UserPoolClient - Retrieve the client secret
See original GitHub issue_Forking off https://github.com/aws/aws-cdk/issues/3037_
I’m not sure if this is the right place, but in my use case, I’d like to authenticate with cognito from an application load balancer action using a secret generated via a UserPoolClient or CfnUserPoolClient.
It doesn’t seem clear how the oidc client secret can be gotten from the UserPoolClient and given to the application load balancer rule actions, as I seem to get a nonsense value from from the UserPoolClient.userPoolClientClientSecret
property.
Apparently there was a ClientSecret attribute documented on UserPoolClient resources at one point. I’m not sure what happened.
https://github.com/awsdocs/aws-cloudformation-user-guide/issues/72
_Originally posted by @misterjoshua in https://github.com/aws/aws-cdk/issues/3037#issuecomment-592275074_
Issue Analytics
- State:
- Created 3 years ago
- Reactions:28
- Comments:16 (8 by maintainers)
Top GitHub Comments
_Originally posted by @0xdevalias in https://github.com/aws/aws-cdk/issues/3037#issuecomment-601427972_
As a followup to @dveijck’s post above replying to @misterjoshua; CDK has a really short/convenient syntax for custom resources that just need to call AWS SDK functions:
A basic example (untested for this use case exactly) derived from some similar code I wrote recently:
Here is @0xdevalias’s solution again, this time in Python:
A method would be great.