aws-cdk-lib.aws_cognito.UserPoolIdentityProviderOidcProps

interface UserPoolIdentityProviderOidcProps

LanguageType name
.NETAmazon.CDK.AWS.Cognito.UserPoolIdentityProviderOidcProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awscognito#UserPoolIdentityProviderOidcProps
Javasoftware.amazon.awscdk.services.cognito.UserPoolIdentityProviderOidcProps
Pythonaws_cdk.aws_cognito.UserPoolIdentityProviderOidcProps
TypeScript (source)aws-cdk-lib » aws_cognito » UserPoolIdentityProviderOidcProps

Properties to initialize UserPoolIdentityProviderOidc.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_cognito as cognito } from 'aws-cdk-lib';

declare const providerAttribute: cognito.ProviderAttribute;
declare const userPool: cognito.UserPool;
const userPoolIdentityProviderOidcProps: cognito.UserPoolIdentityProviderOidcProps = {
  clientId: 'clientId',
  clientSecret: 'clientSecret',
  issuerUrl: 'issuerUrl',
  userPool: userPool,

  // the properties below are optional
  attributeMapping: {
    address: providerAttribute,
    birthdate: providerAttribute,
    custom: {
      customKey: providerAttribute,
    },
    email: providerAttribute,
    familyName: providerAttribute,
    fullname: providerAttribute,
    gender: providerAttribute,
    givenName: providerAttribute,
    lastUpdateTime: providerAttribute,
    locale: providerAttribute,
    middleName: providerAttribute,
    nickname: providerAttribute,
    phoneNumber: providerAttribute,
    preferredUsername: providerAttribute,
    profilePage: providerAttribute,
    profilePicture: providerAttribute,
    timezone: providerAttribute,
    website: providerAttribute,
  },
  attributeRequestMethod: cognito.OidcAttributeRequestMethod.GET,
  endpoints: {
    authorization: 'authorization',
    jwksUri: 'jwksUri',
    token: 'token',
    userInfo: 'userInfo',
  },
  identifiers: ['identifiers'],
  name: 'name',
  scopes: ['scopes'],
};

Properties

NameTypeDescription
clientIdstringThe client id.
clientSecretstringThe client secret.
issuerUrlstringIssuer URL.
userPoolIUserPoolThe user pool to which this construct provides identities.
attributeMapping?AttributeMappingMapping attributes from the identity provider to standard and custom attributes of the user pool.
attributeRequestMethod?OidcAttributeRequestMethodThe method to use to request attributes.
endpoints?OidcEndpointsOpenID connect endpoints.
identifiers?string[]Identifiers.
name?stringThe name of the provider.
scopes?string[]The OAuth 2.0 scopes that you will request from OpenID Connect. Scopes are groups of OpenID Connect user attributes to exchange with your app.

clientId

Type: string

The client id.


clientSecret

Type: string

The client secret.


issuerUrl

Type: string

Issuer URL.


userPool

Type: IUserPool

The user pool to which this construct provides identities.


attributeMapping?

Type: AttributeMapping (optional, default: no attribute mapping)

Mapping attributes from the identity provider to standard and custom attributes of the user pool.


attributeRequestMethod?

Type: OidcAttributeRequestMethod (optional, default: OidcAttributeRequestMethod.GET)

The method to use to request attributes.


endpoints?

Type: OidcEndpoints (optional, default: auto discovered with issuer URL)

OpenID connect endpoints.


identifiers?

Type: string[] (optional, default: no identifiers used)

Identifiers.

Identifiers can be used to redirect users to the correct IdP in multitenant apps.


name?

Type: string (optional, default: the unique ID of the construct)

The name of the provider.


scopes?

Type: string[] (optional, default: ['openid'])

The OAuth 2.0 scopes that you will request from OpenID Connect. Scopes are groups of OpenID Connect user attributes to exchange with your app.