Sample code for 30+ languages & platforms
Tcl

AWS Security Token Service (STS) GetSessionToken

See more AWS Security Token Service Examples

Returns a set of temporary credentials for an AWS account or IAM user.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set rest [new_CkRest]

# Connect to the Amazon AWS REST server.
# such as https://sts.us-west-2.amazonaws.com/
set bTls 1
set port 443
set bAutoReconnect 1
set success [CkRest_Connect $rest "sts.us-west-2.amazonaws.com" $port $bTls $bAutoReconnect]

# Provide AWS credentials for the REST call.
set authAws [new_CkAuthAws]

CkAuthAws_put_AccessKey $authAws "AWS_ACCESS_KEY"
CkAuthAws_put_SecretKey $authAws "AWS_SECRET_KEY"
# the region should match our URL above..
# See https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html
CkAuthAws_put_Region $authAws "us-west-2"
CkAuthAws_put_ServiceName $authAws "sts"

CkRest_SetAuthAws $rest $authAws

CkRest_AddQueryParam $rest "Version" "2011-06-15"
CkRest_AddQueryParam $rest "Action" "GetSessionToken"
CkRest_AddQueryParam $rest "DurationSeconds" "3600"

set responseXml [CkRest_fullRequestNoBody $rest "GET" "/"]
if {[CkRest_get_LastMethodSuccess $rest] != 1} then {
    puts [CkRest_lastErrorText $rest]
    delete_CkRest $rest
    delete_CkAuthAws $authAws
    exit
}

# A successful response will have a status code equal to 200.
if {[CkRest_get_ResponseStatusCode $rest] != 200} then {
    puts "response status code = [CkRest_get_ResponseStatusCode $rest]"
    puts "response status text = [CkRest_responseStatusText $rest]"
    puts "response header: [CkRest_responseHeader $rest]"
    puts "response body: $responseXml"
    delete_CkRest $rest
    delete_CkAuthAws $authAws
    exit
}

# Examine the successful XML response (shown below)
set xml [new_CkXml]

CkXml_LoadXml $xml $responseXml
puts [CkXml_getXml $xml]

# Sample response:

# <?xml version="1.0" encoding="utf-8"?>
# <GetSessionTokenResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
#     <GetSessionTokenResult>
#         <Credentials>
#             <AccessKeyId>AS........T4N</AccessKeyId>
#             <SecretAccessKey>05W........ARPMr</SecretAccessKey>
#             <SessionToken>IQoJb3J........llpIMI=</SessionToken>
#             <Expiration>2022-09-07T00:22:51Z</Expiration>
#         </Credentials>
#     </GetSessionTokenResult>
#     <ResponseMetadata>
#         <RequestId>8bad22cc-1c55-4265-a010-45d139359404</RequestId>
#     </ResponseMetadata>
# </GetSessionTokenResponse>

# Sample parse code:
set GetSessionTokenResponse_xmlns [CkXml_getAttrValue $xml "xmlns"]
set AccessKeyId [CkXml_getChildContent $xml "GetSessionTokenResult|Credentials|AccessKeyId"]
set SecretAccessKey [CkXml_getChildContent $xml "GetSessionTokenResult|Credentials|SecretAccessKey"]
set SessionToken [CkXml_getChildContent $xml "GetSessionTokenResult|Credentials|SessionToken"]
set Expiration [CkXml_getChildContent $xml "GetSessionTokenResult|Credentials|Expiration"]
set RequestId [CkXml_getChildContent $xml "ResponseMetadata|RequestId"]

# Save the session token XML to a file for use by another Chilkat example..
set success [CkXml_SaveXml $xml "qa_data/tokens/aws_session_token.xml"]

delete_CkRest $rest
delete_CkAuthAws $authAws
delete_CkXml $xml