Limiting oidc trust condition

I’m configuring OIDC trust condition and I would like to have a trust condition that only allows a pull request on my master branch to be able to request token.pull request on other branch should generate Error: Not authorized to perform sts:AssumeRoleWithWebIdentity. I have tried the below condition but it didnt work.I need some help please.