IdentitystoreClient

Suggest an Edit

The Identity Store service used by IAM Identity Center provides a single place to retrieve all of your identities (users and groups). For more information, see the IAM Identity Center User Guide .

This reference guide describes the identity store operations that you can call programmatically and includes detailed information about data types and errors.

IAM Identity Center uses the sso and identitystore API namespaces.

Installation

NPM

npm install @aws-sdk/client-identitystore

Yarn

yarn add @aws-sdk/client-identitystore

pnpm

pnpm add @aws-sdk/client-identitystore

IdentitystoreClient Operations

Command	Summary
CreateGroupCommand	Creates a group within the specified identity store.
CreateGroupMembershipCommand	Creates a relationship between a member and a group. The following identifiers must be specified: `GroupId`, `IdentityStoreId`, and `MemberId`.
CreateUserCommand	Creates a user within the specified identity store.
DeleteGroupCommand	Delete a group within an identity store given `GroupId`.
DeleteGroupMembershipCommand	Delete a membership within a group given `MembershipId`.
DeleteUserCommand	Deletes a user within an identity store given `UserId`.
DescribeGroupCommand	Retrieves the group metadata and attributes from `GroupId` in an identity store. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
DescribeGroupMembershipCommand	Retrieves membership metadata and attributes from `MembershipId` in an identity store. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
DescribeUserCommand	Retrieves the user metadata and attributes from the `UserId` in an identity store. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
GetGroupIdCommand	Retrieves `GroupId` in an identity store. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
GetGroupMembershipIdCommand	Retrieves the `MembershipId` in an identity store. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
GetUserIdCommand	Retrieves the `UserId` in an identity store. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
IsMemberInGroupsCommand	Checks the user's membership in all requested groups and returns if the member exists in all queried groups. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
ListGroupMembershipsCommand	For the specified group in the specified identity store, returns the list of all `GroupMembership` objects and returns results in paginated form. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
ListGroupMembershipsForMemberCommand	For the specified member in the specified identity store, returns the list of all `GroupMembership` objects and returns results in paginated form. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
ListGroupsCommand	Lists all groups in the identity store. Returns a paginated list of complete `Group` objects. Filtering for a `Group` by the `DisplayName` attribute is deprecated. Instead, use the `GetGroupId` API action. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
ListUsersCommand	Lists all users in the identity store. Returns a paginated list of complete `User` objects. Filtering for a `User` by the `UserName` attribute is deprecated. Instead, use the `GetUserId` API action. If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.
UpdateGroupCommand	For the specified group in the specified identity store, updates the group metadata and attributes.
UpdateUserCommand	For the specified user in the specified identity store, updates the user metadata and attributes.

IdentitystoreClient Configuration

Parameter	Type	Description
`defaultsMode` Optional	`DefaultsMode \| Provider<DefaultsMode>`	The @smithy/smithy-client#DefaultsMode that will be used to determine how certain default configuration options are resolved in the SDK.
`disableHostPrefix` Optional	`boolean`	Disable dynamically changing the endpoint of the client based on the hostPrefix trait of an operation.
`extensions` Optional	`RuntimeExtension[]`	Optional extensions
`logger` Optional	`Logger`	Optional logger for logging debug/info/warn/error.
`maxAttempts` Optional	`number \| Provider<number>`	Value for how many times a request will be made at most in case of retry.
`profile` Optional	`string`	Setting a client profile is similar to setting a value for the AWS_PROFILE environment variable. Setting a profile on a client in code only affects the single client instance, unlike AWS_PROFILE.When set, and only for environments where an AWS configuration file exists, fields configurable by this file will be retrieved from the specified profile within that file. Conflicting code configuration and environment variables will still have higher priority.For client credential resolution that involves checking the AWS configuration file, the client's profile (this value) will be used unless a different profile is set in the credential provider options.
`region` Optional	`string \| Provider<string>`	The AWS region to which this client will send requests
`requestHandler` Optional	`__HttpHandlerUserInput`	The HTTP handler to use or its constructor options. Fetch in browser and Https in Nodejs.
`retryMode` Optional	`string \| Provider<string>`	Specifies which retry algorithm to use.
`useDualstackEndpoint` Optional	`boolean \| Provider<boolean>`	Enables IPv6/IPv4 dualstack endpoint.
`useFipsEndpoint` Optional	`boolean \| Provider<boolean>`	Enables FIPS compatible endpoints.

Additional config fields are described in the full configuration type: IdentitystoreClientConfig

Getting Started

References

IdentitystoreClient

Installation

IdentitystoreClient Operations

IdentitystoreClient Configuration

Table of Contents

Search