CreateUserSettings - Amazon WorkSpaces Secure Browser


Creates a user settings resource that can be associated with a web portal. Once associated with a web portal, user settings control how users can transfer data between a streaming session and the their local devices.

Request Syntax

POST /userSettings HTTP/1.1 Content-type: application/json { "additionalEncryptionContext": { "string" : "string" }, "clientToken": "string", "cookieSynchronizationConfiguration": { "allowlist": [ { "domain": "string", "name": "string", "path": "string" } ], "blocklist": [ { "domain": "string", "name": "string", "path": "string" } ] }, "copyAllowed": "string", "customerManagedKey": "string", "deepLinkAllowed": "string", "disconnectTimeoutInMinutes": number, "downloadAllowed": "string", "idleDisconnectTimeoutInMinutes": number, "pasteAllowed": "string", "printAllowed": "string", "tags": [ { "Key": "string", "Value": "string" } ], "toolbarConfiguration": { "hiddenToolbarItems": [ "string" ], "maxDisplayResolution": "string", "toolbarType": "string", "visualMode": "string" }, "uploadAllowed": "string" }

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.


The additional encryption context of the user settings.

Type: String to string map

Key Length Constraints: Minimum length of 0. Maximum length of 131072.

Key Pattern: ^[\s\S]*$

Value Length Constraints: Minimum length of 0. Maximum length of 131072.

Value Pattern: ^[\s\S]*$

Required: No


A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token returns the result from the original successful request.

If you do not specify a client token, one is automatically generated by the AWS SDK.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 512.

Required: No


The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.

Type: CookieSynchronizationConfiguration object

Required: No


Specifies whether the user can copy text from the streaming session to the local device.

Type: String

Valid Values: Disabled | Enabled

Required: Yes


The customer managed key used to encrypt sensitive information in the user settings.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$

Required: No


Specifies whether the user can use deep links that open automatically when connecting to a session.

Type: String

Valid Values: Disabled | Enabled

Required: No


The amount of time that a streaming session remains active after users disconnect.

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 600.

Required: No


Specifies whether the user can download files from the streaming session to the local device.

Type: String

Valid Values: Disabled | Enabled

Required: Yes


The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins.

Type: Integer

Valid Range: Minimum value of 0. Maximum value of 60.

Required: No


Specifies whether the user can paste text from the local device to the streaming session.

Type: String

Valid Values: Disabled | Enabled

Required: Yes


Specifies whether the user can print to the local device.

Type: String

Valid Values: Disabled | Enabled

Required: Yes


The tags to add to the user settings resource. A tag is a key-value pair.

Type: Array of Tag objects

Array Members: Minimum number of 0 items. Maximum number of 200 items.

Required: No


The configuration of the toolbar. This allows administrators to select the toolbar type and visual mode, set maximum display resolution for sessions, and choose which items are visible to end users during their sessions. If administrators do not modify these settings, end users retain control over their toolbar preferences.

Type: ToolbarConfiguration object

Required: No


Specifies whether the user can upload files from the local device to the streaming session.

Type: String

Valid Values: Disabled | Enabled

Required: Yes

Response Syntax

HTTP/1.1 200 Content-type: application/json { "userSettingsArn": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


The ARN of the user settings.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$


For information about the errors that are common to all actions, see Common Errors.


Access is denied.

HTTP Status Code: 403


There is a conflict.

HTTP Status Code: 409


There is an internal server error.

HTTP Status Code: 500


The service quota has been exceeded.

HTTP Status Code: 402


There is a throttling error.

HTTP Status Code: 429


There is a validation error.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: