IdentityProviderType
A container for information about an IdP.
Contents
- AttributeMapping
-
A mapping of IdP attributes to standard and custom user pool attributes.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 32.
Value Length Constraints: Minimum length of 0. Maximum length of 131072.
Required: No
- CreationDate
-
The date and time, in ISO 8601
format, when the item was created. Type: Timestamp
Required: No
- IdpIdentifiers
-
A list of IdP identifiers.
Type: Array of strings
Array Members: Minimum number of 0 items. Maximum number of 50 items.
Length Constraints: Minimum length of 1. Maximum length of 40.
Pattern:
[\w\s+=.@-]+
Required: No
- LastModifiedDate
-
The date and time, in ISO 8601
format, when the item was modified. Type: Timestamp
Required: No
- ProviderDetails
-
The IdP details. The following list describes the provider detail keys for each IdP type.
-
For Google and Login with Amazon:
-
client_id
-
client_secret
-
authorize_scopes
-
-
For Facebook:
-
client_id
-
client_secret
-
authorize_scopes
-
api_version
-
-
For Sign in with Apple:
-
client_id
-
team_id
-
key_id
-
private_key
You can submit a private_key when you add or update an IdP. Describe operations don't return the private key.
-
authorize_scopes
-
-
For OIDC providers:
-
client_id
-
client_secret
-
attributes_request_method
-
oidc_issuer
-
authorize_scopes
-
The following keys are only present if Amazon Cognito didn't discover them at the
oidc_issuer
URL.-
authorize_url
-
token_url
-
attributes_url
-
jwks_uri
-
-
Amazon Cognito sets the value of the following keys automatically. They are read-only.
-
attributes_url_add_attributes
-
-
-
For SAML providers:
-
MetadataFile or MetadataURL
-
IDPSignout optional
-
Type: String to string map
Key Length Constraints: Minimum length of 0. Maximum length of 131072.
Value Length Constraints: Minimum length of 0. Maximum length of 131072.
Required: No
-
- ProviderName
-
The IdP name.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 32.
Pattern:
[\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
Required: No
- ProviderType
-
The IdP type.
Type: String
Valid Values:
SAML | Facebook | Google | LoginWithAmazon | SignInWithApple | OIDC
Required: No
- UserPoolId
-
The user pool ID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern:
[\w-]+_[0-9a-zA-Z]+
Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: