Welcome

AWS provides AWS Security Token Service (AWS STS) as a web service that enables you to request temporary, limited-privilege credentials for users. This guide describes the AWS STS API. For more information, see Temporary Security Credentials in the IAM User Guide.

Note

As an alternative to using the API, you can use one of the AWS SDKs, which consist of libraries and sample code for various programming languages and platforms such as Java, Ruby, .NET, iOS, Android, and others. The SDKs provide a convenient way to create programmatic access to AWS STS. For example, the SDKs can cryptographically sign requests, manage errors, and retry requests automatically. For information about the AWS SDKs, see Tools to Build on AWS.

For information about setting up signatures and authorization through the API, see Signing AWS API Requests in the AWS General Reference. For general information about the Query API, see Making Query Requests in the IAM User Guide. For information about using security tokens with other AWS products, see AWS Services That Work with IAM in the IAM User Guide.

For information about AWS STS endpoints, see AWS STS Regions and endpoints in the IAM User Guide. For information about logging AWS STS API calls, see Logging IAM and AWS STS API calls with AWS CloudTrail in the IAM User Guide.

This document was last published on April 20, 2026.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Actions