Class UserPoolClient.Builder
- All Implemented Interfaces:
software.amazon.jsii.Builder<UserPoolClient>
- Enclosing class:
UserPoolClient
UserPoolClient
.-
Method Summary
Modifier and TypeMethodDescriptionaccessTokenValidity
(Duration accessTokenValidity) Validity of the access token.The set of OAuth authentication flows to enable on the client.authSessionValidity
(Duration authSessionValidity) Cognito creates a session token for each API request in an authentication flow.build()
static UserPoolClient.Builder
disableOAuth
(Boolean disableOAuth) Turns off all OAuth interactions for this client.enablePropagateAdditionalUserContextData
(Boolean enablePropagateAdditionalUserContextData) Enable the propagation of additional user context data.enableTokenRevocation
(Boolean enableTokenRevocation) Enable token revocation for this client.generateSecret
(Boolean generateSecret) Whether to generate a client secret.idTokenValidity
(Duration idTokenValidity) Validity of the ID token.oAuth
(OAuthSettings oAuth) OAuth settings for this client to interact with the app.preventUserExistenceErrors
(Boolean preventUserExistenceErrors) Whether Cognito returns a UserNotFoundException exception when the user does not exist in the user pool (false), or whether it returns another type of error that doesn't reveal the user's absence.readAttributes
(ClientAttributes readAttributes) The set of attributes this client will be able to read.refreshTokenValidity
(Duration refreshTokenValidity) Validity of the refresh token.supportedIdentityProviders
(List<? extends UserPoolClientIdentityProvider> supportedIdentityProviders) The list of identity providers that users should be able to use to sign in using this client.The UserPool resource this client will have access to.userPoolClientName
(String userPoolClientName) Name of the application client.writeAttributes
(ClientAttributes writeAttributes) The set of attributes this client will be able to write.
-
Method Details
-
create
@Stability(Stable) public static UserPoolClient.Builder create(software.constructs.Construct scope, String id) - Parameters:
scope
- This parameter is required.id
- This parameter is required.- Returns:
- a new instance of
UserPoolClient.Builder
.
-
accessTokenValidity
Validity of the access token.Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity.
Default: Duration.minutes(60)
- Parameters:
accessTokenValidity
- Validity of the access token. This parameter is required.- Returns:
this
- See Also:
-
authFlows
The set of OAuth authentication flows to enable on the client.Default: - If you don't specify a value, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
- Parameters:
authFlows
- The set of OAuth authentication flows to enable on the client. This parameter is required.- Returns:
this
- See Also:
-
authSessionValidity
Cognito creates a session token for each API request in an authentication flow.AuthSessionValidity is the duration, in minutes, of that session token. see defaults in
AuthSessionValidity
. Valid duration is from 3 to 15 minutes.Default: - Duration.minutes(3)
- Parameters:
authSessionValidity
- Cognito creates a session token for each API request in an authentication flow. This parameter is required.- Returns:
this
- See Also:
-
disableOAuth
Turns off all OAuth interactions for this client.Default: false
- Parameters:
disableOAuth
- Turns off all OAuth interactions for this client. This parameter is required.- Returns:
this
-
enablePropagateAdditionalUserContextData
@Stability(Stable) public UserPoolClient.Builder enablePropagateAdditionalUserContextData(Boolean enablePropagateAdditionalUserContextData) Enable the propagation of additional user context data.You can only activate enablePropagateAdditionalUserContextData in an app client that has a client secret.
Default: false for new user pool clients
- Parameters:
enablePropagateAdditionalUserContextData
- Enable the propagation of additional user context data. This parameter is required.- Returns:
this
- See Also:
-
enableTokenRevocation
@Stability(Stable) public UserPoolClient.Builder enableTokenRevocation(Boolean enableTokenRevocation) Enable token revocation for this client.Default: true for new user pool clients
- Parameters:
enableTokenRevocation
- Enable token revocation for this client. This parameter is required.- Returns:
this
- See Also:
-
generateSecret
Whether to generate a client secret.Default: false
- Parameters:
generateSecret
- Whether to generate a client secret. This parameter is required.- Returns:
this
-
idTokenValidity
Validity of the ID token.Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity.
Default: Duration.minutes(60)
- Parameters:
idTokenValidity
- Validity of the ID token. This parameter is required.- Returns:
this
- See Also:
-
oAuth
OAuth settings for this client to interact with the app.An error is thrown when this is specified and
disableOAuth
is set.Default: - see defaults in `OAuthSettings`. meaningless if `disableOAuth` is set.
- Parameters:
oAuth
- OAuth settings for this client to interact with the app. This parameter is required.- Returns:
this
-
preventUserExistenceErrors
@Stability(Stable) public UserPoolClient.Builder preventUserExistenceErrors(Boolean preventUserExistenceErrors) Whether Cognito returns a UserNotFoundException exception when the user does not exist in the user pool (false), or whether it returns another type of error that doesn't reveal the user's absence.Default: false
- Parameters:
preventUserExistenceErrors
- Whether Cognito returns a UserNotFoundException exception when the user does not exist in the user pool (false), or whether it returns another type of error that doesn't reveal the user's absence. This parameter is required.- Returns:
this
- See Also:
-
readAttributes
The set of attributes this client will be able to read.Default: - all standard and custom attributes
- Parameters:
readAttributes
- The set of attributes this client will be able to read. This parameter is required.- Returns:
this
- See Also:
-
refreshTokenValidity
@Stability(Stable) public UserPoolClient.Builder refreshTokenValidity(Duration refreshTokenValidity) Validity of the refresh token.Values between 60 minutes and 10 years are valid.
Default: Duration.days(30)
- Parameters:
refreshTokenValidity
- Validity of the refresh token. This parameter is required.- Returns:
this
- See Also:
-
supportedIdentityProviders
@Stability(Stable) public UserPoolClient.Builder supportedIdentityProviders(List<? extends UserPoolClientIdentityProvider> supportedIdentityProviders) The list of identity providers that users should be able to use to sign in using this client.Default: - supports all identity providers that are registered with the user pool. If the user pool and/or identity providers are imported, either specify this option explicitly or ensure that the identity providers are registered with the user pool using the `UserPool.registerIdentityProvider()` API.
- Parameters:
supportedIdentityProviders
- The list of identity providers that users should be able to use to sign in using this client. This parameter is required.- Returns:
this
-
userPoolClientName
Name of the application client.Default: - cloudformation generated name
- Parameters:
userPoolClientName
- Name of the application client. This parameter is required.- Returns:
this
-
writeAttributes
The set of attributes this client will be able to write.Default: - all standard and custom attributes
- Parameters:
writeAttributes
- The set of attributes this client will be able to write. This parameter is required.- Returns:
this
- See Also:
-
userPool
The UserPool resource this client will have access to.- Parameters:
userPool
- The UserPool resource this client will have access to. This parameter is required.- Returns:
this
-
build
- Specified by:
build
in interfacesoftware.amazon.jsii.Builder<UserPoolClient>
- Returns:
- a newly built instance of
UserPoolClient
.
-