Class SsoCredentialsProvider

java.lang.Object
software.amazon.awssdk.services.sso.auth.SsoCredentialsProvider
All Implemented Interfaces:
AutoCloseable, AwsCredentialsProvider, IdentityProvider<AwsCredentialsIdentity>, ToCopyableBuilder<SsoCredentialsProvider.Builder,SsoCredentialsProvider>, SdkAutoCloseable
@SdkPublicApi public final class SsoCredentialsProvider extends Object implements AwsCredentialsProvider, SdkAutoCloseable, ToCopyableBuilder<SsoCredentialsProvider.Builder,SsoCredentialsProvider>
An implementation of AwsCredentialsProvider that periodically sends a GetRoleCredentialsRequest to the AWS Single Sign-On Service to maintain short-lived sessions to use for authentication. These sessions are updated using a single calling thread (by default) or asynchronously (if SsoCredentialsProvider.Builder.asyncCredentialUpdateEnabled(Boolean) is set). If the credentials are not successfully updated before expiration, calls to resolveCredentials() will block until they are updated successfully. Users of this provider must close() it when they are finished using it. This is created using builder().

  • Method Details

    • staleTime

      public Duration staleTime()
      The amount of time, relative to session token expiration, that the cached credentials are considered stale and should no longer be used. All threads will block until the value is updated.

    • prefetchTime

      public Duration prefetchTime()
      The amount of time, relative to session token expiration, that the cached credentials are considered close to stale and should be updated.

    • builder

      public static software.amazon.awssdk.services.sso.auth.SsoCredentialsProvider.BuilderImpl builder()
      Get a builder for creating a custom SsoCredentialsProvider.

    • resolveCredentials

      public AwsCredentials resolveCredentials()
      Description copied from interface: AwsCredentialsProvider
      Returns AwsCredentials that can be used to authorize an AWS request. Each implementation of AWSCredentialsProvider can choose its own strategy for loading credentials. For example, an implementation might load credentials from an existing key management system, or load new credentials when credentials are rotated.

      If an error occurs during the loading of credentials or credentials could not be found, a runtime exception will be raised.

      Specified by:
      resolveCredentials in interface AwsCredentialsProvider
      Returns:
      AwsCredentials which the caller can use to authorize an AWS request.

    • close

      public void close()
      Description copied from interface: SdkAutoCloseable
      Specified by:
      close in interface AutoCloseable
      Specified by:
      close in interface SdkAutoCloseable

    • toBuilder

      public SsoCredentialsProvider.Builder toBuilder()
      Description copied from interface: ToCopyableBuilder
      Take this object and create a builder that contains all of the current property values of this object.
      Specified by:
      toBuilder in interface ToCopyableBuilder<SsoCredentialsProvider.Builder,SsoCredentialsProvider>
      Returns:
      a builder for type T