AWS Split Token Publisher Event Listener

AWS Split Token Publisher Event Listener

An Event Listener Plugin that listens to events on issued access tokens. When an access token is issued in the Curity Identity Server this plugin sends parts of the token to AWS DynamoDB where the information is cached and later used in a split token approach.

To deploy the plugin, first download the latest release of the AWS Token Publisher from GitHub. Then unpack the release archive. You should now have a folder called aws-token-publisher that contains the file identityserver.plugins.events.listeners.aws-token-publisher-<version>.jar and all its dependencies. Copy that folder to <idsvr_home>/usr/share/plugins/.

Open the Admin UI. In System -> Event Listeners create a new event listener of type AWS Token Publisher.

Create new AWS Token Publisher Event Listener

Configure the settings for the DynamoDB. Specify the AWS region, table name and column to store the token signature hash (primary key). Select the hashing algorithm used to produce the hash of the signature. Finally, select a method to get the credential for accessing the DynamoDB.

Configure DynamoDB for AWS Token Publisher Event Listener

Commit the changes.