libZSservicesZSamazonka-elbv2ZSamazonka-elbv2
Copyright(c) 2013-2021 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay <brendan.g.hay+amazonka@gmail.com>
Stabilityauto-generated
Portabilitynon-portable (GHC extensions)
Safe HaskellNone

Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig

Description

 
Synopsis

Documentation

data AuthenticateCognitoActionConfig Source #

Request parameters to use when integrating with Amazon Cognito to authenticate users.

See: newAuthenticateCognitoActionConfig smart constructor.

Constructors

AuthenticateCognitoActionConfig' 

Fields

  • authenticationRequestExtraParams :: Maybe (HashMap Text Text)

    The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

  • scope :: Maybe Text

    The set of user claims to be requested from the IdP. The default is openid.

    To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

  • onUnauthenticatedRequest :: Maybe AuthenticateCognitoActionConditionalBehaviorEnum

    The behavior if the user is not authenticated. The following are possible values:

    • deny@@ - Return an HTTP 401 Unauthorized error.
    • allow@@ - Allow the request to be forwarded to the target.
    • authenticate@@ - Redirect the request to the IdP authorization endpoint. This is the default value.
  • sessionCookieName :: Maybe Text

    The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

  • sessionTimeout :: Maybe Integer

    The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

  • userPoolArn :: Text

    The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

  • userPoolClientId :: Text

    The ID of the Amazon Cognito user pool client.

  • userPoolDomain :: Text

    The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

Instances

Instances details
Eq AuthenticateCognitoActionConfig Source # 
Instance details

Defined in Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig

Read AuthenticateCognitoActionConfig Source # 
Instance details

Defined in Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig

Show AuthenticateCognitoActionConfig Source # 
Instance details

Defined in Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig

Generic AuthenticateCognitoActionConfig Source # 
Instance details

Defined in Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig

Associated Types

type Rep AuthenticateCognitoActionConfig :: Type -> Type #

NFData AuthenticateCognitoActionConfig Source # 
Instance details

Defined in Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig

Hashable AuthenticateCognitoActionConfig Source # 
Instance details

Defined in Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig

ToQuery AuthenticateCognitoActionConfig Source # 
Instance details

Defined in Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig

FromXML AuthenticateCognitoActionConfig Source # 
Instance details

Defined in Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig

type Rep AuthenticateCognitoActionConfig Source # 
Instance details

Defined in Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig

type Rep AuthenticateCognitoActionConfig = D1 ('MetaData "AuthenticateCognitoActionConfig" "Amazonka.ELBV2.Types.AuthenticateCognitoActionConfig" "libZSservicesZSamazonka-elbv2ZSamazonka-elbv2" 'False) (C1 ('MetaCons "AuthenticateCognitoActionConfig'" 'PrefixI 'True) (((S1 ('MetaSel ('Just "authenticationRequestExtraParams") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe (HashMap Text Text))) :*: S1 ('MetaSel ('Just "scope") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))) :*: (S1 ('MetaSel ('Just "onUnauthenticatedRequest") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe AuthenticateCognitoActionConditionalBehaviorEnum)) :*: S1 ('MetaSel ('Just "sessionCookieName") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)))) :*: ((S1 ('MetaSel ('Just "sessionTimeout") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Integer)) :*: S1 ('MetaSel ('Just "userPoolArn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)) :*: (S1 ('MetaSel ('Just "userPoolClientId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "userPoolDomain") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)))))

newAuthenticateCognitoActionConfig Source #

Create a value of AuthenticateCognitoActionConfig with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:authenticationRequestExtraParams:AuthenticateCognitoActionConfig', authenticateCognitoActionConfig_authenticationRequestExtraParams - The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

$sel:scope:AuthenticateCognitoActionConfig', authenticateCognitoActionConfig_scope - The set of user claims to be requested from the IdP. The default is openid.

To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

$sel:onUnauthenticatedRequest:AuthenticateCognitoActionConfig', authenticateCognitoActionConfig_onUnauthenticatedRequest - The behavior if the user is not authenticated. The following are possible values:

  • deny@@ - Return an HTTP 401 Unauthorized error.
  • allow@@ - Allow the request to be forwarded to the target.
  • authenticate@@ - Redirect the request to the IdP authorization endpoint. This is the default value.

$sel:sessionCookieName:AuthenticateCognitoActionConfig', authenticateCognitoActionConfig_sessionCookieName - The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

$sel:sessionTimeout:AuthenticateCognitoActionConfig', authenticateCognitoActionConfig_sessionTimeout - The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

$sel:userPoolArn:AuthenticateCognitoActionConfig', authenticateCognitoActionConfig_userPoolArn - The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

$sel:userPoolClientId:AuthenticateCognitoActionConfig', authenticateCognitoActionConfig_userPoolClientId - The ID of the Amazon Cognito user pool client.

$sel:userPoolDomain:AuthenticateCognitoActionConfig', authenticateCognitoActionConfig_userPoolDomain - The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

authenticateCognitoActionConfig_authenticationRequestExtraParams :: Lens' AuthenticateCognitoActionConfig (Maybe (HashMap Text Text)) Source #

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

authenticateCognitoActionConfig_scope :: Lens' AuthenticateCognitoActionConfig (Maybe Text) Source #

The set of user claims to be requested from the IdP. The default is openid.

To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

authenticateCognitoActionConfig_onUnauthenticatedRequest :: Lens' AuthenticateCognitoActionConfig (Maybe AuthenticateCognitoActionConditionalBehaviorEnum) Source #

The behavior if the user is not authenticated. The following are possible values:

  • deny@@ - Return an HTTP 401 Unauthorized error.
  • allow@@ - Allow the request to be forwarded to the target.
  • authenticate@@ - Redirect the request to the IdP authorization endpoint. This is the default value.

authenticateCognitoActionConfig_sessionCookieName :: Lens' AuthenticateCognitoActionConfig (Maybe Text) Source #

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

authenticateCognitoActionConfig_sessionTimeout :: Lens' AuthenticateCognitoActionConfig (Maybe Integer) Source #

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

authenticateCognitoActionConfig_userPoolArn :: Lens' AuthenticateCognitoActionConfig Text Source #

The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

authenticateCognitoActionConfig_userPoolDomain :: Lens' AuthenticateCognitoActionConfig Text Source #

The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.