Class: Aws::CognitoIdentityProvider::Types::CreateIdentityProviderRequest
- Inherits:
-
Struct
- Object
- Struct
- Aws::CognitoIdentityProvider::Types::CreateIdentityProviderRequest
- Includes:
- Structure
- Defined in:
- lib/aws-sdk-cognitoidentityprovider/types.rb
Overview
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#attribute_mapping ⇒ Hash<String,String>
A mapping of IdP attributes to standard and custom user pool attributes.
-
#idp_identifiers ⇒ Array<String>
A list of IdP identifiers.
-
#provider_details ⇒ Hash<String,String>
The scopes, URLs, and identifiers for your external identity provider.
-
#provider_name ⇒ String
The IdP name.
-
#provider_type ⇒ String
The IdP type.
-
#user_pool_id ⇒ String
The user pool ID.
Instance Attribute Details
#attribute_mapping ⇒ Hash<String,String>
A mapping of IdP attributes to standard and custom user pool attributes.
2961 2962 2963 2964 2965 2966 2967 2968 2969 2970 |
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 2961 class CreateIdentityProviderRequest < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers) SENSITIVE = [] include Aws::Structure end |
#idp_identifiers ⇒ Array<String>
A list of IdP identifiers.
2961 2962 2963 2964 2965 2966 2967 2968 2969 2970 |
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 2961 class CreateIdentityProviderRequest < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers) SENSITIVE = [] include Aws::Structure end |
#provider_details ⇒ Hash<String,String>
The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP ‘authorize_scopes` values must match the values listed here.
OpenID Connect (OIDC)
: Amazon Cognito accepts the following elements when it can’t
discover endpoint URLs from `oidc_issuer`: `attributes_url`,
`authorize_url`, `jwks_uri`, `token_url`.
Create or update request: `"ProviderDetails": \{
"attributes_request_method": "GET", "attributes_url":
"https://auth.example.com/userInfo", "authorize_scopes": "openid
profile email", "authorize_url":
"https://auth.example.com/authorize", "client_id":
"1example23456789", "client_secret": "provider-app-client-secret",
"jwks_uri": "https://auth.example.com/.well-known/jwks.json",
"oidc_issuer": "https://auth.example.com", "token_url":
"https://example.com/token" \}`
Describe response: `"ProviderDetails": \{
"attributes_request_method": "GET", "attributes_url":
"https://auth.example.com/userInfo",
"attributes_url_add_attributes": "false", "authorize_scopes":
"openid profile email", "authorize_url":
"https://auth.example.com/authorize", "client_id":
"1example23456789", "client_secret": "provider-app-client-secret",
"jwks_uri": "https://auth.example.com/.well-known/jwks.json",
"oidc_issuer": "https://auth.example.com", "token_url":
"https://example.com/token" \}`
SAML
: Create or update request with Metadata URL: ‘“ProviderDetails”:
"IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" :
"true", "MetadataURL":
"https://auth.example.com/sso/saml/metadata",
"RequestSigningAlgorithm": "rsa-sha256" \`
Create or update request with Metadata file: `"ProviderDetails":
\{ "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" :
"true", "MetadataFile": "[metadata XML]",
"RequestSigningAlgorithm": "rsa-sha256" \}`
The value of `MetadataFile` must be the plaintext metadata
document with all quote (") characters escaped by backslashes.
Describe response: `"ProviderDetails": \{ "IDPInit": "true",
"IDPSignout": "true", "EncryptedResponses" : "true",
"ActiveEncryptionCertificate": "[certificate]", "MetadataURL":
"https://auth.example.com/sso/saml/metadata",
"RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
"https://auth.example.com/slo/saml", "SSORedirectBindingURI":
"https://auth.example.com/sso/saml" \}`
LoginWithAmazon
: Create or update request: ‘“ProviderDetails”: {
"authorize_scopes": "profile postal_code", "client_id":
"amzn1.application-oa2-client.1example23456789", "client_secret":
"provider-app-client-secret"`
Describe response: `"ProviderDetails": \{ "attributes_url":
"https://api.amazon.com/user/profile",
"attributes_url_add_attributes": "false", "authorize_scopes":
"profile postal_code", "authorize_url":
"https://www.amazon.com/ap/oa", "client_id":
"amzn1.application-oa2-client.1example23456789", "client_secret":
"provider-app-client-secret", "token_request_method": "POST",
"token_url": "https://api.amazon.com/auth/o2/token" \}`
: Create or update request: ‘“ProviderDetails”: {
"authorize_scopes": "email profile openid", "client_id":
"1example23456789.apps.googleusercontent.com", "client_secret":
"provider-app-client-secret" \}`
Describe response: `"ProviderDetails": \{ "attributes_url":
"https://people.googleapis.com/v1/people/me?personFields=",
"attributes_url_add_attributes": "true", "authorize_scopes":
"email profile openid", "authorize_url":
"https://accounts.google.com/o/oauth2/v2/auth", "client_id":
"1example23456789.apps.googleusercontent.com", "client_secret":
"provider-app-client-secret", "oidc_issuer":
"https://accounts.google.com", "token_request_method": "POST",
"token_url": "https://www.googleapis.com/oauth2/v4/token" \}`
SignInWithApple
: Create or update request: ‘“ProviderDetails”: {
"authorize_scopes": "email name", "client_id":
"com.example.cognito", "private_key": "1EXAMPLE", "key_id":
"2EXAMPLE", "team_id": "3EXAMPLE" \}`
Describe response: `"ProviderDetails": \{
"attributes_url_add_attributes": "false", "authorize_scopes":
"email name", "authorize_url":
"https://appleid.apple.com/auth/authorize", "client_id":
"com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer":
"https://appleid.apple.com", "team_id": "2EXAMPLE",
"token_request_method": "POST", "token_url":
"https://appleid.apple.com/auth/token" \}`
: Create or update request: ‘“ProviderDetails”: { “api_version”:
"v17.0", "authorize_scopes": "public_profile, email", "client_id":
"1example23456789", "client_secret": "provider-app-client-secret"
\}`
Describe response: `"ProviderDetails": \{ "api_version": "v17.0",
"attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
"attributes_url_add_attributes": "true", "authorize_scopes":
"public_profile, email", "authorize_url":
"https://www.facebook.com/v17.0/dialog/oauth", "client_id":
"1example23456789", "client_secret": "provider-app-client-secret",
"token_request_method": "GET", "token_url":
"https://graph.facebook.com/v17.0/oauth/access_token" \}`
2961 2962 2963 2964 2965 2966 2967 2968 2969 2970 |
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 2961 class CreateIdentityProviderRequest < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers) SENSITIVE = [] include Aws::Structure end |
#provider_name ⇒ String
The IdP name.
2961 2962 2963 2964 2965 2966 2967 2968 2969 2970 |
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 2961 class CreateIdentityProviderRequest < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers) SENSITIVE = [] include Aws::Structure end |
#provider_type ⇒ String
The IdP type.
2961 2962 2963 2964 2965 2966 2967 2968 2969 2970 |
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 2961 class CreateIdentityProviderRequest < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers) SENSITIVE = [] include Aws::Structure end |
#user_pool_id ⇒ String
The user pool ID.
2961 2962 2963 2964 2965 2966 2967 2968 2969 2970 |
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 2961 class CreateIdentityProviderRequest < Struct.new( :user_pool_id, :provider_name, :provider_type, :provider_details, :attribute_mapping, :idp_identifiers) SENSITIVE = [] include Aws::Structure end |