I was reading that the topic delegation endpoint is deprecated. I’m interesting in generate temporal credential from AWS to interact with S3. You are saying that I can use OIDC Conformant Authentication for a similar behaviour of token delegation. However, I found few documentation about this topic. Where can I find good documentation?. Is OIDC Conformant ready to use?
The OIDC conformant authentication is ready, however, have in mind that the former /delegation
endpoint provided different functionality and not all of them was strictly related to just end-user authentication so technically the OIDC authentication does not replace everything that was available and some parts will require features not strictly associated with the OIDC protocol; in some cases like obtaining tokens for third-party APIs there is not yet a non-legacy replacement.
The above situation is better described in this section of the reference documentation, but in summary what you were looking for, at this time, is not available in non-legacy endpoints and only the implementation through /delegation
exists. This is a gap that we’re actively working to close, but I don’t have yet definitive news on dates.