Package software.amazon.awscdk.services.bedrockagentcore

Class OAuth2CredentialProvider

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

software.amazon.awscdk.Resource

software.amazon.awscdk.services.bedrockagentcore.OAuth2CredentialProvider

All Implemented Interfaces:

IOAuth2CredentialProviderRef, IEnvironmentAware, IResource, IOAuth2CredentialProvider, IGrantable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.129.0 (build eaca441)",
           date="2026-05-19T08:18:44.469Z")
@Stability(Stable)
public class OAuth2CredentialProvider
extends Resource
implements IOAuth2CredentialProvider

L2 construct for AWS::BedrockAgentCore::OAuth2CredentialProvider.

Prefer the static factories (for example

invalid reference

OAuth2CredentialProvider.usingSlack

) so you only pass the OAuth2 settings that apply to that vendor. To attach the identity to a gateway target, use

invalid reference

GatewayCredentialProvider.fromOauthIdentity

with this construct, or

invalid reference

OAuth2CredentialProvider.bindForGatewayOAuthTarget

with

invalid reference

GatewayCredentialProvider.fromOauthIdentityArn

.

Example:

 OAuth2CredentialProvider.usingCustom(this, "CustomOAuthMeta", CustomOAuth2CredentialProviderProps.builder()
         .clientId("your-client-id")
         .clientSecret(SecretValue.unsafePlainText("your-client-secret"))
         .authorizationServerMetadata(OAuth2AuthorizationServerMetadata.builder()
                 .issuer("https://idp.example.com")
                 .authorizationEndpoint("https://idp.example.com/oauth2/authorize")
                 .tokenEndpoint("https://idp.example.com/oauth2/token")
                 .build())
         .build());
 

See Also:

• https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-bedrockagentcore-oauth2credentialprovider.html

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	OAuth2CredentialProvider.Builder	A fluent builder for OAuth2CredentialProvider.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.constructs.IConstruct

software.constructs.IConstruct.Jsii$Default

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.bedrockagentcore.IOAuth2CredentialProvider

IOAuth2CredentialProvider.Jsii$Default, IOAuth2CredentialProvider.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.IResource

IResource.Jsii$Default

Field Summary

Fields

Modifier and Type	Field	Description
static final String	PROPERTY_INJECTION_ID	Uniquely identifies this class.

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	OAuth2CredentialProvider(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	OAuth2CredentialProvider(software.amazon.jsii.JsiiObjectRef objRef)
	OAuth2CredentialProvider(software.constructs.Construct scope, String id, OAuth2CredentialProviderProps props)

Method Summary

Modifier and Type	Method	Description
GatewayOAuth2IdentityBinding	bindForGatewayOAuthTarget(List<String> scopes)	ARNs and OAuth scopes for invalid reference GatewayCredentialProvider.fromOauthIdentity / invalid reference GatewayCredentialProvider.fromOauthIdentityArn .
GatewayOAuth2IdentityBinding	bindForGatewayOAuthTarget(List<String> scopes, Map<String,String> customParameters)	ARNs and OAuth scopes for invalid reference GatewayCredentialProvider.fromOauthIdentity / invalid reference GatewayCredentialProvider.fromOauthIdentityArn .
static IOAuth2CredentialProvider	fromOAuth2CredentialProviderAttributes(software.constructs.Construct scope, String id, OAuth2CredentialProviderAttributes attrs)	Import an existing OAuth2 credential provider.
String	getCallbackUrl()	Callback URL for the OAuth2 authorization flow.
String	getClientSecretArn()	The ARN of the Secrets Manager secret for the OAuth2 client credentials.
String	getCreatedTime()	Timestamp when the credential provider was created.
String	getCredentialProviderArn()	The ARN of this credential provider.
String	getCredentialProviderVendor()	OAuth2 vendor string passed to CloudFormation.
IPrincipal	getGrantPrincipal()	The principal to grant permissions to.
String	getLastUpdatedTime()	Timestamp when the credential provider was last updated.
String	getOAuth2CredentialProviderName()	The name of this OAuth2 credential provider.
OAuth2CredentialProviderReference	getOAuth2CredentialProviderRef()	A reference to a OAuth2CredentialProvider resource.
Grant	grant(IGrantable grantee, String... actions)	[disable-awslint:no-grants].
Grant	grantAdmin(IGrantable grantee)	[disable-awslint:no-grants].
Grant	grantFullAccess(IGrantable grantee)	[disable-awslint:no-grants].
Grant	grantRead(IGrantable grantee)	[disable-awslint:no-grants].
Grant	grantUse(IGrantable grantee)	[disable-awslint:no-grants].
static OAuth2CredentialProvider	usingAtlassian(software.constructs.Construct scope, String id, AtlassianOAuth2CredentialProviderProps props)	Create a credential provider for Atlassian OAuth2.
static OAuth2CredentialProvider	usingAuth0(software.constructs.Construct scope, String id, IncludedOauth2TenantCredentialProviderProps props)	Create a credential provider for Auth0 OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingCognito(software.constructs.Construct scope, String id, IncludedOauth2TenantCredentialProviderProps props)	Create a credential provider for Amazon Cognito OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingCustom(software.constructs.Construct scope, String id, CustomOAuth2CredentialProviderProps props)	Create a credential provider for a custom OAuth2 authorization server (discovery document or metadata).
static OAuth2CredentialProvider	usingCyberArk(software.constructs.Construct scope, String id, IncludedOauth2TenantCredentialProviderProps props)	Create a credential provider for CyberArk OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingDropbox(software.constructs.Construct scope, String id, DropboxOAuth2CredentialProviderProps props)	Create a credential provider for Dropbox OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingFacebook(software.constructs.Construct scope, String id, FacebookOAuth2CredentialProviderProps props)	Create a credential provider for Facebook OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingFusionAuth(software.constructs.Construct scope, String id, IncludedOauth2TenantCredentialProviderProps props)	Create a credential provider for FusionAuth OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingGithub(software.constructs.Construct scope, String id, GithubOAuth2CredentialProviderProps props)	Create a credential provider for GitHub OAuth2.
static OAuth2CredentialProvider	usingGoogle(software.constructs.Construct scope, String id, GoogleOAuth2CredentialProviderProps props)	Create a credential provider for Google OAuth2.
static OAuth2CredentialProvider	usingHubspot(software.constructs.Construct scope, String id, HubspotOAuth2CredentialProviderProps props)	Create a credential provider for HubSpot OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingLinkedin(software.constructs.Construct scope, String id, LinkedinOAuth2CredentialProviderProps props)	Create a credential provider for LinkedIn OAuth2.
static OAuth2CredentialProvider	usingMicrosoft(software.constructs.Construct scope, String id, MicrosoftOAuth2CredentialProviderProps props)	Create a credential provider for Microsoft (Entra ID) OAuth2.
static OAuth2CredentialProvider	usingNotion(software.constructs.Construct scope, String id, NotionOAuth2CredentialProviderProps props)	Create a credential provider for Notion OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingOkta(software.constructs.Construct scope, String id, IncludedOauth2TenantCredentialProviderProps props)	Create a credential provider for Okta OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingOneLogin(software.constructs.Construct scope, String id, IncludedOauth2TenantCredentialProviderProps props)	Create a credential provider for OneLogin OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingPingOne(software.constructs.Construct scope, String id, IncludedOauth2TenantCredentialProviderProps props)	Create a credential provider for PingOne OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingReddit(software.constructs.Construct scope, String id, RedditOAuth2CredentialProviderProps props)	Create a credential provider for Reddit OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingSalesforce(software.constructs.Construct scope, String id, SalesforceOAuth2CredentialProviderProps props)	Create a credential provider for Salesforce OAuth2.
static OAuth2CredentialProvider	usingSlack(software.constructs.Construct scope, String id, SlackOAuth2CredentialProviderProps props)	Create a credential provider for Slack OAuth2.
static OAuth2CredentialProvider	usingSpotify(software.constructs.Construct scope, String id, SpotifyOAuth2CredentialProviderProps props)	Create a credential provider for Spotify OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingTwitch(software.constructs.Construct scope, String id, TwitchOAuth2CredentialProviderProps props)	Create a credential provider for Twitch OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingX(software.constructs.Construct scope, String id, XOAuth2CredentialProviderProps props)	Create a credential provider for X (Twitter) OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingYandex(software.constructs.Construct scope, String id, YandexOAuth2CredentialProviderProps props)	Create a credential provider for Yandex OAuth2 (IncludedOauth2ProviderConfig).
static OAuth2CredentialProvider	usingZoom(software.constructs.Construct scope, String id, ZoomOAuth2CredentialProviderProps props)	Create a credential provider for Zoom OAuth2 (IncludedOauth2ProviderConfig).

Methods inherited from class software.amazon.awscdk.Resource

applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isOwnedResource, isResource, with

Methods inherited from class software.constructs.Construct

getNode, isConstruct, toString

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.constructs.IConstruct

getNode, with

Methods inherited from interface software.amazon.awscdk.interfaces.IEnvironmentAware

getEnv

Methods inherited from interface software.amazon.awscdk.IResource

applyRemovalPolicy, getStack

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Field Details

PROPERTY_INJECTION_ID

@Stability(Stable)
public static final String PROPERTY_INJECTION_ID

Uniquely identifies this class.

Constructor Details

OAuth2CredentialProvider

protected OAuth2CredentialProvider(software.amazon.jsii.JsiiObjectRef objRef)

OAuth2CredentialProvider

protected OAuth2CredentialProvider(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

OAuth2CredentialProvider

@Stability(Stable)
public OAuth2CredentialProvider(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 OAuth2CredentialProviderProps props)

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

Method Details

fromOAuth2CredentialProviderAttributes

@Stability(Stable)
@NotNull
public static IOAuth2CredentialProvider fromOAuth2CredentialProviderAttributes(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 OAuth2CredentialProviderAttributes attrs)

Import an existing OAuth2 credential provider.

Parameters:

scope - This parameter is required.

id - This parameter is required.

attrs - This parameter is required.

usingAtlassian

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingAtlassian(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 AtlassianOAuth2CredentialProviderProps props)

Create a credential provider for Atlassian OAuth2.

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

usingAuth0

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingAuth0(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 IncludedOauth2TenantCredentialProviderProps props)

Create a credential provider for Auth0 OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-auth0.html

usingCognito

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingCognito(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 IncludedOauth2TenantCredentialProviderProps props)

Create a credential provider for Amazon Cognito OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-cognito.html

usingCustom

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingCustom(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 CustomOAuth2CredentialProviderProps props)

Create a credential provider for a custom OAuth2 authorization server (discovery document or metadata).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

usingCyberArk

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingCyberArk(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 IncludedOauth2TenantCredentialProviderProps props)

Create a credential provider for CyberArk OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-cyberark.html

usingDropbox

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingDropbox(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 DropboxOAuth2CredentialProviderProps props)

Create a credential provider for Dropbox OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-dropbox.html

usingFacebook

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingFacebook(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 FacebookOAuth2CredentialProviderProps props)

Create a credential provider for Facebook OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-facebook.html

usingFusionAuth

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingFusionAuth(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 IncludedOauth2TenantCredentialProviderProps props)

Create a credential provider for FusionAuth OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-fusionauth.html

usingGithub

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingGithub(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 GithubOAuth2CredentialProviderProps props)

Create a credential provider for GitHub OAuth2.

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

usingGoogle

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingGoogle(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 GoogleOAuth2CredentialProviderProps props)

Create a credential provider for Google OAuth2.

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

usingHubspot

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingHubspot(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 HubspotOAuth2CredentialProviderProps props)

Create a credential provider for HubSpot OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-hubspot.html

usingLinkedin

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingLinkedin(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 LinkedinOAuth2CredentialProviderProps props)

Create a credential provider for LinkedIn OAuth2.

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

usingMicrosoft

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingMicrosoft(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 MicrosoftOAuth2CredentialProviderProps props)

Create a credential provider for Microsoft (Entra ID) OAuth2.

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

usingNotion

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingNotion(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 NotionOAuth2CredentialProviderProps props)

Create a credential provider for Notion OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-notion.html

usingOkta

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingOkta(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 IncludedOauth2TenantCredentialProviderProps props)

Create a credential provider for Okta OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-okta.html

usingOneLogin

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingOneLogin(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 IncludedOauth2TenantCredentialProviderProps props)

Create a credential provider for OneLogin OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-onelogin.html

usingPingOne

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingPingOne(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 IncludedOauth2TenantCredentialProviderProps props)

Create a credential provider for PingOne OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-pingidentity.html

usingReddit

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingReddit(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 RedditOAuth2CredentialProviderProps props)

Create a credential provider for Reddit OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-reddit.html

usingSalesforce

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingSalesforce(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 SalesforceOAuth2CredentialProviderProps props)

Create a credential provider for Salesforce OAuth2.

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

usingSlack

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingSlack(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 SlackOAuth2CredentialProviderProps props)

Create a credential provider for Slack OAuth2.

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

usingSpotify

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingSpotify(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 SpotifyOAuth2CredentialProviderProps props)

Create a credential provider for Spotify OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-spotify.html

usingTwitch

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingTwitch(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 TwitchOAuth2CredentialProviderProps props)

Create a credential provider for Twitch OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-twitch.html

usingX

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingX(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 XOAuth2CredentialProviderProps props)

Create a credential provider for X (Twitter) OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-x.html

usingYandex

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingYandex(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 YandexOAuth2CredentialProviderProps props)

Create a credential provider for Yandex OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-yandex.html

usingZoom

@Stability(Stable)
@NotNull
public static OAuth2CredentialProvider usingZoom(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 ZoomOAuth2CredentialProviderProps props)

Create a credential provider for Zoom OAuth2 (IncludedOauth2ProviderConfig).

Parameters:

scope - This parameter is required.

id - This parameter is required.

props - This parameter is required.

See Also:

• https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/identity-idp-zoom.html

bindForGatewayOAuthTarget

@Stability(Stable)
@NotNull
public GatewayOAuth2IdentityBinding bindForGatewayOAuthTarget(@NotNull
 List<String> scopes,
 @Nullable
 Map<String,String> customParameters)

ARNs and OAuth scopes for

invalid reference

GatewayCredentialProvider.fromOauthIdentity

/

invalid reference

GatewayCredentialProvider.fromOauthIdentityArn

.

Specified by:

bindForGatewayOAuthTarget in interface IOAuth2CredentialProvider

Parameters:

scopes - OAuth scopes the gateway target should request (see vendor documentation). This parameter is required.

customParameters - Optional custom parameters for the OAuth flow.

bindForGatewayOAuthTarget

@Stability(Stable)
@NotNull
public GatewayOAuth2IdentityBinding bindForGatewayOAuthTarget(@NotNull
 List<String> scopes)

ARNs and OAuth scopes for

invalid reference

GatewayCredentialProvider.fromOauthIdentity

/

invalid reference

GatewayCredentialProvider.fromOauthIdentityArn

.

Specified by:

bindForGatewayOAuthTarget in interface IOAuth2CredentialProvider

Parameters:

scopes - OAuth scopes the gateway target should request (see vendor documentation). This parameter is required.

grant

@Stability(Stable)
@NotNull
public Grant grant(@NotNull
 IGrantable grantee,
 @NotNull
 String... actions)

[disable-awslint:no-grants].

Specified by:

grant in interface IOAuth2CredentialProvider

Parameters:

grantee - This parameter is required.

actions - This parameter is required.

grantAdmin

@Stability(Stable)
@NotNull
public Grant grantAdmin(@NotNull
 IGrantable grantee)

[disable-awslint:no-grants].

Specified by:

grantAdmin in interface IOAuth2CredentialProvider

Parameters:

grantee - This parameter is required.

grantFullAccess

@Stability(Stable)
@NotNull
public Grant grantFullAccess(@NotNull
 IGrantable grantee)

[disable-awslint:no-grants].

Specified by:

grantFullAccess in interface IOAuth2CredentialProvider

Parameters:

grantee - This parameter is required.

grantRead

@Stability(Stable)
@NotNull
public Grant grantRead(@NotNull
 IGrantable grantee)

[disable-awslint:no-grants].

Specified by:

grantRead in interface IOAuth2CredentialProvider

Parameters:

grantee - This parameter is required.

grantUse

@Stability(Stable)
@NotNull
public Grant grantUse(@NotNull
 IGrantable grantee)

[disable-awslint:no-grants].

Specified by:

grantUse in interface IOAuth2CredentialProvider

Parameters:

grantee - This parameter is required.

getCredentialProviderArn

@Stability(Stable)
@NotNull
public String getCredentialProviderArn()

The ARN of this credential provider.

Specified by:

getCredentialProviderArn in interface IOAuth2CredentialProvider

getCredentialProviderVendor

@Stability(Stable)
@NotNull
public String getCredentialProviderVendor()

OAuth2 vendor string passed to CloudFormation.

Specified by:

getCredentialProviderVendor in interface IOAuth2CredentialProvider

getGrantPrincipal

@Stability(Stable)
@NotNull
public IPrincipal getGrantPrincipal()

The principal to grant permissions to.

Specified by:

getGrantPrincipal in interface IGrantable

getOAuth2CredentialProviderName

@Stability(Stable)
@NotNull
public String getOAuth2CredentialProviderName()

The name of this OAuth2 credential provider.

getOAuth2CredentialProviderRef

@Stability(Stable)
@NotNull
public OAuth2CredentialProviderReference getOAuth2CredentialProviderRef()

A reference to a OAuth2CredentialProvider resource.

Specified by:

getOAuth2CredentialProviderRef in interface IOAuth2CredentialProviderRef

getCallbackUrl

@Stability(Stable)
@Nullable
public String getCallbackUrl()

Callback URL for the OAuth2 authorization flow.

Specified by:

getCallbackUrl in interface IOAuth2CredentialProvider

getClientSecretArn

@Stability(Stable)
@Nullable
public String getClientSecretArn()

The ARN of the Secrets Manager secret for the OAuth2 client credentials.

May be undefined for resources imported without this attribute.

Specified by:

getClientSecretArn in interface IOAuth2CredentialProvider

getCreatedTime

@Stability(Stable)
@Nullable
public String getCreatedTime()

Timestamp when the credential provider was created.

Specified by:

getCreatedTime in interface IOAuth2CredentialProvider

getLastUpdatedTime

@Stability(Stable)
@Nullable
public String getLastUpdatedTime()

Timestamp when the credential provider was last updated.

Specified by:

getLastUpdatedTime in interface IOAuth2CredentialProvider