SSO-OIDC

Suggest Edits
docs.aws.amazon.com
AWS documentation

CreateToken

valid {
    input.Body.clientId == STRING
    input.Body.clientSecret == STRING
    input.Body.grantType == STRING
    input.Body.deviceCode == STRING
    input.Body.code == STRING
    input.Body.refreshToken == STRING
    input.Body.scope[_] == STRING
    input.Body.redirectUri == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateTokenWithIAM

valid {
    input.Body.clientId == STRING
    input.Body.grantType == STRING
    input.Body.code == STRING
    input.Body.refreshToken == STRING
    input.Body.assertion == STRING
    input.Body.scope[_] == STRING
    input.Body.redirectUri == STRING
    input.Body.subjectToken == STRING
    input.Body.subjectTokenType == STRING
    input.Body.requestedTokenType == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RegisterClient

valid {
    input.Body.clientName == STRING
    input.Body.clientType == STRING
    input.Body.scopes[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StartDeviceAuthorization

valid {
    input.Body.clientId == STRING
    input.Body.clientSecret == STRING
    input.Body.startUrl == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

Updated 7 days ago