Package software.amazon.awscdk.services.appsync

Interface OpenIdConnectConfig

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

OpenIdConnectConfig.Jsii$Proxy

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
           date="2023-06-19T16:30:49.556Z")
@Stability(Experimental)
public interface OpenIdConnectConfig
extends software.amazon.jsii.JsiiSerializable

(experimental) Configuration for OpenID Connect authorization in AppSync.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.appsync.*;
 OpenIdConnectConfig openIdConnectConfig = OpenIdConnectConfig.builder()
         .oidcProvider("oidcProvider")
         // the properties below are optional
         .clientId("clientId")
         .tokenExpiryFromAuth(123)
         .tokenExpiryFromIssue(123)
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	OpenIdConnectConfig.Builder	A builder for OpenIdConnectConfig
static final class	OpenIdConnectConfig.Jsii$Proxy	An implementation for OpenIdConnectConfig

Method Summary

Modifier and Type	Method	Description
static OpenIdConnectConfig.Builder	builder()
default String	getClientId()	(experimental) The client identifier of the Relying party at the OpenID identity provider.
String	getOidcProvider()	(experimental) The issuer for the OIDC configuration.
default Number	getTokenExpiryFromAuth()	(experimental) The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.
default Number	getTokenExpiryFromIssue()	(experimental) The number of milliseconds an OIDC token is valid after being issued to a user.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getOidcProvider

@Stability(Experimental)
@NotNull
String getOidcProvider()

(experimental) The issuer for the OIDC configuration.

The issuer returned by discovery must exactly match the value of iss in the OIDC token.

getClientId

@Stability(Experimental)
@Nullable
default String getClientId()

(experimental) The client identifier of the Relying party at the OpenID identity provider.

A regular expression can be specified so AppSync can validate against multiple client identifiers at a time.

Default: - * (All)

Example:

 -"ABCD|CDEF";
 

getTokenExpiryFromAuth

@Stability(Experimental)
@Nullable
default Number getTokenExpiryFromAuth()

(experimental) The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.

auth_time claim in OIDC token is required for this validation to work.

Default: - no validation

getTokenExpiryFromIssue

@Stability(Experimental)
@Nullable
default Number getTokenExpiryFromIssue()

(experimental) The number of milliseconds an OIDC token is valid after being issued to a user.

This validation uses iat claim of OIDC token.

Default: - no validation

builder

@Stability(Experimental)
static OpenIdConnectConfig.Builder builder()

Returns:

a OpenIdConnectConfig.Builder of OpenIdConnectConfig