Class: Aws::CognitoIdentityProvider::Types::UpdateIdentityProviderRequest

Inherits:
Struct
  • Object
show all
Includes:
Structure
Defined in:
lib/aws-sdk-cognitoidentityprovider/types.rb

Overview

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#attribute_mappingHash<String,String>

The IdP attribute mapping to be changed.

Returns:

  • (Hash<String,String>)


8986
8987
8988
8989
8990
8991
8992
8993
8994
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 8986

class UpdateIdentityProviderRequest < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers)
  SENSITIVE = []
  include Aws::Structure
end

#idp_identifiersArray<String>

A list of IdP identifiers.

Returns:

  • (Array<String>)


8986
8987
8988
8989
8990
8991
8992
8993
8994
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 8986

class UpdateIdentityProviderRequest < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers)
  SENSITIVE = []
  include Aws::Structure
end

#provider_detailsHash<String,String>

The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP ‘authorize_scopes` values must match the values listed here.

OpenID Connect (OIDC)

: Amazon Cognito accepts the following elements when it can’t

discover endpoint URLs from `oidc_issuer`: `attributes_url`,
`authorize_url`, `jwks_uri`, `token_url`.

Create or update request: `"ProviderDetails": \{
"attributes_request_method": "GET", "attributes_url":
"https://auth.example.com/userInfo", "authorize_scopes": "openid
profile email", "authorize_url":
"https://auth.example.com/authorize", "client_id":
"1example23456789", "client_secret": "provider-app-client-secret",
"jwks_uri": "https://auth.example.com/.well-known/jwks.json",
"oidc_issuer": "https://auth.example.com", "token_url":
"https://example.com/token" \}`

Describe response: `"ProviderDetails": \{
"attributes_request_method": "GET", "attributes_url":
"https://auth.example.com/userInfo",
"attributes_url_add_attributes": "false", "authorize_scopes":
"openid profile email", "authorize_url":
"https://auth.example.com/authorize", "client_id":
"1example23456789", "client_secret": "provider-app-client-secret",
"jwks_uri": "https://auth.example.com/.well-known/jwks.json",
"oidc_issuer": "https://auth.example.com", "token_url":
"https://example.com/token" \}`

SAML

: Create or update request with Metadata URL: ‘“ProviderDetails”:

"IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" :
"true", "MetadataURL":
"https://auth.example.com/sso/saml/metadata",
"RequestSigningAlgorithm": "rsa-sha256" \`

Create or update request with Metadata file: `"ProviderDetails":
\{ "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" :
"true", "MetadataFile": "[metadata XML]",
"RequestSigningAlgorithm": "rsa-sha256" \}`

The value of `MetadataFile` must be the plaintext metadata
document with all quote (") characters escaped by backslashes.

Describe response: `"ProviderDetails": \{ "IDPInit": "true",
"IDPSignout": "true", "EncryptedResponses" : "true",
"ActiveEncryptionCertificate": "[certificate]", "MetadataURL":
"https://auth.example.com/sso/saml/metadata",
"RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI":
"https://auth.example.com/slo/saml", "SSORedirectBindingURI":
"https://auth.example.com/sso/saml" \}`

LoginWithAmazon

: Create or update request: ‘“ProviderDetails”: {

"authorize_scopes": "profile postal_code", "client_id":
"amzn1.application-oa2-client.1example23456789", "client_secret":
"provider-app-client-secret"`

Describe response: `"ProviderDetails": \{ "attributes_url":
"https://api.amazon.com/user/profile",
"attributes_url_add_attributes": "false", "authorize_scopes":
"profile postal_code", "authorize_url":
"https://www.amazon.com/ap/oa", "client_id":
"amzn1.application-oa2-client.1example23456789", "client_secret":
"provider-app-client-secret", "token_request_method": "POST",
"token_url": "https://api.amazon.com/auth/o2/token" \}`

Google

: Create or update request: ‘“ProviderDetails”: {

"authorize_scopes": "email profile openid", "client_id":
"1example23456789.apps.googleusercontent.com", "client_secret":
"provider-app-client-secret" \}`

Describe response: `"ProviderDetails": \{ "attributes_url":
"https://people.googleapis.com/v1/people/me?personFields=",
"attributes_url_add_attributes": "true", "authorize_scopes":
"email profile openid", "authorize_url":
"https://accounts.google.com/o/oauth2/v2/auth", "client_id":
"1example23456789.apps.googleusercontent.com", "client_secret":
"provider-app-client-secret", "oidc_issuer":
"https://accounts.google.com", "token_request_method": "POST",
"token_url": "https://www.googleapis.com/oauth2/v4/token" \}`

SignInWithApple

: Create or update request: ‘“ProviderDetails”: {

"authorize_scopes": "email name", "client_id":
"com.example.cognito", "private_key": "1EXAMPLE", "key_id":
"2EXAMPLE", "team_id": "3EXAMPLE" \}`

Describe response: `"ProviderDetails": \{
"attributes_url_add_attributes": "false", "authorize_scopes":
"email name", "authorize_url":
"https://appleid.apple.com/auth/authorize", "client_id":
"com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer":
"https://appleid.apple.com", "team_id": "2EXAMPLE",
"token_request_method": "POST", "token_url":
"https://appleid.apple.com/auth/token" \}`

Facebook

: Create or update request: ‘“ProviderDetails”: { “api_version”:

"v17.0", "authorize_scopes": "public_profile, email", "client_id":
"1example23456789", "client_secret": "provider-app-client-secret"
\}`

Describe response: `"ProviderDetails": \{ "api_version": "v17.0",
"attributes_url": "https://graph.facebook.com/v17.0/me?fields=",
"attributes_url_add_attributes": "true", "authorize_scopes":
"public_profile, email", "authorize_url":
"https://www.facebook.com/v17.0/dialog/oauth", "client_id":
"1example23456789", "client_secret": "provider-app-client-secret",
"token_request_method": "GET", "token_url":
"https://graph.facebook.com/v17.0/oauth/access_token" \}`

Returns:

  • (Hash<String,String>)


8986
8987
8988
8989
8990
8991
8992
8993
8994
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 8986

class UpdateIdentityProviderRequest < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers)
  SENSITIVE = []
  include Aws::Structure
end

#provider_nameString

The IdP name.

Returns:

  • (String)


8986
8987
8988
8989
8990
8991
8992
8993
8994
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 8986

class UpdateIdentityProviderRequest < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers)
  SENSITIVE = []
  include Aws::Structure
end

#user_pool_idString

The user pool ID.

Returns:

  • (String)


8986
8987
8988
8989
8990
8991
8992
8993
8994
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 8986

class UpdateIdentityProviderRequest < Struct.new(
  :user_pool_id,
  :provider_name,
  :provider_details,
  :attribute_mapping,
  :idp_identifiers)
  SENSITIVE = []
  include Aws::Structure
end