AWS verifiedpermissions documentation change
Summary
Replaced a single token mapping link with separate Amazon Cognito and OIDC token mapping references
Security assessment
This is a documentation restructuring to clarify token mapping sources, with no evidence of security issue remediation or new security content.
Diff
diff --git a/verifiedpermissions/latest/userguide/policy-stores-api-userpool-considerations-troubleshooting.md b/verifiedpermissions/latest/userguide/policy-stores-api-userpool-considerations-troubleshooting.md index 69cafff97..68afdec1b 100644 --- a//verifiedpermissions/latest/userguide/policy-stores-api-userpool-considerations-troubleshooting.md +++ b//verifiedpermissions/latest/userguide/policy-stores-api-userpool-considerations-troubleshooting.md @@ -70 +70 @@ The API-linked policy store process derives Verified Permissions policies from t -You can map many claims in ID and access tokens from Amazon Cognito user pools to Verified Permissions policy statements. For example, most users have an `email` claim in their ID token. For more information about adding claims from your identity source to policies, see [Mapping identity provider tokens to schema](./identity-sources-map-token-to-schema.html). +You can map many claims in ID and access tokens from Amazon Cognito user pools to Verified Permissions policy statements. For example, most users have an `email` claim in their ID token. For more information about adding claims from your identity source to policies, see [Mapping Amazon Cognito tokens to schema](./cognito-map-token-to-schema.html) and [Mapping OIDC tokens to schema](./oidc-map-token-to-schema.html).