Reputation: 13
How to invalidate the sso access token after log in (logout from AWS)?
I have a C# .net core application (Target framework - .NET 6.0) written based on the instructions given in the tutorials below , I am using AWS IAM Identity Center (SSO authentication - SSOAWSCredentials) to authenticate to AWS, I could successfully log in but I couldn't find a way to clear/invalidate the token (in another words, logout from AWS) I noticed a session token is stored in the local file system in ({UserProfile}.aws\sso\cache) and if I delete that manually then I need to authenticate again - but is there a way to officially invalidate the token?
Single sign-on (SSO) with the AWS SDK for .NET - https://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/sso.html
Upvotes: 0
Views: 400
Answers (1)
Reputation: 169
Call AmazonSSOClient.LogoutAsync with the token prior to deleting it from the cache.
- .NET SDK docs: https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/SSO/MSSOLogoutAsyncLogoutRequestCancellationToken.html
- Identity Center docs: https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_Logout.html
The SDK does something similar here, though that's in an internal namespace and used by the Invoke-AWSSSOLogout cmdlet in AWS Tools for PowerShell.
Upvotes: 0
Related Questions
- How to connect to RedShift via AWS Identity Center and EntraID as external IdP?
- MongoDB Atlas role mappings not working when using AWS single-sign on as the identity provider
- AWS Identity Center without User Provisioning
- How to get access and refresh token from AWS cognito authorization code
- Invalidate credentials on Logout with IAM secured AWS API Gateway
- How to authenticate using the AWS SDK