CreateOauth2CredentialProvider
Creates a new OAuth2 credential provider.
Request Syntax
POST /identities/CreateOauth2CredentialProvider HTTP/1.1
Content-type: application/json
{
"credentialProviderVendor": "string
",
"name": "string
",
"oauth2ProviderConfigInput": { ... },
"tags": {
"string
" : "string
"
}
}
URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- credentialProviderVendor
-
The vendor of the OAuth2 credential provider. This specifies which OAuth2 implementation to use.
Type: String
Valid Values:
GoogleOauth2 | GithubOauth2 | SlackOauth2 | SalesforceOauth2 | MicrosoftOauth2 | CustomOauth2 | AtlassianOauth2 | LinkedinOauth2 | XOauth2 | OktaOauth2 | OneLoginOauth2 | PingOneOauth2 | FacebookOauth2 | YandexOauth2 | RedditOauth2 | ZoomOauth2 | TwitchOauth2 | SpotifyOauth2 | DropboxOauth2 | NotionOauth2 | HubspotOauth2 | CyberArkOauth2 | FusionAuthOauth2 | Auth0Oauth2 | CognitoOauth2
Required: Yes
- name
-
The name of the OAuth2 credential provider. The name must be unique within your account.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[a-zA-Z0-9\-_]+
Required: Yes
- oauth2ProviderConfigInput
-
The configuration settings for the OAuth2 provider, including client ID, client secret, and other vendor-specific settings.
Type: Oauth2ProviderConfigInput object
Note: This object is a Union. Only one member of this object can be specified or returned.
Required: Yes
-
A map of tag keys and values to assign to the OAuth2 credential provider. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Key Pattern:
[a-zA-Z0-9\s._:/=+@-]*
Value Length Constraints: Minimum length of 0. Maximum length of 256.
Value Pattern:
[a-zA-Z0-9\s._:/=+@-]*
Required: No
Response Syntax
HTTP/1.1 201
Content-type: application/json
{
"callbackUrl": "string",
"clientSecretArn": {
"secretArn": "string"
},
"credentialProviderArn": "string",
"name": "string",
"oauth2ProviderConfigOutput": { ... }
}
Response Elements
If the action is successful, the service sends back an HTTP 201 response.
The following data is returned in JSON format by the service.
- callbackUrl
-
Callback URL to register on the OAuth2 credential provider as an allowed callback URL. This URL is where the OAuth2 authorization server redirects users after they complete the authorization flow.
Type: String
- clientSecretArn
-
The Amazon Resource Name (ARN) of the client secret in AWS Secrets Manager.
Type: Secret object
- credentialProviderArn
-
The Amazon Resource Name (ARN) of the OAuth2 credential provider.
Type: String
Pattern:
arn:(aws|aws-us-gov):acps:[A-Za-z0-9-]{1,64}:[0-9]{12}:token-vault/[a-zA-Z0-9-.]+/oauth2credentialprovider/[a-zA-Z0-9-.]+
- name
-
The name of the OAuth2 credential provider.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[a-zA-Z0-9\-_]+
- oauth2ProviderConfigOutput
-
Contains the output configuration for an OAuth2 provider.
Type: Oauth2ProviderConfigOutput object
Note: This object is a Union. Only one member of this object can be specified or returned.
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
This exception is thrown when a request is denied per access permissions
HTTP Status Code: 403
- ConflictException
-
This exception is thrown when there is a conflict performing an operation
HTTP Status Code: 409
- DecryptionFailure
-
Exception thrown when decryption of a secret fails.
HTTP Status Code: 400
- EncryptionFailure
-
Exception thrown when encryption of a secret fails.
HTTP Status Code: 400
- InternalServerException
-
This exception is thrown if there was an unexpected error during processing of request
HTTP Status Code: 500
- ResourceLimitExceededException
-
Exception thrown when a resource limit is exceeded.
HTTP Status Code: 400
- ResourceNotFoundException
-
This exception is thrown when a resource referenced by the operation does not exist
HTTP Status Code: 404
- ServiceQuotaExceededException
-
This exception is thrown when a request is made beyond the service quota
HTTP Status Code: 402
- ThrottlingException
-
This exception is thrown when the number of requests exceeds the limit
HTTP Status Code: 429
- UnauthorizedException
-
This exception is thrown when the JWT bearer token is invalid or not found for OAuth bearer token based access
HTTP Status Code: 401
- ValidationException
-
The input fails to satisfy the constraints specified by the service.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: