Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@aws-sdk/client-sso
Advanced tools
AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native
The @aws-sdk/client-sso package is a client library for AWS Single Sign-On (SSO) that allows developers to interact with the AWS SSO service programmatically. It provides methods to manage SSO access to AWS accounts and applications, retrieve user credentials, and manage SSO sessions.
GetRoleCredentials
This feature allows you to retrieve the temporary credentials for an AWS role that the user has access to through AWS SSO.
const { SSOClient, GetRoleCredentialsCommand } = require('@aws-sdk/client-sso');
const client = new SSOClient({ region: 'us-west-2' });
const command = new GetRoleCredentialsCommand({
accountId: '123456789012',
roleName: 'MyRoleName',
accessToken: 'myAccessToken'
});
client.send(command).then((data) => {
console.log(data.roleCredentials);
});
ListAccounts
This feature lists all AWS accounts assigned to the user through AWS SSO.
const { SSOClient, ListAccountsCommand } = require('@aws-sdk/client-sso');
const client = new SSOClient({ region: 'us-west-2' });
const command = new ListAccountsCommand({
accessToken: 'myAccessToken'
});
client.send(command).then((data) => {
console.log(data.accountList);
});
Logout
This feature logs the user out of all AWS SSO sessions.
const { SSOClient, LogoutCommand } = require('@aws-sdk/client-sso');
const client = new SSOClient({ region: 'us-west-2' });
const command = new LogoutCommand({
accessToken: 'myAccessToken'
});
client.send(command).then(() => {
console.log('Successfully logged out');
});
The 'aws-sdk' package is the older version of the AWS SDK for JavaScript. It provides a comprehensive feature set for interacting with AWS services, including AWS SSO. However, it is not as modular as the newer '@aws-sdk/client-sso' and might result in larger bundle sizes if only a subset of services is needed.
The 'aws-amplify' package is a library designed to help build scalable full-stack applications on AWS. It includes authentication features through Amazon Cognito, which can be integrated with AWS SSO for user sign-in and access control. It is a higher-level abstraction compared to '@aws-sdk/client-sso' and includes a broader set of features beyond AWS service interaction.
AWS SDK for JavaScript SSO Client for Node.js, Browser and React Native.
AWS IAM Identity Center (successor to AWS Single Sign-On) Portal is a web service that makes it easy for you to assign user access to IAM Identity Center resources such as the AWS access portal. Users can get AWS account applications and roles assigned to them and get federated into the application.
Although AWS Single Sign-On was renamed, the sso
and
identitystore
API namespaces will continue to retain their original name for
backward compatibility purposes. For more information, see IAM Identity Center rename.
This reference guide describes the IAM Identity Center Portal operations that you can call programatically and includes detailed information on data types and errors.
AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs provide a convenient way to create programmatic access to IAM Identity Center and other AWS services. For more information about the AWS SDKs, including how to download and install them, see Tools for Amazon Web Services.
To install this package, simply type add or install @aws-sdk/client-sso using your favorite package manager:
npm install @aws-sdk/client-sso
yarn add @aws-sdk/client-sso
pnpm add @aws-sdk/client-sso
The AWS SDK is modulized by clients and commands.
To send a request, you only need to import the SSOClient
and
the commands you need, for example ListAccountsCommand
:
// ES5 example
const { SSOClient, ListAccountsCommand } = require("@aws-sdk/client-sso");
// ES6+ example
import { SSOClient, ListAccountsCommand } from "@aws-sdk/client-sso";
To send a request, you:
send
operation on client with command object as input.destroy()
to close open connections.// a client can be shared by different commands.
const client = new SSOClient({ region: "REGION" });
const params = {
/** input parameters */
};
const command = new ListAccountsCommand(params);
We recommend using await operator to wait for the promise returned by send operation as follows:
// async/await.
try {
const data = await client.send(command);
// process data.
} catch (error) {
// error handling.
} finally {
// finally.
}
Async-await is clean, concise, intuitive, easy to debug and has better error handling as compared to using Promise chains or callbacks.
You can also use Promise chaining to execute send operation.
client.send(command).then(
(data) => {
// process data.
},
(error) => {
// error handling.
}
);
Promises can also be called using .catch()
and .finally()
as follows:
client
.send(command)
.then((data) => {
// process data.
})
.catch((error) => {
// error handling.
})
.finally(() => {
// finally.
});
We do not recommend using callbacks because of callback hell, but they are supported by the send operation.
// callbacks.
client.send(command, (err, data) => {
// process err and data.
});
The client can also send requests using v2 compatible style. However, it results in a bigger bundle size and may be dropped in next major version. More details in the blog post on modular packages in AWS SDK for JavaScript
import * as AWS from "@aws-sdk/client-sso";
const client = new AWS.SSO({ region: "REGION" });
// async/await.
try {
const data = await client.listAccounts(params);
// process data.
} catch (error) {
// error handling.
}
// Promises.
client
.listAccounts(params)
.then((data) => {
// process data.
})
.catch((error) => {
// error handling.
});
// callbacks.
client.listAccounts(params, (err, data) => {
// process err and data.
});
When the service returns an exception, the error will include the exception information, as well as response metadata (e.g. request id).
try {
const data = await client.send(command);
// process data.
} catch (error) {
const { requestId, cfId, extendedRequestId } = error.$metadata;
console.log({ requestId, cfId, extendedRequestId });
/**
* The keys within exceptions are also parsed.
* You can access them by specifying exception names:
* if (error.name === 'SomeServiceException') {
* const value = error.specialKeyInException;
* }
*/
}
Please use these community resources for getting help. We use the GitHub issues for tracking bugs and feature requests, but have limited bandwidth to address them.
aws-sdk-js
on AWS Developer Blog.aws-sdk-js
.To test your universal JavaScript code in Node.js, browser and react-native environments, visit our code samples repo.
This client code is generated automatically. Any modifications will be overwritten the next time the @aws-sdk/client-sso
package is updated.
To contribute to client you can check our generate clients scripts.
This SDK is distributed under the Apache License, Version 2.0, see LICENSE for more information.
FAQs
AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native
The npm package @aws-sdk/client-sso receives a total of 23,146,009 weekly downloads. As such, @aws-sdk/client-sso popularity was classified as popular.
We found that @aws-sdk/client-sso demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.