class OpenIdConnectConfig

Configuration for OpenID Connect authorization in AppSync.

Inheritance

object

OpenIdConnectConfig

Implements

IOpenIdConnectConfig

Inherited Members

object.GetType()

object.MemberwiseClone()

object.ToString()

object.Equals(object)

object.Equals(object, object)

object.ReferenceEquals(object, object)

object.GetHashCode()

Namespace: Amazon.CDK.AWS.AppSync

Assembly: Amazon.CDK.Lib.dll

Syntax (csharp)

public class OpenIdConnectConfig : IOpenIdConnectConfig

Syntax (vb)

Public Class OpenIdConnectConfig Implements IOpenIdConnectConfig

Remarks

ExampleMetadata: fixture=_generated

Examples

// The code below shows an example of how to instantiate this type.
            // The values are placeholders you should change.
            using Amazon.CDK.AWS.AppSync;

            var openIdConnectConfig = new OpenIdConnectConfig {
                OidcProvider = "oidcProvider",

                // the properties below are optional
                ClientId = "clientId",
                TokenExpiryFromAuth = 123,
                TokenExpiryFromIssue = 123
            };

Synopsis

Constructors

OpenIdConnectConfig()

Configuration for OpenID Connect authorization in AppSync.

Properties

ClientId	The client identifier of the Relying party at the OpenID identity provider.
OidcProvider	The issuer for the OIDC configuration.
TokenExpiryFromAuth	The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.
TokenExpiryFromIssue	The number of milliseconds an OIDC token is valid after being issued to a user.

Constructors

OpenIdConnectConfig()

Configuration for OpenID Connect authorization in AppSync.

public OpenIdConnectConfig()

Remarks

ExampleMetadata: fixture=_generated

Examples

// The code below shows an example of how to instantiate this type.
            // The values are placeholders you should change.
            using Amazon.CDK.AWS.AppSync;

            var openIdConnectConfig = new OpenIdConnectConfig {
                OidcProvider = "oidcProvider",

                // the properties below are optional
                ClientId = "clientId",
                TokenExpiryFromAuth = 123,
                TokenExpiryFromIssue = 123
            };

Properties

ClientId

The client identifier of the Relying party at the OpenID identity provider.

public string? ClientId { get; set; }

Property Value

string

Remarks

A regular expression can be specified so AppSync can validate against multiple client identifiers at a time.

Default: - * (All)

Examples

-"ABCD|CDEF";

OidcProvider

The issuer for the OIDC configuration.

public string OidcProvider { get; set; }

Property Value

string

Remarks

The issuer returned by discovery must exactly match the value of iss in the OIDC token.

TokenExpiryFromAuth

The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.

public double? TokenExpiryFromAuth { get; set; }

Property Value

double?

Remarks

auth_time claim in OIDC token is required for this validation to work.

Default: - no validation

TokenExpiryFromIssue

The number of milliseconds an OIDC token is valid after being issued to a user.

public double? TokenExpiryFromIssue { get; set; }

Property Value

double?

Remarks

This validation uses iat claim of OIDC token.

Default: - no validation

Implements

IOpenIdConnectConfig