AWS v6.73.0, Mar 19 25

AWS v6.73.0 published on Wednesday, Mar 19, 2025 by Pulumi

aws.cognito.getUserPoolClient

Explore with Pulumi AI

AWS v6.73.0 published on Wednesday, Mar 19, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const client = aws.cognito.getUserPoolClient({
    clientId: "38fjsnc484p94kpqsnet7mpld0",
    userPoolId: "us-west-2_aaaaaaaaa",
});

import pulumi
import pulumi_aws as aws

client = aws.cognito.get_user_pool_client(client_id="38fjsnc484p94kpqsnet7mpld0",
    user_pool_id="us-west-2_aaaaaaaaa")

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cognito.LookupUserPoolClient(ctx, &cognito.LookupUserPoolClientArgs{
			ClientId:   "38fjsnc484p94kpqsnet7mpld0",
			UserPoolId: "us-west-2_aaaaaaaaa",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var client = Aws.Cognito.GetUserPoolClient.Invoke(new()
    {
        ClientId = "38fjsnc484p94kpqsnet7mpld0",
        UserPoolId = "us-west-2_aaaaaaaaa",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cognito.CognitoFunctions;
import com.pulumi.aws.cognito.inputs.GetUserPoolClientArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var client = CognitoFunctions.getUserPoolClient(GetUserPoolClientArgs.builder()
            .clientId("38fjsnc484p94kpqsnet7mpld0")
            .userPoolId("us-west-2_aaaaaaaaa")
            .build());

    }
}

variables:
  client:
    fn::invoke:
      function: aws:cognito:getUserPoolClient
      arguments:
        clientId: 38fjsnc484p94kpqsnet7mpld0
        userPoolId: us-west-2_aaaaaaaaa

Using getUserPoolClient

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getUserPoolClient(args: GetUserPoolClientArgs, opts?: InvokeOptions): Promise<GetUserPoolClientResult>
function getUserPoolClientOutput(args: GetUserPoolClientOutputArgs, opts?: InvokeOptions): Output<GetUserPoolClientResult>

def get_user_pool_client(client_id: Optional[str] = None,
                         user_pool_id: Optional[str] = None,
                         opts: Optional[InvokeOptions] = None) -> GetUserPoolClientResult
def get_user_pool_client_output(client_id: Optional[pulumi.Input[str]] = None,
                         user_pool_id: Optional[pulumi.Input[str]] = None,
                         opts: Optional[InvokeOptions] = None) -> Output[GetUserPoolClientResult]

func LookupUserPoolClient(ctx *Context, args *LookupUserPoolClientArgs, opts ...InvokeOption) (*LookupUserPoolClientResult, error)
func LookupUserPoolClientOutput(ctx *Context, args *LookupUserPoolClientOutputArgs, opts ...InvokeOption) LookupUserPoolClientResultOutput

> Note: This function is named LookupUserPoolClient in the Go SDK.

public static class GetUserPoolClient 
{
    public static Task<GetUserPoolClientResult> InvokeAsync(GetUserPoolClientArgs args, InvokeOptions? opts = null)
    public static Output<GetUserPoolClientResult> Invoke(GetUserPoolClientInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetUserPoolClientResult> getUserPoolClient(GetUserPoolClientArgs args, InvokeOptions options)
public static Output<GetUserPoolClientResult> getUserPoolClient(GetUserPoolClientArgs args, InvokeOptions options)

fn::invoke:
  function: aws:cognito/getUserPoolClient:getUserPoolClient
  arguments:
    # arguments dictionary

The following arguments are supported:

ClientId string: Client Id of the user pool.
UserPoolId string: User pool the client belongs to.

ClientId string: Client Id of the user pool.
UserPoolId string: User pool the client belongs to.

clientId String: Client Id of the user pool.
userPoolId String: User pool the client belongs to.

clientId string: Client Id of the user pool.
userPoolId string: User pool the client belongs to.

client_id str: Client Id of the user pool.
user_pool_id str: User pool the client belongs to.

clientId String: Client Id of the user pool.
userPoolId String: User pool the client belongs to.

getUserPoolClient Result

The following output properties are available:

AccessTokenValidity int: (Optional) Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
AllowedOauthFlows List<string>: (Optional) List of allowed OAuth flows (code, implicit, client_credentials).
AllowedOauthFlowsUserPoolClient bool: (Optional) Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
AllowedOauthScopes List<string>: (Optional) List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
AnalyticsConfigurations List<GetUserPoolClientAnalyticsConfiguration>: (Optional) Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
CallbackUrls List<string>: (Optional) List of allowed callback URLs for the identity providers.
ClientId string
ClientSecret string: Client secret of the user pool client.
DefaultRedirectUri string: (Optional) Default redirect URI. Must be in the list of callback URLs.
EnablePropagateAdditionalUserContextData bool
EnableTokenRevocation bool: (Optional) Enables or disables token revocation.
ExplicitAuthFlows List<string>: (Optional) List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
GenerateSecret bool: (Optional) Should an application secret be generated.
Id string: The provider-assigned unique ID for this managed resource.
IdTokenValidity int: (Optional) Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
LogoutUrls List<string>: (Optional) List of allowed logout URLs for the identity providers.
Name string
PreventUserExistenceErrors string: (Optional) Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.
ReadAttributes List<string>: (Optional) List of user pool attributes the application client can read from.
RefreshTokenValidity int: (Optional) Time limit in days refresh tokens are valid for.
SupportedIdentityProviders List<string>: (Optional) List of provider names for the identity providers that are supported on this client. Uses the provider_name attribute of aws.cognito.IdentityProvider resource(s), or the equivalent string(s).
TokenValidityUnits List<GetUserPoolClientTokenValidityUnit>: (Optional) Configuration block for units in which the validity times are represented in. Detailed below.
UserPoolId string
WriteAttributes List<string>: (Optional) List of user pool attributes the application client can write to.

AccessTokenValidity int: (Optional) Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
AllowedOauthFlows []string: (Optional) List of allowed OAuth flows (code, implicit, client_credentials).
AllowedOauthFlowsUserPoolClient bool: (Optional) Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
AllowedOauthScopes []string: (Optional) List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
AnalyticsConfigurations []GetUserPoolClientAnalyticsConfiguration: (Optional) Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
CallbackUrls []string: (Optional) List of allowed callback URLs for the identity providers.
ClientId string
ClientSecret string: Client secret of the user pool client.
DefaultRedirectUri string: (Optional) Default redirect URI. Must be in the list of callback URLs.
EnablePropagateAdditionalUserContextData bool
EnableTokenRevocation bool: (Optional) Enables or disables token revocation.
ExplicitAuthFlows []string: (Optional) List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
GenerateSecret bool: (Optional) Should an application secret be generated.
Id string: The provider-assigned unique ID for this managed resource.
IdTokenValidity int: (Optional) Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
LogoutUrls []string: (Optional) List of allowed logout URLs for the identity providers.
Name string
PreventUserExistenceErrors string: (Optional) Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.
ReadAttributes []string: (Optional) List of user pool attributes the application client can read from.
RefreshTokenValidity int: (Optional) Time limit in days refresh tokens are valid for.
SupportedIdentityProviders []string: (Optional) List of provider names for the identity providers that are supported on this client. Uses the provider_name attribute of aws.cognito.IdentityProvider resource(s), or the equivalent string(s).
TokenValidityUnits []GetUserPoolClientTokenValidityUnit: (Optional) Configuration block for units in which the validity times are represented in. Detailed below.
UserPoolId string
WriteAttributes []string: (Optional) List of user pool attributes the application client can write to.

accessTokenValidity Integer: (Optional) Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
allowedOauthFlows List<String>: (Optional) List of allowed OAuth flows (code, implicit, client_credentials).
allowedOauthFlowsUserPoolClient Boolean: (Optional) Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
allowedOauthScopes List<String>: (Optional) List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
analyticsConfigurations List<GetUserPoolClientAnalyticsConfiguration>: (Optional) Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
callbackUrls List<String>: (Optional) List of allowed callback URLs for the identity providers.
clientId String
clientSecret String: Client secret of the user pool client.
defaultRedirectUri String: (Optional) Default redirect URI. Must be in the list of callback URLs.
enablePropagateAdditionalUserContextData Boolean
enableTokenRevocation Boolean: (Optional) Enables or disables token revocation.
explicitAuthFlows List<String>: (Optional) List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
generateSecret Boolean: (Optional) Should an application secret be generated.
id String: The provider-assigned unique ID for this managed resource.
idTokenValidity Integer: (Optional) Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
logoutUrls List<String>: (Optional) List of allowed logout URLs for the identity providers.
name String
preventUserExistenceErrors String: (Optional) Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.
readAttributes List<String>: (Optional) List of user pool attributes the application client can read from.
refreshTokenValidity Integer: (Optional) Time limit in days refresh tokens are valid for.
supportedIdentityProviders List<String>: (Optional) List of provider names for the identity providers that are supported on this client. Uses the provider_name attribute of aws.cognito.IdentityProvider resource(s), or the equivalent string(s).
tokenValidityUnits List<GetUserPoolClientTokenValidityUnit>: (Optional) Configuration block for units in which the validity times are represented in. Detailed below.
userPoolId String
writeAttributes List<String>: (Optional) List of user pool attributes the application client can write to.

accessTokenValidity number: (Optional) Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
allowedOauthFlows string[]: (Optional) List of allowed OAuth flows (code, implicit, client_credentials).
allowedOauthFlowsUserPoolClient boolean: (Optional) Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
allowedOauthScopes string[]: (Optional) List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
analyticsConfigurations GetUserPoolClientAnalyticsConfiguration[]: (Optional) Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
callbackUrls string[]: (Optional) List of allowed callback URLs for the identity providers.
clientId string
clientSecret string: Client secret of the user pool client.
defaultRedirectUri string: (Optional) Default redirect URI. Must be in the list of callback URLs.
enablePropagateAdditionalUserContextData boolean
enableTokenRevocation boolean: (Optional) Enables or disables token revocation.
explicitAuthFlows string[]: (Optional) List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
generateSecret boolean: (Optional) Should an application secret be generated.
id string: The provider-assigned unique ID for this managed resource.
idTokenValidity number: (Optional) Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
logoutUrls string[]: (Optional) List of allowed logout URLs for the identity providers.
name string
preventUserExistenceErrors string: (Optional) Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.
readAttributes string[]: (Optional) List of user pool attributes the application client can read from.
refreshTokenValidity number: (Optional) Time limit in days refresh tokens are valid for.
supportedIdentityProviders string[]: (Optional) List of provider names for the identity providers that are supported on this client. Uses the provider_name attribute of aws.cognito.IdentityProvider resource(s), or the equivalent string(s).
tokenValidityUnits GetUserPoolClientTokenValidityUnit[]: (Optional) Configuration block for units in which the validity times are represented in. Detailed below.
userPoolId string
writeAttributes string[]: (Optional) List of user pool attributes the application client can write to.

access_token_validity int: (Optional) Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
allowed_oauth_flows Sequence[str]: (Optional) List of allowed OAuth flows (code, implicit, client_credentials).
allowed_oauth_flows_user_pool_client bool: (Optional) Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
allowed_oauth_scopes Sequence[str]: (Optional) List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
analytics_configurations Sequence[GetUserPoolClientAnalyticsConfiguration]: (Optional) Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
callback_urls Sequence[str]: (Optional) List of allowed callback URLs for the identity providers.
client_id str
client_secret str: Client secret of the user pool client.
default_redirect_uri str: (Optional) Default redirect URI. Must be in the list of callback URLs.
enable_propagate_additional_user_context_data bool
enable_token_revocation bool: (Optional) Enables or disables token revocation.
explicit_auth_flows Sequence[str]: (Optional) List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
generate_secret bool: (Optional) Should an application secret be generated.
id str: The provider-assigned unique ID for this managed resource.
id_token_validity int: (Optional) Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
logout_urls Sequence[str]: (Optional) List of allowed logout URLs for the identity providers.
name str
prevent_user_existence_errors str: (Optional) Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.
read_attributes Sequence[str]: (Optional) List of user pool attributes the application client can read from.
refresh_token_validity int: (Optional) Time limit in days refresh tokens are valid for.
supported_identity_providers Sequence[str]: (Optional) List of provider names for the identity providers that are supported on this client. Uses the provider_name attribute of aws.cognito.IdentityProvider resource(s), or the equivalent string(s).
token_validity_units Sequence[GetUserPoolClientTokenValidityUnit]: (Optional) Configuration block for units in which the validity times are represented in. Detailed below.
user_pool_id str
write_attributes Sequence[str]: (Optional) List of user pool attributes the application client can write to.

accessTokenValidity Number: (Optional) Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
allowedOauthFlows List<String>: (Optional) List of allowed OAuth flows (code, implicit, client_credentials).
allowedOauthFlowsUserPoolClient Boolean: (Optional) Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
allowedOauthScopes List<String>: (Optional) List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
analyticsConfigurations List<Property Map>: (Optional) Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
callbackUrls List<String>: (Optional) List of allowed callback URLs for the identity providers.
clientId String
clientSecret String: Client secret of the user pool client.
defaultRedirectUri String: (Optional) Default redirect URI. Must be in the list of callback URLs.
enablePropagateAdditionalUserContextData Boolean
enableTokenRevocation Boolean: (Optional) Enables or disables token revocation.
explicitAuthFlows List<String>: (Optional) List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
generateSecret Boolean: (Optional) Should an application secret be generated.
id String: The provider-assigned unique ID for this managed resource.
idTokenValidity Number: (Optional) Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. This value will be overridden if you have entered a value in token_validity_units.
logoutUrls List<String>: (Optional) List of allowed logout URLs for the identity providers.
name String
preventUserExistenceErrors String: (Optional) Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.
readAttributes List<String>: (Optional) List of user pool attributes the application client can read from.
refreshTokenValidity Number: (Optional) Time limit in days refresh tokens are valid for.
supportedIdentityProviders List<String>: (Optional) List of provider names for the identity providers that are supported on this client. Uses the provider_name attribute of aws.cognito.IdentityProvider resource(s), or the equivalent string(s).
tokenValidityUnits List<Property Map>: (Optional) Configuration block for units in which the validity times are represented in. Detailed below.
userPoolId String
writeAttributes List<String>: (Optional) List of user pool attributes the application client can write to.

Supporting Types

GetUserPoolClientAnalyticsConfiguration

ApplicationArn string: (Optional) Application ARN for an Amazon Pinpoint application. Conflicts with external_id and role_arn.
ApplicationId string: (Optional) Application ID for an Amazon Pinpoint application.
ExternalId string: (Optional) ID for the Analytics Configuration. Conflicts with application_arn.
RoleArn string: (Optional) ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Conflicts with application_arn.
UserDataShared bool: (Optional) If set to true, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.

ApplicationArn string: (Optional) Application ARN for an Amazon Pinpoint application. Conflicts with external_id and role_arn.
ApplicationId string: (Optional) Application ID for an Amazon Pinpoint application.
ExternalId string: (Optional) ID for the Analytics Configuration. Conflicts with application_arn.
RoleArn string: (Optional) ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Conflicts with application_arn.
UserDataShared bool: (Optional) If set to true, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.

applicationArn String: (Optional) Application ARN for an Amazon Pinpoint application. Conflicts with external_id and role_arn.
applicationId String: (Optional) Application ID for an Amazon Pinpoint application.
externalId String: (Optional) ID for the Analytics Configuration. Conflicts with application_arn.
roleArn String: (Optional) ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Conflicts with application_arn.
userDataShared Boolean: (Optional) If set to true, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.

applicationArn string: (Optional) Application ARN for an Amazon Pinpoint application. Conflicts with external_id and role_arn.
applicationId string: (Optional) Application ID for an Amazon Pinpoint application.
externalId string: (Optional) ID for the Analytics Configuration. Conflicts with application_arn.
roleArn string: (Optional) ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Conflicts with application_arn.
userDataShared boolean: (Optional) If set to true, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.

application_arn str: (Optional) Application ARN for an Amazon Pinpoint application. Conflicts with external_id and role_arn.
application_id str: (Optional) Application ID for an Amazon Pinpoint application.
external_id str: (Optional) ID for the Analytics Configuration. Conflicts with application_arn.
role_arn str: (Optional) ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Conflicts with application_arn.
user_data_shared bool: (Optional) If set to true, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.

applicationArn String: (Optional) Application ARN for an Amazon Pinpoint application. Conflicts with external_id and role_arn.
applicationId String: (Optional) Application ID for an Amazon Pinpoint application.
externalId String: (Optional) ID for the Analytics Configuration. Conflicts with application_arn.
roleArn String: (Optional) ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Conflicts with application_arn.
userDataShared Boolean: (Optional) If set to true, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.

GetUserPoolClientTokenValidityUnit

AccessToken string: (Optional) Time unit in for the value in access_token_validity, defaults to hours.
IdToken string: (Optional) Time unit in for the value in id_token_validity, defaults to hours.
RefreshToken string: (Optional) Time unit in for the value in refresh_token_validity, defaults to days.

AccessToken string: (Optional) Time unit in for the value in access_token_validity, defaults to hours.
IdToken string: (Optional) Time unit in for the value in id_token_validity, defaults to hours.
RefreshToken string: (Optional) Time unit in for the value in refresh_token_validity, defaults to days.

accessToken String: (Optional) Time unit in for the value in access_token_validity, defaults to hours.
idToken String: (Optional) Time unit in for the value in id_token_validity, defaults to hours.
refreshToken String: (Optional) Time unit in for the value in refresh_token_validity, defaults to days.

accessToken string: (Optional) Time unit in for the value in access_token_validity, defaults to hours.
idToken string: (Optional) Time unit in for the value in id_token_validity, defaults to hours.
refreshToken string: (Optional) Time unit in for the value in refresh_token_validity, defaults to days.

access_token str: (Optional) Time unit in for the value in access_token_validity, defaults to hours.
id_token str: (Optional) Time unit in for the value in id_token_validity, defaults to hours.
refresh_token str: (Optional) Time unit in for the value in refresh_token_validity, defaults to days.

accessToken String: (Optional) Time unit in for the value in access_token_validity, defaults to hours.
idToken String: (Optional) Time unit in for the value in id_token_validity, defaults to hours.
refreshToken String: (Optional) Time unit in for the value in refresh_token_validity, defaults to days.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

AWS v6.73.0 published on Wednesday, Mar 19, 2025 by Pulumi

pulumi/pulumi-aws

aws.cognito.getUserPoolClient

On this page

On this page

Example Usage

Using getUserPoolClient

getUserPoolClient Result

Supporting Types

GetUserPoolClientAnalyticsConfiguration

GetUserPoolClientTokenValidityUnit

Package Details

On this page

On this page