AWS verifiedpermissions documentation change
Summary
Updated documentation links to separate Amazon Cognito and OIDC access token mapping guides
Security assessment
The change adds more specific guidance about mapping different types of access tokens (Cognito vs OIDC) to schema, which improves security documentation but does not indicate a specific vulnerability being addressed. Enhanced token mapping documentation helps implement secure authentication patterns.
Diff
diff --git a/verifiedpermissions/latest/userguide/context.md b/verifiedpermissions/latest/userguide/context.md index 4e3a4249c..fdbb1d4f3 100644 --- a//verifiedpermissions/latest/userguide/context.md +++ b//verifiedpermissions/latest/userguide/context.md @@ -98 +98 @@ To test this example context in the example **DigitalPetStore** app, you must up -Initially, **DigitalPetStore** is not a very complex policy store. It doesn't include any preconfigured policies or context attributes to support the context that we have presented. To evaluate an example authorization request with this context information, make the following modifications to your policy store and your authorization request. For context examples with access token information as the context, see [Mapping access tokens](./identity-sources-map-token-to-schema.html#identity-sources-map-access-token). +Initially, **DigitalPetStore** is not a very complex policy store. It doesn't include any preconfigured policies or context attributes to support the context that we have presented. To evaluate an example authorization request with this context information, make the following modifications to your policy store and your authorization request. For context examples with access token information as the context, see [Mapping Amazon Cognito access tokens](./cognito-map-token-to-schema.html#cognito-map-access-token) and [Mapping OIDC access tokens](./oidc-map-token-to-schema.html#oidc-map-access-token).