SSO / Client / get_role_credentials
get_role_credentials#
- SSO.Client.get_role_credentials(**kwargs)#
Returns the STS short-term credentials for a given role name that is assigned to the user.
See also: AWS API Documentation
Request Syntax
response = client.get_role_credentials( roleName='string', accountId='string', accessToken='string' )
- Parameters:
roleName (string) –
[REQUIRED]
The friendly name of the role that is assigned to the user.
accountId (string) –
[REQUIRED]
The identifier for the AWS account that is assigned to the user.
accessToken (string) –
[REQUIRED]
The token issued by the
CreateToken
API call. For more information, see CreateToken in the IAM Identity Center OIDC API Reference Guide .
- Return type:
dict
- Returns:
Response Syntax
{ 'roleCredentials': { 'accessKeyId': 'string', 'secretAccessKey': 'string', 'sessionToken': 'string', 'expiration': 123 } }
Response Structure
(dict) –
roleCredentials (dict) –
The credentials for the role that is assigned to the user.
accessKeyId (string) –
The identifier used for the temporary security credentials. For more information, see Using Temporary Security Credentials to Request Access to AWS Resources in the AWS IAM User Guide .
secretAccessKey (string) –
The key that is used to sign the request. For more information, see Using Temporary Security Credentials to Request Access to AWS Resources in the AWS IAM User Guide .
sessionToken (string) –
The token used for temporary credentials. For more information, see Using Temporary Security Credentials to Request Access to AWS Resources in the AWS IAM User Guide .
expiration (integer) –
The date on which temporary security credentials expire.
Exceptions
SSO.Client.exceptions.InvalidRequestException
SSO.Client.exceptions.UnauthorizedException
SSO.Client.exceptions.TooManyRequestsException
SSO.Client.exceptions.ResourceNotFoundException