This is the new AWS CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.
AWS::VerifiedPermissions::IdentitySource OpenIdConnectAccessTokenConfiguration
The configuration of an OpenID Connect (OIDC) identity source for handling access token
claims. Contains the claim that you want to identify as the principal in an authorization
request, and the values of the aud claim, or audiences, that you want to
accept.
This data type is part of a OpenIdConnectTokenSelection structure, which is a parameter of CreateIdentitySource.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Audiences" :[ String, ... ], "PrincipalIdClaim" :String}
YAML
Audiences:- StringPrincipalIdClaim:String
Properties
Audiences-
The access token
audclaim values that you want to accept in your policy store. For example,https://myapp.example.com, https://myapp2.example.com.Required: No
Type: Array of String
Minimum:
1 | 1Maximum:
255 | 255Update requires: No interruption
PrincipalIdClaim-
The claim that determines the principal in OIDC access tokens. For example,
sub.Required: No
Type: String
Minimum:
1Update requires: No interruption
