Generate AWS STS token

POST {{baseUrl}}/generateAccessToken

Allows users to request temporary, limited-privilege AWS credentials to get read-only or write-only access on the URI returned in the response. * Read permission will always be on the root level. * Path field is optional for READ permission - If value for path is not provided then it will be considered on root level (/). * Ensure to enable write access on the path before requesting token with write permission. * Write access can be enabled using POST /accessTokenPermissions endpoint. * An access token requested for a given path also automatically gives access to all subpaths of the path. For example, if an access token is requested for path /a and there are subpaths /a/b and /a/b/c, the token allows to access those too. * An access token with write permissions can only be requested for the paths defined by resource accessTokenPermissions. An acecss token with read permissions can only be requested for the root path /.

Request Body

{"subtenantId"=>"<string>", "path"=>"/", "durationSeconds"=>3600, "permission"=>"READ"}

HEADERS

KeyDatatypeRequiredDescription
Content-Typestring
Acceptstring

RESPONSES

status: OK

{&quot;credentials&quot;:{&quot;secretAccessKey&quot;:&quot;AbCdEfGhIjKlMnOpQrStUvWxYz&quot;,&quot;accessKeyId&quot;:&quot;AbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYz&quot;,&quot;sessionToken&quot;:&quot;AbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKlMnOpQrStUvWxYz&quot;},&quot;storageAccount&quot;:&quot;dlbucketname&quot;,&quot;storagePath&quot;:&quot;data/ten=tenantname OR data/sub=subtenantId&quot;,&quot;subtenantId&quot;:&quot;204a896c-a23a-11e9-a2a3-2a2ae2dbcce4&quot;,&quot;durationSeconds&quot;:900,&quot;permission&quot;:&quot;WRITE&quot;}