StoredProfileFederatedCredentials Class

Temporary credentials that are created following successful authentication with a federated endpoint supporting SAML.

Inheritance Hierarchy

System.Object
  Amazon.Runtime.AWSCredentials
    Amazon.Runtime.RefreshingAWSCredentials
      Amazon.Runtime.StoredProfileFederatedCredentials

Namespace: Amazon.Runtime
Assembly: AWSSDK.Core.dll
Version: 3.x.y.z

Syntax

[Obsolete("This class is obsolete and will be removed in a future release. Please use Amazon.Runtime.FederatedAWSCredentials.  Visit http://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/net-dg-config-creds.html for further details.")]
public class StoredProfileFederatedCredentials : RefreshingAWSCredentials
         IDisposable

The StoredProfileFederatedCredentials type exposes the following members

Constructors

	Name	Description
	StoredProfileFederatedCredentials()	Constructs an instance of StoredProfileFederatedCredentials using the profile name specified in the App.config. If no profile name is specified then the default credentials are used.
	StoredProfileFederatedCredentials(string)	Constructs an instance of StoredProfileFederatedCredentials. Credentials will be searched for using the profileName parameter.
	StoredProfileFederatedCredentials(string, string)	Constructs an instance of StoredProfileFederatedCredentials. After construction call one of the Authenticate methods to authenticate the user/process and obtain temporary AWS credentials. For users who are domain joined (the role profile does not contain user identity information) the temporary credentials will be refreshed automatically as needed. Non domain-joined users (those with user identity data in the profile) are required to re-authenticate when credential refresh is required. An exception is thrown when attempt is made to refresh credentials in this scenario. The consuming code of this class should catch the exception and prompt the user for credentials, then call Authenticate to re-initialize with a new set of temporary AWS credentials.
	StoredProfileFederatedCredentials(string, string, WebProxy)	Constructs an instance of StoredProfileFederatedCredentials. After construction call one of the Authenticate methods to authenticate the user/process and obtain temporary AWS credentials. For users who are domain joined (the role profile does not contain user identity information) the temporary credentials will be refreshed automatically as needed. Non domain-joined users (those with user identity data in the profile) are required to re-authenticate when credential refresh is required. An exception is thrown when attempt is made to refresh credentials in this scenario. The consuming code of this class should catch the exception and prompt the user for credentials, then call Authenticate to re-initialize with a new set of temporary AWS credentials.

Properties

Name	Type	Description
CustomCallbackState	System.Object	Custom state to return to the registered callback to handle credential requests. The data will be contained in the CredentialRequestCallbackArgs instance supplied to the callback.
PreemptExpiryTime	System.TimeSpan	Inherited from Amazon.Runtime.RefreshingAWSCredentials.
ProfileData	Amazon.Util.SAMLRoleProfile	The data about the SAML endpoint and any required user credentials parsed from the profile.
ProfileName	System.String	Name of the profile being used.
ProfilesLocation	System.String	Location of the profiles, if used.

Methods

Note:

Asynchronous operations (methods ending with Async) in the table below are for .NET 4.5 or higher. For .NET 3.5 the SDK follows the standard naming convention of BeginMethodName and EndMethodName to indicate asynchronous operations - these method pairs are not shown in the table below.

	Name	Description
	CanCreateFrom(string, string)	Tests if an instance can be created from the persisted profile data.
	ClearCredentials()	Inherited from Amazon.Runtime.RefreshingAWSCredentials.
	Dispose()	Inherited from Amazon.Runtime.RefreshingAWSCredentials.
	GetCredentials()	Inherited from Amazon.Runtime.RefreshingAWSCredentials.
	GetCredentialsAsync()	Inherited from Amazon.Runtime.RefreshingAWSCredentials.
	SetCredentialCallbackData(StoredProfileFederatedCredentials.RequestUserCredential, object)	Registers a callback handler for scenarios where credentials need to be supplied during user authentication (primarily the non-domain-joined use case). Custom data, which will be supplied in the CredentialRequestCallbackArgs instance passed to the callback, can also be supplied. The callback will only be invoked if the underlying SAML role profile indicates it was set up for use with a specific identity. For profiles that do not contain any user identity the SDK will default to using the identity of the current process during authentication. Additionally, if the profile contain user identity information but no callback has been registered, the SDK will also attempt to use the current process identity during authentication.

Fields

	Name	Type	Description
	MaximumCredentialTimespan	System.TimeSpan	The maximum allowed timespan for generated credentials, per STS documentation.
	MinimumCredentialTimespan	System.TimeSpan	The minimum allowed timespan for generated credentials, per STS documentation.

Remarks

1. Currently only the SDK store supports profiles that contain the necessary data to support authentication and role-based credential generation. The ini-format files used by the AWS CLI and some other SDKs are not supported at this time.
2. In order to use the StoredProfileFederatedCredentials class the AWSSDK.SecurityToken assembly must be available to your application at runtime.

Version Information

.NET Framework:
Supported in: 4.5, 4.0, 3.5