{ "version":"2.0", "metadata":{ "apiVersion":"2020-06-15", "endpointPrefix":"identitystore", "jsonVersion":"1.1", "protocol":"json", "serviceAbbreviation":"IdentityStore", "serviceFullName":"AWS SSO Identity Store", "serviceId":"identitystore", "signatureVersion":"v4", "signingName":"identitystore", "targetPrefix":"AWSIdentityStore", "uid":"identitystore-2020-06-15" }, "operations":{ "DescribeGroup":{ "name":"DescribeGroup", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"DescribeGroupRequest"}, "output":{"shape":"DescribeGroupResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"ValidationException"}, {"shape":"AccessDeniedException"}, {"shape":"ThrottlingException"}, {"shape":"InternalServerException"} ], "documentation":"
Retrieves the group metadata and attributes from GroupId
in an identity store.
Retrieves the user metadata and attributes from UserId
in an identity store.
Lists the attribute name and value of the group that you specified in the search. We only support DisplayName
as a valid filter attribute path currently, and filter is required. This API returns minimum attributes, including GroupId
and group DisplayName
in the response.
Lists the attribute name and value of the user that you specified in the search. We only support UserName
as a valid filter attribute path currently, and filter is required. This API returns minimum attributes, including UserId
and UserName
in the response.
The identifier for each request. This value is a globally unique ID that is generated by the Identity Store service for each sent request, and is then returned inside the exception if the request fails.
" } }, "documentation":"You do not have sufficient access to perform this action.
", "exception":true }, "AttributePath":{ "type":"string", "max":255, "min":1, "pattern":"[\\p{L}\\p{M}\\p{S}\\p{N}\\p{P} ]+" }, "DescribeGroupRequest":{ "type":"structure", "required":[ "IdentityStoreId", "GroupId" ], "members":{ "IdentityStoreId":{ "shape":"IdentityStoreId", "documentation":"The globally unique identifier for the identity store, such as d-1234567890
. In this example, d-
is a fixed prefix, and 1234567890
is a randomly generated string that contains number and lower case letters. This value is generated at the time that a new identity store is created.
The identifier for a group in the identity store.
" } } }, "DescribeGroupResponse":{ "type":"structure", "required":[ "GroupId", "DisplayName" ], "members":{ "GroupId":{ "shape":"ResourceId", "documentation":"The identifier for a group in the identity store.
" }, "DisplayName":{ "shape":"GroupDisplayName", "documentation":"Contains the group’s display name value. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. The characters <>;:%
are excluded. This value is specified at the time that the group is created and stored as an attribute of the group object in the identity store.
The globally unique identifier for the identity store, such as d-1234567890
. In this example, d-
is a fixed prefix, and 1234567890
is a randomly generated string that contains number and lower case letters. This value is generated at the time that a new identity store is created.
The identifier for a user in the identity store.
" } } }, "DescribeUserResponse":{ "type":"structure", "required":[ "UserName", "UserId" ], "members":{ "UserName":{ "shape":"UserName", "documentation":"Contains the user’s user name value. The length limit is 128 characters. This value can consist of letters, accented characters, symbols, numbers, and punctuation. The characters <>;:%
are excluded. This value is specified at the time the user is created and stored as an attribute of the user object in the identity store.
The identifier for a user in the identity store.
" } } }, "Filter":{ "type":"structure", "required":[ "AttributePath", "AttributeValue" ], "members":{ "AttributePath":{ "shape":"AttributePath", "documentation":"The attribute path that is used to specify which attribute name to search. Length limit is 255 characters. For example, UserName
is a valid attribute path for the ListUsers
API, and DisplayName
is a valid attribute path for the ListGroups
API.
Represents the data for an attribute. Each attribute value is described as a name-value pair.
" } }, "documentation":"A query filter used by ListUsers
and ListGroup
. This filter object provides the attribute name and attribute value to search users or groups.
The identifier for a group in the identity store.
" }, "DisplayName":{ "shape":"GroupDisplayName", "documentation":"Contains the group’s display name value. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. The characters <>;:%
are excluded. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.
A group object, which contains a specified group’s metadata and attributes.
" }, "GroupDisplayName":{ "type":"string", "max":1024, "min":1, "pattern":"[\\p{L}\\p{M}\\p{S}\\p{N}\\p{P}\\t\\n\\r ]+" }, "Groups":{ "type":"list", "member":{"shape":"Group"} }, "IdentityStoreId":{ "type":"string", "max":12, "min":1, "pattern":"^d-[0-9a-f]{10}$" }, "InternalServerException":{ "type":"structure", "members":{ "Message":{"shape":"Message"}, "RequestId":{ "shape":"RequestId", "documentation":"The identifier for each request. This value is a globally unique ID that is generated by the Identity Store service for each sent request, and is then returned inside the exception if the request fails.
" } }, "documentation":"The request processing has failed because of an unknown error, exception or failure with an internal server.
", "exception":true, "fault":true }, "ListGroupsRequest":{ "type":"structure", "required":["IdentityStoreId"], "members":{ "IdentityStoreId":{ "shape":"IdentityStoreId", "documentation":"The globally unique identifier for the identity store, such as d-1234567890
. In this example, d-
is a fixed prefix, and 1234567890
is a randomly generated string that contains number and lower case letters. This value is generated at the time that a new identity store is created.
The maximum number of results to be returned per request. This parameter is used in the ListUsers
and ListGroups
request to specify how many results to return in one page. The length limit is 50 characters.
The pagination token used for the ListUsers
and ListGroups
API operations. This value is generated by the identity store service. It is returned in the API response if the total results are more than the size of one page. This token is also returned when it is used in the API request to search for the next page.
A list of Filter
objects, which is used in the ListUsers
and ListGroups
request.
A list of Group
objects in the identity store.
The pagination token used for the ListUsers
and ListGroups
API operations. This value is generated by the identity store service. It is returned in the API response if the total results are more than the size of one page. This token is also returned when it1 is used in the API request to search for the next page.
The globally unique identifier for the identity store, such as d-1234567890
. In this example, d-
is a fixed prefix, and 1234567890
is a randomly generated string that contains number and lower case letters. This value is generated at the time that a new identity store is created.
The maximum number of results to be returned per request. This parameter is used in the ListUsers
and ListGroups
request to specify how many results to return in one page. The length limit is 50 characters.
The pagination token used for the ListUsers
and ListGroups
API operations. This value is generated by the identity store service. It is returned in the API response if the total results are more than the size of one page. This token is also returned when it is used in the API request to search for the next page.
A list of Filter
objects, which is used in the ListUsers
and ListGroups
request.
A list of User
objects in the identity store.
The pagination token used for the ListUsers
and ListGroups
API operations. This value is generated by the identity store service. It is returned in the API response if the total results are more than the size of one page. This token is also returned when it is used in the API request to search for the next page.
The type of resource in the Identity Store service, which is an enum object. Valid values include USER, GROUP, and IDENTITY_STORE.
" }, "ResourceId":{ "shape":"ResourceId", "documentation":"The identifier for a resource in the identity store, which can be used as UserId
or GroupId
. The format for ResourceId
is either UUID
or 1234567890-UUID
, where UUID
is a randomly generated value for each resource when it is created and 1234567890
represents the IdentityStoreId
string value. In the case that the identity store is migrated from a legacy SSO identity store, the ResourceId
for that identity store will be in the format of UUID
. Otherwise, it will be in the 1234567890-UUID
format.
The identifier for each request. This value is a globally unique ID that is generated by the Identity Store service for each sent request, and is then returned inside the exception if the request fails.
" } }, "documentation":"Indicates that a requested resource is not found.
", "exception":true }, "ResourceType":{ "type":"string", "enum":[ "GROUP", "USER", "IDENTITY_STORE" ] }, "SensitiveStringType":{ "type":"string", "max":1024, "min":1, "pattern":"[\\p{L}\\p{M}\\p{S}\\p{N}\\p{P}\\t\\n\\r ]+", "sensitive":true }, "ThrottlingException":{ "type":"structure", "members":{ "Message":{"shape":"Message"}, "RequestId":{ "shape":"RequestId", "documentation":"The identifier for each request. This value is a globally unique ID that is generated by the Identity Store service for each sent request, and is then returned inside the exception if the request fails.
" } }, "documentation":"Indicates that the principal has crossed the throttling limits of the API operations.
", "exception":true }, "User":{ "type":"structure", "required":[ "UserName", "UserId" ], "members":{ "UserName":{ "shape":"UserName", "documentation":"Contains the user’s user name value. The length limit is 128 characters. This value can consist of letters, accented characters, symbols, numbers, and punctuation. The characters <>;:%
are excluded. This value is specified at the time the user is created and stored as an attribute of the user object in the identity store.
The identifier for a user in the identity store.
" } }, "documentation":"A user object, which contains a specified user’s metadata and attributes.
" }, "UserName":{ "type":"string", "max":128, "min":1, "pattern":"[\\p{L}\\p{M}\\p{S}\\p{N}\\p{P}]+", "sensitive":true }, "Users":{ "type":"list", "member":{"shape":"User"} }, "ValidationException":{ "type":"structure", "members":{ "Message":{"shape":"Message"}, "RequestId":{ "shape":"RequestId", "documentation":"The identifier for each request. This value is a globally unique ID that is generated by the Identity Store service for each sent request, and is then returned inside the exception if the request fails.
" } }, "documentation":"The request failed because it contains a syntax error.
", "exception":true } }, "documentation":"The AWS Single Sign-On (SSO) Identity Store service provides a single place to retrieve all of your identities (users and groups). For more information about AWS, see the AWS Single Sign-On User Guide.
" }