Socket
Socket
Sign inDemoInstall

@aws-sdk/credential-provider-web-identity

Package Overview
Dependencies
137
Maintainers
5
Versions
124
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

    @aws-sdk/credential-provider-web-identity

AWS credential provider that calls STS assumeRole for temporary AWS credentials

Version published
Weekly downloads
17M
decreased by-0.39%
Maintainers
5
Install size
3.45 MB
Created
Weekly downloads
 

Package description

What is @aws-sdk/credential-provider-web-identity?

The @aws-sdk/credential-provider-web-identity npm package is designed to provide AWS credentials to your application by leveraging web identity tokens. This is particularly useful for applications that authenticate users through federated identity providers such as Amazon Cognito, Facebook, Google, or any OpenID Connect (OIDC) compatible identity provider. It simplifies the process of assuming an AWS IAM role by using the web identity token, allowing your application to access AWS services securely.

What are @aws-sdk/credential-provider-web-identity's main functionalities?

Creating credentials from web identity tokens

This feature allows you to create AWS credentials by providing a web identity token, the ARN of the role to assume, and a session name. It's particularly useful for serverless applications that rely on federated authentication.

const { fromWebToken } = require('@aws-sdk/credential-provider-web-identity');

const credentials = fromWebToken({
  roleArn: 'arn:aws:iam::123456789012:role/WebIdentityRole',
  roleSessionName: 'web-identity-session',
  webIdentityToken: process.env.WEB_IDENTITY_TOKEN
});

Other packages similar to @aws-sdk/credential-provider-web-identity

    aws-sdk

    The AWS SDK for JavaScript is a comprehensive package that includes support for creating credentials from web identity tokens, among many other AWS services. Compared to @aws-sdk/credential-provider-web-identity, the aws-sdk package is more extensive, offering a wide range of AWS services and not just credential provision. However, it might be heavier for applications that only require credential management.

    amazon-cognito-identity-js

    This package provides authentication capabilities for Amazon Cognito User Pools. It's similar to @aws-sdk/credential-provider-web-identity in that it deals with web identity and federated identities but is specifically tailored for Amazon Cognito, whereas @aws-sdk/credential-provider-web-identity is more generic and can work with any OpenID Connect compatible identity provider.

Changelog

Source

3.556.0 (2024-04-16)

Bug Fixes

  • codegen: add doc trait conditionally (#6002) (a61bf71)

Features

  • client-bedrock-agent: For Create Agent API, the agentResourceRoleArn parameter is no longer required. (ed06b5a)
  • client-emr-serverless: This release adds support for shuffle optimized disks that allow larger disk sizes and higher IOPS to efficiently run shuffle heavy workloads. (b99376e)
  • client-entityresolution: Cross Account Resource Support . (639c711)
  • client-iot-wireless: Add PublicGateways in the GetWirelessStatistics call response, indicating the LoRaWAN public network accessed by the device. (a126088)
  • client-lakeformation: This release adds Lake Formation managed RAM support for the 4 APIs - "DescribeLakeFormationIdentityCenterConfiguration", "CreateLakeFormationIdentityCenterConfiguration", "DescribeLakeFormationIdentityCenterConfiguration", and "DeleteLakeFormationIdentityCenterConfiguration" (93b9ea7)
  • client-m2: Adding new ListBatchJobRestartPoints API and support for restart batch job. (0aa8336)
  • client-mediapackagev2: Dash v2 is a MediaPackage V2 feature to support egressing on DASH manifest format. (3b624ea)
  • client-outposts: This release adds new APIs to allow customers to configure their Outpost capacity at order-time. (6701646)
  • client-wellarchitected: AWS Well-Architected now has a Connector for Jira to allow customers to efficiently track workload risks and improvement efforts and create closed-loop mechanisms. (aa902b4)
  • clients: update client endpoints as of 2024-04-16 (154d301)

Readme

Source

@aws-sdk/credential-provider-web-identity

NPM version NPM downloads

An internal package

Usage

You probably shouldn't, at least directly. Please use @aws-sdk/credential-providers instead.

Keywords

FAQs

Last updated on 16 Apr 2024

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

The AI Advantage: Reshaping Cybersecurity in the Age of Autonomous Threats

Security News

The AI Advantage: Reshaping Cybersecurity in the Age of Autonomous Threats

As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.

By Sarah Gooding  -  Apr 25, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc