WorkMail / Client / describe_identity_provider_configuration

describe_identity_provider_configuration#

WorkMail.Client.describe_identity_provider_configuration(**kwargs)#

Returns detailed information on the current IdC setup for the WorkMail organization.

See also: AWS API Documentation

Request Syntax

response = client.describe_identity_provider_configuration(
    OrganizationId='string'
)
Parameters:

OrganizationId (string) –

[REQUIRED]

The Organization ID.

Return type:

dict

Returns:

Response Syntax

{
    'AuthenticationMode': 'IDENTITY_PROVIDER_ONLY'|'IDENTITY_PROVIDER_AND_DIRECTORY',
    'IdentityCenterConfiguration': {
        'InstanceArn': 'string',
        'ApplicationArn': 'string'
    },
    'PersonalAccessTokenConfiguration': {
        'Status': 'ACTIVE'|'INACTIVE',
        'LifetimeInDays': 123
    }
}

Response Structure

  • (dict) –

    • AuthenticationMode (string) –

      The authentication mode used in WorkMail.

    • IdentityCenterConfiguration (dict) –

      The details of the IAM Identity Center configuration.

      • InstanceArn (string) –

        The Amazon Resource Name (ARN) of the of IAM Identity Center instance. Must be in the same AWS account and region as WorkMail organization.

      • ApplicationArn (string) –

        The Amazon Resource Name (ARN) of IAMIdentity Center Application for WorkMail. Must be created by the WorkMail API, see CreateIdentityCenterApplication.

    • PersonalAccessTokenConfiguration (dict) –

      The details of the Personal Access Token configuration.

      • Status (string) –

        The status of the Personal Access Token allowed for the organization.

        • Active - Mailbox users can login to the web application and choose Settings to see the new Personal Access Tokens page to create and delete the Personal Access Tokens. Mailbox users can use the Personal Access Tokens to set up mailbox connection from desktop or mobile email clients.

        • Inactive - Personal Access Tokens are disabled for your organization. Mailbox users can’t create, list, or delete Personal Access Tokens and can’t use them to connect to their mailboxes from desktop or mobile email clients.

      • LifetimeInDays (integer) –

        The validity of the Personal Access Token status in days.

Exceptions