AWS SDK Version 4 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Container for the parameters to the GetWebIdentityToken operation. Returns a signed JSON Web Token (JWT) that represents the calling Amazon Web Services identity. The returned JWT can be used to authenticate with external services that support OIDC discovery. The token is signed by Amazon Web Services STS and can be publicly verified using the verification keys published at the issuer's JWKS endpoint.

Inheritance Hierarchy

System.Object
  Amazon.Runtime.AmazonWebServiceRequest
    Amazon.SecurityToken.AmazonSecurityTokenServiceRequest
      Amazon.SecurityToken.Model.GetWebIdentityTokenRequest

Namespace: Amazon.SecurityToken.Model
Assembly: AWSSDK.SecurityToken.dll
Version: 3.x.y.z

Syntax

C# 
public class GetWebIdentityTokenRequest : AmazonSecurityTokenServiceRequest
         IAmazonWebServiceRequest

The GetWebIdentityTokenRequest type exposes the following members

Constructors

NameDescription
Public Method GetWebIdentityTokenRequest()

Properties

NameTypeDescription
Public Property Audience System.Collections.Generic.List<System.String>

Gets and sets the property Audience.

The intended recipient of the web identity token. This value populates the aud claim in the JWT and should identify the service or application that will validate and use the token. The external service should verify this claim to ensure the token was intended for their use.

Starting with version 4 of the SDK this property will default to null. If no data for this property is returned from the service the property will also be null. This was changed to improve performance and allow the SDK and caller to distinguish between a property not set or a property being empty to clear out a value. To retain the previous SDK behavior set the AWSConfigs.InitializeCollections static property to true.

Public Property DurationSeconds System.Nullable<System.Int32>

Gets and sets the property DurationSeconds.

The duration, in seconds, for which the JSON Web Token (JWT) will remain valid. The value can range from 60 seconds (1 minute) to 3600 seconds (1 hour). If not specified, the default duration is 300 seconds (5 minutes). The token is designed to be short-lived and should be used for proof of identity, then exchanged for credentials or short-lived tokens in the external service.

Public Property SigningAlgorithm System.String

Gets and sets the property SigningAlgorithm.

The cryptographic algorithm to use for signing the JSON Web Token (JWT). Valid values are RS256 (RSA with SHA-256) and ES384 (ECDSA using P-384 curve with SHA-384).

Public Property Tags System.Collections.Generic.List<Amazon.SecurityToken.Model.Tag>

Gets and sets the property Tags.

An optional list of tags to include in the JSON Web Token (JWT). These tags are added as custom claims to the JWT and can be used by the downstream service for authorization decisions.

Starting with version 4 of the SDK this property will default to null. If no data for this property is returned from the service the property will also be null. This was changed to improve performance and allow the SDK and caller to distinguish between a property not set or a property being empty to clear out a value. To retain the previous SDK behavior set the AWSConfigs.InitializeCollections static property to true.

Version Information

.NET:
Supported in: 8.0 and newer, Core 3.1

.NET Standard:
Supported in: 2.0

.NET Framework:
Supported in: 4.7.2 and newer