class Aws::CognitoIdentity::Types::GetCredentialsForIdentityInput

Input to the `GetCredentialsForIdentity` action.

@note When making an API call, you may pass GetCredentialsForIdentityInput

data as a hash:

    {
      identity_id: "IdentityId", # required
      logins: {
        "IdentityProviderName" => "IdentityProviderToken",
      },
      custom_role_arn: "ARNString",
    }

@!attribute [rw] identity_id

A unique identifier in the format REGION:GUID.
@return [String]

@!attribute [rw] logins

A set of optional name-value pairs that map provider names to
provider tokens. The name-value pair will follow the syntax
"provider\_name": "provider\_user\_identifier".

Logins should not be specified when trying to get credentials for an
unauthenticated identity.

The Logins parameter is required when using identities associated
with external identity providers such as Facebook. For examples of
`Logins` maps, see the code examples in the [External Identity
Providers][1] section of the Amazon Cognito Developer Guide.

[1]: https://docs.aws.amazon.com/cognito/latest/developerguide/external-identity-providers.html
@return [Hash<String,String>]

@!attribute [rw] custom_role_arn

The Amazon Resource Name (ARN) of the role to be assumed when
multiple roles were received in the token from the identity
provider. For example, a SAML-based identity provider. This
parameter is optional for identity providers that do not support
role customization.
@return [String]

@see docs.aws.amazon.com/goto/WebAPI/cognito-identity-2014-06-30/GetCredentialsForIdentityInput AWS API Documentation

Constants

SENSITIVE