Using a Idp Token Plugin for IAM Identity Center

You can configure the connector to use a Idp Token plugin to authenticate your connection through the IAM Identity Center.

To configure IAM authentication using a browser plugin for IAM Identity Center :

1. To access the IAM authentication options, open the ODBC Data Source Administrator where you created the DSN, select the DSN, and then click Configure.
2. From the Auth Type drop-down list, select Idp Token Auth Plugin.
3. Optionally, in the AuthProfile field, type the authentication profile you want to use to manage the connection settings, then do the following:
   1. In the AccessKeyID field, type your Redshift access key ID.
   2. In the SecretAccessKey field, type your Redshift secret key.
4. In the Token field, type an AWS IAM Identity Center vended access token or an OpenID Connect (OIDC) JSON Web Token (JWT) provided by a web identity provider that's connected with AWS IAM Identity Center. Your application must generate this token by authenticating your application user with AWS IAM Identity Center or an identity provider connected with AWS IAM Identity Center.
5. In the Token Type field, type the type of token used for IdpTokenAuthPlugin. Possible values are the following:
   1. ACCESS_TOKEN – Enter this if you use an AWS IAM Identity Center provided access token.
   2. EXT_JWT – Enter this if you use an OpenID Connect (OIDC) JSON Web Token (JWT) provided by a web-based identity provider that's connected with AWS IAM Identity Center.
6. To save your settings and close the dialog box, click OK.