2025/10/13 - Amazon Bedrock Agent Core Control Plane Fronting Layer - 9 updated api methods
Changes Updated InvokeAgentRuntime API to accept account id optionally and added CompleteResourceTokenAuth API.
{'agentRuntimeId': 'string', 'endpointName': 'string'}
Creates an AgentCore Runtime endpoint.
See also: AWS API Documentation
Request Syntax
client.create_agent_runtime_endpoint(
agentRuntimeId='string',
name='string',
agentRuntimeVersion='string',
description='string',
clientToken='string',
tags={
'string': 'string'
}
)
string
[REQUIRED]
The unique identifier of the AgentCore Runtime to create an endpoint for.
string
[REQUIRED]
The name of the AgentCore Runtime endpoint.
string
The version of the AgentCore Runtime to use for the endpoint.
string
The description of the AgentCore Runtime endpoint.
string
A unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
dict
A map of tag keys and values to assign to the agent runtime endpoint. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.
(string) --
(string) --
dict
Response Syntax
{
'targetVersion': 'string',
'agentRuntimeEndpointArn': 'string',
'agentRuntimeArn': 'string',
'agentRuntimeId': 'string',
'endpointName': 'string',
'status': 'CREATING'|'CREATE_FAILED'|'UPDATING'|'UPDATE_FAILED'|'READY'|'DELETING',
'createdAt': datetime(2015, 1, 1)
}
Response Structure
(dict) --
targetVersion (string) --
The target version of the AgentCore Runtime for the endpoint.
agentRuntimeEndpointArn (string) --
The Amazon Resource Name (ARN) of the AgentCore Runtime endpoint.
agentRuntimeArn (string) --
The Amazon Resource Name (ARN) of the AgentCore Runtime.
agentRuntimeId (string) --
The unique identifier of the AgentCore Runtime.
endpointName (string) --
The name of the AgentCore Runtime endpoint.
status (string) --
The current status of the AgentCore Runtime endpoint.
createdAt (datetime) --
The timestamp when the AgentCore Runtime endpoint was created.
{'tags': {'string': 'string'}}
Creates a new API key credential provider.
See also: AWS API Documentation
Request Syntax
client.create_api_key_credential_provider(
name='string',
apiKey='string',
tags={
'string': 'string'
}
)
string
[REQUIRED]
The name of the API key credential provider. The name must be unique within your account.
string
[REQUIRED]
The API key to use for authentication. This value is encrypted and stored securely.
dict
A map of tag keys and values to assign to the API key credential provider. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.
(string) --
(string) --
dict
Response Syntax
{
'apiKeySecretArn': {
'secretArn': 'string'
},
'name': 'string',
'credentialProviderArn': 'string'
}
Response Structure
(dict) --
apiKeySecretArn (dict) --
The Amazon Resource Name (ARN) of the secret containing the API key.
secretArn (string) --
The Amazon Resource Name (ARN) of the secret in AWS Secrets Manager.
name (string) --
The name of the created API key credential provider.
credentialProviderArn (string) --
The Amazon Resource Name (ARN) of the created API key credential provider.
{'credentialProviderVendor': {'AtlassianOauth2',
'Auth0Oauth2',
'CognitoOauth2',
'CyberArkOauth2',
'DropboxOauth2',
'FacebookOauth2',
'FusionAuthOauth2',
'HubspotOauth2',
'LinkedinOauth2',
'NotionOauth2',
'OktaOauth2',
'OneLoginOauth2',
'PingOneOauth2',
'RedditOauth2',
'SpotifyOauth2',
'TwitchOauth2',
'XOauth2',
'YandexOauth2',
'ZoomOauth2'},
'oauth2ProviderConfigInput': {'atlassianOauth2ProviderConfig': {'clientId': 'string',
'clientSecret': 'string'},
'customOauth2ProviderConfig': {'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'includedOauth2ProviderConfig': {'authorizationEndpoint': 'string',
'clientId': 'string',
'clientSecret': 'string',
'issuer': 'string',
'tokenEndpoint': 'string'},
'linkedinOauth2ProviderConfig': {'clientId': 'string',
'clientSecret': 'string'},
'microsoftOauth2ProviderConfig': {'tenantId': 'string'}},
'tags': {'string': 'string'}}
Response {'callbackUrl': 'string',
'oauth2ProviderConfigOutput': {'atlassianOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'customOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'githubOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'googleOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'includedOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'linkedinOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'microsoftOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'salesforceOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'slackOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}}}}
Creates a new OAuth2 credential provider.
See also: AWS API Documentation
Request Syntax
client.create_oauth2_credential_provider(
name='string',
credentialProviderVendor='GoogleOauth2'|'GithubOauth2'|'SlackOauth2'|'SalesforceOauth2'|'MicrosoftOauth2'|'CustomOauth2'|'AtlassianOauth2'|'LinkedinOauth2'|'XOauth2'|'OktaOauth2'|'OneLoginOauth2'|'PingOneOauth2'|'FacebookOauth2'|'YandexOauth2'|'RedditOauth2'|'ZoomOauth2'|'TwitchOauth2'|'SpotifyOauth2'|'DropboxOauth2'|'NotionOauth2'|'HubspotOauth2'|'CyberArkOauth2'|'FusionAuthOauth2'|'Auth0Oauth2'|'CognitoOauth2',
oauth2ProviderConfigInput={
'customOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string',
'clientSecret': 'string'
},
'googleOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'githubOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'slackOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'salesforceOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'microsoftOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string',
'tenantId': 'string'
},
'atlassianOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'linkedinOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'includedOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string',
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string'
}
},
tags={
'string': 'string'
}
)
string
[REQUIRED]
The name of the OAuth2 credential provider. The name must be unique within your account.
string
[REQUIRED]
The vendor of the OAuth2 credential provider. This specifies which OAuth2 implementation to use.
dict
[REQUIRED]
The configuration settings for the OAuth2 provider, including client ID, client secret, and other vendor-specific settings.
customOauth2ProviderConfig (dict) --
The configuration for a custom OAuth2 provider.
oauthDiscovery (dict) -- [REQUIRED]
The OAuth2 discovery information for the custom provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) -- [REQUIRED]
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) -- [REQUIRED]
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) -- [REQUIRED]
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) -- [REQUIRED]
The client ID for the custom OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the custom OAuth2 provider.
googleOauth2ProviderConfig (dict) --
The configuration for a Google OAuth2 provider.
clientId (string) -- [REQUIRED]
The client ID for the Google OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the Google OAuth2 provider.
githubOauth2ProviderConfig (dict) --
The configuration for a GitHub OAuth2 provider.
clientId (string) -- [REQUIRED]
The client ID for the GitHub OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the GitHub OAuth2 provider.
slackOauth2ProviderConfig (dict) --
The configuration for a Slack OAuth2 provider.
clientId (string) -- [REQUIRED]
The client ID for the Slack OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the Slack OAuth2 provider.
salesforceOauth2ProviderConfig (dict) --
The configuration for a Salesforce OAuth2 provider.
clientId (string) -- [REQUIRED]
The client ID for the Salesforce OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the Salesforce OAuth2 provider.
microsoftOauth2ProviderConfig (dict) --
The configuration for a Microsoft OAuth2 provider.
clientId (string) -- [REQUIRED]
The client ID for the Microsoft OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the Microsoft OAuth2 provider.
tenantId (string) --
The Microsoft Entra ID (formerly Azure AD) tenant ID for your organization. This identifies the specific tenant within Microsoft's identity platform where your application is registered.
atlassianOauth2ProviderConfig (dict) --
Configuration settings for Atlassian OAuth2 provider integration.
clientId (string) -- [REQUIRED]
The client ID for the Atlassian OAuth2 provider. This identifier is assigned by Atlassian when you register your application.
clientSecret (string) -- [REQUIRED]
The client secret for the Atlassian OAuth2 provider. This secret is assigned by Atlassian and used along with the client ID to authenticate your application.
linkedinOauth2ProviderConfig (dict) --
Configuration settings for LinkedIn OAuth2 provider integration.
clientId (string) -- [REQUIRED]
The client ID for the LinkedIn OAuth2 provider. This identifier is assigned by LinkedIn when you register your application.
clientSecret (string) -- [REQUIRED]
The client secret for the LinkedIn OAuth2 provider. This secret is assigned by LinkedIn and used along with the client ID to authenticate your application.
includedOauth2ProviderConfig (dict) --
The configuration for a non-custom OAuth2 provider. This includes settings for supported OAuth2 providers that have built-in integration support.
clientId (string) -- [REQUIRED]
The client ID for the supported OAuth2 provider. This identifier is assigned by the OAuth2 provider when you register your application.
clientSecret (string) -- [REQUIRED]
The client secret for the supported OAuth2 provider. This secret is assigned by the OAuth2 provider and used along with the client ID to authenticate your application.
issuer (string) --
Token issuer of your isolated OAuth2 application tenant. This URL identifies the authorization server that issues tokens for this provider.
authorizationEndpoint (string) --
OAuth2 authorization endpoint for your isolated OAuth2 application tenant. This is where users are redirected to authenticate and authorize access to their resources.
tokenEndpoint (string) --
OAuth2 token endpoint for your isolated OAuth2 application tenant. This is where authorization codes are exchanged for access tokens.
dict
A map of tag keys and values to assign to the OAuth2 credential provider. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.
(string) --
(string) --
dict
Response Syntax
{
'clientSecretArn': {
'secretArn': 'string'
},
'name': 'string',
'credentialProviderArn': 'string',
'callbackUrl': 'string',
'oauth2ProviderConfigOutput': {
'customOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'googleOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'githubOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'slackOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'salesforceOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'microsoftOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'atlassianOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'linkedinOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'includedOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
}
}
}
Response Structure
(dict) --
clientSecretArn (dict) --
The Amazon Resource Name (ARN) of the client secret in AWS Secrets Manager.
secretArn (string) --
The Amazon Resource Name (ARN) of the secret in AWS Secrets Manager.
name (string) --
The name of the OAuth2 credential provider.
credentialProviderArn (string) --
The Amazon Resource Name (ARN) of the OAuth2 credential provider.
callbackUrl (string) --
Callback URL to register on the OAuth2 credential provider as an allowed callback URL. This URL is where the OAuth2 authorization server redirects users after they complete the authorization flow.
oauth2ProviderConfigOutput (dict) --
Contains the output configuration for an OAuth2 provider.
customOauth2ProviderConfig (dict) --
The output configuration for a custom OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the custom provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the custom OAuth2 provider.
googleOauth2ProviderConfig (dict) --
The output configuration for a Google OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Google provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Google OAuth2 provider.
githubOauth2ProviderConfig (dict) --
The output configuration for a GitHub OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the GitHub provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the GitHub OAuth2 provider.
slackOauth2ProviderConfig (dict) --
The output configuration for a Slack OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Slack provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Slack OAuth2 provider.
salesforceOauth2ProviderConfig (dict) --
The output configuration for a Salesforce OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Salesforce provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Salesforce OAuth2 provider.
microsoftOauth2ProviderConfig (dict) --
The output configuration for a Microsoft OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Microsoft provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Microsoft OAuth2 provider.
atlassianOauth2ProviderConfig (dict) --
The configuration details for the Atlassian OAuth2 provider.
oauthDiscovery (dict) --
Contains the discovery information for an OAuth2 provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Atlassian OAuth2 provider.
linkedinOauth2ProviderConfig (dict) --
The configuration details for the LinkedIn OAuth2 provider.
oauthDiscovery (dict) --
Contains the discovery information for an OAuth2 provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the LinkedIn OAuth2 provider.
includedOauth2ProviderConfig (dict) --
The configuration for a non-custom OAuth2 provider. This includes the configuration details for supported OAuth2 providers that have built-in integration support.
oauthDiscovery (dict) --
Contains the discovery information for an OAuth2 provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the supported OAuth2 provider.
{'tags': {'string': 'string'}}
Creates a new workload identity.
See also: AWS API Documentation
Request Syntax
client.create_workload_identity(
name='string',
allowedResourceOauth2ReturnUrls=[
'string',
],
tags={
'string': 'string'
}
)
string
[REQUIRED]
The name of the workload identity. The name must be unique within your account.
list
The list of allowed OAuth2 return URLs for resources associated with this workload identity.
(string) --
dict
A map of tag keys and values to assign to the workload identity. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.
(string) --
(string) --
dict
Response Syntax
{
'name': 'string',
'workloadIdentityArn': 'string',
'allowedResourceOauth2ReturnUrls': [
'string',
]
}
Response Structure
(dict) --
name (string) --
The name of the workload identity.
workloadIdentityArn (string) --
The Amazon Resource Name (ARN) of the workload identity.
allowedResourceOauth2ReturnUrls (list) --
The list of allowed OAuth2 return URLs for resources associated with this workload identity.
(string) --
{'agentRuntimeId': 'string'}
Deletes an Amazon Bedrock AgentCore Runtime.
See also: AWS API Documentation
Request Syntax
client.delete_agent_runtime(
agentRuntimeId='string'
)
string
[REQUIRED]
The unique identifier of the AgentCore Runtime to delete.
dict
Response Syntax
{
'status': 'CREATING'|'CREATE_FAILED'|'UPDATING'|'UPDATE_FAILED'|'READY'|'DELETING',
'agentRuntimeId': 'string'
}
Response Structure
(dict) --
status (string) --
The current status of the AgentCore Runtime deletion.
agentRuntimeId (string) --
The unique identifier of the AgentCore Runtime.
{'agentRuntimeId': 'string', 'endpointName': 'string'}
Deletes an AAgentCore Runtime endpoint.
See also: AWS API Documentation
Request Syntax
client.delete_agent_runtime_endpoint(
agentRuntimeId='string',
endpointName='string',
clientToken='string'
)
string
[REQUIRED]
The unique identifier of the AgentCore Runtime associated with the endpoint.
string
[REQUIRED]
The name of the AgentCore Runtime endpoint to delete.
string
A unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
dict
Response Syntax
{
'status': 'CREATING'|'CREATE_FAILED'|'UPDATING'|'UPDATE_FAILED'|'READY'|'DELETING',
'agentRuntimeId': 'string',
'endpointName': 'string'
}
Response Structure
(dict) --
status (string) --
The current status of the AgentCore Runtime endpoint deletion.
agentRuntimeId (string) --
The unique identifier of the AgentCore Runtime.
endpointName (string) --
The name of the AgentCore Runtime endpoint.
{'callbackUrl': 'string',
'credentialProviderVendor': {'AtlassianOauth2',
'Auth0Oauth2',
'CognitoOauth2',
'CyberArkOauth2',
'DropboxOauth2',
'FacebookOauth2',
'FusionAuthOauth2',
'HubspotOauth2',
'LinkedinOauth2',
'NotionOauth2',
'OktaOauth2',
'OneLoginOauth2',
'PingOneOauth2',
'RedditOauth2',
'SpotifyOauth2',
'TwitchOauth2',
'XOauth2',
'YandexOauth2',
'ZoomOauth2'},
'oauth2ProviderConfigOutput': {'atlassianOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'customOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'githubOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'googleOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'includedOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'linkedinOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'microsoftOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'salesforceOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'slackOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}}}}
Retrieves information about an OAuth2 credential provider.
See also: AWS API Documentation
Request Syntax
client.get_oauth2_credential_provider(
name='string'
)
string
[REQUIRED]
The name of the OAuth2 credential provider to retrieve.
dict
Response Syntax
{
'clientSecretArn': {
'secretArn': 'string'
},
'name': 'string',
'credentialProviderArn': 'string',
'credentialProviderVendor': 'GoogleOauth2'|'GithubOauth2'|'SlackOauth2'|'SalesforceOauth2'|'MicrosoftOauth2'|'CustomOauth2'|'AtlassianOauth2'|'LinkedinOauth2'|'XOauth2'|'OktaOauth2'|'OneLoginOauth2'|'PingOneOauth2'|'FacebookOauth2'|'YandexOauth2'|'RedditOauth2'|'ZoomOauth2'|'TwitchOauth2'|'SpotifyOauth2'|'DropboxOauth2'|'NotionOauth2'|'HubspotOauth2'|'CyberArkOauth2'|'FusionAuthOauth2'|'Auth0Oauth2'|'CognitoOauth2',
'callbackUrl': 'string',
'oauth2ProviderConfigOutput': {
'customOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'googleOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'githubOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'slackOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'salesforceOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'microsoftOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'atlassianOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'linkedinOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'includedOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
}
},
'createdTime': datetime(2015, 1, 1),
'lastUpdatedTime': datetime(2015, 1, 1)
}
Response Structure
(dict) --
clientSecretArn (dict) --
The Amazon Resource Name (ARN) of the client secret in AWS Secrets Manager.
secretArn (string) --
The Amazon Resource Name (ARN) of the secret in AWS Secrets Manager.
name (string) --
The name of the OAuth2 credential provider.
credentialProviderArn (string) --
ARN of the credential provider requested.
credentialProviderVendor (string) --
The vendor of the OAuth2 credential provider.
callbackUrl (string) --
Callback URL to register on the OAuth2 credential provider as an allowed callback URL. This URL is where the OAuth2 authorization server redirects users after they complete the authorization flow.
oauth2ProviderConfigOutput (dict) --
The configuration output for the OAuth2 provider.
customOauth2ProviderConfig (dict) --
The output configuration for a custom OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the custom provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the custom OAuth2 provider.
googleOauth2ProviderConfig (dict) --
The output configuration for a Google OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Google provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Google OAuth2 provider.
githubOauth2ProviderConfig (dict) --
The output configuration for a GitHub OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the GitHub provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the GitHub OAuth2 provider.
slackOauth2ProviderConfig (dict) --
The output configuration for a Slack OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Slack provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Slack OAuth2 provider.
salesforceOauth2ProviderConfig (dict) --
The output configuration for a Salesforce OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Salesforce provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Salesforce OAuth2 provider.
microsoftOauth2ProviderConfig (dict) --
The output configuration for a Microsoft OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Microsoft provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Microsoft OAuth2 provider.
atlassianOauth2ProviderConfig (dict) --
The configuration details for the Atlassian OAuth2 provider.
oauthDiscovery (dict) --
Contains the discovery information for an OAuth2 provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Atlassian OAuth2 provider.
linkedinOauth2ProviderConfig (dict) --
The configuration details for the LinkedIn OAuth2 provider.
oauthDiscovery (dict) --
Contains the discovery information for an OAuth2 provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the LinkedIn OAuth2 provider.
includedOauth2ProviderConfig (dict) --
The configuration for a non-custom OAuth2 provider. This includes the configuration details for supported OAuth2 providers that have built-in integration support.
oauthDiscovery (dict) --
Contains the discovery information for an OAuth2 provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the supported OAuth2 provider.
createdTime (datetime) --
The timestamp when the OAuth2 credential provider was created.
lastUpdatedTime (datetime) --
The timestamp when the OAuth2 credential provider was last updated.
{'credentialProviders': {'credentialProviderVendor': {'AtlassianOauth2',
'Auth0Oauth2',
'CognitoOauth2',
'CyberArkOauth2',
'DropboxOauth2',
'FacebookOauth2',
'FusionAuthOauth2',
'HubspotOauth2',
'LinkedinOauth2',
'NotionOauth2',
'OktaOauth2',
'OneLoginOauth2',
'PingOneOauth2',
'RedditOauth2',
'SpotifyOauth2',
'TwitchOauth2',
'XOauth2',
'YandexOauth2',
'ZoomOauth2'}}}
Lists all OAuth2 credential providers in your account.
See also: AWS API Documentation
Request Syntax
client.list_oauth2_credential_providers(
nextToken='string',
maxResults=123
)
string
Pagination token.
integer
Maximum number of results to return.
dict
Response Syntax
{
'credentialProviders': [
{
'name': 'string',
'credentialProviderVendor': 'GoogleOauth2'|'GithubOauth2'|'SlackOauth2'|'SalesforceOauth2'|'MicrosoftOauth2'|'CustomOauth2'|'AtlassianOauth2'|'LinkedinOauth2'|'XOauth2'|'OktaOauth2'|'OneLoginOauth2'|'PingOneOauth2'|'FacebookOauth2'|'YandexOauth2'|'RedditOauth2'|'ZoomOauth2'|'TwitchOauth2'|'SpotifyOauth2'|'DropboxOauth2'|'NotionOauth2'|'HubspotOauth2'|'CyberArkOauth2'|'FusionAuthOauth2'|'Auth0Oauth2'|'CognitoOauth2',
'credentialProviderArn': 'string',
'createdTime': datetime(2015, 1, 1),
'lastUpdatedTime': datetime(2015, 1, 1)
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
credentialProviders (list) --
The list of OAuth2 credential providers.
(dict) --
Contains information about an OAuth2 credential provider.
name (string) --
The name of the OAuth2 credential provider.
credentialProviderVendor (string) --
The vendor of the OAuth2 credential provider.
credentialProviderArn (string) --
The Amazon Resource Name (ARN) of the OAuth2 credential provider.
createdTime (datetime) --
The timestamp when the OAuth2 credential provider was created.
lastUpdatedTime (datetime) --
The timestamp when the OAuth2 credential provider was last updated.
nextToken (string) --
Pagination token for the next page of results.
{'credentialProviderVendor': {'AtlassianOauth2',
'Auth0Oauth2',
'CognitoOauth2',
'CyberArkOauth2',
'DropboxOauth2',
'FacebookOauth2',
'FusionAuthOauth2',
'HubspotOauth2',
'LinkedinOauth2',
'NotionOauth2',
'OktaOauth2',
'OneLoginOauth2',
'PingOneOauth2',
'RedditOauth2',
'SpotifyOauth2',
'TwitchOauth2',
'XOauth2',
'YandexOauth2',
'ZoomOauth2'},
'oauth2ProviderConfigInput': {'atlassianOauth2ProviderConfig': {'clientId': 'string',
'clientSecret': 'string'},
'customOauth2ProviderConfig': {'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'includedOauth2ProviderConfig': {'authorizationEndpoint': 'string',
'clientId': 'string',
'clientSecret': 'string',
'issuer': 'string',
'tokenEndpoint': 'string'},
'linkedinOauth2ProviderConfig': {'clientId': 'string',
'clientSecret': 'string'},
'microsoftOauth2ProviderConfig': {'tenantId': 'string'}}}
Response {'callbackUrl': 'string',
'credentialProviderVendor': {'AtlassianOauth2',
'Auth0Oauth2',
'CognitoOauth2',
'CyberArkOauth2',
'DropboxOauth2',
'FacebookOauth2',
'FusionAuthOauth2',
'HubspotOauth2',
'LinkedinOauth2',
'NotionOauth2',
'OktaOauth2',
'OneLoginOauth2',
'PingOneOauth2',
'RedditOauth2',
'SpotifyOauth2',
'TwitchOauth2',
'XOauth2',
'YandexOauth2',
'ZoomOauth2'},
'oauth2ProviderConfigOutput': {'atlassianOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'customOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'githubOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'googleOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'includedOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'linkedinOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'authorizationEndpoint': 'string',
'issuer': 'string',
'responseTypes': ['string'],
'tokenEndpoint': 'string',
'tokenEndpointAuthMethods': ['string']},
'discoveryUrl': 'string'}},
'microsoftOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'salesforceOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}},
'slackOauth2ProviderConfig': {'clientId': 'string',
'oauthDiscovery': {'authorizationServerMetadata': {'tokenEndpointAuthMethods': ['string']}}}}}
Updates an existing OAuth2 credential provider.
See also: AWS API Documentation
Request Syntax
client.update_oauth2_credential_provider(
name='string',
credentialProviderVendor='GoogleOauth2'|'GithubOauth2'|'SlackOauth2'|'SalesforceOauth2'|'MicrosoftOauth2'|'CustomOauth2'|'AtlassianOauth2'|'LinkedinOauth2'|'XOauth2'|'OktaOauth2'|'OneLoginOauth2'|'PingOneOauth2'|'FacebookOauth2'|'YandexOauth2'|'RedditOauth2'|'ZoomOauth2'|'TwitchOauth2'|'SpotifyOauth2'|'DropboxOauth2'|'NotionOauth2'|'HubspotOauth2'|'CyberArkOauth2'|'FusionAuthOauth2'|'Auth0Oauth2'|'CognitoOauth2',
oauth2ProviderConfigInput={
'customOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string',
'clientSecret': 'string'
},
'googleOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'githubOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'slackOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'salesforceOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'microsoftOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string',
'tenantId': 'string'
},
'atlassianOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'linkedinOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string'
},
'includedOauth2ProviderConfig': {
'clientId': 'string',
'clientSecret': 'string',
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string'
}
}
)
string
[REQUIRED]
The name of the OAuth2 credential provider to update.
string
[REQUIRED]
The vendor of the OAuth2 credential provider.
dict
[REQUIRED]
The configuration input for the OAuth2 provider.
customOauth2ProviderConfig (dict) --
The configuration for a custom OAuth2 provider.
oauthDiscovery (dict) -- [REQUIRED]
The OAuth2 discovery information for the custom provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) -- [REQUIRED]
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) -- [REQUIRED]
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) -- [REQUIRED]
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) -- [REQUIRED]
The client ID for the custom OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the custom OAuth2 provider.
googleOauth2ProviderConfig (dict) --
The configuration for a Google OAuth2 provider.
clientId (string) -- [REQUIRED]
The client ID for the Google OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the Google OAuth2 provider.
githubOauth2ProviderConfig (dict) --
The configuration for a GitHub OAuth2 provider.
clientId (string) -- [REQUIRED]
The client ID for the GitHub OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the GitHub OAuth2 provider.
slackOauth2ProviderConfig (dict) --
The configuration for a Slack OAuth2 provider.
clientId (string) -- [REQUIRED]
The client ID for the Slack OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the Slack OAuth2 provider.
salesforceOauth2ProviderConfig (dict) --
The configuration for a Salesforce OAuth2 provider.
clientId (string) -- [REQUIRED]
The client ID for the Salesforce OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the Salesforce OAuth2 provider.
microsoftOauth2ProviderConfig (dict) --
The configuration for a Microsoft OAuth2 provider.
clientId (string) -- [REQUIRED]
The client ID for the Microsoft OAuth2 provider.
clientSecret (string) -- [REQUIRED]
The client secret for the Microsoft OAuth2 provider.
tenantId (string) --
The Microsoft Entra ID (formerly Azure AD) tenant ID for your organization. This identifies the specific tenant within Microsoft's identity platform where your application is registered.
atlassianOauth2ProviderConfig (dict) --
Configuration settings for Atlassian OAuth2 provider integration.
clientId (string) -- [REQUIRED]
The client ID for the Atlassian OAuth2 provider. This identifier is assigned by Atlassian when you register your application.
clientSecret (string) -- [REQUIRED]
The client secret for the Atlassian OAuth2 provider. This secret is assigned by Atlassian and used along with the client ID to authenticate your application.
linkedinOauth2ProviderConfig (dict) --
Configuration settings for LinkedIn OAuth2 provider integration.
clientId (string) -- [REQUIRED]
The client ID for the LinkedIn OAuth2 provider. This identifier is assigned by LinkedIn when you register your application.
clientSecret (string) -- [REQUIRED]
The client secret for the LinkedIn OAuth2 provider. This secret is assigned by LinkedIn and used along with the client ID to authenticate your application.
includedOauth2ProviderConfig (dict) --
The configuration for a non-custom OAuth2 provider. This includes settings for supported OAuth2 providers that have built-in integration support.
clientId (string) -- [REQUIRED]
The client ID for the supported OAuth2 provider. This identifier is assigned by the OAuth2 provider when you register your application.
clientSecret (string) -- [REQUIRED]
The client secret for the supported OAuth2 provider. This secret is assigned by the OAuth2 provider and used along with the client ID to authenticate your application.
issuer (string) --
Token issuer of your isolated OAuth2 application tenant. This URL identifies the authorization server that issues tokens for this provider.
authorizationEndpoint (string) --
OAuth2 authorization endpoint for your isolated OAuth2 application tenant. This is where users are redirected to authenticate and authorize access to their resources.
tokenEndpoint (string) --
OAuth2 token endpoint for your isolated OAuth2 application tenant. This is where authorization codes are exchanged for access tokens.
dict
Response Syntax
{
'clientSecretArn': {
'secretArn': 'string'
},
'name': 'string',
'credentialProviderVendor': 'GoogleOauth2'|'GithubOauth2'|'SlackOauth2'|'SalesforceOauth2'|'MicrosoftOauth2'|'CustomOauth2'|'AtlassianOauth2'|'LinkedinOauth2'|'XOauth2'|'OktaOauth2'|'OneLoginOauth2'|'PingOneOauth2'|'FacebookOauth2'|'YandexOauth2'|'RedditOauth2'|'ZoomOauth2'|'TwitchOauth2'|'SpotifyOauth2'|'DropboxOauth2'|'NotionOauth2'|'HubspotOauth2'|'CyberArkOauth2'|'FusionAuthOauth2'|'Auth0Oauth2'|'CognitoOauth2',
'credentialProviderArn': 'string',
'callbackUrl': 'string',
'oauth2ProviderConfigOutput': {
'customOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'googleOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'githubOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'slackOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'salesforceOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'microsoftOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'atlassianOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'linkedinOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
},
'includedOauth2ProviderConfig': {
'oauthDiscovery': {
'discoveryUrl': 'string',
'authorizationServerMetadata': {
'issuer': 'string',
'authorizationEndpoint': 'string',
'tokenEndpoint': 'string',
'responseTypes': [
'string',
],
'tokenEndpointAuthMethods': [
'string',
]
}
},
'clientId': 'string'
}
},
'createdTime': datetime(2015, 1, 1),
'lastUpdatedTime': datetime(2015, 1, 1)
}
Response Structure
(dict) --
clientSecretArn (dict) --
The Amazon Resource Name (ARN) of the client secret in AWS Secrets Manager.
secretArn (string) --
The Amazon Resource Name (ARN) of the secret in AWS Secrets Manager.
name (string) --
The name of the OAuth2 credential provider.
credentialProviderVendor (string) --
The vendor of the OAuth2 credential provider.
credentialProviderArn (string) --
The Amazon Resource Name (ARN) of the OAuth2 credential provider.
callbackUrl (string) --
Callback URL to register on the OAuth2 credential provider as an allowed callback URL. This URL is where the OAuth2 authorization server redirects users after they complete the authorization flow.
oauth2ProviderConfigOutput (dict) --
The configuration output for the OAuth2 provider.
customOauth2ProviderConfig (dict) --
The output configuration for a custom OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the custom provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the custom OAuth2 provider.
googleOauth2ProviderConfig (dict) --
The output configuration for a Google OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Google provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Google OAuth2 provider.
githubOauth2ProviderConfig (dict) --
The output configuration for a GitHub OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the GitHub provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the GitHub OAuth2 provider.
slackOauth2ProviderConfig (dict) --
The output configuration for a Slack OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Slack provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Slack OAuth2 provider.
salesforceOauth2ProviderConfig (dict) --
The output configuration for a Salesforce OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Salesforce provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Salesforce OAuth2 provider.
microsoftOauth2ProviderConfig (dict) --
The output configuration for a Microsoft OAuth2 provider.
oauthDiscovery (dict) --
The OAuth2 discovery information for the Microsoft provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Microsoft OAuth2 provider.
atlassianOauth2ProviderConfig (dict) --
The configuration details for the Atlassian OAuth2 provider.
oauthDiscovery (dict) --
Contains the discovery information for an OAuth2 provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the Atlassian OAuth2 provider.
linkedinOauth2ProviderConfig (dict) --
The configuration details for the LinkedIn OAuth2 provider.
oauthDiscovery (dict) --
Contains the discovery information for an OAuth2 provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the LinkedIn OAuth2 provider.
includedOauth2ProviderConfig (dict) --
The configuration for a non-custom OAuth2 provider. This includes the configuration details for supported OAuth2 providers that have built-in integration support.
oauthDiscovery (dict) --
Contains the discovery information for an OAuth2 provider.
discoveryUrl (string) --
The discovery URL for the OAuth2 provider.
authorizationServerMetadata (dict) --
The authorization server metadata for the OAuth2 provider.
issuer (string) --
The issuer URL for the OAuth2 authorization server.
authorizationEndpoint (string) --
The authorization endpoint URL for the OAuth2 authorization server.
tokenEndpoint (string) --
The token endpoint URL for the OAuth2 authorization server.
responseTypes (list) --
The supported response types for the OAuth2 authorization server.
(string) --
tokenEndpointAuthMethods (list) --
The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.
(string) --
clientId (string) --
The client ID for the supported OAuth2 provider.
createdTime (datetime) --
The timestamp when the OAuth2 credential provider was created.
lastUpdatedTime (datetime) --
The timestamp when the OAuth2 credential provider was last updated.