This is the new *Amazon CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [Amazon CloudFormation User Guide](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/Welcome.html). # AWS::QBusiness::WebExperience OpenIDConnectProviderConfiguration Information about the OIDC-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience. ## Syntax To declare this entity in your Amazon CloudFormation template, use the following syntax: ### JSON ``` { "[SecretsArn](#cfn-qbusiness-webexperience-openidconnectproviderconfiguration-secretsarn)" : {{String}}, "[SecretsRole](#cfn-qbusiness-webexperience-openidconnectproviderconfiguration-secretsrole)" : {{String}} } ``` ### YAML ``` [SecretsArn](#cfn-qbusiness-webexperience-openidconnectproviderconfiguration-secretsarn): {{String}} [SecretsRole](#cfn-qbusiness-webexperience-openidconnectproviderconfiguration-secretsrole): {{String}} ``` ## Properties `SecretsArn` The Amazon Resource Name (ARN) of a Secrets Manager secret containing the OIDC client secret. *Required*: Yes *Type*: String *Pattern*: `^arn:[a-z0-9-\.]{1,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[^/].{0,1023}$` *Minimum*: `0` *Maximum*: `1284` *Update requires*: [No interruption](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `SecretsRole` An IAM role with permissions to access Amazon KMS to decrypt the Secrets Manager secret containing your OIDC client secret. *Required*: Yes *Type*: String *Pattern*: `^arn:[a-z0-9-\.]{1,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[^/].{0,1023}$` *Minimum*: `0` *Maximum*: `1284` *Update requires*: [No interruption](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)