Method: Aws::IAM::Types::CreateOpenIDConnectProviderRequest#thumbprint_list

Defined in:: lib/aws-sdk-iam/types.rb

#thumbprint_list ⇒ `Array<String>`

A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider’s server certificates. Typically this list includes only one entry. However, IAM lets you have up to five thumbprints for an OIDC provider. This lets you maintain multiple thumbprints if the identity provider is rotating certificates.

This parameter is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate.

The server certificate thumbprint is the hex-encoded SHA-1 hash value of the X.509 certificate used by the domain where the OpenID Connect provider makes its keys available. It is always a 40-character string.

For example, assume that the OIDC provider is ‘server.example.com` and the provider stores its keys at keys.server.example.com/openid-connect. In that case, the thumbprint string would be the hex-encoded SHA-1 hash value of the certificate used by `keys.server.example.com.`

For more information about obtaining the OIDC provider thumbprint, see [Obtaining the thumbprint for an OpenID Connect provider] in the *IAM user Guide*.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html

Returns:

(Array<String>)

# File 'lib/aws-sdk-iam/types.rb', line 952

class CreateOpenIDConnectProviderRequest < Struct.new(
  :url,
  :client_id_list,
  :thumbprint_list,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

Method: Aws::IAM::Types::CreateOpenIDConnectProviderRequest#thumbprint_list

#thumbprint_list ⇒ Array<String>

#thumbprint_list ⇒ `Array<String>`