* Represents the request to create a user pool client. *
* * @see AWS * API Documentation */ @Generated("com.amazonaws:aws-java-sdk-code-generator") public class CreateUserPoolClientRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable { /** ** The user pool ID for the user pool where you want to create a user pool client. *
*/ private String userPoolId; /** ** The client name for the user pool client you would like to create. *
*/ private String clientName; /** ** Boolean to specify whether you want to generate a secret for the user pool client being created. *
*/ private Boolean generateSecret; /** *
* The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the
* time unit for RefreshTokenValidity as seconds, minutes, hours
* , or days, set a TokenValidityUnits value in your API request.
*
* For example, when you set RefreshTokenValidity as 10 and
* TokenValidityUnits as days, your user can refresh their session and retrieve new access
* and ID tokens for 10 days.
*
* The default time unit for RefreshTokenValidity in an API request is days. You can't set
* RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of
* 30 days. Valid range is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your refresh tokens are valid for 30 * days. *
*/ private Integer refreshTokenValidity; /** *
* The access token time limit. After this limit expires, your user can't use their access token. To specify the
* time unit for AccessTokenValidity as seconds, minutes, hours,
* or days, set a TokenValidityUnits value in your API request.
*
* For example, when you set AccessTokenValidity to 10 and TokenValidityUnits
* to hours, your user can authorize access with their access token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range is
* displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your access tokens are valid for one * hour. *
*/ private Integer accessTokenValidity; /** *
* The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit
* for IdTokenValidity as seconds, minutes, hours, or
* days, set a TokenValidityUnits value in your API request.
*
* For example, when you set IdTokenValidity as 10 and TokenValidityUnits as
* hours, your user can authenticate their session with their ID token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range is
* displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your ID tokens are valid for one hour. *
*/ private Integer idTokenValidity; /** ** The units in which the validity times are represented. The default unit for RefreshToken is days, and default for * ID and access tokens are hours. *
*/ private TokenValidityUnitsType tokenValidityUnits; /** ** The read attributes. *
*/ private java.util.List* The user pool attributes that the app client can write to. *
** If your app client allows users to sign in through an IdP, this array must include all attributes that you have * mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through * an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when * it tries to update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
*/ private java.util.List* The authentication flows that you want your user pool client to support. For each app client in your user pool, * you can sign in your users with any combination of one or more flows, including with a user name and Secure * Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda * functions. *
*
* If you don't specify a value for ExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
*
* Valid values include: *
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With
* this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of
* using the Secure Remote Password (SRP) protocol to securely transmit the password.
*
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
*
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito
* receives the password in the request instead of using the SRP protocol to verify passwords.
*
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
*
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
*
* In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
* or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user
* pool clients at the same time as values that begin with ALLOW_, like
* ALLOW_USER_SRP_AUTH.
*
* A list of provider names for the identity providers (IdPs) that are supported on this client. The following are
* supported: COGNITO, Facebook, Google, SignInWithApple, and
* LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in
* your user pool, for example MySAMLIdP or MyOIDCIdP.
*
* A list of allowed redirect (callback) URLs for the IdPs. *
** A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
** App callback URLs such as myapp://example are also supported. *
*/ private java.util.List* A list of allowed logout URLs for the IdPs. *
*/ private java.util.List
* The default redirect URI. Must be in the CallbackURLs list.
*
* A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
** App callback URLs such as myapp://example are also supported. *
*/ private String defaultRedirectURI; /** ** The allowed OAuth flows. *
*
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for
* access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* The allowed OAuth scopes. Possible values provided by OAuth are phone, email,
* openid, and profile. Possible values provided by Amazon Web Services are
* aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
*
* Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user * pools. *
*/ private Boolean allowedOAuthFlowsUserPoolClient; /** ** The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign. *
** In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only support sending events to * Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where Amazon Pinpoint is available, * user pools support sending events to Amazon Pinpoint projects within that same Region. *
*
* Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and
* password recovery when the user doesn't exist in the user pool. When set to ENABLED and the user
* doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account
* confirmation and password recovery return a response indicating a code was sent to a simulated destination. When
* set to LEGACY, those APIs return a UserNotFoundException exception if the user doesn't
* exist in the user pool.
*
* Valid values include: *
*
* ENABLED - This prevents user existence-related errors.
*
* LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors
* aren't prevented.
*
* Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken. *
** If you don't include this parameter, token revocation is automatically activated for the new user pool client. *
*/ private Boolean enableTokenRevocation; /** *
* Activates the propagation of additional user context data. For more information about propagation of user context
* data, see
* Adding advanced security to a user pool. If you don’t include this parameter, you can't send device
* fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate
* EnablePropagateAdditionalUserContextData in an app client that has a client secret.
*
* Amazon Cognito creates a session token for each API request in an authentication flow.
* AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user
* must respond to each authentication challenge before the session expires.
*
* The user pool ID for the user pool where you want to create a user pool client. *
* * @param userPoolId * The user pool ID for the user pool where you want to create a user pool client. */ public void setUserPoolId(String userPoolId) { this.userPoolId = userPoolId; } /** ** The user pool ID for the user pool where you want to create a user pool client. *
* * @return The user pool ID for the user pool where you want to create a user pool client. */ public String getUserPoolId() { return this.userPoolId; } /** ** The user pool ID for the user pool where you want to create a user pool client. *
* * @param userPoolId * The user pool ID for the user pool where you want to create a user pool client. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withUserPoolId(String userPoolId) { setUserPoolId(userPoolId); return this; } /** ** The client name for the user pool client you would like to create. *
* * @param clientName * The client name for the user pool client you would like to create. */ public void setClientName(String clientName) { this.clientName = clientName; } /** ** The client name for the user pool client you would like to create. *
* * @return The client name for the user pool client you would like to create. */ public String getClientName() { return this.clientName; } /** ** The client name for the user pool client you would like to create. *
* * @param clientName * The client name for the user pool client you would like to create. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withClientName(String clientName) { setClientName(clientName); return this; } /** ** Boolean to specify whether you want to generate a secret for the user pool client being created. *
* * @param generateSecret * Boolean to specify whether you want to generate a secret for the user pool client being created. */ public void setGenerateSecret(Boolean generateSecret) { this.generateSecret = generateSecret; } /** ** Boolean to specify whether you want to generate a secret for the user pool client being created. *
* * @return Boolean to specify whether you want to generate a secret for the user pool client being created. */ public Boolean getGenerateSecret() { return this.generateSecret; } /** ** Boolean to specify whether you want to generate a secret for the user pool client being created. *
* * @param generateSecret * Boolean to specify whether you want to generate a secret for the user pool client being created. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withGenerateSecret(Boolean generateSecret) { setGenerateSecret(generateSecret); return this; } /** ** Boolean to specify whether you want to generate a secret for the user pool client being created. *
* * @return Boolean to specify whether you want to generate a secret for the user pool client being created. */ public Boolean isGenerateSecret() { return this.generateSecret; } /** *
* The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the
* time unit for RefreshTokenValidity as seconds, minutes, hours
* , or days, set a TokenValidityUnits value in your API request.
*
* For example, when you set RefreshTokenValidity as 10 and
* TokenValidityUnits as days, your user can refresh their session and retrieve new access
* and ID tokens for 10 days.
*
* The default time unit for RefreshTokenValidity in an API request is days. You can't set
* RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of
* 30 days. Valid range is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your refresh tokens are valid for 30 * days. *
* * @param refreshTokenValidity * The refresh token time limit. After this limit expires, your user can't use their refresh token. To * specify the time unit forRefreshTokenValidity as seconds, minutes,
* hours, or days, set a TokenValidityUnits value in your API
* request.
*
* For example, when you set RefreshTokenValidity as 10 and
* TokenValidityUnits as days, your user can refresh their session and retrieve new
* access and ID tokens for 10 days.
*
* The default time unit for RefreshTokenValidity in an API request is days. You can't set
* RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default
* value of 30 days. Valid range is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your refresh tokens are valid for * 30 days. */ public void setRefreshTokenValidity(Integer refreshTokenValidity) { this.refreshTokenValidity = refreshTokenValidity; } /** *
* The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the
* time unit for RefreshTokenValidity as seconds, minutes, hours
* , or days, set a TokenValidityUnits value in your API request.
*
* For example, when you set RefreshTokenValidity as 10 and
* TokenValidityUnits as days, your user can refresh their session and retrieve new access
* and ID tokens for 10 days.
*
* The default time unit for RefreshTokenValidity in an API request is days. You can't set
* RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of
* 30 days. Valid range is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your refresh tokens are valid for 30 * days. *
* * @return The refresh token time limit. After this limit expires, your user can't use their refresh token. To * specify the time unit forRefreshTokenValidity as seconds, minutes
* , hours, or days, set a TokenValidityUnits value in your API
* request.
*
* For example, when you set RefreshTokenValidity as 10 and
* TokenValidityUnits as days, your user can refresh their session and retrieve
* new access and ID tokens for 10 days.
*
* The default time unit for RefreshTokenValidity in an API request is days. You can't set
* RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default
* value of 30 days. Valid range is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your refresh tokens are valid for * 30 days. */ public Integer getRefreshTokenValidity() { return this.refreshTokenValidity; } /** *
* The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the
* time unit for RefreshTokenValidity as seconds, minutes, hours
* , or days, set a TokenValidityUnits value in your API request.
*
* For example, when you set RefreshTokenValidity as 10 and
* TokenValidityUnits as days, your user can refresh their session and retrieve new access
* and ID tokens for 10 days.
*
* The default time unit for RefreshTokenValidity in an API request is days. You can't set
* RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of
* 30 days. Valid range is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your refresh tokens are valid for 30 * days. *
* * @param refreshTokenValidity * The refresh token time limit. After this limit expires, your user can't use their refresh token. To * specify the time unit forRefreshTokenValidity as seconds, minutes,
* hours, or days, set a TokenValidityUnits value in your API
* request.
*
* For example, when you set RefreshTokenValidity as 10 and
* TokenValidityUnits as days, your user can refresh their session and retrieve new
* access and ID tokens for 10 days.
*
* The default time unit for RefreshTokenValidity in an API request is days. You can't set
* RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default
* value of 30 days. Valid range is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your refresh tokens are valid for * 30 days. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withRefreshTokenValidity(Integer refreshTokenValidity) { setRefreshTokenValidity(refreshTokenValidity); return this; } /** *
* The access token time limit. After this limit expires, your user can't use their access token. To specify the
* time unit for AccessTokenValidity as seconds, minutes, hours,
* or days, set a TokenValidityUnits value in your API request.
*
* For example, when you set AccessTokenValidity to 10 and TokenValidityUnits
* to hours, your user can authorize access with their access token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range is
* displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your access tokens are valid for one * hour. *
* * @param accessTokenValidity * The access token time limit. After this limit expires, your user can't use their access token. To specify * the time unit forAccessTokenValidity as seconds, minutes,
* hours, or days, set a TokenValidityUnits value in your API
* request.
*
* For example, when you set AccessTokenValidity to 10 and
* TokenValidityUnits to hours, your user can authorize access with their access
* token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range
* is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your access tokens are valid for * one hour. */ public void setAccessTokenValidity(Integer accessTokenValidity) { this.accessTokenValidity = accessTokenValidity; } /** *
* The access token time limit. After this limit expires, your user can't use their access token. To specify the
* time unit for AccessTokenValidity as seconds, minutes, hours,
* or days, set a TokenValidityUnits value in your API request.
*
* For example, when you set AccessTokenValidity to 10 and TokenValidityUnits
* to hours, your user can authorize access with their access token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range is
* displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your access tokens are valid for one * hour. *
* * @return The access token time limit. After this limit expires, your user can't use their access token. To specify * the time unit forAccessTokenValidity as seconds, minutes,
* hours, or days, set a TokenValidityUnits value in your API
* request.
*
* For example, when you set AccessTokenValidity to 10 and
* TokenValidityUnits to hours, your user can authorize access with their access
* token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range
* is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your access tokens are valid for * one hour. */ public Integer getAccessTokenValidity() { return this.accessTokenValidity; } /** *
* The access token time limit. After this limit expires, your user can't use their access token. To specify the
* time unit for AccessTokenValidity as seconds, minutes, hours,
* or days, set a TokenValidityUnits value in your API request.
*
* For example, when you set AccessTokenValidity to 10 and TokenValidityUnits
* to hours, your user can authorize access with their access token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range is
* displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your access tokens are valid for one * hour. *
* * @param accessTokenValidity * The access token time limit. After this limit expires, your user can't use their access token. To specify * the time unit forAccessTokenValidity as seconds, minutes,
* hours, or days, set a TokenValidityUnits value in your API
* request.
*
* For example, when you set AccessTokenValidity to 10 and
* TokenValidityUnits to hours, your user can authorize access with their access
* token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range
* is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your access tokens are valid for * one hour. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withAccessTokenValidity(Integer accessTokenValidity) { setAccessTokenValidity(accessTokenValidity); return this; } /** *
* The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit
* for IdTokenValidity as seconds, minutes, hours, or
* days, set a TokenValidityUnits value in your API request.
*
* For example, when you set IdTokenValidity as 10 and TokenValidityUnits as
* hours, your user can authenticate their session with their ID token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range is
* displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your ID tokens are valid for one hour. *
* * @param idTokenValidity * The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time * unit forIdTokenValidity as seconds, minutes, hours,
* or days, set a TokenValidityUnits value in your API request.
*
* For example, when you set IdTokenValidity as 10 and
* TokenValidityUnits as hours, your user can authenticate their session with their
* ID token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range
* is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your ID tokens are valid for one * hour. */ public void setIdTokenValidity(Integer idTokenValidity) { this.idTokenValidity = idTokenValidity; } /** *
* The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit
* for IdTokenValidity as seconds, minutes, hours, or
* days, set a TokenValidityUnits value in your API request.
*
* For example, when you set IdTokenValidity as 10 and TokenValidityUnits as
* hours, your user can authenticate their session with their ID token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range is
* displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your ID tokens are valid for one hour. *
* * @return The ID token time limit. After this limit expires, your user can't use their ID token. To specify the * time unit forIdTokenValidity as seconds, minutes,
* hours, or days, set a TokenValidityUnits value in your API
* request.
*
* For example, when you set IdTokenValidity as 10 and
* TokenValidityUnits as hours, your user can authenticate their session with
* their ID token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range
* is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your ID tokens are valid for one * hour. */ public Integer getIdTokenValidity() { return this.idTokenValidity; } /** *
* The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit
* for IdTokenValidity as seconds, minutes, hours, or
* days, set a TokenValidityUnits value in your API request.
*
* For example, when you set IdTokenValidity as 10 and TokenValidityUnits as
* hours, your user can authenticate their session with their ID token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range is
* displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your ID tokens are valid for one hour. *
* * @param idTokenValidity * The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time * unit forIdTokenValidity as seconds, minutes, hours,
* or days, set a TokenValidityUnits value in your API request.
*
* For example, when you set IdTokenValidity as 10 and
* TokenValidityUnits as hours, your user can authenticate their session with their
* ID token for 10 hours.
*
* The default time unit for AccessTokenValidity in an API request is hours. Valid range
* is displayed below in seconds.
*
* If you don't specify otherwise in the configuration of your app client, your ID tokens are valid for one * hour. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withIdTokenValidity(Integer idTokenValidity) { setIdTokenValidity(idTokenValidity); return this; } /** *
* The units in which the validity times are represented. The default unit for RefreshToken is days, and default for * ID and access tokens are hours. *
* * @param tokenValidityUnits * The units in which the validity times are represented. The default unit for RefreshToken is days, and * default for ID and access tokens are hours. */ public void setTokenValidityUnits(TokenValidityUnitsType tokenValidityUnits) { this.tokenValidityUnits = tokenValidityUnits; } /** ** The units in which the validity times are represented. The default unit for RefreshToken is days, and default for * ID and access tokens are hours. *
* * @return The units in which the validity times are represented. The default unit for RefreshToken is days, and * default for ID and access tokens are hours. */ public TokenValidityUnitsType getTokenValidityUnits() { return this.tokenValidityUnits; } /** ** The units in which the validity times are represented. The default unit for RefreshToken is days, and default for * ID and access tokens are hours. *
* * @param tokenValidityUnits * The units in which the validity times are represented. The default unit for RefreshToken is days, and * default for ID and access tokens are hours. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withTokenValidityUnits(TokenValidityUnitsType tokenValidityUnits) { setTokenValidityUnits(tokenValidityUnits); return this; } /** ** The read attributes. *
* * @return The read attributes. */ public java.util.List* The read attributes. *
* * @param readAttributes * The read attributes. */ public void setReadAttributes(java.util.Collection* The read attributes. *
** NOTE: This method appends the values to the existing list (if any). Use * {@link #setReadAttributes(java.util.Collection)} or {@link #withReadAttributes(java.util.Collection)} if you want * to override the existing values. *
* * @param readAttributes * The read attributes. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withReadAttributes(String... readAttributes) { if (this.readAttributes == null) { setReadAttributes(new java.util.ArrayList* The read attributes. *
* * @param readAttributes * The read attributes. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withReadAttributes(java.util.Collection* The user pool attributes that the app client can write to. *
** If your app client allows users to sign in through an IdP, this array must include all attributes that you have * mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through * an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when * it tries to update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
* * @return The user pool attributes that the app client can write to. *
* If your app client allows users to sign in through an IdP, this array must include all attributes that
* you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your
* application through an IdP. If your app client does not have write access to a mapped attribute, Amazon
* Cognito throws an error when it tries to update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool.
*/
public java.util.List
* The user pool attributes that the app client can write to.
*
* If your app client allows users to sign in through an IdP, this array must include all attributes that you have
* mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through
* an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when
* it tries to update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool.
*
* If your app client allows users to sign in through an IdP, this array must include all attributes that you
* have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your
* application through an IdP. If your app client does not have write access to a mapped attribute, Amazon
* Cognito throws an error when it tries to update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool.
*/
public void setWriteAttributes(java.util.Collection
* The user pool attributes that the app client can write to.
*
* If your app client allows users to sign in through an IdP, this array must include all attributes that you have
* mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through
* an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when
* it tries to update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool.
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setWriteAttributes(java.util.Collection)} or {@link #withWriteAttributes(java.util.Collection)} if you
* want to override the existing values.
*
* If your app client allows users to sign in through an IdP, this array must include all attributes that you
* have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your
* application through an IdP. If your app client does not have write access to a mapped attribute, Amazon
* Cognito throws an error when it tries to update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateUserPoolClientRequest withWriteAttributes(String... writeAttributes) {
if (this.writeAttributes == null) {
setWriteAttributes(new java.util.ArrayList
* The user pool attributes that the app client can write to.
*
* If your app client allows users to sign in through an IdP, this array must include all attributes that you have
* mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through
* an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when
* it tries to update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool.
*
* If your app client allows users to sign in through an IdP, this array must include all attributes that you
* have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your
* application through an IdP. If your app client does not have write access to a mapped attribute, Amazon
* Cognito throws an error when it tries to update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateUserPoolClientRequest withWriteAttributes(java.util.Collection
* The authentication flows that you want your user pool client to support. For each app client in your user pool,
* you can sign in your users with any combination of one or more flows, including with a user name and Secure
* Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda
* functions.
*
* If you don't specify a value for
* Valid values include:
*
*
*
*
*
*
* In some environments, you will see the values ExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
*
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With
* this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of
* using the Secure Remote Password (SRP) protocol to securely transmit the password.
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito
* receives the password in the request instead of using the SRP protocol to verify passwords.
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
* ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
* or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user
* pool clients at the same time as values that begin with ALLOW_, like
* ALLOW_USER_SRP_AUTH.
*
* If you don't specify a value for ExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and
* ALLOW_CUSTOM_AUTH.
*
* Valid values include: *
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting.
* With this authentication flow, your app passes a user name and password to Amazon Cognito in the request,
* instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
*
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
*
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon
* Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
*
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
*
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
*
* In some environments, you will see the values
* The authentication flows that you want your user pool client to support. For each app client in your user pool,
* you can sign in your users with any combination of one or more flows, including with a user name and Secure
* Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda
* functions.
*
* If you don't specify a value for
* Valid values include:
*
*
*
*
*
*
* In some environments, you will see the values ADMIN_NO_SRP_AUTH,
* CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy
* ExplicitAuthFlows values to user pool clients at the same time as values that begin with
* ALLOW_, like ALLOW_USER_SRP_AUTH.
* @see ExplicitAuthFlowsType
*/
public java.util.ListExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
*
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With
* this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of
* using the Secure Remote Password (SRP) protocol to securely transmit the password.
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito
* receives the password in the request instead of using the SRP protocol to verify passwords.
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
* ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
* or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user
* pool clients at the same time as values that begin with ALLOW_, like
* ALLOW_USER_SRP_AUTH.
*
* If you don't specify a value for ExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and
* ALLOW_CUSTOM_AUTH.
*
* Valid values include: *
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting.
* With this authentication flow, your app passes a user name and password to Amazon Cognito in the request,
* instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
*
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
*
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon
* Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
*
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
*
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
*
* In some environments, you will see the values
* The authentication flows that you want your user pool client to support. For each app client in your user pool,
* you can sign in your users with any combination of one or more flows, including with a user name and Secure
* Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda
* functions.
*
* If you don't specify a value for
* Valid values include:
*
*
*
*
*
*
* In some environments, you will see the values
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setExplicitAuthFlows(java.util.Collection)} or {@link #withExplicitAuthFlows(java.util.Collection)} if
* you want to override the existing values.
* ADMIN_NO_SRP_AUTH,
* CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy
* ExplicitAuthFlows values to user pool clients at the same time as values that begin with
* ALLOW_, like ALLOW_USER_SRP_AUTH.
* @see ExplicitAuthFlowsType
*/
public void setExplicitAuthFlows(java.util.CollectionExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
*
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With
* this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of
* using the Secure Remote Password (SRP) protocol to securely transmit the password.
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito
* receives the password in the request instead of using the SRP protocol to verify passwords.
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
* ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
* or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user
* pool clients at the same time as values that begin with ALLOW_, like
* ALLOW_USER_SRP_AUTH.
*
* If you don't specify a value for ExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and
* ALLOW_CUSTOM_AUTH.
*
* Valid values include: *
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting.
* With this authentication flow, your app passes a user name and password to Amazon Cognito in the request,
* instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
*
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
*
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon
* Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
*
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
*
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
*
* In some environments, you will see the values
* The authentication flows that you want your user pool client to support. For each app client in your user pool,
* you can sign in your users with any combination of one or more flows, including with a user name and Secure
* Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda
* functions.
*
* If you don't specify a value for
* Valid values include:
*
*
*
*
*
*
* In some environments, you will see the values ADMIN_NO_SRP_AUTH,
* CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy
* ExplicitAuthFlows values to user pool clients at the same time as values that begin with
* ALLOW_, like ALLOW_USER_SRP_AUTH.
* @return Returns a reference to this object so that method calls can be chained together.
* @see ExplicitAuthFlowsType
*/
public CreateUserPoolClientRequest withExplicitAuthFlows(String... explicitAuthFlows) {
if (this.explicitAuthFlows == null) {
setExplicitAuthFlows(new java.util.ArrayListExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
*
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With
* this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of
* using the Secure Remote Password (SRP) protocol to securely transmit the password.
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito
* receives the password in the request instead of using the SRP protocol to verify passwords.
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
* ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
* or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user
* pool clients at the same time as values that begin with ALLOW_, like
* ALLOW_USER_SRP_AUTH.
*
* If you don't specify a value for ExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and
* ALLOW_CUSTOM_AUTH.
*
* Valid values include: *
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting.
* With this authentication flow, your app passes a user name and password to Amazon Cognito in the request,
* instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
*
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
*
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon
* Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
*
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
*
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
*
* In some environments, you will see the values
* The authentication flows that you want your user pool client to support. For each app client in your user pool,
* you can sign in your users with any combination of one or more flows, including with a user name and Secure
* Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda
* functions.
*
* If you don't specify a value for
* Valid values include:
*
*
*
*
*
*
* In some environments, you will see the values ADMIN_NO_SRP_AUTH,
* CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy
* ExplicitAuthFlows values to user pool clients at the same time as values that begin with
* ALLOW_, like ALLOW_USER_SRP_AUTH.
* @return Returns a reference to this object so that method calls can be chained together.
* @see ExplicitAuthFlowsType
*/
public CreateUserPoolClientRequest withExplicitAuthFlows(java.util.CollectionExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
*
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With
* this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of
* using the Secure Remote Password (SRP) protocol to securely transmit the password.
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito
* receives the password in the request instead of using the SRP protocol to verify passwords.
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
* ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
* or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user
* pool clients at the same time as values that begin with ALLOW_, like
* ALLOW_USER_SRP_AUTH.
*
* If you don't specify a value for ExplicitAuthFlows, your user client supports
* ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and
* ALLOW_CUSTOM_AUTH.
*
* Valid values include: *
*
* ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow
* ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting.
* With this authentication flow, your app passes a user name and password to Amazon Cognito in the request,
* instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
*
* ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
*
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon
* Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
*
* ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
*
* ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
*
* In some environments, you will see the values
* A list of provider names for the identity providers (IdPs) that are supported on this client. The following are
* supported:
* A list of provider names for the identity providers (IdPs) that are supported on this client. The following are
* supported:
* A list of provider names for the identity providers (IdPs) that are supported on this client. The following are
* supported:
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setSupportedIdentityProviders(java.util.Collection)} or
* {@link #withSupportedIdentityProviders(java.util.Collection)} if you want to override the existing values.
*
* A list of provider names for the identity providers (IdPs) that are supported on this client. The following are
* supported:
* A list of allowed redirect (callback) URLs for the IdPs.
*
* A redirect URI must:
*
* Be an absolute URI.
*
* Be registered with the authorization server.
*
* Not include a fragment component.
*
* See OAuth 2.0 - Redirection Endpoint.
*
* Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
*
* App callback URLs such as myapp://example are also supported.
* ADMIN_NO_SRP_AUTH,
* CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy
* ExplicitAuthFlows values to user pool clients at the same time as values that begin with
* ALLOW_, like ALLOW_USER_SRP_AUTH.
* @return Returns a reference to this object so that method calls can be chained together.
* @see ExplicitAuthFlowsType
*/
public CreateUserPoolClientRequest withExplicitAuthFlows(ExplicitAuthFlowsType... explicitAuthFlows) {
java.util.ArrayListCOGNITO, Facebook, Google, SignInWithApple, and
* LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in
* your user pool, for example MySAMLIdP or MyOIDCIdP.
* COGNITO, Facebook, Google,
* SignInWithApple, and LoginWithAmazon. You can also specify the names that you
* configured for the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or
* MyOIDCIdP.
*/
public java.util.ListCOGNITO, Facebook, Google, SignInWithApple, and
* LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in
* your user pool, for example MySAMLIdP or MyOIDCIdP.
* COGNITO, Facebook, Google,
* SignInWithApple, and LoginWithAmazon. You can also specify the names that you
* configured for the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or
* MyOIDCIdP.
*/
public void setSupportedIdentityProviders(java.util.CollectionCOGNITO, Facebook, Google, SignInWithApple, and
* LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in
* your user pool, for example MySAMLIdP or MyOIDCIdP.
* COGNITO, Facebook, Google,
* SignInWithApple, and LoginWithAmazon. You can also specify the names that you
* configured for the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or
* MyOIDCIdP.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateUserPoolClientRequest withSupportedIdentityProviders(String... supportedIdentityProviders) {
if (this.supportedIdentityProviders == null) {
setSupportedIdentityProviders(new java.util.ArrayListCOGNITO, Facebook, Google, SignInWithApple, and
* LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in
* your user pool, for example MySAMLIdP or MyOIDCIdP.
* COGNITO, Facebook, Google,
* SignInWithApple, and LoginWithAmazon. You can also specify the names that you
* configured for the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or
* MyOIDCIdP.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateUserPoolClientRequest withSupportedIdentityProviders(java.util.Collection
*
*
* A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
*
* App callback URLs such as myapp://example are also supported.
*/
public java.util.List
* A list of allowed redirect (callback) URLs for the IdPs.
*
* A redirect URI must:
*
* Be an absolute URI.
*
* Be registered with the authorization server.
*
* Not include a fragment component.
*
* See OAuth 2.0 - Redirection Endpoint.
*
* Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
*
* App callback URLs such as myapp://example are also supported.
*
*
*
* A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
*
* App callback URLs such as myapp://example are also supported.
*/
public void setCallbackURLs(java.util.Collection
* A list of allowed redirect (callback) URLs for the IdPs.
*
* A redirect URI must:
*
* Be an absolute URI.
*
* Be registered with the authorization server.
*
* Not include a fragment component.
*
* See OAuth 2.0 - Redirection Endpoint.
*
* Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
*
* App callback URLs such as myapp://example are also supported.
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setCallbackURLs(java.util.Collection)} or {@link #withCallbackURLs(java.util.Collection)} if you want to
* override the existing values.
*
*
*
* A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
*
* App callback URLs such as myapp://example are also supported.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateUserPoolClientRequest withCallbackURLs(String... callbackURLs) {
if (this.callbackURLs == null) {
setCallbackURLs(new java.util.ArrayList
* A list of allowed redirect (callback) URLs for the IdPs.
*
* A redirect URI must:
*
* Be an absolute URI.
*
* Be registered with the authorization server.
*
* Not include a fragment component.
*
* See OAuth 2.0 - Redirection Endpoint.
*
* Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
*
* App callback URLs such as myapp://example are also supported.
*
*
*
* A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
*
* App callback URLs such as myapp://example are also supported.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateUserPoolClientRequest withCallbackURLs(java.util.Collection
* A list of allowed logout URLs for the IdPs.
*
* A list of allowed logout URLs for the IdPs.
*
* A list of allowed logout URLs for the IdPs.
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setLogoutURLs(java.util.Collection)} or {@link #withLogoutURLs(java.util.Collection)} if you want to
* override the existing values.
*
* A list of allowed logout URLs for the IdPs.
*
* The default redirect URI. Must be in the
* A redirect URI must:
*
* Be an absolute URI.
*
* Be registered with the authorization server.
*
* Not include a fragment component.
*
* See OAuth 2.0 - Redirection Endpoint.
*
* Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
*
* App callback URLs such as myapp://example are also supported.
* CallbackURLs list.
*
*
* CallbackURLs list.
* A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
** App callback URLs such as myapp://example are also supported. */ public void setDefaultRedirectURI(String defaultRedirectURI) { this.defaultRedirectURI = defaultRedirectURI; } /** *
* The default redirect URI. Must be in the CallbackURLs list.
*
* A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
** App callback URLs such as myapp://example are also supported. *
* * @return The default redirect URI. Must be in theCallbackURLs list.
* * A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
** App callback URLs such as myapp://example are also supported. */ public String getDefaultRedirectURI() { return this.defaultRedirectURI; } /** *
* The default redirect URI. Must be in the CallbackURLs list.
*
* A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
** App callback URLs such as myapp://example are also supported. *
* * @param defaultRedirectURI * The default redirect URI. Must be in theCallbackURLs list.
* * A redirect URI must: *
** Be an absolute URI. *
** Be registered with the authorization server. *
** Not include a fragment component. *
** See OAuth 2.0 - Redirection Endpoint. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. *
** App callback URLs such as myapp://example are also supported. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withDefaultRedirectURI(String defaultRedirectURI) { setDefaultRedirectURI(defaultRedirectURI); return this; } /** *
* The allowed OAuth flows. *
*
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for
* access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged
* for access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* The allowed OAuth flows. *
*
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for
* access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged
* for access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* The allowed OAuth flows. *
*
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for
* access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* NOTE: This method appends the values to the existing list (if any). Use * {@link #setAllowedOAuthFlows(java.util.Collection)} or {@link #withAllowedOAuthFlows(java.util.Collection)} if * you want to override the existing values. *
* * @param allowedOAuthFlows * The allowed OAuth flows. *
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged
* for access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* The allowed OAuth flows. *
*
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for
* access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged
* for access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* The allowed OAuth flows. *
*
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for
* access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* Use a code grant flow, which provides an authorization code as the response. This code can be exchanged
* for access tokens with the /oauth2/token endpoint.
*
* Issue the access token (and, optionally, ID token, based on scopes) directly to your user. *
*
* Issue the access token from the /oauth2/token endpoint directly to a non-person user using a
* combination of the client ID and client secret.
*
* The allowed OAuth scopes. Possible values provided by OAuth are phone, email,
* openid, and profile. Possible values provided by Amazon Web Services are
* aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
*
phone, email,
* openid, and profile. Possible values provided by Amazon Web Services are
* aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
*/
public java.util.List
* The allowed OAuth scopes. Possible values provided by OAuth are phone, email,
* openid, and profile. Possible values provided by Amazon Web Services are
* aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
*
phone, email,
* openid, and profile. Possible values provided by Amazon Web Services are
* aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
*/
public void setAllowedOAuthScopes(java.util.Collection
* The allowed OAuth scopes. Possible values provided by OAuth are phone, email,
* openid, and profile. Possible values provided by Amazon Web Services are
* aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
*
* NOTE: This method appends the values to the existing list (if any). Use * {@link #setAllowedOAuthScopes(java.util.Collection)} or {@link #withAllowedOAuthScopes(java.util.Collection)} if * you want to override the existing values. *
* * @param allowedOAuthScopes * The allowed OAuth scopes. Possible values provided by OAuth arephone, email,
* openid, and profile. Possible values provided by Amazon Web Services are
* aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateUserPoolClientRequest withAllowedOAuthScopes(String... allowedOAuthScopes) {
if (this.allowedOAuthScopes == null) {
setAllowedOAuthScopes(new java.util.ArrayList
* The allowed OAuth scopes. Possible values provided by OAuth are phone, email,
* openid, and profile. Possible values provided by Amazon Web Services are
* aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
*
phone, email,
* openid, and profile. Possible values provided by Amazon Web Services are
* aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateUserPoolClientRequest withAllowedOAuthScopes(java.util.Collection* Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user * pools. *
* * @param allowedOAuthFlowsUserPoolClient * Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito * user pools. */ public void setAllowedOAuthFlowsUserPoolClient(Boolean allowedOAuthFlowsUserPoolClient) { this.allowedOAuthFlowsUserPoolClient = allowedOAuthFlowsUserPoolClient; } /** ** Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user * pools. *
* * @return Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito * user pools. */ public Boolean getAllowedOAuthFlowsUserPoolClient() { return this.allowedOAuthFlowsUserPoolClient; } /** ** Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user * pools. *
* * @param allowedOAuthFlowsUserPoolClient * Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito * user pools. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withAllowedOAuthFlowsUserPoolClient(Boolean allowedOAuthFlowsUserPoolClient) { setAllowedOAuthFlowsUserPoolClient(allowedOAuthFlowsUserPoolClient); return this; } /** ** Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user * pools. *
* * @return Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito * user pools. */ public Boolean isAllowedOAuthFlowsUserPoolClient() { return this.allowedOAuthFlowsUserPoolClient; } /** ** The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign. *
** In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only support sending events to * Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where Amazon Pinpoint is available, * user pools support sending events to Amazon Pinpoint projects within that same Region. *
** In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only support sending * events to Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where Amazon * Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same * Region. *
*/ public void setAnalyticsConfiguration(AnalyticsConfigurationType analyticsConfiguration) { this.analyticsConfiguration = analyticsConfiguration; } /** ** The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign. *
** In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only support sending events to * Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where Amazon Pinpoint is available, * user pools support sending events to Amazon Pinpoint projects within that same Region. *
** In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only support sending * events to Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where Amazon * Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same * Region. *
*/ public AnalyticsConfigurationType getAnalyticsConfiguration() { return this.analyticsConfiguration; } /** ** The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign. *
** In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only support sending events to * Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where Amazon Pinpoint is available, * user pools support sending events to Amazon Pinpoint projects within that same Region. *
** In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only support sending * events to Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where Amazon * Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same * Region. *
* @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withAnalyticsConfiguration(AnalyticsConfigurationType analyticsConfiguration) { setAnalyticsConfiguration(analyticsConfiguration); return this; } /** *
* Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and
* password recovery when the user doesn't exist in the user pool. When set to ENABLED and the user
* doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account
* confirmation and password recovery return a response indicating a code was sent to a simulated destination. When
* set to LEGACY, those APIs return a UserNotFoundException exception if the user doesn't
* exist in the user pool.
*
* Valid values include: *
*
* ENABLED - This prevents user existence-related errors.
*
* LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors
* aren't prevented.
*
ENABLED and the user doesn't exist, authentication returns an error indicating either the
* username or password was incorrect. Account confirmation and password recovery return a response
* indicating a code was sent to a simulated destination. When set to LEGACY, those APIs return
* a UserNotFoundException exception if the user doesn't exist in the user pool.
* * Valid values include: *
*
* ENABLED - This prevents user existence-related errors.
*
* LEGACY - This represents the early behavior of Amazon Cognito where user existence related
* errors aren't prevented.
*
* Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and
* password recovery when the user doesn't exist in the user pool. When set to ENABLED and the user
* doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account
* confirmation and password recovery return a response indicating a code was sent to a simulated destination. When
* set to LEGACY, those APIs return a UserNotFoundException exception if the user doesn't
* exist in the user pool.
*
* Valid values include: *
*
* ENABLED - This prevents user existence-related errors.
*
* LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors
* aren't prevented.
*
ENABLED and the user doesn't exist, authentication returns an error indicating either the
* username or password was incorrect. Account confirmation and password recovery return a response
* indicating a code was sent to a simulated destination. When set to LEGACY, those APIs return
* a UserNotFoundException exception if the user doesn't exist in the user pool.
* * Valid values include: *
*
* ENABLED - This prevents user existence-related errors.
*
* LEGACY - This represents the early behavior of Amazon Cognito where user existence related
* errors aren't prevented.
*
* Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and
* password recovery when the user doesn't exist in the user pool. When set to ENABLED and the user
* doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account
* confirmation and password recovery return a response indicating a code was sent to a simulated destination. When
* set to LEGACY, those APIs return a UserNotFoundException exception if the user doesn't
* exist in the user pool.
*
* Valid values include: *
*
* ENABLED - This prevents user existence-related errors.
*
* LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors
* aren't prevented.
*
ENABLED and the user doesn't exist, authentication returns an error indicating either the
* username or password was incorrect. Account confirmation and password recovery return a response
* indicating a code was sent to a simulated destination. When set to LEGACY, those APIs return
* a UserNotFoundException exception if the user doesn't exist in the user pool.
* * Valid values include: *
*
* ENABLED - This prevents user existence-related errors.
*
* LEGACY - This represents the early behavior of Amazon Cognito where user existence related
* errors aren't prevented.
*
* Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and
* password recovery when the user doesn't exist in the user pool. When set to ENABLED and the user
* doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account
* confirmation and password recovery return a response indicating a code was sent to a simulated destination. When
* set to LEGACY, those APIs return a UserNotFoundException exception if the user doesn't
* exist in the user pool.
*
* Valid values include: *
*
* ENABLED - This prevents user existence-related errors.
*
* LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors
* aren't prevented.
*
ENABLED and the user doesn't exist, authentication returns an error indicating either the
* username or password was incorrect. Account confirmation and password recovery return a response
* indicating a code was sent to a simulated destination. When set to LEGACY, those APIs return
* a UserNotFoundException exception if the user doesn't exist in the user pool.
* * Valid values include: *
*
* ENABLED - This prevents user existence-related errors.
*
* LEGACY - This represents the early behavior of Amazon Cognito where user existence related
* errors aren't prevented.
*
* Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken. *
** If you don't include this parameter, token revocation is automatically activated for the new user pool client. *
* * @param enableTokenRevocation * Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken. ** If you don't include this parameter, token revocation is automatically activated for the new user pool * client. */ public void setEnableTokenRevocation(Boolean enableTokenRevocation) { this.enableTokenRevocation = enableTokenRevocation; } /** *
* Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken. *
** If you don't include this parameter, token revocation is automatically activated for the new user pool client. *
* * @return Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken. ** If you don't include this parameter, token revocation is automatically activated for the new user pool * client. */ public Boolean getEnableTokenRevocation() { return this.enableTokenRevocation; } /** *
* Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken. *
** If you don't include this parameter, token revocation is automatically activated for the new user pool client. *
* * @param enableTokenRevocation * Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken. ** If you don't include this parameter, token revocation is automatically activated for the new user pool * client. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateUserPoolClientRequest withEnableTokenRevocation(Boolean enableTokenRevocation) { setEnableTokenRevocation(enableTokenRevocation); return this; } /** *
* Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken. *
** If you don't include this parameter, token revocation is automatically activated for the new user pool client. *
* * @return Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken. ** If you don't include this parameter, token revocation is automatically activated for the new user pool * client. */ public Boolean isEnableTokenRevocation() { return this.enableTokenRevocation; } /** *
* Activates the propagation of additional user context data. For more information about propagation of user context
* data, see
* Adding advanced security to a user pool. If you don’t include this parameter, you can't send device
* fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate
* EnablePropagateAdditionalUserContextData in an app client that has a client secret.
*
EnablePropagateAdditionalUserContextData in an app client that has a client secret.
*/
public void setEnablePropagateAdditionalUserContextData(Boolean enablePropagateAdditionalUserContextData) {
this.enablePropagateAdditionalUserContextData = enablePropagateAdditionalUserContextData;
}
/**
*
* Activates the propagation of additional user context data. For more information about propagation of user context
* data, see
* Adding advanced security to a user pool. If you don’t include this parameter, you can't send device
* fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate
* EnablePropagateAdditionalUserContextData in an app client that has a client secret.
*
EnablePropagateAdditionalUserContextData in an app client that has a client secret.
*/
public Boolean getEnablePropagateAdditionalUserContextData() {
return this.enablePropagateAdditionalUserContextData;
}
/**
*
* Activates the propagation of additional user context data. For more information about propagation of user context
* data, see
* Adding advanced security to a user pool. If you don’t include this parameter, you can't send device
* fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate
* EnablePropagateAdditionalUserContextData in an app client that has a client secret.
*
EnablePropagateAdditionalUserContextData in an app client that has a client secret.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateUserPoolClientRequest withEnablePropagateAdditionalUserContextData(Boolean enablePropagateAdditionalUserContextData) {
setEnablePropagateAdditionalUserContextData(enablePropagateAdditionalUserContextData);
return this;
}
/**
*
* Activates the propagation of additional user context data. For more information about propagation of user context
* data, see
* Adding advanced security to a user pool. If you don’t include this parameter, you can't send device
* fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate
* EnablePropagateAdditionalUserContextData in an app client that has a client secret.
*
EnablePropagateAdditionalUserContextData in an app client that has a client secret.
*/
public Boolean isEnablePropagateAdditionalUserContextData() {
return this.enablePropagateAdditionalUserContextData;
}
/**
*
* Amazon Cognito creates a session token for each API request in an authentication flow.
* AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user
* must respond to each authentication challenge before the session expires.
*
AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native
* user must respond to each authentication challenge before the session expires.
*/
public void setAuthSessionValidity(Integer authSessionValidity) {
this.authSessionValidity = authSessionValidity;
}
/**
*
* Amazon Cognito creates a session token for each API request in an authentication flow.
* AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user
* must respond to each authentication challenge before the session expires.
*
AuthSessionValidity is the duration, in minutes, of that session token. Your user pool
* native user must respond to each authentication challenge before the session expires.
*/
public Integer getAuthSessionValidity() {
return this.authSessionValidity;
}
/**
*
* Amazon Cognito creates a session token for each API request in an authentication flow.
* AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user
* must respond to each authentication challenge before the session expires.
*
AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native
* user must respond to each authentication challenge before the session expires.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public CreateUserPoolClientRequest withAuthSessionValidity(Integer authSessionValidity) {
setAuthSessionValidity(authSessionValidity);
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getUserPoolId() != null)
sb.append("UserPoolId: ").append(getUserPoolId()).append(",");
if (getClientName() != null)
sb.append("ClientName: ").append(getClientName()).append(",");
if (getGenerateSecret() != null)
sb.append("GenerateSecret: ").append(getGenerateSecret()).append(",");
if (getRefreshTokenValidity() != null)
sb.append("RefreshTokenValidity: ").append(getRefreshTokenValidity()).append(",");
if (getAccessTokenValidity() != null)
sb.append("AccessTokenValidity: ").append(getAccessTokenValidity()).append(",");
if (getIdTokenValidity() != null)
sb.append("IdTokenValidity: ").append(getIdTokenValidity()).append(",");
if (getTokenValidityUnits() != null)
sb.append("TokenValidityUnits: ").append(getTokenValidityUnits()).append(",");
if (getReadAttributes() != null)
sb.append("ReadAttributes: ").append(getReadAttributes()).append(",");
if (getWriteAttributes() != null)
sb.append("WriteAttributes: ").append(getWriteAttributes()).append(",");
if (getExplicitAuthFlows() != null)
sb.append("ExplicitAuthFlows: ").append(getExplicitAuthFlows()).append(",");
if (getSupportedIdentityProviders() != null)
sb.append("SupportedIdentityProviders: ").append(getSupportedIdentityProviders()).append(",");
if (getCallbackURLs() != null)
sb.append("CallbackURLs: ").append(getCallbackURLs()).append(",");
if (getLogoutURLs() != null)
sb.append("LogoutURLs: ").append(getLogoutURLs()).append(",");
if (getDefaultRedirectURI() != null)
sb.append("DefaultRedirectURI: ").append(getDefaultRedirectURI()).append(",");
if (getAllowedOAuthFlows() != null)
sb.append("AllowedOAuthFlows: ").append(getAllowedOAuthFlows()).append(",");
if (getAllowedOAuthScopes() != null)
sb.append("AllowedOAuthScopes: ").append(getAllowedOAuthScopes()).append(",");
if (getAllowedOAuthFlowsUserPoolClient() != null)
sb.append("AllowedOAuthFlowsUserPoolClient: ").append(getAllowedOAuthFlowsUserPoolClient()).append(",");
if (getAnalyticsConfiguration() != null)
sb.append("AnalyticsConfiguration: ").append(getAnalyticsConfiguration()).append(",");
if (getPreventUserExistenceErrors() != null)
sb.append("PreventUserExistenceErrors: ").append(getPreventUserExistenceErrors()).append(",");
if (getEnableTokenRevocation() != null)
sb.append("EnableTokenRevocation: ").append(getEnableTokenRevocation()).append(",");
if (getEnablePropagateAdditionalUserContextData() != null)
sb.append("EnablePropagateAdditionalUserContextData: ").append(getEnablePropagateAdditionalUserContextData()).append(",");
if (getAuthSessionValidity() != null)
sb.append("AuthSessionValidity: ").append(getAuthSessionValidity());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof CreateUserPoolClientRequest == false)
return false;
CreateUserPoolClientRequest other = (CreateUserPoolClientRequest) obj;
if (other.getUserPoolId() == null ^ this.getUserPoolId() == null)
return false;
if (other.getUserPoolId() != null && other.getUserPoolId().equals(this.getUserPoolId()) == false)
return false;
if (other.getClientName() == null ^ this.getClientName() == null)
return false;
if (other.getClientName() != null && other.getClientName().equals(this.getClientName()) == false)
return false;
if (other.getGenerateSecret() == null ^ this.getGenerateSecret() == null)
return false;
if (other.getGenerateSecret() != null && other.getGenerateSecret().equals(this.getGenerateSecret()) == false)
return false;
if (other.getRefreshTokenValidity() == null ^ this.getRefreshTokenValidity() == null)
return false;
if (other.getRefreshTokenValidity() != null && other.getRefreshTokenValidity().equals(this.getRefreshTokenValidity()) == false)
return false;
if (other.getAccessTokenValidity() == null ^ this.getAccessTokenValidity() == null)
return false;
if (other.getAccessTokenValidity() != null && other.getAccessTokenValidity().equals(this.getAccessTokenValidity()) == false)
return false;
if (other.getIdTokenValidity() == null ^ this.getIdTokenValidity() == null)
return false;
if (other.getIdTokenValidity() != null && other.getIdTokenValidity().equals(this.getIdTokenValidity()) == false)
return false;
if (other.getTokenValidityUnits() == null ^ this.getTokenValidityUnits() == null)
return false;
if (other.getTokenValidityUnits() != null && other.getTokenValidityUnits().equals(this.getTokenValidityUnits()) == false)
return false;
if (other.getReadAttributes() == null ^ this.getReadAttributes() == null)
return false;
if (other.getReadAttributes() != null && other.getReadAttributes().equals(this.getReadAttributes()) == false)
return false;
if (other.getWriteAttributes() == null ^ this.getWriteAttributes() == null)
return false;
if (other.getWriteAttributes() != null && other.getWriteAttributes().equals(this.getWriteAttributes()) == false)
return false;
if (other.getExplicitAuthFlows() == null ^ this.getExplicitAuthFlows() == null)
return false;
if (other.getExplicitAuthFlows() != null && other.getExplicitAuthFlows().equals(this.getExplicitAuthFlows()) == false)
return false;
if (other.getSupportedIdentityProviders() == null ^ this.getSupportedIdentityProviders() == null)
return false;
if (other.getSupportedIdentityProviders() != null && other.getSupportedIdentityProviders().equals(this.getSupportedIdentityProviders()) == false)
return false;
if (other.getCallbackURLs() == null ^ this.getCallbackURLs() == null)
return false;
if (other.getCallbackURLs() != null && other.getCallbackURLs().equals(this.getCallbackURLs()) == false)
return false;
if (other.getLogoutURLs() == null ^ this.getLogoutURLs() == null)
return false;
if (other.getLogoutURLs() != null && other.getLogoutURLs().equals(this.getLogoutURLs()) == false)
return false;
if (other.getDefaultRedirectURI() == null ^ this.getDefaultRedirectURI() == null)
return false;
if (other.getDefaultRedirectURI() != null && other.getDefaultRedirectURI().equals(this.getDefaultRedirectURI()) == false)
return false;
if (other.getAllowedOAuthFlows() == null ^ this.getAllowedOAuthFlows() == null)
return false;
if (other.getAllowedOAuthFlows() != null && other.getAllowedOAuthFlows().equals(this.getAllowedOAuthFlows()) == false)
return false;
if (other.getAllowedOAuthScopes() == null ^ this.getAllowedOAuthScopes() == null)
return false;
if (other.getAllowedOAuthScopes() != null && other.getAllowedOAuthScopes().equals(this.getAllowedOAuthScopes()) == false)
return false;
if (other.getAllowedOAuthFlowsUserPoolClient() == null ^ this.getAllowedOAuthFlowsUserPoolClient() == null)
return false;
if (other.getAllowedOAuthFlowsUserPoolClient() != null
&& other.getAllowedOAuthFlowsUserPoolClient().equals(this.getAllowedOAuthFlowsUserPoolClient()) == false)
return false;
if (other.getAnalyticsConfiguration() == null ^ this.getAnalyticsConfiguration() == null)
return false;
if (other.getAnalyticsConfiguration() != null && other.getAnalyticsConfiguration().equals(this.getAnalyticsConfiguration()) == false)
return false;
if (other.getPreventUserExistenceErrors() == null ^ this.getPreventUserExistenceErrors() == null)
return false;
if (other.getPreventUserExistenceErrors() != null && other.getPreventUserExistenceErrors().equals(this.getPreventUserExistenceErrors()) == false)
return false;
if (other.getEnableTokenRevocation() == null ^ this.getEnableTokenRevocation() == null)
return false;
if (other.getEnableTokenRevocation() != null && other.getEnableTokenRevocation().equals(this.getEnableTokenRevocation()) == false)
return false;
if (other.getEnablePropagateAdditionalUserContextData() == null ^ this.getEnablePropagateAdditionalUserContextData() == null)
return false;
if (other.getEnablePropagateAdditionalUserContextData() != null
&& other.getEnablePropagateAdditionalUserContextData().equals(this.getEnablePropagateAdditionalUserContextData()) == false)
return false;
if (other.getAuthSessionValidity() == null ^ this.getAuthSessionValidity() == null)
return false;
if (other.getAuthSessionValidity() != null && other.getAuthSessionValidity().equals(this.getAuthSessionValidity()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getUserPoolId() == null) ? 0 : getUserPoolId().hashCode());
hashCode = prime * hashCode + ((getClientName() == null) ? 0 : getClientName().hashCode());
hashCode = prime * hashCode + ((getGenerateSecret() == null) ? 0 : getGenerateSecret().hashCode());
hashCode = prime * hashCode + ((getRefreshTokenValidity() == null) ? 0 : getRefreshTokenValidity().hashCode());
hashCode = prime * hashCode + ((getAccessTokenValidity() == null) ? 0 : getAccessTokenValidity().hashCode());
hashCode = prime * hashCode + ((getIdTokenValidity() == null) ? 0 : getIdTokenValidity().hashCode());
hashCode = prime * hashCode + ((getTokenValidityUnits() == null) ? 0 : getTokenValidityUnits().hashCode());
hashCode = prime * hashCode + ((getReadAttributes() == null) ? 0 : getReadAttributes().hashCode());
hashCode = prime * hashCode + ((getWriteAttributes() == null) ? 0 : getWriteAttributes().hashCode());
hashCode = prime * hashCode + ((getExplicitAuthFlows() == null) ? 0 : getExplicitAuthFlows().hashCode());
hashCode = prime * hashCode + ((getSupportedIdentityProviders() == null) ? 0 : getSupportedIdentityProviders().hashCode());
hashCode = prime * hashCode + ((getCallbackURLs() == null) ? 0 : getCallbackURLs().hashCode());
hashCode = prime * hashCode + ((getLogoutURLs() == null) ? 0 : getLogoutURLs().hashCode());
hashCode = prime * hashCode + ((getDefaultRedirectURI() == null) ? 0 : getDefaultRedirectURI().hashCode());
hashCode = prime * hashCode + ((getAllowedOAuthFlows() == null) ? 0 : getAllowedOAuthFlows().hashCode());
hashCode = prime * hashCode + ((getAllowedOAuthScopes() == null) ? 0 : getAllowedOAuthScopes().hashCode());
hashCode = prime * hashCode + ((getAllowedOAuthFlowsUserPoolClient() == null) ? 0 : getAllowedOAuthFlowsUserPoolClient().hashCode());
hashCode = prime * hashCode + ((getAnalyticsConfiguration() == null) ? 0 : getAnalyticsConfiguration().hashCode());
hashCode = prime * hashCode + ((getPreventUserExistenceErrors() == null) ? 0 : getPreventUserExistenceErrors().hashCode());
hashCode = prime * hashCode + ((getEnableTokenRevocation() == null) ? 0 : getEnableTokenRevocation().hashCode());
hashCode = prime * hashCode + ((getEnablePropagateAdditionalUserContextData() == null) ? 0 : getEnablePropagateAdditionalUserContextData().hashCode());
hashCode = prime * hashCode + ((getAuthSessionValidity() == null) ? 0 : getAuthSessionValidity().hashCode());
return hashCode;
}
@Override
public CreateUserPoolClientRequest clone() {
return (CreateUserPoolClientRequest) super.clone();
}
}