Top / Amazon Web Service / AWS Amazon Cognito / User Pool Client

AWS Amazon Cognito User Pool Client

This page shows how to write Terraform and CloudFormation for Amazon Cognito User Pool Client and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_cognito_user_pool_client (Terraform)

The User Pool Client in Amazon Cognito can be configured in Terraform with the resource name aws_cognito_user_pool_client. The following sections describe 3 examples of how to use the resource and its parameters.

Example Usage from GitHub

app_client.tf#L1
resource "aws_cognito_user_pool_client" "app_client" {
    name = "some-client"
    user_pool_id = aws_cognito_user_pool.main.id
    generate_secret = true
    allowed_oauth_flows_user_pool_client = true
    allowed_oauth_flows = ["client_credentials"]
main.tf#L25
resource "aws_cognito_user_pool_client" "TransferDigitalRecordsApp" {
  name                   = "TransferDigitalRecordsApp"
  user_pool_id           = aws_cognito_user_pool.pool.id
  refresh_token_validity = "30"
  generate_secret        = false
}
main.tf#L30
resource "aws_cognito_user_pool_client" "app_user" {
  name = "mobile_app_user"
  generate_secret = false

  user_pool_id = aws_cognito_user_pool.user_pool.id
}

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Provides a Cognito User Pool Client resource.

>> from Terraform Registry

AWS::Cognito::UserPoolClient (CloudFormation)

The UserPoolClient in Cognito can be configured in CloudFormation with the resource name AWS::Cognito::UserPoolClient. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

serverless.yml#L97
            Type: AWS::Cognito::UserPoolClient
            Properties:
                # Generate an App Client Name based on stage
                ClientName: hex-${self:custom.stage}-web-app-client
                UserPoolId:
                    Ref: HexUserPool
cognito-user-pool.yml#L22
    Type: AWS::Cognito::UserPoolClient
    Properties:
      # Generate an app client name based on the stage
      ClientName: sfa-user-pool-client
      UserPoolId:
        Ref: CognitoUserPool
cognito.yml#L19
    Type: AWS::Cognito::UserPoolClient
    Properties:
      ClientName: ${self:service}-${self:custom.stage}-UserPoolClientAndroid
      GenerateSecret: false
      UserPoolId:
        Ref: CognitoUserPoolMyUserPool
cognito-user-pool.yml#L13
    # Type: AWS::Cognito::UserPoolClient
    # Properties:
    #   # Generate an app client name based on the stage
    #   ClientName: ${self:custom.stage}-${self:service}-userpool-client
    #   UserPoolId:
    #     Ref: CognitoUserPool
cognito-pool.yml#L12
    Type: AWS::Cognito::UserPoolClient
    Properties:
      ClientName: wbeat-cognito-client-${self:provider.stage}
      UserPoolId:
        Ref: CognitoUserPool
      ExplicitAuthFlows:
serverless-state.json#L53
            "Type": "AWS::Cognito::UserPoolClient",
            "Properties": {
              "ClientName": "yyp-user-pool-client",
              "GenerateSecret": false,
              "UserPoolId": {
                "Ref": "CognitoUserPool"
attendance_cognito_userpools.json#L35
          "Type" : "AWS::Cognito::UserPoolClient",
          "Properties" : {
            "ClientName" : "AdminUserPoolClient",
            "GenerateSecret" : false,
            "RefreshTokenValidity" : 30,
            "UserPoolId" : {"Ref":"AdminUserPool"}
aws_cognito.json#L32
    "path": "/ResourceTypes/AWS::Cognito::UserPoolClient/Properties/ExplicitAuthFlows/Value",
    "value": {
      "ValueType": "AWS::Cognito::UserPoolClient.ExplicitAuthFlows"
    }
  },
  {
userPoolClient.json#L2
    "Type" : "AWS::Cognito::UserPoolClient",
    "Properties" : {
      "UserPoolId" : {"Ref":"TodoUserPool"}
    }
auth.json#L154
            "Type": "AWS::Cognito::UserPoolClient",
            "Properties": {
                "RefreshTokenValidity": 30,
                "UserPoolId": {
                    "Ref": "UserPool"
                }

Parameters

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

The AWS::Cognito::UserPoolClient resource specifies an Amazon Cognito user pool client.

>> from AWS CloudFormation Documentation

The Other Related AWS Amazon Cognito Resources

Frequently asked questions

What is AWS Amazon Cognito User Pool Client?

AWS Amazon Cognito User Pool Client is a resource for Amazon Cognito of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amazon Cognito User Pool Client?

For Terraform, the kronostechnologies/aws-mocks, nationalarchives/tdr-prototype-terraform and ccteng/nursing_capstone source code examples are useful. See the Terraform Example section for further details.

For CloudFormation, the TriangularCube/hex-backend, cotta0322/sample-angular-awslambda and rolme/refactor-services source code examples are useful. See the CloudFormation Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents