IncludedOauth2TenantCredentialProviderProps

class aws_cdk.aws_bedrock_agentcore_alpha.IncludedOauth2TenantCredentialProviderProps(*, o_auth2_credential_provider_name=None, tags=None, client_id, client_secret, authorization_endpoint=None, issuer=None, token_endpoint=None)

Bases: OAuth2CredentialProviderFactoryBaseProps, IncludedOauth2TenantEndpoints

(experimental) Props for IncludedOauth2ProviderConfig IdPs whose outbound documentation requires issuer, authorizationEndpoint, and/or tokenEndpoint (for example Okta, Auth0, Amazon Cognito, OneLogin, PingOne, CyberArk, FusionAuth).

Parameters:

  • o_auth2_credential_provider_name (Optional[str]) – (experimental) Name of the credential provider. Default: a name generated by CDK

  • tags (Optional[Mapping[str, str]]) – (experimental) Tags for this credential provider. Default: - no tags

  • client_id (str) – (experimental) OAuth2 client identifier.

  • client_secret (SecretValue) – (experimental) OAuth2 client secret. NOTE: The client secret will be included in the CloudFormation template as part of synthesis. The service stores the secret in Secrets Manager after creation, but the value is visible in the template and deployment history. Use SecretValue.unsafePlainText() to explicitly acknowledge plaintext, or pass a reference from another construct to avoid embedding the literal value.

  • authorization_endpoint (Optional[str]) – (experimental) OAuth2 authorization endpoint for your tenant. Default: - not specified; use when your IdP requires an explicit endpoint

  • issuer (Optional[str]) – (experimental) Token issuer URL for your tenant (often the IdP base or issuer URI). Default: - not specified; use when your IdP requires an explicit issuer

  • token_endpoint (Optional[str]) – (experimental) OAuth2 token endpoint for your tenant. Default: - not specified; use when your IdP requires an explicit endpoint

Stability:

experimental

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_bedrock_agentcore_alpha as bedrock_agentcore_alpha
import aws_cdk as cdk

# secret_value: cdk.SecretValue

included_oauth2_tenant_credential_provider_props = bedrock_agentcore_alpha.IncludedOauth2TenantCredentialProviderProps(
    client_id="clientId",
    client_secret=secret_value,

    # the properties below are optional
    authorization_endpoint="authorizationEndpoint",
    issuer="issuer",
    o_auth2_credential_provider_name="oAuth2CredentialProviderName",
    tags={
        "tags_key": "tags"
    },
    token_endpoint="tokenEndpoint"
)

Attributes

authorization_endpoint

(experimental) OAuth2 authorization endpoint for your tenant.

Default:

  • not specified; use when your IdP requires an explicit endpoint

Stability:

experimental

client_id

(experimental) OAuth2 client identifier.

Stability:

experimental

client_secret

(experimental) OAuth2 client secret.

NOTE: The client secret will be included in the CloudFormation template as part of synthesis. The service stores the secret in Secrets Manager after creation, but the value is visible in the template and deployment history. Use SecretValue.unsafePlainText() to explicitly acknowledge plaintext, or pass a reference from another construct to avoid embedding the literal value.

Stability:

experimental

issuer

(experimental) Token issuer URL for your tenant (often the IdP base or issuer URI).

Default:

  • not specified; use when your IdP requires an explicit issuer

Stability:

experimental

o_auth2_credential_provider_name

(experimental) Name of the credential provider.

Default:

a name generated by CDK

Stability:

experimental

tags

(experimental) Tags for this credential provider.

Default:

  • no tags

Stability:

experimental

token_endpoint

(experimental) OAuth2 token endpoint for your tenant.

Default:

  • not specified; use when your IdP requires an explicit endpoint

Stability:

experimental