Seleccione sus preferencias de cookies

Usamos cookies esenciales y herramientas similares que son necesarias para proporcionar nuestro sitio y nuestros servicios. Usamos cookies de rendimiento para recopilar estadísticas anónimas para que podamos entender cómo los clientes usan nuestro sitio y hacer mejoras. Las cookies esenciales no se pueden desactivar, pero puede hacer clic en “Personalizar” o “Rechazar” para rechazar las cookies de rendimiento.

Si está de acuerdo, AWS y los terceros aprobados también utilizarán cookies para proporcionar características útiles del sitio, recordar sus preferencias y mostrar contenido relevante, incluida publicidad relevante. Para aceptar o rechazar todas las cookies no esenciales, haga clic en “Aceptar” o “Rechazar”. Para elegir opciones más detalladas, haga clic en “Personalizar”.

Preferencias
Contacte con nosotros
Comentarios
AWS Documentation
Cree una cuenta AWS
GetOpenIdToken - Amazon Cognito Federated Identities
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsExamplesSee Also
Esta página no se ha traducido a su idioma. Solicitar traducción

GetOpenIdToken

PDF

Gets an OpenID token, using a known Cognito ID. This known Cognito ID is returned by GetId. You can optionally add additional logins for the identity. Supplying multiple logins creates an implicit link.

The OpenID token is valid for 10 minutes.

This is a public API. You do not need any credentials to call this API.

Request Syntax

{
   "IdentityId": "string",
   "Logins": { 
      "string" : "string" 
   }
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

IdentityId

A unique identifier in the format REGION:GUID.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 55.

Pattern: [\w-]+:[0-9a-f-]+

Required: Yes

Logins

A set of optional name-value pairs that map provider names to provider tokens. When using graph.facebook.com and www.amazon.com, supply the access_token returned from the provider's authflow. For accounts.google.com, an Amazon Cognito user pool provider, or any other OpenID Connect provider, always include the id_token.

Type: String to string map

Map Entries: Maximum number of 10 items.

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Value Length Constraints: Minimum length of 1. Maximum length of 50000.

Required: No

Response Syntax

{
   "IdentityId": "string",
   "Token": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

IdentityId

A unique identifier in the format REGION:GUID. Note that the IdentityId returned may not match the one passed on input.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 55.

Pattern: [\w-]+:[0-9a-f-]+

Token

An OpenID token, valid for 10 minutes.

Type: String

Errors

For information about the errors that are common to all actions, see Common Errors.

ExternalServiceException

An exception thrown when a dependent service such as Facebook or Twitter is not responding

HTTP Status Code: 400

InternalErrorException

Thrown when the service encounters an error during processing the request.

HTTP Status Code: 500

InvalidParameterException

Thrown for missing or bad input parameter(s).

HTTP Status Code: 400

NotAuthorizedException

Thrown when a user is not authorized to access the requested resource.

HTTP Status Code: 400

ResourceConflictException

Thrown when a user tries to use a login which is already linked to another account.

HTTP Status Code: 400

ResourceNotFoundException

Thrown when the requested resource (for example, a dataset or record) does not exist.

HTTP Status Code: 400

TooManyRequestsException

Thrown when a request is throttled.

HTTP Status Code: 400

Examples

GetOpenIdToken

The following examples show a GetOpenIdToken request and response, without the optional login values.

Sample Request


POST / HTTP/1.1
CONTENT-TYPE: application/x-amz-json-1.1
CONTENT-LENGTH: 214
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.GetOpenIdToken
HOST: <endpoint>
X-AMZ-DATE: 20140804T220736Z
{
    "IdentityId": "us-east-1:88859bc9-0149-4183-bf10-39e36EXAMPLE"
}

Sample Response


1.1 200 OK
x-amzn-requestid: 552b7593-5b83-47d5-ab25-65d3cd31d823
date: Mon, 04 Aug 2014 22:07:37 GMT
CONTENT-TYPE: application/x-amz-json-1.1
content-length: 892

{
    "IdentityId": "us-east-1:88859bc9-0149-4183-bf10-39e36EXAMPLE",
    "Token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXUyIsImtpZCI6InVzLWVhc3QtMTEifQ.eyJleHAiOjE0MDcxOTA2NTcsInN1YiI6InVzLWVhc3QtMTo4ODg1OWJjOS0wMTQ5LTQxODMtYmYxMC0zOWUzNjY5OTBiMmUiLCJhdWQiOiJ1cy1lYXN0LTE6MWNmNjY3YTItNDlhNi00NTRiLTllNDUtMjMxOTkwMzUxYTMxIiwiaXNzIjoiaHR0cHM6Ly9hd3MtY29nbml0by1pZGVudGl0eS1wdWJsaWMtcGR4LWJldGEuYW1hem9uLmNvbSIsImlhdCI6MTQwNzE5MDA1NywiYW1yIjpbInVuYXV0aGVudGljYXRlZCJdfQ.eYNoTEXndsGk5RAatIOEekNKM1JtL3-C9A6qWcnK2u5fvNsiiSDqWDLtziX6qnnoZXszBmwsIiklYs9J07I-2bCfcRA8PeW6g_br2I9lGuXB_nW_c-CnBNS1xnJhR9QGunQwZklXhDr-ifCCBQgcbMd5mIz_ulurTmmPyIfoJFRZIFNhPLPlOiUjnprDLISe34WkRBTDlsAqCE0VCi3FBXJijQ4D3yUQDxacEoBXMZnTBk_fjKS4GmGAD_GsDIM6PbQMc6xvDhltmcjv3ycBir2CPv2otNtboJvd9HnxcV6sxZrf2ATANaJbMJlu00kbzqkxFyDioIWJkyPEXAMPLE"
}

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

Tema anterior:

GetIdentityPoolRoles

¿Necesita ayuda?

PrivacidadTérminos del sitioPreferencias de cookies
© 2025, Amazon Web Services, Inc o sus afiliados. Todos los derechos reservados.