View a markdown version of this page

Welcome - Amazon Security Token Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Welcome

Amazon provides Amazon Security Token Service (Amazon STS) as a web service that enables you to request temporary, limited-privilege credentials for users. This guide describes the Amazon STS API. For more information, see Temporary Security Credentials in the IAM User Guide.

Note

As an alternative to using the API, you can use one of the Amazon SDKs, which consist of libraries and sample code for various programming languages and platforms such as Java, Ruby, .NET, iOS, Android, and others. The SDKs provide a convenient way to create programmatic access to Amazon STS. For example, the SDKs can cryptographically sign requests, manage errors, and retry requests automatically. For information about the Amazon SDKs, see Tools to Build on Amazon.

For information about setting up signatures and authorization through the API, see Signing Amazon API Requests in the Amazon General Reference. For general information about the Query API, see Making Query Requests in the IAM User Guide. For information about using security tokens with other Amazon products, see Amazon Services That Work with IAM in the IAM User Guide.

For information about Amazon STS endpoints, see Amazon STS Regions and endpoints in the IAM User Guide. For information about logging Amazon STS API calls, see Logging IAM and Amazon STS API calls with Amazon CloudTrail in the IAM User Guide.

This document was last published on May 4, 2026.