ssooidc/aws.sdk.kotlin.services.ssooidc/createTokenWithIam

createTokenWithIam

inline suspend fun SsoOidcClient.createTokenWithIam(crossinline block: CreateTokenWithIamRequest.Builder.() -> Unit): CreateTokenWithIamResponse

Creates and returns access and refresh tokens for clients and applications that are authenticated using IAM entities. The access token can be used to fetch short-lived credentials for the assigned Amazon Web Services accounts or to access application APIs using bearer authentication.

Samples


fun main() { 
   //sampleStart 
   val resp = ssoOidcClient.createTokenWithIam {
    clientId = "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222"
    grantType = "authorization_code"
    code = "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzg0In0EXAMPLEAUTHCODE"
    redirectUri = "https://mywebapp.example/redirect"
    scope = listOf<String>(
        "openid",
        "aws",
        "sts:identity_context"
    )
} 
   //sampleEnd
}

fun main() { 
   //sampleStart 
   val resp = ssoOidcClient.createTokenWithIam {
    clientId = "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222"
    grantType = "urn:ietf:params:oauth:grant-type:jwt-bearer"
    assertion = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjFMVE16YWtpaGlSbGFfOHoyQkVKVlhlV01xbyJ9.eyJ2ZXIiOiIyLjAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vOTEyMjA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkL3YyLjAiLCJzdWIiOiJBQUFBQUFBQUFBQUFBQUFBQUFBQUFJa3pxRlZyU2FTYUZIeTc4MmJidGFRIiwiYXVkIjoiNmNiMDQwMTgtYTNmNS00NmE3LWI5OTUtOTQwYzc4ZjVhZWYzIiwiZXhwIjoxNTM2MzYxNDExLCJpYXQiOjE1MzYyNzQ3MTEsIm5iZiI6MTUzNjI3NDcxMSwibmFtZSI6IkFiZSBMaW5jb2xuIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWJlTGlAbWljcm9zb2Z0LmNvbSIsIm9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC02NmYzLTMzMzJlY2E3ZWE4MSIsInRpZCI6IjkxMjIwNDBkLTZjNjctNGM1Yi1iMTEyLTM2YTMwNGI2NmRhZCIsIm5vbmNlIjoiMTIzNTIzIiwiYWlvIjoiRGYyVVZYTDFpeCFsTUNXTVNPSkJjRmF0emNHZnZGR2hqS3Y4cTVnMHg3MzJkUjVNQjVCaXN2R1FPN1lXQnlqZDhpUURMcSFlR2JJRGFreXA1bW5PcmNkcUhlWVNubHRlcFFtUnA2QUlaOGpZIn0.1AFWW-Ck5nROwSlltm7GzZvDwUkqvhSQpm55TQsmVo9Y59cLhRXpvB8n-55HCr9Z6G_31_UbeUkoz612I2j_Sm9FFShSDDjoaLQr54CreGIJvjtmS3EkK9a7SJBbcpL1MpUtlfygow39tFjY7EVNW9plWUvRrTgVk7lYLprvfzw-CIqw3gHC-T7IK_m_xkr08INERBtaecwhTeN4chPC4W3jdmw_lIxzC48YoQ0dB1L9-ImX98Egypfrlbm0IBL5spFzL6JDZIRRJOu8vecJvj1mq-IUhGt0MacxX8jdxYLP-KUu2d9MbNKpCKJuZ7p8gwTL5B7NlUdh_dmSviPWrw"
} 
   //sampleEnd
}

fun main() { 
   //sampleStart 
   val resp = ssoOidcClient.createTokenWithIam {
    clientId = "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222"
    grantType = "refresh_token"
    refreshToken = "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN"
} 
   //sampleEnd
}

fun main() { 
   //sampleStart 
   val resp = ssoOidcClient.createTokenWithIam {
    clientId = "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222"
    grantType = "urn:ietf:params:oauth:grant-type:token-exchange"
    subjectToken = "aoak-Hig8TUDPNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZDIFFERENTACCESSTOKEN"
    subjectTokenType = "urn:ietf:params:oauth:token-type:access_token"
    requestedTokenType = "urn:ietf:params:oauth:token-type:access_token"
} 
   //sampleEnd
}
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved. Generated by dokka