UNPKG

@aashari/mcp-server-aws-sso

Version:

Node.js/TypeScript MCP server for AWS Single Sign-On (SSO). Enables AI systems (LLMs) with tools to initiate SSO login (device auth flow), list accounts/roles, and securely execute AWS CLI commands using temporary credentials. Streamlines AI interaction w

github.com/aashari/mcp-server-aws-sso

aashari/mcp-server-aws-sso

51 lines (50 loc) 1.94 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
import { AwsSsoAuthResult, DeviceAuthorizationInfo } from './vendor.aws.sso.types.js'; import { z } from 'zod'; import { DeviceAuthorizationResponseSchema } from './vendor.aws.sso.auth.http.js'; /** * Auth check result */ export interface AuthCheckResult { /** * Whether the user is authenticated */ isAuthenticated: boolean; /** * Error message if authentication failed */ errorMessage?: string; } /** * Start the AWS SSO login process * * Initiates the SSO login flow by registering a client and starting device authorization. * Returns a verification URI and user code that the user must visit to complete authentication. * * @returns {Promise<DeviceAuthorizationResponseSchema['_output']>} Login information including verification URI and user code * @throws {Error} If login initialization fails */ export declare function startSsoLogin(): Promise<z.infer<typeof DeviceAuthorizationResponseSchema>>; /** * Poll for SSO token completion * * Continuously polls the SSO token endpoint until authentication is complete or times out. * Automatically applies appropriate backoff between retries based on the device authorization interval. * * @returns {Promise<AwsSsoAuthResult>} AWS SSO auth result with access token * @throws {Error} If polling times out or auth is denied */ export declare function pollForSsoToken(): Promise<AwsSsoAuthResult>; /** * Check SSO authentication status * * Verifies if there is a valid cached token. * * @returns {Promise<AuthCheckResult>} Authentication status including isAuthenticated flag */ export declare function checkSsoAuthStatus(): Promise<AuthCheckResult>; /** * Get cached device authorization information * * @returns {Promise<DeviceAuthorizationInfo | undefined>} The cached device auth info or undefined if not found */ export declare function getCachedDeviceAuthorizationInfo(): Promise<DeviceAuthorizationInfo | undefined>;