aws sso-oidc create-token
Creates and returns an access token for the authorized client. The access token issued will be used to fetch short-term credentials for the assigned roles in the AWS account
Options
| Name | Description |
|---|---|
--client-id <string> | The unique identifier string for each client. This value should come from the persisted result of the RegisterClient API |
--client-secret <string> | A secret string generated for the client. This value should come from the persisted result of the RegisterClient API |
--grant-type <string> | Supports grant types for authorization code, refresh token, and device code request |
--device-code <string> | Used only when calling this API for the device code grant type. This short-term code is used to identify this authentication attempt. This should come from an in-memory reference to the result of the StartDeviceAuthorization API |
--code <string> | The authorization code received from the authorization service. This parameter is required to perform an authorization grant request to get access to a token |
--refresh-token <string> | The token used to obtain an access token in the event that the access token is invalid or expired. This token is not issued by the service |
--scope <list> | The list of scopes that is defined by the client. Upon authorization, this list is used to restrict permissions when granting an access token |
--redirect-uri <string> | The location of the application that will receive the authorization code. Users authorize the service to send the request to this location |
--cli-input-json <string> | Performs service operation based on the JSON string provided. The JSON string follows the format provided by ``--generate-cli-skeleton``. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally |
--generate-cli-skeleton <string> | Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value ``input``, prints a sample input JSON that can be used as an argument for ``--cli-input-json``. If provided with the value ``output``, it validates the command inputs and returns a sample output JSON for that command |