feat(client-sso-oidc): This release adds AwsAdditionalDetails in the CreateTokenWithIAM API response.

awstools · awstools · commit ad600448a1d4 · 2025-03-27T18:20:06.000Z
diff --git a/clients/client-sso-oidc/src/commands/CreateTokenWithIAMCommand.ts b/clients/client-sso-oidc/src/commands/CreateTokenWithIAMCommand.ts
@@ -70,6 +70,9 @@ export interface CreateTokenWithIAMCommandOutput extends CreateTokenWithIAMRespo
  * //   scope: [ // Scopes
  * //     "STRING_VALUE",
  * //   ],
+ * //   awsAdditionalDetails: { // AwsAdditionalDetails
+ * //     identityContext: "STRING_VALUE",
+ * //   },
  * // };
  *
  * ```
@@ -148,6 +151,9 @@ export interface CreateTokenWithIAMCommandOutput extends CreateTokenWithIAMRespo
  * /* response is
  * {
  *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   awsAdditionalDetails: {
+ *     identityContext: "EXAMPLEIDENTITYCONTEXT"
+ *   },
  *   expiresIn: 1579729529,
  *   idToken: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
  *   issuedTokenType: "urn:ietf:params:oauth:token-type:refresh_token",
@@ -175,6 +181,9 @@ export interface CreateTokenWithIAMCommandOutput extends CreateTokenWithIAMRespo
  * /* response is
  * {
  *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   awsAdditionalDetails: {
+ *     identityContext: "EXAMPLEIDENTITYCONTEXT"
+ *   },
  *   expiresIn: 1579729529,
  *   idToken: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
  *   issuedTokenType: "urn:ietf:params:oauth:token-type:refresh_token",
@@ -230,6 +239,9 @@ export interface CreateTokenWithIAMCommandOutput extends CreateTokenWithIAMRespo
  * /* response is
  * {
  *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   awsAdditionalDetails: {
+ *     identityContext: "EXAMPLEIDENTITYCONTEXT"
+ *   },
  *   expiresIn: 1579729529,
  *   idToken: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.5SYiW1kMsuUr7nna-l5tlakM0GNbMHvIM2_n0QD23jM",
  *   issuedTokenType: "urn:ietf:params:oauth:token-type:access_token",
diff --git a/clients/client-sso-oidc/src/commands/StartDeviceAuthorizationCommand.ts b/clients/client-sso-oidc/src/commands/StartDeviceAuthorizationCommand.ts
@@ -105,8 +105,8 @@ export interface StartDeviceAuthorizationCommandOutput extends StartDeviceAuthor
  *   expiresIn: 1579729529,
  *   interval: 1,
  *   userCode: "makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE",
- *   verificationUri: "https://device.sso.us-west-2.amazonaws.com",
- *   verificationUriComplete: "https://device.sso.us-west-2.amazonaws.com?user_code=makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE"
+ *   verificationUri: "https://directory-alias-example.awsapps.com/start/#/device",
+ *   verificationUriComplete: "https://directory-alias-example.awsapps.com/start/#/device?user_code=makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE"
  * }
  * *\/
  * ```
diff --git a/clients/client-sso-oidc/src/models/models_0.ts b/clients/client-sso-oidc/src/models/models_0.ts
@@ -73,6 +73,21 @@ export class AuthorizationPendingException extends __BaseException {
   }
 }
 
+/**
+ * <p>This structure contains Amazon Web Services-specific parameter extensions for the token endpoint
+ *       responses and includes the identity context.</p>
+ * @public
+ */
+export interface AwsAdditionalDetails {
+  /**
+   * <p>STS context assertion that carries a user identifier to the Amazon Web Services service that it calls
+   *       and can be used to obtain an identity-enhanced IAM role session. This value corresponds to
+   *       the <code>sts:identity_context</code> claim in the ID token.</p>
+   * @public
+   */
+  identityContext?: string | undefined;
+}
+
 /**
  * @public
  */
@@ -681,6 +696,15 @@ export interface CreateTokenWithIAMResponse {
    * @public
    */
   scope?: string[] | undefined;
+
+  /**
+   * <p>A structure containing information from the <code>idToken</code>. Only the
+   *         <code>identityContext</code> is in it, which is a value extracted from the
+   *         <code>idToken</code>. This provides direct access to identity information without requiring
+   *       JWT parsing.</p>
+   * @public
+   */
+  awsAdditionalDetails?: AwsAdditionalDetails | undefined;
 }
 
 /**
diff --git a/clients/client-sso-oidc/src/protocols/Aws_restJson1.ts b/clients/client-sso-oidc/src/protocols/Aws_restJson1.ts
@@ -204,6 +204,7 @@ export const de_CreateTokenWithIAMCommand = async (
   const data: Record<string, any> = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body");
   const doc = take(data, {
     accessToken: __expectString,
+    awsAdditionalDetails: _json,
     expiresIn: __expectInt32,
     idToken: __expectString,
     issuedTokenType: __expectString,
@@ -629,6 +630,8 @@ const de_UnsupportedGrantTypeExceptionRes = async (
 
 // se_Scopes omitted.
 
+// de_AwsAdditionalDetails omitted.
+
 // de_Scopes omitted.
 
 const deserializeMetadata = (output: __HttpResponse): __ResponseMetadata => ({
diff --git a/codegen/sdk-codegen/aws-models/sso-oidc.json b/codegen/sdk-codegen/aws-models/sso-oidc.json
@@ -1024,6 +1024,20 @@
         "smithy.api#httpError": 400
       }
     },
+    "com.amazonaws.ssooidc#AwsAdditionalDetails": {
+      "type": "structure",
+      "members": {
+        "identityContext": {
+          "target": "com.amazonaws.ssooidc#IdentityContext",
+          "traits": {
+            "smithy.api#documentation": "<p>STS context assertion that carries a user identifier to the Amazon Web Services service that it calls\n      and can be used to obtain an identity-enhanced IAM role session. This value corresponds to\n      the <code>sts:identity_context</code> claim in the ID token.</p>"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#documentation": "<p>This structure contains Amazon Web Services-specific parameter extensions for the token endpoint\n      responses and includes the identity context.</p>"
+      }
+    },
     "com.amazonaws.ssooidc#ClientId": {
       "type": "string"
     },
@@ -1304,7 +1318,10 @@
               "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
               "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
               "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token",
-              "scope": ["openid", "aws", "sts:identity_context"]
+              "scope": ["openid", "aws", "sts:identity_context"],
+              "awsAdditionalDetails": {
+                "identityContext": "EXAMPLEIDENTITYCONTEXT"
+              }
             }
           },
           {
@@ -1322,7 +1339,10 @@
               "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
               "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
               "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token",
-              "scope": ["openid", "aws", "sts:identity_context"]
+              "scope": ["openid", "aws", "sts:identity_context"],
+              "awsAdditionalDetails": {
+                "identityContext": "EXAMPLEIDENTITYCONTEXT"
+              }
             }
           },
           {
@@ -1358,7 +1378,10 @@
               "expiresIn": 1579729529,
               "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.5SYiW1kMsuUr7nna-l5tlakM0GNbMHvIM2_n0QD23jM",
               "issuedTokenType": "urn:ietf:params:oauth:token-type:access_token",
-              "scope": ["openid", "aws", "sts:identity_context"]
+              "scope": ["openid", "aws", "sts:identity_context"],
+              "awsAdditionalDetails": {
+                "identityContext": "EXAMPLEIDENTITYCONTEXT"
+              }
             }
           }
         ],
@@ -1490,6 +1513,12 @@
           "traits": {
             "smithy.api#documentation": "<p>The list of scopes for which authorization is granted. The access token that is issued is\n      limited to the scopes that are granted.</p>"
           }
+        },
+        "awsAdditionalDetails": {
+          "target": "com.amazonaws.ssooidc#AwsAdditionalDetails",
+          "traits": {
+            "smithy.api#documentation": "<p>A structure containing information from the <code>idToken</code>. Only the\n        <code>identityContext</code> is in it, which is a value extracted from the\n        <code>idToken</code>. This provides direct access to identity information without requiring\n      JWT parsing.</p>"
+          }
         }
       },
       "traits": {
@@ -1548,6 +1577,9 @@
         "smithy.api#sensitive": {}
       }
     },
+    "com.amazonaws.ssooidc#IdentityContext": {
+      "type": "string"
+    },
     "com.amazonaws.ssooidc#InternalServerException": {
       "type": "structure",
       "members": {
@@ -1995,8 +2027,8 @@
             "output": {
               "deviceCode": "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzIn0EXAMPLEDEVICECODE",
               "userCode": "makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE",
-              "verificationUri": "https://device.sso.us-west-2.amazonaws.com",
-              "verificationUriComplete": "https://device.sso.us-west-2.amazonaws.com?user_code=makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE",
+              "verificationUri": "https://directory-alias-example.awsapps.com/start/#/device",
+              "verificationUriComplete": "https://directory-alias-example.awsapps.com/start/#/device?user_code=makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE",
               "expiresIn": 1579729529,
               "interval": 1
             }
