CreateOAuth2TokenRequestBody
Input structure for the CreateOAuth2Token operation.
Contains flattened token operation inputs for both authorization code and refresh token flows.
The operation type is determined by the grant_type parameter in the request body.
Contents
- clientId
Client identifier which is unique to authorization server.
Type: String
Pattern:
arn:aws:signin:::devtools/(same-device|cross-device)Required: Yes
- grantType
Specifies the type of OAuth 2.0 grant being requested. Supported values:
authorization_code- Exchange an authorization code for token.refresh_token- Use a refresh token to obtain new access token.
Type: String
Pattern:
(authorization_code|refresh_token)Required: Yes
- code
The authorization code received from
/v1/authorize. Required only whengrant_type=authorization_code.Type: String
Length Constraints: Minimum length of 1. Maximum length of 512.
Required: No
- codeVerifier
PKCE code verifier to prove possession of the original code challenge. Required only when
grant_type=authorization_code.Type: String
Length Constraints: Minimum length of 43. Maximum length of 128.
Pattern:
[A-Za-z0-9\-._~]+Required: No
- redirectUri
The redirect URI that must match the original authorization request. Required only when
grant_type=authorization_code.Type: String
Length Constraints: Minimum length of 1. Maximum length of 2048.
Required: No
- refreshToken
Required only when
grant_type=refresh_token.Type: String
Length Constraints: Minimum length of 1. Maximum length of 2048.
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
