Login

cURL

curl --request POST \
  --url https://us.infisical.com/api/v1/auth/aws-auth/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "identityId": "<string>",
  "iamRequestBody": "<string>",
  "iamRequestHeaders": "<string>",
  "iamHttpRequestMethod": "POST",
  "organizationSlug": "<string>"
}
'

{
  "accessToken": "<string>",
  "expiresIn": 123,
  "accessTokenMaxTTL": 123,
  "tokenType": "Bearer"
}

POST

api

auth

aws-auth

cURL

curl --request POST \
  --url https://us.infisical.com/api/v1/auth/aws-auth/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "identityId": "<string>",
  "iamRequestBody": "<string>",
  "iamRequestHeaders": "<string>",
  "iamHttpRequestMethod": "POST",
  "organizationSlug": "<string>"
}
'

{
  "accessToken": "<string>",
  "expiresIn": 123,
  "accessTokenMaxTTL": 123,
  "tokenType": "Bearer"
}

Body

application/json

identityId

string

required

The ID of the machine identity to login.

iamRequestBody

string

required

The base64-encoded body of the signed request. Most likely, the base64-encoding of Action=GetCallerIdentity&Version=2011-06-15.

iamRequestHeaders

string

required

The base64-encoded headers of the sts:GetCallerIdentity signed request.

iamHttpRequestMethod

string

default:POST

The HTTP request method used in the signed request.

organizationSlug

string

When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in.

Required string length: 1 - 64

Response

Default Response

accessToken

string

required

expiresIn

number

required

accessTokenMaxTTL

number

required

tokenType

enum<string>

required

Available options:

Bearer

Revoke Attach

⌘I

Overview

Organization

Project

Shared

Identity Auth

Secrets Management

Certificate Management

Secret Scanning

Infisical KMS

Other

Body

Response