AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Temporary credentials that are created following successful authentication with a federated endpoint supporting SAML.
Namespace: Amazon.Runtime
Assembly: AWSSDK.Core.dll
Version: 3.x.y.z
[Obsolete("This class is obsolete and will be removed in a future release. Please use Amazon.Runtime.FederatedAWSCredentials. Visit http://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/net-dg-config-creds.html for further details.")]
public class StoredProfileFederatedCredentials : RefreshingAWSCredentials IDisposable
The StoredProfileFederatedCredentials type exposes the following members
Name | Description | |
---|---|---|
StoredProfileFederatedCredentials() |
Constructs an instance of StoredProfileFederatedCredentials using the profile name specified in the App.config. If no profile name is specified then the default credentials are used. |
|
StoredProfileFederatedCredentials(string) |
Constructs an instance of StoredProfileFederatedCredentials. Credentials will be searched for using the profileName parameter. |
|
StoredProfileFederatedCredentials(string, string) |
Constructs an instance of StoredProfileFederatedCredentials. After construction call one of the Authenticate methods to authenticate the user/process and obtain temporary AWS credentials. For users who are domain joined (the role profile does not contain user identity information) the temporary credentials will be refreshed automatically as needed. Non domain-joined users (those with user identity data in the profile) are required to re-authenticate when credential refresh is required. An exception is thrown when attempt is made to refresh credentials in this scenario. The consuming code of this class should catch the exception and prompt the user for credentials, then call Authenticate to re-initialize with a new set of temporary AWS credentials. |
|
StoredProfileFederatedCredentials(string, string, WebProxy) |
Constructs an instance of StoredProfileFederatedCredentials. After construction call one of the Authenticate methods to authenticate the user/process and obtain temporary AWS credentials. For users who are domain joined (the role profile does not contain user identity information) the temporary credentials will be refreshed automatically as needed. Non domain-joined users (those with user identity data in the profile) are required to re-authenticate when credential refresh is required. An exception is thrown when attempt is made to refresh credentials in this scenario. The consuming code of this class should catch the exception and prompt the user for credentials, then call Authenticate to re-initialize with a new set of temporary AWS credentials. |
Name | Type | Description | |
---|---|---|---|
CustomCallbackState | System.Object |
Custom state to return to the registered callback to handle credential requests. The data will be contained in the CredentialRequestCallbackArgs instance supplied to the callback. |
|
PreemptExpiryTime | System.TimeSpan | Inherited from Amazon.Runtime.RefreshingAWSCredentials. | |
ProfileData | Amazon.Util.SAMLRoleProfile |
The data about the SAML endpoint and any required user credentials parsed from the profile. |
|
ProfileName | System.String |
Name of the profile being used. |
|
ProfilesLocation | System.String |
Location of the profiles, if used. |
Name | Description | |
---|---|---|
CanCreateFrom(string, string) |
Tests if an instance can be created from the persisted profile data. |
|
ClearCredentials() | Inherited from Amazon.Runtime.RefreshingAWSCredentials. | |
Dispose() | Inherited from Amazon.Runtime.RefreshingAWSCredentials. | |
GetCredentials() | Inherited from Amazon.Runtime.RefreshingAWSCredentials. | |
GetCredentialsAsync() | Inherited from Amazon.Runtime.RefreshingAWSCredentials. | |
SetCredentialCallbackData(StoredProfileFederatedCredentials.RequestUserCredential, object) |
Registers a callback handler for scenarios where credentials need to be supplied during user authentication (primarily the non-domain-joined use case). Custom data, which will be supplied in the CredentialRequestCallbackArgs instance passed to the callback, can also be supplied. The callback will only be invoked if the underlying SAML role profile indicates it was set up for use with a specific identity. For profiles that do not contain any user identity the SDK will default to using the identity of the current process during authentication. Additionally, if the profile contain user identity information but no callback has been registered, the SDK will also attempt to use the current process identity during authentication. |
Name | Type | Description | |
---|---|---|---|
MaximumCredentialTimespan | System.TimeSpan |
The maximum allowed timespan for generated credentials, per STS documentation. |
|
MinimumCredentialTimespan | System.TimeSpan |
The minimum allowed timespan for generated credentials, per STS documentation. |
.NET Framework:
Supported in: 4.5, 4.0, 3.5