GetAuthorizationToken - Amazon Elastic Container Registry Public


Retrieves an authorization token. An authorization token represents your IAM authentication credentials. You can use it to access any Amazon ECR registry that your IAM principal has access to. The authorization token is valid for 12 hours. This API requires the ecr-public:GetAuthorizationToken and sts:GetServiceBearerToken permissions.

Response Syntax

{ "authorizationData": { "authorizationToken": "string", "expiresAt": number } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


An authorization token data object that corresponds to a public registry.

Type: AuthorizationData object


For information about the errors that are common to all actions, see Common Errors.


The specified parameter is invalid. Review the available parameters for the API request.

HTTP Status Code: 400


These errors are usually caused by a server-side issue.

HTTP Status Code: 500


The action isn't supported in this Region.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: