Interface OAuthSettings
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
OAuthSettings.Jsii$Proxy
@Generated(value="jsii-pacmak/1.113.0 (build fc68b25)",
date="2025-10-14T12:28:07.859Z")
@Stability(Stable)
public interface OAuthSettings
extends software.amazon.jsii.JsiiSerializable
OAuth settings to configure the interaction between the app and this client.
Example:
UserPool pool = new UserPool(this, "Pool");
ResourceServerScope readOnlyScope = ResourceServerScope.Builder.create().scopeName("read").scopeDescription("Read-only access").build();
ResourceServerScope fullAccessScope = ResourceServerScope.Builder.create().scopeName("*").scopeDescription("Full access").build();
UserPoolResourceServer userServer = pool.addResourceServer("ResourceServer", UserPoolResourceServerOptions.builder()
.identifier("users")
.scopes(List.of(readOnlyScope, fullAccessScope))
.build());
UserPoolClient readOnlyClient = pool.addClient("read-only-client", UserPoolClientOptions.builder()
// ...
.oAuth(OAuthSettings.builder()
// ...
.scopes(List.of(OAuthScope.resourceServer(userServer, readOnlyScope)))
.build())
.build());
UserPoolClient fullAccessClient = pool.addClient("full-access-client", UserPoolClientOptions.builder()
// ...
.oAuth(OAuthSettings.builder()
// ...
.scopes(List.of(OAuthScope.resourceServer(userServer, fullAccessScope)))
.build())
.build());
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic final classA builder forOAuthSettingsstatic final classAn implementation forOAuthSettings -
Method Summary
Modifier and TypeMethodDescriptionstatic OAuthSettings.Builderbuilder()List of allowed redirect URLs for the identity providers.default StringThe default redirect URI.default OAuthFlowsgetFlows()OAuth flows that are allowed with this client.List of allowed logout URLs for the identity providers.default List<OAuthScope> OAuth scopes that are allowed with this client.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getCallbackUrls
List of allowed redirect URLs for the identity providers.Default: - ['https://example.com'] if either authorizationCodeGrant or implicitCodeGrant flows are enabled, no callback URLs otherwise.
-
getDefaultRedirectUri
The default redirect URI. Must be in thecallbackUrlslist.A redirect URI must:
- Be an absolute URI
- Be registered with the authorization server.
- Not include a fragment component.
Default: - no default redirect URI
- See Also:
-
getFlows
OAuth flows that are allowed with this client.Default: {authorizationCodeGrant:true,implicitCodeGrant:true}
- See Also:
-
getLogoutUrls
List of allowed logout URLs for the identity providers.Default: - no logout URLs
-
getScopes
OAuth scopes that are allowed with this client.Default: [OAuthScope.PHONE,OAuthScope.EMAIL,OAuthScope.OPENID,OAuthScope.PROFILE,OAuthScope.COGNITO_ADMIN]
- See Also:
-
builder
- Returns:
- a
OAuthSettings.BuilderofOAuthSettings
-