Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account
Use UpdateOpenIdConnectProviderThumbprint with a CLI - AWS SDK Code Examples

There are more AWS SDK examples available in the AWS Doc SDK Examples GitHub repo.

There are more AWS SDK examples available in the AWS Doc SDK Examples GitHub repo.

Use UpdateOpenIdConnectProviderThumbprint with a CLI

PDF

The following code examples show how to use UpdateOpenIdConnectProviderThumbprint.

CLI
AWS CLI

To replace the existing list of server certificate thumbprints with a new list

This example updates the certificate thumbprint list for the OIDC provider whose ARN is arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com to use a new thumbprint.

aws iam update-open-id-connect-provider-thumbprint \
    --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com \
    --thumbprint-list 7359755EXAMPLEabc3060bce3EXAMPLEec4542a3

This command produces no output.

For more information, see Creating OpenID Connect (OIDC) identity providers in the AWS IAM User Guide.

PowerShell
Tools for PowerShell

Example 1: This example updates the certificate thumbprint list for the OIDC provider whose ARN is arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com to use a new thumbprint. The OIDC provider shares the new value when the certificate that is associated with the provider changes.

Update-IAMOpenIDConnectProviderThumbprint -OpenIDConnectProviderArn arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com -ThumbprintList 7359755EXAMPLEabc3060bce3EXAMPLEec4542a3
anchoranchor
AWS CLI

To replace the existing list of server certificate thumbprints with a new list

This example updates the certificate thumbprint list for the OIDC provider whose ARN is arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com to use a new thumbprint.

aws iam update-open-id-connect-provider-thumbprint \
    --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com \
    --thumbprint-list 7359755EXAMPLEabc3060bce3EXAMPLEec4542a3

This command produces no output.

For more information, see Creating OpenID Connect (OIDC) identity providers in the AWS IAM User Guide.

Next topic:

UpdateRole

Previous topic:

UpdateLoginProfile

Need help?

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.