aws-sdk-cognitoidentityprovider 1.38.0 → 1.43.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-cognitoidentityprovider.rb +3 -1
- data/lib/aws-sdk-cognitoidentityprovider/client.rb +178 -95
- data/lib/aws-sdk-cognitoidentityprovider/client_api.rb +23 -0
- data/lib/aws-sdk-cognitoidentityprovider/customizations.rb +1 -0
- data/lib/aws-sdk-cognitoidentityprovider/errors.rb +2 -0
- data/lib/aws-sdk-cognitoidentityprovider/resource.rb +2 -0
- data/lib/aws-sdk-cognitoidentityprovider/types.rb +505 -121
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7b6ac655b806a0dc5a6704b845c9fbe080aa79366883d8dc5aa6803140571271
|
4
|
+
data.tar.gz: 18d558b605615d5c11b1fb2c96dc413942e7b84d7a02120470c90dd52922ddb5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 128c94db366737299919700d2691680916cca0411192984a7159d70f5040824bc38f4e189c138bc38f41cac0772c101fdceb53a93a2059fca290e6df7961d2f9
|
7
|
+
data.tar.gz: 0b4da76cd9964e0f7799fb0813c5af0c2d4c72cca42acbbbeb157261be7df8acb50952c57353bf15f05d8b6223cb6d01a04c1f31ece78f56973effbe8e5651f8
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -45,6 +47,6 @@ require_relative 'aws-sdk-cognitoidentityprovider/customizations'
|
|
45
47
|
# @service
|
46
48
|
module Aws::CognitoIdentityProvider
|
47
49
|
|
48
|
-
GEM_VERSION = '1.
|
50
|
+
GEM_VERSION = '1.43.0'
|
49
51
|
|
50
52
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -469,19 +471,18 @@ module Aws::CognitoIdentityProvider
|
|
469
471
|
# If `MessageAction` is not set, the default is to send a welcome
|
470
472
|
# message via email or phone (SMS).
|
471
473
|
#
|
472
|
-
#
|
473
|
-
# to or . This template includes your custom
|
474
|
-
# placeholders for user name and temporary
|
475
|
-
#
|
476
|
-
# </note>
|
474
|
+
# This message is based on a template that you configured in your call
|
475
|
+
# to create or update a user pool. This template includes your custom
|
476
|
+
# sign-up instructions and placeholders for user name and temporary
|
477
|
+
# password.
|
477
478
|
#
|
478
|
-
# Alternatively, you can call AdminCreateUser with “SUPPRESS” for the
|
479
|
+
# Alternatively, you can call `AdminCreateUser` with “SUPPRESS” for the
|
479
480
|
# `MessageAction` parameter, and Amazon Cognito will not send any email.
|
480
481
|
#
|
481
482
|
# In either case, the user will be in the `FORCE_CHANGE_PASSWORD` state
|
482
483
|
# until they sign in and change their password.
|
483
484
|
#
|
484
|
-
# AdminCreateUser requires developer credentials.
|
485
|
+
# `AdminCreateUser` requires developer credentials.
|
485
486
|
#
|
486
487
|
# @option params [required, String] :user_pool_id
|
487
488
|
# The user pool ID for the user pool where the user will be created.
|
@@ -495,10 +496,10 @@ module Aws::CognitoIdentityProvider
|
|
495
496
|
# An array of name-value pairs that contain user attributes and
|
496
497
|
# attribute values to be set for the user to be created. You can create
|
497
498
|
# a user without specifying any attributes other than `Username`.
|
498
|
-
# However, any attributes that you specify as required (
|
499
|
-
# **Attributes** tab of the console) must be
|
500
|
-
# your call to `AdminCreateUser`) or by the
|
501
|
-
# up in response to your welcome message).
|
499
|
+
# However, any attributes that you specify as required (when creating a
|
500
|
+
# user pool or in the **Attributes** tab of the console) must be
|
501
|
+
# supplied either by you (in your call to `AdminCreateUser`) or by the
|
502
|
+
# user (when he or she signs up in response to your welcome message).
|
502
503
|
#
|
503
504
|
# For custom attributes, you must prepend the `custom:` prefix to the
|
504
505
|
# attribute name.
|
@@ -510,7 +511,8 @@ module Aws::CognitoIdentityProvider
|
|
510
511
|
#
|
511
512
|
# In your call to `AdminCreateUser`, you can set the `email_verified`
|
512
513
|
# attribute to `True`, and you can set the `phone_number_verified`
|
513
|
-
# attribute to `True`. (You can also do this by calling
|
514
|
+
# attribute to `True`. (You can also do this by calling
|
515
|
+
# [AdminUpdateUserAttributes][1].)
|
514
516
|
#
|
515
517
|
# * **email**\: The email address of the user to whom the message that
|
516
518
|
# contains the code and username will be sent. Required if the
|
@@ -522,6 +524,10 @@ module Aws::CognitoIdentityProvider
|
|
522
524
|
# `phone_number_verified` attribute is set to `True`, or if `"SMS"` is
|
523
525
|
# specified in the `DesiredDeliveryMediums` parameter.
|
524
526
|
#
|
527
|
+
#
|
528
|
+
#
|
529
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html
|
530
|
+
#
|
525
531
|
# @option params [Array<Types::AttributeType>] :validation_data
|
526
532
|
# The user's validation data. This is an array of name-value pairs that
|
527
533
|
# contain user attributes and attribute values that you can use for
|
@@ -743,7 +749,7 @@ module Aws::CognitoIdentityProvider
|
|
743
749
|
# IdP user, any link between that user and an existing user is removed.
|
744
750
|
# The next time the external user (no longer attached to the previously
|
745
751
|
# linked `DestinationUser`) signs in, they must create a new user
|
746
|
-
# account. See .
|
752
|
+
# account. See [AdminLinkProviderForUser][1].
|
747
753
|
#
|
748
754
|
# This action is enabled only for admin access and requires developer
|
749
755
|
# credentials.
|
@@ -764,12 +770,16 @@ module Aws::CognitoIdentityProvider
|
|
764
770
|
# For de-linking a SAML identity, there are two scenarios. If the linked
|
765
771
|
# identity has not yet been used to sign-in, the `ProviderAttributeName`
|
766
772
|
# and `ProviderAttributeValue` must be the same values that were used
|
767
|
-
# for the `SourceUser` when the identities were originally linked
|
768
|
-
# call. (If the linking was done with
|
769
|
-
# `Cognito_Subject`, the same applies
|
770
|
-
# already signed in, the
|
771
|
-
# `
|
772
|
-
# the SAML assertion.
|
773
|
+
# for the `SourceUser` when the identities were originally linked using
|
774
|
+
# ` AdminLinkProviderForUser` call. (If the linking was done with
|
775
|
+
# `ProviderAttributeName` set to `Cognito_Subject`, the same applies
|
776
|
+
# here). However, if the user has already signed in, the
|
777
|
+
# `ProviderAttributeName` must be `Cognito_Subject` and
|
778
|
+
# `ProviderAttributeValue` must be the subject of the SAML assertion.
|
779
|
+
#
|
780
|
+
#
|
781
|
+
#
|
782
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminLinkProviderForUser.html
|
773
783
|
#
|
774
784
|
# @option params [required, String] :user_pool_id
|
775
785
|
# The user pool ID for the user pool.
|
@@ -1043,18 +1053,20 @@ module Aws::CognitoIdentityProvider
|
|
1043
1053
|
#
|
1044
1054
|
# * For `USER_SRP_AUTH`\: `USERNAME` (required), `SRP_A` (required),
|
1045
1055
|
# `SECRET_HASH` (required if the app client is configured with a
|
1046
|
-
# client secret), `DEVICE_KEY
|
1056
|
+
# client secret), `DEVICE_KEY`.
|
1047
1057
|
#
|
1048
1058
|
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN`\: `REFRESH_TOKEN` (required),
|
1049
1059
|
# `SECRET_HASH` (required if the app client is configured with a
|
1050
|
-
# client secret), `DEVICE_KEY
|
1060
|
+
# client secret), `DEVICE_KEY`.
|
1051
1061
|
#
|
1052
1062
|
# * For `ADMIN_NO_SRP_AUTH`\: `USERNAME` (required), `SECRET_HASH` (if
|
1053
1063
|
# app client is configured with client secret), `PASSWORD` (required),
|
1054
|
-
# `DEVICE_KEY
|
1064
|
+
# `DEVICE_KEY`.
|
1055
1065
|
#
|
1056
1066
|
# * For `CUSTOM_AUTH`\: `USERNAME` (required), `SECRET_HASH` (if app
|
1057
|
-
# client is configured with client secret), `DEVICE_KEY
|
1067
|
+
# client is configured with client secret), `DEVICE_KEY`. To start the
|
1068
|
+
# authentication flow with password verification, include
|
1069
|
+
# `ChallengeName: SRP_A` and `SRP_A: (The SRP_A Value)`.
|
1058
1070
|
#
|
1059
1071
|
# @option params [Hash<String,String>] :client_metadata
|
1060
1072
|
# A map of custom key-value pairs that you can provide as input for
|
@@ -1200,13 +1212,15 @@ module Aws::CognitoIdentityProvider
|
|
1200
1212
|
# that when the federated user identity is used, the user signs in as
|
1201
1213
|
# the existing user account.
|
1202
1214
|
#
|
1215
|
+
# <note markdown="1"> The maximum number of federated identities linked to a user is 5.
|
1216
|
+
#
|
1217
|
+
# </note>
|
1218
|
+
#
|
1203
1219
|
# Because this API allows a user with an external federated identity to
|
1204
1220
|
# sign in as an existing user in the user pool, it is critical that it
|
1205
1221
|
# only be used with external identity providers and provider attributes
|
1206
1222
|
# that have been trusted by the application owner.
|
1207
1223
|
#
|
1208
|
-
# See also .
|
1209
|
-
#
|
1210
1224
|
# This action is enabled only for admin access and requires developer
|
1211
1225
|
# credentials.
|
1212
1226
|
#
|
@@ -1576,7 +1590,11 @@ module Aws::CognitoIdentityProvider
|
|
1576
1590
|
# The app client ID.
|
1577
1591
|
#
|
1578
1592
|
# @option params [required, String] :challenge_name
|
1579
|
-
# The challenge name. For more information, see .
|
1593
|
+
# The challenge name. For more information, see [AdminInitiateAuth][1].
|
1594
|
+
#
|
1595
|
+
#
|
1596
|
+
#
|
1597
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminInitiateAuth.html
|
1580
1598
|
#
|
1581
1599
|
# @option params [Hash<String,String>] :challenge_responses
|
1582
1600
|
# The challenge responses. These are inputs corresponding to the value
|
@@ -1814,9 +1832,13 @@ module Aws::CognitoIdentityProvider
|
|
1814
1832
|
|
1815
1833
|
# *This action is no longer supported.* You can use it to configure only
|
1816
1834
|
# SMS MFA. You can't use it to configure TOTP software token MFA. To
|
1817
|
-
# configure either type of MFA, use
|
1835
|
+
# configure either type of MFA, use [AdminSetUserMFAPreference][1]
|
1818
1836
|
# instead.
|
1819
1837
|
#
|
1838
|
+
#
|
1839
|
+
#
|
1840
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html
|
1841
|
+
#
|
1820
1842
|
# @option params [required, String] :user_pool_id
|
1821
1843
|
# The ID of the user pool that contains the user that you are setting
|
1822
1844
|
# options for.
|
@@ -2174,7 +2196,11 @@ module Aws::CognitoIdentityProvider
|
|
2174
2196
|
#
|
2175
2197
|
# @option params [required, String] :confirmation_code
|
2176
2198
|
# The confirmation code sent by a user's request to retrieve a
|
2177
|
-
# forgotten password. For more information, see
|
2199
|
+
# forgotten password. For more information, see [ForgotPassword][1].
|
2200
|
+
#
|
2201
|
+
#
|
2202
|
+
#
|
2203
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html
|
2178
2204
|
#
|
2179
2205
|
# @option params [required, String] :password
|
2180
2206
|
# The password sent by a user's request to retrieve a forgotten
|
@@ -2444,7 +2470,7 @@ module Aws::CognitoIdentityProvider
|
|
2444
2470
|
# The identity provider details. The following list describes the
|
2445
2471
|
# provider detail keys for each identity provider type.
|
2446
2472
|
#
|
2447
|
-
# * For Google
|
2473
|
+
# * For Google and Login with Amazon:
|
2448
2474
|
#
|
2449
2475
|
# * client\_id
|
2450
2476
|
#
|
@@ -2452,6 +2478,16 @@ module Aws::CognitoIdentityProvider
|
|
2452
2478
|
#
|
2453
2479
|
# * authorize\_scopes
|
2454
2480
|
#
|
2481
|
+
# * For Facebook:
|
2482
|
+
#
|
2483
|
+
# * client\_id
|
2484
|
+
#
|
2485
|
+
# * client\_secret
|
2486
|
+
#
|
2487
|
+
# * authorize\_scopes
|
2488
|
+
#
|
2489
|
+
# * api\_version
|
2490
|
+
#
|
2455
2491
|
# * For Sign in with Apple:
|
2456
2492
|
#
|
2457
2493
|
# * client\_id
|
@@ -2488,8 +2524,6 @@ module Aws::CognitoIdentityProvider
|
|
2488
2524
|
# * jwks\_uri *if not available from discovery URL specified by
|
2489
2525
|
# oidc\_issuer key*
|
2490
2526
|
#
|
2491
|
-
# * authorize\_scopes
|
2492
|
-
#
|
2493
2527
|
# * For SAML providers:
|
2494
2528
|
#
|
2495
2529
|
# * MetadataFile OR MetadataURL
|
@@ -2741,7 +2775,11 @@ module Aws::CognitoIdentityProvider
|
|
2741
2775
|
# selected sign-in option. For example, when this is set to `False`,
|
2742
2776
|
# users will be able to sign in using either "username" or
|
2743
2777
|
# "Username". This configuration is immutable once it has been set.
|
2744
|
-
# For more information, see .
|
2778
|
+
# For more information, see [UsernameConfigurationType][1].
|
2779
|
+
#
|
2780
|
+
#
|
2781
|
+
#
|
2782
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html
|
2745
2783
|
#
|
2746
2784
|
# @option params [Types::AccountRecoverySettingType] :account_recovery_setting
|
2747
2785
|
# Use this setting to define which verified available method a user can
|
@@ -2752,12 +2790,6 @@ module Aws::CognitoIdentityProvider
|
|
2752
2790
|
# the absence of this setting, Cognito uses the legacy behavior to
|
2753
2791
|
# determine the recovery method where SMS is preferred over email.
|
2754
2792
|
#
|
2755
|
-
# <note markdown="1"> Starting February 1, 2020, the value of `AccountRecoverySetting` will
|
2756
|
-
# default to `verified_email` first and `verified_phone_number` as the
|
2757
|
-
# second option for newly created user pools if no value is provided.
|
2758
|
-
#
|
2759
|
-
# </note>
|
2760
|
-
#
|
2761
2793
|
# @return [Types::CreateUserPoolResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2762
2794
|
#
|
2763
2795
|
# * {Types::CreateUserPoolResponse#user_pool #user_pool} => Types::UserPoolType
|
@@ -2968,6 +3000,20 @@ module Aws::CognitoIdentityProvider
|
|
2968
3000
|
# The time limit, in days, after which the refresh token is no longer
|
2969
3001
|
# valid and cannot be used.
|
2970
3002
|
#
|
3003
|
+
# @option params [Integer] :access_token_validity
|
3004
|
+
# The time limit, between 5 minutes and 1 day, after which the access
|
3005
|
+
# token is no longer valid and cannot be used. This value will be
|
3006
|
+
# overridden if you have entered a value in TokenValidityUnits.
|
3007
|
+
#
|
3008
|
+
# @option params [Integer] :id_token_validity
|
3009
|
+
# The time limit, between 5 minutes and 1 day, after which the ID token
|
3010
|
+
# is no longer valid and cannot be used. This value will be overridden
|
3011
|
+
# if you have entered a value in TokenValidityUnits.
|
3012
|
+
#
|
3013
|
+
# @option params [Types::TokenValidityUnitsType] :token_validity_units
|
3014
|
+
# The units in which the validity times are represented in. Default for
|
3015
|
+
# RefreshToken is days, and default for ID and access tokens are hours.
|
3016
|
+
#
|
2971
3017
|
# @option params [Array<String>] :read_attributes
|
2972
3018
|
# The read attributes.
|
2973
3019
|
#
|
@@ -3092,9 +3138,10 @@ module Aws::CognitoIdentityProvider
|
|
3092
3138
|
# The Amazon Pinpoint analytics configuration for collecting metrics for
|
3093
3139
|
# this user pool.
|
3094
3140
|
#
|
3095
|
-
# <note markdown="1">
|
3096
|
-
#
|
3097
|
-
#
|
3141
|
+
# <note markdown="1"> In regions where Pinpoint is not available, Cognito User Pools only
|
3142
|
+
# supports sending events to Amazon Pinpoint projects in us-east-1. In
|
3143
|
+
# regions where Pinpoint is available, Cognito User Pools will support
|
3144
|
+
# sending events to Amazon Pinpoint projects within that same region.
|
3098
3145
|
#
|
3099
3146
|
# </note>
|
3100
3147
|
#
|
@@ -3116,24 +3163,6 @@ module Aws::CognitoIdentityProvider
|
|
3116
3163
|
# * `LEGACY` - This represents the old behavior of Cognito where user
|
3117
3164
|
# existence related errors are not prevented.
|
3118
3165
|
#
|
3119
|
-
# This setting affects the behavior of following APIs:
|
3120
|
-
#
|
3121
|
-
# * AdminInitiateAuth
|
3122
|
-
#
|
3123
|
-
# * AdminRespondToAuthChallenge
|
3124
|
-
#
|
3125
|
-
# * InitiateAuth
|
3126
|
-
#
|
3127
|
-
# * RespondToAuthChallenge
|
3128
|
-
#
|
3129
|
-
# * ForgotPassword
|
3130
|
-
#
|
3131
|
-
# * ConfirmForgotPassword
|
3132
|
-
#
|
3133
|
-
# * ConfirmSignUp
|
3134
|
-
#
|
3135
|
-
# * ResendConfirmationCode
|
3136
|
-
#
|
3137
3166
|
# <note markdown="1"> After February 15th 2020, the value of `PreventUserExistenceErrors`
|
3138
3167
|
# will default to `ENABLED` for newly created user pool clients if no
|
3139
3168
|
# value is provided.
|
@@ -3151,6 +3180,13 @@ module Aws::CognitoIdentityProvider
|
|
3151
3180
|
# client_name: "ClientNameType", # required
|
3152
3181
|
# generate_secret: false,
|
3153
3182
|
# refresh_token_validity: 1,
|
3183
|
+
# access_token_validity: 1,
|
3184
|
+
# id_token_validity: 1,
|
3185
|
+
# token_validity_units: {
|
3186
|
+
# access_token: "seconds", # accepts seconds, minutes, hours, days
|
3187
|
+
# id_token: "seconds", # accepts seconds, minutes, hours, days
|
3188
|
+
# refresh_token: "seconds", # accepts seconds, minutes, hours, days
|
3189
|
+
# },
|
3154
3190
|
# read_attributes: ["ClientPermissionType"],
|
3155
3191
|
# write_attributes: ["ClientPermissionType"],
|
3156
3192
|
# explicit_auth_flows: ["ADMIN_NO_SRP_AUTH"], # accepts ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH
|
@@ -3179,6 +3215,11 @@ module Aws::CognitoIdentityProvider
|
|
3179
3215
|
# resp.user_pool_client.last_modified_date #=> Time
|
3180
3216
|
# resp.user_pool_client.creation_date #=> Time
|
3181
3217
|
# resp.user_pool_client.refresh_token_validity #=> Integer
|
3218
|
+
# resp.user_pool_client.access_token_validity #=> Integer
|
3219
|
+
# resp.user_pool_client.id_token_validity #=> Integer
|
3220
|
+
# resp.user_pool_client.token_validity_units.access_token #=> String, one of "seconds", "minutes", "hours", "days"
|
3221
|
+
# resp.user_pool_client.token_validity_units.id_token #=> String, one of "seconds", "minutes", "hours", "days"
|
3222
|
+
# resp.user_pool_client.token_validity_units.refresh_token #=> String, one of "seconds", "minutes", "hours", "days"
|
3182
3223
|
# resp.user_pool_client.read_attributes #=> Array
|
3183
3224
|
# resp.user_pool_client.read_attributes[0] #=> String
|
3184
3225
|
# resp.user_pool_client.write_attributes #=> Array
|
@@ -3784,6 +3825,11 @@ module Aws::CognitoIdentityProvider
|
|
3784
3825
|
# resp.user_pool_client.last_modified_date #=> Time
|
3785
3826
|
# resp.user_pool_client.creation_date #=> Time
|
3786
3827
|
# resp.user_pool_client.refresh_token_validity #=> Integer
|
3828
|
+
# resp.user_pool_client.access_token_validity #=> Integer
|
3829
|
+
# resp.user_pool_client.id_token_validity #=> Integer
|
3830
|
+
# resp.user_pool_client.token_validity_units.access_token #=> String, one of "seconds", "minutes", "hours", "days"
|
3831
|
+
# resp.user_pool_client.token_validity_units.id_token #=> String, one of "seconds", "minutes", "hours", "days"
|
3832
|
+
# resp.user_pool_client.token_validity_units.refresh_token #=> String, one of "seconds", "minutes", "hours", "days"
|
3787
3833
|
# resp.user_pool_client.read_attributes #=> Array
|
3788
3834
|
# resp.user_pool_client.read_attributes[0] #=> String
|
3789
3835
|
# resp.user_pool_client.write_attributes #=> Array
|
@@ -3883,10 +3929,15 @@ module Aws::CognitoIdentityProvider
|
|
3883
3929
|
# the `Username` parameter, you can use the username or user alias. The
|
3884
3930
|
# method used to send the confirmation code is sent according to the
|
3885
3931
|
# specified AccountRecoverySetting. For more information, see
|
3886
|
-
# [Recovering User Accounts]
|
3932
|
+
# [Recovering User Accounts][1] in the *Amazon Cognito Developer Guide*.
|
3887
3933
|
# If neither a verified phone number nor a verified email exists, an
|
3888
3934
|
# `InvalidParameterException` is thrown. To use the confirmation code
|
3889
|
-
# for resetting the password, call .
|
3935
|
+
# for resetting the password, call [ConfirmForgotPassword][2].
|
3936
|
+
#
|
3937
|
+
#
|
3938
|
+
#
|
3939
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html
|
3940
|
+
# [2]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html
|
3890
3941
|
#
|
3891
3942
|
# @option params [required, String] :client_id
|
3892
3943
|
# The ID of the client associated with the user pool.
|
@@ -4430,14 +4481,16 @@ module Aws::CognitoIdentityProvider
|
|
4430
4481
|
#
|
4431
4482
|
# * For `USER_SRP_AUTH`\: `USERNAME` (required), `SRP_A` (required),
|
4432
4483
|
# `SECRET_HASH` (required if the app client is configured with a
|
4433
|
-
# client secret), `DEVICE_KEY
|
4484
|
+
# client secret), `DEVICE_KEY`.
|
4434
4485
|
#
|
4435
4486
|
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN`\: `REFRESH_TOKEN` (required),
|
4436
4487
|
# `SECRET_HASH` (required if the app client is configured with a
|
4437
|
-
# client secret), `DEVICE_KEY
|
4488
|
+
# client secret), `DEVICE_KEY`.
|
4438
4489
|
#
|
4439
4490
|
# * For `CUSTOM_AUTH`\: `USERNAME` (required), `SECRET_HASH` (if app
|
4440
|
-
# client is configured with client secret), `DEVICE_KEY
|
4491
|
+
# client is configured with client secret), `DEVICE_KEY`. To start the
|
4492
|
+
# authentication flow with password verification, include
|
4493
|
+
# `ChallengeName: SRP_A` and `SRP_A: (The SRP_A Value)`.
|
4441
4494
|
#
|
4442
4495
|
# @option params [Hash<String,String>] :client_metadata
|
4443
4496
|
# A map of custom key-value pairs that you can provide as input for
|
@@ -5217,10 +5270,14 @@ module Aws::CognitoIdentityProvider
|
|
5217
5270
|
# The app client ID.
|
5218
5271
|
#
|
5219
5272
|
# @option params [required, String] :challenge_name
|
5220
|
-
# The challenge name. For more information, see .
|
5273
|
+
# The challenge name. For more information, see [InitiateAuth][1].
|
5221
5274
|
#
|
5222
5275
|
# `ADMIN_NO_SRP_AUTH` is not a valid value.
|
5223
5276
|
#
|
5277
|
+
#
|
5278
|
+
#
|
5279
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html
|
5280
|
+
#
|
5224
5281
|
# @option params [String] :session
|
5225
5282
|
# The session which should be passed both ways in challenge-response
|
5226
5283
|
# calls to the service. If `InitiateAuth` or `RespondToAuthChallenge`
|
@@ -5361,8 +5418,6 @@ module Aws::CognitoIdentityProvider
|
|
5361
5418
|
# To enable Amazon Cognito advanced security features, update the user
|
5362
5419
|
# pool to include the `UserPoolAddOns` key`AdvancedSecurityMode`.
|
5363
5420
|
#
|
5364
|
-
# See .
|
5365
|
-
#
|
5366
5421
|
# @option params [required, String] :user_pool_id
|
5367
5422
|
# The user pool ID.
|
5368
5423
|
#
|
@@ -5506,7 +5561,7 @@ module Aws::CognitoIdentityProvider
|
|
5506
5561
|
# @option params [String] :css
|
5507
5562
|
# The CSS values in the UI customization.
|
5508
5563
|
#
|
5509
|
-
# @option params [String,
|
5564
|
+
# @option params [String, StringIO, File] :image_file
|
5510
5565
|
# The uploaded logo image for the UI customization.
|
5511
5566
|
#
|
5512
5567
|
# @return [Types::SetUICustomizationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
@@ -5645,8 +5700,11 @@ module Aws::CognitoIdentityProvider
|
|
5645
5700
|
|
5646
5701
|
# *This action is no longer supported.* You can use it to configure only
|
5647
5702
|
# SMS MFA. You can't use it to configure TOTP software token MFA. To
|
5648
|
-
# configure either type of MFA, use
|
5649
|
-
#
|
5703
|
+
# configure either type of MFA, use [SetUserMFAPreference][1] instead.
|
5704
|
+
#
|
5705
|
+
#
|
5706
|
+
#
|
5707
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html
|
5650
5708
|
#
|
5651
5709
|
# @option params [required, String] :access_token
|
5652
5710
|
# The access token for the set user settings request.
|
@@ -6061,7 +6119,11 @@ module Aws::CognitoIdentityProvider
|
|
6061
6119
|
#
|
6062
6120
|
# @option params [Integer] :precedence
|
6063
6121
|
# The new precedence value for the group. For more information about
|
6064
|
-
# this parameter, see .
|
6122
|
+
# this parameter, see [CreateGroup][1].
|
6123
|
+
#
|
6124
|
+
#
|
6125
|
+
#
|
6126
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateGroup.html
|
6065
6127
|
#
|
6066
6128
|
# @return [Types::UpdateGroupResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
6067
6129
|
#
|
@@ -6294,11 +6356,16 @@ module Aws::CognitoIdentityProvider
|
|
6294
6356
|
end
|
6295
6357
|
|
6296
6358
|
# Updates the specified user pool with the specified attributes. You can
|
6297
|
-
# get a list of the current user pool settings
|
6359
|
+
# get a list of the current user pool settings using
|
6360
|
+
# [DescribeUserPool][1].
|
6298
6361
|
#
|
6299
6362
|
# If you don't provide a value for an attribute, it will be set to the
|
6300
6363
|
# default value.
|
6301
6364
|
#
|
6365
|
+
#
|
6366
|
+
#
|
6367
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html
|
6368
|
+
#
|
6302
6369
|
# @option params [required, String] :user_pool_id
|
6303
6370
|
# The user pool ID for the user pool you want to update.
|
6304
6371
|
#
|
@@ -6463,11 +6530,15 @@ module Aws::CognitoIdentityProvider
|
|
6463
6530
|
|
6464
6531
|
# Updates the specified user pool app client with the specified
|
6465
6532
|
# attributes. You can get a list of the current user pool app client
|
6466
|
-
# settings
|
6533
|
+
# settings using [DescribeUserPoolClient][1].
|
6467
6534
|
#
|
6468
6535
|
# If you don't provide a value for an attribute, it will be set to the
|
6469
6536
|
# default value.
|
6470
6537
|
#
|
6538
|
+
#
|
6539
|
+
#
|
6540
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html
|
6541
|
+
#
|
6471
6542
|
# @option params [required, String] :user_pool_id
|
6472
6543
|
# The user pool ID for the user pool where you want to update the user
|
6473
6544
|
# pool client.
|
@@ -6482,6 +6553,18 @@ module Aws::CognitoIdentityProvider
|
|
6482
6553
|
# The time limit, in days, after which the refresh token is no longer
|
6483
6554
|
# valid and cannot be used.
|
6484
6555
|
#
|
6556
|
+
# @option params [Integer] :access_token_validity
|
6557
|
+
# The time limit, after which the access token is no longer valid and
|
6558
|
+
# cannot be used.
|
6559
|
+
#
|
6560
|
+
# @option params [Integer] :id_token_validity
|
6561
|
+
# The time limit, after which the ID token is no longer valid and cannot
|
6562
|
+
# be used.
|
6563
|
+
#
|
6564
|
+
# @option params [Types::TokenValidityUnitsType] :token_validity_units
|
6565
|
+
# The units in which the validity times are represented in. Default for
|
6566
|
+
# RefreshToken is days, and default for ID and access tokens are hours.
|
6567
|
+
#
|
6485
6568
|
# @option params [Array<String>] :read_attributes
|
6486
6569
|
# The read-only attributes of the user pool.
|
6487
6570
|
#
|
@@ -6592,9 +6675,10 @@ module Aws::CognitoIdentityProvider
|
|
6592
6675
|
# The Amazon Pinpoint analytics configuration for collecting metrics for
|
6593
6676
|
# this user pool.
|
6594
6677
|
#
|
6595
|
-
# <note markdown="1">
|
6596
|
-
#
|
6597
|
-
#
|
6678
|
+
# <note markdown="1"> In regions where Pinpoint is not available, Cognito User Pools only
|
6679
|
+
# supports sending events to Amazon Pinpoint projects in us-east-1. In
|
6680
|
+
# regions where Pinpoint is available, Cognito User Pools will support
|
6681
|
+
# sending events to Amazon Pinpoint projects within that same region.
|
6598
6682
|
#
|
6599
6683
|
# </note>
|
6600
6684
|
#
|
@@ -6616,24 +6700,6 @@ module Aws::CognitoIdentityProvider
|
|
6616
6700
|
# * `LEGACY` - This represents the old behavior of Cognito where user
|
6617
6701
|
# existence related errors are not prevented.
|
6618
6702
|
#
|
6619
|
-
# This setting affects the behavior of following APIs:
|
6620
|
-
#
|
6621
|
-
# * AdminInitiateAuth
|
6622
|
-
#
|
6623
|
-
# * AdminRespondToAuthChallenge
|
6624
|
-
#
|
6625
|
-
# * InitiateAuth
|
6626
|
-
#
|
6627
|
-
# * RespondToAuthChallenge
|
6628
|
-
#
|
6629
|
-
# * ForgotPassword
|
6630
|
-
#
|
6631
|
-
# * ConfirmForgotPassword
|
6632
|
-
#
|
6633
|
-
# * ConfirmSignUp
|
6634
|
-
#
|
6635
|
-
# * ResendConfirmationCode
|
6636
|
-
#
|
6637
6703
|
# <note markdown="1"> After February 15th 2020, the value of `PreventUserExistenceErrors`
|
6638
6704
|
# will default to `ENABLED` for newly created user pool clients if no
|
6639
6705
|
# value is provided.
|
@@ -6651,6 +6717,13 @@ module Aws::CognitoIdentityProvider
|
|
6651
6717
|
# client_id: "ClientIdType", # required
|
6652
6718
|
# client_name: "ClientNameType",
|
6653
6719
|
# refresh_token_validity: 1,
|
6720
|
+
# access_token_validity: 1,
|
6721
|
+
# id_token_validity: 1,
|
6722
|
+
# token_validity_units: {
|
6723
|
+
# access_token: "seconds", # accepts seconds, minutes, hours, days
|
6724
|
+
# id_token: "seconds", # accepts seconds, minutes, hours, days
|
6725
|
+
# refresh_token: "seconds", # accepts seconds, minutes, hours, days
|
6726
|
+
# },
|
6654
6727
|
# read_attributes: ["ClientPermissionType"],
|
6655
6728
|
# write_attributes: ["ClientPermissionType"],
|
6656
6729
|
# explicit_auth_flows: ["ADMIN_NO_SRP_AUTH"], # accepts ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH
|
@@ -6679,6 +6752,11 @@ module Aws::CognitoIdentityProvider
|
|
6679
6752
|
# resp.user_pool_client.last_modified_date #=> Time
|
6680
6753
|
# resp.user_pool_client.creation_date #=> Time
|
6681
6754
|
# resp.user_pool_client.refresh_token_validity #=> Integer
|
6755
|
+
# resp.user_pool_client.access_token_validity #=> Integer
|
6756
|
+
# resp.user_pool_client.id_token_validity #=> Integer
|
6757
|
+
# resp.user_pool_client.token_validity_units.access_token #=> String, one of "seconds", "minutes", "hours", "days"
|
6758
|
+
# resp.user_pool_client.token_validity_units.id_token #=> String, one of "seconds", "minutes", "hours", "days"
|
6759
|
+
# resp.user_pool_client.token_validity_units.refresh_token #=> String, one of "seconds", "minutes", "hours", "days"
|
6682
6760
|
# resp.user_pool_client.read_attributes #=> Array
|
6683
6761
|
# resp.user_pool_client.read_attributes[0] #=> String
|
6684
6762
|
# resp.user_pool_client.write_attributes #=> Array
|
@@ -6804,6 +6882,11 @@ module Aws::CognitoIdentityProvider
|
|
6804
6882
|
#
|
6805
6883
|
# @option params [required, String] :user_code
|
6806
6884
|
# The one time password computed using the secret code returned by
|
6885
|
+
# [AssociateSoftwareToken"][1].
|
6886
|
+
#
|
6887
|
+
#
|
6888
|
+
#
|
6889
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AssociateSoftwareToken.html
|
6807
6890
|
#
|
6808
6891
|
# @option params [String] :friendly_device_name
|
6809
6892
|
# The friendly device name.
|
@@ -6879,7 +6962,7 @@ module Aws::CognitoIdentityProvider
|
|
6879
6962
|
params: params,
|
6880
6963
|
config: config)
|
6881
6964
|
context[:gem_name] = 'aws-sdk-cognitoidentityprovider'
|
6882
|
-
context[:gem_version] = '1.
|
6965
|
+
context[:gem_version] = '1.43.0'
|
6883
6966
|
Seahorse::Client::Request.new(handlers, context)
|
6884
6967
|
end
|
6885
6968
|
|