IAM / Client / get_outbound_web_identity_federation_info

get_outbound_web_identity_federation_info

IAM.Client.get_outbound_web_identity_federation_info()

Retrieves the configuration information for the outbound identity federation feature in your Amazon Web Services account. The response includes the unique issuer URL for your Amazon Web Services account and the current enabled/disabled status of the feature. Use this operation to obtain the issuer URL that you need to configure trust relationships with external services.

See also: AWS API Documentation

Request Syntax

response = client.get_outbound_web_identity_federation_info()

Return type:

dict

Returns:

Response Syntax

{
    'IssuerIdentifier': 'string',
    'JwtVendingEnabled': True|False
}

Response Structure

• (dict) –

  • IssuerIdentifier (string) –

    A unique issuer URL for your Amazon Web Services account that hosts the OpenID Connect (OIDC) discovery endpoints at /.well-known/openid-configuration and /.well-known/jwks.json. The OpenID Connect (OIDC) discovery endpoints contain verification keys and metadata necessary for token verification.

  • JwtVendingEnabled (boolean) –

    Indicates whether outbound identity federation is currently enabled for your Amazon Web Services account. When true, IAM principals in the account can call the GetWebIdentityToken API to obtain JSON Web Tokens (JWTs) for authentication with external services.

Exceptions

• IAM.Client.exceptions.FeatureDisabledException