:doc:`BedrockAgentCoreControl <../../bedrock-agentcore-control>` / Client / update_oauth2_credential_provider

*********************************
update_oauth2_credential_provider
*********************************



.. py:method:: BedrockAgentCoreControl.Client.update_oauth2_credential_provider(**kwargs)

  

  Updates an existing OAuth2 credential provider.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/UpdateOauth2CredentialProvider>`_  


  **Request Syntax**
  ::

    response = client.update_oauth2_credential_provider(
        name='string',
        credentialProviderVendor='GoogleOauth2'|'GithubOauth2'|'SlackOauth2'|'SalesforceOauth2'|'MicrosoftOauth2'|'CustomOauth2'|'AtlassianOauth2'|'LinkedinOauth2'|'XOauth2'|'OktaOauth2'|'OneLoginOauth2'|'PingOneOauth2'|'FacebookOauth2'|'YandexOauth2'|'RedditOauth2'|'ZoomOauth2'|'TwitchOauth2'|'SpotifyOauth2'|'DropboxOauth2'|'NotionOauth2'|'HubspotOauth2'|'CyberArkOauth2'|'FusionAuthOauth2'|'Auth0Oauth2'|'CognitoOauth2',
        oauth2ProviderConfigInput={
            'customOauth2ProviderConfig': {
                'oauthDiscovery': {
                    'discoveryUrl': 'string',
                    'authorizationServerMetadata': {
                        'issuer': 'string',
                        'authorizationEndpoint': 'string',
                        'tokenEndpoint': 'string',
                        'responseTypes': [
                            'string',
                        ],
                        'tokenEndpointAuthMethods': [
                            'string',
                        ]
                    }
                },
                'clientId': 'string',
                'clientSecret': 'string'
            },
            'googleOauth2ProviderConfig': {
                'clientId': 'string',
                'clientSecret': 'string'
            },
            'githubOauth2ProviderConfig': {
                'clientId': 'string',
                'clientSecret': 'string'
            },
            'slackOauth2ProviderConfig': {
                'clientId': 'string',
                'clientSecret': 'string'
            },
            'salesforceOauth2ProviderConfig': {
                'clientId': 'string',
                'clientSecret': 'string'
            },
            'microsoftOauth2ProviderConfig': {
                'clientId': 'string',
                'clientSecret': 'string',
                'tenantId': 'string'
            },
            'atlassianOauth2ProviderConfig': {
                'clientId': 'string',
                'clientSecret': 'string'
            },
            'linkedinOauth2ProviderConfig': {
                'clientId': 'string',
                'clientSecret': 'string'
            },
            'includedOauth2ProviderConfig': {
                'clientId': 'string',
                'clientSecret': 'string',
                'issuer': 'string',
                'authorizationEndpoint': 'string',
                'tokenEndpoint': 'string'
            }
        }
    )
    
  :type name: string
  :param name: **[REQUIRED]** 

    The name of the OAuth2 credential provider to update.

    

  
  :type credentialProviderVendor: string
  :param credentialProviderVendor: **[REQUIRED]** 

    The vendor of the OAuth2 credential provider.

    

  
  :type oauth2ProviderConfigInput: dict
  :param oauth2ProviderConfigInput: **[REQUIRED]** 

    The configuration input for the OAuth2 provider.

    .. note::    This is a Tagged Union structure. Only one of the     following top level keys can be set: ``customOauth2ProviderConfig``, ``googleOauth2ProviderConfig``, ``githubOauth2ProviderConfig``, ``slackOauth2ProviderConfig``, ``salesforceOauth2ProviderConfig``, ``microsoftOauth2ProviderConfig``, ``atlassianOauth2ProviderConfig``, ``linkedinOauth2ProviderConfig``, ``includedOauth2ProviderConfig``. 

  
    - **customOauth2ProviderConfig** *(dict) --* 

      The configuration for a custom OAuth2 provider.

      

    
      - **oauthDiscovery** *(dict) --* **[REQUIRED]** 

        The OAuth2 discovery information for the custom provider.

        .. note::    This is a Tagged Union structure. Only one of the     following top level keys can be set: ``discoveryUrl``, ``authorizationServerMetadata``. 

      
        - **discoveryUrl** *(string) --* 

          The discovery URL for the OAuth2 provider.

          

        
        - **authorizationServerMetadata** *(dict) --* 

          The authorization server metadata for the OAuth2 provider.

          

        
          - **issuer** *(string) --* **[REQUIRED]** 

            The issuer URL for the OAuth2 authorization server.

            

          
          - **authorizationEndpoint** *(string) --* **[REQUIRED]** 

            The authorization endpoint URL for the OAuth2 authorization server.

            

          
          - **tokenEndpoint** *(string) --* **[REQUIRED]** 

            The token endpoint URL for the OAuth2 authorization server.

            

          
          - **responseTypes** *(list) --* 

            The supported response types for the OAuth2 authorization server.

            

          
            - *(string) --* 

            
        
          - **tokenEndpointAuthMethods** *(list) --* 

            The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.

            

          
            - *(string) --* 

            
        
        
      
      - **clientId** *(string) --* **[REQUIRED]** 

        The client ID for the custom OAuth2 provider.

        

      
      - **clientSecret** *(string) --* **[REQUIRED]** 

        The client secret for the custom OAuth2 provider.

        

      
    
    - **googleOauth2ProviderConfig** *(dict) --* 

      The configuration for a Google OAuth2 provider.

      

    
      - **clientId** *(string) --* **[REQUIRED]** 

        The client ID for the Google OAuth2 provider.

        

      
      - **clientSecret** *(string) --* **[REQUIRED]** 

        The client secret for the Google OAuth2 provider.

        

      
    
    - **githubOauth2ProviderConfig** *(dict) --* 

      The configuration for a GitHub OAuth2 provider.

      

    
      - **clientId** *(string) --* **[REQUIRED]** 

        The client ID for the GitHub OAuth2 provider.

        

      
      - **clientSecret** *(string) --* **[REQUIRED]** 

        The client secret for the GitHub OAuth2 provider.

        

      
    
    - **slackOauth2ProviderConfig** *(dict) --* 

      The configuration for a Slack OAuth2 provider.

      

    
      - **clientId** *(string) --* **[REQUIRED]** 

        The client ID for the Slack OAuth2 provider.

        

      
      - **clientSecret** *(string) --* **[REQUIRED]** 

        The client secret for the Slack OAuth2 provider.

        

      
    
    - **salesforceOauth2ProviderConfig** *(dict) --* 

      The configuration for a Salesforce OAuth2 provider.

      

    
      - **clientId** *(string) --* **[REQUIRED]** 

        The client ID for the Salesforce OAuth2 provider.

        

      
      - **clientSecret** *(string) --* **[REQUIRED]** 

        The client secret for the Salesforce OAuth2 provider.

        

      
    
    - **microsoftOauth2ProviderConfig** *(dict) --* 

      The configuration for a Microsoft OAuth2 provider.

      

    
      - **clientId** *(string) --* **[REQUIRED]** 

        The client ID for the Microsoft OAuth2 provider.

        

      
      - **clientSecret** *(string) --* **[REQUIRED]** 

        The client secret for the Microsoft OAuth2 provider.

        

      
      - **tenantId** *(string) --* 

        The Microsoft Entra ID (formerly Azure AD) tenant ID for your organization. This identifies the specific tenant within Microsoft's identity platform where your application is registered.

        

      
    
    - **atlassianOauth2ProviderConfig** *(dict) --* 

      Configuration settings for Atlassian OAuth2 provider integration.

      

    
      - **clientId** *(string) --* **[REQUIRED]** 

        The client ID for the Atlassian OAuth2 provider. This identifier is assigned by Atlassian when you register your application.

        

      
      - **clientSecret** *(string) --* **[REQUIRED]** 

        The client secret for the Atlassian OAuth2 provider. This secret is assigned by Atlassian and used along with the client ID to authenticate your application.

        

      
    
    - **linkedinOauth2ProviderConfig** *(dict) --* 

      Configuration settings for LinkedIn OAuth2 provider integration.

      

    
      - **clientId** *(string) --* **[REQUIRED]** 

        The client ID for the LinkedIn OAuth2 provider. This identifier is assigned by LinkedIn when you register your application.

        

      
      - **clientSecret** *(string) --* **[REQUIRED]** 

        The client secret for the LinkedIn OAuth2 provider. This secret is assigned by LinkedIn and used along with the client ID to authenticate your application.

        

      
    
    - **includedOauth2ProviderConfig** *(dict) --* 

      The configuration for a non-custom OAuth2 provider. This includes settings for supported OAuth2 providers that have built-in integration support.

      

    
      - **clientId** *(string) --* **[REQUIRED]** 

        The client ID for the supported OAuth2 provider. This identifier is assigned by the OAuth2 provider when you register your application.

        

      
      - **clientSecret** *(string) --* **[REQUIRED]** 

        The client secret for the supported OAuth2 provider. This secret is assigned by the OAuth2 provider and used along with the client ID to authenticate your application.

        

      
      - **issuer** *(string) --* 

        Token issuer of your isolated OAuth2 application tenant. This URL identifies the authorization server that issues tokens for this provider.

        

      
      - **authorizationEndpoint** *(string) --* 

        OAuth2 authorization endpoint for your isolated OAuth2 application tenant. This is where users are redirected to authenticate and authorize access to their resources.

        

      
      - **tokenEndpoint** *(string) --* 

        OAuth2 token endpoint for your isolated OAuth2 application tenant. This is where authorization codes are exchanged for access tokens.

        

      
    
  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'clientSecretArn': {
              'secretArn': 'string'
          },
          'name': 'string',
          'credentialProviderVendor': 'GoogleOauth2'|'GithubOauth2'|'SlackOauth2'|'SalesforceOauth2'|'MicrosoftOauth2'|'CustomOauth2'|'AtlassianOauth2'|'LinkedinOauth2'|'XOauth2'|'OktaOauth2'|'OneLoginOauth2'|'PingOneOauth2'|'FacebookOauth2'|'YandexOauth2'|'RedditOauth2'|'ZoomOauth2'|'TwitchOauth2'|'SpotifyOauth2'|'DropboxOauth2'|'NotionOauth2'|'HubspotOauth2'|'CyberArkOauth2'|'FusionAuthOauth2'|'Auth0Oauth2'|'CognitoOauth2',
          'credentialProviderArn': 'string',
          'callbackUrl': 'string',
          'oauth2ProviderConfigOutput': {
              'customOauth2ProviderConfig': {
                  'oauthDiscovery': {
                      'discoveryUrl': 'string',
                      'authorizationServerMetadata': {
                          'issuer': 'string',
                          'authorizationEndpoint': 'string',
                          'tokenEndpoint': 'string',
                          'responseTypes': [
                              'string',
                          ],
                          'tokenEndpointAuthMethods': [
                              'string',
                          ]
                      }
                  },
                  'clientId': 'string'
              },
              'googleOauth2ProviderConfig': {
                  'oauthDiscovery': {
                      'discoveryUrl': 'string',
                      'authorizationServerMetadata': {
                          'issuer': 'string',
                          'authorizationEndpoint': 'string',
                          'tokenEndpoint': 'string',
                          'responseTypes': [
                              'string',
                          ],
                          'tokenEndpointAuthMethods': [
                              'string',
                          ]
                      }
                  },
                  'clientId': 'string'
              },
              'githubOauth2ProviderConfig': {
                  'oauthDiscovery': {
                      'discoveryUrl': 'string',
                      'authorizationServerMetadata': {
                          'issuer': 'string',
                          'authorizationEndpoint': 'string',
                          'tokenEndpoint': 'string',
                          'responseTypes': [
                              'string',
                          ],
                          'tokenEndpointAuthMethods': [
                              'string',
                          ]
                      }
                  },
                  'clientId': 'string'
              },
              'slackOauth2ProviderConfig': {
                  'oauthDiscovery': {
                      'discoveryUrl': 'string',
                      'authorizationServerMetadata': {
                          'issuer': 'string',
                          'authorizationEndpoint': 'string',
                          'tokenEndpoint': 'string',
                          'responseTypes': [
                              'string',
                          ],
                          'tokenEndpointAuthMethods': [
                              'string',
                          ]
                      }
                  },
                  'clientId': 'string'
              },
              'salesforceOauth2ProviderConfig': {
                  'oauthDiscovery': {
                      'discoveryUrl': 'string',
                      'authorizationServerMetadata': {
                          'issuer': 'string',
                          'authorizationEndpoint': 'string',
                          'tokenEndpoint': 'string',
                          'responseTypes': [
                              'string',
                          ],
                          'tokenEndpointAuthMethods': [
                              'string',
                          ]
                      }
                  },
                  'clientId': 'string'
              },
              'microsoftOauth2ProviderConfig': {
                  'oauthDiscovery': {
                      'discoveryUrl': 'string',
                      'authorizationServerMetadata': {
                          'issuer': 'string',
                          'authorizationEndpoint': 'string',
                          'tokenEndpoint': 'string',
                          'responseTypes': [
                              'string',
                          ],
                          'tokenEndpointAuthMethods': [
                              'string',
                          ]
                      }
                  },
                  'clientId': 'string'
              },
              'atlassianOauth2ProviderConfig': {
                  'oauthDiscovery': {
                      'discoveryUrl': 'string',
                      'authorizationServerMetadata': {
                          'issuer': 'string',
                          'authorizationEndpoint': 'string',
                          'tokenEndpoint': 'string',
                          'responseTypes': [
                              'string',
                          ],
                          'tokenEndpointAuthMethods': [
                              'string',
                          ]
                      }
                  },
                  'clientId': 'string'
              },
              'linkedinOauth2ProviderConfig': {
                  'oauthDiscovery': {
                      'discoveryUrl': 'string',
                      'authorizationServerMetadata': {
                          'issuer': 'string',
                          'authorizationEndpoint': 'string',
                          'tokenEndpoint': 'string',
                          'responseTypes': [
                              'string',
                          ],
                          'tokenEndpointAuthMethods': [
                              'string',
                          ]
                      }
                  },
                  'clientId': 'string'
              },
              'includedOauth2ProviderConfig': {
                  'oauthDiscovery': {
                      'discoveryUrl': 'string',
                      'authorizationServerMetadata': {
                          'issuer': 'string',
                          'authorizationEndpoint': 'string',
                          'tokenEndpoint': 'string',
                          'responseTypes': [
                              'string',
                          ],
                          'tokenEndpointAuthMethods': [
                              'string',
                          ]
                      }
                  },
                  'clientId': 'string'
              }
          },
          'createdTime': datetime(2015, 1, 1),
          'lastUpdatedTime': datetime(2015, 1, 1)
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **clientSecretArn** *(dict) --* 

        The Amazon Resource Name (ARN) of the client secret in AWS Secrets Manager.

        
        

        - **secretArn** *(string) --* 

          The Amazon Resource Name (ARN) of the secret in AWS Secrets Manager.

          
    
      

      - **name** *(string) --* 

        The name of the OAuth2 credential provider.

        
      

      - **credentialProviderVendor** *(string) --* 

        The vendor of the OAuth2 credential provider.

        
      

      - **credentialProviderArn** *(string) --* 

        The Amazon Resource Name (ARN) of the OAuth2 credential provider.

        
      

      - **callbackUrl** *(string) --* 

        Callback URL to register on the OAuth2 credential provider as an allowed callback URL. This URL is where the OAuth2 authorization server redirects users after they complete the authorization flow.

        
      

      - **oauth2ProviderConfigOutput** *(dict) --* 

        The configuration output for the OAuth2 provider.

        .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``customOauth2ProviderConfig``, ``googleOauth2ProviderConfig``, ``githubOauth2ProviderConfig``, ``slackOauth2ProviderConfig``, ``salesforceOauth2ProviderConfig``, ``microsoftOauth2ProviderConfig``, ``atlassianOauth2ProviderConfig``, ``linkedinOauth2ProviderConfig``, ``includedOauth2ProviderConfig``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


      
        

        - **customOauth2ProviderConfig** *(dict) --* 

          The output configuration for a custom OAuth2 provider.

          
          

          - **oauthDiscovery** *(dict) --* 

            The OAuth2 discovery information for the custom provider.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``discoveryUrl``, ``authorizationServerMetadata``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **discoveryUrl** *(string) --* 

              The discovery URL for the OAuth2 provider.

              
            

            - **authorizationServerMetadata** *(dict) --* 

              The authorization server metadata for the OAuth2 provider.

              
              

              - **issuer** *(string) --* 

                The issuer URL for the OAuth2 authorization server.

                
              

              - **authorizationEndpoint** *(string) --* 

                The authorization endpoint URL for the OAuth2 authorization server.

                
              

              - **tokenEndpoint** *(string) --* 

                The token endpoint URL for the OAuth2 authorization server.

                
              

              - **responseTypes** *(list) --* 

                The supported response types for the OAuth2 authorization server.

                
                

                - *(string) --* 
            
              

              - **tokenEndpointAuthMethods** *(list) --* 

                The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.

                
                

                - *(string) --* 
            
          
        
          

          - **clientId** *(string) --* 

            The client ID for the custom OAuth2 provider.

            
      
        

        - **googleOauth2ProviderConfig** *(dict) --* 

          The output configuration for a Google OAuth2 provider.

          
          

          - **oauthDiscovery** *(dict) --* 

            The OAuth2 discovery information for the Google provider.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``discoveryUrl``, ``authorizationServerMetadata``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **discoveryUrl** *(string) --* 

              The discovery URL for the OAuth2 provider.

              
            

            - **authorizationServerMetadata** *(dict) --* 

              The authorization server metadata for the OAuth2 provider.

              
              

              - **issuer** *(string) --* 

                The issuer URL for the OAuth2 authorization server.

                
              

              - **authorizationEndpoint** *(string) --* 

                The authorization endpoint URL for the OAuth2 authorization server.

                
              

              - **tokenEndpoint** *(string) --* 

                The token endpoint URL for the OAuth2 authorization server.

                
              

              - **responseTypes** *(list) --* 

                The supported response types for the OAuth2 authorization server.

                
                

                - *(string) --* 
            
              

              - **tokenEndpointAuthMethods** *(list) --* 

                The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.

                
                

                - *(string) --* 
            
          
        
          

          - **clientId** *(string) --* 

            The client ID for the Google OAuth2 provider.

            
      
        

        - **githubOauth2ProviderConfig** *(dict) --* 

          The output configuration for a GitHub OAuth2 provider.

          
          

          - **oauthDiscovery** *(dict) --* 

            The OAuth2 discovery information for the GitHub provider.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``discoveryUrl``, ``authorizationServerMetadata``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **discoveryUrl** *(string) --* 

              The discovery URL for the OAuth2 provider.

              
            

            - **authorizationServerMetadata** *(dict) --* 

              The authorization server metadata for the OAuth2 provider.

              
              

              - **issuer** *(string) --* 

                The issuer URL for the OAuth2 authorization server.

                
              

              - **authorizationEndpoint** *(string) --* 

                The authorization endpoint URL for the OAuth2 authorization server.

                
              

              - **tokenEndpoint** *(string) --* 

                The token endpoint URL for the OAuth2 authorization server.

                
              

              - **responseTypes** *(list) --* 

                The supported response types for the OAuth2 authorization server.

                
                

                - *(string) --* 
            
              

              - **tokenEndpointAuthMethods** *(list) --* 

                The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.

                
                

                - *(string) --* 
            
          
        
          

          - **clientId** *(string) --* 

            The client ID for the GitHub OAuth2 provider.

            
      
        

        - **slackOauth2ProviderConfig** *(dict) --* 

          The output configuration for a Slack OAuth2 provider.

          
          

          - **oauthDiscovery** *(dict) --* 

            The OAuth2 discovery information for the Slack provider.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``discoveryUrl``, ``authorizationServerMetadata``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **discoveryUrl** *(string) --* 

              The discovery URL for the OAuth2 provider.

              
            

            - **authorizationServerMetadata** *(dict) --* 

              The authorization server metadata for the OAuth2 provider.

              
              

              - **issuer** *(string) --* 

                The issuer URL for the OAuth2 authorization server.

                
              

              - **authorizationEndpoint** *(string) --* 

                The authorization endpoint URL for the OAuth2 authorization server.

                
              

              - **tokenEndpoint** *(string) --* 

                The token endpoint URL for the OAuth2 authorization server.

                
              

              - **responseTypes** *(list) --* 

                The supported response types for the OAuth2 authorization server.

                
                

                - *(string) --* 
            
              

              - **tokenEndpointAuthMethods** *(list) --* 

                The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.

                
                

                - *(string) --* 
            
          
        
          

          - **clientId** *(string) --* 

            The client ID for the Slack OAuth2 provider.

            
      
        

        - **salesforceOauth2ProviderConfig** *(dict) --* 

          The output configuration for a Salesforce OAuth2 provider.

          
          

          - **oauthDiscovery** *(dict) --* 

            The OAuth2 discovery information for the Salesforce provider.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``discoveryUrl``, ``authorizationServerMetadata``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **discoveryUrl** *(string) --* 

              The discovery URL for the OAuth2 provider.

              
            

            - **authorizationServerMetadata** *(dict) --* 

              The authorization server metadata for the OAuth2 provider.

              
              

              - **issuer** *(string) --* 

                The issuer URL for the OAuth2 authorization server.

                
              

              - **authorizationEndpoint** *(string) --* 

                The authorization endpoint URL for the OAuth2 authorization server.

                
              

              - **tokenEndpoint** *(string) --* 

                The token endpoint URL for the OAuth2 authorization server.

                
              

              - **responseTypes** *(list) --* 

                The supported response types for the OAuth2 authorization server.

                
                

                - *(string) --* 
            
              

              - **tokenEndpointAuthMethods** *(list) --* 

                The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.

                
                

                - *(string) --* 
            
          
        
          

          - **clientId** *(string) --* 

            The client ID for the Salesforce OAuth2 provider.

            
      
        

        - **microsoftOauth2ProviderConfig** *(dict) --* 

          The output configuration for a Microsoft OAuth2 provider.

          
          

          - **oauthDiscovery** *(dict) --* 

            The OAuth2 discovery information for the Microsoft provider.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``discoveryUrl``, ``authorizationServerMetadata``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **discoveryUrl** *(string) --* 

              The discovery URL for the OAuth2 provider.

              
            

            - **authorizationServerMetadata** *(dict) --* 

              The authorization server metadata for the OAuth2 provider.

              
              

              - **issuer** *(string) --* 

                The issuer URL for the OAuth2 authorization server.

                
              

              - **authorizationEndpoint** *(string) --* 

                The authorization endpoint URL for the OAuth2 authorization server.

                
              

              - **tokenEndpoint** *(string) --* 

                The token endpoint URL for the OAuth2 authorization server.

                
              

              - **responseTypes** *(list) --* 

                The supported response types for the OAuth2 authorization server.

                
                

                - *(string) --* 
            
              

              - **tokenEndpointAuthMethods** *(list) --* 

                The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.

                
                

                - *(string) --* 
            
          
        
          

          - **clientId** *(string) --* 

            The client ID for the Microsoft OAuth2 provider.

            
      
        

        - **atlassianOauth2ProviderConfig** *(dict) --* 

          The configuration details for the Atlassian OAuth2 provider.

          
          

          - **oauthDiscovery** *(dict) --* 

            Contains the discovery information for an OAuth2 provider.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``discoveryUrl``, ``authorizationServerMetadata``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **discoveryUrl** *(string) --* 

              The discovery URL for the OAuth2 provider.

              
            

            - **authorizationServerMetadata** *(dict) --* 

              The authorization server metadata for the OAuth2 provider.

              
              

              - **issuer** *(string) --* 

                The issuer URL for the OAuth2 authorization server.

                
              

              - **authorizationEndpoint** *(string) --* 

                The authorization endpoint URL for the OAuth2 authorization server.

                
              

              - **tokenEndpoint** *(string) --* 

                The token endpoint URL for the OAuth2 authorization server.

                
              

              - **responseTypes** *(list) --* 

                The supported response types for the OAuth2 authorization server.

                
                

                - *(string) --* 
            
              

              - **tokenEndpointAuthMethods** *(list) --* 

                The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.

                
                

                - *(string) --* 
            
          
        
          

          - **clientId** *(string) --* 

            The client ID for the Atlassian OAuth2 provider.

            
      
        

        - **linkedinOauth2ProviderConfig** *(dict) --* 

          The configuration details for the LinkedIn OAuth2 provider.

          
          

          - **oauthDiscovery** *(dict) --* 

            Contains the discovery information for an OAuth2 provider.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``discoveryUrl``, ``authorizationServerMetadata``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **discoveryUrl** *(string) --* 

              The discovery URL for the OAuth2 provider.

              
            

            - **authorizationServerMetadata** *(dict) --* 

              The authorization server metadata for the OAuth2 provider.

              
              

              - **issuer** *(string) --* 

                The issuer URL for the OAuth2 authorization server.

                
              

              - **authorizationEndpoint** *(string) --* 

                The authorization endpoint URL for the OAuth2 authorization server.

                
              

              - **tokenEndpoint** *(string) --* 

                The token endpoint URL for the OAuth2 authorization server.

                
              

              - **responseTypes** *(list) --* 

                The supported response types for the OAuth2 authorization server.

                
                

                - *(string) --* 
            
              

              - **tokenEndpointAuthMethods** *(list) --* 

                The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.

                
                

                - *(string) --* 
            
          
        
          

          - **clientId** *(string) --* 

            The client ID for the LinkedIn OAuth2 provider.

            
      
        

        - **includedOauth2ProviderConfig** *(dict) --* 

          The configuration for a non-custom OAuth2 provider. This includes the configuration details for supported OAuth2 providers that have built-in integration support.

          
          

          - **oauthDiscovery** *(dict) --* 

            Contains the discovery information for an OAuth2 provider.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``discoveryUrl``, ``authorizationServerMetadata``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **discoveryUrl** *(string) --* 

              The discovery URL for the OAuth2 provider.

              
            

            - **authorizationServerMetadata** *(dict) --* 

              The authorization server metadata for the OAuth2 provider.

              
              

              - **issuer** *(string) --* 

                The issuer URL for the OAuth2 authorization server.

                
              

              - **authorizationEndpoint** *(string) --* 

                The authorization endpoint URL for the OAuth2 authorization server.

                
              

              - **tokenEndpoint** *(string) --* 

                The token endpoint URL for the OAuth2 authorization server.

                
              

              - **responseTypes** *(list) --* 

                The supported response types for the OAuth2 authorization server.

                
                

                - *(string) --* 
            
              

              - **tokenEndpointAuthMethods** *(list) --* 

                The authentication methods supported by the token endpoint. This specifies how clients can authenticate when requesting tokens from the authorization server.

                
                

                - *(string) --* 
            
          
        
          

          - **clientId** *(string) --* 

            The client ID for the supported OAuth2 provider.

            
      
    
      

      - **createdTime** *(datetime) --* 

        The timestamp when the OAuth2 credential provider was created.

        
      

      - **lastUpdatedTime** *(datetime) --* 

        The timestamp when the OAuth2 credential provider was last updated.

        
  
  **Exceptions**
  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.ServiceQuotaExceededException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.UnauthorizedException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.ValidationException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.AccessDeniedException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.ConflictException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.DecryptionFailure`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.ThrottlingException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.InternalServerException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.EncryptionFailure`

  