Using a Idp Token Plugin for IAM Identity Center

You can configure the connector to use a Idp Token to authenticate your connection through the IAM Identity Center.

To configure IAM authentication using a Idp Token plugin for IAM Identity Center :

1. Set the IAM property to 1.
2. Set the plugin_name property to IdpTokenAuthPlugin.
3. Optionally, set the AuthProfile property to the authentication profile you want to use to manage the connection settings, then do the following: 
   1. Set the AccessKeyID property to your Redshift access key ID.
   2. Set the SecretAccessKey property to your Redshift secret key.
4. Set the token property to an AWS IAM Identity Center vended access token or an OpenID Connect (OIDC) JSON Web Token (JWT) provided by a web identity provider that's connected with AWS IAM Identity Center. Your application must generate this token by authenticating your application user with AWS IAM Identity Center or an identity provider connected with AWS IAM Identity Center.
5. Set the token_type property to the type of token used for IdpTokenAuthPlugin. Possible values are the following:
   • ACCESS_TOKEN – Enter this if you use an AWS IAM Identity Center provided access token.
   • EXT_JWT – Enter this if you use an OpenID Connect (OIDC) JSON Web Token (JWT) provided by a web-based identity provider that's connected with AWS IAM Identity Center.