Assume Role With S A M L
GET {{aws_security_token_service_aws_sts_base_url}}/?DurationSeconds&Policy&PolicyArns.member.N&PrincipalArn&RoleArn&SAMLAssertion&Version=2011-06-15
Request Params
| Key | Datatype | Required | Description |
|---|---|---|---|
DurationSeconds | null | The duration, in seconds, of the role session. Your role session lasts for the duration that you specify for the DurationSeconds parameter, or until the time specified in the SAML authentication response's SessionNotOnOrAfter value, whichever is shorter. You can provide a DurationSeconds value from 900 seconds (15 minutes) up to the maximum session duration setting for the role. This setting can have a value from 1 hour to 12 hours. If you specify a value higher than this setting, the operation fails. For example, if you specify a session duration of 12 hours, but your administrator set the maximum session duration to 6 hours, your operation fails. To learn how to view the maximum value for your role, see View the Maximum Session Duration Setting for a Role in the IAM User Guide. | |
Policy | null | An IAM policy in JSON format that you want to use as an inline session policy. | |
PolicyArns.member.N | null | The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies. The policies must exist in the same account as the role. | |
PrincipalArn | null | The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP. | |
RoleArn | null | The Amazon Resource Name (ARN) of the role that the caller is assuming. | |
SAMLAssertion | null | The base-64 encoded SAML authentication response provided by the IdP. | |
Version | string | The version of the API. |