Package software.amazon.awssdk.identity.spi

Interface IdentityProvider<IdentityT extends Identity>

@SdkPublicApi
@ThreadSafe
public interface IdentityProvider<IdentityT extends Identity>

Interface for loading Identity that is used for authentication.

Identity providers are responsible for resolving credentials, tokens, or other authentication identities that are used by signers to authenticate requests. The SDK provides built-in identity providers for common identity types like AwsCredentialsIdentity and TokenIdentity.

Common Built-in Identity Providers

• DefaultCredentialsProvider - Resolves AWS credentials from the default credential chain
• StaticCredentialsProvider - Provides static AWS credentials
• ProfileCredentialsProvider - Resolves credentials from AWS profiles
• StsAssumeRoleCredentialsProvider - Assumes an IAM role using STS

How Identity Providers Work

Identity providers are selected by software.amazon.awssdk.http.auth.spi.scheme.AuthSchemes based on the identity type they produce. The SDK matches the identity type required by the auth scheme with the appropriate provider from IdentityProviders.

Implementing a Custom Identity Provider

You can implement custom identity providers for specialized authentication scenarios, such as retrieving credentials from a custom credential store or implementing a custom token provider.

Example - Custom credentials provider: {@snippet : public class CustomCredentialsProvider implements IdentityProvider {

See Also:

Identity, IdentityProviders, IdentityProperty, software.amazon.awssdk.http.auth.spi.scheme.AuthScheme

Method Summary

Modifier and Type	Method	Description
Class<IdentityT>	identityType()	Retrieve the class of identity this identity provider produces.
default CompletableFuture<? extends IdentityT>	resolveIdentity()	Resolve the identity from this identity provider.
default CompletableFuture<? extends IdentityT>	resolveIdentity(Consumer<ResolveIdentityRequest.Builder> consumer)	Resolve the identity from this identity provider.
CompletableFuture<? extends IdentityT>	resolveIdentity(ResolveIdentityRequest request)	Resolve the identity from this identity provider.

Method Detail

identityType

Class<IdentityT> identityType()

Retrieve the class of identity this identity provider produces. This is necessary for the SDK core to determine which identity provider should be used to resolve a specific type of identity.

resolveIdentity

CompletableFuture<? extends IdentityT> resolveIdentity(ResolveIdentityRequest request)

Resolve the identity from this identity provider.

Parameters:

request - The request to resolve an Identity

resolveIdentity

default CompletableFuture<? extends IdentityT> resolveIdentity(Consumer<ResolveIdentityRequest.Builder> consumer)

Resolve the identity from this identity provider. Similar to resolveIdentity(ResolveIdentityRequest), but takes a lambda to configure a new ResolveIdentityRequest.Builder. This removes the need to call ResolveIdentityRequest.builder() and SdkBuilder.build().

Parameters:

consumer - A Consumer to which an empty ResolveIdentityRequest.Builder will be given.

resolveIdentity

default CompletableFuture<? extends IdentityT> resolveIdentity()

Resolve the identity from this identity provider.