AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

The persisted data for a saml role profile for a user. This profile references an endpoint profile containing the actual endpoint to be used, and adds details of the role to be assumed when the profile is selected.

Optionally the profile can store a username and domain to be used during authentication (default behavior, if this is not specified, is to use the user's default network credentials).

Inheritance Hierarchy

System.Object
  Amazon.Util.ProfileSettingsBase
    Amazon.Util.SAMLRoleProfile

Namespace: Amazon.Util
Assembly: AWSSDK.Core.dll
Version: 3.x.y.z

Syntax

C#
public class SAMLRoleProfile : ProfileSettingsBase

The SAMLRoleProfile type exposes the following members

Properties

NameTypeDescription
Public Property EndpointSettings Amazon.Util.SAMLEndpointSettings

The endpoint settings from which the actual endpoint to use in authentication is obtained.

Public Property Name System.String Inherited from Amazon.Util.ProfileSettingsBase.
Public Property Region System.String

For regions with a region-specific endpoint for STS (eg cn-north-1) this field can be set to ensure calls to obtain temporary credentials after successful authentication are forwarded to the correct regional endpoint.

This field does not need to be set when running in a region for which the sts.amazonaws.com endpoint is valid.

Public Property RoleArn System.String

The ARN of the role that is to be assumed.

Public Property UniqueId System.String Inherited from Amazon.Util.ProfileSettingsBase.
Public Property UseDefaultUserIdentity System.Boolean

If a specific user identity was specified in the profile, returns true to indicate a password needs to be obtained from the user before obtaining network credentials to be used on authentication. The default is to use the credentials associated with the currently logged-in user or process to perform authentication, which does not require the user to be prompted.

Public Property UserIdentity System.String

If non-default network credentials are to used contains the user identity (in domain\user format, domain optional) that should be used to supply credentials when the profile is used in authentication. The user must be prompted to supply the corresponding password prior to authentication.

Methods

Note:

Asynchronous operations (methods ending with Async) in the table below are for .NET 4.5 or higher. For .NET 3.5 the SDK follows the standard naming convention of BeginMethodName and EndMethodName to indicate asynchronous operations - these method pairs are not shown in the table below.

NameDescription
Public Method Static Method CanCreateFrom(string)

Tests if a SAMLRoleProfile instance could be instantiated from the persisted settings data.

Public Method Static Method CanCreateFrom(SettingsCollection.ObjectSettings)

Tests if a SAMLRoleProfile instance could be instantiated from the persisted settings data.

Public Method GetCurrentSession()

Retrieves the active credential session, if any, associated with the role profile.

Public Method Static Method LoadFrom(string)

Instantiates an instance from settings stored with the specified name.

Public Method Static Method LoadFrom(SettingsCollection.ObjectSettings)

Instantiates an instance from the supplied settings. In addition to the profile settings the SDK will inspect for a RoleSessions.json file containing active session data and if an entry for the profile is present, will add the session data to the returned profile object.

Public Method Persist()

Stores the data in the role profile to the backing store file.

Public Method Static Method Persist(string, string, string, string, string, string)

Registers a role-based profile to be used with SAML authentication. The profile contains details of the role to be assumed when AWS credentials are requested based on the role and a reference to a SAML endpoint profile containing details of the endpoint to be called to authenticate the user.

If user identity information is not supplied then the identity of the logged-in user will be used when authenticaton is performed against the endpoint referenced in the SAML endpoint profile. If identity is provided, no password information is stored in the role profile and the user must supply the password for the identity prior to authentication with the endpoint.

Public Method PersistSession(SAMLImmutableCredentials)

Persists the current credentials to a 'session' key in the RoleSessions.json file. This enables external applications and tools using the same profile to obtain credentials without needing to separately re-authenticate the user prior to expiry of the current credentials. After persisting the session data it can be retrieved using GetCurrentSession().

Public Method Static Method Validate(string)

Validates the contents of the specified profile.

Version Information

.NET Standard:
Supported in: 1.3

.NET Framework:
Supported in: 4.5, 4.0, 3.5