@depup/aws-sdk__nested-clients 3.996.10-depup.0

package/dist-types/submodules/sso-oidc/commands/CreateTokenCommand.d.ts

@@ -0,0 +1,176 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import type { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import type { CreateTokenRequest, CreateTokenResponse } from "../models/models_0";
+import type { SSOOIDCClientResolvedConfig } from "../SSOOIDCClient";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link CreateTokenCommand}.
+ */
+export interface CreateTokenCommandInput extends CreateTokenRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link CreateTokenCommand}.
+ */
+export interface CreateTokenCommandOutput extends CreateTokenResponse, __MetadataBearer {
+}
+declare const CreateTokenCommand_base: {
+    new (input: CreateTokenCommandInput): import("@smithy/smithy-client").CommandImpl<CreateTokenCommandInput, CreateTokenCommandOutput, SSOOIDCClientResolvedConfig, CreateTokenCommandInput, CreateTokenCommandOutput>;
+    new (input: CreateTokenCommandInput): import("@smithy/smithy-client").CommandImpl<CreateTokenCommandInput, CreateTokenCommandOutput, SSOOIDCClientResolvedConfig, CreateTokenCommandInput, CreateTokenCommandOutput>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Creates and returns access and refresh tokens for clients that are authenticated using
+ *       client secrets. The access token can be used to fetch short-lived credentials for the assigned
+ *       AWS accounts or to access application APIs using <code>bearer</code> authentication.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { SSOOIDCClient, CreateTokenCommand } from "@aws-sdk/client-sso-oidc"; // ES Modules import
+ * // const { SSOOIDCClient, CreateTokenCommand } = require("@aws-sdk/client-sso-oidc"); // CommonJS import
+ * // import type { SSOOIDCClientConfig } from "@aws-sdk/client-sso-oidc";
+ * const config = {}; // type is SSOOIDCClientConfig
+ * const client = new SSOOIDCClient(config);
+ * const input = { // CreateTokenRequest
+ *   clientId: "STRING_VALUE", // required
+ *   clientSecret: "STRING_VALUE", // required
+ *   grantType: "STRING_VALUE", // required
+ *   deviceCode: "STRING_VALUE",
+ *   code: "STRING_VALUE",
+ *   refreshToken: "STRING_VALUE",
+ *   scope: [ // Scopes
+ *     "STRING_VALUE",
+ *   ],
+ *   redirectUri: "STRING_VALUE",
+ *   codeVerifier: "STRING_VALUE",
+ * };
+ * const command = new CreateTokenCommand(input);
+ * const response = await client.send(command);
+ * // { // CreateTokenResponse
+ * //   accessToken: "STRING_VALUE",
+ * //   tokenType: "STRING_VALUE",
+ * //   expiresIn: Number("int"),
+ * //   refreshToken: "STRING_VALUE",
+ * //   idToken: "STRING_VALUE",
+ * // };
+ *
+ * ```
+ *
+ * @param CreateTokenCommandInput - {@link CreateTokenCommandInput}
+ * @returns {@link CreateTokenCommandOutput}
+ * @see {@link CreateTokenCommandInput} for command's `input` shape.
+ * @see {@link CreateTokenCommandOutput} for command's `response` shape.
+ * @see {@link SSOOIDCClientResolvedConfig | config} for SSOOIDCClient's `config` shape.
+ *
+ * @throws {@link AccessDeniedException} (client fault)
+ *  <p>You do not have sufficient access to perform this action.</p>
+ *
+ * @throws {@link AuthorizationPendingException} (client fault)
+ *  <p>Indicates that a request to authorize a client with an access user session token is
+ *       pending.</p>
+ *
+ * @throws {@link ExpiredTokenException} (client fault)
+ *  <p>Indicates that the token issued by the service is expired and is no longer valid.</p>
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>Indicates that an error from the service occurred while trying to process a
+ *       request.</p>
+ *
+ * @throws {@link InvalidClientException} (client fault)
+ *  <p>Indicates that the <code>clientId</code> or <code>clientSecret</code> in the request is
+ *       invalid. For example, this can occur when a client sends an incorrect <code>clientId</code> or
+ *       an expired <code>clientSecret</code>.</p>
+ *
+ * @throws {@link InvalidGrantException} (client fault)
+ *  <p>Indicates that a request contains an invalid grant. This can occur if a client makes a
+ *         <a>CreateToken</a> request with an invalid grant type.</p>
+ *
+ * @throws {@link InvalidRequestException} (client fault)
+ *  <p>Indicates that something is wrong with the input to the request. For example, a required
+ *       parameter might be missing or out of range.</p>
+ *
+ * @throws {@link InvalidScopeException} (client fault)
+ *  <p>Indicates that the scope provided in the request is invalid.</p>
+ *
+ * @throws {@link SlowDownException} (client fault)
+ *  <p>Indicates that the client is making the request too frequently and is more than the
+ *       service can handle. </p>
+ *
+ * @throws {@link UnauthorizedClientException} (client fault)
+ *  <p>Indicates that the client is not currently authorized to make the request. This can happen
+ *       when a <code>clientId</code> is not issued for a public client.</p>
+ *
+ * @throws {@link UnsupportedGrantTypeException} (client fault)
+ *  <p>Indicates that the grant type in the request is not supported by the service.</p>
+ *
+ * @throws {@link SSOOIDCServiceException}
+ * <p>Base exception class for all service exceptions from SSOOIDC service.</p>
+ *
+ *
+ * @example Call OAuth/OIDC /token endpoint for Device Code grant with Secret authentication
+ * ```javascript
+ * //
+ * const input = {
+ *   clientId: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ *   clientSecret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ *   deviceCode: "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzIn0EXAMPLEDEVICECODE",
+ *   grantType: "urn:ietf:params:oauth:grant-type:device-code"
+ * };
+ * const command = new CreateTokenCommand(input);
+ * const response = await client.send(command);
+ * /* response is
+ * {
+ *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   expiresIn: 1579729529,
+ *   refreshToken: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   tokenType: "Bearer"
+ * }
+ * *\/
+ * ```
+ *
+ * @example Call OAuth/OIDC /token endpoint for Refresh Token grant with Secret authentication
+ * ```javascript
+ * //
+ * const input = {
+ *   clientId: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ *   clientSecret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ *   grantType: "refresh_token",
+ *   refreshToken: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   scope: [
+ *     "codewhisperer:completions"
+ *   ]
+ * };
+ * const command = new CreateTokenCommand(input);
+ * const response = await client.send(command);
+ * /* response is
+ * {
+ *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   expiresIn: 1579729529,
+ *   refreshToken: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   tokenType: "Bearer"
+ * }
+ * *\/
+ * ```
+ *
+ * @public
+ */
+export declare class CreateTokenCommand extends CreateTokenCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: CreateTokenRequest;
+            output: CreateTokenResponse;
+        };
+        sdk: {
+            input: CreateTokenCommandInput;
+            output: CreateTokenCommandOutput;
+        };
+    };
+}

package/dist-types/submodules/sso-oidc/commands/index.d.ts

@@ -0,0 +1 @@
+export * from "./CreateTokenCommand";

package/dist-types/submodules/sso-oidc/endpoint/EndpointParameters.d.ts

@@ -0,0 +1,50 @@
+import type { Endpoint, EndpointParameters as __EndpointParameters, EndpointV2, Provider } from "@smithy/types";
+/**
+ * @public
+ */
+export interface ClientInputEndpointParameters {
+    region?: string | undefined | Provider<string | undefined>;
+    useDualstackEndpoint?: boolean | undefined | Provider<boolean | undefined>;
+    useFipsEndpoint?: boolean | undefined | Provider<boolean | undefined>;
+    endpoint?: string | Provider<string> | Endpoint | Provider<Endpoint> | EndpointV2 | Provider<EndpointV2>;
+}
+/**
+ * @public
+ */
+export type ClientResolvedEndpointParameters = Omit<ClientInputEndpointParameters, "endpoint"> & {
+    defaultSigningName: string;
+};
+/**
+ * @internal
+ */
+export declare const resolveClientEndpointParameters: <T>(options: T & ClientInputEndpointParameters) => T & ClientResolvedEndpointParameters;
+/**
+ * @internal
+ */
+export declare const commonParams: {
+    readonly UseFIPS: {
+        readonly type: "builtInParams";
+        readonly name: "useFipsEndpoint";
+    };
+    readonly Endpoint: {
+        readonly type: "builtInParams";
+        readonly name: "endpoint";
+    };
+    readonly Region: {
+        readonly type: "builtInParams";
+        readonly name: "region";
+    };
+    readonly UseDualStack: {
+        readonly type: "builtInParams";
+        readonly name: "useDualstackEndpoint";
+    };
+};
+/**
+ * @internal
+ */
+export interface EndpointParameters extends __EndpointParameters {
+    Region?: string | undefined;
+    UseDualStack?: boolean | undefined;
+    UseFIPS?: boolean | undefined;
+    Endpoint?: string | undefined;
+}

package/dist-types/submodules/sso-oidc/endpoint/endpointResolver.d.ts

@@ -0,0 +1,8 @@
+import type { EndpointV2, Logger } from "@smithy/types";
+import type { EndpointParameters } from "./EndpointParameters";
+/**
+ * @internal
+ */
+export declare const defaultEndpointResolver: (endpointParams: EndpointParameters, context?: {
+    logger?: Logger;
+}) => EndpointV2;

package/dist-types/submodules/sso-oidc/endpoint/ruleset.d.ts

@@ -0,0 +1,2 @@
+import type { RuleSetObject } from "@smithy/types";
+export declare const ruleSet: RuleSetObject;

package/dist-types/submodules/sso-oidc/extensionConfiguration.d.ts

@@ -0,0 +1,9 @@
+import type { AwsRegionExtensionConfiguration } from "@aws-sdk/types";
+import type { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http";
+import type { DefaultExtensionConfiguration } from "@smithy/types";
+import type { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration";
+/**
+ * @internal
+ */
+export interface SSOOIDCExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, AwsRegionExtensionConfiguration, HttpAuthExtensionConfiguration {
+}

package/dist-types/submodules/sso-oidc/index.d.ts

@@ -0,0 +1,54 @@
+/**
+ * <p>IAM Identity Center OpenID Connect (OIDC) is a web service that enables a client (such as CLI or a
+ *       native application) to register with IAM Identity Center. The service also enables the client to fetch the
+ *       user’s access token upon successful authentication and authorization with IAM Identity Center.</p>
+ *          <p>
+ *             <b>API namespaces</b>
+ *          </p>
+ *          <p>IAM Identity Center uses the <code>sso</code> and <code>identitystore</code> API namespaces. IAM Identity Center
+ *       OpenID Connect uses the <code>sso-oauth</code> namespace.</p>
+ *          <p>
+ *             <b>Considerations for using this guide</b>
+ *          </p>
+ *          <p>Before you begin using this guide, we recommend that you first review the following
+ *       important information about how the IAM Identity Center OIDC service works.</p>
+ *          <ul>
+ *             <li>
+ *                <p>The IAM Identity Center OIDC service currently implements only the portions of the OAuth 2.0 Device
+ *           Authorization Grant standard (<a href="https://tools.ietf.org/html/rfc8628">https://tools.ietf.org/html/rfc8628</a>) that are necessary to enable single
+ *           sign-on authentication with the CLI. </p>
+ *             </li>
+ *             <li>
+ *                <p>With older versions of the CLI, the service only emits OIDC access tokens, so to
+ *           obtain a new token, users must explicitly re-authenticate. To access the OIDC flow that
+ *           supports token refresh and doesn’t require re-authentication, update to the latest CLI
+ *           version (1.27.10 for CLI V1 and 2.9.0 for CLI V2) with support for OIDC token refresh
+ *           and configurable IAM Identity Center session durations. For more information, see <a href="https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html">Configure Amazon Web Services access portal session duration </a>. </p>
+ *             </li>
+ *             <li>
+ *                <p>The access tokens provided by this service grant access to all Amazon Web Services account
+ *           entitlements assigned to an IAM Identity Center user, not just a particular application.</p>
+ *             </li>
+ *             <li>
+ *                <p>The documentation in this guide does not describe the mechanism to convert the access
+ *           token into Amazon Web Services Auth (“sigv4”) credentials for use with IAM-protected Amazon Web Services service
+ *           endpoints. For more information, see <a href="https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html">GetRoleCredentials</a> in the <i>IAM Identity Center Portal API Reference
+ *           Guide</i>.</p>
+ *             </li>
+ *          </ul>
+ *          <p>For general information about IAM Identity Center, see <a href="https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html">What is
+ *         IAM Identity Center?</a> in the <i>IAM Identity Center User Guide</i>.</p>
+ *
+ * @packageDocumentation
+ */
+export * from "./SSOOIDCClient";
+export * from "./SSOOIDC";
+export { ClientInputEndpointParameters } from "./endpoint/EndpointParameters";
+export type { RuntimeExtension } from "./runtimeExtensions";
+export type { SSOOIDCExtensionConfiguration } from "./extensionConfiguration";
+export * from "./commands";
+export * from "./schemas/schemas_0";
+export * from "./models/enums";
+export * from "./models/errors";
+export * from "./models/models_0";
+export { SSOOIDCServiceException } from "./models/SSOOIDCServiceException";

package/dist-types/submodules/sso-oidc/models/SSOOIDCServiceException.d.ts

@@ -0,0 +1,14 @@
+import { type ServiceExceptionOptions as __ServiceExceptionOptions, ServiceException as __ServiceException } from "@smithy/smithy-client";
+export type { __ServiceExceptionOptions };
+export { __ServiceException };
+/**
+ * @public
+ *
+ * Base exception class for all service exceptions from SSOOIDC service.
+ */
+export declare class SSOOIDCServiceException extends __ServiceException {
+    /**
+     * @internal
+     */
+    constructor(options: __ServiceExceptionOptions);
+}

package/dist-types/submodules/sso-oidc/models/enums.d.ts

@@ -0,0 +1,25 @@
+/**
+ * @public
+ * @enum
+ */
+export declare const AccessDeniedExceptionReason: {
+    readonly KMS_ACCESS_DENIED: "KMS_AccessDeniedException";
+};
+/**
+ * @public
+ */
+export type AccessDeniedExceptionReason = (typeof AccessDeniedExceptionReason)[keyof typeof AccessDeniedExceptionReason];
+/**
+ * @public
+ * @enum
+ */
+export declare const InvalidRequestExceptionReason: {
+    readonly KMS_DISABLED_KEY: "KMS_DisabledException";
+    readonly KMS_INVALID_KEY_USAGE: "KMS_InvalidKeyUsageException";
+    readonly KMS_INVALID_STATE: "KMS_InvalidStateException";
+    readonly KMS_KEY_NOT_FOUND: "KMS_NotFoundException";
+};
+/**
+ * @public
+ */
+export type InvalidRequestExceptionReason = (typeof InvalidRequestExceptionReason)[keyof typeof InvalidRequestExceptionReason];

package/dist-types/submodules/sso-oidc/models/errors.d.ts

@@ -0,0 +1,279 @@
+import type { ExceptionOptionType as __ExceptionOptionType } from "@smithy/smithy-client";
+import type { AccessDeniedExceptionReason, InvalidRequestExceptionReason } from "./enums";
+import { SSOOIDCServiceException as __BaseException } from "./SSOOIDCServiceException";
+/**
+ * <p>You do not have sufficient access to perform this action.</p>
+ * @public
+ */
+export declare class AccessDeniedException extends __BaseException {
+    readonly name: "AccessDeniedException";
+    readonly $fault: "client";
+    /**
+     * <p>Single error code. For this exception the value will be <code>access_denied</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>A string that uniquely identifies a reason for the error.</p>
+     * @public
+     */
+    reason?: AccessDeniedExceptionReason | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<AccessDeniedException, __BaseException>);
+}
+/**
+ * <p>Indicates that a request to authorize a client with an access user session token is
+ *       pending.</p>
+ * @public
+ */
+export declare class AuthorizationPendingException extends __BaseException {
+    readonly name: "AuthorizationPendingException";
+    readonly $fault: "client";
+    /**
+     * <p>Single error code. For this exception the value will be
+     *       <code>authorization_pending</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<AuthorizationPendingException, __BaseException>);
+}
+/**
+ * <p>Indicates that the token issued by the service is expired and is no longer valid.</p>
+ * @public
+ */
+export declare class ExpiredTokenException extends __BaseException {
+    readonly name: "ExpiredTokenException";
+    readonly $fault: "client";
+    /**
+     * <p>Single error code. For this exception the value will be <code>expired_token</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<ExpiredTokenException, __BaseException>);
+}
+/**
+ * <p>Indicates that an error from the service occurred while trying to process a
+ *       request.</p>
+ * @public
+ */
+export declare class InternalServerException extends __BaseException {
+    readonly name: "InternalServerException";
+    readonly $fault: "server";
+    /**
+     * <p>Single error code. For this exception the value will be <code>server_error</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<InternalServerException, __BaseException>);
+}
+/**
+ * <p>Indicates that the <code>clientId</code> or <code>clientSecret</code> in the request is
+ *       invalid. For example, this can occur when a client sends an incorrect <code>clientId</code> or
+ *       an expired <code>clientSecret</code>.</p>
+ * @public
+ */
+export declare class InvalidClientException extends __BaseException {
+    readonly name: "InvalidClientException";
+    readonly $fault: "client";
+    /**
+     * <p>Single error code. For this exception the value will be
+     *       <code>invalid_client</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<InvalidClientException, __BaseException>);
+}
+/**
+ * <p>Indicates that a request contains an invalid grant. This can occur if a client makes a
+ *         <a>CreateToken</a> request with an invalid grant type.</p>
+ * @public
+ */
+export declare class InvalidGrantException extends __BaseException {
+    readonly name: "InvalidGrantException";
+    readonly $fault: "client";
+    /**
+     * <p>Single error code. For this exception the value will be <code>invalid_grant</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<InvalidGrantException, __BaseException>);
+}
+/**
+ * <p>Indicates that something is wrong with the input to the request. For example, a required
+ *       parameter might be missing or out of range.</p>
+ * @public
+ */
+export declare class InvalidRequestException extends __BaseException {
+    readonly name: "InvalidRequestException";
+    readonly $fault: "client";
+    /**
+     * <p>Single error code. For this exception the value will be
+     *       <code>invalid_request</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>A string that uniquely identifies a reason for the error.</p>
+     * @public
+     */
+    reason?: InvalidRequestExceptionReason | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<InvalidRequestException, __BaseException>);
+}
+/**
+ * <p>Indicates that the scope provided in the request is invalid.</p>
+ * @public
+ */
+export declare class InvalidScopeException extends __BaseException {
+    readonly name: "InvalidScopeException";
+    readonly $fault: "client";
+    /**
+     * <p>Single error code. For this exception the value will be <code>invalid_scope</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<InvalidScopeException, __BaseException>);
+}
+/**
+ * <p>Indicates that the client is making the request too frequently and is more than the
+ *       service can handle. </p>
+ * @public
+ */
+export declare class SlowDownException extends __BaseException {
+    readonly name: "SlowDownException";
+    readonly $fault: "client";
+    /**
+     * <p>Single error code. For this exception the value will be <code>slow_down</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<SlowDownException, __BaseException>);
+}
+/**
+ * <p>Indicates that the client is not currently authorized to make the request. This can happen
+ *       when a <code>clientId</code> is not issued for a public client.</p>
+ * @public
+ */
+export declare class UnauthorizedClientException extends __BaseException {
+    readonly name: "UnauthorizedClientException";
+    readonly $fault: "client";
+    /**
+     * <p>Single error code. For this exception the value will be
+     *       <code>unauthorized_client</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<UnauthorizedClientException, __BaseException>);
+}
+/**
+ * <p>Indicates that the grant type in the request is not supported by the service.</p>
+ * @public
+ */
+export declare class UnsupportedGrantTypeException extends __BaseException {
+    readonly name: "UnsupportedGrantTypeException";
+    readonly $fault: "client";
+    /**
+     * <p>Single error code. For this exception the value will be
+     *         <code>unsupported_grant_type</code>.</p>
+     * @public
+     */
+    error?: string | undefined;
+    /**
+     * <p>Human-readable text providing additional information, used to assist the client developer
+     *       in understanding the error that occurred.</p>
+     * @public
+     */
+    error_description?: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<UnsupportedGrantTypeException, __BaseException>);
+}