Class: Aws::VerifiedPermissions::Types::OpenIdConnectConfigurationDetail
- Inherits:
-
Struct
- Object
- Struct
- Aws::VerifiedPermissions::Types::OpenIdConnectConfigurationDetail
- Defined in:
- gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb
Overview
Contains configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities. It specifies the issuer URL, token type that you want to use, and policy store entity details.
This data type is part of a ConfigurationDetail structure, which is a parameter to GetIdentitySource.
Constant Summary collapse
- SENSITIVE =
[:entity_id_prefix]
Instance Attribute Summary collapse
-
#entity_id_prefix ⇒ String
A descriptive string that you want to prefix to user entities from your OIDC identity provider.
-
#group_configuration ⇒ Types::OpenIdConnectGroupConfigurationDetail
The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to.
-
#issuer ⇒ String
The issuer URL of an OIDC identity provider.
-
#token_selection ⇒ Types::OpenIdConnectTokenSelectionDetail
The token type that you want to process from your OIDC identity provider.
Instance Attribute Details
#entity_id_prefix ⇒ String
A descriptive string that you want to prefix to user entities from
your OIDC identity provider. For example, if you set an
entityIdPrefix
of MyOIDCProvider
, you can reference principals
in your policies in the format
MyCorp::User::MyOIDCProvider|Carlos
.
2663 2664 2665 2666 2667 2668 2669 2670 |
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 2663 class OpenIdConnectConfigurationDetail < Struct.new( :issuer, :entity_id_prefix, :group_configuration, :token_selection) SENSITIVE = [:entity_id_prefix] include Aws::Structure end |
#group_configuration ⇒ Types::OpenIdConnectGroupConfigurationDetail
The claim in OIDC identity provider tokens that indicates a user's
group membership, and the entity type that you want to map it to.
For example, this object can map the contents of a groups
claim to
MyCorp::UserGroup
.
2663 2664 2665 2666 2667 2668 2669 2670 |
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 2663 class OpenIdConnectConfigurationDetail < Struct.new( :issuer, :entity_id_prefix, :group_configuration, :token_selection) SENSITIVE = [:entity_id_prefix] include Aws::Structure end |
#issuer ⇒ String
The issuer URL of an OIDC identity provider. This URL must have an
OIDC discovery endpoint at the path
.well-known/openid-configuration
.
2663 2664 2665 2666 2667 2668 2669 2670 |
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 2663 class OpenIdConnectConfigurationDetail < Struct.new( :issuer, :entity_id_prefix, :group_configuration, :token_selection) SENSITIVE = [:entity_id_prefix] include Aws::Structure end |
#token_selection ⇒ Types::OpenIdConnectTokenSelectionDetail
The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.
2663 2664 2665 2666 2667 2668 2669 2670 |
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 2663 class OpenIdConnectConfigurationDetail < Struct.new( :issuer, :entity_id_prefix, :group_configuration, :token_selection) SENSITIVE = [:entity_id_prefix] include Aws::Structure end |