CognitoIdentityProvider / Client / describe_identity_provider

describe_identity_provider#

CognitoIdentityProvider.Client.describe_identity_provider(**kwargs)#

Gets information about a specific IdP.

See also: AWS API Documentation

Request Syntax

response = client.describe_identity_provider(
    UserPoolId='string',
    ProviderName='string'
)
Parameters:

  • UserPoolId (string) –

    [REQUIRED]

    The user pool ID.

  • ProviderName (string) –

    [REQUIRED]

    The IdP name.

Return type:

dict

Returns:

Response Syntax

{
    'IdentityProvider': {
        'UserPoolId': 'string',
        'ProviderName': 'string',
        'ProviderType': 'SAML'|'Facebook'|'Google'|'LoginWithAmazon'|'SignInWithApple'|'OIDC',
        'ProviderDetails': {
            'string': 'string'
        },
        'AttributeMapping': {
            'string': 'string'
        },
        'IdpIdentifiers': [
            'string',
        ],
        'LastModifiedDate': datetime(2015, 1, 1),
        'CreationDate': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) –

    • IdentityProvider (dict) –

      The identity provider details.

      • UserPoolId (string) –

        The user pool ID.

      • ProviderName (string) –

        The IdP name.

      • ProviderType (string) –

        The IdP type.

      • ProviderDetails (dict) –

        The IdP details. The following list describes the provider detail keys for each IdP type.

        • For Google and Login with Amazon:

          • client_id

          • client_secret

          • authorize_scopes

        • For Facebook:

          • client_id

          • client_secret

          • authorize_scopes

          • api_version

        • For Sign in with Apple:

          • client_id

          • team_id

          • key_id

          • private_key You can submit a private_key when you add or update an IdP. Describe operations don’t return the private key.

          • authorize_scopes

        • For OIDC providers:

          • client_id

          • client_secret

          • attributes_request_method

          • oidc_issuer

          • authorize_scopes

          • The following keys are only present if Amazon Cognito didn’t discover them at the oidc_issuer URL.

            • authorize_url

            • token_url

            • attributes_url

            • jwks_uri

          • Amazon Cognito sets the value of the following keys automatically. They are read-only.

            • attributes_url_add_attributes

        • For SAML providers:

          • MetadataFile or MetadataURL

          • IDPSignout optional

        • (string) –

          • (string) –

      • AttributeMapping (dict) –

        A mapping of IdP attributes to standard and custom user pool attributes.

        • (string) –

          • (string) –

      • IdpIdentifiers (list) –

        A list of IdP identifiers.

        • (string) –

      • LastModifiedDate (datetime) –

        The date and time, in ISO 8601 format, when the item was modified.

      • CreationDate (datetime) –

        The date and time, in ISO 8601 format, when the item was created.

Exceptions

  • CognitoIdentityProvider.Client.exceptions.InvalidParameterException

  • CognitoIdentityProvider.Client.exceptions.ResourceNotFoundException

  • CognitoIdentityProvider.Client.exceptions.NotAuthorizedException

  • CognitoIdentityProvider.Client.exceptions.TooManyRequestsException

  • CognitoIdentityProvider.Client.exceptions.InternalErrorException