@aws-sdk/client-bedrock-agentcore 3.908.0 → 3.909.0

package/README.md

@@ -226,6 +226,14 @@ BatchUpdateMemoryRecords
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/bedrock-agentcore/command/BatchUpdateMemoryRecordsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-bedrock-agentcore/Interface/BatchUpdateMemoryRecordsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-bedrock-agentcore/Interface/BatchUpdateMemoryRecordsCommandOutput/)
 
+</details>
+<details>
+<summary>
+CompleteResourceTokenAuth
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/bedrock-agentcore/command/CompleteResourceTokenAuthCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-bedrock-agentcore/Interface/CompleteResourceTokenAuthCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-bedrock-agentcore/Interface/CompleteResourceTokenAuthCommandOutput/)
+
 </details>
 <details>
 <summary>

package/dist-cjs/index.js

@@ -259,10 +259,24 @@ const CodeInterpreterSessionStatus = {
     READY: "READY",
     TERMINATED: "TERMINATED",
 };
+exports.UserIdentifier = void 0;
+(function (UserIdentifier) {
+    UserIdentifier.visit = (value, visitor) => {
+        if (value.userToken !== undefined)
+            return visitor.userToken(value.userToken);
+        if (value.userId !== undefined)
+            return visitor.userId(value.userId);
+        return visitor._(value.$unknown[0], value.$unknown[1]);
+    };
+})(exports.UserIdentifier || (exports.UserIdentifier = {}));
 const Oauth2FlowType = {
     M2M: "M2M",
     USER_FEDERATION: "USER_FEDERATION",
 };
+const SessionStatus = {
+    FAILED: "FAILED",
+    IN_PROGRESS: "IN_PROGRESS",
+};
 const ProgrammingLanguage = {
     JAVASCRIPT: "javascript",
     PYTHON: "python",
@@ -427,6 +441,18 @@ const InvokeAgentRuntimeResponseFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.response && { response: smithyClient.SENSITIVE_STRING }),
 });
+const UserIdentifierFilterSensitiveLog = (obj) => {
+    if (obj.userToken !== undefined)
+        return { userToken: smithyClient.SENSITIVE_STRING };
+    if (obj.userId !== undefined)
+        return { userId: obj.userId };
+    if (obj.$unknown !== undefined)
+        return { [obj.$unknown[0]]: "UNKNOWN" };
+};
+const CompleteResourceTokenAuthRequestFilterSensitiveLog = (obj) => ({
+    ...obj,
+    ...(obj.userIdentifier && { userIdentifier: UserIdentifierFilterSensitiveLog(obj.userIdentifier) }),
+});
 const GetResourceApiKeyRequestFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.workloadIdentityToken && { workloadIdentityToken: smithyClient.SENSITIVE_STRING }),
@@ -439,9 +465,11 @@ const GetResourceOauth2TokenRequestFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.workloadIdentityToken && { workloadIdentityToken: smithyClient.SENSITIVE_STRING }),
     ...(obj.customParameters && { customParameters: smithyClient.SENSITIVE_STRING }),
+    ...(obj.customState && { customState: smithyClient.SENSITIVE_STRING }),
 });
 const GetResourceOauth2TokenResponseFilterSensitiveLog = (obj) => ({
     ...obj,
+    ...(obj.authorizationUrl && { authorizationUrl: smithyClient.SENSITIVE_STRING }),
     ...(obj.accessToken && { accessToken: smithyClient.SENSITIVE_STRING }),
 });
 const GetWorkloadAccessTokenResponseFilterSensitiveLog = (obj) => ({
@@ -638,6 +666,20 @@ const se_BatchUpdateMemoryRecordsCommand = async (input, context) => {
     b.m("POST").h(headers).b(body);
     return b.build();
 };
+const se_CompleteResourceTokenAuthCommand = async (input, context) => {
+    const b = core.requestBuilder(input, context);
+    const headers = {
+        "content-type": "application/json",
+    };
+    b.bp("/identities/CompleteResourceTokenAuth");
+    let body;
+    body = JSON.stringify(smithyClient.take(input, {
+        sessionUri: [],
+        userIdentifier: (_) => smithyClient._json(_),
+    }));
+    b.m("POST").h(headers).b(body);
+    return b.build();
+};
 const se_CreateEventCommand = async (input, context) => {
     const b = core.requestBuilder(input, context);
     const headers = {
@@ -763,11 +805,13 @@ const se_GetResourceOauth2TokenCommand = async (input, context) => {
     let body;
     body = JSON.stringify(smithyClient.take(input, {
         customParameters: (_) => smithyClient._json(_),
+        customState: [],
         forceAuthentication: [],
         oauth2Flow: [],
         resourceCredentialProviderName: [],
         resourceOauth2ReturnUrl: [],
         scopes: (_) => smithyClient._json(_),
+        sessionUri: [],
         workloadIdentityToken: [],
     }));
     b.m("POST").h(headers).b(body);
@@ -832,6 +876,7 @@ const se_InvokeAgentRuntimeCommand = async (input, context) => {
     b.p("agentRuntimeArn", () => input.agentRuntimeArn, "{agentRuntimeArn}", false);
     const query = smithyClient.map({
         [_q]: [, input[_q]],
+        [_aI]: [, input[_aI]],
     });
     let body;
     if (input.payload !== undefined) {
@@ -1130,6 +1175,16 @@ const de_BatchUpdateMemoryRecordsCommand = async (output, context) => {
     Object.assign(contents, doc);
     return contents;
 };
+const de_CompleteResourceTokenAuthCommand = async (output, context) => {
+    if (output.statusCode !== 200 && output.statusCode >= 300) {
+        return de_CommandError(output, context);
+    }
+    const contents = smithyClient.map({
+        $metadata: deserializeMetadata(output),
+    });
+    await smithyClient.collectBody(output.body, context);
+    return contents;
+};
 const de_CreateEventCommand = async (output, context) => {
     if (output.statusCode !== 201 && output.statusCode >= 300) {
         return de_CommandError(output, context);
@@ -1283,6 +1338,8 @@ const de_GetResourceOauth2TokenCommand = async (output, context) => {
     const doc = smithyClient.take(data, {
         accessToken: smithyClient.expectString,
         authorizationUrl: smithyClient.expectString,
+        sessionStatus: smithyClient.expectString,
+        sessionUri: smithyClient.expectString,
     });
     Object.assign(contents, doc);
     return contents;
@@ -1590,21 +1647,21 @@ const de_CommandError = async (output, context) => {
         case "ValidationException":
         case "com.amazonaws.bedrockagentcore#ValidationException":
             throw await de_ValidationExceptionRes(parsedOutput);
-        case "InvalidInputException":
-        case "com.amazonaws.bedrockagentcore#InvalidInputException":
-            throw await de_InvalidInputExceptionRes(parsedOutput);
         case "InternalServerException":
         case "com.amazonaws.bedrockagentcore#InternalServerException":
             throw await de_InternalServerExceptionRes(parsedOutput);
-        case "RuntimeClientError":
-        case "com.amazonaws.bedrockagentcore#RuntimeClientError":
-            throw await de_RuntimeClientErrorRes(parsedOutput);
         case "ThrottlingException":
         case "com.amazonaws.bedrockagentcore#ThrottlingException":
             throw await de_ThrottlingExceptionRes(parsedOutput);
         case "UnauthorizedException":
         case "com.amazonaws.bedrockagentcore#UnauthorizedException":
             throw await de_UnauthorizedExceptionRes(parsedOutput);
+        case "InvalidInputException":
+        case "com.amazonaws.bedrockagentcore#InvalidInputException":
+            throw await de_InvalidInputExceptionRes(parsedOutput);
+        case "RuntimeClientError":
+        case "com.amazonaws.bedrockagentcore#RuntimeClientError":
+            throw await de_RuntimeClientErrorRes(parsedOutput);
         case "ConflictException":
         case "com.amazonaws.bedrockagentcore#ConflictException":
             throw await de_ConflictExceptionRes(parsedOutput);
@@ -2129,6 +2186,7 @@ const deserializeMetadata = (output) => ({
 });
 const collectBodyString = (streamBody, context) => smithyClient.collectBody(streamBody, context).then((body) => context.utf8Encoder(body));
 const _a = "accept";
+const _aI = "accountId";
 const _b = "baggage";
 const _cT = "contentType";
 const _ct = "content-type";
@@ -2201,6 +2259,23 @@ class BatchUpdateMemoryRecordsCommand extends smithyClient.Command
     .build() {
 }
 
+class CompleteResourceTokenAuthCommand extends smithyClient.Command
+    .classBuilder()
+    .ep(commonParams)
+    .m(function (Command, cs, config, o) {
+    return [
+        middlewareSerde.getSerdePlugin(config, this.serialize, this.deserialize),
+        middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
+    ];
+})
+    .s("AmazonBedrockAgentCore", "CompleteResourceTokenAuth", {})
+    .n("BedrockAgentCoreClient", "CompleteResourceTokenAuthCommand")
+    .f(CompleteResourceTokenAuthRequestFilterSensitiveLog, void 0)
+    .ser(se_CompleteResourceTokenAuthCommand)
+    .de(de_CompleteResourceTokenAuthCommand)
+    .build() {
+}
+
 class CreateEventCommand extends smithyClient.Command
     .classBuilder()
     .ep(commonParams)
@@ -2685,6 +2760,7 @@ const commands = {
     BatchCreateMemoryRecordsCommand,
     BatchDeleteMemoryRecordsCommand,
     BatchUpdateMemoryRecordsCommand,
+    CompleteResourceTokenAuthCommand,
     CreateEventCommand,
     DeleteEventCommand,
     DeleteMemoryRecordCommand,
@@ -2749,6 +2825,8 @@ exports.BedrockAgentCoreServiceException = BedrockAgentCoreServiceException;
 exports.BrowserSessionStatus = BrowserSessionStatus;
 exports.CodeInterpreterSessionStatus = CodeInterpreterSessionStatus;
 exports.CodeInterpreterStreamOutputFilterSensitiveLog = CodeInterpreterStreamOutputFilterSensitiveLog;
+exports.CompleteResourceTokenAuthCommand = CompleteResourceTokenAuthCommand;
+exports.CompleteResourceTokenAuthRequestFilterSensitiveLog = CompleteResourceTokenAuthRequestFilterSensitiveLog;
 exports.ConflictException = ConflictException;
 exports.ContentBlockType = ContentBlockType;
 exports.ContentFilterSensitiveLog = ContentFilterSensitiveLog;
@@ -2816,6 +2894,7 @@ exports.RuntimeClientError = RuntimeClientError;
 exports.SearchCriteriaFilterSensitiveLog = SearchCriteriaFilterSensitiveLog;
 exports.ServiceException = ServiceException;
 exports.ServiceQuotaExceededException = ServiceQuotaExceededException;
+exports.SessionStatus = SessionStatus;
 exports.StartBrowserSessionCommand = StartBrowserSessionCommand;
 exports.StartCodeInterpreterSessionCommand = StartCodeInterpreterSessionCommand;
 exports.StopBrowserSessionCommand = StopBrowserSessionCommand;
@@ -2828,6 +2907,7 @@ exports.ToolArgumentsFilterSensitiveLog = ToolArgumentsFilterSensitiveLog;
 exports.ToolName = ToolName;
 exports.UnauthorizedException = UnauthorizedException;
 exports.UpdateBrowserStreamCommand = UpdateBrowserStreamCommand;
+exports.UserIdentifierFilterSensitiveLog = UserIdentifierFilterSensitiveLog;
 exports.ValidationException = ValidationException;
 exports.ValidationExceptionReason = ValidationExceptionReason;
 exports.paginateListActors = paginateListActors;

package/dist-es/BedrockAgentCore.js

@@ -3,6 +3,7 @@ import { BedrockAgentCoreClient } from "./BedrockAgentCoreClient";
 import { BatchCreateMemoryRecordsCommand, } from "./commands/BatchCreateMemoryRecordsCommand";
 import { BatchDeleteMemoryRecordsCommand, } from "./commands/BatchDeleteMemoryRecordsCommand";
 import { BatchUpdateMemoryRecordsCommand, } from "./commands/BatchUpdateMemoryRecordsCommand";
+import { CompleteResourceTokenAuthCommand, } from "./commands/CompleteResourceTokenAuthCommand";
 import { CreateEventCommand } from "./commands/CreateEventCommand";
 import { DeleteEventCommand } from "./commands/DeleteEventCommand";
 import { DeleteMemoryRecordCommand, } from "./commands/DeleteMemoryRecordCommand";
@@ -35,6 +36,7 @@ const commands = {
     BatchCreateMemoryRecordsCommand,
     BatchDeleteMemoryRecordsCommand,
     BatchUpdateMemoryRecordsCommand,
+    CompleteResourceTokenAuthCommand,
     CreateEventCommand,
     DeleteEventCommand,
     DeleteMemoryRecordCommand,

package/dist-es/commands/CompleteResourceTokenAuthCommand.js

@@ -0,0 +1,23 @@
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { commonParams } from "../endpoint/EndpointParameters";
+import { CompleteResourceTokenAuthRequestFilterSensitiveLog, } from "../models/models_0";
+import { de_CompleteResourceTokenAuthCommand, se_CompleteResourceTokenAuthCommand } from "../protocols/Aws_restJson1";
+export { $Command };
+export class CompleteResourceTokenAuthCommand extends $Command
+    .classBuilder()
+    .ep(commonParams)
+    .m(function (Command, cs, config, o) {
+    return [
+        getSerdePlugin(config, this.serialize, this.deserialize),
+        getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
+    ];
+})
+    .s("AmazonBedrockAgentCore", "CompleteResourceTokenAuth", {})
+    .n("BedrockAgentCoreClient", "CompleteResourceTokenAuthCommand")
+    .f(CompleteResourceTokenAuthRequestFilterSensitiveLog, void 0)
+    .ser(se_CompleteResourceTokenAuthCommand)
+    .de(de_CompleteResourceTokenAuthCommand)
+    .build() {
+}

package/dist-es/commands/index.js

@@ -1,6 +1,7 @@
 export * from "./BatchCreateMemoryRecordsCommand";
 export * from "./BatchDeleteMemoryRecordsCommand";
 export * from "./BatchUpdateMemoryRecordsCommand";
+export * from "./CompleteResourceTokenAuthCommand";
 export * from "./CreateEventCommand";
 export * from "./DeleteEventCommand";
 export * from "./DeleteMemoryRecordCommand";

package/dist-es/models/models_0.js

@@ -139,10 +139,24 @@ export const CodeInterpreterSessionStatus = {
     READY: "READY",
     TERMINATED: "TERMINATED",
 };
+export var UserIdentifier;
+(function (UserIdentifier) {
+    UserIdentifier.visit = (value, visitor) => {
+        if (value.userToken !== undefined)
+            return visitor.userToken(value.userToken);
+        if (value.userId !== undefined)
+            return visitor.userId(value.userId);
+        return visitor._(value.$unknown[0], value.$unknown[1]);
+    };
+})(UserIdentifier || (UserIdentifier = {}));
 export const Oauth2FlowType = {
     M2M: "M2M",
     USER_FEDERATION: "USER_FEDERATION",
 };
+export const SessionStatus = {
+    FAILED: "FAILED",
+    IN_PROGRESS: "IN_PROGRESS",
+};
 export const ProgrammingLanguage = {
     JAVASCRIPT: "javascript",
     PYTHON: "python",
@@ -307,6 +321,18 @@ export const InvokeAgentRuntimeResponseFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.response && { response: SENSITIVE_STRING }),
 });
+export const UserIdentifierFilterSensitiveLog = (obj) => {
+    if (obj.userToken !== undefined)
+        return { userToken: SENSITIVE_STRING };
+    if (obj.userId !== undefined)
+        return { userId: obj.userId };
+    if (obj.$unknown !== undefined)
+        return { [obj.$unknown[0]]: "UNKNOWN" };
+};
+export const CompleteResourceTokenAuthRequestFilterSensitiveLog = (obj) => ({
+    ...obj,
+    ...(obj.userIdentifier && { userIdentifier: UserIdentifierFilterSensitiveLog(obj.userIdentifier) }),
+});
 export const GetResourceApiKeyRequestFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.workloadIdentityToken && { workloadIdentityToken: SENSITIVE_STRING }),
@@ -319,9 +345,11 @@ export const GetResourceOauth2TokenRequestFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.workloadIdentityToken && { workloadIdentityToken: SENSITIVE_STRING }),
     ...(obj.customParameters && { customParameters: SENSITIVE_STRING }),
+    ...(obj.customState && { customState: SENSITIVE_STRING }),
 });
 export const GetResourceOauth2TokenResponseFilterSensitiveLog = (obj) => ({
     ...obj,
+    ...(obj.authorizationUrl && { authorizationUrl: SENSITIVE_STRING }),
     ...(obj.accessToken && { accessToken: SENSITIVE_STRING }),
 });
 export const GetWorkloadAccessTokenResponseFilterSensitiveLog = (obj) => ({

package/dist-es/protocols/Aws_restJson1.js

@@ -47,6 +47,20 @@ export const se_BatchUpdateMemoryRecordsCommand = async (input, context) => {
     b.m("POST").h(headers).b(body);
     return b.build();
 };
+export const se_CompleteResourceTokenAuthCommand = async (input, context) => {
+    const b = rb(input, context);
+    const headers = {
+        "content-type": "application/json",
+    };
+    b.bp("/identities/CompleteResourceTokenAuth");
+    let body;
+    body = JSON.stringify(take(input, {
+        sessionUri: [],
+        userIdentifier: (_) => _json(_),
+    }));
+    b.m("POST").h(headers).b(body);
+    return b.build();
+};
 export const se_CreateEventCommand = async (input, context) => {
     const b = rb(input, context);
     const headers = {
@@ -172,11 +186,13 @@ export const se_GetResourceOauth2TokenCommand = async (input, context) => {
     let body;
     body = JSON.stringify(take(input, {
         customParameters: (_) => _json(_),
+        customState: [],
         forceAuthentication: [],
         oauth2Flow: [],
         resourceCredentialProviderName: [],
         resourceOauth2ReturnUrl: [],
         scopes: (_) => _json(_),
+        sessionUri: [],
         workloadIdentityToken: [],
     }));
     b.m("POST").h(headers).b(body);
@@ -241,6 +257,7 @@ export const se_InvokeAgentRuntimeCommand = async (input, context) => {
     b.p("agentRuntimeArn", () => input.agentRuntimeArn, "{agentRuntimeArn}", false);
     const query = map({
         [_q]: [, input[_q]],
+        [_aI]: [, input[_aI]],
     });
     let body;
     if (input.payload !== undefined) {
@@ -539,6 +556,16 @@ export const de_BatchUpdateMemoryRecordsCommand = async (output, context) => {
     Object.assign(contents, doc);
     return contents;
 };
+export const de_CompleteResourceTokenAuthCommand = async (output, context) => {
+    if (output.statusCode !== 200 && output.statusCode >= 300) {
+        return de_CommandError(output, context);
+    }
+    const contents = map({
+        $metadata: deserializeMetadata(output),
+    });
+    await collectBody(output.body, context);
+    return contents;
+};
 export const de_CreateEventCommand = async (output, context) => {
     if (output.statusCode !== 201 && output.statusCode >= 300) {
         return de_CommandError(output, context);
@@ -692,6 +719,8 @@ export const de_GetResourceOauth2TokenCommand = async (output, context) => {
     const doc = take(data, {
         accessToken: __expectString,
         authorizationUrl: __expectString,
+        sessionStatus: __expectString,
+        sessionUri: __expectString,
     });
     Object.assign(contents, doc);
     return contents;
@@ -999,21 +1028,21 @@ const de_CommandError = async (output, context) => {
         case "ValidationException":
         case "com.amazonaws.bedrockagentcore#ValidationException":
             throw await de_ValidationExceptionRes(parsedOutput, context);
-        case "InvalidInputException":
-        case "com.amazonaws.bedrockagentcore#InvalidInputException":
-            throw await de_InvalidInputExceptionRes(parsedOutput, context);
         case "InternalServerException":
         case "com.amazonaws.bedrockagentcore#InternalServerException":
             throw await de_InternalServerExceptionRes(parsedOutput, context);
-        case "RuntimeClientError":
-        case "com.amazonaws.bedrockagentcore#RuntimeClientError":
-            throw await de_RuntimeClientErrorRes(parsedOutput, context);
         case "ThrottlingException":
         case "com.amazonaws.bedrockagentcore#ThrottlingException":
             throw await de_ThrottlingExceptionRes(parsedOutput, context);
         case "UnauthorizedException":
         case "com.amazonaws.bedrockagentcore#UnauthorizedException":
             throw await de_UnauthorizedExceptionRes(parsedOutput, context);
+        case "InvalidInputException":
+        case "com.amazonaws.bedrockagentcore#InvalidInputException":
+            throw await de_InvalidInputExceptionRes(parsedOutput, context);
+        case "RuntimeClientError":
+        case "com.amazonaws.bedrockagentcore#RuntimeClientError":
+            throw await de_RuntimeClientErrorRes(parsedOutput, context);
         case "ConflictException":
         case "com.amazonaws.bedrockagentcore#ConflictException":
             throw await de_ConflictExceptionRes(parsedOutput, context);
@@ -1541,6 +1570,7 @@ const deserializeMetadata = (output) => ({
 });
 const collectBodyString = (streamBody, context) => collectBody(streamBody, context).then((body) => context.utf8Encoder(body));
 const _a = "accept";
+const _aI = "accountId";
 const _b = "baggage";
 const _cT = "contentType";
 const _ct = "content-type";

package/dist-types/BedrockAgentCore.d.ts

@@ -3,6 +3,7 @@ import { BedrockAgentCoreClient } from "./BedrockAgentCoreClient";
 import { BatchCreateMemoryRecordsCommandInput, BatchCreateMemoryRecordsCommandOutput } from "./commands/BatchCreateMemoryRecordsCommand";
 import { BatchDeleteMemoryRecordsCommandInput, BatchDeleteMemoryRecordsCommandOutput } from "./commands/BatchDeleteMemoryRecordsCommand";
 import { BatchUpdateMemoryRecordsCommandInput, BatchUpdateMemoryRecordsCommandOutput } from "./commands/BatchUpdateMemoryRecordsCommand";
+import { CompleteResourceTokenAuthCommandInput, CompleteResourceTokenAuthCommandOutput } from "./commands/CompleteResourceTokenAuthCommand";
 import { CreateEventCommandInput, CreateEventCommandOutput } from "./commands/CreateEventCommand";
 import { DeleteEventCommandInput, DeleteEventCommandOutput } from "./commands/DeleteEventCommand";
 import { DeleteMemoryRecordCommandInput, DeleteMemoryRecordCommandOutput } from "./commands/DeleteMemoryRecordCommand";
@@ -50,6 +51,12 @@ export interface BedrockAgentCore {
     batchUpdateMemoryRecords(args: BatchUpdateMemoryRecordsCommandInput, options?: __HttpHandlerOptions): Promise<BatchUpdateMemoryRecordsCommandOutput>;
     batchUpdateMemoryRecords(args: BatchUpdateMemoryRecordsCommandInput, cb: (err: any, data?: BatchUpdateMemoryRecordsCommandOutput) => void): void;
     batchUpdateMemoryRecords(args: BatchUpdateMemoryRecordsCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: BatchUpdateMemoryRecordsCommandOutput) => void): void;
+    /**
+     * @see {@link CompleteResourceTokenAuthCommand}
+     */
+    completeResourceTokenAuth(args: CompleteResourceTokenAuthCommandInput, options?: __HttpHandlerOptions): Promise<CompleteResourceTokenAuthCommandOutput>;
+    completeResourceTokenAuth(args: CompleteResourceTokenAuthCommandInput, cb: (err: any, data?: CompleteResourceTokenAuthCommandOutput) => void): void;
+    completeResourceTokenAuth(args: CompleteResourceTokenAuthCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: CompleteResourceTokenAuthCommandOutput) => void): void;
     /**
      * @see {@link CreateEventCommand}
      */

package/dist-types/BedrockAgentCoreClient.d.ts

@@ -11,6 +11,7 @@ import { HttpAuthSchemeInputConfig, HttpAuthSchemeResolvedConfig } from "./auth/
 import { BatchCreateMemoryRecordsCommandInput, BatchCreateMemoryRecordsCommandOutput } from "./commands/BatchCreateMemoryRecordsCommand";
 import { BatchDeleteMemoryRecordsCommandInput, BatchDeleteMemoryRecordsCommandOutput } from "./commands/BatchDeleteMemoryRecordsCommand";
 import { BatchUpdateMemoryRecordsCommandInput, BatchUpdateMemoryRecordsCommandOutput } from "./commands/BatchUpdateMemoryRecordsCommand";
+import { CompleteResourceTokenAuthCommandInput, CompleteResourceTokenAuthCommandOutput } from "./commands/CompleteResourceTokenAuthCommand";
 import { CreateEventCommandInput, CreateEventCommandOutput } from "./commands/CreateEventCommand";
 import { DeleteEventCommandInput, DeleteEventCommandOutput } from "./commands/DeleteEventCommand";
 import { DeleteMemoryRecordCommandInput, DeleteMemoryRecordCommandOutput } from "./commands/DeleteMemoryRecordCommand";
@@ -45,11 +46,11 @@ export { __Client };
 /**
  * @public
  */
-export type ServiceInputTypes = BatchCreateMemoryRecordsCommandInput | BatchDeleteMemoryRecordsCommandInput | BatchUpdateMemoryRecordsCommandInput | CreateEventCommandInput | DeleteEventCommandInput | DeleteMemoryRecordCommandInput | GetAgentCardCommandInput | GetBrowserSessionCommandInput | GetCodeInterpreterSessionCommandInput | GetEventCommandInput | GetMemoryRecordCommandInput | GetResourceApiKeyCommandInput | GetResourceOauth2TokenCommandInput | GetWorkloadAccessTokenCommandInput | GetWorkloadAccessTokenForJWTCommandInput | GetWorkloadAccessTokenForUserIdCommandInput | InvokeAgentRuntimeCommandInput | InvokeCodeInterpreterCommandInput | ListActorsCommandInput | ListBrowserSessionsCommandInput | ListCodeInterpreterSessionsCommandInput | ListEventsCommandInput | ListMemoryRecordsCommandInput | ListSessionsCommandInput | RetrieveMemoryRecordsCommandInput | StartBrowserSessionCommandInput | StartCodeInterpreterSessionCommandInput | StopBrowserSessionCommandInput | StopCodeInterpreterSessionCommandInput | StopRuntimeSessionCommandInput | UpdateBrowserStreamCommandInput;
+export type ServiceInputTypes = BatchCreateMemoryRecordsCommandInput | BatchDeleteMemoryRecordsCommandInput | BatchUpdateMemoryRecordsCommandInput | CompleteResourceTokenAuthCommandInput | CreateEventCommandInput | DeleteEventCommandInput | DeleteMemoryRecordCommandInput | GetAgentCardCommandInput | GetBrowserSessionCommandInput | GetCodeInterpreterSessionCommandInput | GetEventCommandInput | GetMemoryRecordCommandInput | GetResourceApiKeyCommandInput | GetResourceOauth2TokenCommandInput | GetWorkloadAccessTokenCommandInput | GetWorkloadAccessTokenForJWTCommandInput | GetWorkloadAccessTokenForUserIdCommandInput | InvokeAgentRuntimeCommandInput | InvokeCodeInterpreterCommandInput | ListActorsCommandInput | ListBrowserSessionsCommandInput | ListCodeInterpreterSessionsCommandInput | ListEventsCommandInput | ListMemoryRecordsCommandInput | ListSessionsCommandInput | RetrieveMemoryRecordsCommandInput | StartBrowserSessionCommandInput | StartCodeInterpreterSessionCommandInput | StopBrowserSessionCommandInput | StopCodeInterpreterSessionCommandInput | StopRuntimeSessionCommandInput | UpdateBrowserStreamCommandInput;
 /**
  * @public
  */
-export type ServiceOutputTypes = BatchCreateMemoryRecordsCommandOutput | BatchDeleteMemoryRecordsCommandOutput | BatchUpdateMemoryRecordsCommandOutput | CreateEventCommandOutput | DeleteEventCommandOutput | DeleteMemoryRecordCommandOutput | GetAgentCardCommandOutput | GetBrowserSessionCommandOutput | GetCodeInterpreterSessionCommandOutput | GetEventCommandOutput | GetMemoryRecordCommandOutput | GetResourceApiKeyCommandOutput | GetResourceOauth2TokenCommandOutput | GetWorkloadAccessTokenCommandOutput | GetWorkloadAccessTokenForJWTCommandOutput | GetWorkloadAccessTokenForUserIdCommandOutput | InvokeAgentRuntimeCommandOutput | InvokeCodeInterpreterCommandOutput | ListActorsCommandOutput | ListBrowserSessionsCommandOutput | ListCodeInterpreterSessionsCommandOutput | ListEventsCommandOutput | ListMemoryRecordsCommandOutput | ListSessionsCommandOutput | RetrieveMemoryRecordsCommandOutput | StartBrowserSessionCommandOutput | StartCodeInterpreterSessionCommandOutput | StopBrowserSessionCommandOutput | StopCodeInterpreterSessionCommandOutput | StopRuntimeSessionCommandOutput | UpdateBrowserStreamCommandOutput;
+export type ServiceOutputTypes = BatchCreateMemoryRecordsCommandOutput | BatchDeleteMemoryRecordsCommandOutput | BatchUpdateMemoryRecordsCommandOutput | CompleteResourceTokenAuthCommandOutput | CreateEventCommandOutput | DeleteEventCommandOutput | DeleteMemoryRecordCommandOutput | GetAgentCardCommandOutput | GetBrowserSessionCommandOutput | GetCodeInterpreterSessionCommandOutput | GetEventCommandOutput | GetMemoryRecordCommandOutput | GetResourceApiKeyCommandOutput | GetResourceOauth2TokenCommandOutput | GetWorkloadAccessTokenCommandOutput | GetWorkloadAccessTokenForJWTCommandOutput | GetWorkloadAccessTokenForUserIdCommandOutput | InvokeAgentRuntimeCommandOutput | InvokeCodeInterpreterCommandOutput | ListActorsCommandOutput | ListBrowserSessionsCommandOutput | ListCodeInterpreterSessionsCommandOutput | ListEventsCommandOutput | ListMemoryRecordsCommandOutput | ListSessionsCommandOutput | RetrieveMemoryRecordsCommandOutput | StartBrowserSessionCommandOutput | StartCodeInterpreterSessionCommandOutput | StopBrowserSessionCommandOutput | StopCodeInterpreterSessionCommandOutput | StopRuntimeSessionCommandOutput | UpdateBrowserStreamCommandOutput;
 /**
  * @public
  */

package/dist-types/commands/CompleteResourceTokenAuthCommand.d.ts

@@ -0,0 +1,94 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { BedrockAgentCoreClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../BedrockAgentCoreClient";
+import { CompleteResourceTokenAuthRequest, CompleteResourceTokenAuthResponse } from "../models/models_0";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link CompleteResourceTokenAuthCommand}.
+ */
+export interface CompleteResourceTokenAuthCommandInput extends CompleteResourceTokenAuthRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link CompleteResourceTokenAuthCommand}.
+ */
+export interface CompleteResourceTokenAuthCommandOutput extends CompleteResourceTokenAuthResponse, __MetadataBearer {
+}
+declare const CompleteResourceTokenAuthCommand_base: {
+    new (input: CompleteResourceTokenAuthCommandInput): import("@smithy/smithy-client").CommandImpl<CompleteResourceTokenAuthCommandInput, CompleteResourceTokenAuthCommandOutput, BedrockAgentCoreClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (input: CompleteResourceTokenAuthCommandInput): import("@smithy/smithy-client").CommandImpl<CompleteResourceTokenAuthCommandInput, CompleteResourceTokenAuthCommandOutput, BedrockAgentCoreClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Confirms the user authentication session for obtaining OAuth2.0 tokens for a resource.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { BedrockAgentCoreClient, CompleteResourceTokenAuthCommand } from "@aws-sdk/client-bedrock-agentcore"; // ES Modules import
+ * // const { BedrockAgentCoreClient, CompleteResourceTokenAuthCommand } = require("@aws-sdk/client-bedrock-agentcore"); // CommonJS import
+ * // import type { BedrockAgentCoreClientConfig } from "@aws-sdk/client-bedrock-agentcore";
+ * const config = {}; // type is BedrockAgentCoreClientConfig
+ * const client = new BedrockAgentCoreClient(config);
+ * const input = { // CompleteResourceTokenAuthRequest
+ *   userIdentifier: { // UserIdentifier Union: only one key present
+ *     userToken: "STRING_VALUE",
+ *     userId: "STRING_VALUE",
+ *   },
+ *   sessionUri: "STRING_VALUE", // required
+ * };
+ * const command = new CompleteResourceTokenAuthCommand(input);
+ * const response = await client.send(command);
+ * // {};
+ *
+ * ```
+ *
+ * @param CompleteResourceTokenAuthCommandInput - {@link CompleteResourceTokenAuthCommandInput}
+ * @returns {@link CompleteResourceTokenAuthCommandOutput}
+ * @see {@link CompleteResourceTokenAuthCommandInput} for command's `input` shape.
+ * @see {@link CompleteResourceTokenAuthCommandOutput} for command's `response` shape.
+ * @see {@link BedrockAgentCoreClientResolvedConfig | config} for BedrockAgentCoreClient's `config` shape.
+ *
+ * @throws {@link AccessDeniedException} (client fault)
+ *  <p>The exception that occurs when you do not have sufficient permissions to perform an action. Verify that your IAM policy includes the necessary permissions for the operation you are trying to perform.</p>
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>The exception that occurs when the service encounters an unexpected internal error. This is a temporary condition that will resolve itself with retries. We recommend implementing exponential backoff retry logic in your application.</p>
+ *
+ * @throws {@link ResourceNotFoundException} (client fault)
+ *  <p>The exception that occurs when the specified resource does not exist. This can happen when using an invalid identifier or when trying to access a resource that has been deleted.</p>
+ *
+ * @throws {@link ThrottlingException} (client fault)
+ *  <p>The exception that occurs when the request was denied due to request throttling. This happens when you exceed the allowed request rate for an operation. Reduce the frequency of requests or implement exponential backoff retry logic in your application.</p>
+ *
+ * @throws {@link UnauthorizedException} (client fault)
+ *  <p>This exception is thrown when the JWT bearer token is invalid or not found for OAuth bearer token based access</p>
+ *
+ * @throws {@link ValidationException} (client fault)
+ *  <p>The exception that occurs when the input fails to satisfy the constraints specified by the service. Check the error message for details about which input parameter is invalid and correct your request.</p>
+ *
+ * @throws {@link BedrockAgentCoreServiceException}
+ * <p>Base exception class for all service exceptions from BedrockAgentCore service.</p>
+ *
+ *
+ * @public
+ */
+export declare class CompleteResourceTokenAuthCommand extends CompleteResourceTokenAuthCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: CompleteResourceTokenAuthRequest;
+            output: {};
+        };
+        sdk: {
+            input: CompleteResourceTokenAuthCommandInput;
+            output: CompleteResourceTokenAuthCommandOutput;
+        };
+    };
+}

package/dist-types/commands/GetResourceOauth2TokenCommand.d.ts

@@ -43,17 +43,21 @@ declare const GetResourceOauth2TokenCommand_base: {
  *     "STRING_VALUE",
  *   ],
  *   oauth2Flow: "USER_FEDERATION" || "M2M", // required
+ *   sessionUri: "STRING_VALUE",
  *   resourceOauth2ReturnUrl: "STRING_VALUE",
  *   forceAuthentication: true || false,
  *   customParameters: { // CustomRequestParametersType
  *     "<keys>": "STRING_VALUE",
  *   },
+ *   customState: "STRING_VALUE",
  * };
  * const command = new GetResourceOauth2TokenCommand(input);
  * const response = await client.send(command);
  * // { // GetResourceOauth2TokenResponse
  * //   authorizationUrl: "STRING_VALUE",
  * //   accessToken: "STRING_VALUE",
+ * //   sessionUri: "STRING_VALUE",
+ * //   sessionStatus: "IN_PROGRESS" || "FAILED",
  * // };
  *
  * ```

package/dist-types/commands/InvokeAgentRuntimeCommand.d.ts

@@ -56,6 +56,7 @@ declare const InvokeAgentRuntimeCommand_base: {
  *   baggage: "STRING_VALUE",
  *   agentRuntimeArn: "STRING_VALUE", // required
  *   qualifier: "STRING_VALUE",
+ *   accountId: "STRING_VALUE",
  *   payload: new Uint8Array(), // e.g. Buffer.from("") or new TextEncoder().encode("")   // required
  * };
  * const command = new InvokeAgentRuntimeCommand(input);

package/dist-types/commands/index.d.ts

@@ -1,6 +1,7 @@
 export * from "./BatchCreateMemoryRecordsCommand";
 export * from "./BatchDeleteMemoryRecordsCommand";
 export * from "./BatchUpdateMemoryRecordsCommand";
+export * from "./CompleteResourceTokenAuthCommand";
 export * from "./CreateEventCommand";
 export * from "./DeleteEventCommand";
 export * from "./DeleteMemoryRecordCommand";

package/dist-types/models/models_0.d.ts

@@ -233,6 +233,11 @@ export interface InvokeAgentRuntimeRequest {
      * @public
      */
     qualifier?: string | undefined;
+    /**
+     * <p>The identifier of the Amazon Web Services account for the agent runtime resource.</p>
+     * @public
+     */
+    accountId?: string | undefined;
     /**
      * <p>The input data to send to the agent runtime. The format of this data depends on the specific agent configuration and must match the specified content type. For most agents, this is a JSON object containing the user's request.</p>
      * @public
@@ -1036,6 +1041,68 @@ export interface StopCodeInterpreterSessionResponse {
      */
     lastUpdatedAt: Date | undefined;
 }
+/**
+ * <p>The OAuth2.0 token or user ID that was used to generate the workload access token used for initiating the user authorization flow to retrieve OAuth2.0 tokens.</p>
+ * @public
+ */
+export type UserIdentifier = UserIdentifier.UserIdMember | UserIdentifier.UserTokenMember | UserIdentifier.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace UserIdentifier {
+    /**
+     * <p>The OAuth2.0 token issued by the user’s identity provider</p>
+     * @public
+     */
+    interface UserTokenMember {
+        userToken: string;
+        userId?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>The ID of the user for whom you have retrieved a workload access token for</p>
+     * @public
+     */
+    interface UserIdMember {
+        userToken?: never;
+        userId: string;
+        $unknown?: never;
+    }
+    /**
+     * @public
+     */
+    interface $UnknownMember {
+        userToken?: never;
+        userId?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        userToken: (value: string) => T;
+        userId: (value: string) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: UserIdentifier, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ */
+export interface CompleteResourceTokenAuthRequest {
+    /**
+     * <p>The OAuth2.0 token or user ID that was used to generate the workload access token used for initiating the user authorization flow to retrieve OAuth2.0 tokens.</p>
+     * @public
+     */
+    userIdentifier: UserIdentifier | undefined;
+    /**
+     * <p>Unique identifier for the user's authentication session for retrieving OAuth2 tokens. This ID tracks the authorization flow state across multiple requests and responses during the OAuth2 authentication process.</p>
+     * @public
+     */
+    sessionUri: string | undefined;
+}
+/**
+ * @public
+ */
+export interface CompleteResourceTokenAuthResponse {
+}
 /**
  * @public
  */
@@ -1097,6 +1164,11 @@ export interface GetResourceOauth2TokenRequest {
      * @public
      */
     oauth2Flow: Oauth2FlowType | undefined;
+    /**
+     * <p>Unique identifier for the user's authentication session for retrieving OAuth2 tokens. This ID tracks the authorization flow state across multiple requests and responses during the OAuth2 authentication process.</p>
+     * @public
+     */
+    sessionUri?: string | undefined;
     /**
      * <p>The callback URL to redirect to after the OAuth 2.0 token retrieval is complete. This URL must be one of the provided URLs configured for the workload identity.</p>
      * @public
@@ -1112,7 +1184,24 @@ export interface GetResourceOauth2TokenRequest {
      * @public
      */
     customParameters?: Record<string, string> | undefined;
+    /**
+     * <p>An opaque string that will be sent back to the callback URL provided in resourceOauth2ReturnUrl. This state should be used to protect the callback URL of your application against CSRF attacks by ensuring the response corresponds to the original request.</p>
+     * @public
+     */
+    customState?: string | undefined;
 }
+/**
+ * @public
+ * @enum
+ */
+export declare const SessionStatus: {
+    readonly FAILED: "FAILED";
+    readonly IN_PROGRESS: "IN_PROGRESS";
+};
+/**
+ * @public
+ */
+export type SessionStatus = (typeof SessionStatus)[keyof typeof SessionStatus];
 /**
  * @public
  */
@@ -1127,6 +1216,16 @@ export interface GetResourceOauth2TokenResponse {
      * @public
      */
     accessToken?: string | undefined;
+    /**
+     * <p>Unique identifier for the user's authorization session for retrieving OAuth2 tokens. This matches the sessionId from the request and can be used to track the session state.</p>
+     * @public
+     */
+    sessionUri?: string | undefined;
+    /**
+     * <p>Status indicating whether the user's authorization session is in progress or has failed. This helps determine the next steps in the OAuth2 authentication flow.</p>
+     * @public
+     */
+    sessionStatus?: SessionStatus | undefined;
 }
 /**
  * @public
@@ -2797,6 +2896,14 @@ export declare const InvokeAgentRuntimeRequestFilterSensitiveLog: (obj: InvokeAg
  * @internal
  */
 export declare const InvokeAgentRuntimeResponseFilterSensitiveLog: (obj: InvokeAgentRuntimeResponse) => any;
+/**
+ * @internal
+ */
+export declare const UserIdentifierFilterSensitiveLog: (obj: UserIdentifier) => any;
+/**
+ * @internal
+ */
+export declare const CompleteResourceTokenAuthRequestFilterSensitiveLog: (obj: CompleteResourceTokenAuthRequest) => any;
 /**
  * @internal
  */

package/dist-types/protocols/Aws_restJson1.d.ts

@@ -3,6 +3,7 @@ import { EventStreamSerdeContext as __EventStreamSerdeContext, SdkStreamSerdeCon
 import { BatchCreateMemoryRecordsCommandInput, BatchCreateMemoryRecordsCommandOutput } from "../commands/BatchCreateMemoryRecordsCommand";
 import { BatchDeleteMemoryRecordsCommandInput, BatchDeleteMemoryRecordsCommandOutput } from "../commands/BatchDeleteMemoryRecordsCommand";
 import { BatchUpdateMemoryRecordsCommandInput, BatchUpdateMemoryRecordsCommandOutput } from "../commands/BatchUpdateMemoryRecordsCommand";
+import { CompleteResourceTokenAuthCommandInput, CompleteResourceTokenAuthCommandOutput } from "../commands/CompleteResourceTokenAuthCommand";
 import { CreateEventCommandInput, CreateEventCommandOutput } from "../commands/CreateEventCommand";
 import { DeleteEventCommandInput, DeleteEventCommandOutput } from "../commands/DeleteEventCommand";
 import { DeleteMemoryRecordCommandInput, DeleteMemoryRecordCommandOutput } from "../commands/DeleteMemoryRecordCommand";
@@ -43,6 +44,10 @@ export declare const se_BatchDeleteMemoryRecordsCommand: (input: BatchDeleteMemo
  * serializeAws_restJson1BatchUpdateMemoryRecordsCommand
  */
 export declare const se_BatchUpdateMemoryRecordsCommand: (input: BatchUpdateMemoryRecordsCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
+/**
+ * serializeAws_restJson1CompleteResourceTokenAuthCommand
+ */
+export declare const se_CompleteResourceTokenAuthCommand: (input: CompleteResourceTokenAuthCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 /**
  * serializeAws_restJson1CreateEventCommand
  */
@@ -167,6 +172,10 @@ export declare const de_BatchDeleteMemoryRecordsCommand: (output: __HttpResponse
  * deserializeAws_restJson1BatchUpdateMemoryRecordsCommand
  */
 export declare const de_BatchUpdateMemoryRecordsCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<BatchUpdateMemoryRecordsCommandOutput>;
+/**
+ * deserializeAws_restJson1CompleteResourceTokenAuthCommand
+ */
+export declare const de_CompleteResourceTokenAuthCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<CompleteResourceTokenAuthCommandOutput>;
 /**
  * deserializeAws_restJson1CreateEventCommand
  */

package/dist-types/ts3.4/BedrockAgentCore.d.ts

@@ -12,6 +12,10 @@ import {
   BatchUpdateMemoryRecordsCommandInput,
   BatchUpdateMemoryRecordsCommandOutput,
 } from "./commands/BatchUpdateMemoryRecordsCommand";
+import {
+  CompleteResourceTokenAuthCommandInput,
+  CompleteResourceTokenAuthCommandOutput,
+} from "./commands/CompleteResourceTokenAuthCommand";
 import {
   CreateEventCommandInput,
   CreateEventCommandOutput,
@@ -164,6 +168,19 @@ export interface BedrockAgentCore {
     options: __HttpHandlerOptions,
     cb: (err: any, data?: BatchUpdateMemoryRecordsCommandOutput) => void
   ): void;
+  completeResourceTokenAuth(
+    args: CompleteResourceTokenAuthCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<CompleteResourceTokenAuthCommandOutput>;
+  completeResourceTokenAuth(
+    args: CompleteResourceTokenAuthCommandInput,
+    cb: (err: any, data?: CompleteResourceTokenAuthCommandOutput) => void
+  ): void;
+  completeResourceTokenAuth(
+    args: CompleteResourceTokenAuthCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: CompleteResourceTokenAuthCommandOutput) => void
+  ): void;
   createEvent(
     args: CreateEventCommandInput,
     options?: __HttpHandlerOptions

package/dist-types/ts3.4/BedrockAgentCoreClient.d.ts

@@ -63,6 +63,10 @@ import {
   BatchUpdateMemoryRecordsCommandInput,
   BatchUpdateMemoryRecordsCommandOutput,
 } from "./commands/BatchUpdateMemoryRecordsCommand";
+import {
+  CompleteResourceTokenAuthCommandInput,
+  CompleteResourceTokenAuthCommandOutput,
+} from "./commands/CompleteResourceTokenAuthCommand";
 import {
   CreateEventCommandInput,
   CreateEventCommandOutput,
@@ -186,6 +190,7 @@ export type ServiceInputTypes =
   | BatchCreateMemoryRecordsCommandInput
   | BatchDeleteMemoryRecordsCommandInput
   | BatchUpdateMemoryRecordsCommandInput
+  | CompleteResourceTokenAuthCommandInput
   | CreateEventCommandInput
   | DeleteEventCommandInput
   | DeleteMemoryRecordCommandInput
@@ -218,6 +223,7 @@ export type ServiceOutputTypes =
   | BatchCreateMemoryRecordsCommandOutput
   | BatchDeleteMemoryRecordsCommandOutput
   | BatchUpdateMemoryRecordsCommandOutput
+  | CompleteResourceTokenAuthCommandOutput
   | CreateEventCommandOutput
   | DeleteEventCommandOutput
   | DeleteMemoryRecordCommandOutput

package/dist-types/ts3.4/commands/CompleteResourceTokenAuthCommand.d.ts

@@ -0,0 +1,51 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import {
+  BedrockAgentCoreClientResolvedConfig,
+  ServiceInputTypes,
+  ServiceOutputTypes,
+} from "../BedrockAgentCoreClient";
+import {
+  CompleteResourceTokenAuthRequest,
+  CompleteResourceTokenAuthResponse,
+} from "../models/models_0";
+export { __MetadataBearer };
+export { $Command };
+export interface CompleteResourceTokenAuthCommandInput
+  extends CompleteResourceTokenAuthRequest {}
+export interface CompleteResourceTokenAuthCommandOutput
+  extends CompleteResourceTokenAuthResponse,
+    __MetadataBearer {}
+declare const CompleteResourceTokenAuthCommand_base: {
+  new (
+    input: CompleteResourceTokenAuthCommandInput
+  ): import("@smithy/smithy-client").CommandImpl<
+    CompleteResourceTokenAuthCommandInput,
+    CompleteResourceTokenAuthCommandOutput,
+    BedrockAgentCoreClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >;
+  new (
+    input: CompleteResourceTokenAuthCommandInput
+  ): import("@smithy/smithy-client").CommandImpl<
+    CompleteResourceTokenAuthCommandInput,
+    CompleteResourceTokenAuthCommandOutput,
+    BedrockAgentCoreClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >;
+  getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+export declare class CompleteResourceTokenAuthCommand extends CompleteResourceTokenAuthCommand_base {
+  protected static __types: {
+    api: {
+      input: CompleteResourceTokenAuthRequest;
+      output: {};
+    };
+    sdk: {
+      input: CompleteResourceTokenAuthCommandInput;
+      output: CompleteResourceTokenAuthCommandOutput;
+    };
+  };
+}

package/dist-types/ts3.4/commands/index.d.ts

@@ -1,6 +1,7 @@
 export * from "./BatchCreateMemoryRecordsCommand";
 export * from "./BatchDeleteMemoryRecordsCommand";
 export * from "./BatchUpdateMemoryRecordsCommand";
+export * from "./CompleteResourceTokenAuthCommand";
 export * from "./CreateEventCommand";
 export * from "./DeleteEventCommand";
 export * from "./DeleteMemoryRecordCommand";

package/dist-types/ts3.4/models/models_0.d.ts

@@ -92,6 +92,7 @@ export interface InvokeAgentRuntimeRequest {
   baggage?: string | undefined;
   agentRuntimeArn: string | undefined;
   qualifier?: string | undefined;
+  accountId?: string | undefined;
   payload: Uint8Array | undefined;
 }
 export interface InvokeAgentRuntimeResponse {
@@ -310,6 +311,38 @@ export interface StopCodeInterpreterSessionResponse {
   sessionId: string | undefined;
   lastUpdatedAt: Date | undefined;
 }
+export type UserIdentifier =
+  | UserIdentifier.UserIdMember
+  | UserIdentifier.UserTokenMember
+  | UserIdentifier.$UnknownMember;
+export declare namespace UserIdentifier {
+  interface UserTokenMember {
+    userToken: string;
+    userId?: never;
+    $unknown?: never;
+  }
+  interface UserIdMember {
+    userToken?: never;
+    userId: string;
+    $unknown?: never;
+  }
+  interface $UnknownMember {
+    userToken?: never;
+    userId?: never;
+    $unknown: [string, any];
+  }
+  interface Visitor<T> {
+    userToken: (value: string) => T;
+    userId: (value: string) => T;
+    _: (name: string, value: any) => T;
+  }
+  const visit: <T>(value: UserIdentifier, visitor: Visitor<T>) => T;
+}
+export interface CompleteResourceTokenAuthRequest {
+  userIdentifier: UserIdentifier | undefined;
+  sessionUri: string | undefined;
+}
+export interface CompleteResourceTokenAuthResponse {}
 export interface GetResourceApiKeyRequest {
   workloadIdentityToken: string | undefined;
   resourceCredentialProviderName: string | undefined;
@@ -328,13 +361,22 @@ export interface GetResourceOauth2TokenRequest {
   resourceCredentialProviderName: string | undefined;
   scopes: string[] | undefined;
   oauth2Flow: Oauth2FlowType | undefined;
+  sessionUri?: string | undefined;
   resourceOauth2ReturnUrl?: string | undefined;
   forceAuthentication?: boolean | undefined;
   customParameters?: Record<string, string> | undefined;
+  customState?: string | undefined;
 }
+export declare const SessionStatus: {
+  readonly FAILED: "FAILED";
+  readonly IN_PROGRESS: "IN_PROGRESS";
+};
+export type SessionStatus = (typeof SessionStatus)[keyof typeof SessionStatus];
 export interface GetResourceOauth2TokenResponse {
   authorizationUrl?: string | undefined;
   accessToken?: string | undefined;
+  sessionUri?: string | undefined;
+  sessionStatus?: SessionStatus | undefined;
 }
 export interface GetWorkloadAccessTokenRequest {
   workloadName: string | undefined;
@@ -943,6 +985,12 @@ export declare const InvokeAgentRuntimeRequestFilterSensitiveLog: (
 export declare const InvokeAgentRuntimeResponseFilterSensitiveLog: (
   obj: InvokeAgentRuntimeResponse
 ) => any;
+export declare const UserIdentifierFilterSensitiveLog: (
+  obj: UserIdentifier
+) => any;
+export declare const CompleteResourceTokenAuthRequestFilterSensitiveLog: (
+  obj: CompleteResourceTokenAuthRequest
+) => any;
 export declare const GetResourceApiKeyRequestFilterSensitiveLog: (
   obj: GetResourceApiKeyRequest
 ) => any;

package/dist-types/ts3.4/protocols/Aws_restJson1.d.ts

@@ -19,6 +19,10 @@ import {
   BatchUpdateMemoryRecordsCommandInput,
   BatchUpdateMemoryRecordsCommandOutput,
 } from "../commands/BatchUpdateMemoryRecordsCommand";
+import {
+  CompleteResourceTokenAuthCommandInput,
+  CompleteResourceTokenAuthCommandOutput,
+} from "../commands/CompleteResourceTokenAuthCommand";
 import {
   CreateEventCommandInput,
   CreateEventCommandOutput,
@@ -143,6 +147,10 @@ export declare const se_BatchUpdateMemoryRecordsCommand: (
   input: BatchUpdateMemoryRecordsCommandInput,
   context: __SerdeContext
 ) => Promise<__HttpRequest>;
+export declare const se_CompleteResourceTokenAuthCommand: (
+  input: CompleteResourceTokenAuthCommandInput,
+  context: __SerdeContext
+) => Promise<__HttpRequest>;
 export declare const se_CreateEventCommand: (
   input: CreateEventCommandInput,
   context: __SerdeContext
@@ -267,6 +275,10 @@ export declare const de_BatchUpdateMemoryRecordsCommand: (
   output: __HttpResponse,
   context: __SerdeContext
 ) => Promise<BatchUpdateMemoryRecordsCommandOutput>;
+export declare const de_CompleteResourceTokenAuthCommand: (
+  output: __HttpResponse,
+  context: __SerdeContext
+) => Promise<CompleteResourceTokenAuthCommandOutput>;
 export declare const de_CreateEventCommand: (
   output: __HttpResponse,
   context: __SerdeContext

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-bedrock-agentcore",
   "description": "AWS SDK for JavaScript Bedrock Agentcore Client for Node.js, Browser and React Native",
-  "version": "3.908.0",
+  "version": "3.909.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-bedrock-agentcore",