Using the Browser SSO OIDC Credentials Provider for IAM Identity Center

You can configure the connector to authenticate the connection using credentials obtained through the Browser SSO OIDC credentials provider for AWS IAM Identity Center. To do this, you must specify information such as the AWS IAM Identity Center Start URL, Region, Account ID, and Role Name.

To configure authentication using Browser SSO OIDC on a non-Windows machine:

1. Set the AuthenticationType property to BrowserSSOOIDC.
2. Set the sso_oidc_region property to the AWS Region where your AWS IAM Identity Center instance is configured.
3. Set the sso_oidc_start_url property to the AWS access portal URL for your AWS IAM Identity Center instance. You can find this value in the AWS IAM Identity Center console.
4. Set the sso_oidc_account_id property to the AWS account ID assigned to your AWS IAM Identity Center user.
5. Set the sso_oidc_role_name property to the role name (permission set) that you want to assume once authenticated through AWS IAM Identity Center.
   This role name must match a permission set assigned to your AWS IAM Identity Center user for the selected AWS account.
6. Optionally, set the idp_response_timeout property to the maximum amount of time, in seconds, that the connector should wait while polling AWS IAM Identity Center to complete the device authorization flow