SSO / Client / get_role_credentials

get_role_credentials#

SSO.Client.get_role_credentials(**kwargs)#

Returns the STS short-term credentials for a given role name that is assigned to the user.

See also: AWS API Documentation

Request Syntax

response = client.get_role_credentials(
    roleName='string',
    accountId='string',
    accessToken='string'
)
Parameters:
  • roleName (string) –

    [REQUIRED]

    The friendly name of the role that is assigned to the user.

  • accountId (string) –

    [REQUIRED]

    The identifier for the AWS account that is assigned to the user.

  • accessToken (string) –

    [REQUIRED]

    The token issued by the CreateToken API call. For more information, see CreateToken in the IAM Identity Center OIDC API Reference Guide.

Return type:

dict

Returns:

Response Syntax

{
    'roleCredentials': {
        'accessKeyId': 'string',
        'secretAccessKey': 'string',
        'sessionToken': 'string',
        'expiration': 123
    }
}

Response Structure

Exceptions

  • SSO.Client.exceptions.InvalidRequestException

  • SSO.Client.exceptions.UnauthorizedException

  • SSO.Client.exceptions.TooManyRequestsException

  • SSO.Client.exceptions.ResourceNotFoundException