AWS .Net API - The provided token has expired

Question

I am facing this weird scenario. I generate my AWS AccessKeyId, SecretAccessKey and SessionToken by running assume-role-with-saml command. After copying these values to .aws\credentials file, I try to run command "aws s3 ls" and can see all the S3 buckets. Similarly I can run any AWS command to view objects and it works perfectly fine. However, when I write .Net Core application to list objects, it doesn't work on my computer. Same .Net application works find on other colleagues' computers. We all have access to AWS through the same role. There are no users in IAM console. Here is the sample code, but I am not sure there is nothing wrong with the code, because it works fine on other users' computers.

var _ssmClient = new AmazonSimpleSystemsManagementClient();
                var r = _ssmClient.GetParameterAsync(new Amazon.SimpleSystemsManagement.Model.GetParameterRequest
                {
                    Name = "/KEY1/KEY2",
                    WithDecryption = true
                }).ConfigureAwait(false).GetAwaiter().GetResult();

Any idea why running commands through CLI works and API calls don't work? Don't they both look at the same %USERPROFILE%.aws\credentials file?

Answer 1

I found it. Posting here since it can be useful for someone having same issue. Go to this folder: %USERPROFILE%\AppData\Local\AWSToolkit
Take a backup of all files and folders and delete all from above location.

This solution applies only if you can run commands like "aws s3 ls" and get the results successfully, but you get error "The provided token has expired" while running the same from .Net API libraries.