com.amazonaws.services.cognitoidp.model.CreateIdentityProviderRequest Maven / Gradle / Ivy
Show all versions of aws-java-sdk-cognitoidp Show documentation
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.cognitoidp.model;
import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.AmazonWebServiceRequest;
/**
*
* @see AWS
* API Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class CreateIdentityProviderRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable {
/**
*
* The user pool ID.
*
*/
private String userPoolId;
/**
*
* The IdP name.
*
*/
private String providerName;
/**
*
* The IdP type.
*
*/
private String providerType;
/**
*
* The scopes, URLs, and identifiers for your external identity provider. The following examples describe the
* provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP
* authorize_scopes
values must match the values listed here.
*
*
* - OpenID Connect (OIDC)
* -
*
* Amazon Cognito accepts the following elements when it can't discover endpoint URLs from oidc_issuer
:
* attributes_url
, authorize_url
, jwks_uri
, token_url
.
*
*
* Create or update request:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* - SAML
* -
*
* Create or update request with Metadata URL:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* Create or update request with Metadata file:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* The value of MetadataFile
must be the plaintext metadata document with all quote (") characters
* escaped by backslashes.
*
*
* Describe response:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
*
* - LoginWithAmazon
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
*
* - Google
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
*
* - SignInWithApple
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
*
* - Facebook
* -
*
* Create or update request:
* "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
*
*
*/
private java.util.Map providerDetails;
/**
*
* A mapping of IdP attributes to standard and custom user pool attributes.
*
*/
private java.util.Map attributeMapping;
/**
*
* A list of IdP identifiers.
*
*/
private java.util.List idpIdentifiers;
/**
*
* The user pool ID.
*
*
* @param userPoolId
* The user pool ID.
*/
public void setUserPoolId(String userPoolId) {
this.userPoolId = userPoolId;
}
/**
*
* The user pool ID.
*
*
* @return The user pool ID.
*/
public String getUserPoolId() {
return this.userPoolId;
}
/**
*
* The user pool ID.
*
*
* @param userPoolId
* The user pool ID.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateIdentityProviderRequest withUserPoolId(String userPoolId) {
setUserPoolId(userPoolId);
return this;
}
/**
*
* The IdP name.
*
*
* @param providerName
* The IdP name.
*/
public void setProviderName(String providerName) {
this.providerName = providerName;
}
/**
*
* The IdP name.
*
*
* @return The IdP name.
*/
public String getProviderName() {
return this.providerName;
}
/**
*
* The IdP name.
*
*
* @param providerName
* The IdP name.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateIdentityProviderRequest withProviderName(String providerName) {
setProviderName(providerName);
return this;
}
/**
*
* The IdP type.
*
*
* @param providerType
* The IdP type.
* @see IdentityProviderTypeType
*/
public void setProviderType(String providerType) {
this.providerType = providerType;
}
/**
*
* The IdP type.
*
*
* @return The IdP type.
* @see IdentityProviderTypeType
*/
public String getProviderType() {
return this.providerType;
}
/**
*
* The IdP type.
*
*
* @param providerType
* The IdP type.
* @return Returns a reference to this object so that method calls can be chained together.
* @see IdentityProviderTypeType
*/
public CreateIdentityProviderRequest withProviderType(String providerType) {
setProviderType(providerType);
return this;
}
/**
*
* The IdP type.
*
*
* @param providerType
* The IdP type.
* @see IdentityProviderTypeType
*/
public void setProviderType(IdentityProviderTypeType providerType) {
withProviderType(providerType);
}
/**
*
* The IdP type.
*
*
* @param providerType
* The IdP type.
* @return Returns a reference to this object so that method calls can be chained together.
* @see IdentityProviderTypeType
*/
public CreateIdentityProviderRequest withProviderType(IdentityProviderTypeType providerType) {
this.providerType = providerType.toString();
return this;
}
/**
*
* The scopes, URLs, and identifiers for your external identity provider. The following examples describe the
* provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP
* authorize_scopes
values must match the values listed here.
*
*
* - OpenID Connect (OIDC)
* -
*
* Amazon Cognito accepts the following elements when it can't discover endpoint URLs from oidc_issuer
:
* attributes_url
, authorize_url
, jwks_uri
, token_url
.
*
*
* Create or update request:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* - SAML
* -
*
* Create or update request with Metadata URL:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* Create or update request with Metadata file:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* The value of MetadataFile
must be the plaintext metadata document with all quote (") characters
* escaped by backslashes.
*
*
* Describe response:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
*
* - LoginWithAmazon
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
*
* - Google
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
*
* - SignInWithApple
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
*
* - Facebook
* -
*
* Create or update request:
* "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
*
*
*
* @return The scopes, URLs, and identifiers for your external identity provider. The following examples describe
* the provider detail keys for each IdP type. These values and their schema are subject to change. Social
* IdP authorize_scopes
values must match the values listed here.
*
* - OpenID Connect (OIDC)
* -
*
* Amazon Cognito accepts the following elements when it can't discover endpoint URLs from
* oidc_issuer
: attributes_url
, authorize_url
, jwks_uri
,
* token_url
.
*
*
* Create or update request:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* - SAML
* -
*
* Create or update request with Metadata URL:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* Create or update request with Metadata file:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* The value of MetadataFile
must be the plaintext metadata document with all quote (")
* characters escaped by backslashes.
*
*
* Describe response:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
*
* - LoginWithAmazon
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
*
* - Google
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
*
* - SignInWithApple
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
*
* - Facebook
* -
*
* Create or update request:
* "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
*
*/
public java.util.Map getProviderDetails() {
return providerDetails;
}
/**
*
* The scopes, URLs, and identifiers for your external identity provider. The following examples describe the
* provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP
* authorize_scopes
values must match the values listed here.
*
*
* - OpenID Connect (OIDC)
* -
*
* Amazon Cognito accepts the following elements when it can't discover endpoint URLs from oidc_issuer
:
* attributes_url
, authorize_url
, jwks_uri
, token_url
.
*
*
* Create or update request:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* - SAML
* -
*
* Create or update request with Metadata URL:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* Create or update request with Metadata file:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* The value of MetadataFile
must be the plaintext metadata document with all quote (") characters
* escaped by backslashes.
*
*
* Describe response:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
*
* - LoginWithAmazon
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
*
* - Google
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
*
* - SignInWithApple
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
*
* - Facebook
* -
*
* Create or update request:
* "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
*
*
*
* @param providerDetails
* The scopes, URLs, and identifiers for your external identity provider. The following examples describe the
* provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP
* authorize_scopes
values must match the values listed here.
*
* - OpenID Connect (OIDC)
* -
*
* Amazon Cognito accepts the following elements when it can't discover endpoint URLs from
* oidc_issuer
: attributes_url
, authorize_url
, jwks_uri
,
* token_url
.
*
*
* Create or update request:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* - SAML
* -
*
* Create or update request with Metadata URL:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* Create or update request with Metadata file:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* The value of MetadataFile
must be the plaintext metadata document with all quote (")
* characters escaped by backslashes.
*
*
* Describe response:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
*
* - LoginWithAmazon
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
*
* - Google
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
*
* - SignInWithApple
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
*
* - Facebook
* -
*
* Create or update request:
* "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
*
*/
public void setProviderDetails(java.util.Map providerDetails) {
this.providerDetails = providerDetails;
}
/**
*
* The scopes, URLs, and identifiers for your external identity provider. The following examples describe the
* provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP
* authorize_scopes
values must match the values listed here.
*
*
* - OpenID Connect (OIDC)
* -
*
* Amazon Cognito accepts the following elements when it can't discover endpoint URLs from oidc_issuer
:
* attributes_url
, authorize_url
, jwks_uri
, token_url
.
*
*
* Create or update request:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* - SAML
* -
*
* Create or update request with Metadata URL:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* Create or update request with Metadata file:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* The value of MetadataFile
must be the plaintext metadata document with all quote (") characters
* escaped by backslashes.
*
*
* Describe response:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
*
* - LoginWithAmazon
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
*
* - Google
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
*
* - SignInWithApple
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
*
* - Facebook
* -
*
* Create or update request:
* "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
*
*
*
* @param providerDetails
* The scopes, URLs, and identifiers for your external identity provider. The following examples describe the
* provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP
* authorize_scopes
values must match the values listed here.
*
* - OpenID Connect (OIDC)
* -
*
* Amazon Cognito accepts the following elements when it can't discover endpoint URLs from
* oidc_issuer
: attributes_url
, authorize_url
, jwks_uri
,
* token_url
.
*
*
* Create or update request:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
*
* - SAML
* -
*
* Create or update request with Metadata URL:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* Create or update request with Metadata file:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
*
* The value of MetadataFile
must be the plaintext metadata document with all quote (")
* characters escaped by backslashes.
*
*
* Describe response:
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
*
* - LoginWithAmazon
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
*
* - Google
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
*
* - SignInWithApple
* -
*
* Create or update request:
* "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
*
* Describe response:
* "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
*
* - Facebook
* -
*
* Create or update request:
* "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
*
* Describe response:
* "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateIdentityProviderRequest withProviderDetails(java.util.Map providerDetails) {
setProviderDetails(providerDetails);
return this;
}
/**
* Add a single ProviderDetails entry
*
* @see CreateIdentityProviderRequest#withProviderDetails
* @returns a reference to this object so that method calls can be chained together.
*/
public CreateIdentityProviderRequest addProviderDetailsEntry(String key, String value) {
if (null == this.providerDetails) {
this.providerDetails = new java.util.HashMap();
}
if (this.providerDetails.containsKey(key))
throw new IllegalArgumentException("Duplicated keys (" + key.toString() + ") are provided.");
this.providerDetails.put(key, value);
return this;
}
/**
* Removes all the entries added into ProviderDetails.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateIdentityProviderRequest clearProviderDetailsEntries() {
this.providerDetails = null;
return this;
}
/**
*
* A mapping of IdP attributes to standard and custom user pool attributes.
*
*
* @return A mapping of IdP attributes to standard and custom user pool attributes.
*/
public java.util.Map getAttributeMapping() {
return attributeMapping;
}
/**
*
* A mapping of IdP attributes to standard and custom user pool attributes.
*
*
* @param attributeMapping
* A mapping of IdP attributes to standard and custom user pool attributes.
*/
public void setAttributeMapping(java.util.Map attributeMapping) {
this.attributeMapping = attributeMapping;
}
/**
*
* A mapping of IdP attributes to standard and custom user pool attributes.
*
*
* @param attributeMapping
* A mapping of IdP attributes to standard and custom user pool attributes.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateIdentityProviderRequest withAttributeMapping(java.util.Map attributeMapping) {
setAttributeMapping(attributeMapping);
return this;
}
/**
* Add a single AttributeMapping entry
*
* @see CreateIdentityProviderRequest#withAttributeMapping
* @returns a reference to this object so that method calls can be chained together.
*/
public CreateIdentityProviderRequest addAttributeMappingEntry(String key, String value) {
if (null == this.attributeMapping) {
this.attributeMapping = new java.util.HashMap();
}
if (this.attributeMapping.containsKey(key))
throw new IllegalArgumentException("Duplicated keys (" + key.toString() + ") are provided.");
this.attributeMapping.put(key, value);
return this;
}
/**
* Removes all the entries added into AttributeMapping.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateIdentityProviderRequest clearAttributeMappingEntries() {
this.attributeMapping = null;
return this;
}
/**
*
* A list of IdP identifiers.
*
*
* @return A list of IdP identifiers.
*/
public java.util.List getIdpIdentifiers() {
return idpIdentifiers;
}
/**
*
* A list of IdP identifiers.
*
*
* @param idpIdentifiers
* A list of IdP identifiers.
*/
public void setIdpIdentifiers(java.util.Collection idpIdentifiers) {
if (idpIdentifiers == null) {
this.idpIdentifiers = null;
return;
}
this.idpIdentifiers = new java.util.ArrayList(idpIdentifiers);
}
/**
*
* A list of IdP identifiers.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setIdpIdentifiers(java.util.Collection)} or {@link #withIdpIdentifiers(java.util.Collection)} if you want
* to override the existing values.
*
*
* @param idpIdentifiers
* A list of IdP identifiers.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateIdentityProviderRequest withIdpIdentifiers(String... idpIdentifiers) {
if (this.idpIdentifiers == null) {
setIdpIdentifiers(new java.util.ArrayList(idpIdentifiers.length));
}
for (String ele : idpIdentifiers) {
this.idpIdentifiers.add(ele);
}
return this;
}
/**
*
* A list of IdP identifiers.
*
*
* @param idpIdentifiers
* A list of IdP identifiers.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateIdentityProviderRequest withIdpIdentifiers(java.util.Collection idpIdentifiers) {
setIdpIdentifiers(idpIdentifiers);
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getUserPoolId() != null)
sb.append("UserPoolId: ").append(getUserPoolId()).append(",");
if (getProviderName() != null)
sb.append("ProviderName: ").append(getProviderName()).append(",");
if (getProviderType() != null)
sb.append("ProviderType: ").append(getProviderType()).append(",");
if (getProviderDetails() != null)
sb.append("ProviderDetails: ").append(getProviderDetails()).append(",");
if (getAttributeMapping() != null)
sb.append("AttributeMapping: ").append(getAttributeMapping()).append(",");
if (getIdpIdentifiers() != null)
sb.append("IdpIdentifiers: ").append(getIdpIdentifiers());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof CreateIdentityProviderRequest == false)
return false;
CreateIdentityProviderRequest other = (CreateIdentityProviderRequest) obj;
if (other.getUserPoolId() == null ^ this.getUserPoolId() == null)
return false;
if (other.getUserPoolId() != null && other.getUserPoolId().equals(this.getUserPoolId()) == false)
return false;
if (other.getProviderName() == null ^ this.getProviderName() == null)
return false;
if (other.getProviderName() != null && other.getProviderName().equals(this.getProviderName()) == false)
return false;
if (other.getProviderType() == null ^ this.getProviderType() == null)
return false;
if (other.getProviderType() != null && other.getProviderType().equals(this.getProviderType()) == false)
return false;
if (other.getProviderDetails() == null ^ this.getProviderDetails() == null)
return false;
if (other.getProviderDetails() != null && other.getProviderDetails().equals(this.getProviderDetails()) == false)
return false;
if (other.getAttributeMapping() == null ^ this.getAttributeMapping() == null)
return false;
if (other.getAttributeMapping() != null && other.getAttributeMapping().equals(this.getAttributeMapping()) == false)
return false;
if (other.getIdpIdentifiers() == null ^ this.getIdpIdentifiers() == null)
return false;
if (other.getIdpIdentifiers() != null && other.getIdpIdentifiers().equals(this.getIdpIdentifiers()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getUserPoolId() == null) ? 0 : getUserPoolId().hashCode());
hashCode = prime * hashCode + ((getProviderName() == null) ? 0 : getProviderName().hashCode());
hashCode = prime * hashCode + ((getProviderType() == null) ? 0 : getProviderType().hashCode());
hashCode = prime * hashCode + ((getProviderDetails() == null) ? 0 : getProviderDetails().hashCode());
hashCode = prime * hashCode + ((getAttributeMapping() == null) ? 0 : getAttributeMapping().hashCode());
hashCode = prime * hashCode + ((getIdpIdentifiers() == null) ? 0 : getIdpIdentifiers().hashCode());
return hashCode;
}
@Override
public CreateIdentityProviderRequest clone() {
return (CreateIdentityProviderRequest) super.clone();
}
}