| Copyright | (c) 2013-2021 Brendan Hay |
|---|---|
| License | Mozilla Public License, v. 2.0. |
| Maintainer | Brendan Hay <brendan.g.hay+amazonka@gmail.com> |
| Stability | auto-generated |
| Portability | non-portable (GHC extensions) |
| Safe Haskell | None |
Amazonka.SSO
Description
Derived from API version 2019-06-10 of the AWS service descriptions, licensed under Apache 2.0.
AWS Single Sign-On Portal is a web service that makes it easy for you to assign user access to AWS SSO resources such as the user portal. Users can get AWS account applications and roles assigned to them and get federated into the application.
For general information about AWS SSO, see What is AWS Single Sign-On? in the AWS SSO User Guide.
This API reference guide describes the AWS SSO Portal operations that you can call programatically and includes detailed information on data types and errors.
AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs provide a convenient way to create programmatic access to AWS SSO and other AWS services. For more information about the AWS SDKs, including how to download and install them, see Tools for Amazon Web Services.
Synopsis
- defaultService :: Service
- _InvalidRequestException :: AsError a => Getting (First ServiceError) a ServiceError
- _TooManyRequestsException :: AsError a => Getting (First ServiceError) a ServiceError
- _UnauthorizedException :: AsError a => Getting (First ServiceError) a ServiceError
- _ResourceNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError
- data Logout = Logout' (Sensitive Text)
- newLogout :: Text -> Logout
- data LogoutResponse = LogoutResponse' {
- newLogoutResponse :: LogoutResponse
- data GetRoleCredentials = GetRoleCredentials' Text Text (Sensitive Text)
- newGetRoleCredentials :: Text -> Text -> Text -> GetRoleCredentials
- data GetRoleCredentialsResponse = GetRoleCredentialsResponse' (Maybe RoleCredentials) Int
- newGetRoleCredentialsResponse :: Int -> GetRoleCredentialsResponse
- data ListAccounts = ListAccounts' (Maybe Text) (Maybe Natural) (Sensitive Text)
- newListAccounts :: Text -> ListAccounts
- data ListAccountsResponse = ListAccountsResponse' (Maybe [AccountInfo]) (Maybe Text) Int
- newListAccountsResponse :: Int -> ListAccountsResponse
- data ListAccountRoles = ListAccountRoles' (Maybe Text) (Maybe Natural) (Sensitive Text) Text
- newListAccountRoles :: Text -> Text -> ListAccountRoles
- data ListAccountRolesResponse = ListAccountRolesResponse' (Maybe [RoleInfo]) (Maybe Text) Int
- newListAccountRolesResponse :: Int -> ListAccountRolesResponse
- data AccountInfo = AccountInfo' (Maybe Text) (Maybe Text) (Maybe Text)
- newAccountInfo :: AccountInfo
- data RoleCredentials = RoleCredentials' (Maybe (Sensitive Text)) (Maybe (Sensitive Text)) (Maybe Integer) (Maybe Text)
- newRoleCredentials :: RoleCredentials
- data RoleInfo = RoleInfo' (Maybe Text) (Maybe Text)
- newRoleInfo :: RoleInfo
Service Configuration
defaultService :: Service Source #
API version 2019-06-10 of the Amazon Single Sign-On SDK configuration.
Errors
Error matchers are designed for use with the functions provided by
Control.Exception.Lens.
This allows catching (and rethrowing) service specific errors returned
by SSO.
InvalidRequestException
_InvalidRequestException :: AsError a => Getting (First ServiceError) a ServiceError Source #
Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.
TooManyRequestsException
_TooManyRequestsException :: AsError a => Getting (First ServiceError) a ServiceError Source #
Indicates that the request is being made too frequently and is more than what the server can handle.
UnauthorizedException
_UnauthorizedException :: AsError a => Getting (First ServiceError) a ServiceError Source #
Indicates that the request is not authorized. This can happen due to an invalid access token in the request.
ResourceNotFoundException
_ResourceNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The specified resource doesn't exist.
Waiters
Waiters poll by repeatedly sending a request until some remote success condition
configured by the Wait specification is fulfilled. The Wait specification
determines how many attempts should be made, in addition to delay and retry strategies.
Operations
Some AWS operations return results that are incomplete and require subsequent
requests in order to obtain the entire result set. The process of sending
subsequent requests to continue where a previous request left off is called
pagination. For example, the ListObjects operation of Amazon S3 returns up to
1000 objects at a time, and you must send subsequent requests with the
appropriate Marker in order to retrieve the next page of results.
Operations that have an AWSPager instance can transparently perform subsequent
requests, correctly setting Markers and other request facets to iterate through
the entire result set of a truncated API operation. Operations which support
this have an additional note in the documentation.
Many operations have the ability to filter results on the server side. See the individual operation parameters for details.
Logout
See: newLogout smart constructor.
Instances
| Eq Logout Source # | |
| Show Logout Source # | |
| Generic Logout Source # | |
| NFData Logout Source # | |
Defined in Amazonka.SSO.Logout | |
| Hashable Logout Source # | |
Defined in Amazonka.SSO.Logout | |
| ToJSON Logout Source # | |
Defined in Amazonka.SSO.Logout | |
| AWSRequest Logout Source # | |
Defined in Amazonka.SSO.Logout Associated Types type AWSResponse Logout # Methods request :: Logout -> Request Logout # response :: MonadResource m => Logger -> Service -> Proxy Logout -> ClientResponse ClientBody -> m (Either Error (ClientResponse (AWSResponse Logout))) # | |
| ToHeaders Logout Source # | |
Defined in Amazonka.SSO.Logout | |
| ToPath Logout Source # | |
Defined in Amazonka.SSO.Logout Methods toPath :: Logout -> ByteString # | |
| ToQuery Logout Source # | |
Defined in Amazonka.SSO.Logout Methods toQuery :: Logout -> QueryString # | |
| type Rep Logout Source # | |
Defined in Amazonka.SSO.Logout | |
| type AWSResponse Logout Source # | |
Defined in Amazonka.SSO.Logout | |
Create a value of Logout with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accessToken:Logout', logout_accessToken - The token issued by the CreateToken API call. For more information,
see
CreateToken
in the AWS SSO OIDC API Reference Guide.
data LogoutResponse Source #
See: newLogoutResponse smart constructor.
Constructors
| LogoutResponse' | |
Instances
| Eq LogoutResponse Source # | |
Defined in Amazonka.SSO.Logout Methods (==) :: LogoutResponse -> LogoutResponse -> Bool # (/=) :: LogoutResponse -> LogoutResponse -> Bool # | |
| Read LogoutResponse Source # | |
Defined in Amazonka.SSO.Logout Methods readsPrec :: Int -> ReadS LogoutResponse # readList :: ReadS [LogoutResponse] # | |
| Show LogoutResponse Source # | |
Defined in Amazonka.SSO.Logout Methods showsPrec :: Int -> LogoutResponse -> ShowS # show :: LogoutResponse -> String # showList :: [LogoutResponse] -> ShowS # | |
| Generic LogoutResponse Source # | |
Defined in Amazonka.SSO.Logout Associated Types type Rep LogoutResponse :: Type -> Type # Methods from :: LogoutResponse -> Rep LogoutResponse x # to :: Rep LogoutResponse x -> LogoutResponse # | |
| NFData LogoutResponse Source # | |
Defined in Amazonka.SSO.Logout Methods rnf :: LogoutResponse -> () # | |
| type Rep LogoutResponse Source # | |
newLogoutResponse :: LogoutResponse Source #
Create a value of LogoutResponse with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
GetRoleCredentials
data GetRoleCredentials Source #
See: newGetRoleCredentials smart constructor.
Constructors
| GetRoleCredentials' Text Text (Sensitive Text) |
Instances
newGetRoleCredentials Source #
Arguments
| :: Text | |
| -> Text | |
| -> Text | |
| -> GetRoleCredentials |
Create a value of GetRoleCredentials with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:roleName:GetRoleCredentials', getRoleCredentials_roleName - The friendly name of the role that is assigned to the user.
$sel:accountId:GetRoleCredentials', getRoleCredentials_accountId - The identifier for the AWS account that is assigned to the user.
$sel:accessToken:GetRoleCredentials', getRoleCredentials_accessToken - The token issued by the CreateToken API call. For more information,
see
CreateToken
in the AWS SSO OIDC API Reference Guide.
data GetRoleCredentialsResponse Source #
See: newGetRoleCredentialsResponse smart constructor.
Constructors
| GetRoleCredentialsResponse' (Maybe RoleCredentials) Int |
Instances
newGetRoleCredentialsResponse Source #
Create a value of GetRoleCredentialsResponse with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:roleCredentials:GetRoleCredentialsResponse', getRoleCredentialsResponse_roleCredentials - The credentials for the role that is assigned to the user.
$sel:httpStatus:GetRoleCredentialsResponse', getRoleCredentialsResponse_httpStatus - The response's http status code.
ListAccounts (Paginated)
data ListAccounts Source #
See: newListAccounts smart constructor.
Instances
Arguments
| :: Text | |
| -> ListAccounts |
Create a value of ListAccounts with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:nextToken:ListAccounts', listAccounts_nextToken - (Optional) When requesting subsequent pages, this is the page token from
the previous response output.
$sel:maxResults:ListAccounts', listAccounts_maxResults - This is the number of items clients can request per page.
$sel:accessToken:ListAccounts', listAccounts_accessToken - The token issued by the CreateToken API call. For more information,
see
CreateToken
in the AWS SSO OIDC API Reference Guide.
data ListAccountsResponse Source #
See: newListAccountsResponse smart constructor.
Constructors
| ListAccountsResponse' (Maybe [AccountInfo]) (Maybe Text) Int |
Instances
newListAccountsResponse Source #
Arguments
| :: Int | |
| -> ListAccountsResponse |
Create a value of ListAccountsResponse with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountList:ListAccountsResponse', listAccountsResponse_accountList - A paginated response with the list of account information and the next
token if more results are available.
$sel:nextToken:ListAccounts', listAccountsResponse_nextToken - The page token client that is used to retrieve the list of accounts.
$sel:httpStatus:ListAccountsResponse', listAccountsResponse_httpStatus - The response's http status code.
ListAccountRoles (Paginated)
data ListAccountRoles Source #
See: newListAccountRoles smart constructor.
Instances
Arguments
| :: Text | |
| -> Text | |
| -> ListAccountRoles |
Create a value of ListAccountRoles with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:nextToken:ListAccountRoles', listAccountRoles_nextToken - The page token from the previous response output when you request
subsequent pages.
$sel:maxResults:ListAccountRoles', listAccountRoles_maxResults - The number of items that clients can request per page.
$sel:accessToken:ListAccountRoles', listAccountRoles_accessToken - The token issued by the CreateToken API call. For more information,
see
CreateToken
in the AWS SSO OIDC API Reference Guide.
$sel:accountId:ListAccountRoles', listAccountRoles_accountId - The identifier for the AWS account that is assigned to the user.
data ListAccountRolesResponse Source #
See: newListAccountRolesResponse smart constructor.
Instances
newListAccountRolesResponse Source #
Create a value of ListAccountRolesResponse with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:roleList:ListAccountRolesResponse', listAccountRolesResponse_roleList - A paginated response with the list of roles and the next token if more
results are available.
$sel:nextToken:ListAccountRoles', listAccountRolesResponse_nextToken - The page token client that is used to retrieve the list of accounts.
$sel:httpStatus:ListAccountRolesResponse', listAccountRolesResponse_httpStatus - The response's http status code.
Types
AccountInfo
data AccountInfo Source #
Provides information about your AWS account.
See: newAccountInfo smart constructor.
Instances
newAccountInfo :: AccountInfo Source #
Create a value of AccountInfo with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountName:AccountInfo', accountInfo_accountName - The display name of the AWS account that is assigned to the user.
$sel:accountId:AccountInfo', accountInfo_accountId - The identifier of the AWS account that is assigned to the user.
$sel:emailAddress:AccountInfo', accountInfo_emailAddress - The email address of the AWS account that is assigned to the user.
RoleCredentials
data RoleCredentials Source #
Provides information about the role credentials that are assigned to the user.
See: newRoleCredentials smart constructor.
Constructors
| RoleCredentials' (Maybe (Sensitive Text)) (Maybe (Sensitive Text)) (Maybe Integer) (Maybe Text) |
Instances
newRoleCredentials :: RoleCredentials Source #
Create a value of RoleCredentials with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:secretAccessKey:RoleCredentials', roleCredentials_secretAccessKey - The key that is used to sign the request. For more information, see
Using Temporary Security Credentials to Request Access to AWS Resources
in the AWS IAM User Guide.
$sel:sessionToken:RoleCredentials', roleCredentials_sessionToken - The token used for temporary credentials. For more information, see
Using Temporary Security Credentials to Request Access to AWS Resources
in the AWS IAM User Guide.
$sel:expiration:RoleCredentials', roleCredentials_expiration - The date on which temporary security credentials expire.
$sel:accessKeyId:RoleCredentials', roleCredentials_accessKeyId - The identifier used for the temporary security credentials. For more
information, see
Using Temporary Security Credentials to Request Access to AWS Resources
in the AWS IAM User Guide.
RoleInfo
Provides information about the role that is assigned to the user.
See: newRoleInfo smart constructor.
Instances
| Eq RoleInfo Source # | |
| Read RoleInfo Source # | |
| Show RoleInfo Source # | |
| Generic RoleInfo Source # | |
| NFData RoleInfo Source # | |
Defined in Amazonka.SSO.Types.RoleInfo | |
| Hashable RoleInfo Source # | |
Defined in Amazonka.SSO.Types.RoleInfo | |
| FromJSON RoleInfo Source # | |
| type Rep RoleInfo Source # | |
Defined in Amazonka.SSO.Types.RoleInfo type Rep RoleInfo = D1 ('MetaData "RoleInfo" "Amazonka.SSO.Types.RoleInfo" "libZSservicesZSamazonka-ssoZSamazonka-sso" 'False) (C1 ('MetaCons "RoleInfo'" 'PrefixI 'True) (S1 ('MetaSel ('Just "roleName") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: S1 ('MetaSel ('Just "accountId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)))) | |
newRoleInfo :: RoleInfo Source #
Create a value of RoleInfo with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:roleName:RoleInfo', roleInfo_roleName - The friendly name of the role that is assigned to the user.
$sel:accountId:RoleInfo', roleInfo_accountId - The identifier of the AWS account assigned to the user.