Skip to content

Commit

Permalink
fix provider URL (#907)
Browse files Browse the repository at this point in the history
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
  • Loading branch information
tim-finnigan and mergify[bot] authored Nov 9, 2023
1 parent 41b08e5 commit 3e19f1c
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,7 @@ and outputs.

Some of this documentation may be inaccurate if you are using GHES (GitHub Enterprise Servers), please take note to review the GitHub documentation when relevant.

For example, the URL that the OIDC JWT is issued from is different than the usual `tokens.actions.githubusercontent.com`, and will be unique to your enterprise server. As a result, you will need to configure this differently when you create the Identity Provider.
For example, the URL that the OIDC JWT is issued from is different than the usual `token.actions.githubusercontent.com`, and will be unique to your enterprise server. As a result, you will need to configure this differently when you create the Identity Provider.

## Security recommendations

Expand Down Expand Up @@ -325,7 +325,7 @@ created once per account (i.e. multiple IAM Roles that can be assumed by the
GitHub's OIDC can share a single OIDC Provider).

Note that the thumbprint has been set to all F's because the thumbprint is not
used when authenticating `tokens.actions.githubusercontent.com`. Instead, IAM
used when authenticating `token.actions.githubusercontent.com`. Instead, IAM
uses its library of trusted CAs to authenticate. However, this value is still
required by the API.

Expand Down

0 comments on commit 3e19f1c

Please sign in to comment.