Class: Aws::CognitoIdentityProvider::Types::IdentityProviderType

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb

Overview

A container for information about an IdP.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#attribute_mappingHash<String,String>

A mapping of IdP attributes to standard and custom user pool attributes.

Returns:

  • (Hash<String,String>)


5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554

class IdentityProviderType < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_type,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers,
  :last_modified_date,
  :creation_date)
  SENSITIVE = []
  include Aws::Structure
end

#creation_dateTime

The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.

Returns:

  • (Time)


5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554

class IdentityProviderType < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_type,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers,
  :last_modified_date,
  :creation_date)
  SENSITIVE = []
  include Aws::Structure
end

#idp_identifiersArray<String>

A list of IdP identifiers.

Returns:

  • (Array<String>)


5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554

class IdentityProviderType < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_type,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers,
  :last_modified_date,
  :creation_date)
  SENSITIVE = []
  include Aws::Structure
end

#last_modified_dateTime

The date and time when the item was modified. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.

Returns:

  • (Time)


5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554

class IdentityProviderType < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_type,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers,
  :last_modified_date,
  :creation_date)
  SENSITIVE = []
  include Aws::Structure
end

#provider_detailsHash<String,String>

The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP authorize_scopes values must match the values listed here.

OpenID Connect (OIDC)

Amazon Cognito accepts the following elements when it can't discover endpoint URLs from oidc_issuer: attributes_url, authorize_url, jwks_uri, token_url.

Create or update request: "ProviderDetails": \{ "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" \}

Describe response: "ProviderDetails": \{ "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" \}

SAML

Create or update request with Metadata URL: "ProviderDetails": \{ "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" \}

Create or update request with Metadata file: "ProviderDetails": \{ "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" \}

The value of MetadataFile must be the plaintext metadata document with all quote (") characters escaped by backslashes.

Describe response: "ProviderDetails": \{ "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" \}

LoginWithAmazon

Create or update request: "ProviderDetails": \{ "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"

Describe response: "ProviderDetails": \{ "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" \}

Google

Create or update request: "ProviderDetails": \{ "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" \}

Describe response: "ProviderDetails": \{ "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" \}

SignInWithApple

Create or update request: "ProviderDetails": \{ "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" \}

Describe response: "ProviderDetails": \{ "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" \}

Facebook

Create or update request: "ProviderDetails": \{ "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" \}

Describe response: "ProviderDetails": \{ "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" \}

Returns:

  • (Hash<String,String>)


5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554

class IdentityProviderType < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_type,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers,
  :last_modified_date,
  :creation_date)
  SENSITIVE = []
  include Aws::Structure
end

#provider_nameString

The IdP name.

Returns:

  • (String)


5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554

class IdentityProviderType < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_type,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers,
  :last_modified_date,
  :creation_date)
  SENSITIVE = []
  include Aws::Structure
end

#provider_typeString

The IdP type.

Returns:

  • (String)


5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554

class IdentityProviderType < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_type,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers,
  :last_modified_date,
  :creation_date)
  SENSITIVE = []
  include Aws::Structure
end

#user_pool_idString

The user pool ID.

Returns:

  • (String)


5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554

class IdentityProviderType < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_type,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers,
  :last_modified_date,
  :creation_date)
  SENSITIVE = []
  include Aws::Structure
end