Workforce
data class WorkforcePoolProviderOidcWebSsoConfig(val additionalScopes: List<String>? = null, val assertionClaimsBehavior: String, val responseType: String)
Properties
Link copied to clipboard
Additional scopes to request for in the OIDC authentication request on top of scopes requested by default. By default, the openid, profile and email scopes that are supported by the identity provider are requested. Each additional scope may be at most 256 characters. A maximum of 10 additional scopes may be configured. The extra_attributes_oauth2_client block supports:
Link copied to clipboard
The behavior for how OIDC Claims are included in the assertion object used for attribute mapping and attribute condition.
Link copied to clipboard
The Response Type to request for in the OIDC Authorization Request for web sign-in. The CODE Response Type is recommended to avoid the Implicit Flow, for security reasons.