AWS::AppSync::GraphQLApi OpenIDConnectConfig

The OpenIDConnectConfig property type specifies the optional authorization configuration for using an OpenID Connect compliant service with your GraphQL endpoint for an AWS AppSync GraphQL API.

OpenIDConnectConfig is a property of the AWS::AppSync::GraphQLApi property type.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "AuthTTL" : Number,
  "ClientId" : String,
  "IatTTL" : Number,
  "Issuer" : String
}

YAML


  AuthTTL: Number
  ClientId: String
  IatTTL: Number
  Issuer: String

Properties

AuthTTL

The number of milliseconds that a token is valid after being authenticated.

Required: No

Type: Number

Update requires: No interruption

ClientId

The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so that AWS AppSync can validate against multiple client identifiers at a time.

Required: No

Type: String

Update requires: No interruption

IatTTL

The number of milliseconds that a token is valid after it's issued to a user.

Required: No

Type: Number

Update requires: No interruption

Issuer

The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

Required: No

Type: String

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

LogConfig

Tag