OAuthFlows

class aws_cdk.aws_cognito.OAuthFlows(*, authorization_code_grant=None, client_credentials=None, implicit_code_grant=None)

Bases: object

Types of OAuth grant flows.

Parameters:

• authorization_code_grant (Optional[bool]) – Initiate an authorization code grant flow, which provides an authorization code as the response. Default: false

• client_credentials (Optional[bool]) – Client should get the access token and ID token from the token endpoint using a combination of client and client_secret. Default: false

• implicit_code_grant (Optional[bool]) – The client should get the access token and ID token directly. Default: false

See:

• the ‘Allowed OAuth Flows’ section at https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html

ExampleMetadata:

infused

Example:

pool = cognito.UserPool(self, "Pool")
pool.add_client("app-client",
    o_auth=cognito.OAuthSettings(
        flows=cognito.OAuthFlows(
            authorization_code_grant=True
        ),
        scopes=[cognito.OAuthScope.OPENID],
        callback_urls=["https://my-app-domain.com/welcome"],
        logout_urls=["https://my-app-domain.com/signin"]
    )
)

Attributes

authorization_code_grant

Initiate an authorization code grant flow, which provides an authorization code as the response.

Default:

false

client_credentials

Client should get the access token and ID token from the token endpoint using a combination of client and client_secret.

Default:

false

implicit_code_grant

The client should get the access token and ID token directly.

Default:

false