Documentation ¶
Overview ¶
Package sso provides the client and types for making API requests to SSO.
AWS Single Sign-On Portal is a web service that makes it easy for you to assign user access to AWS SSO resources such as the user portal. Users can get AWS account applications and roles assigned to them and get federated into the application.
For general information about AWS SSO, see What is AWS Single Sign-On? (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) in the AWS SSO User Guide.
This API reference guide describes the AWS SSO Portal operations that you can call programatically and includes detailed information on data types and errors.
AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs provide a convenient way to create programmatic access to AWS SSO and other AWS services. For more information about the AWS SDKs, including how to download and install them, see Tools for Amazon Web Services (http://aws.amazon.com/tools/).
See https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10 for more information on this service.
See sso package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/sso/
Using the Client ¶
To use SSO with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.
See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/
See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
See the SSO client for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/sso/#New
Index ¶
- Constants
- type AccountInfo
- type Client
- func (c *Client) GetRoleCredentialsRequest(input *GetRoleCredentialsInput) GetRoleCredentialsRequest
- func (c *Client) ListAccountRolesRequest(input *ListAccountRolesInput) ListAccountRolesRequest
- func (c *Client) ListAccountsRequest(input *ListAccountsInput) ListAccountsRequest
- func (c *Client) LogoutRequest(input *LogoutInput) LogoutRequest
- type GetRoleCredentialsInput
- type GetRoleCredentialsOutput
- type GetRoleCredentialsRequest
- type GetRoleCredentialsResponse
- type ListAccountRolesInput
- type ListAccountRolesOutput
- type ListAccountRolesPaginator
- type ListAccountRolesRequest
- type ListAccountRolesResponse
- type ListAccountsInput
- type ListAccountsOutput
- type ListAccountsPaginator
- type ListAccountsRequest
- type ListAccountsResponse
- type LogoutInput
- type LogoutOutput
- type LogoutRequest
- type LogoutResponse
- type RoleCredentials
- type RoleInfo
Constants ¶
const ( ServiceName = "SSO" // Service's name ServiceID = "SSO" // Service's identifier EndpointsID = "portal.sso" // Service's Endpoint identifier )
const ( // ErrCodeInvalidRequestException for service response error code // "InvalidRequestException". // // Indicates that a problem occurred with the input to the request. For example, // a required parameter might be missing or out of range. ErrCodeInvalidRequestException = "InvalidRequestException" // ErrCodeResourceNotFoundException for service response error code // "ResourceNotFoundException". // // The specified resource doesn't exist. ErrCodeResourceNotFoundException = "ResourceNotFoundException" // ErrCodeTooManyRequestsException for service response error code // "TooManyRequestsException". // // Indicates that the request is being made too frequently and is more than // what the server can handle. ErrCodeTooManyRequestsException = "TooManyRequestsException" // "UnauthorizedException". // // Indicates that the request is not authorized. This can happen due to an invalid // access token in the request. ErrCodeUnauthorizedException = "UnauthorizedException" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccountInfo ¶
type AccountInfo struct { // The identifier of the AWS account that is assigned to the user. AccountId *string `locationName:"accountId" type:"string"` // The display name of the AWS account that is assigned to the user. AccountName *string `locationName:"accountName" type:"string"` // The email address of the AWS account that is assigned to the user. EmailAddress *string `locationName:"emailAddress" min:"1" type:"string"` // contains filtered or unexported fields }
Provides information about your AWS account.
func (AccountInfo) MarshalFields ¶
func (s AccountInfo) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.
func (AccountInfo) String ¶
func (s AccountInfo) String() string
String returns the string representation
type Client ¶
Client provides the API operation methods for making requests to SSO. See this package's package overview docs for details on the service.
The client's methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.
func New ¶
New creates a new instance of the client from the provided Config.
Example:
// Create a client from just a config. svc := sso.New(myConfig)
func (*Client) GetRoleCredentialsRequest ¶
func (c *Client) GetRoleCredentialsRequest(input *GetRoleCredentialsInput) GetRoleCredentialsRequest
GetRoleCredentialsRequest returns a request value for making API operation for AWS Single Sign-On.
Returns the STS short-term credentials for a given role name that is assigned to the user.
// Example sending a request using GetRoleCredentialsRequest. req := client.GetRoleCredentialsRequest(params) resp, err := req.Send(context.TODO()) if err == nil { fmt.Println(resp) }
Please also see https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/GetRoleCredentials
func (*Client) ListAccountRolesRequest ¶
func (c *Client) ListAccountRolesRequest(input *ListAccountRolesInput) ListAccountRolesRequest
ListAccountRolesRequest returns a request value for making API operation for AWS Single Sign-On.
Lists all roles that are assigned to the user for a given AWS account.
// Example sending a request using ListAccountRolesRequest. req := client.ListAccountRolesRequest(params) resp, err := req.Send(context.TODO()) if err == nil { fmt.Println(resp) }
Please also see https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccountRoles
func (*Client) ListAccountsRequest ¶
func (c *Client) ListAccountsRequest(input *ListAccountsInput) ListAccountsRequest
ListAccountsRequest returns a request value for making API operation for AWS Single Sign-On.
Lists all AWS accounts assigned to the user. These AWS accounts are assigned by the administrator of the account. For more information, see Assign User Access (https://docs.aws.amazon.com/singlesignon/latest/userguide/useraccess.html#assignusers) in the AWS SSO User Guide. This operation returns a paginated response.
// Example sending a request using ListAccountsRequest. req := client.ListAccountsRequest(params) resp, err := req.Send(context.TODO()) if err == nil { fmt.Println(resp) }
Please also see https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccounts
func (*Client) LogoutRequest ¶
func (c *Client) LogoutRequest(input *LogoutInput) LogoutRequest
LogoutRequest returns a request value for making API operation for AWS Single Sign-On.
Removes the client- and server-side session that is associated with the user.
// Example sending a request using LogoutRequest. req := client.LogoutRequest(params) resp, err := req.Send(context.TODO()) if err == nil { fmt.Println(resp) }
Please also see https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/Logout
type GetRoleCredentialsInput ¶
type GetRoleCredentialsInput struct { // The token issued by the CreateToken API call. For more information, see CreateToken // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) // in the AWS SSO OIDC API Reference Guide. // // AccessToken is a required field AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` // The identifier for the AWS account that is assigned to the user. // // AccountId is a required field AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"` // The friendly name of the role that is assigned to the user. // // RoleName is a required field RoleName *string `location:"querystring" locationName:"role_name" type:"string" required:"true"` // contains filtered or unexported fields }
func (GetRoleCredentialsInput) MarshalFields ¶
func (s GetRoleCredentialsInput) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.
func (GetRoleCredentialsInput) String ¶
func (s GetRoleCredentialsInput) String() string
String returns the string representation
func (*GetRoleCredentialsInput) Validate ¶
func (s *GetRoleCredentialsInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type GetRoleCredentialsOutput ¶
type GetRoleCredentialsOutput struct { // The credentials for the role that is assigned to the user. RoleCredentials *RoleCredentials `locationName:"roleCredentials" type:"structure"` // contains filtered or unexported fields }
func (GetRoleCredentialsOutput) MarshalFields ¶
func (s GetRoleCredentialsOutput) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.
func (GetRoleCredentialsOutput) String ¶
func (s GetRoleCredentialsOutput) String() string
String returns the string representation
type GetRoleCredentialsRequest ¶
type GetRoleCredentialsRequest struct { *aws.Request Input *GetRoleCredentialsInput Copy func(*GetRoleCredentialsInput) GetRoleCredentialsRequest }
GetRoleCredentialsRequest is the request type for the GetRoleCredentials API operation.
func (GetRoleCredentialsRequest) Send ¶
func (r GetRoleCredentialsRequest) Send(ctx context.Context) (*GetRoleCredentialsResponse, error)
Send marshals and sends the GetRoleCredentials API request.
type GetRoleCredentialsResponse ¶
type GetRoleCredentialsResponse struct { *GetRoleCredentialsOutput // contains filtered or unexported fields }
GetRoleCredentialsResponse is the response type for the GetRoleCredentials API operation.
func (*GetRoleCredentialsResponse) SDKResponseMetdata ¶
func (r *GetRoleCredentialsResponse) SDKResponseMetdata() *aws.Response
SDKResponseMetdata returns the response metadata for the GetRoleCredentials request.
type ListAccountRolesInput ¶
type ListAccountRolesInput struct { // The token issued by the CreateToken API call. For more information, see CreateToken // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) // in the AWS SSO OIDC API Reference Guide. // // AccessToken is a required field AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` // The identifier for the AWS account that is assigned to the user. // // AccountId is a required field AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"` // The number of items that clients can request per page. MaxResults *int64 `location:"querystring" locationName:"max_result" min:"1" type:"integer"` // The page token from the previous response output when you request subsequent // pages. NextToken *string `location:"querystring" locationName:"next_token" type:"string"` // contains filtered or unexported fields }
func (ListAccountRolesInput) MarshalFields ¶
func (s ListAccountRolesInput) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.
func (ListAccountRolesInput) String ¶
func (s ListAccountRolesInput) String() string
String returns the string representation
func (*ListAccountRolesInput) Validate ¶
func (s *ListAccountRolesInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type ListAccountRolesOutput ¶
type ListAccountRolesOutput struct { // The page token client that is used to retrieve the list of accounts. NextToken *string `locationName:"nextToken" type:"string"` // A paginated response with the list of roles and the next token if more results // are available. RoleList []RoleInfo `locationName:"roleList" type:"list"` // contains filtered or unexported fields }
func (ListAccountRolesOutput) MarshalFields ¶
func (s ListAccountRolesOutput) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.
func (ListAccountRolesOutput) String ¶
func (s ListAccountRolesOutput) String() string
String returns the string representation
type ListAccountRolesPaginator ¶
ListAccountRolesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.
func NewListAccountRolesPaginator ¶
func NewListAccountRolesPaginator(req ListAccountRolesRequest) ListAccountRolesPaginator
NewListAccountRolesRequestPaginator returns a paginator for ListAccountRoles. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.
Note: This operation can generate multiple requests to a service.
// Example iterating over pages. req := client.ListAccountRolesRequest(input) p := sso.NewListAccountRolesRequestPaginator(req) for p.Next(context.TODO()) { page := p.CurrentPage() } if err := p.Err(); err != nil { return err }
func (*ListAccountRolesPaginator) CurrentPage ¶
func (p *ListAccountRolesPaginator) CurrentPage() *ListAccountRolesOutput
type ListAccountRolesRequest ¶
type ListAccountRolesRequest struct { *aws.Request Input *ListAccountRolesInput Copy func(*ListAccountRolesInput) ListAccountRolesRequest }
ListAccountRolesRequest is the request type for the ListAccountRoles API operation.
func (ListAccountRolesRequest) Send ¶
func (r ListAccountRolesRequest) Send(ctx context.Context) (*ListAccountRolesResponse, error)
Send marshals and sends the ListAccountRoles API request.
type ListAccountRolesResponse ¶
type ListAccountRolesResponse struct { *ListAccountRolesOutput // contains filtered or unexported fields }
ListAccountRolesResponse is the response type for the ListAccountRoles API operation.
func (*ListAccountRolesResponse) SDKResponseMetdata ¶
func (r *ListAccountRolesResponse) SDKResponseMetdata() *aws.Response
SDKResponseMetdata returns the response metadata for the ListAccountRoles request.
type ListAccountsInput ¶
type ListAccountsInput struct { // The token issued by the CreateToken API call. For more information, see CreateToken // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) // in the AWS SSO OIDC API Reference Guide. // // AccessToken is a required field AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` // This is the number of items clients can request per page. MaxResults *int64 `location:"querystring" locationName:"max_result" min:"1" type:"integer"` // (Optional) When requesting subsequent pages, this is the page token from // the previous response output. NextToken *string `location:"querystring" locationName:"next_token" type:"string"` // contains filtered or unexported fields }
func (ListAccountsInput) MarshalFields ¶
func (s ListAccountsInput) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.
func (ListAccountsInput) String ¶
func (s ListAccountsInput) String() string
String returns the string representation
func (*ListAccountsInput) Validate ¶
func (s *ListAccountsInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type ListAccountsOutput ¶
type ListAccountsOutput struct { // A paginated response with the list of account information and the next token // if more results are available. AccountList []AccountInfo `locationName:"accountList" type:"list"` // The page token client that is used to retrieve the list of accounts. NextToken *string `locationName:"nextToken" type:"string"` // contains filtered or unexported fields }
func (ListAccountsOutput) MarshalFields ¶
func (s ListAccountsOutput) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.
func (ListAccountsOutput) String ¶
func (s ListAccountsOutput) String() string
String returns the string representation
type ListAccountsPaginator ¶
ListAccountsPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.
func NewListAccountsPaginator ¶
func NewListAccountsPaginator(req ListAccountsRequest) ListAccountsPaginator
NewListAccountsRequestPaginator returns a paginator for ListAccounts. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.
Note: This operation can generate multiple requests to a service.
// Example iterating over pages. req := client.ListAccountsRequest(input) p := sso.NewListAccountsRequestPaginator(req) for p.Next(context.TODO()) { page := p.CurrentPage() } if err := p.Err(); err != nil { return err }
func (*ListAccountsPaginator) CurrentPage ¶
func (p *ListAccountsPaginator) CurrentPage() *ListAccountsOutput
type ListAccountsRequest ¶
type ListAccountsRequest struct { *aws.Request Input *ListAccountsInput Copy func(*ListAccountsInput) ListAccountsRequest }
ListAccountsRequest is the request type for the ListAccounts API operation.
func (ListAccountsRequest) Send ¶
func (r ListAccountsRequest) Send(ctx context.Context) (*ListAccountsResponse, error)
Send marshals and sends the ListAccounts API request.
type ListAccountsResponse ¶
type ListAccountsResponse struct { *ListAccountsOutput // contains filtered or unexported fields }
ListAccountsResponse is the response type for the ListAccounts API operation.
func (*ListAccountsResponse) SDKResponseMetdata ¶
func (r *ListAccountsResponse) SDKResponseMetdata() *aws.Response
SDKResponseMetdata returns the response metadata for the ListAccounts request.
type LogoutInput ¶
type LogoutInput struct { // The token issued by the CreateToken API call. For more information, see CreateToken // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) // in the AWS SSO OIDC API Reference Guide. // // AccessToken is a required field AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` // contains filtered or unexported fields }
func (LogoutInput) MarshalFields ¶
func (s LogoutInput) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.
func (LogoutInput) String ¶
func (s LogoutInput) String() string
String returns the string representation
func (*LogoutInput) Validate ¶
func (s *LogoutInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type LogoutOutput ¶
type LogoutOutput struct {
// contains filtered or unexported fields
}
func (LogoutOutput) MarshalFields ¶
func (s LogoutOutput) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.
func (LogoutOutput) String ¶
func (s LogoutOutput) String() string
String returns the string representation
type LogoutRequest ¶
type LogoutRequest struct { *aws.Request Input *LogoutInput Copy func(*LogoutInput) LogoutRequest }
LogoutRequest is the request type for the Logout API operation.
func (LogoutRequest) Send ¶
func (r LogoutRequest) Send(ctx context.Context) (*LogoutResponse, error)
Send marshals and sends the Logout API request.
type LogoutResponse ¶
type LogoutResponse struct { *LogoutOutput // contains filtered or unexported fields }
LogoutResponse is the response type for the Logout API operation.
func (*LogoutResponse) SDKResponseMetdata ¶
func (r *LogoutResponse) SDKResponseMetdata() *aws.Response
SDKResponseMetdata returns the response metadata for the Logout request.
type RoleCredentials ¶
type RoleCredentials struct { // The identifier used for the temporary security credentials. For more information, // see Using Temporary Security Credentials to Request Access to AWS Resources // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) // in the AWS IAM User Guide. AccessKeyId *string `locationName:"accessKeyId" type:"string"` // The date on which temporary security credentials expire. Expiration *int64 `locationName:"expiration" type:"long"` // The key that is used to sign the request. For more information, see Using // Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) // in the AWS IAM User Guide. SecretAccessKey *string `locationName:"secretAccessKey" type:"string" sensitive:"true"` // The token used for temporary credentials. For more information, see Using // Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) // in the AWS IAM User Guide. SessionToken *string `locationName:"sessionToken" type:"string" sensitive:"true"` // contains filtered or unexported fields }
Provides information about the role credentials that are assigned to the user.
func (RoleCredentials) MarshalFields ¶
func (s RoleCredentials) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.
func (RoleCredentials) String ¶
func (s RoleCredentials) String() string
String returns the string representation
type RoleInfo ¶
type RoleInfo struct { // The identifier of the AWS account assigned to the user. AccountId *string `locationName:"accountId" type:"string"` // The friendly name of the role that is assigned to the user. RoleName *string `locationName:"roleName" type:"string"` // contains filtered or unexported fields }
Provides information about the role that is assigned to the user.
func (RoleInfo) MarshalFields ¶
func (s RoleInfo) MarshalFields(e protocol.FieldEncoder) error
MarshalFields encodes the AWS API shape using the passed in protocol encoder.