You are viewing documentation for version 3 of the AWS SDK for Ruby. Version 2 documentation can be found here.

Class: Aws::CognitoIdentityProvider::Types::CreateUserPoolClientRequest

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb

Overview

Note:

When making an API call, you may pass CreateUserPoolClientRequest data as a hash:

{
  user_pool_id: "UserPoolIdType", # required
  client_name: "ClientNameType", # required
  generate_secret: false,
  refresh_token_validity: 1,
  read_attributes: ["ClientPermissionType"],
  write_attributes: ["ClientPermissionType"],
  explicit_auth_flows: ["ADMIN_NO_SRP_AUTH"], # accepts ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH
  supported_identity_providers: ["ProviderNameType"],
  callback_urls: ["RedirectUrlType"],
  logout_urls: ["RedirectUrlType"],
  default_redirect_uri: "RedirectUrlType",
  allowed_o_auth_flows: ["code"], # accepts code, implicit, client_credentials
  allowed_o_auth_scopes: ["ScopeType"],
  allowed_o_auth_flows_user_pool_client: false,
  analytics_configuration: {
    application_id: "HexStringType", # required
    role_arn: "ArnType", # required
    external_id: "StringType", # required
    user_data_shared: false,
  },
}

Represents the request to create a user pool client.

Instance Attribute Summary collapse

Instance Attribute Details

#allowed_o_auth_flowsArray<String>

Set to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.

Set to token to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.

Returns:

  • (Array<String>)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#allowed_o_auth_flows_user_pool_clientBoolean

Set to True if the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.

Returns:

  • (Boolean)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#allowed_o_auth_scopesArray<String>

A list of allowed OAuth scopes. Currently supported values are "phone", "email", "openid", and "Cognito".

Returns:

  • (Array<String>)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#analytics_configurationTypes::AnalyticsConfigurationType

The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.



2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#callback_urlsArray<String>

A list of allowed redirect (callback) URLs for the identity providers.

A redirect URI must:

  • Be an absolute URI.

  • Be registered with the authorization server.

  • Not include a fragment component.

See OAuth 2.0 - Redirection Endpoint.

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.

App callback URLs such as myapp://example are also supported.

Returns:

  • (Array<String>)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#client_nameString

The client name for the user pool client you would like to create.

Returns:

  • (String)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#default_redirect_uriString

The default redirect URI. Must be in the CallbackURLs list.

A redirect URI must:

  • Be an absolute URI.

  • Be registered with the authorization server.

  • Not include a fragment component.

See OAuth 2.0 - Redirection Endpoint.

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.

App callback URLs such as myapp://example are also supported.

Returns:

  • (String)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#explicit_auth_flowsArray<String>

The explicit authentication flows.

Returns:

  • (Array<String>)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#generate_secretBoolean

Boolean to specify whether you want to generate a secret for the user pool client being created.

Returns:

  • (Boolean)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#logout_urlsArray<String>

A list of allowed logout URLs for the identity providers.

Returns:

  • (Array<String>)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#read_attributesArray<String>

The read attributes.

Returns:

  • (Array<String>)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#refresh_token_validityInteger

The time limit, in days, after which the refresh token is no longer valid and cannot be used.

Returns:

  • (Integer)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#supported_identity_providersArray<String>

A list of provider names for the identity providers that are supported on this client. The following are supported: COGNITO, Facebook, Google and LoginWithAmazon.

Returns:

  • (Array<String>)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#user_pool_idString

The user pool ID for the user pool where you want to create a user pool client.

Returns:

  • (String)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end

#write_attributesArray<String>

The user pool attributes that the app client can write to.

If your app client allows users to sign in through an identity provider, this array must include all attributes that are mapped to identity provider attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider. If your app client lacks write access to a mapped attribute, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see Specifying Identity Provider Attribute Mappings for Your User Pool.

Returns:

  • (Array<String>)


2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 2834

class CreateUserPoolClientRequest < Struct.new(
  :user_pool_id,
  :client_name,
  :generate_secret,
  :refresh_token_validity,
  :read_attributes,
  :write_attributes,
  :explicit_auth_flows,
  :supported_identity_providers,
  :callback_urls,
  :logout_urls,
  :default_redirect_uri,
  :allowed_o_auth_flows,
  :allowed_o_auth_scopes,
  :allowed_o_auth_flows_user_pool_client,
  :analytics_configuration)
  include Aws::Structure
end