Soto icon

Soto

SSOOIDC

Service object for interacting with AWS SSOOIDC service.

public struct SSOOIDC: AWSService 

AWS Single Sign-On (SSO) OpenID Connect (OIDC) is a web service that enables a client (such as AWS CLI or a native application) to register with AWS SSO. The service also enables the client to fetch the user’s access token upon successful authentication and authorization with AWS SSO. This service conforms with the OAuth 2.0 based implementation of the device authorization grant standard (https://tools.ietf.org/html/rfc8628).

     <p>For general information about AWS SSO, see <a href="https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html">What is AWS
    Single Sign-On?</a> in the <i>AWS SSO User Guide</i>.</p>

     <p>This API reference guide describes the AWS SSO OIDC operations that you can call
  programatically and includes detailed information on data types and errors.</p>

     <note>
        <p>AWS provides SDKs that consist of libraries and sample code for various programming
    languages and platforms such as Java, Ruby, .Net, iOS, and Android. The SDKs provide a
    convenient way to create programmatic access to AWS SSO and other AWS services. For more
    information about the AWS SDKs, including how to download and install them, see <a href="http://aws.amazon.com/tools/">Tools for Amazon Web Services</a>.</p>
     </note>

Inheritance

AWSService

Initializers

init(client:region:partition:endpoint:timeout:byteBufferAllocator:options:)

Initialize the SSOOIDC client

public init(
        client: AWSClient,
        region: SotoCore.Region? = nil,
        partition: AWSPartition = .aws,
        endpoint: String? = nil,
        timeout: TimeAmount? = nil,
        byteBufferAllocator: ByteBufferAllocator = ByteBufferAllocator(),
        options: AWSServiceConfig.Options = []
    ) 

Parameters

  • client: AWSClient used to process requests
  • region: Region of server you want to communicate with. This will override the partition parameter.
  • partition: AWS partition where service resides, standard (.aws), china (.awscn), government (.awsusgov).
  • endpoint: Custom endpoint URL to use instead of standard AWS servers
  • timeout: Timeout value for HTTP requests

init(from:patch:)

Initializer required by AWSService.with(middlewares:​timeout:​byteBufferAllocator:​options). You are not able to use this initializer directly as there are no public initializers for AWSServiceConfig.Patch. Please use AWSService.with(middlewares:​timeout:​byteBufferAllocator:​options) instead.

public init(from: SSOOIDC, patch: AWSServiceConfig.Patch) 

Properties

client

Client used for communication with AWS

public let client: AWSClient

config

Service configuration

public let config: AWSServiceConfig

Methods

createToken(_:logger:on:)

public func createToken(_ input: CreateTokenRequest, logger: Logger = AWSClient.loggingDisabled, on eventLoop: EventLoop? = nil) -> EventLoopFuture<CreateTokenResponse> 

Creates and returns an access token for the authorized client. The access token issued will be used to fetch short-term credentials for the assigned roles in the AWS account.

registerClient(_:logger:on:)

public func registerClient(_ input: RegisterClientRequest, logger: Logger = AWSClient.loggingDisabled, on eventLoop: EventLoop? = nil) -> EventLoopFuture<RegisterClientResponse> 

Registers a client with AWS SSO. This allows clients to initiate device authorization. The output should be persisted for reuse through many authentication requests.

startDeviceAuthorization(_:logger:on:)

public func startDeviceAuthorization(_ input: StartDeviceAuthorizationRequest, logger: Logger = AWSClient.loggingDisabled, on eventLoop: EventLoop? = nil) -> EventLoopFuture<StartDeviceAuthorizationResponse> 

Initiates device authorization by requesting a pair of verification codes from the authorization service.