interface CustomJwtConfiguration
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Bedrock.Agentcore.Alpha.CustomJwtConfiguration |
 Go | github.com/aws/aws-cdk-go/awsbedrockagentcorealpha/v2#CustomJwtConfiguration |
 Java | software.amazon.awscdk.services.bedrock.agentcore.alpha.CustomJwtConfiguration |
 Python | aws_cdk.aws_bedrock_agentcore_alpha.CustomJwtConfiguration |
 TypeScript (source) | @aws-cdk/aws-bedrock-agentcore-alpha » CustomJwtConfiguration |
⚠️ Deprecated: Use the equivalent construct from aws-cdk-lib/aws-bedrockagentcore instead.
Custom JWT authorizer configuration.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import * as bedrock_agentcore_alpha from '@aws-cdk/aws-bedrock-agentcore-alpha';
declare const gatewayCustomClaim: bedrock_agentcore_alpha.GatewayCustomClaim;
const customJwtConfiguration: bedrock_agentcore_alpha.CustomJwtConfiguration = {
discoveryUrl: 'discoveryUrl',
// the properties below are optional
allowedAudience: ['allowedAudience'],
allowedClients: ['allowedClients'],
allowedScopes: ['allowedScopes'],
customClaims: [gatewayCustomClaim],
};
Properties
| Name | Type | Description |
|---|---|---|
| discovery | string | This URL is used to fetch OpenID Connect configuration or authorization server metadata for validating incoming tokens. |
| allowed | string[] | Represents individual audience values that are validated in the incoming JWT token validation process. |
| allowed | string[] | Represents individual client IDs that are validated in the incoming JWT token validation process. |
| allowed | string[] | Represents individual scopes that are validated in the incoming JWT token validation process. |
| custom | Gateway[] | Custom claims for additional JWT token validation. |
discoveryUrl
⚠️ Deprecated: Use the equivalent construct from aws-cdk-lib/aws-bedrockagentcore instead.
Type:
string
This URL is used to fetch OpenID Connect configuration or authorization server metadata for validating incoming tokens.
Pattern: .+/.well-known/openid-configuration Required: Yes
allowedAudience?
⚠️ Deprecated: Use the equivalent construct from aws-cdk-lib/aws-bedrockagentcore instead.
Type:
string[]
(optional, default: No audience validation)
Represents individual audience values that are validated in the incoming JWT token validation process.
allowedClients?
⚠️ Deprecated: Use the equivalent construct from aws-cdk-lib/aws-bedrockagentcore instead.
Type:
string[]
(optional, default: No client ID validation)
Represents individual client IDs that are validated in the incoming JWT token validation process.
allowedScopes?
⚠️ Deprecated: Use the equivalent construct from aws-cdk-lib/aws-bedrockagentcore instead.
Type:
string[]
(optional, default: No scope validation)
Represents individual scopes that are validated in the incoming JWT token validation process.
customClaims?
⚠️ Deprecated: Use the equivalent construct from aws-cdk-lib/aws-bedrockagentcore instead.
Type:
Gateway[]
(optional, default: No custom claim validation)
Custom claims for additional JWT token validation.
Allows you to validate additional fields in JWT tokens beyond the standard audience, client, and scope validations.