Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
By Sarah Gooding - Jan 29, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@aws-sdk/token-providers
Advanced tools
What is @aws-sdk/token-providers?
@aws-sdk/token-providers is a package within the AWS SDK for JavaScript that provides various token providers for acquiring and managing tokens used for authentication and authorization with AWS services.
What are @aws-sdk/token-providers's main functionalities?
FromSSOToken
This feature allows you to create a token provider that retrieves tokens from AWS Single Sign-On (SSO). The code sample demonstrates how to configure the SSO token provider with a specific SSO session.
const { fromSSOToken } = require('@aws-sdk/token-providers');
const ssoTokenProvider = fromSSOToken({
ssoClient: new SSOClient({ region: 'us-west-2' }),
ssoSession: 'my-sso-session'
});FromWebIdentityToken
This feature allows you to create a token provider that retrieves tokens from a web identity token file. The code sample demonstrates how to configure the web identity token provider with a specific role ARN and token file path.
const { fromWebIdentityToken } = require('@aws-sdk/token-providers');
const webIdentityTokenProvider = fromWebIdentityToken({
roleArn: 'arn:aws:iam::123456789012:role/WebIdentityRole',
webIdentityTokenFile: '/path/to/token'
});FromCognitoIdentity
This feature allows you to create a token provider that retrieves tokens from Amazon Cognito Identity. The code sample demonstrates how to configure the Cognito identity token provider with a specific identity pool ID and logins.
const { fromCognitoIdentity } = require('@aws-sdk/token-providers');
const cognitoIdentityProvider = fromCognitoIdentity({
identityPoolId: 'us-west-2:example-pool-id',
logins: {
'cognito-idp.us-west-2.amazonaws.com/us-west-2_example': 'example-token'
}
});Other packages similar to @aws-sdk/token-providers
aws-sdk
The 'aws-sdk' package is the official AWS SDK for JavaScript, which includes a wide range of services and features for interacting with AWS. It provides comprehensive support for AWS services, including token management, but it is a larger package compared to @aws-sdk/token-providers, which is more focused on token providers.
aws-amplify
The 'aws-amplify' package is a JavaScript library for frontend and mobile developers building cloud-enabled applications. It includes support for authentication, including token management with Amazon Cognito. While it offers similar functionalities, it is more geared towards frontend development and user authentication flows.
aws-cdk
The 'aws-cdk' package is the AWS Cloud Development Kit, which allows developers to define cloud infrastructure using code. It includes support for managing authentication and authorization tokens as part of infrastructure as code. However, it is primarily focused on infrastructure management rather than just token providers.
@aws-sdk/token-providers
A collection of all token providers. The token providers should be used when the authorization
type is going to be token based. For example, the bearer authorization type set using
httpBearerAuth trait in Smithy.
Static Token Provider
import { fromStatic } from "@aws-sdk/token-providers"
const token = { token: "TOKEN" };
const staticTokenProvider = fromStatic(token);
cont staticToken = await staticTokenProvider(); // returns { token: "TOKEN" }
SSO Token Provider
import { fromSso } from "@aws-sdk/token-providers"
// returns token from SSO token cache or ssoOidc.createToken() call.
cont ssoToken = await fromSso();
Token Provider Chain
import { nodeProvider } from "@aws-sdk/token-providers"
// returns token from default providers.
cont token = await nodeProvider();
3.329.0 (2023-05-08)
Bug Fixes
Features
- client-glue: We don't do release notes https://w.amazon.com/bin/view/AWSDocs/common-tasks/release-notes (7676eac)
- client-guardduty: Add AccessDeniedException 403 Error message code to support 3 Tagging related APIs (cef7c65)
- client-iotsitewise: Provide support for 20,000 max results for GetAssetPropertyValueHistory/BatchGetAssetPropertyValueHistory and 15 minute aggregate resolution for GetAssetPropertyAggregates/BatchGetAssetPropertyAggregates (b0aef34)
- client-sts: Documentation updates for AWS Security Token Service. (eaced29)
- clients: update client endpoints as of 2023-05-08 (d930cb2)
FAQs
A collection of token providers
The npm package @aws-sdk/token-providers receives a total of 14,349,432 weekly downloads. As such, @aws-sdk/token-providers popularity was classified as popular.
We found that @aws-sdk/token-providers demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Package last updated on 08 May 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Opengrep Emerges as Open Source Alternative Amid Semgrep Licensing Controversy
Opengrep forks Semgrep to preserve open source SAST in response to controversial licensing changes.
By Sarah Gooding - Jan 28, 2025
Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
By Sarah Gooding - Jan 24, 2025