Class CfnUserPoolClient
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.cognito.CfnUserPoolClient
- All Implemented Interfaces:
IInspectable
,software.amazon.jsii.JsiiSerializable
,software.constructs.IConstruct
,software.constructs.IDependable
@Generated(value="jsii-pacmak/1.103.1 (build bef2dea)",
date="2024-10-05T03:43:40.796Z")
@Stability(Stable)
public class CfnUserPoolClient
extends CfnResource
implements IInspectable
The
AWS::Cognito::UserPoolClient
resource specifies an Amazon Cognito user pool client.
If you don't specify a value for a parameter, Amazon Cognito sets it to a default value.
Example:
import software.amazon.awscdk.services.certificatemanager.*; Vpc vpc; Certificate certificate; ApplicationLoadBalancer lb = ApplicationLoadBalancer.Builder.create(this, "LB") .vpc(vpc) .internetFacing(true) .build(); UserPool userPool = new UserPool(this, "UserPool"); UserPoolClient userPoolClient = UserPoolClient.Builder.create(this, "Client") .userPool(userPool) // Required minimal configuration for use with an ELB .generateSecret(true) .authFlows(AuthFlow.builder() .userPassword(true) .build()) .oAuth(OAuthSettings.builder() .flows(OAuthFlows.builder() .authorizationCodeGrant(true) .build()) .scopes(List.of(OAuthScope.EMAIL)) .callbackUrls(List.of(String.format("https://%s/oauth2/idpresponse", lb.getLoadBalancerDnsName()))) .build()) .build(); CfnUserPoolClient cfnClient = (CfnUserPoolClient)userPoolClient.getNode().getDefaultChild(); cfnClient.addPropertyOverride("RefreshTokenValidity", 1); cfnClient.addPropertyOverride("SupportedIdentityProviders", List.of("COGNITO")); UserPoolDomain userPoolDomain = UserPoolDomain.Builder.create(this, "Domain") .userPool(userPool) .cognitoDomain(CognitoDomainOptions.builder() .domainPrefix("test-cdk-prefix") .build()) .build(); lb.addListener("Listener", BaseApplicationListenerProps.builder() .port(443) .certificates(List.of(certificate)) .defaultAction(AuthenticateCognitoAction.Builder.create() .userPool(userPool) .userPoolClient(userPoolClient) .userPoolDomain(userPoolDomain) .next(ListenerAction.fixedResponse(200, FixedResponseOptions.builder() .contentType("text/plain") .messageBody("Authenticated") .build())) .build()) .build()); CfnOutput.Builder.create(this, "DNS") .value(lb.getLoadBalancerDnsName()) .build();
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic interface
The settings for Amazon Pinpoint analytics configuration.static final class
A fluent builder forCfnUserPoolClient
.static interface
The time units you use when you set the duration of ID, access, and refresh tokens.Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode
Nested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.amazon.awscdk.IInspectable
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
The CloudFormation resource type name for this resource class. -
Constructor Summary
ModifierConstructorDescriptionprotected
CfnUserPoolClient
(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protected
CfnUserPoolClient
(software.amazon.jsii.JsiiObjectRef objRef) CfnUserPoolClient
(software.constructs.Construct scope, String id, CfnUserPoolClientProps props) -
Method Summary
Modifier and TypeMethodDescriptionThe access token time limit.The OAuth grant types that you want your app client to generate.Set totrue
to use OAuth 2.0 features in your user pool app client.The allowed OAuth scopes.The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.The ID of the app client, for example1example23456789
.Amazon Cognito creates a session token for each API request in an authentication flow.A list of allowed redirect (callback) URLs for the IdPs.The client name for the user pool client you would like to create.The default redirect URI.Activates the propagation of additional user context data.Activates or deactivates token revocation.The authentication flows that you want your user pool client to support.Boolean to specify whether you want to generate a secret for the user pool client being created.The ID token time limit.A list of allowed logout URLs for the IdPs.Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool.The list of user attributes that you want your app client to have read access to.The refresh token time limit.A list of provider names for the identity providers (IdPs) that are supported on this client.The units in which the validity times are represented.The user pool ID for the user pool where you want to create a user pool client.The list of user attributes that you want your app client to have write access to.void
inspect
(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.renderProperties
(Map<String, Object> props) void
setAccessTokenValidity
(Number value) The access token time limit.void
setAllowedOAuthFlows
(List<String> value) The OAuth grant types that you want your app client to generate.void
Set totrue
to use OAuth 2.0 features in your user pool app client.void
Set totrue
to use OAuth 2.0 features in your user pool app client.void
setAllowedOAuthScopes
(List<String> value) The allowed OAuth scopes.void
The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.void
The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.void
setAuthSessionValidity
(Number value) Amazon Cognito creates a session token for each API request in an authentication flow.void
setCallbackUrLs
(List<String> value) A list of allowed redirect (callback) URLs for the IdPs.void
setClientName
(String value) The client name for the user pool client you would like to create.void
setDefaultRedirectUri
(String value) The default redirect URI.void
Activates the propagation of additional user context data.void
Activates the propagation of additional user context data.void
setEnableTokenRevocation
(Boolean value) Activates or deactivates token revocation.void
Activates or deactivates token revocation.void
setExplicitAuthFlows
(List<String> value) The authentication flows that you want your user pool client to support.void
setGenerateSecret
(Boolean value) Boolean to specify whether you want to generate a secret for the user pool client being created.void
setGenerateSecret
(IResolvable value) Boolean to specify whether you want to generate a secret for the user pool client being created.void
setIdTokenValidity
(Number value) The ID token time limit.void
setLogoutUrLs
(List<String> value) A list of allowed logout URLs for the IdPs.void
Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool.void
setReadAttributes
(List<String> value) The list of user attributes that you want your app client to have read access to.void
setRefreshTokenValidity
(Number value) The refresh token time limit.void
setSupportedIdentityProviders
(List<String> value) A list of provider names for the identity providers (IdPs) that are supported on this client.void
setTokenValidityUnits
(IResolvable value) The units in which the validity times are represented.void
The units in which the validity times are represented.void
setUserPoolId
(String value) The user pool ID for the user pool where you want to create a user pool client.void
setWriteAttributes
(List<String> value) The list of user attributes that you want your app client to have write access to.Methods inherited from class software.amazon.awscdk.CfnResource
addDeletionOverride, addDependency, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, obtainDependencies, obtainResourceDependencies, removeDependency, replaceDependency, shouldSynthesize, toString, validateProperties
Methods inherited from class software.amazon.awscdk.CfnRefElement
getRef
Methods inherited from class software.amazon.awscdk.CfnElement
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId
Methods inherited from class software.constructs.Construct
getNode, isConstruct
Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
-
-
Constructor Details
-
CfnUserPoolClient
protected CfnUserPoolClient(software.amazon.jsii.JsiiObjectRef objRef) -
CfnUserPoolClient
protected CfnUserPoolClient(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
CfnUserPoolClient
@Stability(Stable) public CfnUserPoolClient(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnUserPoolClientProps props) - Parameters:
scope
- Scope in which this resource is defined. This parameter is required.id
- Construct identifier for this resource (unique in its scope). This parameter is required.props
- Resource properties. This parameter is required.
-
-
Method Details
-
inspect
Examines the CloudFormation resource and discloses attributes.- Specified by:
inspect
in interfaceIInspectable
- Parameters:
inspector
- tree inspector to collect and process attributes. This parameter is required.
-
renderProperties
@Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String, Object> props) - Overrides:
renderProperties
in classCfnResource
- Parameters:
props
- This parameter is required.
-
getAttrClientId
The ID of the app client, for example1example23456789
. -
getAttrClientSecret
-
getAttrName
-
getCfnProperties
- Overrides:
getCfnProperties
in classCfnResource
-
getUserPoolId
The user pool ID for the user pool where you want to create a user pool client. -
setUserPoolId
The user pool ID for the user pool where you want to create a user pool client. -
getAccessTokenValidity
The access token time limit. -
setAccessTokenValidity
The access token time limit. -
getAllowedOAuthFlows
The OAuth grant types that you want your app client to generate. -
setAllowedOAuthFlows
The OAuth grant types that you want your app client to generate. -
getAllowedOAuthFlowsUserPoolClient
Set totrue
to use OAuth 2.0 features in your user pool app client. -
setAllowedOAuthFlowsUserPoolClient
Set totrue
to use OAuth 2.0 features in your user pool app client. -
setAllowedOAuthFlowsUserPoolClient
Set totrue
to use OAuth 2.0 features in your user pool app client. -
getAllowedOAuthScopes
The allowed OAuth scopes. -
setAllowedOAuthScopes
The allowed OAuth scopes. -
getAnalyticsConfiguration
The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign. -
setAnalyticsConfiguration
The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign. -
setAnalyticsConfiguration
@Stability(Stable) public void setAnalyticsConfiguration(@Nullable CfnUserPoolClient.AnalyticsConfigurationProperty value) The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign. -
getAuthSessionValidity
Amazon Cognito creates a session token for each API request in an authentication flow. -
setAuthSessionValidity
Amazon Cognito creates a session token for each API request in an authentication flow. -
getCallbackUrLs
A list of allowed redirect (callback) URLs for the IdPs. -
setCallbackUrLs
A list of allowed redirect (callback) URLs for the IdPs. -
getClientName
The client name for the user pool client you would like to create. -
setClientName
The client name for the user pool client you would like to create. -
getDefaultRedirectUri
The default redirect URI. -
setDefaultRedirectUri
The default redirect URI. -
getEnablePropagateAdditionalUserContextData
Activates the propagation of additional user context data. -
setEnablePropagateAdditionalUserContextData
Activates the propagation of additional user context data. -
setEnablePropagateAdditionalUserContextData
@Stability(Stable) public void setEnablePropagateAdditionalUserContextData(@Nullable IResolvable value) Activates the propagation of additional user context data. -
getEnableTokenRevocation
Activates or deactivates token revocation.For more information about revoking tokens, see RevokeToken .
-
setEnableTokenRevocation
Activates or deactivates token revocation.For more information about revoking tokens, see RevokeToken .
-
setEnableTokenRevocation
Activates or deactivates token revocation.For more information about revoking tokens, see RevokeToken .
-
getExplicitAuthFlows
The authentication flows that you want your user pool client to support. -
setExplicitAuthFlows
The authentication flows that you want your user pool client to support. -
getGenerateSecret
Boolean to specify whether you want to generate a secret for the user pool client being created. -
setGenerateSecret
Boolean to specify whether you want to generate a secret for the user pool client being created. -
setGenerateSecret
Boolean to specify whether you want to generate a secret for the user pool client being created. -
getIdTokenValidity
The ID token time limit. -
setIdTokenValidity
The ID token time limit. -
getLogoutUrLs
A list of allowed logout URLs for the IdPs. -
setLogoutUrLs
A list of allowed logout URLs for the IdPs. -
getPreventUserExistenceErrors
Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. -
setPreventUserExistenceErrors
Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. -
getReadAttributes
The list of user attributes that you want your app client to have read access to. -
setReadAttributes
The list of user attributes that you want your app client to have read access to. -
getRefreshTokenValidity
The refresh token time limit. -
setRefreshTokenValidity
The refresh token time limit. -
getSupportedIdentityProviders
A list of provider names for the identity providers (IdPs) that are supported on this client. -
setSupportedIdentityProviders
A list of provider names for the identity providers (IdPs) that are supported on this client. -
getTokenValidityUnits
The units in which the validity times are represented. -
setTokenValidityUnits
The units in which the validity times are represented. -
setTokenValidityUnits
@Stability(Stable) public void setTokenValidityUnits(@Nullable CfnUserPoolClient.TokenValidityUnitsProperty value) The units in which the validity times are represented. -
getWriteAttributes
The list of user attributes that you want your app client to have write access to. -
setWriteAttributes
The list of user attributes that you want your app client to have write access to.
-