1 // Code generated by smithy-go-codegen DO NOT EDIT.
2 3 // Package ssooidc provides the API client, operations, and parameter types for
4 // AWS SSO OIDC.
5 //
6 // IAM Identity Center OpenID Connect (OIDC) is a web service that enables a
7 // client (such as CLI or a native application) to register with IAM Identity
8 // Center. The service also enables the client to fetch the user’s access token
9 // upon successful authentication and authorization with IAM Identity Center.
10 //
11 // # API namespaces
12 //
13 // IAM Identity Center uses the sso and identitystore API namespaces. IAM Identity
14 // Center OpenID Connect uses the sso-oauth namespace.
15 //
16 // # Considerations for using this guide
17 //
18 // Before you begin using this guide, we recommend that you first review the
19 // following important information about how the IAM Identity Center OIDC service
20 // works.
21 //
22 // - The IAM Identity Center OIDC service currently implements only the portions
23 // of the OAuth 2.0 Device Authorization Grant standard ([https://tools.ietf.org/html/rfc8628] ) that are necessary to
24 // enable single sign-on authentication with the CLI.
25 //
26 // - With older versions of the CLI, the service only emits OIDC access tokens,
27 // so to obtain a new token, users must explicitly re-authenticate. To access the
28 // OIDC flow that supports token refresh and doesn’t require re-authentication,
29 // update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI V2) with
30 // support for OIDC token refresh and configurable IAM Identity Center session
31 // durations. For more information, see [Configure Amazon Web Services access portal session duration].
32 //
33 // - The access tokens provided by this service grant access to all Amazon Web
34 // Services account entitlements assigned to an IAM Identity Center user, not just
35 // a particular application.
36 //
37 // - The documentation in this guide does not describe the mechanism to convert
38 // the access token into Amazon Web Services Auth (“sigv4”) credentials for use
39 // with IAM-protected Amazon Web Services service endpoints. For more information,
40 // see [GetRoleCredentials]in the IAM Identity Center Portal API Reference Guide.
41 //
42 // For general information about IAM Identity Center, see [What is IAM Identity Center?] in the IAM Identity
43 // Center User Guide.
44 //
45 // [Configure Amazon Web Services access portal session duration]: https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html
46 // [GetRoleCredentials]: https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html
47 // [https://tools.ietf.org/html/rfc8628]: https://tools.ietf.org/html/rfc8628
48 // [What is IAM Identity Center?]: https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html
49 package ssooidc
50