AWS::VerifiedPermissions::IdentitySource OpenIdConnectAccessTokenConfiguration

The configuration of an OpenID Connect (OIDC) identity source for handling access token claims. Contains the claim that you want to identify as the principal in an authorization request, and the values of the aud claim, or audiences, that you want to accept.

This data type is part of a OpenIdConnectTokenSelection structure, which is a parameter of CreateIdentitySource.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Audiences" : [ String, ... ],
  "PrincipalIdClaim" : String
}

YAML


  Audiences: 
    - String
  PrincipalIdClaim: String

Properties

Audiences

The access token aud claim values that you want to accept in your policy store. For example, https://myapp.example.com, https://myapp2.example.com.

Required: No

Type: Array of String

Minimum: 1 | 1

Maximum: 255 | 255

Update requires: No interruption

PrincipalIdClaim

The claim that determines the principal in OIDC access tokens. For example, sub.

Required: No

Type: String

Minimum: 1

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

IdentitySourceConfiguration

OpenIdConnectConfiguration