Service object for interacting with AWS SSOOIDC service.
public struct SSOOIDC: AWSService
AWS Single Sign-On (SSO) OpenID Connect (OIDC) is a web service that enables a client (such as AWS CLI or a native application) to register with AWS SSO. The service also enables the client to fetch the user’s access token upon successful authentication and authorization with AWS SSO. This service conforms with the OAuth 2.0 based implementation of the device authorization grant standard (https://tools.ietf.org/html/rfc8628).
For general information about AWS SSO, see What is AWS Single Sign-On? in the AWS SSO User Guide.
This API reference guide describes the AWS SSO OIDC operations that you can call programatically and includes detailed information on data types and errors.
AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms such as Java, Ruby, .Net, iOS, and Android. The SDKs provide a convenient way to create programmatic access to AWS SSO and other AWS services. For more information about the AWS SDKs, including how to download and install them, see Tools for Amazon Web Services.
Initialize the SSOOIDC client
public init(client: AWSClient, region: SotoCore.Region? = nil, partition: AWSPartition = .aws, endpoint: String? = nil, timeout: TimeAmount? = nil, byteBufferAllocator: ByteBufferAllocator = ByteBufferAllocator(), options: AWSServiceConfig.Options = )
- client: AWSClient used to process requests
- region: Region of server you want to communicate with. This will override the partition parameter.
- partition: AWS partition where service resides, standard (.aws), china (.awscn), government (.awsusgov).
- endpoint: Custom endpoint URL to use instead of standard AWS servers
- timeout: Timeout value for HTTP requests
Initializer required by
AWSService.with(middlewares:timeout:byteBufferAllocator:options). You are not able to use this initializer directly as there are no public initializers for
AWSServiceConfig.Patch. Please use
public init(from: SSOOIDC, patch: AWSServiceConfig.Patch)
Client used for communication with AWS
let client: AWSClient
let config: AWSServiceConfig
public func createToken(_ input: CreateTokenRequest, logger: Logger = AWSClient.loggingDisabled, on eventLoop: EventLoop? = nil) -> EventLoopFuture<CreateTokenResponse>
Creates and returns an access token for the authorized client. The access token issued will be used to fetch short-term credentials for the assigned roles in the AWS account.
public func registerClient(_ input: RegisterClientRequest, logger: Logger = AWSClient.loggingDisabled, on eventLoop: EventLoop? = nil) -> EventLoopFuture<RegisterClientResponse>
Registers a client with AWS SSO. This allows clients to initiate device authorization. The output should be persisted for reuse through many authentication requests.
public func startDeviceAuthorization(_ input: StartDeviceAuthorizationRequest, logger: Logger = AWSClient.loggingDisabled, on eventLoop: EventLoop? = nil) -> EventLoopFuture<StartDeviceAuthorizationResponse>
Initiates device authorization by requesting a pair of verification codes from the authorization service.