aws-cdk-lib.aws_cognito.CfnUserPoolIdentityProviderProps

interface CfnUserPoolIdentityProviderProps

LanguageType name
.NETAmazon.CDK.AWS.Cognito.CfnUserPoolIdentityProviderProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awscognito#CfnUserPoolIdentityProviderProps
Javasoftware.amazon.awscdk.services.cognito.CfnUserPoolIdentityProviderProps
Pythonaws_cdk.aws_cognito.CfnUserPoolIdentityProviderProps
TypeScript aws-cdk-lib » aws_cognito » CfnUserPoolIdentityProviderProps

Properties for defining a CfnUserPoolIdentityProvider.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_cognito as cognito } from 'aws-cdk-lib';

declare const attributeMapping: any;
declare const providerDetails: any;
const cfnUserPoolIdentityProviderProps: cognito.CfnUserPoolIdentityProviderProps = {
  providerName: 'providerName',
  providerType: 'providerType',
  userPoolId: 'userPoolId',

  // the properties below are optional
  attributeMapping: attributeMapping,
  idpIdentifiers: ['idpIdentifiers'],
  providerDetails: providerDetails,
};

Properties

NameTypeDescription
providerNamestringThe IdP name.
providerTypestringThe IdP type.
userPoolIdstringThe user pool ID.
attributeMapping?anyA mapping of IdP attributes to standard and custom user pool attributes.
idpIdentifiers?string[]A list of IdP identifiers.
providerDetails?anyThe IdP details. The following list describes the provider detail keys for each IdP type.

providerName

Type: string

The IdP name.


providerType

Type: string

The IdP type.


userPoolId

Type: string

The user pool ID.


attributeMapping?

Type: any (optional)

A mapping of IdP attributes to standard and custom user pool attributes.


idpIdentifiers?

Type: string[] (optional)

A list of IdP identifiers.


providerDetails?

Type: any (optional)

The IdP details. The following list describes the provider detail keys for each IdP type.

  • For Google and Login with Amazon:

  • client_id

  • client_secret

  • authorize_scopes

  • For Facebook:

  • client_id

  • client_secret

  • authorize_scopes

  • api_version

  • For Sign in with Apple:

  • client_id

  • team_id

  • key_id

  • private_key

  • authorize_scopes

  • For OpenID Connect (OIDC) providers:

  • client_id

  • client_secret

  • attributes_request_method

  • oidc_issuer

  • authorize_scopes

  • The following keys are only present if Amazon Cognito didn't discover them at the oidc_issuer URL.

  • authorize_url

  • token_url

  • attributes_url

  • jwks_uri

  • Amazon Cognito sets the value of the following keys automatically. They are read-only.

  • attributes_url_add_attributes

  • For SAML providers:

  • MetadataFile or MetadataURL

  • IDPSignout optional