Login

cURL

curl --request POST \
  --url https://us.infisical.com/api/v1/auth/aws-auth/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "identityId": "<string>",
  "iamRequestBody": "<string>",
  "iamRequestHeaders": "<string>",
  "iamHttpRequestMethod": "POST",
  "subOrganizationName": "<string>"
}
'

{
  "accessToken": "<string>",
  "expiresIn": 123,
  "accessTokenMaxTTL": 123,
  "tokenType": "Bearer"
}

POST

api

auth

aws-auth

cURL

curl --request POST \
  --url https://us.infisical.com/api/v1/auth/aws-auth/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "identityId": "<string>",
  "iamRequestBody": "<string>",
  "iamRequestHeaders": "<string>",
  "iamHttpRequestMethod": "POST",
  "subOrganizationName": "<string>"
}
'

{
  "accessToken": "<string>",
  "expiresIn": 123,
  "accessTokenMaxTTL": 123,
  "tokenType": "Bearer"
}

Body

application/json

identityId

string

required

The ID of the machine identity to login.

iamRequestBody

string

required

The base64-encoded body of the signed request. Most likely, the base64-encoding of Action=GetCallerIdentity&Version=2011-06-15.

iamRequestHeaders

string

required

The base64-encoded headers of the sts:GetCallerIdentity signed request.

iamHttpRequestMethod

string

default:POST

The HTTP request method used in the signed request.

subOrganizationName

string

sub-organization name to scope the token to

Required string length: 1 - 64

Response

Default Response

accessToken

string

required

expiresIn

number

required

accessTokenMaxTTL

number

required

tokenType

enum<string>

required

Available options:

Bearer

Revoke Attach

Overview

Organization

Project

Shared

Identity Auth

Secrets Management

Infisical PKI

Secret Scanning

Infisical SSH

Infisical KMS

Other

Body

Response