class Aws::ElasticLoadBalancingV2::Types::AuthenticateCognitoActionConfig
Request parameters to use when integrating with Amazon Cognito to authenticate users.
@note When making an API call, you may pass AuthenticateCognitoActionConfig
data as a hash: { user_pool_arn: "AuthenticateCognitoActionUserPoolArn", # required user_pool_client_id: "AuthenticateCognitoActionUserPoolClientId", # required user_pool_domain: "AuthenticateCognitoActionUserPoolDomain", # required session_cookie_name: "AuthenticateCognitoActionSessionCookieName", scope: "AuthenticateCognitoActionScope", session_timeout: 1, authentication_request_extra_params: { "AuthenticateCognitoActionAuthenticationRequestParamName" => "AuthenticateCognitoActionAuthenticationRequestParamValue", }, on_unauthenticated_request: "deny", # accepts deny, allow, authenticate }
@!attribute [rw] user_pool_arn
The Amazon Resource Name (ARN) of the Amazon Cognito user pool. @return [String]
@!attribute [rw] user_pool_client_id
The ID of the Amazon Cognito user pool client. @return [String]
@!attribute [rw] user_pool_domain
The domain prefix or fully-qualified domain name of the Amazon Cognito user pool. @return [String]
@!attribute [rw] session_cookie_name
The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie. @return [String]
@!attribute [rw] scope
The set of user claims to be requested from the IdP. The default is `openid`. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP. @return [String]
@!attribute [rw] session_timeout
The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days). @return [Integer]
@!attribute [rw] authentication_request_extra_params
The query parameters (up to 10) to include in the redirect request to the authorization endpoint. @return [Hash<String,String>]
@!attribute [rw] on_unauthenticated_request
The behavior if the user is not authenticated. The following are possible values: * deny`` - Return an HTTP 401 Unauthorized error. * allow`` - Allow the request to be forwarded to the target. * authenticate`` - Redirect the request to the IdP authorization endpoint. This is the default value. @return [String]
@see docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/AuthenticateCognitoActionConfig AWS API Documentation
Constants
- SENSITIVE