src

Go monorepo.
git clone git://code.dwrz.net/src
Log | Files | Refs

doc.go (2810B)

      1 // Code generated by smithy-go-codegen DO NOT EDIT.
      2 
      3 // Package ssooidc provides the API client, operations, and parameter types for
      4 // AWS SSO OIDC.
      5 //
      6 // IAM Identity Center OpenID Connect (OIDC) is a web service that enables a
      7 // client (such as CLI or a native application) to register with IAM Identity
      8 // Center. The service also enables the client to fetch the user’s access token
      9 // upon successful authentication and authorization with IAM Identity Center.
     10 //
     11 // # API namespaces
     12 //
     13 // IAM Identity Center uses the sso and identitystore API namespaces. IAM Identity
     14 // Center OpenID Connect uses the sso-oauth namespace.
     15 //
     16 // # Considerations for using this guide
     17 //
     18 // Before you begin using this guide, we recommend that you first review the
     19 // following important information about how the IAM Identity Center OIDC service
     20 // works.
     21 //
     22 //   - The IAM Identity Center OIDC service currently implements only the portions
     23 //     of the OAuth 2.0 Device Authorization Grant standard ([https://tools.ietf.org/html/rfc8628] ) that are necessary to
     24 //     enable single sign-on authentication with the CLI.
     25 //
     26 //   - With older versions of the CLI, the service only emits OIDC access tokens,
     27 //     so to obtain a new token, users must explicitly re-authenticate. To access the
     28 //     OIDC flow that supports token refresh and doesn’t require re-authentication,
     29 //     update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI V2) with
     30 //     support for OIDC token refresh and configurable IAM Identity Center session
     31 //     durations. For more information, see [Configure Amazon Web Services access portal session duration].
     32 //
     33 //   - The access tokens provided by this service grant access to all Amazon Web
     34 //     Services account entitlements assigned to an IAM Identity Center user, not just
     35 //     a particular application.
     36 //
     37 //   - The documentation in this guide does not describe the mechanism to convert
     38 //     the access token into Amazon Web Services Auth (“sigv4”) credentials for use
     39 //     with IAM-protected Amazon Web Services service endpoints. For more information,
     40 //     see [GetRoleCredentials]in the IAM Identity Center Portal API Reference Guide.
     41 //
     42 // For general information about IAM Identity Center, see [What is IAM Identity Center?] in the IAM Identity
     43 // Center User Guide.
     44 //
     45 // [Configure Amazon Web Services access portal session duration]: https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html
     46 // [GetRoleCredentials]: https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html
     47 // [https://tools.ietf.org/html/rfc8628]: https://tools.ietf.org/html/rfc8628
     48 // [What is IAM Identity Center?]: https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html
     49 package ssooidc