GetIdentityPoolRoles
Gets the roles for an identity pool.
You must use AWS developer credentials to call this operation.
Request Syntax
{
"IdentityPoolId": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- IdentityPoolId
-
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern:
[\w-]+:[0-9a-f-]+
Required: Yes
Response Syntax
{
"IdentityPoolId": "string",
"RoleMappings": {
"string" : {
"AmbiguousRoleResolution": "string",
"RulesConfiguration": {
"Rules": [
{
"Claim": "string",
"MatchType": "string",
"RoleARN": "string",
"Value": "string"
}
]
},
"Type": "string"
}
},
"Roles": {
"string" : "string"
}
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- IdentityPoolId
-
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern:
[\w-]+:[0-9a-f-]+
- RoleMappings
-
How users for a specific identity provider are to mapped to roles. This is a String-to-RoleMapping object map. The string identifies the identity provider, for example,
graph.facebook.com
orcognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id
.Type: String to RoleMapping object map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
- Roles
-
The map of roles associated with this pool. Currently only authenticated and unauthenticated roles are supported.
Type: String to string map
Map Entries: Maximum number of 2 items.
Key Pattern:
(un)?authenticated
Value Length Constraints: Minimum length of 20. Maximum length of 2048.
Errors
For information about the errors that are common to all actions, see Common Errors.
- InternalErrorException
-
Thrown when the service encounters an error during processing the request.
HTTP Status Code: 500
- InvalidParameterException
-
Thrown for missing or bad input parameter(s).
HTTP Status Code: 400
- NotAuthorizedException
-
Thrown when a user is not authorized to access the requested resource.
HTTP Status Code: 400
- ResourceConflictException
-
Thrown when a user tries to use a login which is already linked to another account.
HTTP Status Code: 400
- ResourceNotFoundException
-
Thrown when the requested resource (for example, a dataset or record) does not exist.
HTTP Status Code: 400
- TooManyRequestsException
-
Thrown when a request is throttled.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: