Skip to content

/AWS1/IF_ECR=>GETAUTHORIZATIONTOKEN()

About GetAuthorizationToken

Retrieves an authorization token. An authorization token represents your IAM authentication credentials and can be used to access any Amazon ECR registry that your IAM principal has access to. The authorization token is valid for 12 hours.

The authorizationToken returned is a base64 encoded string that can be decoded and used in a docker login command to authenticate to a registry. The CLI offers an get-login-password command that simplifies the login process. For more information, see Registry authentication in the Amazon Elastic Container Registry User Guide.

Method Signature

METHODS /AWS1/IF_ECR~GETAUTHORIZATIONTOKEN
  IMPORTING
    !IT_REGISTRYIDS TYPE /AWS1/CL_ECRGETAUTHTOKREGIDL00=>TT_GETAUTHTOKENREGISTRYIDLIST OPTIONAL
  RETURNING
    VALUE(OO_OUTPUT) TYPE REF TO /aws1/cl_ecrgetauthtokenrsp
  RAISING
    /AWS1/CX_ECRINVALIDPARAMETEREX
    /AWS1/CX_ECRSERVEREXCEPTION
    /AWS1/CX_ECRCLIENTEXC
    /AWS1/CX_ECRSERVEREXC
    /AWS1/CX_RT_TECHNICAL_GENERIC
    /AWS1/CX_RT_SERVICE_GENERIC.

IMPORTING

Optional arguments:

it_registryids TYPE /AWS1/CL_ECRGETAUTHTOKREGIDL00=>TT_GETAUTHTOKENREGISTRYIDLIST TT_GETAUTHTOKENREGISTRYIDLIST

A list of Amazon Web Services account IDs that are associated with the registries for which to get AuthorizationData objects. If you do not specify a registry, the default registry is assumed.

RETURNING

oo_output TYPE REF TO /aws1/cl_ecrgetauthtokenrsp /AWS1/CL_ECRGETAUTHTOKENRSP

Domain /AWS1/RT_ACCOUNT_ID
Primitive Type NUMC

Examples

Syntax Example

This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.

DATA(lo_result) = lo_client->getauthorizationtoken(
  it_registryids = VALUE /aws1/cl_ecrgetauthtokregidl00=>tt_getauthtokenregistryidlist(
    ( new /aws1/cl_ecrgetauthtokregidl00( |string| ) )
  )
).

This is an example of reading all possible response values

lo_result = lo_result.
IF lo_result IS NOT INITIAL.
  LOOP AT lo_result->get_authorizationdata( ) into lo_row.
    lo_row_1 = lo_row.
    IF lo_row_1 IS NOT INITIAL.
      lv_base64 = lo_row_1->get_authorizationtoken( ).
      lv_expirationtimestamp = lo_row_1->get_expiresat( ).
      lv_proxyendpoint = lo_row_1->get_proxyendpoint( ).
    ENDIF.
  ENDLOOP.
ENDIF.