Skip to content
← Back to Changelog

Tuesday, July 9th 2024

OpenID Connect (OIDC) Federation now available in Beta

Posted by

Avatar for marcgreenstock

Marc Greenstock

Software Engineer, Infrastructure & Identity

Avatar for okbel

Bel Curcio

Engineering Manager

Avatar for skllcrn

Christopher Skillicorn

Product Designer

Vercel now supports OpenID Connect (OIDC) Federation, enabling you to enhance your security by replacing long-lived environment variable credentials with short-lived, RSA-signed JWTs for external requests in both builds and Vercel Functions.

You can now leverage Vercel's OIDC Identity Provider (IdP) to issue persistent tokens for cloud providers such as AWS, Azure, GCP, and more.

Enable OIDC in your project's security settings and leverage the @vercel/functions package for integration with third-party providers, like this:

import { awsCredentialsProvider } from '@vercel/functions/oidc';
import * as s3 from '@aws/client-s3';
const s3client = new s3.S3Client({
credentials: awsCredentialsProvider({
roleArn: process.env.AWS_ROLE_ARN!,

Learn more about OpenID Connect Federation in the documentation.