AWS Security ChangesHomeSearch

AWS quick documentation change

Service: quick · 2026-04-04 · Documentation low

File: quick/latest/userguide/teams-extension.md

Summary

Updated client secret handling instructions to emphasize saving the secret value and clarify identity provider examples

Security assessment

This change improves security documentation by emphasizing that client secret values must be saved immediately as they're only shown once. It enhances security guidance for secret management but doesn't indicate a specific security vulnerability was addressed.

Diff

diff --git a/quick/latest/userguide/teams-extension.md b/quick/latest/userguide/teams-extension.md
index b9806bbb1..6b07731e2 100644
--- a//quick/latest/userguide/teams-extension.md
+++ b//quick/latest/userguide/teams-extension.md
@@ -96 +96 @@ These default mappings ensure secure and accurate user identification across bot
-Configuring extension access with IAM Identity Center requires completing steps specific to your identity provider (Entra ID or Okta) followed by common setup steps in AWS.
+Configuring extension access with IAM Identity Center requires completing steps specific to your identity provider (for example, Entra ID or Okta) followed by common setup steps in AWS.
@@ -112 +112 @@ Follow these steps only if you are using IAM Identity Center with Entra ID to se
-    4. Create a client secret for the app registration and keep note of it. You will need this later.
+    4. Create a client secret for the app registration. Copy and save the secret's **Value** attribute. You need it later. This value is only shown once and cannot be retrieved after you leave the page.
@@ -240 +240 @@ Follow these steps to set up permissions on AWS Console:
-    "client_secret":"Your app registration client secret"
+    "client_secret":"Your app registration client secret value"