aws-cdk-lib.aws_cognito.OAuthFlows

interface OAuthFlows

LanguageType name
.NETAmazon.CDK.AWS.Cognito.OAuthFlows
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awscognito#OAuthFlows
Javasoftware.amazon.awscdk.services.cognito.OAuthFlows
Pythonaws_cdk.aws_cognito.OAuthFlows
TypeScript (source)aws-cdk-lib » aws_cognito » OAuthFlows

Types of OAuth grant flows.

See also: [ - the 'Allowed OAuth Flows' section at https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html]( - the 'Allowed OAuth Flows' section at https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html)

Example

const userpool = new cognito.UserPool(this, 'UserPool', {
  // ...
});
const client = userpool.addClient('Client', {
  // ...
  oAuth: {
    flows: {
      implicitCodeGrant: true,
    },
    callbackUrls: [
      'https://myapp.com/home',
      'https://myapp.com/users',
    ],
  },
});
const domain = userpool.addDomain('Domain', {
  // ...
});
const signInUrl = domain.signInUrl(client, {
  redirectUri: 'https://myapp.com/home', // must be a URL configured under 'callbackUrls' with the client
});

Properties

NameTypeDescription
authorizationCodeGrant?booleanInitiate an authorization code grant flow, which provides an authorization code as the response.
clientCredentials?booleanClient should get the access token and ID token from the token endpoint using a combination of client and client_secret.
implicitCodeGrant?booleanThe client should get the access token and ID token directly.

authorizationCodeGrant?

Type: boolean (optional, default: false)

Initiate an authorization code grant flow, which provides an authorization code as the response.


clientCredentials?

Type: boolean (optional, default: false)

Client should get the access token and ID token from the token endpoint using a combination of client and client_secret.


implicitCodeGrant?

Type: boolean (optional, default: false)

The client should get the access token and ID token directly.