aws-sdk-cognitoidentityprovider 1.50.0 → 1.54.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2a2ad06d5689bad34d9a5f7ff0e885838ea1cf89e5cbfe396818ca00712074cd
4
- data.tar.gz: ee20b6499bd2880d2db93ad9f32878a10d9161ee2463b15cdd152262c3e6ce12
3
+ metadata.gz: 620c9a34714d58754d0b3478702e781db005442b730ec54a3bac40412289d4f7
4
+ data.tar.gz: 77a670ca0c6ff8d35bf69dc80530dc74358229081c28fb10a4b4ce127424c78d
5
5
  SHA512:
6
- metadata.gz: 8f19c84d71d568deedb942a51d791d0e90cfe0edf50e3d9cb8bdbe6dcc24339132afff2b8f0183e0dc41cc90272fd7ff9dc76493becf42e95b6eca99b18fcf3f
7
- data.tar.gz: 61f84679de160e86a4bf502543d866cab182a660dc5d55517de61c1f31280a38399df959fb5be7d991f87836519bd075c185377b87248e7e12a6e74a79b9bbfb
6
+ metadata.gz: 2ec23af280652510382d2eb11aedd05281aa9ca7037dc6f7ca3cbc3b36b4d8572d3d0f203fa196be8dc76dccdfa84f892218327ae0fe7df078db98d75c4670e5
7
+ data.tar.gz: 2d60ab479fdae25acc0ce6920f3f72ab6a843bc4ec3edd4b5d9ce5b23f03da8059d4749f94667ca5de1e1542c198a9f470cfa7480248e59abe52532c6f5ea7d2
data/CHANGELOG.md CHANGED
@@ -1,6 +1,26 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.54.0 (2021-07-15)
5
+ ------------------
6
+
7
+ * Feature - Documentation updates for cognito-idp
8
+
9
+ 1.53.0 (2021-06-10)
10
+ ------------------
11
+
12
+ * Feature - Amazon Cognito now supports targeted sign out through refresh token revocation
13
+
14
+ 1.52.0 (2021-06-08)
15
+ ------------------
16
+
17
+ * Feature - Documentation updates for cognito-idp
18
+
19
+ 1.51.0 (2021-04-22)
20
+ ------------------
21
+
22
+ * Feature - Documentation updates for cognito-idp
23
+
4
24
  1.50.0 (2021-03-10)
5
25
  ------------------
6
26
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.50.0
1
+ 1.54.0
@@ -48,6 +48,6 @@ require_relative 'aws-sdk-cognitoidentityprovider/customizations'
48
48
  # @!group service
49
49
  module Aws::CognitoIdentityProvider
50
50
 
51
- GEM_VERSION = '1.50.0'
51
+ GEM_VERSION = '1.54.0'
52
52
 
53
53
  end
@@ -428,14 +428,14 @@ module Aws::CognitoIdentityProvider
428
428
  # custom workflows that this action triggers.
429
429
  #
430
430
  # If your user pool configuration includes triggers, the
431
- # AdminConfirmSignUp API action invokes the AWS Lambda function that is
431
+ # AdminConfirmSignUp API action invokes the Lambda function that is
432
432
  # specified for the *post confirmation* trigger. When Amazon Cognito
433
433
  # invokes this function, it passes a JSON payload, which the function
434
434
  # receives as input. In this payload, the `clientMetadata` attribute
435
435
  # provides the data that you assigned to the ClientMetadata parameter in
436
- # your AdminConfirmSignUp request. In your function code in AWS Lambda,
437
- # you can process the ClientMetadata value to enhance your workflow for
438
- # your specific needs.
436
+ # your AdminConfirmSignUp request. In your function code in Lambda, you
437
+ # can process the ClientMetadata value to enhance your workflow for your
438
+ # specific needs.
439
439
  #
440
440
  # For more information, see [Customizing User Pool Workflows with Lambda
441
441
  # Triggers][1] in the *Amazon Cognito Developer Guide*.
@@ -444,9 +444,9 @@ module Aws::CognitoIdentityProvider
444
444
  # ClientMetadata parameter:
445
445
  #
446
446
  # * Amazon Cognito does not store the ClientMetadata value. This data is
447
- # available only to AWS Lambda triggers that are assigned to a user
448
- # pool to support custom workflows. If your user pool configuration
449
- # does not include triggers, the ClientMetadata parameter serves no
447
+ # available only to Lambda triggers that are assigned to a user pool
448
+ # to support custom workflows. If your user pool configuration does
449
+ # not include triggers, the ClientMetadata parameter serves no
450
450
  # purpose.
451
451
  #
452
452
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -486,6 +486,27 @@ module Aws::CognitoIdentityProvider
486
486
  # If `MessageAction` is not set, the default is to send a welcome
487
487
  # message via email or phone (SMS).
488
488
  #
489
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
490
+ # U.S. telecom carriers require that you register an origination phone
491
+ # number before you can send SMS messages to U.S. phone numbers. If you
492
+ # use SMS text messages in Amazon Cognito, you must register a phone
493
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
494
+ # number automatically. Otherwise, Cognito users that must receive SMS
495
+ # messages might be unable to sign up, activate their accounts, or sign
496
+ # in.
497
+ #
498
+ # If you have never used SMS text messages with Amazon Cognito or any
499
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
500
+ # sandbox. In <i> <a
501
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
502
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
503
+ # only verified phone numbers. After testing in the sandbox environment,
504
+ # you can move out of the SMS sandbox and into production. For more
505
+ # information, see [ SMS message settings for Cognito User Pools][2] in
506
+ # the *Amazon Cognito Developer Guide*.
507
+ #
508
+ # </note>
509
+ #
489
510
  # This message is based on a template that you configured in your call
490
511
  # to create or update a user pool. This template includes your custom
491
512
  # sign-up instructions and placeholders for user name and temporary
@@ -499,6 +520,11 @@ module Aws::CognitoIdentityProvider
499
520
  #
500
521
  # `AdminCreateUser` requires developer credentials.
501
522
  #
523
+ #
524
+ #
525
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
526
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
527
+ #
502
528
  # @option params [required, String] :user_pool_id
503
529
  # The user pool ID for the user pool where the user will be created.
504
530
  #
@@ -604,14 +630,14 @@ module Aws::CognitoIdentityProvider
604
630
  # A map of custom key-value pairs that you can provide as input for any
605
631
  # custom workflows that this action triggers.
606
632
  #
607
- # You create custom workflows by assigning AWS Lambda functions to user
608
- # pool triggers. When you use the AdminCreateUser API action, Amazon
609
- # Cognito invokes the function that is assigned to the *pre sign-up*
610
- # trigger. When Amazon Cognito invokes this function, it passes a JSON
611
- # payload, which the function receives as input. This payload contains a
633
+ # You create custom workflows by assigning Lambda functions to user pool
634
+ # triggers. When you use the AdminCreateUser API action, Amazon Cognito
635
+ # invokes the function that is assigned to the *pre sign-up* trigger.
636
+ # When Amazon Cognito invokes this function, it passes a JSON payload,
637
+ # which the function receives as input. This payload contains a
612
638
  # `clientMetadata` attribute, which provides the data that you assigned
613
639
  # to the ClientMetadata parameter in your AdminCreateUser request. In
614
- # your function code in AWS Lambda, you can process the `clientMetadata`
640
+ # your function code in Lambda, you can process the `clientMetadata`
615
641
  # value to enhance your workflow for your specific needs.
616
642
  #
617
643
  # For more information, see [Customizing User Pool Workflows with Lambda
@@ -621,9 +647,9 @@ module Aws::CognitoIdentityProvider
621
647
  # ClientMetadata parameter:
622
648
  #
623
649
  # * Amazon Cognito does not store the ClientMetadata value. This data is
624
- # available only to AWS Lambda triggers that are assigned to a user
625
- # pool to support custom workflows. If your user pool configuration
626
- # does not include triggers, the ClientMetadata parameter serves no
650
+ # available only to Lambda triggers that are assigned to a user pool
651
+ # to support custom workflows. If your user pool configuration does
652
+ # not include triggers, the ClientMetadata parameter serves no
627
653
  # purpose.
628
654
  #
629
655
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -1015,8 +1041,34 @@ module Aws::CognitoIdentityProvider
1015
1041
 
1016
1042
  # Initiates the authentication flow, as an administrator.
1017
1043
  #
1044
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
1045
+ # U.S. telecom carriers require that you register an origination phone
1046
+ # number before you can send SMS messages to U.S. phone numbers. If you
1047
+ # use SMS text messages in Amazon Cognito, you must register a phone
1048
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
1049
+ # number automatically. Otherwise, Cognito users that must receive SMS
1050
+ # messages might be unable to sign up, activate their accounts, or sign
1051
+ # in.
1052
+ #
1053
+ # If you have never used SMS text messages with Amazon Cognito or any
1054
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
1055
+ # sandbox. In <i> <a
1056
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
1057
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
1058
+ # only verified phone numbers. After testing in the sandbox environment,
1059
+ # you can move out of the SMS sandbox and into production. For more
1060
+ # information, see [ SMS message settings for Cognito User Pools][2] in
1061
+ # the *Amazon Cognito Developer Guide*.
1062
+ #
1063
+ # </note>
1064
+ #
1018
1065
  # Calling this action requires developer credentials.
1019
1066
  #
1067
+ #
1068
+ #
1069
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
1070
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
1071
+ #
1020
1072
  # @option params [required, String] :user_pool_id
1021
1073
  # The ID of the Amazon Cognito user pool.
1022
1074
  #
@@ -1087,11 +1139,11 @@ module Aws::CognitoIdentityProvider
1087
1139
  # A map of custom key-value pairs that you can provide as input for
1088
1140
  # certain custom workflows that this action triggers.
1089
1141
  #
1090
- # You create custom workflows by assigning AWS Lambda functions to user
1091
- # pool triggers. When you use the AdminInitiateAuth API action, Amazon
1092
- # Cognito invokes the AWS Lambda functions that are specified for
1093
- # various triggers. The ClientMetadata value is passed as input to the
1094
- # functions for only the following triggers:
1142
+ # You create custom workflows by assigning Lambda functions to user pool
1143
+ # triggers. When you use the AdminInitiateAuth API action, Amazon
1144
+ # Cognito invokes the Lambda functions that are specified for various
1145
+ # triggers. The ClientMetadata value is passed as input to the functions
1146
+ # for only the following triggers:
1095
1147
  #
1096
1148
  # * Pre signup
1097
1149
  #
@@ -1103,9 +1155,9 @@ module Aws::CognitoIdentityProvider
1103
1155
  # passes a JSON payload, which the function receives as input. This
1104
1156
  # payload contains a `validationData` attribute, which provides the data
1105
1157
  # that you assigned to the ClientMetadata parameter in your
1106
- # AdminInitiateAuth request. In your function code in AWS Lambda, you
1107
- # can process the `validationData` value to enhance your workflow for
1108
- # your specific needs.
1158
+ # AdminInitiateAuth request. In your function code in Lambda, you can
1159
+ # process the `validationData` value to enhance your workflow for your
1160
+ # specific needs.
1109
1161
  #
1110
1162
  # When you use the AdminInitiateAuth API action, Amazon Cognito also
1111
1163
  # invokes the functions for the following triggers, but it does not
@@ -1130,9 +1182,9 @@ module Aws::CognitoIdentityProvider
1130
1182
  # ClientMetadata parameter:
1131
1183
  #
1132
1184
  # * Amazon Cognito does not store the ClientMetadata value. This data is
1133
- # available only to AWS Lambda triggers that are assigned to a user
1134
- # pool to support custom workflows. If your user pool configuration
1135
- # does not include triggers, the ClientMetadata parameter serves no
1185
+ # available only to Lambda triggers that are assigned to a user pool
1186
+ # to support custom workflows. If your user pool configuration does
1187
+ # not include triggers, the ClientMetadata parameter serves no
1136
1188
  # purpose.
1137
1189
  #
1138
1190
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -1526,8 +1578,34 @@ module Aws::CognitoIdentityProvider
1526
1578
  # in sending a message to the end user with the code to change their
1527
1579
  # password.
1528
1580
  #
1581
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
1582
+ # U.S. telecom carriers require that you register an origination phone
1583
+ # number before you can send SMS messages to U.S. phone numbers. If you
1584
+ # use SMS text messages in Amazon Cognito, you must register a phone
1585
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
1586
+ # number automatically. Otherwise, Cognito users that must receive SMS
1587
+ # messages might be unable to sign up, activate their accounts, or sign
1588
+ # in.
1589
+ #
1590
+ # If you have never used SMS text messages with Amazon Cognito or any
1591
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
1592
+ # sandbox. In <i> <a
1593
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
1594
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
1595
+ # only verified phone numbers. After testing in the sandbox environment,
1596
+ # you can move out of the SMS sandbox and into production. For more
1597
+ # information, see [ SMS message settings for Cognito User Pools][2] in
1598
+ # the *Amazon Cognito Developer Guide*.
1599
+ #
1600
+ # </note>
1601
+ #
1529
1602
  # Calling this action requires developer credentials.
1530
1603
  #
1604
+ #
1605
+ #
1606
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
1607
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
1608
+ #
1531
1609
  # @option params [required, String] :user_pool_id
1532
1610
  # The user pool ID for the user pool where you want to reset the user's
1533
1611
  # password.
@@ -1539,16 +1617,16 @@ module Aws::CognitoIdentityProvider
1539
1617
  # A map of custom key-value pairs that you can provide as input for any
1540
1618
  # custom workflows that this action triggers.
1541
1619
  #
1542
- # You create custom workflows by assigning AWS Lambda functions to user
1543
- # pool triggers. When you use the AdminResetUserPassword API action,
1544
- # Amazon Cognito invokes the function that is assigned to the *custom
1545
- # message* trigger. When Amazon Cognito invokes this function, it passes
1546
- # a JSON payload, which the function receives as input. This payload
1547
- # contains a `clientMetadata` attribute, which provides the data that
1548
- # you assigned to the ClientMetadata parameter in your
1549
- # AdminResetUserPassword request. In your function code in AWS Lambda,
1550
- # you can process the `clientMetadata` value to enhance your workflow
1551
- # for your specific needs.
1620
+ # You create custom workflows by assigning Lambda functions to user pool
1621
+ # triggers. When you use the AdminResetUserPassword API action, Amazon
1622
+ # Cognito invokes the function that is assigned to the *custom message*
1623
+ # trigger. When Amazon Cognito invokes this function, it passes a JSON
1624
+ # payload, which the function receives as input. This payload contains a
1625
+ # `clientMetadata` attribute, which provides the data that you assigned
1626
+ # to the ClientMetadata parameter in your AdminResetUserPassword
1627
+ # request. In your function code in Lambda, you can process the
1628
+ # `clientMetadata` value to enhance your workflow for your specific
1629
+ # needs.
1552
1630
  #
1553
1631
  # For more information, see [Customizing User Pool Workflows with Lambda
1554
1632
  # Triggers][1] in the *Amazon Cognito Developer Guide*.
@@ -1557,9 +1635,9 @@ module Aws::CognitoIdentityProvider
1557
1635
  # ClientMetadata parameter:
1558
1636
  #
1559
1637
  # * Amazon Cognito does not store the ClientMetadata value. This data is
1560
- # available only to AWS Lambda triggers that are assigned to a user
1561
- # pool to support custom workflows. If your user pool configuration
1562
- # does not include triggers, the ClientMetadata parameter serves no
1638
+ # available only to Lambda triggers that are assigned to a user pool
1639
+ # to support custom workflows. If your user pool configuration does
1640
+ # not include triggers, the ClientMetadata parameter serves no
1563
1641
  # purpose.
1564
1642
  #
1565
1643
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -1596,8 +1674,34 @@ module Aws::CognitoIdentityProvider
1596
1674
 
1597
1675
  # Responds to an authentication challenge, as an administrator.
1598
1676
  #
1677
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
1678
+ # U.S. telecom carriers require that you register an origination phone
1679
+ # number before you can send SMS messages to U.S. phone numbers. If you
1680
+ # use SMS text messages in Amazon Cognito, you must register a phone
1681
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
1682
+ # number automatically. Otherwise, Cognito users that must receive SMS
1683
+ # messages might be unable to sign up, activate their accounts, or sign
1684
+ # in.
1685
+ #
1686
+ # If you have never used SMS text messages with Amazon Cognito or any
1687
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
1688
+ # sandbox. In <i> <a
1689
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
1690
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
1691
+ # only verified phone numbers. After testing in the sandbox environment,
1692
+ # you can move out of the SMS sandbox and into production. For more
1693
+ # information, see [ SMS message settings for Cognito User Pools][2] in
1694
+ # the *Amazon Cognito Developer Guide*.
1695
+ #
1696
+ # </note>
1697
+ #
1599
1698
  # Calling this action requires developer credentials.
1600
1699
  #
1700
+ #
1701
+ #
1702
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
1703
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
1704
+ #
1601
1705
  # @option params [required, String] :user_pool_id
1602
1706
  # The ID of the Amazon Cognito user pool.
1603
1707
  #
@@ -1629,6 +1733,9 @@ module Aws::CognitoIdentityProvider
1629
1733
  # attributes, `USERNAME`, `SECRET_HASH` (if app client is configured
1630
1734
  # with client secret).
1631
1735
  #
1736
+ # * `MFA_SETUP` requires `USERNAME`, plus you need to use the session
1737
+ # value returned by `VerifySoftwareToken` in the `Session` parameter.
1738
+ #
1632
1739
  # The value of the `USERNAME` attribute must be the user's actual
1633
1740
  # username, not an alias (such as email address or phone number). To
1634
1741
  # make this easier, the `AdminInitiateAuth` response includes the actual
@@ -1656,9 +1763,9 @@ module Aws::CognitoIdentityProvider
1656
1763
  # A map of custom key-value pairs that you can provide as input for any
1657
1764
  # custom workflows that this action triggers.
1658
1765
  #
1659
- # You create custom workflows by assigning AWS Lambda functions to user
1660
- # pool triggers. When you use the AdminRespondToAuthChallenge API
1661
- # action, Amazon Cognito invokes any functions that are assigned to the
1766
+ # You create custom workflows by assigning Lambda functions to user pool
1767
+ # triggers. When you use the AdminRespondToAuthChallenge API action,
1768
+ # Amazon Cognito invokes any functions that are assigned to the
1662
1769
  # following triggers: *pre sign-up*, *custom message*, *post
1663
1770
  # authentication*, *user migration*, *pre token generation*, *define
1664
1771
  # auth challenge*, *create auth challenge*, and *verify auth challenge
@@ -1666,9 +1773,9 @@ module Aws::CognitoIdentityProvider
1666
1773
  # passes a JSON payload, which the function receives as input. This
1667
1774
  # payload contains a `clientMetadata` attribute, which provides the data
1668
1775
  # that you assigned to the ClientMetadata parameter in your
1669
- # AdminRespondToAuthChallenge request. In your function code in AWS
1670
- # Lambda, you can process the `clientMetadata` value to enhance your
1671
- # workflow for your specific needs.
1776
+ # AdminRespondToAuthChallenge request. In your function code in Lambda,
1777
+ # you can process the `clientMetadata` value to enhance your workflow
1778
+ # for your specific needs.
1672
1779
  #
1673
1780
  # For more information, see [Customizing User Pool Workflows with Lambda
1674
1781
  # Triggers][1] in the *Amazon Cognito Developer Guide*.
@@ -1677,9 +1784,9 @@ module Aws::CognitoIdentityProvider
1677
1784
  # ClientMetadata parameter:
1678
1785
  #
1679
1786
  # * Amazon Cognito does not store the ClientMetadata value. This data is
1680
- # available only to AWS Lambda triggers that are assigned to a user
1681
- # pool to support custom workflows. If your user pool configuration
1682
- # does not include triggers, the ClientMetadata parameter serves no
1787
+ # available only to Lambda triggers that are assigned to a user pool
1788
+ # to support custom workflows. If your user pool configuration does
1789
+ # not include triggers, the ClientMetadata parameter serves no
1683
1790
  # purpose.
1684
1791
  #
1685
1792
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -1971,8 +2078,34 @@ module Aws::CognitoIdentityProvider
1971
2078
  # In addition to updating user attributes, this API can also be used to
1972
2079
  # mark phone and email as verified.
1973
2080
  #
2081
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
2082
+ # U.S. telecom carriers require that you register an origination phone
2083
+ # number before you can send SMS messages to U.S. phone numbers. If you
2084
+ # use SMS text messages in Amazon Cognito, you must register a phone
2085
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
2086
+ # number automatically. Otherwise, Cognito users that must receive SMS
2087
+ # messages might be unable to sign up, activate their accounts, or sign
2088
+ # in.
2089
+ #
2090
+ # If you have never used SMS text messages with Amazon Cognito or any
2091
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
2092
+ # sandbox. In <i> <a
2093
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
2094
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
2095
+ # only verified phone numbers. After testing in the sandbox environment,
2096
+ # you can move out of the SMS sandbox and into production. For more
2097
+ # information, see [ SMS message settings for Cognito User Pools][2] in
2098
+ # the *Amazon Cognito Developer Guide*.
2099
+ #
2100
+ # </note>
2101
+ #
1974
2102
  # Calling this action requires developer credentials.
1975
2103
  #
2104
+ #
2105
+ #
2106
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
2107
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
2108
+ #
1976
2109
  # @option params [required, String] :user_pool_id
1977
2110
  # The user pool ID for the user pool where you want to update user
1978
2111
  # attributes.
@@ -1990,16 +2123,16 @@ module Aws::CognitoIdentityProvider
1990
2123
  # A map of custom key-value pairs that you can provide as input for any
1991
2124
  # custom workflows that this action triggers.
1992
2125
  #
1993
- # You create custom workflows by assigning AWS Lambda functions to user
1994
- # pool triggers. When you use the AdminUpdateUserAttributes API action,
2126
+ # You create custom workflows by assigning Lambda functions to user pool
2127
+ # triggers. When you use the AdminUpdateUserAttributes API action,
1995
2128
  # Amazon Cognito invokes the function that is assigned to the *custom
1996
2129
  # message* trigger. When Amazon Cognito invokes this function, it passes
1997
2130
  # a JSON payload, which the function receives as input. This payload
1998
2131
  # contains a `clientMetadata` attribute, which provides the data that
1999
2132
  # you assigned to the ClientMetadata parameter in your
2000
- # AdminUpdateUserAttributes request. In your function code in AWS
2001
- # Lambda, you can process the `clientMetadata` value to enhance your
2002
- # workflow for your specific needs.
2133
+ # AdminUpdateUserAttributes request. In your function code in Lambda,
2134
+ # you can process the `clientMetadata` value to enhance your workflow
2135
+ # for your specific needs.
2003
2136
  #
2004
2137
  # For more information, see [Customizing User Pool Workflows with Lambda
2005
2138
  # Triggers][1] in the *Amazon Cognito Developer Guide*.
@@ -2008,9 +2141,9 @@ module Aws::CognitoIdentityProvider
2008
2141
  # ClientMetadata parameter:
2009
2142
  #
2010
2143
  # * Amazon Cognito does not store the ClientMetadata value. This data is
2011
- # available only to AWS Lambda triggers that are assigned to a user
2012
- # pool to support custom workflows. If your user pool configuration
2013
- # does not include triggers, the ClientMetadata parameter serves no
2144
+ # available only to Lambda triggers that are assigned to a user pool
2145
+ # to support custom workflows. If your user pool configuration does
2146
+ # not include triggers, the ClientMetadata parameter serves no
2014
2147
  # purpose.
2015
2148
  #
2016
2149
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -2086,6 +2219,16 @@ module Aws::CognitoIdentityProvider
2086
2219
  # account. The request takes an access token or a session string, but
2087
2220
  # not both.
2088
2221
  #
2222
+ # <note markdown="1"> Calling AssociateSoftwareToken immediately disassociates the existing
2223
+ # software token from the user account. If the user doesn't
2224
+ # subsequently verify the software token, their account is essentially
2225
+ # set up to authenticate without MFA. If MFA config is set to Optional
2226
+ # at the user pool level, the user can then login without MFA. However,
2227
+ # if MFA is set to Required for the user pool, the user will be asked to
2228
+ # setup a new software token MFA during sign in.
2229
+ #
2230
+ # </note>
2231
+ #
2089
2232
  # @option params [String] :access_token
2090
2233
  # The access token.
2091
2234
  #
@@ -2234,16 +2377,16 @@ module Aws::CognitoIdentityProvider
2234
2377
  # A map of custom key-value pairs that you can provide as input for any
2235
2378
  # custom workflows that this action triggers.
2236
2379
  #
2237
- # You create custom workflows by assigning AWS Lambda functions to user
2238
- # pool triggers. When you use the ConfirmForgotPassword API action,
2239
- # Amazon Cognito invokes the function that is assigned to the *post
2380
+ # You create custom workflows by assigning Lambda functions to user pool
2381
+ # triggers. When you use the ConfirmForgotPassword API action, Amazon
2382
+ # Cognito invokes the function that is assigned to the *post
2240
2383
  # confirmation* trigger. When Amazon Cognito invokes this function, it
2241
2384
  # passes a JSON payload, which the function receives as input. This
2242
2385
  # payload contains a `clientMetadata` attribute, which provides the data
2243
2386
  # that you assigned to the ClientMetadata parameter in your
2244
- # ConfirmForgotPassword request. In your function code in AWS Lambda,
2245
- # you can process the `clientMetadata` value to enhance your workflow
2246
- # for your specific needs.
2387
+ # ConfirmForgotPassword request. In your function code in Lambda, you
2388
+ # can process the `clientMetadata` value to enhance your workflow for
2389
+ # your specific needs.
2247
2390
  #
2248
2391
  # For more information, see [Customizing User Pool Workflows with Lambda
2249
2392
  # Triggers][1] in the *Amazon Cognito Developer Guide*.
@@ -2252,9 +2395,9 @@ module Aws::CognitoIdentityProvider
2252
2395
  # ClientMetadata parameter:
2253
2396
  #
2254
2397
  # * Amazon Cognito does not store the ClientMetadata value. This data is
2255
- # available only to AWS Lambda triggers that are assigned to a user
2256
- # pool to support custom workflows. If your user pool configuration
2257
- # does not include triggers, the ClientMetadata parameter serves no
2398
+ # available only to Lambda triggers that are assigned to a user pool
2399
+ # to support custom workflows. If your user pool configuration does
2400
+ # not include triggers, the ClientMetadata parameter serves no
2258
2401
  # purpose.
2259
2402
  #
2260
2403
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -2338,16 +2481,15 @@ module Aws::CognitoIdentityProvider
2338
2481
  # A map of custom key-value pairs that you can provide as input for any
2339
2482
  # custom workflows that this action triggers.
2340
2483
  #
2341
- # You create custom workflows by assigning AWS Lambda functions to user
2342
- # pool triggers. When you use the ConfirmSignUp API action, Amazon
2343
- # Cognito invokes the function that is assigned to the *post
2344
- # confirmation* trigger. When Amazon Cognito invokes this function, it
2345
- # passes a JSON payload, which the function receives as input. This
2346
- # payload contains a `clientMetadata` attribute, which provides the data
2347
- # that you assigned to the ClientMetadata parameter in your
2348
- # ConfirmSignUp request. In your function code in AWS Lambda, you can
2349
- # process the `clientMetadata` value to enhance your workflow for your
2350
- # specific needs.
2484
+ # You create custom workflows by assigning Lambda functions to user pool
2485
+ # triggers. When you use the ConfirmSignUp API action, Amazon Cognito
2486
+ # invokes the function that is assigned to the *post confirmation*
2487
+ # trigger. When Amazon Cognito invokes this function, it passes a JSON
2488
+ # payload, which the function receives as input. This payload contains a
2489
+ # `clientMetadata` attribute, which provides the data that you assigned
2490
+ # to the ClientMetadata parameter in your ConfirmSignUp request. In your
2491
+ # function code in Lambda, you can process the `clientMetadata` value to
2492
+ # enhance your workflow for your specific needs.
2351
2493
  #
2352
2494
  # For more information, see [Customizing User Pool Workflows with Lambda
2353
2495
  # Triggers][1] in the *Amazon Cognito Developer Guide*.
@@ -2356,9 +2498,9 @@ module Aws::CognitoIdentityProvider
2356
2498
  # ClientMetadata parameter:
2357
2499
  #
2358
2500
  # * Amazon Cognito does not store the ClientMetadata value. This data is
2359
- # available only to AWS Lambda triggers that are assigned to a user
2360
- # pool to support custom workflows. If your user pool configuration
2361
- # does not include triggers, the ClientMetadata parameter serves no
2501
+ # available only to Lambda triggers that are assigned to a user pool
2502
+ # to support custom workflows. If your user pool configuration does
2503
+ # not include triggers, the ClientMetadata parameter serves no
2362
2504
  # purpose.
2363
2505
  #
2364
2506
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -2701,6 +2843,32 @@ module Aws::CognitoIdentityProvider
2701
2843
  # Creates a new Amazon Cognito user pool and sets the password policy
2702
2844
  # for the pool.
2703
2845
  #
2846
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
2847
+ # U.S. telecom carriers require that you register an origination phone
2848
+ # number before you can send SMS messages to U.S. phone numbers. If you
2849
+ # use SMS text messages in Amazon Cognito, you must register a phone
2850
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
2851
+ # number automatically. Otherwise, Cognito users that must receive SMS
2852
+ # messages might be unable to sign up, activate their accounts, or sign
2853
+ # in.
2854
+ #
2855
+ # If you have never used SMS text messages with Amazon Cognito or any
2856
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
2857
+ # sandbox. In <i> <a
2858
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
2859
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
2860
+ # only verified phone numbers. After testing in the sandbox environment,
2861
+ # you can move out of the SMS sandbox and into production. For more
2862
+ # information, see [ SMS message settings for Cognito User Pools][2] in
2863
+ # the *Amazon Cognito Developer Guide*.
2864
+ #
2865
+ # </note>
2866
+ #
2867
+ #
2868
+ #
2869
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
2870
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
2871
+ #
2704
2872
  # @option params [required, String] :pool_name
2705
2873
  # A string used to name the user pool.
2706
2874
  #
@@ -2720,7 +2888,7 @@ module Aws::CognitoIdentityProvider
2720
2888
  # For more information on using the Lambda API to add permission, see [
2721
2889
  # AddPermission ][1].
2722
2890
  #
2723
- # For adding permission using the AWS CLI, see [ add-permission ][2].
2891
+ # For adding permission using the CLI, see [ add-permission ][2].
2724
2892
  #
2725
2893
  # </note>
2726
2894
  #
@@ -3026,6 +3194,14 @@ module Aws::CognitoIdentityProvider
3026
3194
 
3027
3195
  # Creates the user pool client.
3028
3196
  #
3197
+ # When you create a new user pool client, token revocation is
3198
+ # automatically enabled. For more information about revoking tokens, see
3199
+ # [RevokeToken][1].
3200
+ #
3201
+ #
3202
+ #
3203
+ # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
3204
+ #
3029
3205
  # @option params [required, String] :user_pool_id
3030
3206
  # The user pool ID for the user pool where you want to create a user
3031
3207
  # pool client.
@@ -3168,8 +3344,8 @@ module Aws::CognitoIdentityProvider
3168
3344
  # @option params [Array<String>] :allowed_o_auth_scopes
3169
3345
  # The allowed OAuth scopes. Possible values provided by OAuth are:
3170
3346
  # `phone`, `email`, `openid`, and `profile`. Possible values provided by
3171
- # AWS are: `aws.cognito.signin.user.admin`. Custom scopes created in
3172
- # Resource Servers are also supported.
3347
+ # Amazon Web Services are: `aws.cognito.signin.user.admin`. Custom
3348
+ # scopes created in Resource Servers are also supported.
3173
3349
  #
3174
3350
  # @option params [Boolean] :allowed_o_auth_flows_user_pool_client
3175
3351
  # Set to true if the client is allowed to follow the OAuth protocol when
@@ -3210,6 +3386,17 @@ module Aws::CognitoIdentityProvider
3210
3386
  #
3211
3387
  # </note>
3212
3388
  #
3389
+ # @option params [Boolean] :enable_token_revocation
3390
+ # Enables or disables token revocation. For more information about
3391
+ # revoking tokens, see [RevokeToken][1].
3392
+ #
3393
+ # If you don't include this parameter, token revocation is
3394
+ # automatically enabled for the new user pool client.
3395
+ #
3396
+ #
3397
+ #
3398
+ # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
3399
+ #
3213
3400
  # @return [Types::CreateUserPoolClientResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3214
3401
  #
3215
3402
  # * {Types::CreateUserPoolClientResponse#user_pool_client #user_pool_client} => Types::UserPoolClientType
@@ -3246,6 +3433,7 @@ module Aws::CognitoIdentityProvider
3246
3433
  # user_data_shared: false,
3247
3434
  # },
3248
3435
  # prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
3436
+ # enable_token_revocation: false,
3249
3437
  # })
3250
3438
  #
3251
3439
  # @example Response structure
@@ -3286,6 +3474,7 @@ module Aws::CognitoIdentityProvider
3286
3474
  # resp.user_pool_client.analytics_configuration.external_id #=> String
3287
3475
  # resp.user_pool_client.analytics_configuration.user_data_shared #=> Boolean
3288
3476
  # resp.user_pool_client.prevent_user_existence_errors #=> String, one of "LEGACY", "ENABLED"
3477
+ # resp.user_pool_client.enable_token_revocation #=> Boolean
3289
3478
  #
3290
3479
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolClient AWS API Documentation
3291
3480
  #
@@ -3346,7 +3535,7 @@ module Aws::CognitoIdentityProvider
3346
3535
  req.send_request(options)
3347
3536
  end
3348
3537
 
3349
- # Deletes a group. Currently only groups with no members can be deleted.
3538
+ # Deletes a group.
3350
3539
  #
3351
3540
  # Calling this action requires developer credentials.
3352
3541
  #
@@ -3902,6 +4091,7 @@ module Aws::CognitoIdentityProvider
3902
4091
  # resp.user_pool_client.analytics_configuration.external_id #=> String
3903
4092
  # resp.user_pool_client.analytics_configuration.user_data_shared #=> Boolean
3904
4093
  # resp.user_pool_client.prevent_user_existence_errors #=> String, one of "LEGACY", "ENABLED"
4094
+ # resp.user_pool_client.enable_token_revocation #=> Boolean
3905
4095
  #
3906
4096
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolClient AWS API Documentation
3907
4097
  #
@@ -3983,10 +4173,33 @@ module Aws::CognitoIdentityProvider
3983
4173
  # `InvalidParameterException` is thrown. To use the confirmation code
3984
4174
  # for resetting the password, call [ConfirmForgotPassword][2].
3985
4175
  #
4176
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
4177
+ # U.S. telecom carriers require that you register an origination phone
4178
+ # number before you can send SMS messages to U.S. phone numbers. If you
4179
+ # use SMS text messages in Amazon Cognito, you must register a phone
4180
+ # number with [Amazon Pinpoint][3]. Cognito will use the the registered
4181
+ # number automatically. Otherwise, Cognito users that must receive SMS
4182
+ # messages might be unable to sign up, activate their accounts, or sign
4183
+ # in.
4184
+ #
4185
+ # If you have never used SMS text messages with Amazon Cognito or any
4186
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
4187
+ # sandbox. In <i> <a
4188
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
4189
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
4190
+ # only verified phone numbers. After testing in the sandbox environment,
4191
+ # you can move out of the SMS sandbox and into production. For more
4192
+ # information, see [ SMS message settings for Cognito User Pools][4] in
4193
+ # the *Amazon Cognito Developer Guide*.
4194
+ #
4195
+ # </note>
4196
+ #
3986
4197
  #
3987
4198
  #
3988
4199
  # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html
3989
4200
  # [2]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html
4201
+ # [3]: https://console.aws.amazon.com/pinpoint/home/
4202
+ # [4]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
3990
4203
  #
3991
4204
  # @option params [required, String] :client_id
3992
4205
  # The ID of the client associated with the user pool.
@@ -4013,15 +4226,15 @@ module Aws::CognitoIdentityProvider
4013
4226
  # A map of custom key-value pairs that you can provide as input for any
4014
4227
  # custom workflows that this action triggers.
4015
4228
  #
4016
- # You create custom workflows by assigning AWS Lambda functions to user
4017
- # pool triggers. When you use the ForgotPassword API action, Amazon
4018
- # Cognito invokes any functions that are assigned to the following
4019
- # triggers: *pre sign-up*, *custom message*, and *user migration*. When
4020
- # Amazon Cognito invokes any of these functions, it passes a JSON
4021
- # payload, which the function receives as input. This payload contains a
4229
+ # You create custom workflows by assigning Lambda functions to user pool
4230
+ # triggers. When you use the ForgotPassword API action, Amazon Cognito
4231
+ # invokes any functions that are assigned to the following triggers:
4232
+ # *pre sign-up*, *custom message*, and *user migration*. When Amazon
4233
+ # Cognito invokes any of these functions, it passes a JSON payload,
4234
+ # which the function receives as input. This payload contains a
4022
4235
  # `clientMetadata` attribute, which provides the data that you assigned
4023
4236
  # to the ClientMetadata parameter in your ForgotPassword request. In
4024
- # your function code in AWS Lambda, you can process the `clientMetadata`
4237
+ # your function code in Lambda, you can process the `clientMetadata`
4025
4238
  # value to enhance your workflow for your specific needs.
4026
4239
  #
4027
4240
  # For more information, see [Customizing User Pool Workflows with Lambda
@@ -4031,9 +4244,9 @@ module Aws::CognitoIdentityProvider
4031
4244
  # ClientMetadata parameter:
4032
4245
  #
4033
4246
  # * Amazon Cognito does not store the ClientMetadata value. This data is
4034
- # available only to AWS Lambda triggers that are assigned to a user
4035
- # pool to support custom workflows. If your user pool configuration
4036
- # does not include triggers, the ClientMetadata parameter serves no
4247
+ # available only to Lambda triggers that are assigned to a user pool
4248
+ # to support custom workflows. If your user pool configuration does
4249
+ # not include triggers, the ClientMetadata parameter serves no
4037
4250
  # purpose.
4038
4251
  #
4039
4252
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -4351,6 +4564,32 @@ module Aws::CognitoIdentityProvider
4351
4564
  # Gets the user attribute verification code for the specified attribute
4352
4565
  # name.
4353
4566
  #
4567
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
4568
+ # U.S. telecom carriers require that you register an origination phone
4569
+ # number before you can send SMS messages to U.S. phone numbers. If you
4570
+ # use SMS text messages in Amazon Cognito, you must register a phone
4571
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
4572
+ # number automatically. Otherwise, Cognito users that must receive SMS
4573
+ # messages might be unable to sign up, activate their accounts, or sign
4574
+ # in.
4575
+ #
4576
+ # If you have never used SMS text messages with Amazon Cognito or any
4577
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
4578
+ # sandbox. In <i> <a
4579
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
4580
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
4581
+ # only verified phone numbers. After testing in the sandbox environment,
4582
+ # you can move out of the SMS sandbox and into production. For more
4583
+ # information, see [ SMS message settings for Cognito User Pools][2] in
4584
+ # the *Amazon Cognito Developer Guide*.
4585
+ #
4586
+ # </note>
4587
+ #
4588
+ #
4589
+ #
4590
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
4591
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
4592
+ #
4354
4593
  # @option params [required, String] :access_token
4355
4594
  # The access token returned by the server response to get the user
4356
4595
  # attribute verification code.
@@ -4363,14 +4602,14 @@ module Aws::CognitoIdentityProvider
4363
4602
  # A map of custom key-value pairs that you can provide as input for any
4364
4603
  # custom workflows that this action triggers.
4365
4604
  #
4366
- # You create custom workflows by assigning AWS Lambda functions to user
4367
- # pool triggers. When you use the GetUserAttributeVerificationCode API
4605
+ # You create custom workflows by assigning Lambda functions to user pool
4606
+ # triggers. When you use the GetUserAttributeVerificationCode API
4368
4607
  # action, Amazon Cognito invokes the function that is assigned to the
4369
4608
  # *custom message* trigger. When Amazon Cognito invokes this function,
4370
4609
  # it passes a JSON payload, which the function receives as input. This
4371
4610
  # payload contains a `clientMetadata` attribute, which provides the data
4372
4611
  # that you assigned to the ClientMetadata parameter in your
4373
- # GetUserAttributeVerificationCode request. In your function code in AWS
4612
+ # GetUserAttributeVerificationCode request. In your function code in
4374
4613
  # Lambda, you can process the `clientMetadata` value to enhance your
4375
4614
  # workflow for your specific needs.
4376
4615
  #
@@ -4381,9 +4620,9 @@ module Aws::CognitoIdentityProvider
4381
4620
  # ClientMetadata parameter:
4382
4621
  #
4383
4622
  # * Amazon Cognito does not store the ClientMetadata value. This data is
4384
- # available only to AWS Lambda triggers that are assigned to a user
4385
- # pool to support custom workflows. If your user pool configuration
4386
- # does not include triggers, the ClientMetadata parameter serves no
4623
+ # available only to Lambda triggers that are assigned to a user pool
4624
+ # to support custom workflows. If your user pool configuration does
4625
+ # not include triggers, the ClientMetadata parameter serves no
4387
4626
  # purpose.
4388
4627
  #
4389
4628
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -4487,6 +4726,32 @@ module Aws::CognitoIdentityProvider
4487
4726
 
4488
4727
  # Initiates the authentication flow.
4489
4728
  #
4729
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
4730
+ # U.S. telecom carriers require that you register an origination phone
4731
+ # number before you can send SMS messages to U.S. phone numbers. If you
4732
+ # use SMS text messages in Amazon Cognito, you must register a phone
4733
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
4734
+ # number automatically. Otherwise, Cognito users that must receive SMS
4735
+ # messages might be unable to sign up, activate their accounts, or sign
4736
+ # in.
4737
+ #
4738
+ # If you have never used SMS text messages with Amazon Cognito or any
4739
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
4740
+ # sandbox. In <i> <a
4741
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
4742
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
4743
+ # only verified phone numbers. After testing in the sandbox environment,
4744
+ # you can move out of the SMS sandbox and into production. For more
4745
+ # information, see [ SMS message settings for Cognito User Pools][2] in
4746
+ # the *Amazon Cognito Developer Guide*.
4747
+ #
4748
+ # </note>
4749
+ #
4750
+ #
4751
+ #
4752
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
4753
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
4754
+ #
4490
4755
  # @option params [required, String] :auth_flow
4491
4756
  # The authentication flow for this call to execute. The API action will
4492
4757
  # depend on this value. For example:
@@ -4545,11 +4810,11 @@ module Aws::CognitoIdentityProvider
4545
4810
  # A map of custom key-value pairs that you can provide as input for
4546
4811
  # certain custom workflows that this action triggers.
4547
4812
  #
4548
- # You create custom workflows by assigning AWS Lambda functions to user
4549
- # pool triggers. When you use the InitiateAuth API action, Amazon
4550
- # Cognito invokes the AWS Lambda functions that are specified for
4551
- # various triggers. The ClientMetadata value is passed as input to the
4552
- # functions for only the following triggers:
4813
+ # You create custom workflows by assigning Lambda functions to user pool
4814
+ # triggers. When you use the InitiateAuth API action, Amazon Cognito
4815
+ # invokes the Lambda functions that are specified for various triggers.
4816
+ # The ClientMetadata value is passed as input to the functions for only
4817
+ # the following triggers:
4553
4818
  #
4554
4819
  # * Pre signup
4555
4820
  #
@@ -4561,7 +4826,7 @@ module Aws::CognitoIdentityProvider
4561
4826
  # passes a JSON payload, which the function receives as input. This
4562
4827
  # payload contains a `validationData` attribute, which provides the data
4563
4828
  # that you assigned to the ClientMetadata parameter in your InitiateAuth
4564
- # request. In your function code in AWS Lambda, you can process the
4829
+ # request. In your function code in Lambda, you can process the
4565
4830
  # `validationData` value to enhance your workflow for your specific
4566
4831
  # needs.
4567
4832
  #
@@ -4588,9 +4853,9 @@ module Aws::CognitoIdentityProvider
4588
4853
  # ClientMetadata parameter:
4589
4854
  #
4590
4855
  # * Amazon Cognito does not store the ClientMetadata value. This data is
4591
- # available only to AWS Lambda triggers that are assigned to a user
4592
- # pool to support custom workflows. If your user pool configuration
4593
- # does not include triggers, the ClientMetadata parameter serves no
4856
+ # available only to Lambda triggers that are assigned to a user pool
4857
+ # to support custom workflows. If your user pool configuration does
4858
+ # not include triggers, the ClientMetadata parameter serves no
4594
4859
  # purpose.
4595
4860
  #
4596
4861
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -4988,7 +5253,7 @@ module Aws::CognitoIdentityProvider
4988
5253
  req.send_request(options)
4989
5254
  end
4990
5255
 
4991
- # Lists the user pools associated with an AWS account.
5256
+ # Lists the user pools associated with an account.
4992
5257
  #
4993
5258
  # @option params [String] :next_token
4994
5259
  # An identifier that was returned from the previous call to this
@@ -5223,6 +5488,32 @@ module Aws::CognitoIdentityProvider
5223
5488
  # Resends the confirmation (for confirmation of registration) to a
5224
5489
  # specific user in the user pool.
5225
5490
  #
5491
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
5492
+ # U.S. telecom carriers require that you register an origination phone
5493
+ # number before you can send SMS messages to U.S. phone numbers. If you
5494
+ # use SMS text messages in Amazon Cognito, you must register a phone
5495
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
5496
+ # number automatically. Otherwise, Cognito users that must receive SMS
5497
+ # messages might be unable to sign up, activate their accounts, or sign
5498
+ # in.
5499
+ #
5500
+ # If you have never used SMS text messages with Amazon Cognito or any
5501
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
5502
+ # sandbox. In <i> <a
5503
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
5504
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
5505
+ # only verified phone numbers. After testing in the sandbox environment,
5506
+ # you can move out of the SMS sandbox and into production. For more
5507
+ # information, see [ SMS message settings for Cognito User Pools][2] in
5508
+ # the *Amazon Cognito Developer Guide*.
5509
+ #
5510
+ # </note>
5511
+ #
5512
+ #
5513
+ #
5514
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
5515
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
5516
+ #
5226
5517
  # @option params [required, String] :client_id
5227
5518
  # The ID of the client associated with the user pool.
5228
5519
  #
@@ -5248,16 +5539,16 @@ module Aws::CognitoIdentityProvider
5248
5539
  # A map of custom key-value pairs that you can provide as input for any
5249
5540
  # custom workflows that this action triggers.
5250
5541
  #
5251
- # You create custom workflows by assigning AWS Lambda functions to user
5252
- # pool triggers. When you use the ResendConfirmationCode API action,
5253
- # Amazon Cognito invokes the function that is assigned to the *custom
5254
- # message* trigger. When Amazon Cognito invokes this function, it passes
5255
- # a JSON payload, which the function receives as input. This payload
5256
- # contains a `clientMetadata` attribute, which provides the data that
5257
- # you assigned to the ClientMetadata parameter in your
5258
- # ResendConfirmationCode request. In your function code in AWS Lambda,
5259
- # you can process the `clientMetadata` value to enhance your workflow
5260
- # for your specific needs.
5542
+ # You create custom workflows by assigning Lambda functions to user pool
5543
+ # triggers. When you use the ResendConfirmationCode API action, Amazon
5544
+ # Cognito invokes the function that is assigned to the *custom message*
5545
+ # trigger. When Amazon Cognito invokes this function, it passes a JSON
5546
+ # payload, which the function receives as input. This payload contains a
5547
+ # `clientMetadata` attribute, which provides the data that you assigned
5548
+ # to the ClientMetadata parameter in your ResendConfirmationCode
5549
+ # request. In your function code in Lambda, you can process the
5550
+ # `clientMetadata` value to enhance your workflow for your specific
5551
+ # needs.
5261
5552
  #
5262
5553
  # For more information, see [Customizing User Pool Workflows with Lambda
5263
5554
  # Triggers][1] in the *Amazon Cognito Developer Guide*.
@@ -5266,9 +5557,9 @@ module Aws::CognitoIdentityProvider
5266
5557
  # ClientMetadata parameter:
5267
5558
  #
5268
5559
  # * Amazon Cognito does not store the ClientMetadata value. This data is
5269
- # available only to AWS Lambda triggers that are assigned to a user
5270
- # pool to support custom workflows. If your user pool configuration
5271
- # does not include triggers, the ClientMetadata parameter serves no
5560
+ # available only to Lambda triggers that are assigned to a user pool
5561
+ # to support custom workflows. If your user pool configuration does
5562
+ # not include triggers, the ClientMetadata parameter serves no
5272
5563
  # purpose.
5273
5564
  #
5274
5565
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -5320,6 +5611,32 @@ module Aws::CognitoIdentityProvider
5320
5611
 
5321
5612
  # Responds to the authentication challenge.
5322
5613
  #
5614
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
5615
+ # U.S. telecom carriers require that you register an origination phone
5616
+ # number before you can send SMS messages to U.S. phone numbers. If you
5617
+ # use SMS text messages in Amazon Cognito, you must register a phone
5618
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
5619
+ # number automatically. Otherwise, Cognito users that must receive SMS
5620
+ # messages might be unable to sign up, activate their accounts, or sign
5621
+ # in.
5622
+ #
5623
+ # If you have never used SMS text messages with Amazon Cognito or any
5624
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
5625
+ # sandbox. In <i> <a
5626
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
5627
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
5628
+ # only verified phone numbers. After testing in the sandbox environment,
5629
+ # you can move out of the SMS sandbox and into production. For more
5630
+ # information, see [ SMS message settings for Cognito User Pools][2] in
5631
+ # the *Amazon Cognito Developer Guide*.
5632
+ #
5633
+ # </note>
5634
+ #
5635
+ #
5636
+ #
5637
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
5638
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
5639
+ #
5323
5640
  # @option params [required, String] :client_id
5324
5641
  # The app client ID.
5325
5642
  #
@@ -5366,6 +5683,9 @@ module Aws::CognitoIdentityProvider
5366
5683
  # * `DEVICE_PASSWORD_VERIFIER` requires everything that
5367
5684
  # `PASSWORD_VERIFIER` requires plus `DEVICE_KEY`.
5368
5685
  #
5686
+ # * `MFA_SETUP` requires `USERNAME`, plus you need to use the session
5687
+ # value returned by `VerifySoftwareToken` in the `Session` parameter.
5688
+ #
5369
5689
  # @option params [Types::AnalyticsMetadataType] :analytics_metadata
5370
5690
  # The Amazon Pinpoint analytics metadata for collecting metrics for
5371
5691
  # `RespondToAuthChallenge` calls.
@@ -5379,18 +5699,18 @@ module Aws::CognitoIdentityProvider
5379
5699
  # A map of custom key-value pairs that you can provide as input for any
5380
5700
  # custom workflows that this action triggers.
5381
5701
  #
5382
- # You create custom workflows by assigning AWS Lambda functions to user
5383
- # pool triggers. When you use the RespondToAuthChallenge API action,
5384
- # Amazon Cognito invokes any functions that are assigned to the
5385
- # following triggers: *post authentication*, *pre token generation*,
5386
- # *define auth challenge*, *create auth challenge*, and *verify auth
5387
- # challenge*. When Amazon Cognito invokes any of these functions, it
5388
- # passes a JSON payload, which the function receives as input. This
5389
- # payload contains a `clientMetadata` attribute, which provides the data
5390
- # that you assigned to the ClientMetadata parameter in your
5391
- # RespondToAuthChallenge request. In your function code in AWS Lambda,
5392
- # you can process the `clientMetadata` value to enhance your workflow
5393
- # for your specific needs.
5702
+ # You create custom workflows by assigning Lambda functions to user pool
5703
+ # triggers. When you use the RespondToAuthChallenge API action, Amazon
5704
+ # Cognito invokes any functions that are assigned to the following
5705
+ # triggers: *post authentication*, *pre token generation*, *define auth
5706
+ # challenge*, *create auth challenge*, and *verify auth challenge*. When
5707
+ # Amazon Cognito invokes any of these functions, it passes a JSON
5708
+ # payload, which the function receives as input. This payload contains a
5709
+ # `clientMetadata` attribute, which provides the data that you assigned
5710
+ # to the ClientMetadata parameter in your RespondToAuthChallenge
5711
+ # request. In your function code in Lambda, you can process the
5712
+ # `clientMetadata` value to enhance your workflow for your specific
5713
+ # needs.
5394
5714
  #
5395
5715
  # For more information, see [Customizing User Pool Workflows with Lambda
5396
5716
  # Triggers][1] in the *Amazon Cognito Developer Guide*.
@@ -5399,9 +5719,9 @@ module Aws::CognitoIdentityProvider
5399
5719
  # ClientMetadata parameter:
5400
5720
  #
5401
5721
  # * Amazon Cognito does not store the ClientMetadata value. This data is
5402
- # available only to AWS Lambda triggers that are assigned to a user
5403
- # pool to support custom workflows. If your user pool configuration
5404
- # does not include triggers, the ClientMetadata parameter serves no
5722
+ # available only to Lambda triggers that are assigned to a user pool
5723
+ # to support custom workflows. If your user pool configuration does
5724
+ # not include triggers, the ClientMetadata parameter serves no
5405
5725
  # purpose.
5406
5726
  #
5407
5727
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -5465,6 +5785,39 @@ module Aws::CognitoIdentityProvider
5465
5785
  req.send_request(options)
5466
5786
  end
5467
5787
 
5788
+ # Revokes all of the access tokens generated by the specified refresh
5789
+ # token. After the token is revoked, you can not use the revoked token
5790
+ # to access Cognito authenticated APIs.
5791
+ #
5792
+ # @option params [required, String] :token
5793
+ # The token that you want to revoke.
5794
+ #
5795
+ # @option params [required, String] :client_id
5796
+ # The client ID for the token that you want to revoke.
5797
+ #
5798
+ # @option params [String] :client_secret
5799
+ # The secret for the client ID. This is required only if the client ID
5800
+ # has a secret.
5801
+ #
5802
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5803
+ #
5804
+ # @example Request syntax with placeholder values
5805
+ #
5806
+ # resp = client.revoke_token({
5807
+ # token: "TokenModelType", # required
5808
+ # client_id: "ClientIdType", # required
5809
+ # client_secret: "ClientSecretType",
5810
+ # })
5811
+ #
5812
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeToken AWS API Documentation
5813
+ #
5814
+ # @overload revoke_token(params = {})
5815
+ # @param [Hash] params ({})
5816
+ def revoke_token(params = {}, options = {})
5817
+ req = build_request(:revoke_token, params)
5818
+ req.send_request(options)
5819
+ end
5820
+
5468
5821
  # Configures actions on detected risks. To delete the risk configuration
5469
5822
  # for `UserPoolId` or `ClientId`, pass null values for all four
5470
5823
  # configuration types.
@@ -5698,6 +6051,32 @@ module Aws::CognitoIdentityProvider
5698
6051
 
5699
6052
  # Set the user pool multi-factor authentication (MFA) configuration.
5700
6053
  #
6054
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
6055
+ # U.S. telecom carriers require that you register an origination phone
6056
+ # number before you can send SMS messages to U.S. phone numbers. If you
6057
+ # use SMS text messages in Amazon Cognito, you must register a phone
6058
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
6059
+ # number automatically. Otherwise, Cognito users that must receive SMS
6060
+ # messages might be unable to sign up, activate their accounts, or sign
6061
+ # in.
6062
+ #
6063
+ # If you have never used SMS text messages with Amazon Cognito or any
6064
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
6065
+ # sandbox. In <i> <a
6066
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
6067
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
6068
+ # only verified phone numbers. After testing in the sandbox environment,
6069
+ # you can move out of the SMS sandbox and into production. For more
6070
+ # information, see [ SMS message settings for Cognito User Pools][2] in
6071
+ # the *Amazon Cognito Developer Guide*.
6072
+ #
6073
+ # </note>
6074
+ #
6075
+ #
6076
+ #
6077
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
6078
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
6079
+ #
5701
6080
  # @option params [required, String] :user_pool_id
5702
6081
  # The user pool ID.
5703
6082
  #
@@ -5708,7 +6087,11 @@ module Aws::CognitoIdentityProvider
5708
6087
  # The software token MFA configuration.
5709
6088
  #
5710
6089
  # @option params [String] :mfa_configuration
5711
- # The MFA configuration. Valid values include:
6090
+ # The MFA configuration. Users who don't have an MFA factor set up
6091
+ # won't be able to sign-in if you set the MfaConfiguration value to
6092
+ # ‘ON’. See [Adding Multi-Factor Authentication (MFA) to a User
6093
+ # Pool](cognito/latest/developerguide/user-pool-settings-mfa.html) to
6094
+ # learn more. Valid values include:
5712
6095
  #
5713
6096
  # * `OFF` MFA will not be used for any users.
5714
6097
  #
@@ -5798,6 +6181,32 @@ module Aws::CognitoIdentityProvider
5798
6181
  # Registers the user in the specified user pool and creates a user name,
5799
6182
  # password, and user attributes.
5800
6183
  #
6184
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
6185
+ # U.S. telecom carriers require that you register an origination phone
6186
+ # number before you can send SMS messages to U.S. phone numbers. If you
6187
+ # use SMS text messages in Amazon Cognito, you must register a phone
6188
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
6189
+ # number automatically. Otherwise, Cognito users that must receive SMS
6190
+ # messages might be unable to sign up, activate their accounts, or sign
6191
+ # in.
6192
+ #
6193
+ # If you have never used SMS text messages with Amazon Cognito or any
6194
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
6195
+ # sandbox. In <i> <a
6196
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
6197
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
6198
+ # only verified phone numbers. After testing in the sandbox environment,
6199
+ # you can move out of the SMS sandbox and into production. For more
6200
+ # information, see [ SMS message settings for Cognito User Pools][2] in
6201
+ # the *Amazon Cognito Developer Guide*.
6202
+ #
6203
+ # </note>
6204
+ #
6205
+ #
6206
+ #
6207
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
6208
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
6209
+ #
5801
6210
  # @option params [required, String] :client_id
5802
6211
  # The ID of the client associated with the user pool.
5803
6212
  #
@@ -5834,16 +6243,16 @@ module Aws::CognitoIdentityProvider
5834
6243
  # A map of custom key-value pairs that you can provide as input for any
5835
6244
  # custom workflows that this action triggers.
5836
6245
  #
5837
- # You create custom workflows by assigning AWS Lambda functions to user
5838
- # pool triggers. When you use the SignUp API action, Amazon Cognito
5839
- # invokes any functions that are assigned to the following triggers:
5840
- # *pre sign-up*, *custom message*, and *post confirmation*. When Amazon
6246
+ # You create custom workflows by assigning Lambda functions to user pool
6247
+ # triggers. When you use the SignUp API action, Amazon Cognito invokes
6248
+ # any functions that are assigned to the following triggers: *pre
6249
+ # sign-up*, *custom message*, and *post confirmation*. When Amazon
5841
6250
  # Cognito invokes any of these functions, it passes a JSON payload,
5842
6251
  # which the function receives as input. This payload contains a
5843
6252
  # `clientMetadata` attribute, which provides the data that you assigned
5844
6253
  # to the ClientMetadata parameter in your SignUp request. In your
5845
- # function code in AWS Lambda, you can process the `clientMetadata`
5846
- # value to enhance your workflow for your specific needs.
6254
+ # function code in Lambda, you can process the `clientMetadata` value to
6255
+ # enhance your workflow for your specific needs.
5847
6256
  #
5848
6257
  # For more information, see [Customizing User Pool Workflows with Lambda
5849
6258
  # Triggers][1] in the *Amazon Cognito Developer Guide*.
@@ -5852,9 +6261,9 @@ module Aws::CognitoIdentityProvider
5852
6261
  # ClientMetadata parameter:
5853
6262
  #
5854
6263
  # * Amazon Cognito does not store the ClientMetadata value. This data is
5855
- # available only to AWS Lambda triggers that are assigned to a user
5856
- # pool to support custom workflows. If your user pool configuration
5857
- # does not include triggers, the ClientMetadata parameter serves no
6264
+ # available only to Lambda triggers that are assigned to a user pool
6265
+ # to support custom workflows. If your user pool configuration does
6266
+ # not include triggers, the ClientMetadata parameter serves no
5858
6267
  # purpose.
5859
6268
  #
5860
6269
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -6160,9 +6569,6 @@ module Aws::CognitoIdentityProvider
6160
6569
  #
6161
6570
  # Calling this action requires developer credentials.
6162
6571
  #
6163
- # If you don't provide a value for an attribute, it will be set to the
6164
- # default value.
6165
- #
6166
6572
  # @option params [required, String] :group_name
6167
6573
  # The name of the group.
6168
6574
  #
@@ -6332,6 +6738,32 @@ module Aws::CognitoIdentityProvider
6332
6738
 
6333
6739
  # Allows a user to update a specific attribute (one at a time).
6334
6740
  #
6741
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
6742
+ # U.S. telecom carriers require that you register an origination phone
6743
+ # number before you can send SMS messages to U.S. phone numbers. If you
6744
+ # use SMS text messages in Amazon Cognito, you must register a phone
6745
+ # number with [Amazon Pinpoint][1]. Cognito will use the the registered
6746
+ # number automatically. Otherwise, Cognito users that must receive SMS
6747
+ # messages might be unable to sign up, activate their accounts, or sign
6748
+ # in.
6749
+ #
6750
+ # If you have never used SMS text messages with Amazon Cognito or any
6751
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
6752
+ # sandbox. In <i> <a
6753
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
6754
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
6755
+ # only verified phone numbers. After testing in the sandbox environment,
6756
+ # you can move out of the SMS sandbox and into production. For more
6757
+ # information, see [ SMS message settings for Cognito User Pools][2] in
6758
+ # the *Amazon Cognito Developer Guide*.
6759
+ #
6760
+ # </note>
6761
+ #
6762
+ #
6763
+ #
6764
+ # [1]: https://console.aws.amazon.com/pinpoint/home/
6765
+ # [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
6766
+ #
6335
6767
  # @option params [required, Array<Types::AttributeType>] :user_attributes
6336
6768
  # An array of name-value pairs representing user attributes.
6337
6769
  #
@@ -6345,16 +6777,15 @@ module Aws::CognitoIdentityProvider
6345
6777
  # A map of custom key-value pairs that you can provide as input for any
6346
6778
  # custom workflows that this action triggers.
6347
6779
  #
6348
- # You create custom workflows by assigning AWS Lambda functions to user
6349
- # pool triggers. When you use the UpdateUserAttributes API action,
6350
- # Amazon Cognito invokes the function that is assigned to the *custom
6351
- # message* trigger. When Amazon Cognito invokes this function, it passes
6352
- # a JSON payload, which the function receives as input. This payload
6353
- # contains a `clientMetadata` attribute, which provides the data that
6354
- # you assigned to the ClientMetadata parameter in your
6355
- # UpdateUserAttributes request. In your function code in AWS Lambda, you
6356
- # can process the `clientMetadata` value to enhance your workflow for
6357
- # your specific needs.
6780
+ # You create custom workflows by assigning Lambda functions to user pool
6781
+ # triggers. When you use the UpdateUserAttributes API action, Amazon
6782
+ # Cognito invokes the function that is assigned to the *custom message*
6783
+ # trigger. When Amazon Cognito invokes this function, it passes a JSON
6784
+ # payload, which the function receives as input. This payload contains a
6785
+ # `clientMetadata` attribute, which provides the data that you assigned
6786
+ # to the ClientMetadata parameter in your UpdateUserAttributes request.
6787
+ # In your function code in Lambda, you can process the `clientMetadata`
6788
+ # value to enhance your workflow for your specific needs.
6358
6789
  #
6359
6790
  # For more information, see [Customizing User Pool Workflows with Lambda
6360
6791
  # Triggers][1] in the *Amazon Cognito Developer Guide*.
@@ -6363,9 +6794,9 @@ module Aws::CognitoIdentityProvider
6363
6794
  # ClientMetadata parameter:
6364
6795
  #
6365
6796
  # * Amazon Cognito does not store the ClientMetadata value. This data is
6366
- # available only to AWS Lambda triggers that are assigned to a user
6367
- # pool to support custom workflows. If your user pool configuration
6368
- # does not include triggers, the ClientMetadata parameter serves no
6797
+ # available only to Lambda triggers that are assigned to a user pool
6798
+ # to support custom workflows. If your user pool configuration does
6799
+ # not include triggers, the ClientMetadata parameter serves no
6369
6800
  # purpose.
6370
6801
  #
6371
6802
  # * Amazon Cognito does not validate the ClientMetadata value.
@@ -6416,14 +6847,35 @@ module Aws::CognitoIdentityProvider
6416
6847
 
6417
6848
  # Updates the specified user pool with the specified attributes. You can
6418
6849
  # get a list of the current user pool settings using
6419
- # [DescribeUserPool][1].
6850
+ # [DescribeUserPool][1]. If you don't provide a value for an attribute,
6851
+ # it will be set to the default value.
6852
+ #
6853
+ # <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
6854
+ # U.S. telecom carriers require that you register an origination phone
6855
+ # number before you can send SMS messages to U.S. phone numbers. If you
6856
+ # use SMS text messages in Amazon Cognito, you must register a phone
6857
+ # number with [Amazon Pinpoint][2]. Cognito will use the the registered
6858
+ # number automatically. Otherwise, Cognito users that must receive SMS
6859
+ # messages might be unable to sign up, activate their accounts, or sign
6860
+ # in.
6861
+ #
6862
+ # If you have never used SMS text messages with Amazon Cognito or any
6863
+ # other Amazon Web Service, Amazon SNS might place your account in SMS
6864
+ # sandbox. In <i> <a
6865
+ # href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
6866
+ # mode</a> </i>, you’ll have limitations, such as sending messages to
6867
+ # only verified phone numbers. After testing in the sandbox environment,
6868
+ # you can move out of the SMS sandbox and into production. For more
6869
+ # information, see [ SMS message settings for Cognito User Pools][3] in
6870
+ # the *Amazon Cognito Developer Guide*.
6420
6871
  #
6421
- # If you don't provide a value for an attribute, it will be set to the
6422
- # default value.
6872
+ # </note>
6423
6873
  #
6424
6874
  #
6425
6875
  #
6426
6876
  # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html
6877
+ # [2]: https://console.aws.amazon.com/pinpoint/home/
6878
+ # [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html
6427
6879
  #
6428
6880
  # @option params [required, String] :user_pool_id
6429
6881
  # The user pool ID for the user pool you want to update.
@@ -6432,8 +6884,8 @@ module Aws::CognitoIdentityProvider
6432
6884
  # A container with the policies you wish to update in a user pool.
6433
6885
  #
6434
6886
  # @option params [Types::LambdaConfigType] :lambda_config
6435
- # The AWS Lambda configuration information from the request to update
6436
- # the user pool.
6887
+ # The Lambda configuration information from the request to update the
6888
+ # user pool.
6437
6889
  #
6438
6890
  # @option params [Array<String>] :auto_verified_attributes
6439
6891
  # The attributes that are automatically verified when the Amazon Cognito
@@ -6461,11 +6913,17 @@ module Aws::CognitoIdentityProvider
6461
6913
  # user registration.
6462
6914
  #
6463
6915
  # * `ON` - MFA tokens are required for all user registrations. You can
6464
- # only specify required when you are initially creating a user pool.
6916
+ # only specify ON when you are initially creating a user pool. You can
6917
+ # use the [SetUserPoolMfaConfig][1] API operation to turn MFA "ON"
6918
+ # for existing user pools.
6465
6919
  #
6466
6920
  # * `OPTIONAL` - Users have the option when registering to create an MFA
6467
6921
  # token.
6468
6922
  #
6923
+ #
6924
+ #
6925
+ # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html
6926
+ #
6469
6927
  # @option params [Types::DeviceConfigurationType] :device_configuration
6470
6928
  # Device configuration.
6471
6929
  #
@@ -6603,9 +7061,14 @@ module Aws::CognitoIdentityProvider
6603
7061
  # If you don't provide a value for an attribute, it will be set to the
6604
7062
  # default value.
6605
7063
  #
7064
+ # You can also use this operation to enable token revocation for user
7065
+ # pool clients. For more information about revoking tokens, see
7066
+ # [RevokeToken][2].
7067
+ #
6606
7068
  #
6607
7069
  #
6608
7070
  # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html
7071
+ # [2]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
6609
7072
  #
6610
7073
  # @option params [required, String] :user_pool_id
6611
7074
  # The user pool ID for the user pool where you want to update the user
@@ -6732,8 +7195,8 @@ module Aws::CognitoIdentityProvider
6732
7195
  # @option params [Array<String>] :allowed_o_auth_scopes
6733
7196
  # The allowed OAuth scopes. Possible values provided by OAuth are:
6734
7197
  # `phone`, `email`, `openid`, and `profile`. Possible values provided by
6735
- # AWS are: `aws.cognito.signin.user.admin`. Custom scopes created in
6736
- # Resource Servers are also supported.
7198
+ # Amazon Web Services are: `aws.cognito.signin.user.admin`. Custom
7199
+ # scopes created in Resource Servers are also supported.
6737
7200
  #
6738
7201
  # @option params [Boolean] :allowed_o_auth_flows_user_pool_client
6739
7202
  # Set to true if the client is allowed to follow the OAuth protocol when
@@ -6774,6 +7237,14 @@ module Aws::CognitoIdentityProvider
6774
7237
  #
6775
7238
  # </note>
6776
7239
  #
7240
+ # @option params [Boolean] :enable_token_revocation
7241
+ # Enables or disables token revocation. For more information about
7242
+ # revoking tokens, see [RevokeToken][1].
7243
+ #
7244
+ #
7245
+ #
7246
+ # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
7247
+ #
6777
7248
  # @return [Types::UpdateUserPoolClientResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
6778
7249
  #
6779
7250
  # * {Types::UpdateUserPoolClientResponse#user_pool_client #user_pool_client} => Types::UserPoolClientType
@@ -6810,6 +7281,7 @@ module Aws::CognitoIdentityProvider
6810
7281
  # user_data_shared: false,
6811
7282
  # },
6812
7283
  # prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
7284
+ # enable_token_revocation: false,
6813
7285
  # })
6814
7286
  #
6815
7287
  # @example Response structure
@@ -6850,6 +7322,7 @@ module Aws::CognitoIdentityProvider
6850
7322
  # resp.user_pool_client.analytics_configuration.external_id #=> String
6851
7323
  # resp.user_pool_client.analytics_configuration.user_data_shared #=> Boolean
6852
7324
  # resp.user_pool_client.prevent_user_existence_errors #=> String, one of "LEGACY", "ENABLED"
7325
+ # resp.user_pool_client.enable_token_revocation #=> Boolean
6853
7326
  #
6854
7327
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolClient AWS API Documentation
6855
7328
  #
@@ -6869,7 +7342,7 @@ module Aws::CognitoIdentityProvider
6869
7342
  #
6870
7343
  # A custom domain is used to host the Amazon Cognito hosted UI, which
6871
7344
  # provides sign-up and sign-in pages for your application. When you set
6872
- # up a custom domain, you provide a certificate that you manage with AWS
7345
+ # up a custom domain, you provide a certificate that you manage with
6873
7346
  # Certificate Manager (ACM). When necessary, you can use this operation
6874
7347
  # to change the certificate that you applied to your custom domain.
6875
7348
  #
@@ -6883,7 +7356,7 @@ module Aws::CognitoIdentityProvider
6883
7356
  # your custom domain, you must provide this ARN to Amazon Cognito.
6884
7357
  #
6885
7358
  # When you add your new certificate in ACM, you must choose US East (N.
6886
- # Virginia) as the AWS Region.
7359
+ # Virginia) as the Region.
6887
7360
  #
6888
7361
  # After you submit your request, Amazon Cognito requires up to 1 hour to
6889
7362
  # distribute your new certificate to your custom domain.
@@ -7032,7 +7505,7 @@ module Aws::CognitoIdentityProvider
7032
7505
  params: params,
7033
7506
  config: config)
7034
7507
  context[:gem_name] = 'aws-sdk-cognitoidentityprovider'
7035
- context[:gem_version] = '1.50.0'
7508
+ context[:gem_version] = '1.54.0'
7036
7509
  Seahorse::Client::Request.new(handlers, context)
7037
7510
  end
7038
7511