Class: Aws::CognitoIdentityProvider::Types::IdentityProviderType
- Inherits:
-
Struct
- Object
- Struct
- Aws::CognitoIdentityProvider::Types::IdentityProviderType
- Defined in:
- gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb
Overview
A container for information about an IdP.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#attribute_mapping ⇒ Hash<String,String>
A mapping of IdP attributes to standard and custom user pool attributes.
-
#creation_date ⇒ Time
The date and time when the item was created.
-
#idp_identifiers ⇒ Array<String>
A list of IdP identifiers.
-
#last_modified_date ⇒ Time
The date and time when the item was modified.
-
#provider_details ⇒ Hash<String,String>
The scopes, URLs, and identifiers for your external identity provider.
-
#provider_name ⇒ String
The IdP name.
-
#provider_type ⇒ String
The IdP type.
-
#user_pool_id ⇒ String
The user pool ID.
Instance Attribute Details
#attribute_mapping ⇒ Hash<String,String>
A mapping of IdP attributes to standard and custom user pool attributes.
5554 5555 5556 5557 5558 5559 5560 5561 5562 5563 5564 5565 |
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554 class IdentityProviderType < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers, :last_modified_date, :creation_date) SENSITIVE = [] include Aws::Structure end |
#creation_date ⇒ Time
The date and time when the item was created. Amazon Cognito returns
this timestamp in UNIX epoch time format. Your SDK might render the
output in a human-readable format like ISO 8601 or a Java Date
object.
5554 5555 5556 5557 5558 5559 5560 5561 5562 5563 5564 5565 |
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554 class IdentityProviderType < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers, :last_modified_date, :creation_date) SENSITIVE = [] include Aws::Structure end |
#idp_identifiers ⇒ Array<String>
A list of IdP identifiers.
5554 5555 5556 5557 5558 5559 5560 5561 5562 5563 5564 5565 |
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554 class IdentityProviderType < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers, :last_modified_date, :creation_date) SENSITIVE = [] include Aws::Structure end |
#last_modified_date ⇒ Time
The date and time when the item was modified. Amazon Cognito returns
this timestamp in UNIX epoch time format. Your SDK might render the
output in a human-readable format like ISO 8601 or a Java Date
object.
5554 5555 5556 5557 5558 5559 5560 5561 5562 5563 5564 5565 |
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554 class IdentityProviderType < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers, :last_modified_date, :creation_date) SENSITIVE = [] include Aws::Structure end |
#provider_details ⇒ Hash<String,String>
The scopes, URLs, and identifiers for your external identity
provider. The following examples describe the provider detail keys
for each IdP type. These values and their schema are subject to
change. Social IdP authorize_scopes
values must match the values
listed here.
- OpenID Connect (OIDC)
Amazon Cognito accepts the following elements when it can't discover endpoint URLs from
oidc_issuer
:attributes_url
,authorize_url
,jwks_uri
,token_url
.Create or update request:
"ProviderDetails": \{ "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" \}
Describe response:
"ProviderDetails": \{ "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" \}
- SAML
Create or update request with Metadata URL:
"ProviderDetails": \{ "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" \}
Create or update request with Metadata file:
"ProviderDetails": \{ "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" \}
The value of
MetadataFile
must be the plaintext metadata document with all quote (") characters escaped by backslashes.Describe response:
"ProviderDetails": \{ "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" \}
- LoginWithAmazon
Create or update request:
"ProviderDetails": \{ "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
Describe response:
"ProviderDetails": \{ "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" \}
Create or update request:
"ProviderDetails": \{ "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" \}
Describe response:
"ProviderDetails": \{ "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" \}
- SignInWithApple
Create or update request:
"ProviderDetails": \{ "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" \}
Describe response:
"ProviderDetails": \{ "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" \}
Create or update request:
"ProviderDetails": \{ "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" \}
Describe response:
"ProviderDetails": \{ "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" \}
5554 5555 5556 5557 5558 5559 5560 5561 5562 5563 5564 5565 |
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554 class IdentityProviderType < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers, :last_modified_date, :creation_date) SENSITIVE = [] include Aws::Structure end |
#provider_name ⇒ String
The IdP name.
5554 5555 5556 5557 5558 5559 5560 5561 5562 5563 5564 5565 |
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554 class IdentityProviderType < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers, :last_modified_date, :creation_date) SENSITIVE = [] include Aws::Structure end |
#provider_type ⇒ String
The IdP type.
5554 5555 5556 5557 5558 5559 5560 5561 5562 5563 5564 5565 |
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554 class IdentityProviderType < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers, :last_modified_date, :creation_date) SENSITIVE = [] include Aws::Structure end |
#user_pool_id ⇒ String
The user pool ID.
5554 5555 5556 5557 5558 5559 5560 5561 5562 5563 5564 5565 |
# File 'gems/aws-sdk-cognitoidentityprovider/lib/aws-sdk-cognitoidentityprovider/types.rb', line 5554 class IdentityProviderType < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers, :last_modified_date, :creation_date) SENSITIVE = [] include Aws::Structure end |