GetIdentityPoolRoles - Amazon Cognito Federated Identities
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsSee Also

GetIdentityPoolRoles

Gets the roles for an identity pool.

Note

Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Request Syntax

{
   "IdentityPoolId": "string"
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

IdentityPoolId

An identity pool ID in the format REGION:GUID.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 55.

Pattern: [\w-]+:[0-9a-f-]+

Required: Yes

Response Syntax

{
   "IdentityPoolId": "string",
   "RoleMappings": { 
      "string" : { 
         "AmbiguousRoleResolution": "string",
         "RulesConfiguration": { 
            "Rules": [ 
               { 
                  "Claim": "string",
                  "MatchType": "string",
                  "RoleARN": "string",
                  "Value": "string"
               }
            ]
         },
         "Type": "string"
      }
   },
   "Roles": { 
      "string" : "string" 
   }
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

IdentityPoolId

An identity pool ID in the format REGION:GUID.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 55.

Pattern: [\w-]+:[0-9a-f-]+

RoleMappings

How users for a specific identity provider are to mapped to roles. This is a String-to-RoleMapping object map. The string identifies the identity provider, for example, graph.facebook.com or cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id.

Type: String to RoleMapping object map

Map Entries: Maximum number of 10 items.

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Roles

The map of roles associated with this pool. Currently only authenticated and unauthenticated roles are supported.

Type: String to string map

Map Entries: Maximum number of 2 items.

Key Pattern: (un)?authenticated

Value Length Constraints: Minimum length of 20. Maximum length of 2048.

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalErrorException

Thrown when the service encounters an error during processing the request.

HTTP Status Code: 500

InvalidParameterException

Thrown for missing or bad input parameter(s).

HTTP Status Code: 400

NotAuthorizedException

Thrown when a user is not authorized to access the requested resource.

HTTP Status Code: 400

ResourceConflictException

Thrown when a user tries to use a login which is already linked to another account.

HTTP Status Code: 400

ResourceNotFoundException

Thrown when the requested resource (for example, a dataset or record) does not exist.

HTTP Status Code: 400

TooManyRequestsException

Thrown when a request is throttled.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: