AWSSSO (AWS SDK for Java

All Known Subinterfaces:

AWSSSOAsync

All Known Implementing Classes:

AbstractAWSSSO, AbstractAWSSSOAsync, AWSSSOAsyncClient, AWSSSOClient
```
@Generated(value="com.amazonaws:aws-java-sdk-code-generator")
public interface AWSSSO
```
Interface for accessing SSO.
Note: Do not directly implement this interface, new methods are added to it regularly. Extend from AbstractAWSSSO instead.

Amazon Web Services Single Sign On Portal is a web service that makes it easy for you to assign user access to Amazon Web Services SSO resources such as the AWS access portal. Users can get Amazon Web Services account applications and roles assigned to them and get federated into the application.

Although Amazon Web Services Single Sign-On was renamed, the sso and identitystore API namespaces will continue to retain their original name for backward compatibility purposes. For more information, see Amazon Web Services SSO rename.

This reference guide describes the Amazon Web Services SSO Portal operations that you can call programatically and includes detailed information on data types and errors.

Amazon Web Services provides SDKs that consist of libraries and sample code for various programming languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs provide a convenient way to create programmatic access to Amazon Web Services SSO and other Amazon Web Services services. For more information about the Amazon Web Services SDKs, including how to download and install them, see Tools for Amazon Web Services.

Field Summary

Fields
Modifier and Type Field and Description

static String ENDPOINT_PREFIX
The region metadata service name for computing region endpoints.

Fields
Modifier and Type	Field and Description
`static String`	`ENDPOINT_PREFIX` The region metadata service name for computing region endpoints.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`ResponseMetadata`	`getCachedResponseMetadata(AmazonWebServiceRequest request)` Returns additional metadata for a previously executed successful request, typically used for debugging issues where a service isn't acting as expected.
`GetRoleCredentialsResult`	`getRoleCredentials(GetRoleCredentialsRequest getRoleCredentialsRequest)` Returns the STS short-term credentials for a given role name that is assigned to the user.
`ListAccountRolesResult`	`listAccountRoles(ListAccountRolesRequest listAccountRolesRequest)` Lists all roles that are assigned to the user for a given Amazon Web Services account.
`ListAccountsResult`	`listAccounts(ListAccountsRequest listAccountsRequest)` Lists all Amazon Web Services accounts assigned to the user.
`LogoutResult`	`logout(LogoutRequest logoutRequest)` Removes the locally stored SSO tokens from the client-side cache and sends an API call to the Amazon Web Services SSO service to invalidate the corresponding server-side Amazon Web Services SSO sign in session.
`void`	`shutdown()` Shuts down this client object, releasing any resources that might be held open.

- Field Detail
  - ENDPOINT_PREFIX
```
static final String ENDPOINT_PREFIX
```
    The region metadata service name for computing region endpoints. You can use this value to retrieve metadata (such as supported regions) of the service.
    
    See Also:
    
    RegionUtils.getRegionsForService(String), Constant Field Values
- Method Detail
  - getRoleCredentials
```
GetRoleCredentialsResult getRoleCredentials(GetRoleCredentialsRequest getRoleCredentialsRequest)
```
    Returns the STS short-term credentials for a given role name that is assigned to the user.
    
    Parameters:
    
    getRoleCredentialsRequest -
    
    Returns:
    
    Result of the GetRoleCredentials operation returned by the service.
    
    Throws:
    
    InvalidRequestException - Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.
    
    UnauthorizedException - Indicates that the request is not authorized. This can happen due to an invalid access token in the request.
    
    TooManyRequestsException - Indicates that the request is being made too frequently and is more than what the server can handle.
    
    ResourceNotFoundException - The specified resource doesn't exist.
    
    See Also:
    
    AWS API Documentation
  - listAccountRoles
```
ListAccountRolesResult listAccountRoles(ListAccountRolesRequest listAccountRolesRequest)
```
    Lists all roles that are assigned to the user for a given Amazon Web Services account.
    
    Parameters:
    
    listAccountRolesRequest -
    
    Returns:
    
    Result of the ListAccountRoles operation returned by the service.
    
    Throws:
    
    InvalidRequestException - Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.
    
    UnauthorizedException - Indicates that the request is not authorized. This can happen due to an invalid access token in the request.
    
    TooManyRequestsException - Indicates that the request is being made too frequently and is more than what the server can handle.
    
    ResourceNotFoundException - The specified resource doesn't exist.
    
    See Also:
    
    AWS API Documentation
  - listAccounts
```
ListAccountsResult listAccounts(ListAccountsRequest listAccountsRequest)
```
    Lists all Amazon Web Services accounts assigned to the user. These Amazon Web Services accounts are assigned by the administrator of the account. For more information, see Assign User Access in the Amazon Web Services SSO User Guide. This operation returns a paginated response.
    
    Parameters:
    
    listAccountsRequest -
    
    Returns:
    
    Result of the ListAccounts operation returned by the service.
    
    Throws:
    
    InvalidRequestException - Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.
    
    UnauthorizedException - Indicates that the request is not authorized. This can happen due to an invalid access token in the request.
    
    TooManyRequestsException - Indicates that the request is being made too frequently and is more than what the server can handle.
    
    ResourceNotFoundException - The specified resource doesn't exist.
    
    See Also:
    
    AWS API Documentation
  - logout
```
LogoutResult logout(LogoutRequest logoutRequest)
```
    Removes the locally stored SSO tokens from the client-side cache and sends an API call to the Amazon Web Services SSO service to invalidate the corresponding server-side Amazon Web Services SSO sign in session.
    
    If a user uses Amazon Web Services SSO to access the AWS CLI, the user’s Amazon Web Services SSO sign in session is used to obtain an IAM session, as specified in the corresponding Amazon Web Services SSO permission set. More specifically, Amazon Web Services SSO assumes an IAM role in the target account on behalf of the user, and the corresponding temporary Amazon Web Services credentials are returned to the client.
    
    After user logout, any existing IAM role sessions that were created by using Amazon Web Services SSO permission sets continue based on the duration configured in the permission set. For more information, see User authentications in the Amazon Web Services SSO User Guide.
    
    Parameters:
    
    logoutRequest -
    
    Returns:
    
    Result of the Logout operation returned by the service.
    
    Throws:
    
    InvalidRequestException - Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.
    
    UnauthorizedException - Indicates that the request is not authorized. This can happen due to an invalid access token in the request.
    
    TooManyRequestsException - Indicates that the request is being made too frequently and is more than what the server can handle.
    
    See Also:
    
    AWS API Documentation
  - shutdown
```
void shutdown()
```
    Shuts down this client object, releasing any resources that might be held open. This is an optional method, and callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client has been shutdown, it should not be used to make any more requests.
  - getCachedResponseMetadata
```
ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request)
```
    Returns additional metadata for a previously executed successful request, typically used for debugging issues where a service isn't acting as expected. This data isn't considered part of the result data returned by an operation, so it's available through this separate, diagnostic interface.
    Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic information for an executed request, you should use this method to retrieve it as soon as possible after executing a request.
    
    Parameters:
    
    request - The originally executed request.
    
    Returns:
    
    The response metadata for the specified request, or null if none is available.

Did this page help you?

Interface AWSSSO

Field Summary

Method Summary

Field Detail

ENDPOINT_PREFIX

Method Detail

getRoleCredentials

listAccountRoles

listAccounts

logout

shutdown

getCachedResponseMetadata