AWS Security ChangesHomeSearch

AWS singlesignon documentation change

Service: singlesignon · 2025-03-30 · Documentation low

File: singlesignon/latest/OIDCAPIReference/API_CreateTokenWithIAM.md

Summary

Added 'awsAdditionalDetails' field to provide identity context from idToken without JWT parsing

Security assessment

Introduces a new feature for structured identity context access, enhancing security documentation but not directly addressing a security vulnerability.

Diff

diff --git a/singlesignon/latest/OIDCAPIReference/API_CreateTokenWithIAM.md b/singlesignon/latest/OIDCAPIReference/API_CreateTokenWithIAM.md
index 1a6a4cd8d..fcec114d3 100644
--- a/singlesignon/latest/OIDCAPIReference/API_CreateTokenWithIAM.md
+++ b/singlesignon/latest/OIDCAPIReference/API_CreateTokenWithIAM.md
@@ -161,0 +162,3 @@ Required: No
+       "awsAdditionalDetails": { 
+          "[identityContext](./API_AwsAdditionalDetails.html#singlesignon-Type-AwsAdditionalDetails-identityContext)": "**_string_** "
+       },
@@ -182,0 +186,7 @@ Type: String
+**awsAdditionalDetails **
+    
+
+A structure containing information from the `idToken`. This structure provides access to identity context without requiring JWT parsing.
+
+Type: [AwsAdditionalDetails](./API_AwsAdditionalDetails.html) object
+