SSO / Client / get_role_credentials
get_role_credentials#
- SSO.Client.get_role_credentials(**kwargs)#
Returns the STS short-term credentials for a given role name that is assigned to the user.
See also: AWS API Documentation
Request Syntax
response = client.get_role_credentials( roleName='string', accountId='string', accessToken='string' )
- Parameters:
roleName (string) –
[REQUIRED]
The friendly name of the role that is assigned to the user.
accountId (string) –
[REQUIRED]
The identifier for the AWS account that is assigned to the user.
accessToken (string) –
[REQUIRED]
The token issued by the
CreateToken
API call. For more information, see CreateToken in the IAM Identity Center OIDC API Reference Guide.
- Return type:
dict
- Returns:
Response Syntax
{ 'roleCredentials': { 'accessKeyId': 'string', 'secretAccessKey': 'string', 'sessionToken': 'string', 'expiration': 123 } }
Response Structure
(dict) –
roleCredentials (dict) –
The credentials for the role that is assigned to the user.
accessKeyId (string) –
The identifier used for the temporary security credentials. For more information, see Using Temporary Security Credentials to Request Access to AWS Resources in the AWS IAM User Guide.
secretAccessKey (string) –
The key that is used to sign the request. For more information, see Using Temporary Security Credentials to Request Access to AWS Resources in the AWS IAM User Guide.
sessionToken (string) –
The token used for temporary credentials. For more information, see Using Temporary Security Credentials to Request Access to AWS Resources in the AWS IAM User Guide.
expiration (integer) –
The date on which temporary security credentials expire.
Exceptions