AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Given a user pool ID, returns the signing certificate for SAML 2.0 federation.
Issued certificates are valid for 10 years from the date of issue. Amazon Cognito
issues and assigns a new signing certificate annually. This renewal process returns
a new value in the response to GetSigningCertificate
, but doesn't invalidate
the original certificate.
For more information, see Signing SAML requests.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
For .NET Core this operation is only available in asynchronous form. Please refer to GetSigningCertificateAsync.
Namespace: Amazon.CognitoIdentityProvider
Assembly: AWSSDK.CognitoIdentityProvider.dll
Version: 3.x.y.z
public virtual GetSigningCertificateResponse GetSigningCertificate( GetSigningCertificateRequest request )
Container for the necessary parameters to execute the GetSigningCertificate service method.
Exception | Condition |
---|---|
InternalErrorException | This exception is thrown when Amazon Cognito encounters an internal error. |
InvalidParameterException | This exception is thrown when the Amazon Cognito service encounters an invalid parameter. |
ResourceNotFoundException | This exception is thrown when the Amazon Cognito service can't find the requested resource. |
.NET Framework:
Supported in: 4.5 and newer, 3.5