AWS Security ChangesHomeSearch

AWS singlesignon documentation change

Service: singlesignon · 2025-11-10 · Documentation low

File: singlesignon/latest/IdentityStoreAPIReference/API_GetUserId.md

Summary

Added documentation about member account access limitations and KMS-related error reasons

Security assessment

Adds security documentation about access controls for member accounts and KMS encryption key access errors. Enhances security awareness but doesn't fix a specific vulnerability.

Diff

diff --git a/singlesignon/latest/IdentityStoreAPIReference/API_GetUserId.md b/singlesignon/latest/IdentityStoreAPIReference/API_GetUserId.md
index c009ce49d..9bed14aff 100644
--- a//singlesignon/latest/IdentityStoreAPIReference/API_GetUserId.md
+++ b//singlesignon/latest/IdentityStoreAPIReference/API_GetUserId.md
@@ -8,0 +9,6 @@ Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsExamplesSe
+Retrieves the `UserId` in an identity store.
+
+###### Note
+
+If you have access to a member account, you can use this API operation from the member account. For more information, see [Limiting access to the identity store from member accounts](https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-your-accounts.html#limiting-access-from-member-accounts) in the _AWS IAM Identity Center User Guide_.
+
@@ -91,0 +98,5 @@ You do not have sufficient access to perform this action.
+**Reason**
+    
+
+Indicates the reason for an access denial when returned by KMS while accessing a Customer Managed KMS key. For non-KMS access-denied errors, this field is not included.
+
@@ -120,0 +132,5 @@ Indicates that a requested resource is not found.
+**Reason**
+    
+
+Indicates the reason for a resource not found error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included.
+
@@ -142,0 +159,5 @@ Indicates that the principal has crossed the throttling limits of the API operat
+**Reason**
+    
+
+Indicates the reason for the throttling error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included.
+
@@ -159,0 +181,5 @@ The request failed because it contains a syntax error.
+**Reason**
+    
+
+Indicates the reason for the validation error when the service is unable to access a Customer Managed KMS key. For non-KMS permission errors, this field is not included.
+