AWS Identity Center Credential Manager

How to install Open in Chrome Web Store

CRX ID

jcjnbobieodcccmlijkjlbielmhhnpff

Status

Live on Store

Description from extension meta

Quickly refresh your local AWS CLI credentials from IAM Identity Center (SSO) with one click.

Image from store

Description from store

Tired of manually copying temporary credentials from the AWS SSO portal into your ~/.aws/credentials file every time they expire? AWS Identity Center Credential Manager automates the entire process.

WHAT IT DOES

This extension connects to your AWS IAM Identity Center (formerly AWS SSO) portal, discovers every account and role available to you, and writes fresh temporary credentials directly to your local ~/.aws/credentials file — all in a single click.

HOW TO USE IT

1. Start the companion server on your machine (see Prerequisites below).
2. Log in to your AWS SSO portal in Chrome (e.g. https://yourorg.awsapps.com/start).
3. Click the extension icon. Your accounts and roles appear automatically.
4. Choose which roles to include using the checkboxes (or use "Select all").
5. Optionally customize the profile alias for each role — this is the [profile] name that gets written to ~/.aws/credentials. Hover the ⓘ icon on any row for details.
6. Click "Refresh Credentials." Done.
7. Verify with: aws sts get-caller-identity --profile your-alias

FEATURES

• Automatic discovery of all accounts and roles from your SSO portal
• Select all / deselect all with a single checkbox
• Per-role enable/disable — only refresh the credentials you need
• Custom profile aliases — control exactly how each profile appears in ~/.aws/credentials
• Inline help tooltips explaining what each field does
• Collapsible account sections to keep things organized
• Preserves any existing profiles in ~/.aws/credentials that aren't managed by the extension
• Clear success and error feedback after every refresh

PREREQUISITES

This extension works together with a lightweight companion server that runs locally and handles writing to your ~/.aws/credentials file. The easiest way to run it is with Docker:

docker run -d -p 50173:80 -v ~/.aws:/app/aws --name aws-credential-manager --restart unless-stopped cbekmezian/aws-credential-manager:latest

Alternatively, use the docker-compose.yml included in the project repository.

PERMISSIONS

• Tabs — to detect when you're on your AWS SSO portal
• Cookies — to read your SSO session token for authentication
• Host access (*.awsapps.com) — to communicate with the AWS SSO portal

LINKS

Source code, issues, and documentation:
https://github.com/rad12000/aws-identity-center-credential-manager

Latest reviews

Terry Roberts 2025-12-09: Kept on displaying "An unknown error occurred." and when I got the docker container up it would say "success" but nothing else

Extension Actions