AWS.SsoCredentials — AWS SDK for JavaScript (original) (raw)

We recommend that you migrate to AWS SDK for JavaScript v3. For dates, additional details, and information on how to migrate, please refer to the linked announcement.

Overview

Note:

This feature is not supported in the browser environment of the SDK.

Represents credentials from sso.getRoleCredentials API forsso_* values defined in shared credentials file.

Using SSO credentials

The credentials file must specify the information below to use sso:

[profile sso-profile]
sso_account_id = 012345678901
sso_region = **-****-*
sso_role_name = SampleRole
sso_start_url = https://d-******.awsapps.com/start

or using the session format:

[profile sso-token]
sso_session = prod
sso_account_id = 012345678901
sso_role_name = SampleRole

[sso-session prod]
sso_region = **-****-*
sso_start_url = https://d-******.awsapps.com/start

This information will be automatically added to your shared credentials file by runningaws configure sso.

Using custom profiles

The SDK supports loading credentials for separate profiles. This can be done in two ways:

  1. Set the AWS_PROFILE environment variable in your process prior to loading the SDK.
  2. Directly load the AWS.SsoCredentials provider:
var creds = new AWS.SsoCredentials({profile: 'myprofile'});
AWS.config.credentials = creds;

Constructor Summarycollapse

Property Summary

Properties inherited from AWS.Credentials

expired, expireTime, accessKeyId, secretAccessKey, sessionToken, expiryWindow

Method Summarycollapse

Methods inherited from AWS.Credentials

needsRefresh, get, getPromise, refreshPromise

Constructor Details

new AWS.SsoCredentials(options) ⇒ void

Creates a new SsoCredentials object.

Method Details

getToken(profileName, profile, callback) ⇒ void

Uses legacy file system retrieval or if sso-session is set, use the SSOTokenProvider.

refresh(callback) ⇒ void

Loads the credentials from the AWS SSO process