ConfigurationDetail
Contains configuration information about an identity source.
This data type is a response parameter to the GetIdentitySource operation.
Contents
Note
In the following list, the required parameters are described first.
Important
This data type is a UNION, so only one of the following members can be specified when used or returned.
- cognitoUserPoolConfiguration
-
Contains configuration details of a Amazon Cognito user pool that Verified Permissions can use as a source of authenticated identities as entities. It specifies the Amazon Resource Name (ARN) of a Amazon Cognito user pool, the policy store entity that you want to assign to user groups, and one or more application client IDs.
Example:
"configuration":{"cognitoUserPoolConfiguration":{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds": ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration": {"groupEntityType": "MyCorp::Group"}}}Type: CognitoUserPoolConfigurationDetail object
Required: No
- openIdConnectConfiguration
-
Contains configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities. It specifies the issuer URL, token type that you want to use, and policy store entity details.
Example:
"configuration":{"openIdConnectConfiguration":{"issuer":"https://auth.example.com","tokenSelection":{"accessTokenOnly":{"audiences":["https://myapp.example.com","https://myapp2.example.com"],"principalIdClaim":"sub"}},"entityIdPrefix":"MyOIDCProvider","groupConfiguration":{"groupClaim":"groups","groupEntityType":"MyCorp::UserGroup"}}}Type: OpenIdConnectConfigurationDetail object
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
