1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
//! Credential Claims module. //! //! Contains constants used as keys into the [`AwsCredentials`](../struct.AwsCredentials.html) claims map //! returned by the STS client's federated assume role APIs. /// Key used in the claims map for the `Subject` claim. /// /// The `Subject` is the unique user identifier that is returned by the identity provider. /// For SAML this is the `NameID` element in the `Subject` element of the SAML assertion. /// For OpenID Connect this field contains the value returned by the identity provider /// as the token's `sub` claim. pub const SUBJECT: &str = "sub"; /// Key used in the claims map for the `Audience` claim. /// /// The intended audience (also known as client ID) of the web identity token. /// This is traditionally the client identifier issued to the application that requested the web identity token. /// For OpenID Connect this field contains the value of the `aud` claim. /// For SAML this is the value of the `Recipient` attribute of the `SubjectConfirmationData` /// element of the SAML assertion. pub const AUDIENCE: &str = "aud"; /// Key used in the claims map for the `Issuer` claim. /// /// For OpenID Connect ID Tokens this contains the value of the `iss` field. /// For OAuth 2.0 access tokens, this contains the value of the `ProviderId` parameter /// that was passed in the `AssumeRoleWithWebIdentity` request. /// For SAML this is the value of the Issuer element of the SAML assertion. pub const ISSUER: &str = "iss";