AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.

Class: Aws::ElasticLoadBalancingV2::Types::AuthenticateCognitoActionConfig

Inherits:
Struct
  • Object
show all
Defined in:
(unknown)

Overview

Note:

When passing AuthenticateCognitoActionConfig as input to an Aws::Client method, you can use a vanilla Hash:

{
  user_pool_arn: "AuthenticateCognitoActionUserPoolArn", # required
  user_pool_client_id: "AuthenticateCognitoActionUserPoolClientId", # required
  user_pool_domain: "AuthenticateCognitoActionUserPoolDomain", # required
  session_cookie_name: "AuthenticateCognitoActionSessionCookieName",
  scope: "AuthenticateCognitoActionScope",
  session_timeout: 1,
  authentication_request_extra_params: {
    "AuthenticateCognitoActionAuthenticationRequestParamName" => "AuthenticateCognitoActionAuthenticationRequestParamValue",
  },
  on_unauthenticated_request: "deny", # accepts deny, allow, authenticate
}

Request parameters to use when integrating with Amazon Cognito to authenticate users.

Returned by:

Instance Attribute Summary collapse

Instance Attribute Details

#authentication_request_extra_paramsHash<String,String>

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

Returns:

  • (Hash<String,String>)

    The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

#on_unauthenticated_requestString

The behavior if the user is not authenticated. The following are possible values:

  • deny`` - Return an HTTP 401 Unauthorized error.

  • allow`` - Allow the request to be forwarded to the target.

  • authenticate`` - Redirect the request to the IdP authorization endpoint. This is the default value.

    Possible values:

    • deny
    • allow
    • authenticate

Returns:

  • (String)

    The behavior if the user is not authenticated.

#scopeString

The set of user claims to be requested from the IdP. The default is openid.

To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

Returns:

  • (String)

    The set of user claims to be requested from the IdP.

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

Returns:

  • (String)

    The name of the cookie used to maintain session information.

#session_timeoutInteger

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

Returns:

  • (Integer)

    The maximum duration of the authentication session, in seconds.

#user_pool_arnString

The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

Returns:

  • (String)

    The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

#user_pool_client_idString

The ID of the Amazon Cognito user pool client.

Returns:

  • (String)

    The ID of the Amazon Cognito user pool client.

#user_pool_domainString

The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

Returns:

  • (String)

    The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.