AWS Security ChangesHomeSearch

AWS marketplace documentation change

Service: marketplace · 2025-10-28 · Documentation medium

File: marketplace/latest/userguide/integrating-api-ai-agents-tools.md

Summary

Expanded authentication methods to include OAuth credentials and provided an example for storing multiple parameters in AWS Secrets Manager.

Security assessment

The update enhances security documentation by adding OAuth credential handling and proper secret storage guidance. While it promotes secure practices, there is no evidence of addressing a specific security vulnerability.

Diff

diff --git a/marketplace/latest/userguide/integrating-api-ai-agents-tools.md b/marketplace/latest/userguide/integrating-api-ai-agents-tools.md
index a659afae4..2a7d994b2 100644
--- a//marketplace/latest/userguide/integrating-api-ai-agents-tools.md
+++ b//marketplace/latest/userguide/integrating-api-ai-agents-tools.md
@@ -79 +79 @@ When customers subscribe to your product through AWS Marketplace, they access th
-When customers subscribe to your product through AWS Marketplace, they receive an API key to make calls to your API endpoint. The process works as follows:
+When customers subscribe to your product through AWS Marketplace, they receive an API key or OAuth credentials to make calls to your API endpoint or MCP server. The process works as follows:
@@ -85 +85,9 @@ When customers subscribe to your product through AWS Marketplace, they receive a
-  * You use the **PutDeploymentParameter** API to store the API key in the customer's AWS Secrets Manager.
+  * You use the **PutDeploymentParameter** API to store the API key or OAuth credentials in the customer's AWS Secrets Manager.
+
+  * If you store one parameter in the case of API keys, call the `PutDeploymentParameter` API with the `secretString` parameter being a string. If you store more than one parameter in the case of OAuth credentials, provide a JSON string with key-value pairs in the `secretString` parameter as shown below:
+    
+        {
+      "Client Id": "12345",
+      "Client Secret": "12345",
+      "Discovery URL" : "https://auth.example.com/.well-known/openid-configuration"
+    }