OidcTokenInfo
Contains OAuth token information returned from the identity provider, including access tokens, ID tokens, and PKCE parameters used for secure authentication.
Contents
Note
In the following list, the required parameters are described first.
- accessToken
-
The OAuth access token that can be used to access protected resources on behalf of the authenticated user.
Type: String
Pattern:
[\S\s]*Required: No
- codeChallenge
-
The PKCE code challenge, a transformed version of the code verifier sent during the authorization request for verification.
Type: String
Pattern:
[\S\s]*Required: No
- codeVerifier
-
The PKCE (Proof Key for Code Exchange) code verifier, a cryptographically random string used to enhance security in the OAuth flow.
Type: String
Pattern:
[\S\s]*Required: No
- expiresIn
-
The lifetime of the access token in seconds, indicating when the token will expire and need to be refreshed.
Type: Long
Required: No
- idToken
-
The OpenID Connect ID token containing user identity information and authentication context as a signed JWT.
Type: String
Pattern:
[\S\s]*Required: No
- refreshToken
-
The OAuth refresh token that can be used to obtain new access tokens without requiring the user to re-authenticate.
Type: String
Pattern:
[\S\s]*Required: No
- tokenType
-
The type of access token issued, typically 'Bearer', which indicates how the token should be used in API requests.
Type: String
Pattern:
[\S\s]*Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
