Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@aws-sdk/client-sso
Advanced tools
AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native
The @aws-sdk/client-sso package is a client library for AWS Single Sign-On (SSO) that allows developers to interact with the AWS SSO service programmatically. It provides methods to manage SSO access to AWS accounts and applications, retrieve user credentials, and manage SSO sessions.
GetRoleCredentials
This feature allows you to retrieve the temporary credentials for an AWS role that the user has access to through AWS SSO.
const { SSOClient, GetRoleCredentialsCommand } = require('@aws-sdk/client-sso');
const client = new SSOClient({ region: 'us-west-2' });
const command = new GetRoleCredentialsCommand({
accountId: '123456789012',
roleName: 'MyRoleName',
accessToken: 'myAccessToken'
});
client.send(command).then((data) => {
console.log(data.roleCredentials);
});
ListAccounts
This feature lists all AWS accounts assigned to the user through AWS SSO.
const { SSOClient, ListAccountsCommand } = require('@aws-sdk/client-sso');
const client = new SSOClient({ region: 'us-west-2' });
const command = new ListAccountsCommand({
accessToken: 'myAccessToken'
});
client.send(command).then((data) => {
console.log(data.accountList);
});
Logout
This feature logs the user out of all AWS SSO sessions.
const { SSOClient, LogoutCommand } = require('@aws-sdk/client-sso');
const client = new SSOClient({ region: 'us-west-2' });
const command = new LogoutCommand({
accessToken: 'myAccessToken'
});
client.send(command).then(() => {
console.log('Successfully logged out');
});
The 'aws-sdk' package is the older version of the AWS SDK for JavaScript. It provides a comprehensive feature set for interacting with AWS services, including AWS SSO. However, it is not as modular as the newer '@aws-sdk/client-sso' and might result in larger bundle sizes if only a subset of services is needed.
The 'aws-amplify' package is a library designed to help build scalable full-stack applications on AWS. It includes authentication features through Amazon Cognito, which can be integrated with AWS SSO for user sign-in and access control. It is a higher-level abstraction compared to '@aws-sdk/client-sso' and includes a broader set of features beyond AWS service interaction.
AWS SDK for JavaScript SSO Client for Node.js, Browser and React Native.
AWS Single Sign-On Portal is a web service that makes it easy for you to assign user access to AWS SSO resources such as the user portal. Users can get AWS account applications and roles assigned to them and get federated into the application.
For general information about AWS SSO, see What is AWS Single Sign-On? in the AWS SSO User Guide.
This API reference guide describes the AWS SSO Portal operations that you can call programatically and includes detailed information on data types and errors.
AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs provide a convenient way to create programmatic access to AWS SSO and other AWS services. For more information about the AWS SDKs, including how to download and install them, see Tools for Amazon Web Services.
To install the this package, simply type add or install @aws-sdk/client-sso using your favorite package manager:
npm install @aws-sdk/client-sso
yarn add @aws-sdk/client-sso
pnpm add @aws-sdk/client-sso
The AWS SDK is modulized by clients and commands.
To send a request, you only need to import the SSOClient
and
the commands you need, for example GetRoleCredentialsCommand
:
// ES5 example
const { SSOClient, GetRoleCredentialsCommand } = require("@aws-sdk/client-sso");
// ES6+ example
import { SSOClient, GetRoleCredentialsCommand } from "@aws-sdk/client-sso";
To send a request, you:
send
operation on client with command object as input.destroy()
to close open connections.// a client can be shared by different commands.
const client = new SSOClient({ region: "REGION" });
const params = {
/** input parameters */
};
const command = new GetRoleCredentialsCommand(params);
We recommend using await operator to wait for the promise returned by send operation as follows:
// async/await.
try {
const data = await client.send(command);
// process data.
} catch (error) {
// error handling.
} finally {
// finally.
}
Async-await is clean, concise, intuitive, easy to debug and has better error handling as compared to using Promise chains or callbacks.
You can also use Promise chaining to execute send operation.
client.send(command).then(
(data) => {
// process data.
},
(error) => {
// error handling.
}
);
Promises can also be called using .catch()
and .finally()
as follows:
client
.send(command)
.then((data) => {
// process data.
})
.catch((error) => {
// error handling.
})
.finally(() => {
// finally.
});
We do not recommend using callbacks because of callback hell, but they are supported by the send operation.
// callbacks.
client.send(command, (err, data) => {
// process err and data.
});
The client can also send requests using v2 compatible style. However, it results in a bigger bundle size and may be dropped in next major version. More details in the blog post on modular packages in AWS SDK for JavaScript
import * as AWS from "@aws-sdk/client-sso";
const client = new AWS.SSO({ region: "REGION" });
// async/await.
try {
const data = await client.getRoleCredentials(params);
// process data.
} catch (error) {
// error handling.
}
// Promises.
client
.getRoleCredentials(params)
.then((data) => {
// process data.
})
.catch((error) => {
// error handling.
});
// callbacks.
client.getRoleCredentials(params, (err, data) => {
// process err and data.
});
When the service returns an exception, the error will include the exception information, as well as response metadata (e.g. request id).
try {
const data = await client.send(command);
// process data.
} catch (error) {
const { requestId, cfId, extendedRequestId } = error.$metadata;
console.log({ requestId, cfId, extendedRequestId });
/**
* The keys within exceptions are also parsed.
* You can access them by specifying exception names:
* if (error.name === 'SomeServiceException') {
* const value = error.specialKeyInException;
* }
*/
}
Please use these community resources for getting help. We use the GitHub issues for tracking bugs and feature requests, but have limited bandwidth to address them.
aws-sdk-js
on AWS Developer Blog.aws-sdk-js
.To test your universal JavaScript code in Node.js, browser and react-native environments, visit our code samples repo.
This client code is generated automatically. Any modifications will be overwritten the next time the @aws-sdk/client-sso
package is updated.
To contribute to client you can check our generate clients scripts.
This SDK is distributed under the Apache License, Version 2.0, see LICENSE for more information.
FAQs
AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native
The npm package @aws-sdk/client-sso receives a total of 21,444,404 weekly downloads. As such, @aws-sdk/client-sso popularity was classified as popular.
We found that @aws-sdk/client-sso demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.