IdentityProviderType - Amazon Cognito User Pools
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

IdentityProviderType

A container for information about an IdP.

Contents

AttributeMapping

A mapping of IdP attributes to standard and custom user pool attributes.

Type: String to string map

Key Length Constraints: Minimum length of 1. Maximum length of 32.

Value Length Constraints: Minimum length of 0. Maximum length of 131072.

Required: No

CreationDate

The date and time, in ISO 8601 format, when the item was created.

Type: Timestamp

Required: No

IdpIdentifiers

A list of IdP identifiers.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 50 items.

Length Constraints: Minimum length of 1. Maximum length of 40.

Pattern: [\w\s+=.@-]+

Required: No

LastModifiedDate

The date and time, in ISO 8601 format, when the item was modified.

Type: Timestamp

Required: No

ProviderDetails

The IdP details. The following list describes the provider detail keys for each IdP type.

  • For Google and Login with Amazon:

    • client_id

    • client_secret

    • authorize_scopes

  • For Facebook:

    • client_id

    • client_secret

    • authorize_scopes

    • api_version

  • For Sign in with Apple:

    • client_id

    • team_id

    • key_id

    • private_key

      You can submit a private_key when you add or update an IdP. Describe operations don't return the private key.

    • authorize_scopes

  • For OIDC providers:

    • client_id

    • client_secret

    • attributes_request_method

    • oidc_issuer

    • authorize_scopes

    • The following keys are only present if Amazon Cognito didn't discover them at the oidc_issuer URL.

      • authorize_url

      • token_url

      • attributes_url

      • jwks_uri

    • Amazon Cognito sets the value of the following keys automatically. They are read-only.

      • attributes_url_add_attributes

  • For SAML providers:

    • MetadataFile or MetadataURL

    • IDPSignout optional

Type: String to string map

Key Length Constraints: Minimum length of 0. Maximum length of 131072.

Value Length Constraints: Minimum length of 0. Maximum length of 131072.

Required: No

ProviderName

The IdP name.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 32.

Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+

Required: No

ProviderType

The IdP type.

Type: String

Valid Values: SAML | Facebook | Google | LoginWithAmazon | SignInWithApple | OIDC

Required: No

UserPoolId

The user pool ID.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 55.

Pattern: [\w-]+_[0-9a-zA-Z]+

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: