Class UserPoolIdentityProviderSamlProps

Properties to initialize UserPoolIdentityProviderSaml.

Inheritance
object
UserPoolIdentityProviderSamlProps
Inherited Members
Namespace: Amazon.CDK.AWS.Cognito
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class UserPoolIdentityProviderSamlProps : IUserPoolIdentityProviderSamlProps, IUserPoolIdentityProviderProps
Syntax (vb)
Public Class UserPoolIdentityProviderSamlProps Implements IUserPoolIdentityProviderSamlProps, IUserPoolIdentityProviderProps
Remarks

ExampleMetadata: infused

Examples
var userpool = new UserPool(this, "Pool");

            // specify the metadata as a file content
            // specify the metadata as a file content
            new UserPoolIdentityProviderSaml(this, "userpoolIdpFile", new UserPoolIdentityProviderSamlProps {
                UserPool = userpool,
                Metadata = UserPoolIdentityProviderSamlMetadata.File("my-file-contents"),
                // Whether to require encrypted SAML assertions from IdP
                EncryptedResponses = true,
                // The signing algorithm for the SAML requests
                RequestSigningAlgorithm = SigningAlgorithm.RSA_SHA256,
                // Enable IdP initiated SAML auth flow
                IdpInitiated = true
            });

            // specify the metadata as a URL
            // specify the metadata as a URL
            new UserPoolIdentityProviderSaml(this, "userpoolidpUrl", new UserPoolIdentityProviderSamlProps {
                UserPool = userpool,
                Metadata = UserPoolIdentityProviderSamlMetadata.Url("https://my-metadata-url.com")
            });

Synopsis

Constructors

UserPoolIdentityProviderSamlProps()

Properties to initialize UserPoolIdentityProviderSaml.

Properties

AttributeMapping

Mapping attributes from the identity provider to standard and custom attributes of the user pool.
EncryptedResponses

Whether to require encrypted SAML assertions from IdP.
Identifiers

Identifiers.
IdpInitiated

Whether to enable IdP-initiated SAML auth flows.
IdpSignout

Whether to enable the "Sign-out flow" feature.
Metadata

The SAML metadata.
Name

The name of the provider.
RequestSigningAlgorithm

The signing algorithm for SAML requests.
UserPool

The user pool to which this construct provides identities.

Constructors

UserPoolIdentityProviderSamlProps()

Properties to initialize UserPoolIdentityProviderSaml.

public UserPoolIdentityProviderSamlProps()
Remarks

ExampleMetadata: infused

Examples
var userpool = new UserPool(this, "Pool");

            // specify the metadata as a file content
            // specify the metadata as a file content
            new UserPoolIdentityProviderSaml(this, "userpoolIdpFile", new UserPoolIdentityProviderSamlProps {
                UserPool = userpool,
                Metadata = UserPoolIdentityProviderSamlMetadata.File("my-file-contents"),
                // Whether to require encrypted SAML assertions from IdP
                EncryptedResponses = true,
                // The signing algorithm for the SAML requests
                RequestSigningAlgorithm = SigningAlgorithm.RSA_SHA256,
                // Enable IdP initiated SAML auth flow
                IdpInitiated = true
            });

            // specify the metadata as a URL
            // specify the metadata as a URL
            new UserPoolIdentityProviderSaml(this, "userpoolidpUrl", new UserPoolIdentityProviderSamlProps {
                UserPool = userpool,
                Metadata = UserPoolIdentityProviderSamlMetadata.Url("https://my-metadata-url.com")
            });

Properties

AttributeMapping

Mapping attributes from the identity provider to standard and custom attributes of the user pool.

public IAttributeMapping? AttributeMapping { get; set; }
Property Value

IAttributeMapping

Remarks

Default: - no attribute mapping

EncryptedResponses

Whether to require encrypted SAML assertions from IdP.

public bool? EncryptedResponses { get; set; }
Property Value

bool?

Remarks

Default: false

See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-SAML-signing-encryption.html#cognito-user-pools-SAML-encryption

Identifiers

Identifiers.

public string[]? Identifiers { get; set; }
Property Value

string[]

Remarks

Identifiers can be used to redirect users to the correct IdP in multitenant apps.

Default: - no identifiers used

IdpInitiated

Whether to enable IdP-initiated SAML auth flows.

public bool? IdpInitiated { get; set; }
Property Value

bool?

Remarks

Default: false

IdpSignout

Whether to enable the "Sign-out flow" feature.

public bool? IdpSignout { get; set; }
Property Value

bool?

Remarks

Default: - false

Metadata

The SAML metadata.

public UserPoolIdentityProviderSamlMetadata Metadata { get; set; }
Property Value

UserPoolIdentityProviderSamlMetadata

Remarks

ExampleMetadata: infused

Name

The name of the provider.

public string? Name { get; set; }
Property Value

string

Remarks

Must be between 3 and 32 characters.

Default: - the unique ID of the construct

RequestSigningAlgorithm

The signing algorithm for SAML requests.

public SigningAlgorithm? RequestSigningAlgorithm { get; set; }
Property Value

SigningAlgorithm?

Remarks

Default: - don't sign requests

See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-SAML-signing-encryption.html#cognito-user-pools-SAML-signing

UserPool

The user pool to which this construct provides identities.

public IUserPool UserPool { get; set; }
Property Value

IUserPool

Remarks

ExampleMetadata: infused

Implements