# EnableOutboundWebIdentityFederation
<a name="API_EnableOutboundWebIdentityFederation"></a>

Enables the outbound identity federation feature for your Amazon account. When enabled, IAM principals in your account can use the `GetWebIdentityToken` API to obtain JSON Web Tokens (JWTs) for secure authentication with external services. This operation also generates a unique issuer URL for your Amazon account. 

## Response Elements
<a name="API_EnableOutboundWebIdentityFederation_ResponseElements"></a>

The following element is returned by the service.

 ** IssuerIdentifier **   
A unique issuer URL for your Amazon account that hosts the OpenID Connect (OIDC) discovery endpoints at `/.well-known/openid-configuration and /.well-known/jwks.json`. The OpenID Connect (OIDC) discovery endpoints contain verification keys and metadata necessary for token verification.  
Type: String

## Errors
<a name="API_EnableOutboundWebIdentityFederation_Errors"></a>

For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).

 ** FeatureEnabled **   
The request failed because outbound identity federation is already enabled for your Amazon account. You cannot enable the feature multiple times. To fetch the current configuration (including the unique issuer URL), use the `GetOutboundWebIdentityFederationInfo` operation.  
HTTP Status Code: 409

## Examples
<a name="API_EnableOutboundWebIdentityFederation_Examples"></a>

### Example
<a name="API_EnableOutboundWebIdentityFederation_Example_1"></a>

This example illustrates one usage of EnableOutboundWebIdentityFederation.

#### Sample Request
<a name="API_EnableOutboundWebIdentityFederation_Example_1_Request"></a>

```
                https://iam.amazonaws.com/?Action=EnableOutboundWebIdentityFederation
                &Version=2010-05-08
                &AUTHPARAMS
```

#### Sample Response
<a name="API_EnableOutboundWebIdentityFederation_Example_1_Response"></a>

```
                    <EnableOutboundWebIdentityFederationResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
                      <EnableOutboundWebIdentityFederationResult>
                        <IssuerIdentifier>https://a1d2b0fd-1177-4468-9351-2fEXAMPLE723.tokens.sts.global.api.aws</IssuerIdentifier>
                      </EnableOutboundWebIdentityFederationResult>
                      <ResponseMetadata>
                        <RequestId>4a396884-3469-427a-938f-e5EXAMPLE11e</RequestId>
                      </ResponseMetadata>
                    </EnableOutboundWebIdentityFederationResponse>
```

## See Also
<a name="API_EnableOutboundWebIdentityFederation_SeeAlso"></a>

For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/iam-2010-05-08/EnableOutboundWebIdentityFederation) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/iam-2010-05-08/EnableOutboundWebIdentityFederation) 
+  [Amazon SDK for C\+\+](https://docs.amazonaws.cn/goto/SdkForCpp/iam-2010-05-08/EnableOutboundWebIdentityFederation) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/iam-2010-05-08/EnableOutboundWebIdentityFederation) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/iam-2010-05-08/EnableOutboundWebIdentityFederation) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/iam-2010-05-08/EnableOutboundWebIdentityFederation) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/iam-2010-05-08/EnableOutboundWebIdentityFederation) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/iam-2010-05-08/EnableOutboundWebIdentityFederation) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/iam-2010-05-08/EnableOutboundWebIdentityFederation) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/iam-2010-05-08/EnableOutboundWebIdentityFederation)