String providerName
The provider name for an Amazon Cognito Identity User Pool. For example,
cognito-idp.us-east-1.amazonaws.com/us-east-1_123456789.
String clientId
The client ID for the Amazon Cognito Identity User Pool.
Boolean serverSideTokenCheck
TRUE if server-side token validation is enabled for the identity provider’s token.
String identityPoolName
A string that you provide.
Boolean allowUnauthenticatedIdentities
TRUE if the identity pool supports unauthenticated logins.
Map<K,V> supportedLoginProviders
Optional key:value pairs mapping provider names to provider app IDs.
String developerProviderName
The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend
and the Cognito service to communicate about the developer provider. For the DeveloperProviderName,
you can use letters as well as period (.), underscore (_), and dash (-).
Once you have set a developer provider name, you cannot change it. Please take care in setting this parameter.
List<E> openIdConnectProviderARNs
A list of OpendID Connect provider ARNs.
List<E> cognitoIdentityProviders
An array of Amazon Cognito Identity user pools and their client IDs.
List<E> samlProviderARNs
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
String identityPoolId
An identity pool ID in the format REGION:GUID.
String identityPoolName
A string that you provide.
Boolean allowUnauthenticatedIdentities
TRUE if the identity pool supports unauthenticated logins.
Map<K,V> supportedLoginProviders
Optional key:value pairs mapping provider names to provider app IDs.
String developerProviderName
The "domain" by which Cognito will refer to your users.
List<E> openIdConnectProviderARNs
A list of OpendID Connect provider ARNs.
List<E> cognitoIdentityProviders
A list representing an Amazon Cognito Identity User Pool and its client ID.
List<E> samlProviderARNs
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
String accessKeyId
The Access Key portion of the credentials.
String secretKey
The Secret Access Key portion of the credentials
String sessionToken
The Session Token portion of the credentials
Date expiration
The date at which these credentials will expire.
String identityPoolId
An identity pool ID in the format REGION:GUID.
String identityPoolId
An identity pool ID in the format REGION:GUID.
String identityPoolId
An identity pool ID in the format REGION:GUID.
String identityPoolName
A string that you provide.
Boolean allowUnauthenticatedIdentities
TRUE if the identity pool supports unauthenticated logins.
Map<K,V> supportedLoginProviders
Optional key:value pairs mapping provider names to provider app IDs.
String developerProviderName
The "domain" by which Cognito will refer to your users.
List<E> openIdConnectProviderARNs
A list of OpendID Connect provider ARNs.
List<E> cognitoIdentityProviders
A list representing an Amazon Cognito Identity User Pool and its client ID.
List<E> samlProviderARNs
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
String identityId
A unique identifier in the format REGION:GUID.
String identityId
A unique identifier in the format REGION:GUID.
List<E> logins
A set of optional name-value pairs that map provider names to provider tokens.
Date creationDate
Date on which the identity was created.
Date lastModifiedDate
Date on which the identity was last modified.
String identityId
A unique identifier in the format REGION:GUID.
Map<K,V> logins
A set of optional name-value pairs that map provider names to provider tokens.
String customRoleArn
The Amazon Resource Name (ARN) of the role to be assumed when multiple roles were received in the token from the identity provider. For example, a SAML-based identity provider. This parameter is optional for identity providers that do not support role customization.
String identityId
A unique identifier in the format REGION:GUID.
Credentials credentials
Credentials for the provided identity ID.
String identityPoolId
An identity pool ID in the format REGION:GUID.
String identityPoolId
An identity pool ID in the format REGION:GUID.
Map<K,V> roles
The map of roles associated with this pool. Currently only authenticated and unauthenticated roles are supported.
Map<K,V> roleMappings
How users for a specific identity provider are to mapped to roles. This is a String-to-RoleMapping object map. The string identifies the identity provider, for example, "graph.facebook.com" or "cognito-idp-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id".
String accountId
A standard AWS account ID (9+ digits).
String identityPoolId
An identity pool ID in the format REGION:GUID.
Map<K,V> logins
A set of optional name-value pairs that map provider names to provider tokens. The available provider names for
Logins are as follows:
Facebook: graph.facebook.com
Amazon Cognito Identity Provider: cognito-idp.us-east-1.amazonaws.com/us-east-1_123456789
Google: accounts.google.com
Amazon: www.amazon.com
Twitter: api.twitter.com
Digits: www.digits.com
String identityId
A unique identifier in the format REGION:GUID.
String identityPoolId
An identity pool ID in the format REGION:GUID.
String identityId
A unique identifier in the format REGION:GUID.
Map<K,V> logins
A set of optional name-value pairs that map provider names to provider tokens. Each name-value pair represents a
user from a public provider or developer provider. If the user is from a developer provider, the name-value pair
will follow the syntax "developer_provider_name": "developer_user_identifier". The developer
provider is the "domain" by which Cognito will refer to your users; you provided this domain while
creating/updating the identity pool. The developer user identifier is an identifier from your backend that
uniquely identifies a user. When you create an identity pool, you can specify the supported logins.
Long tokenDuration
The expiration time of the token, in seconds. You can specify a custom expiration time for the token so that you can cache it. If you don't provide an expiration time, the token is valid for 15 minutes. You can exchange the token with Amazon STS for temporary AWS credentials, which are valid for a maximum of one hour. The maximum token duration you can set is 24 hours. You should take care in setting the expiration time for a token, as there are significant security implications: an attacker could use a leaked token to access your AWS resources for the token's duration.
String identityId
A unique identifier in the format REGION:GUID.
Map<K,V> logins
A set of optional name-value pairs that map provider names to provider tokens. When using graph.facebook.com and
www.amazon.com, supply the access_token returned from the provider's authflow. For accounts.google.com, an Amazon
Cognito Identity Provider, or any other OpenId Connect provider, always include the id_token.
String identityId
A unique identifier in the format REGION:GUID.
List<E> logins
A set of optional name-value pairs that map provider names to provider tokens.
Date creationDate
Date on which the identity was created.
Date lastModifiedDate
Date on which the identity was last modified.
String identityPoolId
An identity pool ID in the format REGION:GUID.
Integer maxResults
The maximum number of identities to return.
String nextToken
A pagination token.
Boolean hideDisabled
An optional boolean parameter that allows you to hide disabled identities. If omitted, the ListIdentities API will include disabled identities in the response.
String identityPoolId
An identity pool ID in the format REGION:GUID.
String identityId
A unique identifier in the format REGION:GUID.
String developerUserIdentifier
A unique ID used by your backend authentication process to identify a user. Typically, a developer identity provider would issue many developer user identifiers, in keeping with the number of users.
Integer maxResults
The maximum number of identities to return.
String nextToken
A pagination token. The first call you make will have NextToken set to null. After that the service
will return NextToken values as needed. For example, let's say you make a request with
MaxResults set to 10, and there are 20 matches in the database. The service will return a pagination
token as a part of the response. This token can be used to call the API again and get results starting from the
11th match.
String identityId
A unique identifier in the format REGION:GUID.
List<E> developerUserIdentifierList
This is the list of developer user identifiers associated with an identity ID. Cognito supports the association of multiple developer user identifiers with an identity ID.
String nextToken
A pagination token. The first call you make will have NextToken set to null. After that the service
will return NextToken values as needed. For example, let's say you make a request with
MaxResults set to 10, and there are 20 matches in the database. The service will return a pagination
token as a part of the response. This token can be used to call the API again and get results starting from the
11th match.
String claim
The claim name that must be present in the token, for example, "isAdmin" or "paid".
String matchType
The match condition that specifies how closely the claim value in the IdP token must match Value.
String value
A brief string that the claim must match, for example, "paid" or "yes".
String roleARN
The role ARN.
String sourceUserIdentifier
User identifier for the source user. The value should be a DeveloperUserIdentifier.
String destinationUserIdentifier
User identifier for the destination user. The value should be a DeveloperUserIdentifier.
String developerProviderName
The "domain" by which Cognito will refer to your users. This is a (pseudo) domain name that you provide while
creating an identity pool. This name acts as a placeholder that allows your backend and the Cognito service to
communicate about the developer provider. For the DeveloperProviderName, you can use letters as well
as period (.), underscore (_), and dash (-).
String identityPoolId
An identity pool ID in the format REGION:GUID.
String identityId
A unique identifier in the format REGION:GUID.
String type
The role mapping type. Token will use cognito:roles and cognito:preferred_role claims
from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the
token to map to a role.
String ambiguousRoleResolution
If you specify Token or Rules as the Type, AmbiguousRoleResolution is required.
Specifies the action to be taken if either no rules match the claim value for the Rules type, or
there is no cognito:preferred_role claim and there are multiple cognito:roles matches
for the Token type.
RulesConfigurationType rulesConfiguration
The rules to be used for mapping users to roles.
If you specify Rules as the role mapping type, RulesConfiguration is required.
String identityPoolId
An identity pool ID in the format REGION:GUID.
Map<K,V> roles
The map of roles associated with this pool. For a given role, the key will be either "authenticated" or "unauthenticated" and the value will be the Role ARN.
Map<K,V> roleMappings
How users for a specific identity provider are to mapped to roles. This is a string to RoleMapping object map. The string identifies the identity provider, for example, "graph.facebook.com" or "cognito-idp-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id".
Up to 25 rules can be specified per identity provider.
String identityId
A unique identifier in the format REGION:GUID.
String identityPoolId
An identity pool ID in the format REGION:GUID.
String developerProviderName
The "domain" by which Cognito will refer to your users.
String developerUserIdentifier
A unique ID used by your backend authentication process to identify a user.
String identityPoolId
An identity pool ID in the format REGION:GUID.
String identityPoolName
A string that you provide.
Boolean allowUnauthenticatedIdentities
TRUE if the identity pool supports unauthenticated logins.
Map<K,V> supportedLoginProviders
Optional key:value pairs mapping provider names to provider app IDs.
String developerProviderName
The "domain" by which Cognito will refer to your users.
List<E> openIdConnectProviderARNs
A list of OpendID Connect provider ARNs.
List<E> cognitoIdentityProviders
A list representing an Amazon Cognito Identity User Pool and its client ID.
List<E> samlProviderARNs
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
String identityPoolId
An identity pool ID in the format REGION:GUID.
String identityPoolName
A string that you provide.
Boolean allowUnauthenticatedIdentities
TRUE if the identity pool supports unauthenticated logins.
Map<K,V> supportedLoginProviders
Optional key:value pairs mapping provider names to provider app IDs.
String developerProviderName
The "domain" by which Cognito will refer to your users.
List<E> openIdConnectProviderARNs
A list of OpendID Connect provider ARNs.
List<E> cognitoIdentityProviders
A list representing an Amazon Cognito Identity User Pool and its client ID.
List<E> samlProviderARNs
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
Copyright © 2017. All rights reserved.