SSOAdmin / Client / list_application_grants
list_application_grants¶
- SSOAdmin.Client.list_application_grants(**kwargs)¶
List the grants associated with an application.
See also: AWS API Documentation
Request Syntax
response = client.list_application_grants( ApplicationArn='string', NextToken='string' )
- Parameters:
ApplicationArn (string) –
[REQUIRED]
Specifies the ARN of the application whose grants you want to list.
NextToken (string) – Specifies that you want to receive the next page of results. Valid only if you received a
NextTokenresponse in the previous request. If you did, it indicates that more output is available. Set this parameter to the value provided by the previous call’sNextTokenresponse to request the next page of results.
- Return type:
dict
- Returns:
Response Syntax
{ 'Grants': [ { 'GrantType': 'authorization_code'|'refresh_token'|'urn:ietf:params:oauth:grant-type:jwt-bearer'|'urn:ietf:params:oauth:grant-type:token-exchange', 'Grant': { 'AuthorizationCode': { 'RedirectUris': [ 'string', ] }, 'JwtBearer': { 'AuthorizedTokenIssuers': [ { 'TrustedTokenIssuerArn': 'string', 'AuthorizedAudiences': [ 'string', ] }, ] }, 'RefreshToken': {}, 'TokenExchange': {} } }, ], 'NextToken': 'string' }
Response Structure
(dict) –
Grants (list) –
An array list of structures that describe the requested grants.
(dict) –
A structure that defines a single grant and its configuration.
GrantType (string) –
The type of the selected grant.
Grant (dict) –
The configuration structure for the selected grant.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
AuthorizationCode,JwtBearer,RefreshToken,TokenExchange. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBERas the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBERis as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
AuthorizationCode (dict) –
Configuration options for the
authorization_codegrant type.RedirectUris (list) –
A list of URIs that are valid locations to redirect a user’s browser after the user is authorized.
Note
RedirectUris is required when the grant type is
authorization_code.(string) –
JwtBearer (dict) –
Configuration options for the
urn:ietf:params:oauth:grant-type:jwt-bearergrant type.AuthorizedTokenIssuers (list) –
A list of allowed token issuers trusted by the Identity Center instances for this application.
Note
AuthorizedTokenIssuersis required when the grant type isJwtBearerGrant.(dict) –
A structure that describes a trusted token issuer and associates it with a set of authorized audiences.
TrustedTokenIssuerArn (string) –
The ARN of the trusted token issuer.
AuthorizedAudiences (list) –
An array list of authorized audiences, or applications, that can consume the tokens generated by the associated trusted token issuer.
(string) –
RefreshToken (dict) –
Configuration options for the
refresh_tokengrant type.TokenExchange (dict) –
Configuration options for the
urn:ietf:params:oauth:grant-type:token-exchangegrant type.
NextToken (string) –
If present, this value indicates that more output is available than is included in the current response. Use this value in the
NextTokenrequest parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until theNextTokenresponse element comes back asnull. This indicates that this is the last page of results.
Exceptions