From the implementation I've seen it usually uses S3 as an example resource it tries to access. In my case, I just want to know if the credential provided is valid.
mobile sends username / password -> developer server authenticates and generates openIdToken (GetOpenIdTokenForDeveloperIdentity)
mobile sends openId token -> developer server get credentials (accessKeyId, secretAccessKey, sessionToken) with AssumeRoleWithWebIdentity
mobile sends accesskey accessSecret and sessionToken to server ->
How do I validate if the credentials are correct?