You do not have sufficient access to perform this action.
* @public */ export declare class AccessDeniedException extends __BaseException { readonly name: "AccessDeniedException"; readonly $fault: "client"; /** *Single error code. For this exception the value will be access_denied.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionTypeIndicates that a request to authorize a client with an access user session token is * pending.
* @public */ export declare class AuthorizationPendingException extends __BaseException { readonly name: "AuthorizationPendingException"; readonly $fault: "client"; /** *Single error code. For this exception the value will be
* authorization_pending.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionTypeThe unique identifier string for the client or application. This value comes from the * result of the RegisterClient API.
* @public */ clientId: string | undefined; /** *A secret string generated for the client. This value should come from the persisted result * of the RegisterClient API.
* @public */ clientSecret: string | undefined; /** *Supports the following OAuth grant types: Authorization Code, Device Code, and Refresh * Token. Specify one of the following values, depending on the grant type that you want:
** Authorization Code - authorization_code
*
* Device Code - urn:ietf:params:oauth:grant-type:device_code
*
* Refresh Token - refresh_token
*
Used only when calling this API for the Device Code grant type. This short-lived code is * used to identify this authorization request. This comes from the result of the StartDeviceAuthorization API.
* @public */ deviceCode?: string | undefined; /** *Used only when calling this API for the Authorization Code grant type. The short-lived * code is used to identify this authorization request.
* @public */ code?: string | undefined; /** *Used only when calling this API for the Refresh Token grant type. This token is used to * refresh short-lived tokens, such as the access token, that might expire.
*For more information about the features and limitations of the current IAM Identity Center OIDC * implementation, see Considerations for Using this Guide in the IAM Identity Center * OIDC API Reference.
* @public */ refreshToken?: string | undefined; /** *The list of scopes for which authorization is requested. The access token that is issued * is limited to the scopes that are granted. If this value is not specified, IAM Identity Center authorizes * all scopes that are configured for the client during the call to RegisterClient.
* @public */ scope?: string[] | undefined; /** *Used only when calling this API for the Authorization Code grant type. This value * specifies the location of the client or application that has registered to receive the * authorization code.
* @public */ redirectUri?: string | undefined; /** *Used only when calling this API for the Authorization Code grant type. This value is * generated by the client and presented to validate the original code challenge value the client * passed at authorization time.
* @public */ codeVerifier?: string | undefined; } /** * @internal */ export declare const CreateTokenRequestFilterSensitiveLog: (obj: CreateTokenRequest) => any; /** * @public */ export interface CreateTokenResponse { /** *A bearer token to access Amazon Web Services accounts and applications assigned to a user.
* @public */ accessToken?: string | undefined; /** *Used to notify the client that the returned token is an access token. The supported token
* type is Bearer.
Indicates the time in seconds when an access token will expire.
* @public */ expiresIn?: number | undefined; /** *A token that, if present, can be used to refresh a previously issued access token that * might have expired.
*For more information about the features and limitations of the current IAM Identity Center OIDC * implementation, see Considerations for Using this Guide in the IAM Identity Center * OIDC API Reference.
* @public */ refreshToken?: string | undefined; /** *The idToken is not implemented or supported. For more information about the
* features and limitations of the current IAM Identity Center OIDC implementation, see
* Considerations for Using this Guide in the IAM Identity Center
* OIDC API Reference.
A JSON Web Token (JWT) that identifies who is associated with the issued access token. *
* @public */ idToken?: string | undefined; } /** * @internal */ export declare const CreateTokenResponseFilterSensitiveLog: (obj: CreateTokenResponse) => any; /** *Indicates that the token issued by the service is expired and is no longer valid.
* @public */ export declare class ExpiredTokenException extends __BaseException { readonly name: "ExpiredTokenException"; readonly $fault: "client"; /** *Single error code. For this exception the value will be expired_token.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionTypeIndicates that an error from the service occurred while trying to process a * request.
* @public */ export declare class InternalServerException extends __BaseException { readonly name: "InternalServerException"; readonly $fault: "server"; /** *Single error code. For this exception the value will be server_error.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionTypeIndicates that the clientId or clientSecret in the request is
* invalid. For example, this can occur when a client sends an incorrect clientId or
* an expired clientSecret.
Single error code. For this exception the value will be
* invalid_client.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionTypeIndicates that a request contains an invalid grant. This can occur if a client makes a * CreateToken request with an invalid grant type.
* @public */ export declare class InvalidGrantException extends __BaseException { readonly name: "InvalidGrantException"; readonly $fault: "client"; /** *Single error code. For this exception the value will be invalid_grant.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionTypeIndicates that something is wrong with the input to the request. For example, a required * parameter might be missing or out of range.
* @public */ export declare class InvalidRequestException extends __BaseException { readonly name: "InvalidRequestException"; readonly $fault: "client"; /** *Single error code. For this exception the value will be
* invalid_request.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionTypeIndicates that the scope provided in the request is invalid.
* @public */ export declare class InvalidScopeException extends __BaseException { readonly name: "InvalidScopeException"; readonly $fault: "client"; /** *Single error code. For this exception the value will be invalid_scope.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionTypeIndicates that the client is making the request too frequently and is more than the * service can handle.
* @public */ export declare class SlowDownException extends __BaseException { readonly name: "SlowDownException"; readonly $fault: "client"; /** *Single error code. For this exception the value will be slow_down.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionTypeIndicates that the client is not currently authorized to make the request. This can happen
* when a clientId is not issued for a public client.
Single error code. For this exception the value will be
* unauthorized_client.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionTypeIndicates that the grant type in the request is not supported by the service.
* @public */ export declare class UnsupportedGrantTypeException extends __BaseException { readonly name: "UnsupportedGrantTypeException"; readonly $fault: "client"; /** *Single error code. For this exception the value will be
* unsupported_grant_type.
Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
* @public */ error_description?: string | undefined; /** * @internal */ constructor(opts: __ExceptionOptionType