怎样使用OIDC令牌在Cognito中请求第三方用户池？

0

【以下的问题经过翻译处理】我正在使用Cognito用户池设置第三方OIDC提供程序，该提供程序仅启用授权码授予。我注意到当AWS向我的令牌端点发出请求时，它将Client ID和Client Secret作为POST请求正文中的字段包括在内，而不是在Authorization头中。是否有任何配置可以更改此行为，以更标准地使用Authorization头？

Topics

Security, Identity, & Compliance

Tags

Language

中文 (简体)

EXPERT

rePost Polyglot

asked 6 months ago11 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

0

【以下的回答经过翻译处理】你好，

目前没有更改此行为的配置，Cognito在与外部IdP通信时使用client_secret_post。

EXPERT

rePost Polyglot

answered 6 months ago

Relevant content

如何讓 IAM 使用者只看的到自己建立的資源 ( How to allow IAM users to only see resources they have created.)
Accepted Answer
kerokero
asked 2 months ago
sagemaker美国人口普查数据在中国宁夏区下载提示拒绝访问
LiuChuang
asked a year ago
S3上无法使用Chunked上传文件｜ Unable to use Chunked to upload files on S3
rePost-User-1798329
asked a year ago
我使用Codestar部署springboot项目，在Deploy的时候，使用template.yml创建EBEnvironment失败
rePost-User-1988868
asked a year ago
How do I troubleshoot "Unable to verify secret hash for client <client-id>" errors from my Amazon Cognito user pools API?
AWS OFFICIALUpdated 3 years ago
How do I authorize access to API Gateway APIs using custom scopes in Amazon Cognito?
AWS OFFICIALUpdated a year ago
How do I set up Auth0 as an OIDC provider in an Amazon Cognito user pool?
AWS OFFICIALUpdated 2 years ago
How do I get IdP-issued OIDC or social identity tokens for Amazon Cognito user pools?
AWS OFFICIALUpdated 3 months ago
AWS Cognito Finally Supports Custom Claims for Access Tokens
EXPERT
Antonio_Lagrotteria
published 2 months ago
How to build a unified authorization layer for identity providers with Amazon Verified Permissions
EXPERT
JohnT
published a month ago