aws-sdk-cognitoidentityprovider 1.51.0 → 1.55.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-cognitoidentityprovider.rb +1 -1
- data/lib/aws-sdk-cognitoidentityprovider/client.rb +628 -171
- data/lib/aws-sdk-cognitoidentityprovider/client_api.rb +38 -0
- data/lib/aws-sdk-cognitoidentityprovider/errors.rb +48 -0
- data/lib/aws-sdk-cognitoidentityprovider/types.rb +350 -221
- metadata +5 -6
@@ -345,6 +345,8 @@ module Aws::CognitoIdentityProvider
|
|
345
345
|
ResourceServersListType = Shapes::ListShape.new(name: 'ResourceServersListType')
|
346
346
|
RespondToAuthChallengeRequest = Shapes::StructureShape.new(name: 'RespondToAuthChallengeRequest')
|
347
347
|
RespondToAuthChallengeResponse = Shapes::StructureShape.new(name: 'RespondToAuthChallengeResponse')
|
348
|
+
RevokeTokenRequest = Shapes::StructureShape.new(name: 'RevokeTokenRequest')
|
349
|
+
RevokeTokenResponse = Shapes::StructureShape.new(name: 'RevokeTokenResponse')
|
348
350
|
RiskConfigurationType = Shapes::StructureShape.new(name: 'RiskConfigurationType')
|
349
351
|
RiskDecisionType = Shapes::StringShape.new(name: 'RiskDecisionType')
|
350
352
|
RiskExceptionConfigurationType = Shapes::StructureShape.new(name: 'RiskExceptionConfigurationType')
|
@@ -401,8 +403,11 @@ module Aws::CognitoIdentityProvider
|
|
401
403
|
TooManyFailedAttemptsException = Shapes::StructureShape.new(name: 'TooManyFailedAttemptsException')
|
402
404
|
TooManyRequestsException = Shapes::StructureShape.new(name: 'TooManyRequestsException')
|
403
405
|
UICustomizationType = Shapes::StructureShape.new(name: 'UICustomizationType')
|
406
|
+
UnauthorizedException = Shapes::StructureShape.new(name: 'UnauthorizedException')
|
404
407
|
UnexpectedLambdaException = Shapes::StructureShape.new(name: 'UnexpectedLambdaException')
|
405
408
|
UnsupportedIdentityProviderException = Shapes::StructureShape.new(name: 'UnsupportedIdentityProviderException')
|
409
|
+
UnsupportedOperationException = Shapes::StructureShape.new(name: 'UnsupportedOperationException')
|
410
|
+
UnsupportedTokenTypeException = Shapes::StructureShape.new(name: 'UnsupportedTokenTypeException')
|
406
411
|
UnsupportedUserStateException = Shapes::StructureShape.new(name: 'UnsupportedUserStateException')
|
407
412
|
UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
|
408
413
|
UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse')
|
@@ -917,6 +922,7 @@ module Aws::CognitoIdentityProvider
|
|
917
922
|
CreateUserPoolClientRequest.add_member(:allowed_o_auth_flows_user_pool_client, Shapes::ShapeRef.new(shape: BooleanType, location_name: "AllowedOAuthFlowsUserPoolClient"))
|
918
923
|
CreateUserPoolClientRequest.add_member(:analytics_configuration, Shapes::ShapeRef.new(shape: AnalyticsConfigurationType, location_name: "AnalyticsConfiguration"))
|
919
924
|
CreateUserPoolClientRequest.add_member(:prevent_user_existence_errors, Shapes::ShapeRef.new(shape: PreventUserExistenceErrorTypes, location_name: "PreventUserExistenceErrors"))
|
925
|
+
CreateUserPoolClientRequest.add_member(:enable_token_revocation, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnableTokenRevocation"))
|
920
926
|
CreateUserPoolClientRequest.struct_class = Types::CreateUserPoolClientRequest
|
921
927
|
|
922
928
|
CreateUserPoolClientResponse.add_member(:user_pool_client, Shapes::ShapeRef.new(shape: UserPoolClientType, location_name: "UserPoolClient"))
|
@@ -1506,6 +1512,13 @@ module Aws::CognitoIdentityProvider
|
|
1506
1512
|
RespondToAuthChallengeResponse.add_member(:authentication_result, Shapes::ShapeRef.new(shape: AuthenticationResultType, location_name: "AuthenticationResult"))
|
1507
1513
|
RespondToAuthChallengeResponse.struct_class = Types::RespondToAuthChallengeResponse
|
1508
1514
|
|
1515
|
+
RevokeTokenRequest.add_member(:token, Shapes::ShapeRef.new(shape: TokenModelType, required: true, location_name: "Token"))
|
1516
|
+
RevokeTokenRequest.add_member(:client_id, Shapes::ShapeRef.new(shape: ClientIdType, required: true, location_name: "ClientId"))
|
1517
|
+
RevokeTokenRequest.add_member(:client_secret, Shapes::ShapeRef.new(shape: ClientSecretType, location_name: "ClientSecret"))
|
1518
|
+
RevokeTokenRequest.struct_class = Types::RevokeTokenRequest
|
1519
|
+
|
1520
|
+
RevokeTokenResponse.struct_class = Types::RevokeTokenResponse
|
1521
|
+
|
1509
1522
|
RiskConfigurationType.add_member(:user_pool_id, Shapes::ShapeRef.new(shape: UserPoolIdType, location_name: "UserPoolId"))
|
1510
1523
|
RiskConfigurationType.add_member(:client_id, Shapes::ShapeRef.new(shape: ClientIdType, location_name: "ClientId"))
|
1511
1524
|
RiskConfigurationType.add_member(:compromised_credentials_risk_configuration, Shapes::ShapeRef.new(shape: CompromisedCredentialsRiskConfigurationType, location_name: "CompromisedCredentialsRiskConfiguration"))
|
@@ -1665,12 +1678,21 @@ module Aws::CognitoIdentityProvider
|
|
1665
1678
|
UICustomizationType.add_member(:creation_date, Shapes::ShapeRef.new(shape: DateType, location_name: "CreationDate"))
|
1666
1679
|
UICustomizationType.struct_class = Types::UICustomizationType
|
1667
1680
|
|
1681
|
+
UnauthorizedException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
|
1682
|
+
UnauthorizedException.struct_class = Types::UnauthorizedException
|
1683
|
+
|
1668
1684
|
UnexpectedLambdaException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
|
1669
1685
|
UnexpectedLambdaException.struct_class = Types::UnexpectedLambdaException
|
1670
1686
|
|
1671
1687
|
UnsupportedIdentityProviderException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
|
1672
1688
|
UnsupportedIdentityProviderException.struct_class = Types::UnsupportedIdentityProviderException
|
1673
1689
|
|
1690
|
+
UnsupportedOperationException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
|
1691
|
+
UnsupportedOperationException.struct_class = Types::UnsupportedOperationException
|
1692
|
+
|
1693
|
+
UnsupportedTokenTypeException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
|
1694
|
+
UnsupportedTokenTypeException.struct_class = Types::UnsupportedTokenTypeException
|
1695
|
+
|
1674
1696
|
UnsupportedUserStateException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
|
1675
1697
|
UnsupportedUserStateException.struct_class = Types::UnsupportedUserStateException
|
1676
1698
|
|
@@ -1752,6 +1774,7 @@ module Aws::CognitoIdentityProvider
|
|
1752
1774
|
UpdateUserPoolClientRequest.add_member(:allowed_o_auth_flows_user_pool_client, Shapes::ShapeRef.new(shape: BooleanType, location_name: "AllowedOAuthFlowsUserPoolClient"))
|
1753
1775
|
UpdateUserPoolClientRequest.add_member(:analytics_configuration, Shapes::ShapeRef.new(shape: AnalyticsConfigurationType, location_name: "AnalyticsConfiguration"))
|
1754
1776
|
UpdateUserPoolClientRequest.add_member(:prevent_user_existence_errors, Shapes::ShapeRef.new(shape: PreventUserExistenceErrorTypes, location_name: "PreventUserExistenceErrors"))
|
1777
|
+
UpdateUserPoolClientRequest.add_member(:enable_token_revocation, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnableTokenRevocation"))
|
1755
1778
|
UpdateUserPoolClientRequest.struct_class = Types::UpdateUserPoolClientRequest
|
1756
1779
|
|
1757
1780
|
UpdateUserPoolClientResponse.add_member(:user_pool_client, Shapes::ShapeRef.new(shape: UserPoolClientType, location_name: "UserPoolClient"))
|
@@ -1855,6 +1878,7 @@ module Aws::CognitoIdentityProvider
|
|
1855
1878
|
UserPoolClientType.add_member(:allowed_o_auth_flows_user_pool_client, Shapes::ShapeRef.new(shape: BooleanType, location_name: "AllowedOAuthFlowsUserPoolClient", metadata: {"box"=>true}))
|
1856
1879
|
UserPoolClientType.add_member(:analytics_configuration, Shapes::ShapeRef.new(shape: AnalyticsConfigurationType, location_name: "AnalyticsConfiguration"))
|
1857
1880
|
UserPoolClientType.add_member(:prevent_user_existence_errors, Shapes::ShapeRef.new(shape: PreventUserExistenceErrorTypes, location_name: "PreventUserExistenceErrors"))
|
1881
|
+
UserPoolClientType.add_member(:enable_token_revocation, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnableTokenRevocation"))
|
1858
1882
|
UserPoolClientType.struct_class = Types::UserPoolClientType
|
1859
1883
|
|
1860
1884
|
UserPoolDescriptionType.add_member(:id, Shapes::ShapeRef.new(shape: UserPoolIdType, location_name: "Id"))
|
@@ -3276,6 +3300,20 @@ module Aws::CognitoIdentityProvider
|
|
3276
3300
|
o.errors << Shapes::ShapeRef.new(shape: SoftwareTokenMFANotFoundException)
|
3277
3301
|
end)
|
3278
3302
|
|
3303
|
+
api.add_operation(:revoke_token, Seahorse::Model::Operation.new.tap do |o|
|
3304
|
+
o.name = "RevokeToken"
|
3305
|
+
o.http_method = "POST"
|
3306
|
+
o.http_request_uri = "/"
|
3307
|
+
o.input = Shapes::ShapeRef.new(shape: RevokeTokenRequest)
|
3308
|
+
o.output = Shapes::ShapeRef.new(shape: RevokeTokenResponse)
|
3309
|
+
o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
|
3310
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalErrorException)
|
3311
|
+
o.errors << Shapes::ShapeRef.new(shape: UnauthorizedException)
|
3312
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
3313
|
+
o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
|
3314
|
+
o.errors << Shapes::ShapeRef.new(shape: UnsupportedTokenTypeException)
|
3315
|
+
end)
|
3316
|
+
|
3279
3317
|
api.add_operation(:set_risk_configuration, Seahorse::Model::Operation.new.tap do |o|
|
3280
3318
|
o.name = "SetRiskConfiguration"
|
3281
3319
|
o.http_method = "POST"
|
@@ -54,8 +54,11 @@ module Aws::CognitoIdentityProvider
|
|
54
54
|
# * {SoftwareTokenMFANotFoundException}
|
55
55
|
# * {TooManyFailedAttemptsException}
|
56
56
|
# * {TooManyRequestsException}
|
57
|
+
# * {UnauthorizedException}
|
57
58
|
# * {UnexpectedLambdaException}
|
58
59
|
# * {UnsupportedIdentityProviderException}
|
60
|
+
# * {UnsupportedOperationException}
|
61
|
+
# * {UnsupportedTokenTypeException}
|
59
62
|
# * {UnsupportedUserStateException}
|
60
63
|
# * {UserImportInProgressException}
|
61
64
|
# * {UserLambdaValidationException}
|
@@ -476,6 +479,21 @@ module Aws::CognitoIdentityProvider
|
|
476
479
|
end
|
477
480
|
end
|
478
481
|
|
482
|
+
class UnauthorizedException < ServiceError
|
483
|
+
|
484
|
+
# @param [Seahorse::Client::RequestContext] context
|
485
|
+
# @param [String] message
|
486
|
+
# @param [Aws::CognitoIdentityProvider::Types::UnauthorizedException] data
|
487
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
488
|
+
super(context, message, data)
|
489
|
+
end
|
490
|
+
|
491
|
+
# @return [String]
|
492
|
+
def message
|
493
|
+
@message || @data[:message]
|
494
|
+
end
|
495
|
+
end
|
496
|
+
|
479
497
|
class UnexpectedLambdaException < ServiceError
|
480
498
|
|
481
499
|
# @param [Seahorse::Client::RequestContext] context
|
@@ -506,6 +524,36 @@ module Aws::CognitoIdentityProvider
|
|
506
524
|
end
|
507
525
|
end
|
508
526
|
|
527
|
+
class UnsupportedOperationException < ServiceError
|
528
|
+
|
529
|
+
# @param [Seahorse::Client::RequestContext] context
|
530
|
+
# @param [String] message
|
531
|
+
# @param [Aws::CognitoIdentityProvider::Types::UnsupportedOperationException] data
|
532
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
533
|
+
super(context, message, data)
|
534
|
+
end
|
535
|
+
|
536
|
+
# @return [String]
|
537
|
+
def message
|
538
|
+
@message || @data[:message]
|
539
|
+
end
|
540
|
+
end
|
541
|
+
|
542
|
+
class UnsupportedTokenTypeException < ServiceError
|
543
|
+
|
544
|
+
# @param [Seahorse::Client::RequestContext] context
|
545
|
+
# @param [String] message
|
546
|
+
# @param [Aws::CognitoIdentityProvider::Types::UnsupportedTokenTypeException] data
|
547
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
548
|
+
super(context, message, data)
|
549
|
+
end
|
550
|
+
|
551
|
+
# @return [String]
|
552
|
+
def message
|
553
|
+
@message || @data[:message]
|
554
|
+
end
|
555
|
+
end
|
556
|
+
|
509
557
|
class UnsupportedUserStateException < ServiceError
|
510
558
|
|
511
559
|
# @param [Seahorse::Client::RequestContext] context
|
@@ -283,14 +283,14 @@ module Aws::CognitoIdentityProvider
|
|
283
283
|
# any custom workflows that this action triggers.
|
284
284
|
#
|
285
285
|
# If your user pool configuration includes triggers, the
|
286
|
-
# AdminConfirmSignUp API action invokes the
|
287
|
-
#
|
288
|
-
#
|
289
|
-
#
|
290
|
-
#
|
291
|
-
#
|
292
|
-
#
|
293
|
-
#
|
286
|
+
# AdminConfirmSignUp API action invokes the Lambda function that is
|
287
|
+
# specified for the *post confirmation* trigger. When Amazon Cognito
|
288
|
+
# invokes this function, it passes a JSON payload, which the function
|
289
|
+
# receives as input. In this payload, the `clientMetadata` attribute
|
290
|
+
# provides the data that you assigned to the ClientMetadata parameter
|
291
|
+
# in your AdminConfirmSignUp request. In your function code in Lambda,
|
292
|
+
# you can process the ClientMetadata value to enhance your workflow
|
293
|
+
# for your specific needs.
|
294
294
|
#
|
295
295
|
# For more information, see [Customizing User Pool Workflows with
|
296
296
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -299,10 +299,10 @@ module Aws::CognitoIdentityProvider
|
|
299
299
|
# ClientMetadata parameter:
|
300
300
|
#
|
301
301
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
302
|
-
# is available only to
|
303
|
-
#
|
304
|
-
#
|
305
|
-
#
|
302
|
+
# is available only to Lambda triggers that are assigned to a user
|
303
|
+
# pool to support custom workflows. If your user pool configuration
|
304
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
305
|
+
# purpose.
|
306
306
|
#
|
307
307
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
308
308
|
#
|
@@ -532,16 +532,16 @@ module Aws::CognitoIdentityProvider
|
|
532
532
|
# A map of custom key-value pairs that you can provide as input for
|
533
533
|
# any custom workflows that this action triggers.
|
534
534
|
#
|
535
|
-
# You create custom workflows by assigning
|
536
|
-
#
|
537
|
-
#
|
538
|
-
#
|
539
|
-
#
|
540
|
-
#
|
541
|
-
#
|
542
|
-
#
|
543
|
-
#
|
544
|
-
#
|
535
|
+
# You create custom workflows by assigning Lambda functions to user
|
536
|
+
# pool triggers. When you use the AdminCreateUser API action, Amazon
|
537
|
+
# Cognito invokes the function that is assigned to the *pre sign-up*
|
538
|
+
# trigger. When Amazon Cognito invokes this function, it passes a JSON
|
539
|
+
# payload, which the function receives as input. This payload contains
|
540
|
+
# a `clientMetadata` attribute, which provides the data that you
|
541
|
+
# assigned to the ClientMetadata parameter in your AdminCreateUser
|
542
|
+
# request. In your function code in Lambda, you can process the
|
543
|
+
# `clientMetadata` value to enhance your workflow for your specific
|
544
|
+
# needs.
|
545
545
|
#
|
546
546
|
# For more information, see [Customizing User Pool Workflows with
|
547
547
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -550,10 +550,10 @@ module Aws::CognitoIdentityProvider
|
|
550
550
|
# ClientMetadata parameter:
|
551
551
|
#
|
552
552
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
553
|
-
# is available only to
|
554
|
-
#
|
555
|
-
#
|
556
|
-
#
|
553
|
+
# is available only to Lambda triggers that are assigned to a user
|
554
|
+
# pool to support custom workflows. If your user pool configuration
|
555
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
556
|
+
# purpose.
|
557
557
|
#
|
558
558
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
559
559
|
#
|
@@ -1068,11 +1068,11 @@ module Aws::CognitoIdentityProvider
|
|
1068
1068
|
# A map of custom key-value pairs that you can provide as input for
|
1069
1069
|
# certain custom workflows that this action triggers.
|
1070
1070
|
#
|
1071
|
-
# You create custom workflows by assigning
|
1072
|
-
#
|
1073
|
-
#
|
1074
|
-
#
|
1075
|
-
#
|
1071
|
+
# You create custom workflows by assigning Lambda functions to user
|
1072
|
+
# pool triggers. When you use the AdminInitiateAuth API action, Amazon
|
1073
|
+
# Cognito invokes the Lambda functions that are specified for various
|
1074
|
+
# triggers. The ClientMetadata value is passed as input to the
|
1075
|
+
# functions for only the following triggers:
|
1076
1076
|
#
|
1077
1077
|
# * Pre signup
|
1078
1078
|
#
|
@@ -1084,9 +1084,9 @@ module Aws::CognitoIdentityProvider
|
|
1084
1084
|
# passes a JSON payload, which the function receives as input. This
|
1085
1085
|
# payload contains a `validationData` attribute, which provides the
|
1086
1086
|
# data that you assigned to the ClientMetadata parameter in your
|
1087
|
-
# AdminInitiateAuth request. In your function code in
|
1088
|
-
#
|
1089
|
-
#
|
1087
|
+
# AdminInitiateAuth request. In your function code in Lambda, you can
|
1088
|
+
# process the `validationData` value to enhance your workflow for your
|
1089
|
+
# specific needs.
|
1090
1090
|
#
|
1091
1091
|
# When you use the AdminInitiateAuth API action, Amazon Cognito also
|
1092
1092
|
# invokes the functions for the following triggers, but it does not
|
@@ -1111,10 +1111,10 @@ module Aws::CognitoIdentityProvider
|
|
1111
1111
|
# ClientMetadata parameter:
|
1112
1112
|
#
|
1113
1113
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
1114
|
-
# is available only to
|
1115
|
-
#
|
1116
|
-
#
|
1117
|
-
#
|
1114
|
+
# is available only to Lambda triggers that are assigned to a user
|
1115
|
+
# pool to support custom workflows. If your user pool configuration
|
1116
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
1117
|
+
# purpose.
|
1118
1118
|
#
|
1119
1119
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
1120
1120
|
#
|
@@ -1562,16 +1562,16 @@ module Aws::CognitoIdentityProvider
|
|
1562
1562
|
# A map of custom key-value pairs that you can provide as input for
|
1563
1563
|
# any custom workflows that this action triggers.
|
1564
1564
|
#
|
1565
|
-
# You create custom workflows by assigning
|
1566
|
-
#
|
1567
|
-
#
|
1568
|
-
#
|
1569
|
-
#
|
1565
|
+
# You create custom workflows by assigning Lambda functions to user
|
1566
|
+
# pool triggers. When you use the AdminResetUserPassword API action,
|
1567
|
+
# Amazon Cognito invokes the function that is assigned to the *custom
|
1568
|
+
# message* trigger. When Amazon Cognito invokes this function, it
|
1569
|
+
# passes a JSON payload, which the function receives as input. This
|
1570
1570
|
# payload contains a `clientMetadata` attribute, which provides the
|
1571
1571
|
# data that you assigned to the ClientMetadata parameter in your
|
1572
|
-
# AdminResetUserPassword request. In your function code in
|
1573
|
-
#
|
1574
|
-
#
|
1572
|
+
# AdminResetUserPassword request. In your function code in Lambda, you
|
1573
|
+
# can process the `clientMetadata` value to enhance your workflow for
|
1574
|
+
# your specific needs.
|
1575
1575
|
#
|
1576
1576
|
# For more information, see [Customizing User Pool Workflows with
|
1577
1577
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -1580,10 +1580,10 @@ module Aws::CognitoIdentityProvider
|
|
1580
1580
|
# ClientMetadata parameter:
|
1581
1581
|
#
|
1582
1582
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
1583
|
-
# is available only to
|
1584
|
-
#
|
1585
|
-
#
|
1586
|
-
#
|
1583
|
+
# is available only to Lambda triggers that are assigned to a user
|
1584
|
+
# pool to support custom workflows. If your user pool configuration
|
1585
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
1586
|
+
# purpose.
|
1587
1587
|
#
|
1588
1588
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
1589
1589
|
#
|
@@ -1718,8 +1718,8 @@ module Aws::CognitoIdentityProvider
|
|
1718
1718
|
# A map of custom key-value pairs that you can provide as input for
|
1719
1719
|
# any custom workflows that this action triggers.
|
1720
1720
|
#
|
1721
|
-
# You create custom workflows by assigning
|
1722
|
-
#
|
1721
|
+
# You create custom workflows by assigning Lambda functions to user
|
1722
|
+
# pool triggers. When you use the AdminRespondToAuthChallenge API
|
1723
1723
|
# action, Amazon Cognito invokes any functions that are assigned to
|
1724
1724
|
# the following triggers: *pre sign-up*, *custom message*, *post
|
1725
1725
|
# authentication*, *user migration*, *pre token generation*, *define
|
@@ -1728,7 +1728,7 @@ module Aws::CognitoIdentityProvider
|
|
1728
1728
|
# passes a JSON payload, which the function receives as input. This
|
1729
1729
|
# payload contains a `clientMetadata` attribute, which provides the
|
1730
1730
|
# data that you assigned to the ClientMetadata parameter in your
|
1731
|
-
# AdminRespondToAuthChallenge request. In your function code in
|
1731
|
+
# AdminRespondToAuthChallenge request. In your function code in
|
1732
1732
|
# Lambda, you can process the `clientMetadata` value to enhance your
|
1733
1733
|
# workflow for your specific needs.
|
1734
1734
|
#
|
@@ -1739,10 +1739,10 @@ module Aws::CognitoIdentityProvider
|
|
1739
1739
|
# ClientMetadata parameter:
|
1740
1740
|
#
|
1741
1741
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
1742
|
-
# is available only to
|
1743
|
-
#
|
1744
|
-
#
|
1745
|
-
#
|
1742
|
+
# is available only to Lambda triggers that are assigned to a user
|
1743
|
+
# pool to support custom workflows. If your user pool configuration
|
1744
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
1745
|
+
# purpose.
|
1746
1746
|
#
|
1747
1747
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
1748
1748
|
#
|
@@ -2080,16 +2080,16 @@ module Aws::CognitoIdentityProvider
|
|
2080
2080
|
# A map of custom key-value pairs that you can provide as input for
|
2081
2081
|
# any custom workflows that this action triggers.
|
2082
2082
|
#
|
2083
|
-
# You create custom workflows by assigning
|
2084
|
-
#
|
2083
|
+
# You create custom workflows by assigning Lambda functions to user
|
2084
|
+
# pool triggers. When you use the AdminUpdateUserAttributes API
|
2085
2085
|
# action, Amazon Cognito invokes the function that is assigned to the
|
2086
2086
|
# *custom message* trigger. When Amazon Cognito invokes this function,
|
2087
2087
|
# it passes a JSON payload, which the function receives as input. This
|
2088
2088
|
# payload contains a `clientMetadata` attribute, which provides the
|
2089
2089
|
# data that you assigned to the ClientMetadata parameter in your
|
2090
|
-
# AdminUpdateUserAttributes request. In your function code in
|
2091
|
-
#
|
2092
|
-
#
|
2090
|
+
# AdminUpdateUserAttributes request. In your function code in Lambda,
|
2091
|
+
# you can process the `clientMetadata` value to enhance your workflow
|
2092
|
+
# for your specific needs.
|
2093
2093
|
#
|
2094
2094
|
# For more information, see [Customizing User Pool Workflows with
|
2095
2095
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -2098,10 +2098,10 @@ module Aws::CognitoIdentityProvider
|
|
2098
2098
|
# ClientMetadata parameter:
|
2099
2099
|
#
|
2100
2100
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
2101
|
-
# is available only to
|
2102
|
-
#
|
2103
|
-
#
|
2104
|
-
#
|
2101
|
+
# is available only to Lambda triggers that are assigned to a user
|
2102
|
+
# pool to support custom workflows. If your user pool configuration
|
2103
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
2104
|
+
# purpose.
|
2105
2105
|
#
|
2106
2106
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
2107
2107
|
#
|
@@ -2738,16 +2738,16 @@ module Aws::CognitoIdentityProvider
|
|
2738
2738
|
# A map of custom key-value pairs that you can provide as input for
|
2739
2739
|
# any custom workflows that this action triggers.
|
2740
2740
|
#
|
2741
|
-
# You create custom workflows by assigning
|
2742
|
-
#
|
2743
|
-
#
|
2744
|
-
#
|
2745
|
-
#
|
2746
|
-
#
|
2747
|
-
#
|
2748
|
-
#
|
2749
|
-
#
|
2750
|
-
#
|
2741
|
+
# You create custom workflows by assigning Lambda functions to user
|
2742
|
+
# pool triggers. When you use the ConfirmForgotPassword API action,
|
2743
|
+
# Amazon Cognito invokes the function that is assigned to the *post
|
2744
|
+
# confirmation* trigger. When Amazon Cognito invokes this function, it
|
2745
|
+
# passes a JSON payload, which the function receives as input. This
|
2746
|
+
# payload contains a `clientMetadata` attribute, which provides the
|
2747
|
+
# data that you assigned to the ClientMetadata parameter in your
|
2748
|
+
# ConfirmForgotPassword request. In your function code in Lambda, you
|
2749
|
+
# can process the `clientMetadata` value to enhance your workflow for
|
2750
|
+
# your specific needs.
|
2751
2751
|
#
|
2752
2752
|
# For more information, see [Customizing User Pool Workflows with
|
2753
2753
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -2756,10 +2756,10 @@ module Aws::CognitoIdentityProvider
|
|
2756
2756
|
# ClientMetadata parameter:
|
2757
2757
|
#
|
2758
2758
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
2759
|
-
# is available only to
|
2760
|
-
#
|
2761
|
-
#
|
2762
|
-
#
|
2759
|
+
# is available only to Lambda triggers that are assigned to a user
|
2760
|
+
# pool to support custom workflows. If your user pool configuration
|
2761
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
2762
|
+
# purpose.
|
2763
2763
|
#
|
2764
2764
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
2765
2765
|
#
|
@@ -2861,14 +2861,14 @@ module Aws::CognitoIdentityProvider
|
|
2861
2861
|
# A map of custom key-value pairs that you can provide as input for
|
2862
2862
|
# any custom workflows that this action triggers.
|
2863
2863
|
#
|
2864
|
-
# You create custom workflows by assigning
|
2865
|
-
#
|
2866
|
-
#
|
2864
|
+
# You create custom workflows by assigning Lambda functions to user
|
2865
|
+
# pool triggers. When you use the ConfirmSignUp API action, Amazon
|
2866
|
+
# Cognito invokes the function that is assigned to the *post
|
2867
2867
|
# confirmation* trigger. When Amazon Cognito invokes this function, it
|
2868
2868
|
# passes a JSON payload, which the function receives as input. This
|
2869
2869
|
# payload contains a `clientMetadata` attribute, which provides the
|
2870
2870
|
# data that you assigned to the ClientMetadata parameter in your
|
2871
|
-
# ConfirmSignUp request. In your function code in
|
2871
|
+
# ConfirmSignUp request. In your function code in Lambda, you can
|
2872
2872
|
# process the `clientMetadata` value to enhance your workflow for your
|
2873
2873
|
# specific needs.
|
2874
2874
|
#
|
@@ -2879,10 +2879,10 @@ module Aws::CognitoIdentityProvider
|
|
2879
2879
|
# ClientMetadata parameter:
|
2880
2880
|
#
|
2881
2881
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
2882
|
-
# is available only to
|
2883
|
-
#
|
2884
|
-
#
|
2885
|
-
#
|
2882
|
+
# is available only to Lambda triggers that are assigned to a user
|
2883
|
+
# pool to support custom workflows. If your user pool configuration
|
2884
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
2885
|
+
# purpose.
|
2886
2886
|
#
|
2887
2887
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
2888
2888
|
#
|
@@ -3310,6 +3310,7 @@ module Aws::CognitoIdentityProvider
|
|
3310
3310
|
# user_data_shared: false,
|
3311
3311
|
# },
|
3312
3312
|
# prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
|
3313
|
+
# enable_token_revocation: false,
|
3313
3314
|
# }
|
3314
3315
|
#
|
3315
3316
|
# @!attribute [rw] user_pool_id
|
@@ -3472,8 +3473,8 @@ module Aws::CognitoIdentityProvider
|
|
3472
3473
|
# @!attribute [rw] allowed_o_auth_scopes
|
3473
3474
|
# The allowed OAuth scopes. Possible values provided by OAuth are:
|
3474
3475
|
# `phone`, `email`, `openid`, and `profile`. Possible values provided
|
3475
|
-
# by
|
3476
|
-
# in Resource Servers are also supported.
|
3476
|
+
# by Amazon Web Services are: `aws.cognito.signin.user.admin`. Custom
|
3477
|
+
# scopes created in Resource Servers are also supported.
|
3477
3478
|
# @return [Array<String>]
|
3478
3479
|
#
|
3479
3480
|
# @!attribute [rw] allowed_o_auth_flows_user_pool_client
|
@@ -3518,6 +3519,18 @@ module Aws::CognitoIdentityProvider
|
|
3518
3519
|
# </note>
|
3519
3520
|
# @return [String]
|
3520
3521
|
#
|
3522
|
+
# @!attribute [rw] enable_token_revocation
|
3523
|
+
# Enables or disables token revocation. For more information about
|
3524
|
+
# revoking tokens, see [RevokeToken][1].
|
3525
|
+
#
|
3526
|
+
# If you don't include this parameter, token revocation is
|
3527
|
+
# automatically enabled for the new user pool client.
|
3528
|
+
#
|
3529
|
+
#
|
3530
|
+
#
|
3531
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
|
3532
|
+
# @return [Boolean]
|
3533
|
+
#
|
3521
3534
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolClientRequest AWS API Documentation
|
3522
3535
|
#
|
3523
3536
|
class CreateUserPoolClientRequest < Struct.new(
|
@@ -3539,7 +3552,8 @@ module Aws::CognitoIdentityProvider
|
|
3539
3552
|
:allowed_o_auth_scopes,
|
3540
3553
|
:allowed_o_auth_flows_user_pool_client,
|
3541
3554
|
:analytics_configuration,
|
3542
|
-
:prevent_user_existence_errors
|
3555
|
+
:prevent_user_existence_errors,
|
3556
|
+
:enable_token_revocation)
|
3543
3557
|
SENSITIVE = []
|
3544
3558
|
include Aws::Structure
|
3545
3559
|
end
|
@@ -3751,7 +3765,7 @@ module Aws::CognitoIdentityProvider
|
|
3751
3765
|
# For more information on using the Lambda API to add permission, see
|
3752
3766
|
# [ AddPermission ][1].
|
3753
3767
|
#
|
3754
|
-
# For adding permission using the
|
3768
|
+
# For adding permission using the CLI, see [ add-permission ][2].
|
3755
3769
|
#
|
3756
3770
|
# </note>
|
3757
3771
|
#
|
@@ -3922,7 +3936,7 @@ module Aws::CognitoIdentityProvider
|
|
3922
3936
|
# }
|
3923
3937
|
#
|
3924
3938
|
# @!attribute [rw] certificate_arn
|
3925
|
-
# The Amazon Resource Name (ARN) of an
|
3939
|
+
# The Amazon Resource Name (ARN) of an Certificate Manager SSL
|
3926
3940
|
# certificate. You use this certificate for the subdomain of your
|
3927
3941
|
# custom domain.
|
3928
3942
|
# @return [String]
|
@@ -4566,7 +4580,7 @@ module Aws::CognitoIdentityProvider
|
|
4566
4580
|
# @return [String]
|
4567
4581
|
#
|
4568
4582
|
# @!attribute [rw] aws_account_id
|
4569
|
-
# The
|
4583
|
+
# The account ID for the user pool owner.
|
4570
4584
|
# @return [String]
|
4571
4585
|
#
|
4572
4586
|
# @!attribute [rw] domain
|
@@ -4716,7 +4730,7 @@ module Aws::CognitoIdentityProvider
|
|
4716
4730
|
# configuration. Amazon Cognito calls Amazon SES on your behalf to
|
4717
4731
|
# send email from your verified email address. When you use this
|
4718
4732
|
# option, the email delivery limits are the same limits that apply
|
4719
|
-
# to your Amazon SES verified email address in your
|
4733
|
+
# to your Amazon SES verified email address in your account.
|
4720
4734
|
#
|
4721
4735
|
# If you use this option, you must provide the ARN of an Amazon SES
|
4722
4736
|
# verified email address for the `SourceArn` parameter.
|
@@ -4724,7 +4738,7 @@ module Aws::CognitoIdentityProvider
|
|
4724
4738
|
# Before Amazon Cognito can email your users, it requires additional
|
4725
4739
|
# permissions to call Amazon SES on your behalf. When you update
|
4726
4740
|
# your user pool with this option, Amazon Cognito creates a
|
4727
|
-
# *service-linked role*, which is a type of IAM role, in your
|
4741
|
+
# *service-linked role*, which is a type of IAM role, in your
|
4728
4742
|
# account. This role contains the permissions that allow Amazon
|
4729
4743
|
# Cognito to access Amazon SES and send email messages with your
|
4730
4744
|
# address. For more information about the service-linked role that
|
@@ -4755,7 +4769,7 @@ module Aws::CognitoIdentityProvider
|
|
4755
4769
|
# * Event publishing – Amazon SES can track the number of send,
|
4756
4770
|
# delivery, open, click, bounce, and complaint events for each email
|
4757
4771
|
# sent. Use event publishing to send information about these events
|
4758
|
-
# to other
|
4772
|
+
# to other Amazon Web Services services such as SNS and CloudWatch.
|
4759
4773
|
#
|
4760
4774
|
# * IP pool management – When leasing dedicated IP addresses with
|
4761
4775
|
# Amazon SES, you can create groups of IP addresses, called
|
@@ -4965,17 +4979,17 @@ module Aws::CognitoIdentityProvider
|
|
4965
4979
|
# A map of custom key-value pairs that you can provide as input for
|
4966
4980
|
# any custom workflows that this action triggers.
|
4967
4981
|
#
|
4968
|
-
# You create custom workflows by assigning
|
4969
|
-
#
|
4970
|
-
#
|
4971
|
-
#
|
4972
|
-
#
|
4973
|
-
#
|
4974
|
-
#
|
4975
|
-
#
|
4976
|
-
#
|
4977
|
-
#
|
4978
|
-
#
|
4982
|
+
# You create custom workflows by assigning Lambda functions to user
|
4983
|
+
# pool triggers. When you use the ForgotPassword API action, Amazon
|
4984
|
+
# Cognito invokes any functions that are assigned to the following
|
4985
|
+
# triggers: *pre sign-up*, *custom message*, and *user migration*.
|
4986
|
+
# When Amazon Cognito invokes any of these functions, it passes a JSON
|
4987
|
+
# payload, which the function receives as input. This payload contains
|
4988
|
+
# a `clientMetadata` attribute, which provides the data that you
|
4989
|
+
# assigned to the ClientMetadata parameter in your ForgotPassword
|
4990
|
+
# request. In your function code in Lambda, you can process the
|
4991
|
+
# `clientMetadata` value to enhance your workflow for your specific
|
4992
|
+
# needs.
|
4979
4993
|
#
|
4980
4994
|
# For more information, see [Customizing User Pool Workflows with
|
4981
4995
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -4984,10 +4998,10 @@ module Aws::CognitoIdentityProvider
|
|
4984
4998
|
# ClientMetadata parameter:
|
4985
4999
|
#
|
4986
5000
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
4987
|
-
# is available only to
|
4988
|
-
#
|
4989
|
-
#
|
4990
|
-
#
|
5001
|
+
# is available only to Lambda triggers that are assigned to a user
|
5002
|
+
# pool to support custom workflows. If your user pool configuration
|
5003
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
5004
|
+
# purpose.
|
4991
5005
|
#
|
4992
5006
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
4993
5007
|
#
|
@@ -5288,17 +5302,16 @@ module Aws::CognitoIdentityProvider
|
|
5288
5302
|
# A map of custom key-value pairs that you can provide as input for
|
5289
5303
|
# any custom workflows that this action triggers.
|
5290
5304
|
#
|
5291
|
-
# You create custom workflows by assigning
|
5292
|
-
#
|
5293
|
-
#
|
5294
|
-
#
|
5295
|
-
#
|
5296
|
-
#
|
5297
|
-
#
|
5298
|
-
# assigned to the ClientMetadata parameter in your
|
5305
|
+
# You create custom workflows by assigning Lambda functions to user
|
5306
|
+
# pool triggers. When you use the GetUserAttributeVerificationCode API
|
5307
|
+
# action, Amazon Cognito invokes the function that is assigned to the
|
5308
|
+
# *custom message* trigger. When Amazon Cognito invokes this function,
|
5309
|
+
# it passes a JSON payload, which the function receives as input. This
|
5310
|
+
# payload contains a `clientMetadata` attribute, which provides the
|
5311
|
+
# data that you assigned to the ClientMetadata parameter in your
|
5299
5312
|
# GetUserAttributeVerificationCode request. In your function code in
|
5300
|
-
#
|
5301
|
-
#
|
5313
|
+
# Lambda, you can process the `clientMetadata` value to enhance your
|
5314
|
+
# workflow for your specific needs.
|
5302
5315
|
#
|
5303
5316
|
# For more information, see [Customizing User Pool Workflows with
|
5304
5317
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -5307,10 +5320,10 @@ module Aws::CognitoIdentityProvider
|
|
5307
5320
|
# ClientMetadata parameter:
|
5308
5321
|
#
|
5309
5322
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
5310
|
-
# is available only to
|
5311
|
-
#
|
5312
|
-
#
|
5313
|
-
#
|
5323
|
+
# is available only to Lambda triggers that are assigned to a user
|
5324
|
+
# pool to support custom workflows. If your user pool configuration
|
5325
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
5326
|
+
# purpose.
|
5314
5327
|
#
|
5315
5328
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
5316
5329
|
#
|
@@ -5664,8 +5677,6 @@ module Aws::CognitoIdentityProvider
|
|
5664
5677
|
# * jwks\_uri *if not available from discovery URL specified by
|
5665
5678
|
# oidc\_issuer key*
|
5666
5679
|
#
|
5667
|
-
# * authorize\_scopes
|
5668
|
-
#
|
5669
5680
|
# * For SAML providers:
|
5670
5681
|
#
|
5671
5682
|
# * MetadataFile OR MetadataURL
|
@@ -5788,10 +5799,10 @@ module Aws::CognitoIdentityProvider
|
|
5788
5799
|
# A map of custom key-value pairs that you can provide as input for
|
5789
5800
|
# certain custom workflows that this action triggers.
|
5790
5801
|
#
|
5791
|
-
# You create custom workflows by assigning
|
5792
|
-
#
|
5793
|
-
# Cognito invokes the
|
5794
|
-
#
|
5802
|
+
# You create custom workflows by assigning Lambda functions to user
|
5803
|
+
# pool triggers. When you use the InitiateAuth API action, Amazon
|
5804
|
+
# Cognito invokes the Lambda functions that are specified for various
|
5805
|
+
# triggers. The ClientMetadata value is passed as input to the
|
5795
5806
|
# functions for only the following triggers:
|
5796
5807
|
#
|
5797
5808
|
# * Pre signup
|
@@ -5804,7 +5815,7 @@ module Aws::CognitoIdentityProvider
|
|
5804
5815
|
# passes a JSON payload, which the function receives as input. This
|
5805
5816
|
# payload contains a `validationData` attribute, which provides the
|
5806
5817
|
# data that you assigned to the ClientMetadata parameter in your
|
5807
|
-
# InitiateAuth request. In your function code in
|
5818
|
+
# InitiateAuth request. In your function code in Lambda, you can
|
5808
5819
|
# process the `validationData` value to enhance your workflow for your
|
5809
5820
|
# specific needs.
|
5810
5821
|
#
|
@@ -5831,10 +5842,10 @@ module Aws::CognitoIdentityProvider
|
|
5831
5842
|
# ClientMetadata parameter:
|
5832
5843
|
#
|
5833
5844
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
5834
|
-
# is available only to
|
5835
|
-
#
|
5836
|
-
#
|
5837
|
-
#
|
5845
|
+
# is available only to Lambda triggers that are assigned to a user
|
5846
|
+
# pool to support custom workflows. If your user pool configuration
|
5847
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
5848
|
+
# purpose.
|
5838
5849
|
#
|
5839
5850
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
5840
5851
|
#
|
@@ -5992,11 +6003,11 @@ module Aws::CognitoIdentityProvider
|
|
5992
6003
|
end
|
5993
6004
|
|
5994
6005
|
# This exception is thrown when the Amazon Cognito service encounters an
|
5995
|
-
# invalid
|
6006
|
+
# invalid Lambda response.
|
5996
6007
|
#
|
5997
6008
|
# @!attribute [rw] message
|
5998
6009
|
# The message returned when the Amazon Cognito service throws an
|
5999
|
-
# invalid
|
6010
|
+
# invalid Lambda response exception.
|
6000
6011
|
# @return [String]
|
6001
6012
|
#
|
6002
6013
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/InvalidLambdaResponseException AWS API Documentation
|
@@ -6070,7 +6081,7 @@ module Aws::CognitoIdentityProvider
|
|
6070
6081
|
|
6071
6082
|
# This exception is thrown when the trust relationship is invalid for
|
6072
6083
|
# the role provided for SMS configuration. This can happen if you do not
|
6073
|
-
# trust
|
6084
|
+
# trust `cognito-idp.amazonaws.com` or the external ID provided in the
|
6074
6085
|
# role does not match what is provided in the SMS configuration for the
|
6075
6086
|
# user pool.
|
6076
6087
|
#
|
@@ -6101,7 +6112,7 @@ module Aws::CognitoIdentityProvider
|
|
6101
6112
|
include Aws::Structure
|
6102
6113
|
end
|
6103
6114
|
|
6104
|
-
# Specifies the configuration for
|
6115
|
+
# Specifies the configuration for Lambda triggers.
|
6105
6116
|
#
|
6106
6117
|
# @note When making an API call, you may pass LambdaConfigType
|
6107
6118
|
# data as a hash:
|
@@ -6129,23 +6140,23 @@ module Aws::CognitoIdentityProvider
|
|
6129
6140
|
# }
|
6130
6141
|
#
|
6131
6142
|
# @!attribute [rw] pre_sign_up
|
6132
|
-
# A pre-registration
|
6143
|
+
# A pre-registration Lambda trigger.
|
6133
6144
|
# @return [String]
|
6134
6145
|
#
|
6135
6146
|
# @!attribute [rw] custom_message
|
6136
|
-
# A custom Message
|
6147
|
+
# A custom Message Lambda trigger.
|
6137
6148
|
# @return [String]
|
6138
6149
|
#
|
6139
6150
|
# @!attribute [rw] post_confirmation
|
6140
|
-
# A post-confirmation
|
6151
|
+
# A post-confirmation Lambda trigger.
|
6141
6152
|
# @return [String]
|
6142
6153
|
#
|
6143
6154
|
# @!attribute [rw] pre_authentication
|
6144
|
-
# A pre-authentication
|
6155
|
+
# A pre-authentication Lambda trigger.
|
6145
6156
|
# @return [String]
|
6146
6157
|
#
|
6147
6158
|
# @!attribute [rw] post_authentication
|
6148
|
-
# A post-authentication
|
6159
|
+
# A post-authentication Lambda trigger.
|
6149
6160
|
# @return [String]
|
6150
6161
|
#
|
6151
6162
|
# @!attribute [rw] define_auth_challenge
|
@@ -6169,11 +6180,11 @@ module Aws::CognitoIdentityProvider
|
|
6169
6180
|
# @return [String]
|
6170
6181
|
#
|
6171
6182
|
# @!attribute [rw] custom_sms_sender
|
6172
|
-
# A custom SMS sender
|
6183
|
+
# A custom SMS sender Lambda trigger.
|
6173
6184
|
# @return [Types::CustomSMSLambdaVersionConfigType]
|
6174
6185
|
#
|
6175
6186
|
# @!attribute [rw] custom_email_sender
|
6176
|
-
# A custom email sender
|
6187
|
+
# A custom email sender Lambda trigger.
|
6177
6188
|
# @return [Types::CustomEmailLambdaVersionConfigType]
|
6178
6189
|
#
|
6179
6190
|
# @!attribute [rw] kms_key_id
|
@@ -6204,7 +6215,7 @@ module Aws::CognitoIdentityProvider
|
|
6204
6215
|
end
|
6205
6216
|
|
6206
6217
|
# This exception is thrown when a user exceeds the limit for a requested
|
6207
|
-
#
|
6218
|
+
# Amazon Web Services resource.
|
6208
6219
|
#
|
6209
6220
|
# @!attribute [rw] message
|
6210
6221
|
# The message returned when Amazon Cognito throws a limit exceeded
|
@@ -7288,16 +7299,16 @@ module Aws::CognitoIdentityProvider
|
|
7288
7299
|
# A map of custom key-value pairs that you can provide as input for
|
7289
7300
|
# any custom workflows that this action triggers.
|
7290
7301
|
#
|
7291
|
-
# You create custom workflows by assigning
|
7292
|
-
#
|
7293
|
-
#
|
7294
|
-
#
|
7295
|
-
#
|
7302
|
+
# You create custom workflows by assigning Lambda functions to user
|
7303
|
+
# pool triggers. When you use the ResendConfirmationCode API action,
|
7304
|
+
# Amazon Cognito invokes the function that is assigned to the *custom
|
7305
|
+
# message* trigger. When Amazon Cognito invokes this function, it
|
7306
|
+
# passes a JSON payload, which the function receives as input. This
|
7296
7307
|
# payload contains a `clientMetadata` attribute, which provides the
|
7297
7308
|
# data that you assigned to the ClientMetadata parameter in your
|
7298
|
-
# ResendConfirmationCode request. In your function code in
|
7299
|
-
#
|
7300
|
-
#
|
7309
|
+
# ResendConfirmationCode request. In your function code in Lambda, you
|
7310
|
+
# can process the `clientMetadata` value to enhance your workflow for
|
7311
|
+
# your specific needs.
|
7301
7312
|
#
|
7302
7313
|
# For more information, see [Customizing User Pool Workflows with
|
7303
7314
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -7306,10 +7317,10 @@ module Aws::CognitoIdentityProvider
|
|
7306
7317
|
# ClientMetadata parameter:
|
7307
7318
|
#
|
7308
7319
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
7309
|
-
# is available only to
|
7310
|
-
#
|
7311
|
-
#
|
7312
|
-
#
|
7320
|
+
# is available only to Lambda triggers that are assigned to a user
|
7321
|
+
# pool to support custom workflows. If your user pool configuration
|
7322
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
7323
|
+
# purpose.
|
7313
7324
|
#
|
7314
7325
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
7315
7326
|
#
|
@@ -7516,18 +7527,18 @@ module Aws::CognitoIdentityProvider
|
|
7516
7527
|
# A map of custom key-value pairs that you can provide as input for
|
7517
7528
|
# any custom workflows that this action triggers.
|
7518
7529
|
#
|
7519
|
-
# You create custom workflows by assigning
|
7520
|
-
#
|
7521
|
-
#
|
7522
|
-
#
|
7523
|
-
#
|
7524
|
-
#
|
7525
|
-
#
|
7526
|
-
#
|
7527
|
-
#
|
7528
|
-
#
|
7529
|
-
#
|
7530
|
-
#
|
7530
|
+
# You create custom workflows by assigning Lambda functions to user
|
7531
|
+
# pool triggers. When you use the RespondToAuthChallenge API action,
|
7532
|
+
# Amazon Cognito invokes any functions that are assigned to the
|
7533
|
+
# following triggers: *post authentication*, *pre token generation*,
|
7534
|
+
# *define auth challenge*, *create auth challenge*, and *verify auth
|
7535
|
+
# challenge*. When Amazon Cognito invokes any of these functions, it
|
7536
|
+
# passes a JSON payload, which the function receives as input. This
|
7537
|
+
# payload contains a `clientMetadata` attribute, which provides the
|
7538
|
+
# data that you assigned to the ClientMetadata parameter in your
|
7539
|
+
# RespondToAuthChallenge request. In your function code in Lambda, you
|
7540
|
+
# can process the `clientMetadata` value to enhance your workflow for
|
7541
|
+
# your specific needs.
|
7531
7542
|
#
|
7532
7543
|
# For more information, see [Customizing User Pool Workflows with
|
7533
7544
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -7536,10 +7547,10 @@ module Aws::CognitoIdentityProvider
|
|
7536
7547
|
# ClientMetadata parameter:
|
7537
7548
|
#
|
7538
7549
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
7539
|
-
# is available only to
|
7540
|
-
#
|
7541
|
-
#
|
7542
|
-
#
|
7550
|
+
# is available only to Lambda triggers that are assigned to a user
|
7551
|
+
# pool to support custom workflows. If your user pool configuration
|
7552
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
7553
|
+
# purpose.
|
7543
7554
|
#
|
7544
7555
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
7545
7556
|
#
|
@@ -7610,6 +7621,42 @@ module Aws::CognitoIdentityProvider
|
|
7610
7621
|
include Aws::Structure
|
7611
7622
|
end
|
7612
7623
|
|
7624
|
+
# @note When making an API call, you may pass RevokeTokenRequest
|
7625
|
+
# data as a hash:
|
7626
|
+
#
|
7627
|
+
# {
|
7628
|
+
# token: "TokenModelType", # required
|
7629
|
+
# client_id: "ClientIdType", # required
|
7630
|
+
# client_secret: "ClientSecretType",
|
7631
|
+
# }
|
7632
|
+
#
|
7633
|
+
# @!attribute [rw] token
|
7634
|
+
# The token that you want to revoke.
|
7635
|
+
# @return [String]
|
7636
|
+
#
|
7637
|
+
# @!attribute [rw] client_id
|
7638
|
+
# The client ID for the token that you want to revoke.
|
7639
|
+
# @return [String]
|
7640
|
+
#
|
7641
|
+
# @!attribute [rw] client_secret
|
7642
|
+
# The secret for the client ID. This is required only if the client ID
|
7643
|
+
# has a secret.
|
7644
|
+
# @return [String]
|
7645
|
+
#
|
7646
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeTokenRequest AWS API Documentation
|
7647
|
+
#
|
7648
|
+
class RevokeTokenRequest < Struct.new(
|
7649
|
+
:token,
|
7650
|
+
:client_id,
|
7651
|
+
:client_secret)
|
7652
|
+
SENSITIVE = [:token, :client_id, :client_secret]
|
7653
|
+
include Aws::Structure
|
7654
|
+
end
|
7655
|
+
|
7656
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeTokenResponse AWS API Documentation
|
7657
|
+
#
|
7658
|
+
class RevokeTokenResponse < Aws::EmptyStructure; end
|
7659
|
+
|
7613
7660
|
# The risk configuration type.
|
7614
7661
|
#
|
7615
7662
|
# @!attribute [rw] user_pool_id
|
@@ -8219,17 +8266,16 @@ module Aws::CognitoIdentityProvider
|
|
8219
8266
|
# A map of custom key-value pairs that you can provide as input for
|
8220
8267
|
# any custom workflows that this action triggers.
|
8221
8268
|
#
|
8222
|
-
# You create custom workflows by assigning
|
8223
|
-
#
|
8224
|
-
#
|
8225
|
-
#
|
8226
|
-
#
|
8269
|
+
# You create custom workflows by assigning Lambda functions to user
|
8270
|
+
# pool triggers. When you use the SignUp API action, Amazon Cognito
|
8271
|
+
# invokes any functions that are assigned to the following triggers:
|
8272
|
+
# *pre sign-up*, *custom message*, and *post confirmation*. When
|
8273
|
+
# Amazon Cognito invokes any of these functions, it passes a JSON
|
8227
8274
|
# payload, which the function receives as input. This payload contains
|
8228
8275
|
# a `clientMetadata` attribute, which provides the data that you
|
8229
8276
|
# assigned to the ClientMetadata parameter in your SignUp request. In
|
8230
|
-
# your function code in
|
8231
|
-
#
|
8232
|
-
# needs.
|
8277
|
+
# your function code in Lambda, you can process the `clientMetadata`
|
8278
|
+
# value to enhance your workflow for your specific needs.
|
8233
8279
|
#
|
8234
8280
|
# For more information, see [Customizing User Pool Workflows with
|
8235
8281
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -8238,10 +8284,10 @@ module Aws::CognitoIdentityProvider
|
|
8238
8284
|
# ClientMetadata parameter:
|
8239
8285
|
#
|
8240
8286
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
8241
|
-
# is available only to
|
8242
|
-
#
|
8243
|
-
#
|
8244
|
-
#
|
8287
|
+
# is available only to Lambda triggers that are assigned to a user
|
8288
|
+
# pool to support custom workflows. If your user pool configuration
|
8289
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
8290
|
+
# purpose.
|
8245
8291
|
#
|
8246
8292
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
8247
8293
|
#
|
@@ -8300,9 +8346,9 @@ module Aws::CognitoIdentityProvider
|
|
8300
8346
|
|
8301
8347
|
# The SMS configuration type that includes the settings the Cognito User
|
8302
8348
|
# Pool needs to call for the Amazon SNS service to send an SMS message
|
8303
|
-
# from your
|
8304
|
-
# Amazon SNS Service by using an
|
8305
|
-
#
|
8349
|
+
# from your account. The Cognito User Pool makes the request to the
|
8350
|
+
# Amazon SNS Service by using an IAM role that you provide for your
|
8351
|
+
# account.
|
8306
8352
|
#
|
8307
8353
|
# @note When making an API call, you may pass SmsConfigurationType
|
8308
8354
|
# data as a hash:
|
@@ -8314,7 +8360,7 @@ module Aws::CognitoIdentityProvider
|
|
8314
8360
|
#
|
8315
8361
|
# @!attribute [rw] sns_caller_arn
|
8316
8362
|
# The Amazon Resource Name (ARN) of the Amazon Simple Notification
|
8317
|
-
# Service (SNS) caller. This is the ARN of the IAM role in your
|
8363
|
+
# Service (SNS) caller. This is the ARN of the IAM role in your
|
8318
8364
|
# account which Cognito will use to send SMS messages. SMS messages
|
8319
8365
|
# are subject to a [spending limit][1].
|
8320
8366
|
#
|
@@ -8335,8 +8381,8 @@ module Aws::CognitoIdentityProvider
|
|
8335
8381
|
# `ExternalId`.
|
8336
8382
|
#
|
8337
8383
|
# For more information about the `ExternalId` of a role, see [How to
|
8338
|
-
# use an external ID when granting access to your
|
8339
|
-
# third party][1]
|
8384
|
+
# use an external ID when granting access to your Amazon Web Services
|
8385
|
+
# resources to a third party][1]
|
8340
8386
|
#
|
8341
8387
|
#
|
8342
8388
|
#
|
@@ -8716,12 +8762,26 @@ module Aws::CognitoIdentityProvider
|
|
8716
8762
|
include Aws::Structure
|
8717
8763
|
end
|
8718
8764
|
|
8765
|
+
# This exception is thrown when the request is not authorized. This can
|
8766
|
+
# happen due to an invalid access token in the request.
|
8767
|
+
#
|
8768
|
+
# @!attribute [rw] message
|
8769
|
+
# @return [String]
|
8770
|
+
#
|
8771
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UnauthorizedException AWS API Documentation
|
8772
|
+
#
|
8773
|
+
class UnauthorizedException < Struct.new(
|
8774
|
+
:message)
|
8775
|
+
SENSITIVE = []
|
8776
|
+
include Aws::Structure
|
8777
|
+
end
|
8778
|
+
|
8719
8779
|
# This exception is thrown when the Amazon Cognito service encounters an
|
8720
|
-
# unexpected exception with the
|
8780
|
+
# unexpected exception with the Lambda service.
|
8721
8781
|
#
|
8722
8782
|
# @!attribute [rw] message
|
8723
8783
|
# The message returned when the Amazon Cognito service returns an
|
8724
|
-
# unexpected
|
8784
|
+
# unexpected Lambda exception.
|
8725
8785
|
# @return [String]
|
8726
8786
|
#
|
8727
8787
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UnexpectedLambdaException AWS API Documentation
|
@@ -8746,6 +8806,34 @@ module Aws::CognitoIdentityProvider
|
|
8746
8806
|
include Aws::Structure
|
8747
8807
|
end
|
8748
8808
|
|
8809
|
+
# This exception is thrown when you attempt to perform an operation that
|
8810
|
+
# is not enabled for the user pool client.
|
8811
|
+
#
|
8812
|
+
# @!attribute [rw] message
|
8813
|
+
# @return [String]
|
8814
|
+
#
|
8815
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UnsupportedOperationException AWS API Documentation
|
8816
|
+
#
|
8817
|
+
class UnsupportedOperationException < Struct.new(
|
8818
|
+
:message)
|
8819
|
+
SENSITIVE = []
|
8820
|
+
include Aws::Structure
|
8821
|
+
end
|
8822
|
+
|
8823
|
+
# This exception is thrown when an unsupported token is passed to an
|
8824
|
+
# operation.
|
8825
|
+
#
|
8826
|
+
# @!attribute [rw] message
|
8827
|
+
# @return [String]
|
8828
|
+
#
|
8829
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UnsupportedTokenTypeException AWS API Documentation
|
8830
|
+
#
|
8831
|
+
class UnsupportedTokenTypeException < Struct.new(
|
8832
|
+
:message)
|
8833
|
+
SENSITIVE = []
|
8834
|
+
include Aws::Structure
|
8835
|
+
end
|
8836
|
+
|
8749
8837
|
# The request failed because the user is in an unsupported state.
|
8750
8838
|
#
|
8751
8839
|
# @!attribute [rw] message
|
@@ -9084,16 +9172,16 @@ module Aws::CognitoIdentityProvider
|
|
9084
9172
|
# A map of custom key-value pairs that you can provide as input for
|
9085
9173
|
# any custom workflows that this action triggers.
|
9086
9174
|
#
|
9087
|
-
# You create custom workflows by assigning
|
9088
|
-
#
|
9089
|
-
#
|
9090
|
-
#
|
9091
|
-
#
|
9175
|
+
# You create custom workflows by assigning Lambda functions to user
|
9176
|
+
# pool triggers. When you use the UpdateUserAttributes API action,
|
9177
|
+
# Amazon Cognito invokes the function that is assigned to the *custom
|
9178
|
+
# message* trigger. When Amazon Cognito invokes this function, it
|
9179
|
+
# passes a JSON payload, which the function receives as input. This
|
9092
9180
|
# payload contains a `clientMetadata` attribute, which provides the
|
9093
9181
|
# data that you assigned to the ClientMetadata parameter in your
|
9094
|
-
# UpdateUserAttributes request. In your function code in
|
9095
|
-
#
|
9096
|
-
#
|
9182
|
+
# UpdateUserAttributes request. In your function code in Lambda, you
|
9183
|
+
# can process the `clientMetadata` value to enhance your workflow for
|
9184
|
+
# your specific needs.
|
9097
9185
|
#
|
9098
9186
|
# For more information, see [Customizing User Pool Workflows with
|
9099
9187
|
# Lambda Triggers][1] in the *Amazon Cognito Developer Guide*.
|
@@ -9102,10 +9190,10 @@ module Aws::CognitoIdentityProvider
|
|
9102
9190
|
# ClientMetadata parameter:
|
9103
9191
|
#
|
9104
9192
|
# * Amazon Cognito does not store the ClientMetadata value. This data
|
9105
|
-
# is available only to
|
9106
|
-
#
|
9107
|
-
#
|
9108
|
-
#
|
9193
|
+
# is available only to Lambda triggers that are assigned to a user
|
9194
|
+
# pool to support custom workflows. If your user pool configuration
|
9195
|
+
# does not include triggers, the ClientMetadata parameter serves no
|
9196
|
+
# purpose.
|
9109
9197
|
#
|
9110
9198
|
# * Amazon Cognito does not validate the ClientMetadata value.
|
9111
9199
|
#
|
@@ -9180,6 +9268,7 @@ module Aws::CognitoIdentityProvider
|
|
9180
9268
|
# user_data_shared: false,
|
9181
9269
|
# },
|
9182
9270
|
# prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
|
9271
|
+
# enable_token_revocation: false,
|
9183
9272
|
# }
|
9184
9273
|
#
|
9185
9274
|
# @!attribute [rw] user_pool_id
|
@@ -9325,8 +9414,8 @@ module Aws::CognitoIdentityProvider
|
|
9325
9414
|
# @!attribute [rw] allowed_o_auth_scopes
|
9326
9415
|
# The allowed OAuth scopes. Possible values provided by OAuth are:
|
9327
9416
|
# `phone`, `email`, `openid`, and `profile`. Possible values provided
|
9328
|
-
# by
|
9329
|
-
# in Resource Servers are also supported.
|
9417
|
+
# by Amazon Web Services are: `aws.cognito.signin.user.admin`. Custom
|
9418
|
+
# scopes created in Resource Servers are also supported.
|
9330
9419
|
# @return [Array<String>]
|
9331
9420
|
#
|
9332
9421
|
# @!attribute [rw] allowed_o_auth_flows_user_pool_client
|
@@ -9371,6 +9460,15 @@ module Aws::CognitoIdentityProvider
|
|
9371
9460
|
# </note>
|
9372
9461
|
# @return [String]
|
9373
9462
|
#
|
9463
|
+
# @!attribute [rw] enable_token_revocation
|
9464
|
+
# Enables or disables token revocation. For more information about
|
9465
|
+
# revoking tokens, see [RevokeToken][1].
|
9466
|
+
#
|
9467
|
+
#
|
9468
|
+
#
|
9469
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
|
9470
|
+
# @return [Boolean]
|
9471
|
+
#
|
9374
9472
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolClientRequest AWS API Documentation
|
9375
9473
|
#
|
9376
9474
|
class UpdateUserPoolClientRequest < Struct.new(
|
@@ -9392,7 +9490,8 @@ module Aws::CognitoIdentityProvider
|
|
9392
9490
|
:allowed_o_auth_scopes,
|
9393
9491
|
:allowed_o_auth_flows_user_pool_client,
|
9394
9492
|
:analytics_configuration,
|
9395
|
-
:prevent_user_existence_errors
|
9493
|
+
:prevent_user_existence_errors,
|
9494
|
+
:enable_token_revocation)
|
9396
9495
|
SENSITIVE = [:client_id]
|
9397
9496
|
include Aws::Structure
|
9398
9497
|
end
|
@@ -9572,8 +9671,8 @@ module Aws::CognitoIdentityProvider
|
|
9572
9671
|
# @return [Types::UserPoolPolicyType]
|
9573
9672
|
#
|
9574
9673
|
# @!attribute [rw] lambda_config
|
9575
|
-
# The
|
9576
|
-
#
|
9674
|
+
# The Lambda configuration information from the request to update the
|
9675
|
+
# user pool.
|
9577
9676
|
# @return [Types::LambdaConfigType]
|
9578
9677
|
#
|
9579
9678
|
# @!attribute [rw] auto_verified_attributes
|
@@ -9828,11 +9927,11 @@ module Aws::CognitoIdentityProvider
|
|
9828
9927
|
end
|
9829
9928
|
|
9830
9929
|
# This exception is thrown when the Amazon Cognito service encounters a
|
9831
|
-
# user validation exception with the
|
9930
|
+
# user validation exception with the Lambda service.
|
9832
9931
|
#
|
9833
9932
|
# @!attribute [rw] message
|
9834
9933
|
# The message returned when the Amazon Cognito service returns a user
|
9835
|
-
# validation exception with the
|
9934
|
+
# validation exception with the Lambda service.
|
9836
9935
|
# @return [String]
|
9837
9936
|
#
|
9838
9937
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UserLambdaValidationException AWS API Documentation
|
@@ -10087,8 +10186,8 @@ module Aws::CognitoIdentityProvider
|
|
10087
10186
|
# @!attribute [rw] allowed_o_auth_scopes
|
10088
10187
|
# The allowed OAuth scopes. Possible values provided by OAuth are:
|
10089
10188
|
# `phone`, `email`, `openid`, and `profile`. Possible values provided
|
10090
|
-
# by
|
10091
|
-
# in Resource Servers are also supported.
|
10189
|
+
# by Amazon Web Services are: `aws.cognito.signin.user.admin`. Custom
|
10190
|
+
# scopes created in Resource Servers are also supported.
|
10092
10191
|
# @return [Array<String>]
|
10093
10192
|
#
|
10094
10193
|
# @!attribute [rw] allowed_o_auth_flows_user_pool_client
|
@@ -10132,6 +10231,17 @@ module Aws::CognitoIdentityProvider
|
|
10132
10231
|
# </note>
|
10133
10232
|
# @return [String]
|
10134
10233
|
#
|
10234
|
+
# @!attribute [rw] enable_token_revocation
|
10235
|
+
# Indicates whether token revocation is enabled for the user pool
|
10236
|
+
# client. When you create a new user pool client, token revocation is
|
10237
|
+
# enabled by default. For more information about revoking tokens, see
|
10238
|
+
# [RevokeToken][1].
|
10239
|
+
#
|
10240
|
+
#
|
10241
|
+
#
|
10242
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
|
10243
|
+
# @return [Boolean]
|
10244
|
+
#
|
10135
10245
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UserPoolClientType AWS API Documentation
|
10136
10246
|
#
|
10137
10247
|
class UserPoolClientType < Struct.new(
|
@@ -10156,7 +10266,8 @@ module Aws::CognitoIdentityProvider
|
|
10156
10266
|
:allowed_o_auth_scopes,
|
10157
10267
|
:allowed_o_auth_flows_user_pool_client,
|
10158
10268
|
:analytics_configuration,
|
10159
|
-
:prevent_user_existence_errors
|
10269
|
+
:prevent_user_existence_errors,
|
10270
|
+
:enable_token_revocation)
|
10160
10271
|
SENSITIVE = [:client_id, :client_secret]
|
10161
10272
|
include Aws::Structure
|
10162
10273
|
end
|
@@ -10172,7 +10283,7 @@ module Aws::CognitoIdentityProvider
|
|
10172
10283
|
# @return [String]
|
10173
10284
|
#
|
10174
10285
|
# @!attribute [rw] lambda_config
|
10175
|
-
# The
|
10286
|
+
# The Lambda configuration information in a user pool description.
|
10176
10287
|
# @return [Types::LambdaConfigType]
|
10177
10288
|
#
|
10178
10289
|
# @!attribute [rw] status
|
@@ -10257,7 +10368,7 @@ module Aws::CognitoIdentityProvider
|
|
10257
10368
|
# @return [Types::UserPoolPolicyType]
|
10258
10369
|
#
|
10259
10370
|
# @!attribute [rw] lambda_config
|
10260
|
-
# The
|
10371
|
+
# The Lambda triggers associated with the user pool.
|
10261
10372
|
# @return [Types::LambdaConfigType]
|
10262
10373
|
#
|
10263
10374
|
# @!attribute [rw] status
|
@@ -10348,6 +10459,24 @@ module Aws::CognitoIdentityProvider
|
|
10348
10459
|
# @!attribute [rw] sms_configuration_failure
|
10349
10460
|
# The reason why the SMS configuration cannot send the messages to
|
10350
10461
|
# your users.
|
10462
|
+
#
|
10463
|
+
# This message might include comma-separated values to describe why
|
10464
|
+
# your SMS configuration can't send messages to user pool end users.
|
10465
|
+
#
|
10466
|
+
# * InvalidSmsRoleAccessPolicyException - The IAM role which Cognito
|
10467
|
+
# uses to send SMS messages is not properly configured. For more
|
10468
|
+
# information, see [SmsConfigurationType][1].
|
10469
|
+
#
|
10470
|
+
# * SNSSandbox - The account is in SNS Sandbox and messages won’t
|
10471
|
+
# reach unverified end users. This parameter won’t get populated
|
10472
|
+
# with SNSSandbox if the IAM user creating the user pool doesn’t
|
10473
|
+
# have SNS permissions. To learn how to move your account out of the
|
10474
|
+
# sandbox, see [Moving out of the SMS sandbox][2].
|
10475
|
+
#
|
10476
|
+
#
|
10477
|
+
#
|
10478
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SmsConfigurationType.html
|
10479
|
+
# [2]: https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox-moving-to-production.html
|
10351
10480
|
# @return [String]
|
10352
10481
|
#
|
10353
10482
|
# @!attribute [rw] email_configuration_failure
|