GetGroupId - Identity Store
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsExamplesSee Also

GetGroupId

Retrieves GroupId in an identity store.

Note

If you have access to a member account, you can use this API operation from the member account. For more information, see Limiting access to the identity store from member accounts in the AWS IAM Identity Center User Guide.

Request Syntax

{
   "AlternateIdentifier": { ... },
   "IdentityStoreId": "string"
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

AlternateIdentifier

A unique identifier for a user or group that is not the primary identifier. This value can be an identifier from an external identity provider (IdP) that is associated with the user, the group, or a unique attribute. For the unique attribute, the only valid path is displayName.

Type: AlternateIdentifier object

Note: This object is a Union. Only one member of this object can be specified or returned.

Required: Yes

IdentityStoreId

The globally unique identifier for the identity store.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 36.

Pattern: d-[0-9a-f]{10}$|^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}

Required: Yes

Response Syntax

{
   "GroupId": "string",
   "IdentityStoreId": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

GroupId

The identifier for a group in the identity store.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 47.

Pattern: ([0-9a-f]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}

IdentityStoreId

The globally unique identifier for the identity store.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 36.

Pattern: d-[0-9a-f]{10}$|^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

Reason

Indicates the reason for an access denial when returned by KMS while accessing a Customer Managed KMS key. For non-KMS access-denied errors, this field is not included.

RequestId

The identifier for each request. This value is a globally unique ID that is generated by the identity store service for each sent request, and is then returned inside the exception if the request fails.

HTTP Status Code: 400

InternalServerException

The request processing has failed because of an unknown error, exception or failure with an internal server.

RequestId

The identifier for each request. This value is a globally unique ID that is generated by the identity store service for each sent request, and is then returned inside the exception if the request fails.

RetryAfterSeconds

The number of seconds to wait before retrying the next request.

HTTP Status Code: 500

ResourceNotFoundException

Indicates that a requested resource is not found.

Reason

Indicates the reason for a resource not found error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included.

RequestId

The identifier for each request. This value is a globally unique ID that is generated by the identity store service for each sent request, and is then returned inside the exception if the request fails.

ResourceId

The identifier for a resource in the identity store that can be used as UserId or GroupId. The format for ResourceId is either UUID or 1234567890-UUID, where UUID is a randomly generated value for each resource when it is created and 1234567890 represents the IdentityStoreId string value. In the case that the identity store is migrated from a legacy SSO identity store, the ResourceId for that identity store will be in the format of UUID. Otherwise, it will be in the 1234567890-UUID format.

ResourceType

An enum object indicating the type of resource in the identity store service. Valid values include USER, GROUP, and IDENTITY_STORE.

HTTP Status Code: 400

ThrottlingException

Indicates that the principal has crossed the throttling limits of the API operations.

Reason

Indicates the reason for the throttling error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included.

RequestId

The identifier for each request. This value is a globally unique ID that is generated by the identity store service for each sent request, and is then returned inside the exception if the request fails.

RetryAfterSeconds

The number of seconds to wait before retrying the next request.

HTTP Status Code: 400

ValidationException

The request failed because it contains a syntax error.

Reason

Indicates the reason for the validation error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included.

RequestId

The identifier for each request. This value is a globally unique ID that is generated by the identity store service for each sent request, and is then returned inside the exception if the request fails.

HTTP Status Code: 400

Examples

Example

This example retrieves the group ID for the Developers group using the display name.

Sample Request

{
    "IdentityStoreId": "d-1234567890",
    "AlternateIdentifier": {
        "UniqueAttribute": {
            "AttributePath": "displayName",
            "AttributeValue": "Developers"
        }
    }
}

Sample Response

{
    "GroupId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE22222",
    "IdentityStoreId": "d-1234567890"
}

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: