Page Comparison

This is the Identity Federation for AWS REST API v2.0 reference (refer to the Developer Guide for more information).

Include Page

	_APICompatibilityNote
	_APICompatibilityNote

Include Page

	_APILimitationsNote
	_APILimitationsNote

On this page:

Table of Contents

maxLevel	3

Excerpt

REST API v2.0 resources (Identity Federation)

This is the reference of all resources relevant to this apps actual functionality as a token vendor for Identity Federation - refer to the REST API resources (complete reference) if you intent to include this app into administrative automation scenarios (e.g. for scripting).

Resource	URI template	methods	description	permissions	comments
Connectors					This is the main resource to interact with currently in order to retrieve temporary AWS security credentials.
	/connectors	GET	Get all AWS connectors.	Configurable
	/connectors/{id}	GET	Get an AWS connector identified by its id.	Configurable
	/connectors/{id}/caller-identity	GET	Get details about the IAM identity whose credentials are used to call the API.	Configurable
	/connectors/{id}/credentials	GET	Get temporary AWS security credentials via a AWS connector identified by its id.	Configurable	This is the main resource to use for calling AWS services in turn.
	/connectors/{id}/console/url	GET	Get the URL for SSO with the AWS Management Console via a AWS connector identified by its id.	Configurable	The returned URL is not the final one, rather the one to present to users so that following it will yield the SSO with AWS in turn (provided the executing user has permission to use the connector).
	/connectors/{id}/ecr/credentials	GET	Get temporary Amazon ECR authentication credentials via a AWS connector identified by its id.	Configurable	Refer to Amazon EC2 Container Registry (Amazon ECR) authentication credentials for details. In addition to the native AWS API response data, the response also provides the properties `proxyEndpointDomain`, `username` and `password` for convenient usage with the Bamboo Docker task.

/rest/identity-federation-for-aws/2.0/connectors

Methods

GET

Request

Code Block

language	js

GET http://host:port/context/rest/identity-federation-for-aws/2.0/connectors (200)

Response Headers

Code Block

language	js

Server: Apache-Coyote/1.1
X-AREQUESTID: 1384x1779x1
X-ASESSIONID: 1dteqyw
X-Seraph-LoginReason: OK
X-AUSERNAME: admin
Cache-Control: no-cache, no-store, no-transform
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Tue, 04 Jun 2013 21:04:32 GMT

Response Body

Code Block

language	js

{
  "values": [
    {
      "id": "1521fbf0-fa97-4c4a-9877-9f0c5e9982d3",
      "name": "Development Team A",
      "type": "FEDERATION_TOKEN",
      "partition": "aws"
    },
    {
      "id": "1f2d5aee-839e-49ae-8a5b-e9ae27a2f2d8",
      "name": "Development Team B",
      "type": "SESSION_TOKEN",
      "partition": "aws"
    },
    {
      "id": "997a2479-a27c-46fc-9397-9a6bff91b7dd",
      "name": "Operations Team",
      "type": "FEDERATION_TOKEN"
      "scope": "SYSTEM",
      "partition": "aws"
    }
  ],
  "size": 3
}

/rest/identity-federation-for-aws/2.0/connectors/{id}

Methods

GET

Request

Code Block

language	js

GET http://host:port/context/rest/identity-federation-for-aws/2.0/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3 (200)

Response Headers

Code Block

language	js

Server: Apache-Coyote/1.1
X-AREQUESTID: 1390x1780x1
X-ASESSIONID: 1dteqyw
X-Seraph-LoginReason: OK
X-AUSERNAME: admin
Cache-Control: no-cache, no-store, no-transform
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Tue, 04 Jun 2013 21:10:08 GMT

Response Body

Code Block

language	js

{
  "id": "1521fbf0-fa97-4c4a-9877-9f0c5e9982d3",
  "name": "Development Team A",
  "type": "FEDERATION_TOKEN",
  "partition": "aws"
}

/rest/identity-federation-for-aws/2.0/connectors/{id}/caller-identity

Methods

GET

Request

Code Block

language	js

GET http://host:port/context/rest/identity-federation-for-aws/2.0/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3/caller-identity (200)

Response Headers

Code Block

language	js

Server: Apache-Coyote/1.1
X-Seraph-LoginReason: OK
	Cache-Control: no-cache, no-store, no-transform
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 22 Jul 2016 09:58:31 GMT

Response Body

Code Block

language	js

{
  "account": "248163264128",
  "arn": "arn:aws:sts::248163264128:federated-user/admin",
  "userId": "248163264128:admin"
}

/rest/identity-federation-for-aws/2.0/connectors/{id}/credentials

Methods

GET

Request

Code Block

language	js

GET http://host:port/context/rest/identity-federation-for-aws/2.0/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3/credentials (200)

Response Headers

Code Block

language	js

Server: Apache-Coyote/1.1
X-AREQUESTID: 1390x1782x1
X-ASESSIONID: 1dteqyw
X-Seraph-LoginReason: OK
X-AUSERNAME: admin
Cache-Control: no-cache, no-store, no-transform
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Tue, 04 Jun 2013 21:10:56 GMT

Response Body

Code Block

language	js

{
  "accessKeyId": "ASIJATLAS2XBO2MQ77VQ",
  "secretAccessKey": "FeJioaEdLa0RJsVCSBYAtLaskADEzkq1VFriuJla",
  "sessionToken": "AQoDYXdzEN7//////////wEa8AEmChyr2gLDNxQATlASOWNkI0ORBVCkbPuMdTPQxpQR7NrqxjBo+O13lg2KjKdsxoXfR3fzCG/L0g9k2YQOMWVZjQLkd6cS4F3NL3qa/dtheXaYmcCeUXwJoznMWsXvGV3OQyizKD7hHcQbrYDzJWr1hcoksx03NazuG1xx6uWn8uwcktsyMCwATlasC8tqw6ffozllgQr2eZK1lBPyXWQy7Jwx3EyXLP/rulAhEBE9mrAUzp0xq0Yiekc7I06dSAQT7fBsuHzWoNQ0O8zmX4S35AL+pP+kBzAJZ75qvviNZYmoqXCBcSEOmWLFnyAuCSUg5a+5jQU=",
  "expiration": 1370423461000,
  "partition": "aws"

}

/rest/identity-federation-for-aws/2.0/connectors/{id}/console/url

Methods

GET

Request

Code Block

language	js

GET http://host:port/context/rest/identity-federation-for-aws/2.0/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3/console/url (200)

Response Headers

Code Block

language	js

Server: Apache-Coyote/1.1
X-AREQUESTID: 764x100x1
X-asessionid: 1ycp90k
X-Seraph-LoginReason: OK
X-ausername: admin
Cache-Control: no-cache, no-store, no-transform
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Mon, 24 Aug 2015 10:44:11 GMT

Response Body

Code Block

language	js

{
  "url":"http://host:port/context/plugins/servlet/identity-federation-for-aws/aws-console-login/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3"
}

/rest/identity-federation-for-aws/2.0/connectors/{id}/ecr/credentials?region={region}

Methods

GET

Request

Code Block

language	js

GET http://host:port/context/rest/identity-federation-for-aws/2.0/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3/ecr/credentials?region=us-east-1 (200)

Response Headers

Code Block

language	js

Server: Apache-Coyote/1.1
X-AREQUESTID: 764x100x1
X-asessionid: 1ycp90k
X-Seraph-LoginReason: OK
X-ausername: admin
Cache-Control: no-cache, no-store, no-transform
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Tue, 16 Feb 2016 16:55:39 GMT

Response Body

Code Block

language	js

{
  "values": [
    {
      "authorizationToken": "QVdTOkNpQndtMFlhSVNKZVJ0Sm01bjFHNnVxZWVrWHVvWFhQATlASmNlOVJxOC8xNHhLU0J3RUJBZ0I0Y0p0R0dpRWlYa2JTWnVaOVJ1cnFubnBGN3FGMXozdVZCWEh2VWF2UDllTUFBQU5wTUlJRFpRWUpLb1pJaHZjTkFRY0dvSUlEVmpDQ0ExSUNBUUF3Z2dOTEJna3Foa2lHOXcwQkJ3RXdIZ1lKWUlaSUFXVURCQUV1TUJFRURLOG43TkNtekd0TU9oZzBEUUlCRUlDQ0F4eEMrK2s3MmF2UlZ2cGZVcGl3bU5vSEYxWXZORHdqZnZoUkc5K1VPL3d2NzNCUUlVVVduRS91bmxHREtrdElzNXFuR2FKNUFldTJET3drSVo4b01pb2hjazhrc2JDRkEraVhZMkkxcmNjaDdmV1hEbVNnYm15ZloyY010UmwrOUdDWk15bVhJelpFd3BhOXI5QUN1NVVzTVhYcHhKTFFVWEZOVVgrdWIwSThFMjFDN1BwRWRWQkl2blFUVVE1ZGttalFqVTlEREUzMStLT2w1eC80Y2pMeWZobU10bzBSc1FsOGVQTTlUYkVJcFZKT2NIelk4K05rakpwZkRUY3ZrUUJYZDRCWlFMMmtZUzhCUC9VeTF0bCs2cVY3MGhrSkpnbTBVQnJBWnhNM0FJc09SZ0Q3TUJ5WXUzZklTemlYV1FHL2s1cG1VTzV5bVlYeTJwenJxTnhnMXNFZk5rUDdGTVZLZklOenlaNUVJZjdNc3JKeDlxTlNOelpYNStVNmNJM052T2pHYkhJSjZxM0YxdWQ0aFNENXcyRUQ2bDZiVWtVS0FvR2cxSmMxaW1UUnBKTWVXWlozSjc0ZU1DL0FwZExzNzZZclNScExVYXVwNHZJQjRkRmptZ2Q1bFNMS2p0NEF5Rjd0S2ZYOG82anJSS2dyRkc5dEExZXl6dW1DdXo0MHZTQkRLQW1WNTlwK2dzYmh1aFVzcWlETWdaUHdBNis0WHNJbno1WE9xM01QaFI4cncxckhPYmxhaUtJbG14RnZFSTQ2R213TTFoSWJnc3RqNXE3cW4vcUpPOTQra1NZY0xoMFVNZWdIZmUxd2dvdjhzaDRBa0VDVG0ydkFaM2dsQmtoU3RDYTlUTGxJZGJZNHl5RVBkaGNsS3g4SDV0MGdPMXZRN3dWNjdrZG54U3JSM1pCTDdtL3VPNmdPS05zc0p4NjlyN1E0Z2k2cjhMU0RHTVEvekV4bGQzcEJxcjNoV1F3RWdEeVBBclg3Yk5wblFLQlVFV2tneW1wcUpOWkpPRUhQR0I5Rm1obDN5ZVYwS0ZWTlVBdzJWTE95ekJrU1JMVFd3OWl6VlF1eVlpSE8zcHFyMlRjczdBVVJIb2FvcFBwWGRlOTJDeFB5ZllranBEazFlMjRVVWxuUW5tY1g0cGcyUWh1VHJoWVdOc2h0MVNWU0NnanJkamhEdURwUDh6UmtzTFJFaWErUE1YZlhnRFFPOUNLK1B4cEJOZE5aQzR0ZHhpMzYrVElkVjNnQjlIcHU4YmxWTllONjgzdEpuN3c0SXRSSUhzY0NGWnRiTnY4UTdBL0dadEN4UGt3YVFkTkREZSt2RG1ia25yVGtmUEJhYzhzclNhTEJMRGJOcGZmajc4QUx0c0lISStuT1VxRDV1VGI3OTljV2dnNytyMDFw",
      "expirationDate": "20160217T045542Z",
      "proxyEndpoint": "https://124816326400.dkr.ecr.us-east-1.amazonaws.com",
      "proxyEndpointDomain": "124816326400.dkr.ecr.us-east-1.amazonaws.com",
      "username": "AWS",
      "password": "CiBwm0YaISJeRtJm5n1G6uqeekXuoXXPe5UFce9Rq8/ATlASBwEBAgB4cJtGGiEiXkbSZuZ9RurqnnpF7qF1z3uVBXHvUavP9eMAAANpMIIDZQYJKoZIhvcNAQcGoIIDVjCCA1ICAQAwggNLBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDK8n7NCmzGtMOhg0DQIBEICCAxxC++k72avRVvpfUpiwmNoHF1YvNDwjfvhRG9+UO/wv73BQIUUWnE/unlGDKktIs5qnGaJ5Aeu2DOwkIZ8oMiohck8ksbCFA+iXY2I1rcch7fWXDmSgbmyfZ2cMtRl+9GCZMymXIzZEwpa9r9ACu5UsMXXpxJLQUXFNUX+ub0I8E21C7PpEdVBIvnQTUQ5dkmjQjU9DDE31+KOl5x/4cjLyfhmMto0RsQl8ePM9TbEIpVJOcHzY8+NkjJpfDTcvkQBXd4BZQL2kYS8BP/Uy1tl+6qV70hkJJgm0UBrAZxM3AIsORgD7MByYu3fISziXWQG/k5pmUO5ymYXy2pzrqNxg1sEfNkP7FMVKfINzyZ5EIf7MsrJx9qNSNzZX5+U6cI3NvOjGbHIJ6q3F1ud4hSD5w2ED6l6bUkUKAoGg1Jc1imTRpJMeWZZ3J74eMC/ApdLs76YrSRpLUaup4vIB4dFjmgd5lSLKjt4AyF7tKfX8o6jrRKgrFG9tA1eyzumCuz40vSBDKAmV59p+gsbhuhUsqiDMgZPwA6+4XsInz5XOq3MPhR8rw1rHOblaiKIlmxFvEI46GmwM1hIbgstj5q7qn/qJO94+kSYcLh0UMegHfe1wgov8sh4AkECTm2vAZ3glBkhStCa9TLlIdbY4yyEPdhclKx8H5t0gO1vQ7wV67kdnxSrR3ZBL7m/uO6gOKNssJx69r7Q4gi6r8LSDGMQ/zExld3pBqr3hWQwEgDyPArX7bNpnQKBUEWkgympqJNZJOEHPGB9Fmhl3yeV0KFVNUAw2VLOyzBkSRLTWw9izVQuyYiHO3pqr2Tcs7AURHoaopPpXde92CxPyfYkjpDk1e24UUlnQnmcX4pg2QhuTrhYWNsht1SVSCgjrdjhDuDpP8zRksLREia+PMXfXgDQO9CK+PxpBNdNZC4tdxi36+TIdV3gB9Hpu8blVNYN683tJn7w4ItRIHscCFZtbNv8Q7A/GZtCxPkwaQdNDDe+vDmbknrTkfPBac8srSaLBLDbNpffj78ALtsIHI+nOUqD5uTb799cWgg7+r01p"
    }
  ],
  "size": 1
}

REST API v2.0 resources (complete reference)

This is the complete reference of all resources available. You usually won't interact with most of these outside of administrative automation scenarios (e.g. for scripting) - please see the REST API resources (Identity Federation) for this apps actual functionality first.

Resource

URI template

methods

status

description

permissions

comments

Accounts

Status

colour	Yellow
title	internal

You usually won't interact with accounts (access keys) via the API currently, please see the Connectors resource instead!

/accounts

GET|POST

Status

subtle	true
colour	Yellow
title	internal

Get all accounts (IAM users).

Administrator

/accounts/{id}

GET|DELETE|PUT

Status

subtle	true
colour	Yellow
title	internal

Get an account (IAM user) identified by its id.

Administrator

Connectors

This is the main resource to interact with currently in order to retrieve temporary AWS security credentials.

/connectors

GET

Status

subtle	true
colour	Green
title	PUBLIC

Get all AWS connectors.

Configurable

You only need GET for the intended usage as a token vendor, but POST will be added in a subsequent release regardless.

/connectors/{id}

GET

Status

subtle	true
colour	Green
title	PUBLIC

Get an AWS connector identified by its id.

Configurable

You only need GET for the intended usage as a token vendor, but DELETE|PUT will be added in a subsequent release regardless.

/connectors/{id}/caller-identity

GET

Status

subtle	true
colour	Green
title	PUBLIC

Get details about the IAM identity whose credentials are used to call the API.

Configurable

/connectors/{id}/credentials

GET

Status

subtle	true
colour	Green
title	PUBLIC

Get the temporary AWS security credentials via an AWS connector identified by its id.

Configurable

This is the main resource to use for calling AWS services in turn.

/connectors/{id}/console/url

GET

Status

subtle	true
colour	Green
title	PUBLIC

Get the URL for SSO with the AWS Management Console via a AWS connector identified by its id.

Configurable

The returned URL is not the final one, rather the one to present to users so that following it will yield the SSO with AWS in turn (provided the executing user has permission to use the connector).

/connectors/{id}/ecr/credentials

GET

Status

subtle	true
colour	Green
title	PUBLIC

Get temporary Amazon ECR authentication credentials via a AWS connector identified by its id.

Configurable

Refer to Amazon EC2 Container Registry (Amazon ECR) authentication credentials for details.

In addition to the native AWS API response data, the response also provides the properties proxyEndpointDomain, username and password for convenient usage with the Bamboo Docker task.

Frequently Asked Questions (FAQ)

Questionslist macro

filter	popular
ask	true
limit	8
topic	identity-federation-for-aws,api

Versions Compared

Old Version 21

New Version Current

Key

REST API v2.0 resources (Identity Federation)

/rest/identity-federation-for-aws/2.0/connectors

Methods

GET

Request

/rest/identity-federation-for-aws/2.0/connectors/{id}

Methods

GET

Request

/rest/identity-federation-for-aws/2.0/connectors/{id}/caller-identity

Methods

GET

Request

/rest/identity-federation-for-aws/2.0/connectors/{id}/credentials

Methods

GET

Request

/rest/identity-federation-for-aws/2.0/connectors/{id}/console/url

Methods

GET

Request

/rest/identity-federation-for-aws/2.0/connectors/{id}/ecr/credentials?region={region}

Methods

GET

Request

REST API v2.0 resources (complete reference)

Frequently Asked Questions (FAQ)