{
	"id": "dc013828-6b11-4727-a2c4-f9d5b7c2c954",
	"created_at": "2026-04-06T01:31:03.858041Z",
	"updated_at": "2026-04-10T03:21:03.037846Z",
	"deleted_at": null,
	"sha1_hash": "0c5427a7b7daba5178bdb13e4c783e0fb37831f2",
	"title": "GitHub - pvanbuijtene/aws-adfs-credential-generator: Windows desktop utlity that generates an AWS Credential file with temporary credentials for ADFS users.",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 286201,
	"plain_text": "GitHub - pvanbuijtene/aws-adfs-credential-generator: Windows\r\ndesktop utlity that generates an AWS Credential file with\r\ntemporary credentials for ADFS users.\r\nBy damianh\r\nArchived: 2026-04-06 00:54:44 UTC\r\nWindows desktop application that generate an AWS Credential file with temporary credentials for ADFS users.\r\nInspired by How to Implement Federated API and CLI Access Using SAML 2.0 and AD FS this tool is designed\r\nfor less technically inclined folk who need tooling/API access to AWS but are not CLI comfortable.\r\nDownloads\r\nHere is a screen shot with typical settings showing the profiles (aka 'Roles') for the given user:\r\nHere is a screen shot of S3Browser using the generated credential file and one of the profiles:\r\nhttps://github.com/pvanbuijtene/aws-adfs-credential-generator\r\nPage 1 of 3\n\nHow it works\r\n1. Using the supplied domain credentials, it authenticates against the ASFS url provided using NTLM. The\r\nmachine running this does not need to be on the domain.\r\n2. If authentication is successful, the SAMLResponse is extracted.\r\n3. All the Role attributes are extracted from the SAMLResponse .\r\n4. For each Role, temporary credentials are requested from AWS and written to\r\n$USERPROFILE/.aws/credentials-generated\r\n5. The temporary credentials are refreshed automatically every 50 minutes (the max lifetime for a AWS\r\ntemporary credential is 60 minutes).\r\n6. CLI tooling / S3Browser etc should be configured to use $USERPROFILE/.aws/credentials-generated .\r\nContributing\r\nThis was hacked up on a Saturday night; not meant to be the prettiest. It is a winforms app with all the code in\r\ncode-behind and zero tests; and that's fine, It Works. Pull requests are welcome, however, create an issue first.\r\nhttps://github.com/pvanbuijtene/aws-adfs-credential-generator\r\nPage 2 of 3\n\nSource: https://github.com/pvanbuijtene/aws-adfs-credential-generator\r\nhttps://github.com/pvanbuijtene/aws-adfs-credential-generator\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://github.com/pvanbuijtene/aws-adfs-credential-generator"
	],
	"report_names": [
		"aws-adfs-credential-generator"
	],
	"threat_actors": [],
	"ts_created_at": 1775439063,
	"ts_updated_at": 1775791263,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/0c5427a7b7daba5178bdb13e4c783e0fb37831f2.pdf",
		"text": "https://archive.orkl.eu/0c5427a7b7daba5178bdb13e4c783e0fb37831f2.txt",
		"img": "https://archive.orkl.eu/0c5427a7b7daba5178bdb13e4c783e0fb37831f2.jpg"
	}
}