ICognitoIdentityProviderUserPoolClientType

Interface in AWS.CognitoIdentityProvider

Interface for UserPoolClientType.

Properties

AccessTokenValidity

property AccessTokenValidity: TOptional<Integer>

The access token time limit.

Valid range: 1 - 86400. The AccessTokenValidity specifies the period of time an access token is valid for. Specify the units by setting TokenValidityUnits. If not specified, tokens expire after 1 hour.

AllowedOAuthFlows

property AllowedOAuthFlows: TList<string>

The allowed OAuth flows.

Valid values:

AllowedOAuthFlowsUserPoolClient

property AllowedOAuthFlowsUserPoolClient: TOptional<Boolean>

Indicates if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.

AllowedOAuthScopes

property AllowedOAuthScopes: TList<string>

A list of allowed OAuth scopes.

Possible values provided by OAuth are: phone | email | openid | profile. Possible values provided by Amazon Cognito are: aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.

AnalyticsConfiguration

property AnalyticsConfiguration: ICognitoIdentityProviderAnalyticsConfigurationType

Type: ICognitoIdentityProviderAnalyticsConfigurationType

The user pool configuration for collecting metrics and sending them to Amazon Pinpoint.

AuthSessionValidity

property AuthSessionValidity: TOptional<Integer>

The duration in minutes that a session is valid for.

Valid range: 3 - 15.

CallbackURLs

property CallbackURLs: TList<string>

A list of allowed redirect (callback) URLs for the IdPs.

A redirect URL must:

Be an absolute URI.
Be registered with the authorization server.
Not include a fragment component. Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. App callback URLs such as myapp://example are also supported.

ClientId

property ClientId: string

The ID of the user pool client.

ClientName

property ClientName: string

The name of the user pool client.

ClientSecret

property ClientSecret: string

The secret of the user pool client.

CreationDate

property CreationDate: TOptional<TDateTime>

The date and time when the user pool client was created.

DefaultRedirectURI

property DefaultRedirectURI: string

The default callback URI.

EnablePropagateAdditionalUserContextData

property EnablePropagateAdditionalUserContextData: TOptional<Boolean>

Activate or deactivate propagation of additional user context data.

If not specified/activated, you can't send device fingerprint information including source IP address to Amazon Cognito advanced security. Can only be activated for app clients that have a client secret.

EnableTokenRevocation

property EnableTokenRevocation: TOptional<Boolean>

Activate or deactivate token revocation.

If not specified, token revocation will be activated by default.

ExplicitAuthFlows

property ExplicitAuthFlows: TList<string>

The authentication flows that the user pool client supports.

Valid values:

IdTokenValidity

property IdTokenValidity: TOptional<Integer>

The ID token time limit.

Valid range: 1 - 86400. The IdTokenValidity specifies the period of time an ID token is valid for. Specify the units by setting IdValidityUnits. If not specified, tokens expire after 1 hour.

LastModifiedDate

property LastModifiedDate: TOptional<TDateTime>

The data and time the user pool client was last modified.

LogoutURLs

property LogoutURLs: TList<string>

The list of allowed logout URLs for the Identity Providers (IdPs).

PreventUserExistenceErrors

property PreventUserExistenceErrors: string

Specifies whether API calls that may confirm the existence of a user raise errors confirming the existence of a user or not.

Valid values:

ReadAttributes

property ReadAttributes: TList<string>

The read attributes.

RefreshTokenValidity

property RefreshTokenValidity: TOptional<Integer>

The time limit for the refresh token validity.

Valid range: 0 - 315360000. The RefreshTokenValidity specifies the period of time a refresh token is valid for. Specify the units by setting TokenValidityUnits. If not specified, refresh tokens expire after 30 days.

SupportedIdentityProviders

property SupportedIdentityProviders: TList<string>

The list of names of Identity Providers (IdPs) that are supported by this client.

The following values are supported: COGNITO, Facebook, Google, SignInWithApple, and LoginWithAmazon. Names of SAML and OIDC IdPs configured for your user pool can also be specified.

TokenValidityUnits

property TokenValidityUnits: ICognitoIdentityProviderTokenValidityUnitsType

Type: ICognitoIdentityProviderTokenValidityUnitsType

The units in which the validity values for tokens are specified.

UserPoolId

property UserPoolId: string

The ID of the user pool.

WriteAttributes

property WriteAttributes: TList<string>

The user pool atrributes that the app client can write to.

If your app client allows signing in through an Identity Provider (IdP) this list must include all the attributes that have been mapped to IdP attributes.

Properties​

AccessTokenValidity​

AllowedOAuthFlows​

AllowedOAuthFlowsUserPoolClient​

AllowedOAuthScopes​

AnalyticsConfiguration​

AuthSessionValidity​

CallbackURLs​

ClientId​

ClientName​

ClientSecret​

CreationDate​

DefaultRedirectURI​

EnablePropagateAdditionalUserContextData​

EnableTokenRevocation​

ExplicitAuthFlows​

IdTokenValidity​

LastModifiedDate​

LogoutURLs​

PreventUserExistenceErrors​

ReadAttributes​

RefreshTokenValidity​

SupportedIdentityProviders​

TokenValidityUnits​

UserPoolId​

WriteAttributes​

Properties

AccessTokenValidity

AllowedOAuthFlows

AllowedOAuthFlowsUserPoolClient

AllowedOAuthScopes

AnalyticsConfiguration

AuthSessionValidity

CallbackURLs

ClientId

ClientName

ClientSecret

CreationDate

DefaultRedirectURI

EnablePropagateAdditionalUserContextData

EnableTokenRevocation

ExplicitAuthFlows

IdTokenValidity

LastModifiedDate

LogoutURLs

PreventUserExistenceErrors

ReadAttributes

RefreshTokenValidity

SupportedIdentityProviders

TokenValidityUnits

UserPoolId

WriteAttributes