🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

aws-simple-sso

Package Overview
Dependencies
Maintainers
0
Versions
10
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

aws-simple-sso

Simple AWS SSO Sign-in

1.0.0
Source
npm
Version published
Weekly downloads
1
Maintainers
0
Weekly downloads
 
Created
Source

aws-simple-sso

Simple AWS SSO Sign-in

Install

npm install aws-simple-sso

Usage

import { authenticate } from 'aws-simple-sso'

const main = async () => {
  const credentials = await authenticate('Prod', 'sre_dev', 'Admin')
  console.log(credentials)
}

main()

API

authenticate(matchOrg, matchAcc, matchRole)

Quick method of fully authenticating against AWS SSO. Parameters provide partial matches for Organization, Account, and Role.

ParameterTypeDescription
matchOrgType: stringPartial Match for Organization Name
matchAccType: stringPartial Match for Account Name
matchRoleType: stringPartial Match for Role Name

Returns:

{
  accessKeyId: string,
  secretAccessKey: string,
  sessionToken: string,
  expiration: Date
}

getOrgUrl(matchOrg)

Get an Organization StartURL for AWS SSO login

  • If none are known, the user will be prompted to add a new Organization URL and name

  • If the Organization name cannot be found via the matchOrg parameter, the user will be prompted to select from a list of known Organizations

ParameterTypeDescription
matchOrgType: stringPartial Match for Organization Name

Returns:

Type: SSOOrgUrl

{
  orgName: string,
  orgUrl: string
}

getToken(orgUrl)

Get an AWS SSO OIDC token

ParameterTypeDescription
orgUrlType: SSOOrgUrlAWS Organization URL

Returns:

Type: SSOToken

{
  accessToken: string (optional)
  tokenType: string (optional)
  expiresIn: number (optional)
  expireTime: Date (optional)
  refreshToken: string (optional)
  idToken: string (optional)
}

getAccount(token, matchAcc)

Get an AWS Account via the SSO service

  • If the Account name cannot be found via the matchAcc parameter, the user will be prompted to select from a list of known Accounts
ParameterTypeDescription
tokenType: SSOTokenAWS SSO Token
matchAccType: stringPartial Match for Account Name

Returns:

Type: SSOAccount

{
  accountId: string,
  accountName: string
}

getRole(token, accountId, matchRole)

Get an AWS Role via the SSO service

  • If the Role name cannot be found via the matchRole parameter, the user will be prompted to select from a list of known Roles
ParameterTypeDescription
tokenType: SSOTokenAWS SSO Token
accountIdType: stringAWS Account ID
matchRoleType: stringPartial Match for Role Name

Returns:

Type: SSORole

{
  accountId: string
  roleName: string,
}

getRoleCredentials(token, ssoRole)

Get AWS Role Credentials via the SSO service

ParameterTypeDescription
tokenType: SSOTokenAWS SSO Token
ssoRoleType: SSORoleAWS SSO Role

Returns:

{
  accessKeyId: string,
  secretAccessKey: string,
  sessionToken: string,
  expiration: Date
}

License

MIT ©

Keywords

AWS
SSO
Organization
OIDC

FAQs

Package last updated on 05 Jul 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

MCP Spec Updated to Add Structured Tool Output and Improved OAuth 2.1 Compliance

Security News

MCP Spec Updated to Add Structured Tool Output and Improved OAuth 2.1 Compliance

MCP spec updated with structured tool output, stronger OAuth 2.1 security, resource indicators, and protocol cleanups for safer, more reliable AI workflows.

By Sarah Gooding  -  Jun 19, 2025