Skip to content

/AWS1/CL_VPSCOGNITOUSERPOOLC02

The configuration for an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions.

This data type is used as a field that is part of an ConfigurationDetail structure that is part of the response to GetIdentitySource.

Example:"CognitoUserPoolConfiguration":{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds": ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration": {"groupEntityType": "MyCorp::Group"}}

CONSTRUCTOR

IMPORTING

Required arguments:

iv_userpoolarn TYPE /AWS1/VPSUSERPOOLARN /AWS1/VPSUSERPOOLARN

The Amazon Resource Name (ARN) of the Amazon Cognito user pool that contains the identities to be authorized.

Example: "userPoolArn": "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"

it_clientids TYPE /AWS1/CL_VPSCLIENTIDS_W=>TT_CLIENTIDS TT_CLIENTIDS

The unique application client IDs that are associated with the specified Amazon Cognito user pool.

Example: "clientIds": ["&ExampleCogClientId;"]

iv_issuer TYPE /AWS1/VPSISSUER /AWS1/VPSISSUER

The OpenID Connect (OIDC) issuer ID of the Amazon Cognito user pool that contains the identities to be authorized.

Example: "issuer": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_1a2b3c4d5"

Optional arguments:

io_groupconfiguration TYPE REF TO /AWS1/CL_VPSCOGNITOGRPCONFDET /AWS1/CL_VPSCOGNITOGRPCONFDET

The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.

Queryable Attributes

userPoolArn

The Amazon Resource Name (ARN) of the Amazon Cognito user pool that contains the identities to be authorized.

Example: "userPoolArn": "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"

Accessible with the following methods

Method Description
GET_USERPOOLARN() Getter for USERPOOLARN, with configurable default
ASK_USERPOOLARN() Getter for USERPOOLARN w/ exceptions if field has no value
HAS_USERPOOLARN() Determine if USERPOOLARN has a value

clientIds

The unique application client IDs that are associated with the specified Amazon Cognito user pool.

Example: "clientIds": ["&ExampleCogClientId;"]

Accessible with the following methods

Method Description
GET_CLIENTIDS() Getter for CLIENTIDS, with configurable default
ASK_CLIENTIDS() Getter for CLIENTIDS w/ exceptions if field has no value
HAS_CLIENTIDS() Determine if CLIENTIDS has a value

issuer

The OpenID Connect (OIDC) issuer ID of the Amazon Cognito user pool that contains the identities to be authorized.

Example: "issuer": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_1a2b3c4d5"

Accessible with the following methods

Method Description
GET_ISSUER() Getter for ISSUER, with configurable default
ASK_ISSUER() Getter for ISSUER w/ exceptions if field has no value
HAS_ISSUER() Determine if ISSUER has a value

groupConfiguration

The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.

Accessible with the following methods

Method Description
GET_GROUPCONFIGURATION() Getter for GROUPCONFIGURATION