com.pulumi.aws.cognito.inputs.UserPoolClientState Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of aws Show documentation
Show all versions of aws Show documentation
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
The newest version!
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.aws.cognito.inputs;
import com.pulumi.aws.cognito.inputs.UserPoolClientAnalyticsConfigurationArgs;
import com.pulumi.aws.cognito.inputs.UserPoolClientTokenValidityUnitsArgs;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Import;
import java.lang.Boolean;
import java.lang.Integer;
import java.lang.String;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
public final class UserPoolClientState extends com.pulumi.resources.ResourceArgs {
public static final UserPoolClientState Empty = new UserPoolClientState();
/**
* Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.
*
*/
@Import(name="accessTokenValidity")
private @Nullable Output accessTokenValidity;
/**
* @return Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.
*
*/
public Optional> accessTokenValidity() {
return Optional.ofNullable(this.accessTokenValidity);
}
/**
* List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="allowedOauthFlows")
private @Nullable Output> allowedOauthFlows;
/**
* @return List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> allowedOauthFlows() {
return Optional.ofNullable(this.allowedOauthFlows);
}
/**
* Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
*/
@Import(name="allowedOauthFlowsUserPoolClient")
private @Nullable Output allowedOauthFlowsUserPoolClient;
/**
* @return Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
*/
public Optional> allowedOauthFlowsUserPoolClient() {
return Optional.ofNullable(this.allowedOauthFlowsUserPoolClient);
}
/**
* List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="allowedOauthScopes")
private @Nullable Output> allowedOauthScopes;
/**
* @return List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> allowedOauthScopes() {
return Optional.ofNullable(this.allowedOauthScopes);
}
/**
* Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.
*
*/
@Import(name="analyticsConfiguration")
private @Nullable Output analyticsConfiguration;
/**
* @return Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.
*
*/
public Optional> analyticsConfiguration() {
return Optional.ofNullable(this.analyticsConfiguration);
}
/**
* Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.
*
*/
@Import(name="authSessionValidity")
private @Nullable Output authSessionValidity;
/**
* @return Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.
*
*/
public Optional> authSessionValidity() {
return Optional.ofNullable(this.authSessionValidity);
}
/**
* List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="callbackUrls")
private @Nullable Output> callbackUrls;
/**
* @return List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> callbackUrls() {
return Optional.ofNullable(this.callbackUrls);
}
/**
* Client secret of the user pool client.
*
*/
@Import(name="clientSecret")
private @Nullable Output clientSecret;
/**
* @return Client secret of the user pool client.
*
*/
public Optional> clientSecret() {
return Optional.ofNullable(this.clientSecret);
}
/**
* Default redirect URI and must be included in the list of callback URLs.
*
*/
@Import(name="defaultRedirectUri")
private @Nullable Output defaultRedirectUri;
/**
* @return Default redirect URI and must be included in the list of callback URLs.
*
*/
public Optional> defaultRedirectUri() {
return Optional.ofNullable(this.defaultRedirectUri);
}
/**
* Enables the propagation of additional user context data.
*
*/
@Import(name="enablePropagateAdditionalUserContextData")
private @Nullable Output enablePropagateAdditionalUserContextData;
/**
* @return Enables the propagation of additional user context data.
*
*/
public Optional> enablePropagateAdditionalUserContextData() {
return Optional.ofNullable(this.enablePropagateAdditionalUserContextData);
}
/**
* Enables or disables token revocation.
*
*/
@Import(name="enableTokenRevocation")
private @Nullable Output enableTokenRevocation;
/**
* @return Enables or disables token revocation.
*
*/
public Optional> enableTokenRevocation() {
return Optional.ofNullable(this.enableTokenRevocation);
}
/**
* List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
*/
@Import(name="explicitAuthFlows")
private @Nullable Output> explicitAuthFlows;
/**
* @return List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
*/
public Optional>> explicitAuthFlows() {
return Optional.ofNullable(this.explicitAuthFlows);
}
/**
* Boolean flag indicating whether an application secret should be generated.
*
*/
@Import(name="generateSecret")
private @Nullable Output generateSecret;
/**
* @return Boolean flag indicating whether an application secret should be generated.
*
*/
public Optional> generateSecret() {
return Optional.ofNullable(this.generateSecret);
}
/**
* Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.
*
*/
@Import(name="idTokenValidity")
private @Nullable Output idTokenValidity;
/**
* @return Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.
*
*/
public Optional> idTokenValidity() {
return Optional.ofNullable(this.idTokenValidity);
}
/**
* List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="logoutUrls")
private @Nullable Output> logoutUrls;
/**
* @return List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> logoutUrls() {
return Optional.ofNullable(this.logoutUrls);
}
/**
* Name of the application client.
*
*/
@Import(name="name")
private @Nullable Output name;
/**
* @return Name of the application client.
*
*/
public Optional> name() {
return Optional.ofNullable(this.name);
}
/**
* Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.
*
*/
@Import(name="preventUserExistenceErrors")
private @Nullable Output preventUserExistenceErrors;
/**
* @return Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.
*
*/
public Optional> preventUserExistenceErrors() {
return Optional.ofNullable(this.preventUserExistenceErrors);
}
/**
* List of user pool attributes that the application client can read from.
*
*/
@Import(name="readAttributes")
private @Nullable Output> readAttributes;
/**
* @return List of user pool attributes that the application client can read from.
*
*/
public Optional>> readAttributes() {
return Optional.ofNullable(this.readAttributes);
}
/**
* Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.
*
*/
@Import(name="refreshTokenValidity")
private @Nullable Output refreshTokenValidity;
/**
* @return Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.
*
*/
public Optional> refreshTokenValidity() {
return Optional.ofNullable(this.refreshTokenValidity);
}
/**
* List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
*
*/
@Import(name="supportedIdentityProviders")
private @Nullable Output> supportedIdentityProviders;
/**
* @return List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
*
*/
public Optional>> supportedIdentityProviders() {
return Optional.ofNullable(this.supportedIdentityProviders);
}
/**
* Configuration block for representing the validity times in units. See details below. Detailed below.
*
*/
@Import(name="tokenValidityUnits")
private @Nullable Output tokenValidityUnits;
/**
* @return Configuration block for representing the validity times in units. See details below. Detailed below.
*
*/
public Optional> tokenValidityUnits() {
return Optional.ofNullable(this.tokenValidityUnits);
}
/**
* User pool the client belongs to.
*
* The following arguments are optional:
*
*/
@Import(name="userPoolId")
private @Nullable Output userPoolId;
/**
* @return User pool the client belongs to.
*
* The following arguments are optional:
*
*/
public Optional> userPoolId() {
return Optional.ofNullable(this.userPoolId);
}
/**
* List of user pool attributes that the application client can write to.
*
*/
@Import(name="writeAttributes")
private @Nullable Output> writeAttributes;
/**
* @return List of user pool attributes that the application client can write to.
*
*/
public Optional>> writeAttributes() {
return Optional.ofNullable(this.writeAttributes);
}
private UserPoolClientState() {}
private UserPoolClientState(UserPoolClientState $) {
this.accessTokenValidity = $.accessTokenValidity;
this.allowedOauthFlows = $.allowedOauthFlows;
this.allowedOauthFlowsUserPoolClient = $.allowedOauthFlowsUserPoolClient;
this.allowedOauthScopes = $.allowedOauthScopes;
this.analyticsConfiguration = $.analyticsConfiguration;
this.authSessionValidity = $.authSessionValidity;
this.callbackUrls = $.callbackUrls;
this.clientSecret = $.clientSecret;
this.defaultRedirectUri = $.defaultRedirectUri;
this.enablePropagateAdditionalUserContextData = $.enablePropagateAdditionalUserContextData;
this.enableTokenRevocation = $.enableTokenRevocation;
this.explicitAuthFlows = $.explicitAuthFlows;
this.generateSecret = $.generateSecret;
this.idTokenValidity = $.idTokenValidity;
this.logoutUrls = $.logoutUrls;
this.name = $.name;
this.preventUserExistenceErrors = $.preventUserExistenceErrors;
this.readAttributes = $.readAttributes;
this.refreshTokenValidity = $.refreshTokenValidity;
this.supportedIdentityProviders = $.supportedIdentityProviders;
this.tokenValidityUnits = $.tokenValidityUnits;
this.userPoolId = $.userPoolId;
this.writeAttributes = $.writeAttributes;
}
public static Builder builder() {
return new Builder();
}
public static Builder builder(UserPoolClientState defaults) {
return new Builder(defaults);
}
public static final class Builder {
private UserPoolClientState $;
public Builder() {
$ = new UserPoolClientState();
}
public Builder(UserPoolClientState defaults) {
$ = new UserPoolClientState(Objects.requireNonNull(defaults));
}
/**
* @param accessTokenValidity Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.
*
* @return builder
*
*/
public Builder accessTokenValidity(@Nullable Output accessTokenValidity) {
$.accessTokenValidity = accessTokenValidity;
return this;
}
/**
* @param accessTokenValidity Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.
*
* @return builder
*
*/
public Builder accessTokenValidity(Integer accessTokenValidity) {
return accessTokenValidity(Output.of(accessTokenValidity));
}
/**
* @param allowedOauthFlows List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder allowedOauthFlows(@Nullable Output> allowedOauthFlows) {
$.allowedOauthFlows = allowedOauthFlows;
return this;
}
/**
* @param allowedOauthFlows List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder allowedOauthFlows(List allowedOauthFlows) {
return allowedOauthFlows(Output.of(allowedOauthFlows));
}
/**
* @param allowedOauthFlows List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder allowedOauthFlows(String... allowedOauthFlows) {
return allowedOauthFlows(List.of(allowedOauthFlows));
}
/**
* @param allowedOauthFlowsUserPoolClient Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
* @return builder
*
*/
public Builder allowedOauthFlowsUserPoolClient(@Nullable Output allowedOauthFlowsUserPoolClient) {
$.allowedOauthFlowsUserPoolClient = allowedOauthFlowsUserPoolClient;
return this;
}
/**
* @param allowedOauthFlowsUserPoolClient Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
* @return builder
*
*/
public Builder allowedOauthFlowsUserPoolClient(Boolean allowedOauthFlowsUserPoolClient) {
return allowedOauthFlowsUserPoolClient(Output.of(allowedOauthFlowsUserPoolClient));
}
/**
* @param allowedOauthScopes List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder allowedOauthScopes(@Nullable Output> allowedOauthScopes) {
$.allowedOauthScopes = allowedOauthScopes;
return this;
}
/**
* @param allowedOauthScopes List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder allowedOauthScopes(List allowedOauthScopes) {
return allowedOauthScopes(Output.of(allowedOauthScopes));
}
/**
* @param allowedOauthScopes List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder allowedOauthScopes(String... allowedOauthScopes) {
return allowedOauthScopes(List.of(allowedOauthScopes));
}
/**
* @param analyticsConfiguration Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.
*
* @return builder
*
*/
public Builder analyticsConfiguration(@Nullable Output analyticsConfiguration) {
$.analyticsConfiguration = analyticsConfiguration;
return this;
}
/**
* @param analyticsConfiguration Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.
*
* @return builder
*
*/
public Builder analyticsConfiguration(UserPoolClientAnalyticsConfigurationArgs analyticsConfiguration) {
return analyticsConfiguration(Output.of(analyticsConfiguration));
}
/**
* @param authSessionValidity Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.
*
* @return builder
*
*/
public Builder authSessionValidity(@Nullable Output authSessionValidity) {
$.authSessionValidity = authSessionValidity;
return this;
}
/**
* @param authSessionValidity Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.
*
* @return builder
*
*/
public Builder authSessionValidity(Integer authSessionValidity) {
return authSessionValidity(Output.of(authSessionValidity));
}
/**
* @param callbackUrls List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder callbackUrls(@Nullable Output> callbackUrls) {
$.callbackUrls = callbackUrls;
return this;
}
/**
* @param callbackUrls List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder callbackUrls(List callbackUrls) {
return callbackUrls(Output.of(callbackUrls));
}
/**
* @param callbackUrls List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder callbackUrls(String... callbackUrls) {
return callbackUrls(List.of(callbackUrls));
}
/**
* @param clientSecret Client secret of the user pool client.
*
* @return builder
*
*/
public Builder clientSecret(@Nullable Output clientSecret) {
$.clientSecret = clientSecret;
return this;
}
/**
* @param clientSecret Client secret of the user pool client.
*
* @return builder
*
*/
public Builder clientSecret(String clientSecret) {
return clientSecret(Output.of(clientSecret));
}
/**
* @param defaultRedirectUri Default redirect URI and must be included in the list of callback URLs.
*
* @return builder
*
*/
public Builder defaultRedirectUri(@Nullable Output defaultRedirectUri) {
$.defaultRedirectUri = defaultRedirectUri;
return this;
}
/**
* @param defaultRedirectUri Default redirect URI and must be included in the list of callback URLs.
*
* @return builder
*
*/
public Builder defaultRedirectUri(String defaultRedirectUri) {
return defaultRedirectUri(Output.of(defaultRedirectUri));
}
/**
* @param enablePropagateAdditionalUserContextData Enables the propagation of additional user context data.
*
* @return builder
*
*/
public Builder enablePropagateAdditionalUserContextData(@Nullable Output enablePropagateAdditionalUserContextData) {
$.enablePropagateAdditionalUserContextData = enablePropagateAdditionalUserContextData;
return this;
}
/**
* @param enablePropagateAdditionalUserContextData Enables the propagation of additional user context data.
*
* @return builder
*
*/
public Builder enablePropagateAdditionalUserContextData(Boolean enablePropagateAdditionalUserContextData) {
return enablePropagateAdditionalUserContextData(Output.of(enablePropagateAdditionalUserContextData));
}
/**
* @param enableTokenRevocation Enables or disables token revocation.
*
* @return builder
*
*/
public Builder enableTokenRevocation(@Nullable Output enableTokenRevocation) {
$.enableTokenRevocation = enableTokenRevocation;
return this;
}
/**
* @param enableTokenRevocation Enables or disables token revocation.
*
* @return builder
*
*/
public Builder enableTokenRevocation(Boolean enableTokenRevocation) {
return enableTokenRevocation(Output.of(enableTokenRevocation));
}
/**
* @param explicitAuthFlows List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
* @return builder
*
*/
public Builder explicitAuthFlows(@Nullable Output> explicitAuthFlows) {
$.explicitAuthFlows = explicitAuthFlows;
return this;
}
/**
* @param explicitAuthFlows List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
* @return builder
*
*/
public Builder explicitAuthFlows(List explicitAuthFlows) {
return explicitAuthFlows(Output.of(explicitAuthFlows));
}
/**
* @param explicitAuthFlows List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
* @return builder
*
*/
public Builder explicitAuthFlows(String... explicitAuthFlows) {
return explicitAuthFlows(List.of(explicitAuthFlows));
}
/**
* @param generateSecret Boolean flag indicating whether an application secret should be generated.
*
* @return builder
*
*/
public Builder generateSecret(@Nullable Output generateSecret) {
$.generateSecret = generateSecret;
return this;
}
/**
* @param generateSecret Boolean flag indicating whether an application secret should be generated.
*
* @return builder
*
*/
public Builder generateSecret(Boolean generateSecret) {
return generateSecret(Output.of(generateSecret));
}
/**
* @param idTokenValidity Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.
*
* @return builder
*
*/
public Builder idTokenValidity(@Nullable Output idTokenValidity) {
$.idTokenValidity = idTokenValidity;
return this;
}
/**
* @param idTokenValidity Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.
*
* @return builder
*
*/
public Builder idTokenValidity(Integer idTokenValidity) {
return idTokenValidity(Output.of(idTokenValidity));
}
/**
* @param logoutUrls List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder logoutUrls(@Nullable Output> logoutUrls) {
$.logoutUrls = logoutUrls;
return this;
}
/**
* @param logoutUrls List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder logoutUrls(List logoutUrls) {
return logoutUrls(Output.of(logoutUrls));
}
/**
* @param logoutUrls List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
*/
public Builder logoutUrls(String... logoutUrls) {
return logoutUrls(List.of(logoutUrls));
}
/**
* @param name Name of the application client.
*
* @return builder
*
*/
public Builder name(@Nullable Output name) {
$.name = name;
return this;
}
/**
* @param name Name of the application client.
*
* @return builder
*
*/
public Builder name(String name) {
return name(Output.of(name));
}
/**
* @param preventUserExistenceErrors Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.
*
* @return builder
*
*/
public Builder preventUserExistenceErrors(@Nullable Output preventUserExistenceErrors) {
$.preventUserExistenceErrors = preventUserExistenceErrors;
return this;
}
/**
* @param preventUserExistenceErrors Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.
*
* @return builder
*
*/
public Builder preventUserExistenceErrors(String preventUserExistenceErrors) {
return preventUserExistenceErrors(Output.of(preventUserExistenceErrors));
}
/**
* @param readAttributes List of user pool attributes that the application client can read from.
*
* @return builder
*
*/
public Builder readAttributes(@Nullable Output> readAttributes) {
$.readAttributes = readAttributes;
return this;
}
/**
* @param readAttributes List of user pool attributes that the application client can read from.
*
* @return builder
*
*/
public Builder readAttributes(List readAttributes) {
return readAttributes(Output.of(readAttributes));
}
/**
* @param readAttributes List of user pool attributes that the application client can read from.
*
* @return builder
*
*/
public Builder readAttributes(String... readAttributes) {
return readAttributes(List.of(readAttributes));
}
/**
* @param refreshTokenValidity Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.
*
* @return builder
*
*/
public Builder refreshTokenValidity(@Nullable Output refreshTokenValidity) {
$.refreshTokenValidity = refreshTokenValidity;
return this;
}
/**
* @param refreshTokenValidity Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.
*
* @return builder
*
*/
public Builder refreshTokenValidity(Integer refreshTokenValidity) {
return refreshTokenValidity(Output.of(refreshTokenValidity));
}
/**
* @param supportedIdentityProviders List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
*
* @return builder
*
*/
public Builder supportedIdentityProviders(@Nullable Output> supportedIdentityProviders) {
$.supportedIdentityProviders = supportedIdentityProviders;
return this;
}
/**
* @param supportedIdentityProviders List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
*
* @return builder
*
*/
public Builder supportedIdentityProviders(List supportedIdentityProviders) {
return supportedIdentityProviders(Output.of(supportedIdentityProviders));
}
/**
* @param supportedIdentityProviders List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
*
* @return builder
*
*/
public Builder supportedIdentityProviders(String... supportedIdentityProviders) {
return supportedIdentityProviders(List.of(supportedIdentityProviders));
}
/**
* @param tokenValidityUnits Configuration block for representing the validity times in units. See details below. Detailed below.
*
* @return builder
*
*/
public Builder tokenValidityUnits(@Nullable Output tokenValidityUnits) {
$.tokenValidityUnits = tokenValidityUnits;
return this;
}
/**
* @param tokenValidityUnits Configuration block for representing the validity times in units. See details below. Detailed below.
*
* @return builder
*
*/
public Builder tokenValidityUnits(UserPoolClientTokenValidityUnitsArgs tokenValidityUnits) {
return tokenValidityUnits(Output.of(tokenValidityUnits));
}
/**
* @param userPoolId User pool the client belongs to.
*
* The following arguments are optional:
*
* @return builder
*
*/
public Builder userPoolId(@Nullable Output userPoolId) {
$.userPoolId = userPoolId;
return this;
}
/**
* @param userPoolId User pool the client belongs to.
*
* The following arguments are optional:
*
* @return builder
*
*/
public Builder userPoolId(String userPoolId) {
return userPoolId(Output.of(userPoolId));
}
/**
* @param writeAttributes List of user pool attributes that the application client can write to.
*
* @return builder
*
*/
public Builder writeAttributes(@Nullable Output> writeAttributes) {
$.writeAttributes = writeAttributes;
return this;
}
/**
* @param writeAttributes List of user pool attributes that the application client can write to.
*
* @return builder
*
*/
public Builder writeAttributes(List writeAttributes) {
return writeAttributes(Output.of(writeAttributes));
}
/**
* @param writeAttributes List of user pool attributes that the application client can write to.
*
* @return builder
*
*/
public Builder writeAttributes(String... writeAttributes) {
return writeAttributes(List.of(writeAttributes));
}
public UserPoolClientState build() {
return $;
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy