Amazon Cognito · Schema

MappingRule

A rule that maps a claim name, a claim value, and a match type to a role ARN.

AuthenticationIdentityOAuthOIDCSAMLUser ManagementFederated Identity

Properties

Name Type Description
Claim object
MatchType object
Value object
RoleARN object
View JSON Schema on GitHub

JSON Schema

identity-pools-mapping-rule-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-cognito/refs/heads/main/json-schema/identity-pools-mapping-rule-schema.json",
  "title": "MappingRule",
  "description": "A rule that maps a claim name, a claim value, and a match type to a role ARN.",
  "type": "object",
  "properties": {
    "Claim": {
      "allOf": [
        {
          "$ref": "#/components/schemas/ClaimName"
        },
        {
          "description": "The claim name that must be present in the token, for example, \"isAdmin\" or \"paid\"."
        }
      ]
    },
    "MatchType": {
      "allOf": [
        {
          "$ref": "#/components/schemas/MappingRuleMatchType"
        },
        {
          "description": "The match condition that specifies how closely the claim value in the IdP token must match <code>Value</code>."
        }
      ]
    },
    "Value": {
      "allOf": [
        {
          "$ref": "#/components/schemas/ClaimValue"
        },
        {
          "description": "A brief string that the claim must match, for example, \"paid\" or \"yes\"."
        }
      ]
    },
    "RoleARN": {
      "allOf": [
        {
          "$ref": "#/components/schemas/ARNString"
        },
        {
          "description": "The role ARN."
        }
      ]
    }
  },
  "required": [
    "Claim",
    "MatchType",
    "Value",
    "RoleARN"
  ]
}