Copyright	(c) 2013-2021 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None

Amazonka.SSOOIDC.CreateToken

Contents

Creating a Request
Request Lenses
Destructuring the Response
Response Lenses

Description

Creates and returns an access token for the authorized client. The access token issued will be used to fetch short-term credentials for the assigned roles in the AWS account.

Synopsis

data CreateToken = CreateToken' {
- redirectUri :: Maybe Text
- refreshToken :: Maybe Text
- scope :: Maybe [Text]
- code :: Maybe Text
- clientId :: Text
- clientSecret :: Text
- grantType :: Text
- deviceCode :: Text
}
newCreateToken :: Text -> Text -> Text -> Text -> CreateToken
createToken_redirectUri :: Lens' CreateToken (Maybe Text)
createToken_refreshToken :: Lens' CreateToken (Maybe Text)
createToken_scope :: Lens' CreateToken (Maybe [Text])
createToken_code :: Lens' CreateToken (Maybe Text)
createToken_clientId :: Lens' CreateToken Text
createToken_clientSecret :: Lens' CreateToken Text
createToken_grantType :: Lens' CreateToken Text
createToken_deviceCode :: Lens' CreateToken Text
data CreateTokenResponse = CreateTokenResponse' {
- accessToken :: Maybe Text
- refreshToken :: Maybe Text
- expiresIn :: Maybe Int
- tokenType :: Maybe Text
- idToken :: Maybe Text
- httpStatus :: Int
}
newCreateTokenResponse :: Int -> CreateTokenResponse
createTokenResponse_accessToken :: Lens' CreateTokenResponse (Maybe Text)
createTokenResponse_refreshToken :: Lens' CreateTokenResponse (Maybe Text)
createTokenResponse_expiresIn :: Lens' CreateTokenResponse (Maybe Int)
createTokenResponse_tokenType :: Lens' CreateTokenResponse (Maybe Text)
createTokenResponse_idToken :: Lens' CreateTokenResponse (Maybe Text)
createTokenResponse_httpStatus :: Lens' CreateTokenResponse Int

Creating a Request

data CreateToken Source #

See: newCreateToken smart constructor.

Constructors

CreateToken'

Fields

redirectUri :: Maybe Text
The location of the application that will receive the authorization code. Users authorize the service to send the request to this location.
refreshToken :: Maybe Text
The token used to obtain an access token in the event that the access token is invalid or expired. This token is not issued by the service.
scope :: Maybe [Text]
The list of scopes that is defined by the client. Upon authorization, this list is used to restrict permissions when granting an access token.
code :: Maybe Text
The authorization code received from the authorization service. This parameter is required to perform an authorization grant request to get access to a token.
clientId :: Text
The unique identifier string for each client. This value should come from the persisted result of the RegisterClient API.
clientSecret :: Text
A secret string generated for the client. This value should come from the persisted result of the RegisterClient API.
grantType :: Text
Supports grant types for authorization code, refresh token, and device code request.
deviceCode :: Text
Used only when calling this API for the device code grant type. This short-term code is used to identify this authentication attempt. This should come from an in-memory reference to the result of the StartDeviceAuthorization API.

Instances

Instances details

Eq CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods (==) :: CreateToken -> CreateToken -> Bool # (/=) :: CreateToken -> CreateToken -> Bool #
Read CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods readsPrec :: Int -> ReadS CreateToken # readList :: ReadS [CreateToken] # readPrec :: ReadPrec CreateToken # readListPrec :: ReadPrec [CreateToken] #
Show CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods showsPrec :: Int -> CreateToken -> ShowS # show :: CreateToken -> String # showList :: [CreateToken] -> ShowS #
Generic CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Associated Types type Rep CreateToken :: Type -> Type # Methods from :: CreateToken -> Rep CreateToken x # to :: Rep CreateToken x -> CreateToken #
NFData CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods rnf :: CreateToken -> () #
Hashable CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods hashWithSalt :: Int -> CreateToken -> Int # hash :: CreateToken -> Int #
ToJSON CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods toJSON :: CreateToken -> Value # toEncoding :: CreateToken -> Encoding # toJSONList :: [CreateToken] -> Value # toEncodingList :: [CreateToken] -> Encoding #
AWSRequest CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Associated Types type AWSResponse CreateToken # Methods request :: CreateToken -> Request CreateToken # response :: MonadResource m => Logger -> Service -> Proxy CreateToken -> ClientResponse ClientBody -> m (Either Error (ClientResponse (AWSResponse CreateToken))) #
ToHeaders CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods toHeaders :: CreateToken -> [Header] #
ToPath CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods toPath :: CreateToken -> ByteString #
ToQuery CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods toQuery :: CreateToken -> QueryString #
type Rep CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken type Rep CreateToken = D1 ('MetaData "CreateToken" "Amazonka.SSOOIDC.CreateToken" "libZSservicesZSamazonka-sso-oidcZSamazonka-sso-oidc" 'False) (C1 ('MetaCons "CreateToken'" 'PrefixI 'True) (((S1 ('MetaSel ('Just "redirectUri") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :: S1 ('MetaSel ('Just "refreshToken") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))) :: (S1 ('MetaSel ('Just "scope") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [Text])) :: S1 ('MetaSel ('Just "code") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)))) :: ((S1 ('MetaSel ('Just "clientId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :: S1 ('MetaSel ('Just "clientSecret") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)) :: (S1 ('MetaSel ('Just "grantType") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "deviceCode") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)))))
type AWSResponse CreateToken Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken type AWSResponse CreateToken = CreateTokenResponse

newCreateToken Source #

Arguments

:: Text	`$sel:clientId:CreateToken'`
-> Text	`$sel:clientSecret:CreateToken'`
-> Text	`$sel:grantType:CreateToken'`
-> Text	`$sel:deviceCode:CreateToken'`
-> CreateToken

Create a value of CreateToken with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:redirectUri:CreateToken', createToken_redirectUri - The location of the application that will receive the authorization code. Users authorize the service to send the request to this location.

$sel:refreshToken:CreateToken', createToken_refreshToken - The token used to obtain an access token in the event that the access token is invalid or expired. This token is not issued by the service.

$sel:scope:CreateToken', createToken_scope - The list of scopes that is defined by the client. Upon authorization, this list is used to restrict permissions when granting an access token.

$sel:code:CreateToken', createToken_code - The authorization code received from the authorization service. This parameter is required to perform an authorization grant request to get access to a token.

$sel:clientId:CreateToken', createToken_clientId - The unique identifier string for each client. This value should come from the persisted result of the RegisterClient API.

$sel:clientSecret:CreateToken', createToken_clientSecret - A secret string generated for the client. This value should come from the persisted result of the RegisterClient API.

$sel:grantType:CreateToken', createToken_grantType - Supports grant types for authorization code, refresh token, and device code request.

$sel:deviceCode:CreateToken', createToken_deviceCode - Used only when calling this API for the device code grant type. This short-term code is used to identify this authentication attempt. This should come from an in-memory reference to the result of the StartDeviceAuthorization API.

Request Lenses

createToken_redirectUri :: Lens' CreateToken (Maybe Text) Source #

The location of the application that will receive the authorization code. Users authorize the service to send the request to this location.

createToken_refreshToken :: Lens' CreateToken (Maybe Text) Source #

The token used to obtain an access token in the event that the access token is invalid or expired. This token is not issued by the service.

createToken_scope :: Lens' CreateToken (Maybe [Text]) Source #

The list of scopes that is defined by the client. Upon authorization, this list is used to restrict permissions when granting an access token.

createToken_code :: Lens' CreateToken (Maybe Text) Source #

The authorization code received from the authorization service. This parameter is required to perform an authorization grant request to get access to a token.

createToken_clientId :: Lens' CreateToken Text Source #

The unique identifier string for each client. This value should come from the persisted result of the RegisterClient API.

createToken_clientSecret :: Lens' CreateToken Text Source #

A secret string generated for the client. This value should come from the persisted result of the RegisterClient API.

createToken_grantType :: Lens' CreateToken Text Source #

Supports grant types for authorization code, refresh token, and device code request.

createToken_deviceCode :: Lens' CreateToken Text Source #

Used only when calling this API for the device code grant type. This short-term code is used to identify this authentication attempt. This should come from an in-memory reference to the result of the StartDeviceAuthorization API.

Destructuring the Response

data CreateTokenResponse Source #

See: newCreateTokenResponse smart constructor.

Constructors

CreateTokenResponse'

Fields

accessToken :: Maybe Text
An opaque token to access AWS SSO resources assigned to a user.
refreshToken :: Maybe Text
A token that, if present, can be used to refresh a previously issued access token that might have expired.
expiresIn :: Maybe Int
Indicates the time in seconds when an access token will expire.
tokenType :: Maybe Text
Used to notify the client that the returned token is an access token. The supported type is BearerToken.
idToken :: Maybe Text
The identifier of the user that associated with the access token, if present.
httpStatus :: Int
The response's http status code.

Instances

Instances details

Eq CreateTokenResponse Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods (==) :: CreateTokenResponse -> CreateTokenResponse -> Bool # (/=) :: CreateTokenResponse -> CreateTokenResponse -> Bool #
Read CreateTokenResponse Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods readsPrec :: Int -> ReadS CreateTokenResponse # readList :: ReadS [CreateTokenResponse] # readPrec :: ReadPrec CreateTokenResponse # readListPrec :: ReadPrec [CreateTokenResponse] #
Show CreateTokenResponse Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods showsPrec :: Int -> CreateTokenResponse -> ShowS # show :: CreateTokenResponse -> String # showList :: [CreateTokenResponse] -> ShowS #
Generic CreateTokenResponse Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Associated Types type Rep CreateTokenResponse :: Type -> Type # Methods from :: CreateTokenResponse -> Rep CreateTokenResponse x # to :: Rep CreateTokenResponse x -> CreateTokenResponse #
NFData CreateTokenResponse Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken Methods rnf :: CreateTokenResponse -> () #
type Rep CreateTokenResponse Source #
Instance details Defined in Amazonka.SSOOIDC.CreateToken type Rep CreateTokenResponse = D1 ('MetaData "CreateTokenResponse" "Amazonka.SSOOIDC.CreateToken" "libZSservicesZSamazonka-sso-oidcZSamazonka-sso-oidc" 'False) (C1 ('MetaCons "CreateTokenResponse'" 'PrefixI 'True) ((S1 ('MetaSel ('Just "accessToken") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :: (S1 ('MetaSel ('Just "refreshToken") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :: S1 ('MetaSel ('Just "expiresIn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Int)))) :: (S1 ('MetaSel ('Just "tokenType") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :: (S1 ('MetaSel ('Just "idToken") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int)))))

newCreateTokenResponse Source #

Arguments

:: Int	`$sel:httpStatus:CreateTokenResponse'`
-> CreateTokenResponse

Create a value of CreateTokenResponse with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:accessToken:CreateTokenResponse', createTokenResponse_accessToken - An opaque token to access AWS SSO resources assigned to a user.

$sel:refreshToken:CreateToken', createTokenResponse_refreshToken - A token that, if present, can be used to refresh a previously issued access token that might have expired.

$sel:expiresIn:CreateTokenResponse', createTokenResponse_expiresIn - Indicates the time in seconds when an access token will expire.

$sel:tokenType:CreateTokenResponse', createTokenResponse_tokenType - Used to notify the client that the returned token is an access token. The supported type is BearerToken.

$sel:idToken:CreateTokenResponse', createTokenResponse_idToken - The identifier of the user that associated with the access token, if present.

$sel:httpStatus:CreateTokenResponse', createTokenResponse_httpStatus - The response's http status code.

Response Lenses

createTokenResponse_accessToken :: Lens' CreateTokenResponse (Maybe Text) Source #

An opaque token to access AWS SSO resources assigned to a user.

createTokenResponse_refreshToken :: Lens' CreateTokenResponse (Maybe Text) Source #

A token that, if present, can be used to refresh a previously issued access token that might have expired.

createTokenResponse_expiresIn :: Lens' CreateTokenResponse (Maybe Int) Source #

Indicates the time in seconds when an access token will expire.

createTokenResponse_tokenType :: Lens' CreateTokenResponse (Maybe Text) Source #

Used to notify the client that the returned token is an access token. The supported type is BearerToken.

createTokenResponse_idToken :: Lens' CreateTokenResponse (Maybe Text) Source #

The identifier of the user that associated with the access token, if present.

createTokenResponse_httpStatus :: Lens' CreateTokenResponse Int Source #

The response's http status code.