GetAccessToken
Gets a temporary access token to use with AssumeRoleWithWebIdentity. Access tokens are valid for one hour.
Request Syntax
{
"Token": "string",
"TokenProperties": [ "string" ]
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- Token
-
Refresh token, encoded as a JWT token.
Type: String
Length Constraints: Maximum length of 4096.
Pattern:
\S+Required: Yes
- TokenProperties
-
Token properties to validate against those present in the JWT token.
Type: Array of strings
Array Members: Maximum number of 3 items.
Required: No
Response Syntax
{
"AccessToken": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- AccessToken
-
Temporary access token.
Type: String
Length Constraints: Maximum length of 4096.
Pattern:
\S+
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
Access to resource denied.
HTTP Status Code: 400
- AuthorizationException
-
The AWS user account does not have permission to perform the action. Check the IAM policy associated with this account.
HTTP Status Code: 400
- RateLimitExceededException
-
Too many requests have been submitted. Try again after a brief wait.
HTTP Status Code: 400
- ServerInternalException
-
The server experienced an internal error. Try again.
HTTP Status Code: 500
- ValidationException
-
The provided input is not valid. Try your request again.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
