This is the new *CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html). # AWS::BedrockAgentCore::OAuth2CredentialProvider IncludedOauth2ProviderConfigInput Configuration settings for connecting to a supported OAuth2 provider. This includes client credentials and OAuth2 discovery information for providers that have built-in support. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[AuthorizationEndpoint](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-authorizationendpoint)" : {{String}}, "[ClientId](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-clientid)" : {{String}}, "[ClientSecret](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-clientsecret)" : {{String}}, "[ClientSecretConfig](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-clientsecretconfig)" : {{SecretReference}}, "[ClientSecretSource](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-clientsecretsource)" : {{String}}, "[Issuer](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-issuer)" : {{String}}, "[TokenEndpoint](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-tokenendpoint)" : {{String}} } ``` ### YAML ``` [AuthorizationEndpoint](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-authorizationendpoint): {{String}} [ClientId](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-clientid): {{String}} [ClientSecret](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-clientsecret): {{String}} [ClientSecretConfig](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-clientsecretconfig): {{ SecretReference}} [ClientSecretSource](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-clientsecretsource): {{String}} [Issuer](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-issuer): {{String}} [TokenEndpoint](#cfn-bedrockagentcore-oauth2credentialprovider-includedoauth2providerconfiginput-tokenendpoint): {{String}} ``` ## Properties `AuthorizationEndpoint` OAuth2 authorization endpoint for your isolated OAuth2 application tenant. This is where users are redirected to authenticate and authorize access to their resources. *Required*: No *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `ClientId` The client ID for the supported OAuth2 provider. This identifier is assigned by the OAuth2 provider when you register your application. *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `256` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `ClientSecret` The client secret for the supported OAuth2 provider. This secret is assigned by the OAuth2 provider and used along with the client ID to authenticate your application. *Required*: No *Type*: String *Minimum*: `1` *Maximum*: `2048` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `ClientSecretConfig` Property description not available. *Required*: No *Type*: [SecretReference](aws-properties-bedrockagentcore-oauth2credentialprovider-secretreference.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `ClientSecretSource` Property description not available. *Required*: No *Type*: String *Allowed values*: `MANAGED | EXTERNAL` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Issuer` Token issuer of your isolated OAuth2 application tenant. This URL identifies the authorization server that issues tokens for this provider. *Required*: No *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `TokenEndpoint` OAuth2 token endpoint for your isolated OAuth2 application tenant. This is where authorization codes are exchanged for access tokens. *Required*: No *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)