IAM Identity Center uses the sso and identitystore API namespaces. IAM Identity Center
- * OpenID Connect uses the sso-oidc namespace.
sso-oauth namespace.
* * Considerations for using this guide *
diff --git a/packages/nested-clients/src/submodules/sso-oidc/SSOOIDCClient.ts b/packages/nested-clients/src/submodules/sso-oidc/SSOOIDCClient.ts index 3a2873ce7e00..cd8dd6cea692 100644 --- a/packages/nested-clients/src/submodules/sso-oidc/SSOOIDCClient.ts +++ b/packages/nested-clients/src/submodules/sso-oidc/SSOOIDCClient.ts @@ -265,7 +265,7 @@ export interface SSOOIDCClientResolvedConfig extends SSOOIDCClientResolvedConfig * API namespaces * *IAM Identity Center uses the sso and identitystore API namespaces. IAM Identity Center
- * OpenID Connect uses the sso-oidc namespace.
sso-oauth namespace.
* * Considerations for using this guide *
diff --git a/packages/nested-clients/src/submodules/sso-oidc/index.ts b/packages/nested-clients/src/submodules/sso-oidc/index.ts index 21b46ee14b2a..a0e52b26a356 100644 --- a/packages/nested-clients/src/submodules/sso-oidc/index.ts +++ b/packages/nested-clients/src/submodules/sso-oidc/index.ts @@ -8,7 +8,7 @@ * API namespaces * *IAM Identity Center uses the sso and identitystore API namespaces. IAM Identity Center
- * OpenID Connect uses the sso-oidc namespace.
sso-oauth namespace.
* * Considerations for using this guide *
diff --git a/packages/nested-clients/src/submodules/sso-oidc/models/models_0.ts b/packages/nested-clients/src/submodules/sso-oidc/models/models_0.ts index 903d01296cb5..1c4886b41bc0 100644 --- a/packages/nested-clients/src/submodules/sso-oidc/models/models_0.ts +++ b/packages/nested-clients/src/submodules/sso-oidc/models/models_0.ts @@ -3,6 +3,19 @@ import { ExceptionOptionType as __ExceptionOptionType, SENSITIVE_STRING } from " import { SSOOIDCServiceException as __BaseException } from "./SSOOIDCServiceException"; +/** + * @public + * @enum + */ +export const AccessDeniedExceptionReason = { + KMS_ACCESS_DENIED: "KMS_AccessDeniedException", +} as const; +/** + * @public + */ +export type AccessDeniedExceptionReason = + (typeof AccessDeniedExceptionReason)[keyof typeof AccessDeniedExceptionReason]; + /** *You do not have sufficient access to perform this action.
* @public @@ -16,6 +29,12 @@ export class AccessDeniedException extends __BaseException { */ error?: string | undefined; + /** + *A string that uniquely identifies a reason for the error.
+ * @public + */ + reason?: AccessDeniedExceptionReason | undefined; + /** *Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
@@ -33,6 +52,7 @@ export class AccessDeniedException extends __BaseException { }); Object.setPrototypeOf(this, AccessDeniedException.prototype); this.error = opts.error; + this.reason = opts.reason; this.error_description = opts.error_description; } } @@ -129,9 +149,7 @@ export interface CreateTokenRequest { refreshToken?: string | undefined; /** - *The list of scopes for which authorization is requested. The access token that is issued - * is limited to the scopes that are granted. If this value is not specified, IAM Identity Center authorizes - * all scopes that are configured for the client during the call to RegisterClient.
+ *The list of scopes for which authorization is requested. This parameter has no effect; the access token will always include all scopes configured during client registration.
* @public */ scope?: string[] | undefined; @@ -359,6 +377,22 @@ export class InvalidGrantException extends __BaseException { } } +/** + * @public + * @enum + */ +export const InvalidRequestExceptionReason = { + KMS_DISABLED_KEY: "KMS_DisabledException", + KMS_INVALID_KEY_USAGE: "KMS_InvalidKeyUsageException", + KMS_INVALID_STATE: "KMS_InvalidStateException", + KMS_KEY_NOT_FOUND: "KMS_NotFoundException", +} as const; +/** + * @public + */ +export type InvalidRequestExceptionReason = + (typeof InvalidRequestExceptionReason)[keyof typeof InvalidRequestExceptionReason]; + /** *Indicates that something is wrong with the input to the request. For example, a required * parameter might be missing or out of range.
@@ -374,6 +408,12 @@ export class InvalidRequestException extends __BaseException { */ error?: string | undefined; + /** + *A string that uniquely identifies a reason for the error.
+ * @public + */ + reason?: InvalidRequestExceptionReason | undefined; + /** *Human-readable text providing additional information, used to assist the client developer * in understanding the error that occurred.
@@ -391,6 +431,7 @@ export class InvalidRequestException extends __BaseException { }); Object.setPrototypeOf(this, InvalidRequestException.prototype); this.error = opts.error; + this.reason = opts.reason; this.error_description = opts.error_description; } } diff --git a/packages/nested-clients/src/submodules/sso-oidc/protocols/Aws_restJson1.ts b/packages/nested-clients/src/submodules/sso-oidc/protocols/Aws_restJson1.ts index c39e9ca7d111..b51851edee43 100644 --- a/packages/nested-clients/src/submodules/sso-oidc/protocols/Aws_restJson1.ts +++ b/packages/nested-clients/src/submodules/sso-oidc/protocols/Aws_restJson1.ts @@ -157,6 +157,7 @@ const de_AccessDeniedExceptionRes = async ( const doc = take(data, { error: __expectString, error_description: __expectString, + reason: __expectString, }); Object.assign(contents, doc); const exception = new AccessDeniedException({ @@ -283,6 +284,7 @@ const de_InvalidRequestExceptionRes = async ( const doc = take(data, { error: __expectString, error_description: __expectString, + reason: __expectString, }); Object.assign(contents, doc); const exception = new InvalidRequestException({