cognitoidentityprovider/aws.sdk.kotlin.services.cognitoidentityprovider/CognitoIdentityProviderClient/createUserPoolClient

createUserPoolClient

abstract suspend fun createUserPoolClient(input: CreateUserPoolClientRequest): CreateUserPoolClientResponse

Creates the user pool client.

When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, see RevokeToken.

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Samples

import aws.sdk.kotlin.services.cognitoidentityprovider.model.ExplicitAuthFlowsType
import aws.sdk.kotlin.services.cognitoidentityprovider.model.OAuthFlowType
fun main() { 
   //sampleStart 
   // The following example creates an app client with all configurable properties set to an example
// value. The resulting user pool client connects to an analytics client, allows sign in with username and
// password, and has two external identity providers associated with it.
val resp = cognitoIdentityProviderClient.createUserPoolClient {
    accessTokenValidity = 6
    allowedOAuthFlows = listOf<OAuthFlowType>(
        OAuthFlowType.fromValue("code")
    )
    allowedOAuthFlowsUserPoolClient = true
    allowedOAuthScopes = listOf<String>(
        "aws.cognito.signin.user.admin",
        "openid"
    )
    analyticsConfiguration = AnalyticsConfigurationType {
        applicationId = "d70b2ba36a8c4dc5a04a0451a31a1e12"
        externalId = "my-external-id"
        roleArn = "arn:aws:iam::123456789012:role/test-cognitouserpool-role"
        userDataShared = true
    }
    callbackUrls = listOf<String>(
        "https://example.com",
        "http://localhost",
        "myapp://example"
    )
    clientName = "my-test-app-client"
    defaultRedirectUri = "https://example.com"
    explicitAuthFlows = listOf<ExplicitAuthFlowsType>(
        ExplicitAuthFlowsType.fromValue("ALLOW_ADMIN_USER_PASSWORD_AUTH"),
        ExplicitAuthFlowsType.fromValue("ALLOW_USER_PASSWORD_AUTH"),
        ExplicitAuthFlowsType.fromValue("ALLOW_REFRESH_TOKEN_AUTH")
    )
    generateSecret = true
    idTokenValidity = 6
    logoutUrls = listOf<String>(
        "https://example.com/logout"
    )
    preventUserExistenceErrors = PreventUserExistenceErrorTypes.fromValue("ENABLED")
    readAttributes = listOf<String>(
        "email",
        "address",
        "preferred_username"
    )
    refreshTokenValidity = 6
    supportedIdentityProviders = listOf<String>(
        "SignInWithApple",
        "MySSO"
    )
    tokenValidityUnits = TokenValidityUnitsType {
        accessToken = TimeUnitsType.fromValue("hours")
        idToken = TimeUnitsType.fromValue("minutes")
        refreshToken = TimeUnitsType.fromValue("days")
    }
    userPoolId = "us-east-1_EXAMPLE"
    writeAttributes = listOf<String>(
        "family_name",
        "email"
    )
} 
   //sampleEnd
}