Interface UserPoolClientOptions
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Subinterfaces:
UserPoolClientProps
- All Known Implementing Classes:
UserPoolClientOptions.Jsii$Proxy
,UserPoolClientProps.Jsii$Proxy
Example:
UserPool pool = new UserPool(this, "Pool"); pool.addClient("app-client", UserPoolClientOptions.builder() .oAuth(OAuthSettings.builder() .flows(OAuthFlows.builder() .authorizationCodeGrant(true) .build()) .scopes(List.of(OAuthScope.OPENID)) .callbackUrls(List.of("https://my-app-domain.com/welcome")) .logoutUrls(List.of("https://my-app-domain.com/signin")) .build()) .build());
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic final class
A builder forUserPoolClientOptions
static final class
An implementation forUserPoolClientOptions
-
Method Summary
Modifier and TypeMethodDescriptionbuilder()
default Duration
Validity of the access token.default AuthFlow
The set of OAuth authentication flows to enable on the client.default Duration
Cognito creates a session token for each API request in an authentication flow.default Boolean
Turns off all OAuth interactions for this client.default Boolean
Enable the propagation of additional user context data.default Boolean
Enable token revocation for this client.default Boolean
Whether to generate a client secret.default Duration
Validity of the ID token.default OAuthSettings
getOAuth()
OAuth settings for this client to interact with the app.default Boolean
Whether Cognito returns a UserNotFoundException exception when the user does not exist in the user pool (false), or whether it returns another type of error that doesn't reveal the user's absence.default ClientAttributes
The set of attributes this client will be able to read.default Duration
Validity of the refresh token.default List<UserPoolClientIdentityProvider>
The list of identity providers that users should be able to use to sign in using this client.default String
Name of the application client.default ClientAttributes
The set of attributes this client will be able to write.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getAccessTokenValidity
Validity of the access token.Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity.
Default: Duration.minutes(60)
- See Also:
-
getAuthFlows
The set of OAuth authentication flows to enable on the client.Default: - If you don't specify a value, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
- See Also:
-
getAuthSessionValidity
Cognito creates a session token for each API request in an authentication flow.AuthSessionValidity is the duration, in minutes, of that session token. see defaults in
AuthSessionValidity
. Valid duration is from 3 to 15 minutes.Default: - Duration.minutes(3)
- See Also:
-
getDisableOAuth
Turns off all OAuth interactions for this client.Default: false
-
getEnablePropagateAdditionalUserContextData
Enable the propagation of additional user context data.You can only activate enablePropagateAdditionalUserContextData in an app client that has a client secret.
Default: false for new user pool clients
- See Also:
-
getEnableTokenRevocation
Enable token revocation for this client.Default: true for new user pool clients
- See Also:
-
getGenerateSecret
Whether to generate a client secret.Default: false
-
getIdTokenValidity
Validity of the ID token.Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity.
Default: Duration.minutes(60)
- See Also:
-
getOAuth
OAuth settings for this client to interact with the app.An error is thrown when this is specified and
disableOAuth
is set.Default: - see defaults in `OAuthSettings`. meaningless if `disableOAuth` is set.
-
getPreventUserExistenceErrors
Whether Cognito returns a UserNotFoundException exception when the user does not exist in the user pool (false), or whether it returns another type of error that doesn't reveal the user's absence.Default: false
- See Also:
-
getReadAttributes
The set of attributes this client will be able to read.Default: - all standard and custom attributes
- See Also:
-
getRefreshTokenValidity
Validity of the refresh token.Values between 60 minutes and 10 years are valid.
Default: Duration.days(30)
- See Also:
-
getSupportedIdentityProviders
@Stability(Stable) @Nullable default List<UserPoolClientIdentityProvider> getSupportedIdentityProviders()The list of identity providers that users should be able to use to sign in using this client.Default: - supports all identity providers that are registered with the user pool. If the user pool and/or identity providers are imported, either specify this option explicitly or ensure that the identity providers are registered with the user pool using the `UserPool.registerIdentityProvider()` API.
-
getUserPoolClientName
Name of the application client.Default: - cloudformation generated name
-
getWriteAttributes
The set of attributes this client will be able to write.Default: - all standard and custom attributes
- See Also:
-
builder
- Returns:
- a
UserPoolClientOptions.Builder
ofUserPoolClientOptions
-