Class: Aws::VerifiedPermissions::Types::OpenIdConnectConfigurationItem

Inherits:

Struct

• Object
• Struct
• Aws::VerifiedPermissions::Types::OpenIdConnectConfigurationItem

Defined in:

gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb

Overview

Contains configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities. It specifies the issuer URL, token type that you want to use, and policy store entity details.

This data type is part of a ConfigurationItem structure, which is a parameter to ListIdentitySources.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[:entity_id_prefix]

Instance Attribute Summary

• #entity_id_prefix ⇒ String

  A descriptive string that you want to prefix to user entities from your OIDC identity provider.

• #group_configuration ⇒ Types::OpenIdConnectGroupConfigurationItem

  The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to.

• #issuer ⇒ String

  The issuer URL of an OIDC identity provider.

• #token_selection ⇒ Types::OpenIdConnectTokenSelectionItem

  The token type that you want to process from your OIDC identity provider.

Instance Attribute Details

#entity_id_prefix ⇒ String

A descriptive string that you want to prefix to user entities from your OIDC identity provider. For example, if you set an entityIdPrefix of MyOIDCProvider, you can reference principals in your policies in the format MyCorp::User::MyOIDCProvider|Carlos.

Returns:

• (String)

# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 3343

class OpenIdConnectConfigurationItem < Struct.new(
  :issuer,
  :entity_id_prefix,
  :group_configuration,
  :token_selection)
  SENSITIVE = [:entity_id_prefix]
  include Aws::Structure
end

#group_configuration ⇒ Types::OpenIdConnectGroupConfigurationItem

The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to. For example, this object can map the contents of a groups claim to MyCorp::UserGroup.

Returns:

• (Types::OpenIdConnectGroupConfigurationItem)

# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 3343

class OpenIdConnectConfigurationItem < Struct.new(
  :issuer,
  :entity_id_prefix,
  :group_configuration,
  :token_selection)
  SENSITIVE = [:entity_id_prefix]
  include Aws::Structure
end

#issuer ⇒ String

The issuer URL of an OIDC identity provider. This URL must have an OIDC discovery endpoint at the path .well-known/openid-configuration.

Returns:

• (String)

# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 3343

class OpenIdConnectConfigurationItem < Struct.new(
  :issuer,
  :entity_id_prefix,
  :group_configuration,
  :token_selection)
  SENSITIVE = [:entity_id_prefix]
  include Aws::Structure
end

#token_selection ⇒ Types::OpenIdConnectTokenSelectionItem

The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.

Returns:

• (Types::OpenIdConnectTokenSelectionItem)

# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 3343

class OpenIdConnectConfigurationItem < Struct.new(
  :issuer,
  :entity_id_prefix,
  :group_configuration,
  :token_selection)
  SENSITIVE = [:entity_id_prefix]
  include Aws::Structure
end