diff --git a/README.md b/README.md
index 57d2bc86a..9a2cf6a10 100644
--- a/README.md
+++ b/README.md
@@ -98,6 +98,7 @@ The following table describes which identity is used based on which values are s
     - name: Configure AWS Credentials
       uses: aws-actions/configure-aws-credentials@v1
       with:
+        audience: sts.amazonaws.com
         aws-region: us-east-2
         role-to-assume: arn:aws:iam::123456789100:role/my-github-actions-role
         role-session-name: MySessionName
@@ -108,6 +109,7 @@ In this example, the Action will load the OIDC token from the GitHub-provided en
     - name: Configure AWS Credentials
       uses: aws-actions/configure-aws-credentials@v1
       with:
+        audience: sts.amazonaws.com
         aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
         aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
         aws-region: us-east-2
diff --git a/action.yml b/action.yml
index 4e41aeb5e..17723b00d 100644
--- a/action.yml
+++ b/action.yml
@@ -4,6 +4,10 @@ branding:
   icon: 'cloud'
   color: 'orange'
 inputs:
+  audience:
+    default: 'sts.amazonaws.com'
+    description: 'The audience to use for the OIDC provider'
+    required: false
   aws-access-key-id:
     description: >-
       AWS Access Key ID. This input is required if running in the GitHub hosted environment.
diff --git a/index.js b/index.js
index c70f46cec..9966a42c9 100644
--- a/index.js
+++ b/index.js
@@ -19,6 +19,7 @@ async function assumeRole(params) {
   const isDefined = i => !!i;
 
   const {
+    audience,
     sourceAccountId,
     roleToAssume,
     roleExternalId,
@@ -263,6 +264,7 @@ async function run() {
   try {
     // Get inputs
     const accessKeyId = core.getInput('aws-access-key-id', { required: false });
+    const audience = core.getInput('audience', { required: false });
     const secretAccessKey = core.getInput('aws-secret-access-key', { required: false });
     const region = core.getInput('aws-region', { required: true });
     const sessionToken = core.getInput('aws-session-token', { required: false });
@@ -310,7 +312,7 @@ async function run() {
     let sourceAccountId;
     let webIdentityToken;
     if(useGitHubOIDCProvider()) {
-      webIdentityToken = await core.getIDToken('sts.amazonaws.com');
+      webIdentityToken = await core.getIDToken(audience);
       roleDurationSeconds = core.getInput('role-duration-seconds', {required: false}) || DEFAULT_ROLE_DURATION_FOR_OIDC_ROLES;
       // We don't validate the credentials here because we don't have them yet when using OIDC.
     } else {