AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

This method is used internally to access the Amazon Security Token service within other service assemblies. Please use AmazonSecurityTokenServiceClient to access the Amazon Security Token service instead.

Authenticates against a federated identity endpoint supporting SAML and returns temporary AWS credentials for the supplied role.

Namespace: Amazon.Runtime.SharedInterfaces
Assembly: AWSSDK.Core.dll
Version: 3.x.y.z


public abstract SAMLImmutableCredentials CredentialsFromSAMLAuthentication(
         String endpoint,
         String authenticationType,
         String roleARN,
         TimeSpan credentialDuration,
         ICredentials userCredential
Type: System.String

The endpoint for the federated identity provider

Type: System.String

The authentication type to use (NTLM, Kerberos etc)

Type: System.String

The ARN of the role the user is to assume following authentication

Type: System.TimeSpan

TTL duration for the generated credentials.

Type: System.Net.ICredentials

Optional; alternate user credential for authentication. If null the identity of the current process is used.

Return Value
Generated credential data, including SAML-related information such as subject.


Proxy settings that are required for the HTTPS and STS calls made during the authentication/credential generation process are supported and should have been configured on the STS ClientConfig instance associated with the STS client instance exposing this interface.

Version Information

.NET Framework:
Supported in: 4.5, 4.0, 3.5