SSOAdmin / Client / get_application_grant

get_application_grant#

SSOAdmin.Client.get_application_grant(**kwargs)#

Retrieves details about an application grant.

See also: AWS API Documentation

Request Syntax

response = client.get_application_grant(
    ApplicationArn='string',
    GrantType='authorization_code'|'refresh_token'|'urn:ietf:params:oauth:grant-type:jwt-bearer'|'urn:ietf:params:oauth:grant-type:token-exchange'
)
Parameters:
  • ApplicationArn (string) –

    [REQUIRED]

    Specifies the ARN of the application that contains the grant.

  • GrantType (string) –

    [REQUIRED]

    Specifies the type of grant.

Return type:

dict

Returns:

Response Syntax

{
    'Grant': {
        'AuthorizationCode': {
            'RedirectUris': [
                'string',
            ]
        },
        'JwtBearer': {
            'AuthorizedTokenIssuers': [
                {
                    'AuthorizedAudiences': [
                        'string',
                    ],
                    'TrustedTokenIssuerArn': 'string'
                },
            ]
        },
        'RefreshToken': {},
        'TokenExchange': {}
    }
}

Response Structure

  • (dict) –

    • Grant (dict) –

      A structure that describes the requested grant.

      Note

      This is a Tagged Union structure. Only one of the following top level keys will be set: AuthorizationCode, JwtBearer, RefreshToken, TokenExchange. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:

      'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
      
      • AuthorizationCode (dict) –

        Configuration options for the authorization_code grant type.

        • RedirectUris (list) –

          A list of URIs that are valid locations to redirect a user’s browser after the user is authorized.

          • (string) –

      • JwtBearer (dict) –

        Configuration options for the urn:ietf:params:oauth:grant-type:jwt-bearer grant type.

        • AuthorizedTokenIssuers (list) –

          A list of allowed token issuers trusted by the Identity Center instances for this application.

          • (dict) –

            A structure that describes a trusted token issuer and associates it with a set of authorized audiences.

            • AuthorizedAudiences (list) –

              An array list of authorized audiences, or applications, that can consume the tokens generated by the associated trusted token issuer.

              • (string) –

            • TrustedTokenIssuerArn (string) –

              The ARN of the trusted token issuer.

      • RefreshToken (dict) –

        Configuration options for the refresh_token grant type.

      • TokenExchange (dict) –

        Configuration options for the urn:ietf:params:oauth:grant-type:token-exchange grant type.

Exceptions