aws-cdk-lib.aws_appsync.CfnGraphQLApi.OpenIDConnectConfigProperty

interface OpenIDConnectConfigProperty

LanguageType name
.NETAmazon.CDK.AWS.AppSync.CfnGraphQLApi.OpenIDConnectConfigProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsappsync#CfnGraphQLApi_OpenIDConnectConfigProperty
Javasoftware.amazon.awscdk.services.appsync.CfnGraphQLApi.OpenIDConnectConfigProperty
Pythonaws_cdk.aws_appsync.CfnGraphQLApi.OpenIDConnectConfigProperty
TypeScript aws-cdk-lib » aws_appsync » CfnGraphQLApi » OpenIDConnectConfigProperty

The OpenIDConnectConfig property type specifies the optional authorization configuration for using an OpenID Connect compliant service with your GraphQL endpoint for an AWS AppSync GraphQL API.

OpenIDConnectConfig is a property of the AWS::AppSync::GraphQLApi property type.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_appsync as appsync } from 'aws-cdk-lib';
const openIDConnectConfigProperty: appsync.CfnGraphQLApi.OpenIDConnectConfigProperty = {
  authTtl: 123,
  clientId: 'clientId',
  iatTtl: 123,
  issuer: 'issuer',
};

Properties

NameTypeDescription
authTtl?numberThe number of milliseconds that a token is valid after being authenticated.
clientId?stringThe client identifier of the Relying party at the OpenID identity provider.
iatTtl?numberThe number of milliseconds that a token is valid after it's issued to a user.
issuer?stringThe issuer for the OIDC configuration.

authTtl?

Type: number (optional)

The number of milliseconds that a token is valid after being authenticated.


clientId?

Type: string (optional)

The client identifier of the Relying party at the OpenID identity provider.

This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so that AWS AppSync can validate against multiple client identifiers at a time.


iatTtl?

Type: number (optional)

The number of milliseconds that a token is valid after it's issued to a user.


issuer?

Type: string (optional)

The issuer for the OIDC configuration.

The issuer returned by discovery must exactly match the value of iss in the ID token.