Limiting oidc trust condition

Hi,
I’m configuring OIDC trust condition and I would like to have a trust condition that only allows a pull request on my master branch to be able to request token.pull request on other branch should generate Error: Not authorized to perform sts:AssumeRoleWithWebIdentity. I have tried the below condition but it didnt work.I need some help please.

“repo:identity/identity-iam:ref:refs/heads/master:pull_request”