AWS::VerifiedPermissions::IdentitySource OpenIdConnectTokenSelection - AWS CloudFormation

AWS::VerifiedPermissions::IdentitySource OpenIdConnectTokenSelection

The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.

This data type is part of a OpenIdConnectConfiguration structure, which is a parameter of CreateIdentitySource.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

Properties

AccessTokenOnly

The OIDC configuration for processing access tokens. Contains allowed audience claims, for example https://auth.example.com, and the claim that you want to map to the principal, for example sub.

Required: No

Type: OpenIdConnectAccessTokenConfiguration

Update requires: No interruption

IdentityTokenOnly

The OIDC configuration for processing identity (ID) tokens. Contains allowed client ID claims, for example 1example23456789, and the claim that you want to map to the principal, for example sub.

Required: No

Type: OpenIdConnectIdentityTokenConfiguration

Update requires: No interruption