get_open_id_token
(**kwargs)¶Gets an OpenID token, using a known Cognito ID. This known Cognito ID is returned by GetId. You can optionally add additional logins for the identity. Supplying multiple logins creates an implicit link.
The OpenID token is valid for 10 minutes.
This is a public API. You do not need any credentials to call this API.
See also: AWS API Documentation
Request Syntax
response = client.get_open_id_token(
IdentityId='string',
Logins={
'string': 'string'
}
)
[REQUIRED]
A unique identifier in the format REGION:GUID.
A set of optional name-value pairs that map provider names to provider tokens. When using graph.facebook.com and www.amazon.com, supply the access_token returned from the provider's authflow. For accounts.google.com, an Amazon Cognito user pool provider, or any other OpenID Connect provider, always include the id_token
.
dict
Response Syntax
{
'IdentityId': 'string',
'Token': 'string'
}
Response Structure
(dict) --
Returned in response to a successful GetOpenIdToken request.
IdentityId (string) --
A unique identifier in the format REGION:GUID. Note that the IdentityId returned may not match the one passed on input.
Token (string) --
An OpenID token, valid for 10 minutes.
Exceptions
CognitoIdentity.Client.exceptions.InvalidParameterException
CognitoIdentity.Client.exceptions.ResourceNotFoundException
CognitoIdentity.Client.exceptions.NotAuthorizedException
CognitoIdentity.Client.exceptions.ResourceConflictException
CognitoIdentity.Client.exceptions.TooManyRequestsException
CognitoIdentity.Client.exceptions.InternalErrorException
CognitoIdentity.Client.exceptions.ExternalServiceException