Exception
Table of Contents
Classes
- ExpiredTokenException
- The web identity token that was passed is expired or is not valid. Get a new identity token from the identity
provider and then retry the request.
- IDPCommunicationErrorException
- The request could not be fulfilled because the identity provider (IDP) that was asked to verify the incoming identity
token could not be reached. This is often a transient error caused by network conditions. Retry the request a limited
number of times so that you don't exceed the request rate. If the error persists, the identity provider might be down
or not responding.
- IDPRejectedClaimException
- The identity provider (IdP) reported that authentication failed. This might be because the claim is invalid.
- InvalidIdentityTokenException
- The web identity token that was passed could not be validated by Amazon Web Services. Get a new identity token from
the identity provider and then retry the request.
- MalformedPolicyDocumentException
- The request was rejected because the policy document was malformed. The error message describes the specific error.
- PackedPolicyTooLargeException
- The request was rejected because the total packed size of the session policies and session tags combined was too
large. An Amazon Web Services conversion compresses the session policy document, session policy ARNs, and session
tags into a packed binary format that has a separate limit. The error message indicates by percentage how close the
policies and tags are to the upper size limit. For more information, see Passing Session Tags in STS [^1] in the *IAM
User Guide*.
- RegionDisabledException
- STS is not activated in the requested region for the account that is being asked to generate credentials. The account
administrator must use the IAM console to activate STS in that region. For more information, see Activating and
Deactivating Amazon Web Services STS in an Amazon Web Services Region [^1] in the *IAM User Guide*.