CreateOAuth2TokenResponseBody
Output structure for CreateOAuth2Token operation.
Contains flattened token operation outputs for both authorization code and refresh token flows.
The response content depends on the grant_type from the original request.
Contents
- accessToken
The AWS access credentials.
Type: AccessToken object
Required: Yes
- expiresIn
The number of seconds until the access token expires.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 900.
Required: Yes
- refreshToken
Encrypted refresh token with cnf.jkt (SHA-256 thumbprint of presented jwk). Always present in responses (required for both flows).
Type: String
Length Constraints: Minimum length of 1. Maximum length of 2048.
Required: Yes
- tokenType
Indicates that these are AWS SigV4 credentials. Value is
urn:aws:params:oauth:token-type:access_token_sigv4for both flows.Type: String
Pattern:
urn:aws:params:oauth:token-type:access_token_sigv4Required: Yes
- idToken
Contains user identity information. Present only in response when
grant_type=authorization_code. Not included in token refresh responsesType: String
Length Constraints: Minimum length of 1. Maximum length of 4096.
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
