REST API v2.1 Reference

 

REST API v2.1 resources (Identity Federation)

This is the reference of all resources relevant to this apps actual functionality as a token vendor for Identity Federation - refer to the REST API resources (complete reference) if you intent to include this app into administrative automation scenarios (e.g. for scripting).

Resource

URI template

methods

description

permissions

comments

Connectors

This is the main resource for retrieving temporary AWS security credentials.



/connectors

GET|POST

Get all AWS connectors.

Configurable

 GET is the only required method for the token vendor use case, but POST is available for administration purposes.



/connectors/{id}

GET|PUT|DELETE

Get an AWS connector identified by its id.

Configurable

 GET is the only required method for the token vendor use case, but DELETE|PUT is available for administration purposes.



/connectors/{id}/caller-identity

GET

Get details about the IAM identity whose credentials are used to call the API.

Configurable





/connectors/{id}/credentials

GET

Get temporary AWS security credentials via a AWS connector identified by its id.

Configurable

This is the main resource to use for calling AWS services in turn.



/connectors/{id}/console/url

GET

Get the URL for SSO with the AWS Management Console via a AWS connector identified by its id.

Configurable

The returned URL is not the final one, rather the one to present to users so that following it will yield the SSO with AWS in turn (provided the executing user has permission to use the connector).



/connectors/{id}/ecr/credentials

GET

Get temporary Amazon ECR authentication credentials via a AWS connector identified by its id.

Configurable

Refer to Amazon EC2 Container Registry (Amazon ECR) authentication credentials for details.

  • In addition to the native AWS API response data, the response also provides the properties proxyEndpointDomain, username and password for convenient usage with the Bamboo Docker task.

 

/connectors/{id}/codeartifact/credentials

GET

Get temporary AWS CodeArtifact credentials (authentication token) via a AWS connector identified by its id.

Configurable

Refer to AWS CodeArtifact authentication and tokens for details.



/rest/identity-federation-for-aws/2.1/connectors

Methods

GET
Request
GET http://host:port/context/rest/identity-federation-for-aws/2.1/connectors (200)



Response Headers
Server: Apache-Coyote/1.1 X-AREQUESTID: 1384x1779x1 X-ASESSIONID: 1dteqyw X-Seraph-LoginReason: OK X-AUSERNAME: admin Cache-Control: no-cache, no-store, no-transform Content-Type: application/json;charset=UTF-8 Transfer-Encoding: chunked Date: Tue, 04 Jun 2013 21:04:32 GMT



Response Body
{ "values": [ { "id": "1521fbf0-fa97-4c4a-9877-9f0c5e9982d3",  "name": "Development Team A", "type": "FEDERATION_TOKEN", "scope": "SYSTEM", "partition": "aws", "accountId": "afe1e1ca-60e6-471c-aab6-fe1ced186def", "roleArn": "", "externalId": "", "iamPolicy": "", "groups": [] }, { "id": "1f2d5aee-839e-49ae-8a5b-e9ae27a2f2d8",  "name": "Development Team B", "type": "SESSION_TOKEN", "scope": "SYSTEM", "partition": "aws", "accountId": "afe1e1ca-60e6-471c-aab6-fe1ced186def", "roleArn": "", "externalId": "", "iamPolicy": "", "groups": [] }, { "id": "997a2479-a27c-46fc-9397-9a6bff91b7dd", "name": "Operations Team", "type": "ASSUME_ROLE" "scope": "SYSTEM", "partition": "aws", "accountId": "afe1e1ca-60e6-471c-aab6-fe1ced186def", "roleArn": "arn:aws:iam::123456789012:role/S3Access", "externalId": "", "iamPolicy": "", "groups": []  } ], "size": 3 }







/rest/identity-federation-for-aws/2.1/connectors/{id}

Methods

GET
Request
GET http://host:port/context/rest/identity-federation-for-aws/2.1/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3 (200)



Response Headers
Server: Apache-Coyote/1.1 X-AREQUESTID: 1390x1780x1 X-ASESSIONID: 1dteqyw X-Seraph-LoginReason: OK X-AUSERNAME: admin Cache-Control: no-cache, no-store, no-transform Content-Type: application/json;charset=UTF-8 Transfer-Encoding: chunked Date: Tue, 04 Jun 2013 21:10:08 GMT



Response Body
{ "id": "1521fbf0-fa97-4c4a-9877-9f0c5e9982d3",  "name": "Development Team A", "type": "FEDERATION_TOKEN", "scope": "SYSTEM", "partition": "aws", "accountId": "afe1e1ca-60e6-471c-aab6-fe1ced186def", "roleArn": "", "externalId": "", "iamPolicy": "", "groups": [] }





/rest/identity-federation-for-aws/2.1/connectors/{id}/caller-identity

Methods

GET
Request
GET http://host:port/context/rest/identity-federation-for-aws/2.1/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3/caller-identity (200)



Response Headers
Server: Apache-Coyote/1.1 X-Seraph-LoginReason: OK Cache-Control: no-cache, no-store, no-transform Content-Type: application/json;charset=UTF-8 Transfer-Encoding: chunked Date: Fri, 22 Jul 2016 09:58:31 GMT



Response Body
{ "account": "248163264128", "arn": "arn:aws:sts::248163264128:federated-user/admin", "userId": "248163264128:admin" }





/rest/identity-federation-for-aws/2.1/connectors/{id}/credentials

Methods

GET
Request
GET http://host:port/context/rest/identity-federation-for-aws/2.1/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3/credentials (200)



Response Headers
Server: Apache-Coyote/1.1 X-AREQUESTID: 1390x1782x1 X-ASESSIONID: 1dteqyw X-Seraph-LoginReason: OK X-AUSERNAME: admin Cache-Control: no-cache, no-store, no-transform Content-Type: application/json;charset=UTF-8 Transfer-Encoding: chunked Date: Tue, 04 Jun 2013 21:10:56 GMT



Response Body
{ "accessKeyId": "ASIJATLAS2XBO2MQ77VQ", "secretAccessKey": "FeJioaEdLa0RJsVCSBYAtLaskADEzkq1VFriuJla", "sessionToken": "AQoDYXdzEN7//////////wEa8AEmChyr2gLDNxQATlASOWNkI0ORBVCkbPuMdTPQxpQR7NrqxjBo+O13lg2KjKdsxoXfR3fzCG/L0g9k2YQOMWVZjQLkd6cS4F3NL3qa/dtheXaYmcCeUXwJoznMWsXvGV3OQyizKD7hHcQbrYDzJWr1hcoksx03NazuG1xx6uWn8uwcktsyMCwATlasC8tqw6ffozllgQr2eZK1lBPyXWQy7Jwx3EyXLP/rulAhEBE9mrAUzp0xq0Yiekc7I06dSAQT7fBsuHzWoNQ0O8zmX4S35AL+pP+kBzAJZ75qvviNZYmoqXCBcSEOmWLFnyAuCSUg5a+5jQU=", "expiration": 1370423461000, "partition": "aws" }





/rest/identity-federation-for-aws/2.1/connectors/{id}/console/url

Methods

GET
Request
GET http://host:port/context/rest/identity-federation-for-aws/2.1/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3/console/url (200)



Response Headers
Server: Apache-Coyote/1.1 X-AREQUESTID: 764x100x1 X-asessionid: 1ycp90k X-Seraph-LoginReason: OK X-ausername: admin Cache-Control: no-cache, no-store, no-transform Content-Type: application/json;charset=UTF-8 Transfer-Encoding: chunked Date: Mon, 24 Aug 2015 10:44:11 GMT



Response Body
{ "url":"http://host:port/context/plugins/servlet/identity-federation-for-aws/aws-console-login/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3" }





/rest/identity-federation-for-aws/2.1/connectors/{id}/ecr/credentials?region={region}

Methods

GET
Request
GET http://host:port/context/rest/identity-federation-for-aws/2.1/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3/ecr/credentials?region=us-east-1 (200)



Response Headers
Server: Apache-Coyote/1.1 X-AREQUESTID: 764x100x1 X-asessionid: 1ycp90k X-Seraph-LoginReason: OK X-ausername: admin Cache-Control: no-cache, no-store, no-transform Content-Type: application/json;charset=UTF-8 Transfer-Encoding: chunked Date: Tue, 16 Feb 2016 16:55:39 GMT



Response Body
{ "values": [ { "authorizationToken": "QVdTOkNpQndtMFlhSVNKZVJ0Sm01bjFHNnVxZWVrWHVvWFhQATlASmNlOVJxOC8xNHhLU0J3RUJBZ0I0Y0p0R0dpRWlYa2JTWnVaOVJ1cnFubnBGN3FGMXozdVZCWEh2VWF2UDllTUFBQU5wTUlJRFpRWUpLb1pJaHZjTkFRY0dvSUlEVmpDQ0ExSUNBUUF3Z2dOTEJna3Foa2lHOXcwQkJ3RXdIZ1lKWUlaSUFXVURCQUV1TUJFRURLOG43TkNtekd0TU9oZzBEUUlCRUlDQ0F4eEMrK2s3MmF2UlZ2cGZVcGl3bU5vSEYxWXZORHdqZnZoUkc5K1VPL3d2NzNCUUlVVVduRS91bmxHREtrdElzNXFuR2FKNUFldTJET3drSVo4b01pb2hjazhrc2JDRkEraVhZMkkxcmNjaDdmV1hEbVNnYm15ZloyY010UmwrOUdDWk15bVhJelpFd3BhOXI5QUN1NVVzTVhYcHhKTFFVWEZOVVgrdWIwSThFMjFDN1BwRWRWQkl2blFUVVE1ZGttalFqVTlEREUzMStLT2w1eC80Y2pMeWZobU10bzBSc1FsOGVQTTlUYkVJcFZKT2NIelk4K05rakpwZkRUY3ZrUUJYZDRCWlFMMmtZUzhCUC9VeTF0bCs2cVY3MGhrSkpnbTBVQnJBWnhNM0FJc09SZ0Q3TUJ5WXUzZklTemlYV1FHL2s1cG1VTzV5bVlYeTJwenJxTnhnMXNFZk5rUDdGTVZLZklOenlaNUVJZjdNc3JKeDlxTlNOelpYNStVNmNJM052T2pHYkhJSjZxM0YxdWQ0aFNENXcyRUQ2bDZiVWtVS0FvR2cxSmMxaW1UUnBKTWVXWlozSjc0ZU1DL0FwZExzNzZZclNScExVYXVwNHZJQjRkRmptZ2Q1bFNMS2p0NEF5Rjd0S2ZYOG82anJSS2dyRkc5dEExZXl6dW1DdXo0MHZTQkRLQW1WNTlwK2dzYmh1aFVzcWlETWdaUHdBNis0WHNJbno1WE9xM01QaFI4cncxckhPYmxhaUtJbG14RnZFSTQ2R213TTFoSWJnc3RqNXE3cW4vcUpPOTQra1NZY0xoMFVNZWdIZmUxd2dvdjhzaDRBa0VDVG0ydkFaM2dsQmtoU3RDYTlUTGxJZGJZNHl5RVBkaGNsS3g4SDV0MGdPMXZRN3dWNjdrZG54U3JSM1pCTDdtL3VPNmdPS05zc0p4NjlyN1E0Z2k2cjhMU0RHTVEvekV4bGQzcEJxcjNoV1F3RWdEeVBBclg3Yk5wblFLQlVFV2tneW1wcUpOWkpPRUhQR0I5Rm1obDN5ZVYwS0ZWTlVBdzJWTE95ekJrU1JMVFd3OWl6VlF1eVlpSE8zcHFyMlRjczdBVVJIb2FvcFBwWGRlOTJDeFB5ZllranBEazFlMjRVVWxuUW5tY1g0cGcyUWh1VHJoWVdOc2h0MVNWU0NnanJkamhEdURwUDh6UmtzTFJFaWErUE1YZlhnRFFPOUNLK1B4cEJOZE5aQzR0ZHhpMzYrVElkVjNnQjlIcHU4YmxWTllONjgzdEpuN3c0SXRSSUhzY0NGWnRiTnY4UTdBL0dadEN4UGt3YVFkTkREZSt2RG1ia25yVGtmUEJhYzhzclNhTEJMRGJOcGZmajc4QUx0c0lISStuT1VxRDV1VGI3OTljV2dnNytyMDFw", "expirationDate": "20160217T045542Z", "proxyEndpoint": "https://124816326400.dkr.ecr.us-east-1.amazonaws.com", "proxyEndpointDomain": "124816326400.dkr.ecr.us-east-1.amazonaws.com", "username": "AWS", "password": "CiBwm0YaISJeRtJm5n1G6uqeekXuoXXPe5UFce9Rq8/ATlASBwEBAgB4cJtGGiEiXkbSZuZ9RurqnnpF7qF1z3uVBXHvUavP9eMAAANpMIIDZQYJKoZIhvcNAQcGoIIDVjCCA1ICAQAwggNLBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDK8n7NCmzGtMOhg0DQIBEICCAxxC++k72avRVvpfUpiwmNoHF1YvNDwjfvhRG9+UO/wv73BQIUUWnE/unlGDKktIs5qnGaJ5Aeu2DOwkIZ8oMiohck8ksbCFA+iXY2I1rcch7fWXDmSgbmyfZ2cMtRl+9GCZMymXIzZEwpa9r9ACu5UsMXXpxJLQUXFNUX+ub0I8E21C7PpEdVBIvnQTUQ5dkmjQjU9DDE31+KOl5x/4cjLyfhmMto0RsQl8ePM9TbEIpVJOcHzY8+NkjJpfDTcvkQBXd4BZQL2kYS8BP/Uy1tl+6qV70hkJJgm0UBrAZxM3AIsORgD7MByYu3fISziXWQG/k5pmUO5ymYXy2pzrqNxg1sEfNkP7FMVKfINzyZ5EIf7MsrJx9qNSNzZX5+U6cI3NvOjGbHIJ6q3F1ud4hSD5w2ED6l6bUkUKAoGg1Jc1imTRpJMeWZZ3J74eMC/ApdLs76YrSRpLUaup4vIB4dFjmgd5lSLKjt4AyF7tKfX8o6jrRKgrFG9tA1eyzumCuz40vSBDKAmV59p+gsbhuhUsqiDMgZPwA6+4XsInz5XOq3MPhR8rw1rHOblaiKIlmxFvEI46GmwM1hIbgstj5q7qn/qJO94+kSYcLh0UMegHfe1wgov8sh4AkECTm2vAZ3glBkhStCa9TLlIdbY4yyEPdhclKx8H5t0gO1vQ7wV67kdnxSrR3ZBL7m/uO6gOKNssJx69r7Q4gi6r8LSDGMQ/zExld3pBqr3hWQwEgDyPArX7bNpnQKBUEWkgympqJNZJOEHPGB9Fmhl3yeV0KFVNUAw2VLOyzBkSRLTWw9izVQuyYiHO3pqr2Tcs7AURHoaopPpXde92CxPyfYkjpDk1e24UUlnQnmcX4pg2QhuTrhYWNsht1SVSCgjrdjhDuDpP8zRksLREia+PMXfXgDQO9CK+PxpBNdNZC4tdxi36+TIdV3gB9Hpu8blVNYN683tJn7w4ItRIHscCFZtbNv8Q7A/GZtCxPkwaQdNDDe+vDmbknrTkfPBac8srSaLBLDbNpffj78ALtsIHI+nOUqD5uTb799cWgg7+r01p" } ], "size": 1 }



/rest/identity-federation-for-aws/2.1/connectors/{id}/codeartifact/credentials?region={region}&domain={domain}

Methods

GET
Request
GET http://host:port/context/rest/identity-federation-for-aws/2.1/connectors/1521fbf0-fa97-4c4a-9877-9f0c5e9982d3/codeartifact/credentials?region=us-east-1&domain=utoolity (200)

 

Response Headers
HTTP/1.1 200 Content-Type: application/json Transfer-Encoding: chunked Date: Thu, 24 Oct 2024 12:57:46 GMT

 

Response Body
{ "authorizationToken": "eyJ2ZXIiOjEsImlzdSI6MTcyOTc3NDU0NywiZW5jIjoiQTEyOEdDTSIsInRhZyI6Im5ocktUNEVsbHVNZjlwaDdxU3hrZkEiLCJleHAiOjE3Mjk4MTc3NDcsImFsZyI6IkExMjhHQ01LVyIsIml2IjoiUjE2VjlscGIydUN4X1FKeCJ9.XWomTIulrEVFPaTxMKQc_Q.XDxGG9z1QOcLlcnQ.akyXvcgXzg2_zXcl-zhQ4qspOPh7dZ2MwYBBJCeGeSLYCnZQP4B7SYOlN0SIIBvIolvNQA8Z8dQ19JwbXa52BfXz5GMNxBU5svhRLmbKHn-8Q-Z__ZsI3nL-u2FPkKnF0mpKQPjF_LQESHFnKPngxj7h48VN0i-GljUN-LS6DwnE8WgmuyQoqXVaYIpD25JnLvx_tLKoDr9wthzEhTN95CtGl4rTRf5U7rIzfrtSUcLGPDtwGKsbHTPXeKR8enN6O14w6fIa9eOiB9HjQcK3uwyfIo8k14h8zCcJnfvxjLx9-yIWyaUq26r7JinCLQNNBsxbsEDz5FuUDGa8tkIETpZdvYgvTkphX573STOi-8PQw8W8oRjFVxUk2_jfva-clnE6gTJSIdWcdKWQS5CI84MEgNw_pF0vBzllq0Ya0_6iIDY8LkkrVEXl17nMdCXY32MWYNXq64lbHt_D_hZ7N7dmlCYuFOCD36_ksxCWmZYdoeg7JbRnRSb1OUnz5ts5j6BYHBDWew6wwlAe6FKUkNXwF21wLNQ8GHwFPwlvxvzkbMzOgNxzFRavuuASAdxGydsWyXH_P3Ci8_tAp_uVy0vqiiHBvh0TgQVmvR49d3kPuQpjrFYwB8OjksEoGw9xuC2QjY78EqMFMGLqZ_8m0LCoYPJr-mOiLmpQ23M1QaCv2LZ03UW-veRceZqn8cN6N4PuO9Wt7lgdiGu4DNR6B7XIEH5YqjU2I4FjPQ5ZVt3C6u0WSQleeXOKqdfrElyH4OSxY3IWtAnfSpNzsYJjX3JjvyYeYETVWmYoqqMBTMFSCZHi4nn8PDOpP2ZqaByyeZJYQjrWM5Xr3aAvuocYwtUFmBOMB53meiaUYfr1MIV3-yLE05_nEzJyRFqkKy1VTOO_JvhNYiUiP6phQomA2Z-TsHH78BLvYIT-_AOUwNW3TwiBTC-LkZ0wanUt81l2BzQbiJXA_cCqpUJj0h4xj1yR__jOpsk4VL4-XL7ebDfcovJFRK4vxlEhLoTIFNWi2lKNLJ4wDFD1oTPDsoKinVn1vQw1ZX_jsA38qu5P-tkle85N2ggTj6z6mTTMRoNr8dVtcBILvF5dhqEKY-1Pczgxi_ODltujHXbIyK6h8siNBGxt4-oeBiquvaAOzquTrPwyieZU0ygQ2SIycxeYXN81MaPVNA.W7ugcFUFb9QVHYijRCW0Dw", "expirationDate": "20241025T005547Z" }

 

REST API v2.1 resources (complete reference)

This is the complete reference of all resources available. You usually won't interact with most of these outside of administrative automation scenarios (e.g. for scripting) - please see the REST API resources (Identity Federation) for this apps actual functionality first.

Resource

URI template

methods

status

description

permissions

comments

Accounts

 You usually only interact with accounts (access keys) for administrative purposes, please see the Connectors resource instead!



/accounts

GET|POST

PUBLIC

Get all accounts (AWS access keys).

Administrator





/accounts/{id}

GET|DELETE|PUT

PUBLIC

Get an account (AWS access keys) identified by its id.

Administrator



Connectors

This is the main resource for retrieving temporary AWS security credentials.



/connectors

GET|POST

PUBLIC

Get all AWS connectors.

Configurable

 GET is the only required method for the token vendor use case, but POST is available for administration purposes.



/connectors/{id}

GET|DELETE|PUT

PUBLIC

Get an AWS connector identified by its id.

Configurable

 GET is the only required method for the token vendor use case, but DELETE|PUT is available for administration purposes.



/connectors/{id}/caller-identity

GET

PUBLIC

Get details about the IAM identity whose credentials are used to call the API.

Configurable





/connectors/{id}/credentials

GET

PUBLIC

Get the temporary AWS security credentials via an AWS connector identified by its id.

Configurable

This is the main resource to use for calling AWS services in turn.



/connectors/{id}/console/url

GET

PUBLIC

Get the URL for SSO with the AWS Management Console via a AWS connector identified by its id.

Configurable

  The returned URL is not the final one, rather the one to present to users so that following it will yield the SSO with AWS in turn (provided the executing user has permission to use the connector).



/connectors/{id}/ecr/credentials

GET

PUBLIC

Get temporary Amazon ECR authentication credentials via a AWS connector identified by its id.

Configurable

Refer to Amazon EC2 Container Registry (Amazon ECR) authentication credentials for details.

  • In addition to the native AWS API response data, the response also provides the properties proxyEndpointDomain, username and password for convenient usage with the Bamboo Docker task.

 

/connectors/{id}/codeartifact/credentials

GET

PUBLIC

Get temporary AWS CodeArtifact credentials (authentication token) via a AWS connector identified by its id.

Configurable

Refer to AWS CodeArtifact authentication and tokens for details.





Frequently Asked Questions (FAQ)

Atlassian®, Atlassian Bamboo®, Bitbucket®, Atlassian Crowd®, Confluence®, Jira®, Jira Service Management™, Opsgenie®, and Statuspage™ are registered trademarks of Atlassian.
Amazon Web Services™, AWS™ and the “Powered by Amazon Web Services” logo are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.

Utoolity® is a registered trademark of Utoolity GmbH.
© 2024 Utoolity GmbH. All rights reserved.