update_identity_provider

CognitoIdentityProvider.Client.update_identity_provider(**kwargs)

Updates IdP information for a user pool.

See also: AWS API Documentation

Request Syntax

response = client.update_identity_provider(
    UserPoolId='string',
    ProviderName='string',
    ProviderDetails={
        'string': 'string'
    },
    AttributeMapping={
        'string': 'string'
    },
    IdpIdentifiers=[
        'string',
    ]
)

Parameters

• UserPoolId (string) --

  [REQUIRED]

  The user pool ID.

• ProviderName (string) --

  [REQUIRED]

  The IdP name.

• ProviderDetails (dict) --

  The IdP details to be updated, such as MetadataURL and MetadataFile .

  • (string) --
    • (string) --
• AttributeMapping (dict) --

  The IdP attribute mapping to be changed.

  • (string) --
    • (string) --
• IdpIdentifiers (list) --

  A list of IdP identifiers.

  • (string) --

Return type

dict

Returns

Response Syntax

{
    'IdentityProvider': {
        'UserPoolId': 'string',
        'ProviderName': 'string',
        'ProviderType': 'SAML'|'Facebook'|'Google'|'LoginWithAmazon'|'SignInWithApple'|'OIDC',
        'ProviderDetails': {
            'string': 'string'
        },
        'AttributeMapping': {
            'string': 'string'
        },
        'IdpIdentifiers': [
            'string',
        ],
        'LastModifiedDate': datetime(2015, 1, 1),
        'CreationDate': datetime(2015, 1, 1)
    }
}

Response Structure

• (dict) --

  • IdentityProvider (dict) --

    The identity provider details.

    • UserPoolId (string) --

      The user pool ID.

    • ProviderName (string) --

      The IdP name.

    • ProviderType (string) --

      The IdP type.

    • ProviderDetails (dict) --

      The IdP details. The following list describes the provider detail keys for each IdP type.

      • For Google and Login with Amazon:
        • client_id
        • client_secret
        • authorize_scopes
      • For Facebook:
        • client_id
        • client_secret
        • authorize_scopes
        • api_version
      • For Sign in with Apple:
        • client_id
        • team_id
        • key_id
        • private_key You can submit a private_key when you add or update an IdP. Describe operations don't return the private key.
        • authorize_scopes
      • For OIDC providers:
        • client_id
        • client_secret
        • attributes_request_method
        • oidc_issuer
        • authorize_scopes
        • The following keys are only present if Amazon Cognito didn't discover them at the oidc_issuer URL.
          • authorize_url
          • token_url
          • attributes_url
          • jwks_uri
        • Amazon Cognito sets the value of the following keys automatically. They are read-only.
          • attributes_url_add_attributes
      • For SAML providers:
        • MetadataFile or MetadataURL
        • IDPSignout optional
      • (string) --
        • (string) --

    • AttributeMapping (dict) --

      A mapping of IdP attributes to standard and custom user pool attributes.

      • (string) --
        • (string) --

    • IdpIdentifiers (list) --

      A list of IdP identifiers.

      • (string) --

    • LastModifiedDate (datetime) --

      The date the IdP was last modified.

    • CreationDate (datetime) --

      The date the IdP was created.

Exceptions

• CognitoIdentityProvider.Client.exceptions.InvalidParameterException
• CognitoIdentityProvider.Client.exceptions.UnsupportedIdentityProviderException
• CognitoIdentityProvider.Client.exceptions.ResourceNotFoundException
• CognitoIdentityProvider.Client.exceptions.ConcurrentModificationException
• CognitoIdentityProvider.Client.exceptions.NotAuthorizedException
• CognitoIdentityProvider.Client.exceptions.TooManyRequestsException
• CognitoIdentityProvider.Client.exceptions.InternalErrorException