AWS SSO OIDC
amazonaws · Cloud
AWS IAM Identity Center (successor to AWS Single Sign-On) OpenID Connect (OIDC) is a web service that enables a client (such as AWS CLI or a native application) to register with IAM Identity Center. The service also enables the client to fetch the user’s access token upon successful authentication and authorization with IAM Identity Center. Although AWS Single Sign-On was renamed, the sso and identitystore API namespaces will continue to retain their or
Authentication
Sample Requests
Creates and returns an access token for the authorized client. The access token issued will be used to fetch short-term credentials for the assigned roles in the AWS account.
Hover any highlighted part to learn what it does
curl -X POST "https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/token"
import requests
response = requests.post(
"https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/token",
)
print(response.json())const url = 'https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/token';
const response = await fetch(url, {
method: 'POST',
});
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
)
func main() {
targetURL := "https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/token"
req, _ := http.NewRequest("POST", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/token")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Post.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/token";
$opts = ["http" => [
"method" => "POST",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Initiates device authorization by requesting a pair of verification codes from the authorization service.
Hover any highlighted part to learn what it does
curl -X POST "https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/device_authorization"
import requests
response = requests.post(
"https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/device_authorization",
)
print(response.json())const url = 'https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/device_authorization';
const response = await fetch(url, {
method: 'POST',
});
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
)
func main() {
targetURL := "https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/device_authorization"
req, _ := http.NewRequest("POST", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/device_authorization")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Post.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/device_authorization";
$opts = ["http" => [
"method" => "POST",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Registers a client with IAM Identity Center. This allows clients to initiate device authorization. The output should be persisted for reuse through many authentication requests.
Hover any highlighted part to learn what it does
curl -X POST "https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/client/register"
import requests
response = requests.post(
"https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/client/register",
)
print(response.json())const url = 'https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/client/register';
const response = await fetch(url, {
method: 'POST',
});
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
)
func main() {
targetURL := "https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/client/register"
req, _ := http.NewRequest("POST", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/client/register")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Post.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/amazonaws.com/sso-oidc/2019-06-10/client/register";
$opts = ["http" => [
"method" => "POST",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Postman Setup Guide
- See official documentation for authentication and setup.
What can you build with AWS SSO OIDC?
AWS SSO OIDC is a Cloud API. Developers commonly use cloud APIs for:
- provisioning and managing cloud infrastructure
- automating deployments and container orchestration
- monitoring uptime and performance metrics
- managing storage buckets and databases
- setting up auto-scaling and load balancing
No authentication required. This API is open — no signup or key needed. Ideal for quick prototypes and public-facing features. AWS SSO OIDC is free to use, making it a low-risk choice to experiment with.
New to APIs? Read our beginner's guide · Learn about API keys · What is REST?