Skip to main content

ISSOOIDCAwsAdditionalDetails

Interface in AWS.SSOOIDC

Contains AWS-specific metadata included in the response from CreateTokenWithIAM. This metadata is used to propagate the identity context to other AWS services.

The primary field is identityContext, which is an opaque token representing the authenticated identity and its associated session context. It may be used with AWS services such as STS or application-level integrations that support identity propagation.

Properties

identityContext

property identityContext: string

An opaque token that represents the identity context of the authenticated principal. This token can be passed to AWS services that support federated identity propagation.

The identityContext is typically a short-lived JWT issued by IAM Identity Center. It encapsulates information about the user's session and may include claims about roles, groups, or entitlements depending on the configuration. This token is primarily intended for use with services such as AWS STS AssumeRoleWithWebIdentity or other AWS features that accept propagated identity tokens for trusted access. The contents of this token are opaque and should not be parsed or modified. Clients should treat it as a bearer token and pass it as-is where required.