Get Resource Oauth 2 Token

bedrockagentcore_get_resource_oauth_2_token

R Documentation

Returns the OAuth 2¶

Description¶

Returns the OAuth 2.0 token of the provided resource.

Usage¶

bedrockagentcore_get_resource_oauth_2_token(workloadIdentityToken,
  resourceCredentialProviderName, scopes, oauth2Flow, sessionUri,
  resourceOauth2ReturnUrl, forceAuthentication, customParameters,
  customState, resources, audiences)

Arguments¶

workloadIdentityToken

[required] The identity token of the workload from which you want to retrieve the OAuth2 token.

resourceCredentialProviderName

[required] The name of the resource's credential provider.

scopes

[required] The OAuth scopes being requested.

oauth2Flow

[required] The type of flow to be performed.

sessionUri

Unique identifier for the user's authentication session for retrieving OAuth2 tokens. This ID tracks the authorization flow state across multiple requests and responses during the OAuth2 authentication process.

resourceOauth2ReturnUrl

The callback URL to redirect to after the OAuth 2.0 token retrieval is complete. This URL must be one of the provided URLs configured for the workload identity.

forceAuthentication

Indicates whether to always initiate a new three-legged OAuth (3LO) flow, regardless of any existing session.

customParameters

A map of custom parameters to include in the authorization request to the resource credential provider. These parameters are in addition to the standard OAuth 2.0 flow parameters, and will not override them.

customState

An opaque string that will be sent back to the callback URL provided in resourceOauth2ReturnUrl. This state should be used to protect the callback URL of your application against CSRF attacks by ensuring the response corresponds to the original request.

resources

The resources to include in the token request. These are used to specify the target resources for which the OAuth2 token is being requested.

audiences

The audiences to include in the token request. These are used to specify the intended recipients of the OAuth2 token.

Value¶

A list with the following syntax:

list(
  authorizationUrl = "string",
  accessToken = "string",
  sessionUri = "string",
  sessionStatus = "IN_PROGRESS"|"FAILED"
)

Request syntax¶

svc$get_resource_oauth_2_token(
  workloadIdentityToken = "string",
  resourceCredentialProviderName = "string",
  scopes = list(
    "string"
  ),
  oauth2Flow = "USER_FEDERATION"|"M2M"|"ON_BEHALF_OF_TOKEN_EXCHANGE",
  sessionUri = "string",
  resourceOauth2ReturnUrl = "string",
  forceAuthentication = TRUE|FALSE,
  customParameters = list(
    "string"
  ),
  customState = "string",
  resources = list(
    "string"
  ),
  audiences = list(
    "string"
  )
)