@rayova/cdk-cognito-secret
TypeScript icon, indicating that this package has built-in type declarations

0.1.6 • Public • Published

Rayova A Fintech Corporation

CDK Cognito Secret

This project provides an AWS CDK construct that exports an AWS Cognito client secret to a Secrets Manager secret.

Usage

// Create your user pool client
const userPoolClient = new cognito.UserPoolClient(scope, 'UserPoolClient', {
  userPool,
  // Ensure that you generate a user pool client secret
  generateSecret: true,
});

// Create the Secrets Manager secret in which to store the client secret.
const secret = new secretsmanager.Secret(scope, 'Secret');

// Create the UserPoolClientSecret to fill the secret with the client credentials.
new UserPoolClientSecret(scope, 'UserPoolClientSecret', {
  // Fetches the client secret from the given user pool client
  userPool,
  userPoolClient,
  // Stores the client secret here
  secret,
});

This will produce a JSON secret value like this one:

{
  "issuer": "https://cognito-idp.REGION.amazonaws.com/USER_POOL_ID",
  "clientId": "1234567890abcdefghijklmnop",
  "clientSecret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}

You can use the issuer's .well-known/openid-discovery sub-path to get auth and token endpoints as well as the JWKS.

Package Sidebar

Install

npm i @rayova/cdk-cognito-secret

Weekly Downloads

7

Version

0.1.6

License

Apache-2.0

Unpacked Size

154 kB

Total Files

20

Last publish

Collaborators

  • misterjoshua
  • ekellendonk