DescribeOrganization - AWS Organizations


Retrieves information about the organization that the user's account belongs to.

This operation can be called from any account in the organization.


Even if a policy type is shown as available in the organization, you can disable it separately at the root level with DisablePolicyType. Use ListRoots to see the status of policy types for a specified root.

Response Syntax

{ "Organization": { "Arn": "string", "AvailablePolicyTypes": [ { "Status": "string", "Type": "string" } ], "FeatureSet": "string", "Id": "string", "MasterAccountArn": "string", "MasterAccountEmail": "string", "MasterAccountId": "string" } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


A structure that contains information about the organization.


The AvailablePolicyTypes part of the response is deprecated, and you shouldn't use it in your apps. It doesn't include any policy type supported by Organizations other than SCPs. To determine which policy types are enabled in your organization, use the ListRoots operation.

Type: Organization object


For information about the errors that are common to all actions, see Common Errors.


You don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access Management in the IAM User Guide.

HTTP Status Code: 400


Your account isn't a member of an organization. To make this request, you must use the credentials of an account that belongs to an organization.

HTTP Status Code: 400


The target of the operation is currently being modified by a different request. Try again later.

HTTP Status Code: 400


AWS Organizations can't complete your request because of an internal service error. Try again later.

HTTP Status Code: 500


You have sent too many requests in too short a period of time. The quota helps protect against denial-of-service attacks. Try again later.

For information about quotas that affect AWS Organizations, see Quotas for AWS Organizations in the AWS Organizations User Guide.

HTTP Status Code: 400



The following example shows how to request information about the current user's organization.

Sample Request

POST / HTTP/1.1 X-Amz-Target: AWSOrganizationsV20161128.DescribeOrganization {}

Sample Response

HTTP/1.1 200 OK Content-Type: application/json { "Organization": { "MasterAccountArn": "arn:aws:organizations::111111111111:account/o-exampleorgid/111111111111", "MasterAccountEmail": "", "MasterAccountId": "111111111111", "Id": "o-exampleorgid", "FeatureSet": "ALL", "Arn": "arn:aws:organizations::111111111111:organization/o-exampleorgid", "AvailablePolicyTypes": [ ...DEPRECATED – DO NOT USE... ] ] } }

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: