web_identity_token_file - AWS SDKs and Tools


Specifies the path to a file that contains an access token from a supported OAuth 2.0 provider or OpenID Connect ID identity provider.


This setting enables authentication by using Web Identity Federation providers, such as Google, Facebook, and Amazon, among many others. The SDK or developer tool loads the contents of this file and passes it as the WebIdentityToken argument when it calls the AssumeRoleWithWebIdentity operation on your behalf.

Default value: None. You must specify this value explicitly.

Valid values: This value must be a path and file name. The file must contain an OAuth 2.0 access token or an OpenID Connect token that was provided to you by an identity provider.

Ways to set this value

Location Supported Example
config file Yes
web_identity_token_file = ~/file/token.txt
credentials file -
Environment variable -
AWS CLI parameter -

Compatibility with AWS SDKS and tools