AWS verified-access documentation change
Summary
Clarified date-based behavior differences for OIDC trust provider token handling and session durations
Security assessment
Documentation update about feature behavior timelines without security implications. No vulnerabilities or security features mentioned.
Diff
diff --git a/verified-access/latest/ug/user-trust.md b/verified-access/latest/ug/user-trust.md index 8040e7431..de46a0570 100644 --- a//verified-access/latest/ug/user-trust.md +++ b//verified-access/latest/ug/user-trust.md @@ -101 +101 @@ Verified Access obtains the trust data that it evaluates from the OIDC provider' -The ID token claims from the OIDC trust provider are included in the `addition_user_context` key, for trust providers created after February 24, 2025. +With trust providers created as of February 24, 2025, the ID token claims from the OIDC trust provider are included in the `addition_user_context` key. @@ -103 +103 @@ The ID token claims from the OIDC trust provider are included in the `addition_u -With trust providers created on or before February 24, 2025, Verified Access does not use trust data from the `ID token` sent by the OIDC provider. Only trust data from the `UserInfo Endpoint` is evaluated against the policy. +With trust providers created before February 24, 2025, Verified Access does not use trust data from the `ID token` sent by the OIDC provider. Only trust data from the `UserInfo Endpoint` is evaluated against the policy. @@ -105 +105 @@ With trust providers created on or before February 24, 2025, Verified Access doe -With trust providers created on or before February 24, 2025, the default session duration is one day. With trust providers created before February 24, 2025, the default session duration is seven days. +With trust providers created as of February 24, 2025, the default session duration is one day. With trust providers created before February 24, 2025, the default session duration is seven days.