AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Temporary credentials that are created following successful authentication with a federated endpoint supporting SAML.

Inheritance Hierarchy

System.Object
  Amazon.Runtime.AWSCredentials
    Amazon.Runtime.RefreshingAWSCredentials
      Amazon.SecurityToken.SAML.StoredProfileSAMLCredentials

Namespace: Amazon.SecurityToken.SAML
Assembly: AWSSDK.SecurityToken.dll
Version: 3.x.y.z

Syntax

C#
public class StoredProfileSAMLCredentials : RefreshingAWSCredentials

The StoredProfileSAMLCredentials type exposes the following members

Constructors

NameDescription
Public Method StoredProfileSAMLCredentials()

Constructs an instance of StoredProfileSAMLCredentials. This constructor searches for details of the role to assume, and optional credentials to use with the endpoint, using the profile name specified in the App.config.

Public Method StoredProfileSAMLCredentials(string, string)

Constructs an instance of StoredProfileSAMLCredentials. After construction call one of the Authenticate methods to authenticate the user/process and obtain temporary AWS credentials.

For users who are domain joined (the role profile does not contain user identity information) the temporary credentials will be refreshed automatically as needed. Non domain-joined users (those with user identity data in the profile) are required to re-authenticate when credential refresh is required. An exception is thrown when attempt is made to refresh credentials in this scenario. The consuming code of this class should catch the exception and prompt the user for credentials, then call Authenticate to re-initialize with a new set of temporary AWS credentials.

Properties

NameTypeDescription
Public Property CustomCallbackState System.Object

Any custom state passed when a credential callback was registered.

Public Property PreemptExpiryTime System.TimeSpan Inherited from Amazon.Runtime.RefreshingAWSCredentials.
Public Property ProfileData Amazon.Util.SAMLRoleProfile

The data about the SAML endpoint and any required user credentials parsed from the profile.

Public Property ProfileName System.String

Name of the profile being used.

Public Property ProfilesLocation System.String

Location of the profiles, if used.

Public Property RequestUserCredentialCallback Amazon.SecurityToken.SAML.StoredProfileSAMLCredentials.RequestUserCredential

Registered callback for obtaining credentials to use in authentication. Required to be set if the role profile is not configured to use the default identity.

Methods

Note:

Asynchronous operations (methods ending with Async) in the table below are for .NET 4.5 or higher. For .NET 3.5 the SDK follows the standard naming convention of BeginMethodName and EndMethodName to indicate asynchronous operations - these method pairs are not shown in the table below.

NameDescription
Public Method ClearCredentials() Inherited from Amazon.Runtime.RefreshingAWSCredentials.
Public Method GetCredentials() Inherited from Amazon.Runtime.RefreshingAWSCredentials.
Public Method GetCredentialsAsync() Inherited from Amazon.Runtime.RefreshingAWSCredentials.

Fields

NameTypeDescription
Field Static Field MaximumCredentialTimespan System.TimeSpan

The maximum allowed timespan for generated credentials, per STS documentation.

Field Static Field MinimumCredentialTimespan System.TimeSpan

The minimum allowed timespan for generated credentials, per STS documentation.

Remarks

Currently only the SDK store supports profiles that contain the necessary data to support authentication and role-based credential generation.

Version Information

.NET Framework:
Supported in: 4.5, 4.0, 3.5