com.amazonaws.services.sso.AWSSSO Maven / Gradle / Ivy
Show all versions of aws-java-sdk-sso Show documentation
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.sso;
import javax.annotation.Generated;
import com.amazonaws.*;
import com.amazonaws.regions.*;
import com.amazonaws.services.sso.model.*;
/**
* Interface for accessing SSO.
*
* Note: Do not directly implement this interface, new methods are added to it regularly. Extend from
* {@link com.amazonaws.services.sso.AbstractAWSSSO} instead.
*
*
*
* AWS IAM Identity Center (successor to AWS Single Sign-On) Portal is a web service that makes it easy for you to
* assign user access to IAM Identity Center resources such as the AWS access portal. Users can get AWS account
* applications and roles assigned to them and get federated into the application.
*
*
*
* Although AWS Single Sign-On was renamed, the sso and identitystore API namespaces will
* continue to retain their original name for backward compatibility purposes. For more information, see IAM Identity Center rename.
*
*
*
* This reference guide describes the IAM Identity Center Portal operations that you can call programatically and
* includes detailed information on data types and errors.
*
*
*
* AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms, such as
* Java, Ruby, .Net, iOS, or Android. The SDKs provide a convenient way to create programmatic access to IAM Identity
* Center and other AWS services. For more information about the AWS SDKs, including how to download and install them,
* see Tools for Amazon Web Services.
*
*
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public interface AWSSSO {
/**
* The region metadata service name for computing region endpoints. You can use this value to retrieve metadata
* (such as supported regions) of the service.
*
* @see RegionUtils#getRegionsForService(String)
*/
String ENDPOINT_PREFIX = "portal.sso";
/**
*
* Returns the STS short-term credentials for a given role name that is assigned to the user.
*
*
* @param getRoleCredentialsRequest
* @return Result of the GetRoleCredentials operation returned by the service.
* @throws InvalidRequestException
* Indicates that a problem occurred with the input to the request. For example, a required parameter might
* be missing or out of range.
* @throws UnauthorizedException
* Indicates that the request is not authorized. This can happen due to an invalid access token in the
* request.
* @throws TooManyRequestsException
* Indicates that the request is being made too frequently and is more than what the server can handle.
* @throws ResourceNotFoundException
* The specified resource doesn't exist.
* @sample AWSSSO.GetRoleCredentials
* @see AWS API
* Documentation
*/
GetRoleCredentialsResult getRoleCredentials(GetRoleCredentialsRequest getRoleCredentialsRequest);
/**
*
* Lists all roles that are assigned to the user for a given AWS account.
*
*
* @param listAccountRolesRequest
* @return Result of the ListAccountRoles operation returned by the service.
* @throws InvalidRequestException
* Indicates that a problem occurred with the input to the request. For example, a required parameter might
* be missing or out of range.
* @throws UnauthorizedException
* Indicates that the request is not authorized. This can happen due to an invalid access token in the
* request.
* @throws TooManyRequestsException
* Indicates that the request is being made too frequently and is more than what the server can handle.
* @throws ResourceNotFoundException
* The specified resource doesn't exist.
* @sample AWSSSO.ListAccountRoles
* @see AWS API
* Documentation
*/
ListAccountRolesResult listAccountRoles(ListAccountRolesRequest listAccountRolesRequest);
/**
*
* Lists all AWS accounts assigned to the user. These AWS accounts are assigned by the administrator of the account.
* For more information, see Assign User
* Access in the IAM Identity Center User Guide. This operation returns a paginated response.
*
*
* @param listAccountsRequest
* @return Result of the ListAccounts operation returned by the service.
* @throws InvalidRequestException
* Indicates that a problem occurred with the input to the request. For example, a required parameter might
* be missing or out of range.
* @throws UnauthorizedException
* Indicates that the request is not authorized. This can happen due to an invalid access token in the
* request.
* @throws TooManyRequestsException
* Indicates that the request is being made too frequently and is more than what the server can handle.
* @throws ResourceNotFoundException
* The specified resource doesn't exist.
* @sample AWSSSO.ListAccounts
* @see AWS API
* Documentation
*/
ListAccountsResult listAccounts(ListAccountsRequest listAccountsRequest);
/**
*
* Removes the locally stored SSO tokens from the client-side cache and sends an API call to the IAM Identity Center
* service to invalidate the corresponding server-side IAM Identity Center sign in session.
*
*
*
* If a user uses IAM Identity Center to access the AWS CLI, the user’s IAM Identity Center sign in session is used
* to obtain an IAM session, as specified in the corresponding IAM Identity Center permission set. More
* specifically, IAM Identity Center assumes an IAM role in the target account on behalf of the user, and the
* corresponding temporary AWS credentials are returned to the client.
*
*
* After user logout, any existing IAM role sessions that were created by using IAM Identity Center permission sets
* continue based on the duration configured in the permission set. For more information, see User authentications in the
* IAM Identity Center User Guide.
*
*
*
* @param logoutRequest
* @return Result of the Logout operation returned by the service.
* @throws InvalidRequestException
* Indicates that a problem occurred with the input to the request. For example, a required parameter might
* be missing or out of range.
* @throws UnauthorizedException
* Indicates that the request is not authorized. This can happen due to an invalid access token in the
* request.
* @throws TooManyRequestsException
* Indicates that the request is being made too frequently and is more than what the server can handle.
* @sample AWSSSO.Logout
* @see AWS API
* Documentation
*/
LogoutResult logout(LogoutRequest logoutRequest);
/**
* Shuts down this client object, releasing any resources that might be held open. This is an optional method, and
* callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client
* has been shutdown, it should not be used to make any more requests.
*/
void shutdown();
/**
* Returns additional metadata for a previously executed successful request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing a request.
*
* @param request
* The originally executed request.
*
* @return The response metadata for the specified request, or null if none is available.
*/
ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request);
}