Package software.amazon.awssdk.http.auth.spi.scheme

Interface AuthSchemeOption

All Superinterfaces:
ToCopyableBuilder<AuthSchemeOption.Builder,AuthSchemeOption>
All Known Implementing Classes:
DefaultAuthSchemeOption
@SdkPublicApi public interface AuthSchemeOption extends ToCopyableBuilder<AuthSchemeOption.Builder,AuthSchemeOption>
An authentication scheme option, composed of the scheme ID and properties for use when resolving the identity and signing the request.

Auth scheme options are returned by AuthSchemeProviders to specify which authentication schemes should be used for a request, along with the properties needed to configure the identity provider and signer. The SDK will attempt to use the schemes in the order they are returned.

Each option contains:

  • A scheme ID - Identifies which AuthScheme to use (e.g., "aws.auth#sigv4")
  • Identity properties - Configuration for the identity provider (e.g., account ID, role ARN)
  • Signer properties - Configuration for the signer (e.g., signing name, region, algorithm parameters)

Using Auth Scheme Options

Auth scheme options are typically created and modified within custom AuthSchemeProvider implementations to customize authentication behavior.

Example - Modifying signer properties in an auth scheme option:

Creating Custom Auth Scheme Options

You can create custom auth scheme options from scratch when implementing a custom AuthSchemeProvider.

Example - Creating a custom auth scheme option:

Reading Properties from Auth Scheme Options

Within a custom HttpSigner, you can read properties from the auth scheme option via the sign request.

Example - Reading signer properties in a custom signer:

See Also:

  • Method Details

    • builder

      static AuthSchemeOption.Builder builder()
      Get a new builder for creating a AuthSchemeOption.

    • schemeId

      String schemeId()
      Retrieve the scheme ID, a unique identifier for the authentication scheme (aws.auth#sigv4, smithy.api#httpBearerAuth).

    • identityProperty

      <T> T identityProperty(IdentityProperty<T> property)
      Retrieve the value of an IdentityProperty.
      Type Parameters:
      T - The type of the IdentityProperty.
      Parameters:
      property - The IdentityProperty to retrieve the value of.

    • signerProperty

      <T> T signerProperty(SignerProperty<T> property)
      Retrieve the value of an SignerProperty.
      Type Parameters:
      T - The type of the SignerProperty.
      Parameters:
      property - The SignerProperty to retrieve the value of.

    • forEachIdentityProperty

      void forEachIdentityProperty(AuthSchemeOption.IdentityPropertyConsumer consumer)
      A method to operate on all IdentityProperty values of this AuthSchemeOption.
      Parameters:
      consumer - The method to apply to each IdentityProperty.

    • forEachSignerProperty

      void forEachSignerProperty(AuthSchemeOption.SignerPropertyConsumer consumer)
      A method to operate on all SignerProperty values of this AuthSchemeOption.
      Parameters:
      consumer - The method to apply to each SignerProperty.