aws-sdk-cognitoidentityprovider 1.66.0 → 1.67.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 222aac64f4eed68afada8159643dcfcc46ecb036a71fd6babde3aa7fe6fd2265
4
- data.tar.gz: fce9b8e9f33f66c1d04d8f42dbf5d3bd7d577ec4ecbb684ec986659f457bf1b6
3
+ metadata.gz: 7f1666db16e250b3d677b284f444a20990e8704cbf2e8fa133f1e22b62d5ed8a
4
+ data.tar.gz: ca2c904117a70903e9700a5aefc5887c5ab8be887256ff33c58edd3d1afc7b48
5
5
  SHA512:
6
- metadata.gz: f2eb8646cdc7dff95a6b45c692ca225fbddfa1a2d75e89406444e9a61c329784bc922b6c8ebb053a92c72b82c1d43b43cc1d246b9b7b5fd75b609d4b08407a3c
7
- data.tar.gz: 189cda1a984127d8261e32ceaae7b9e5a07bd368c2ffbc2593d9c271d77407c0e7bf9eee5cbb0494a8936995e543a53f89d9098a787ace324c59bd0648722f67
6
+ metadata.gz: d6252319b024f9747d7a5e5eac8deec9705fb533adc9b5fc1f2f66fe7a423d29e8250a5c5a88699e1249841738a88ea7975cb5312f63c6f83d8755abbc7ba279
7
+ data.tar.gz: 9e7772bfb31c59aeffe8c7a7d8c853c5648209b0be155d9c3d510e884269ba5fd351e16a3b4415c42353c2fa09cdec9e7517d7984ae2a1451a0108e5a8414236
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.67.0 (2022-05-31)
5
+ ------------------
6
+
7
+ * Feature - Amazon Cognito now supports IP Address propagation for all unauthenticated APIs (e.g. SignUp, ForgotPassword).
8
+
4
9
  1.66.0 (2022-05-24)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.66.0
1
+ 1.67.0
@@ -1221,9 +1221,11 @@ module Aws::CognitoIdentityProvider
1221
1221
  # `AdminInitiateAuth` calls.
1222
1222
  #
1223
1223
  # @option params [Types::ContextDataType] :context_data
1224
- # Contextual data such as the user's device fingerprint, IP address, or
1225
- # location used for evaluating the risk of an unexpected event by Amazon
1226
- # Cognito advanced security.
1224
+ # Contextual data about your user session, such as the device
1225
+ # fingerprint, IP address, or location. Amazon Cognito advanced security
1226
+ # evaluates the risk of an authentication event based on the context
1227
+ # that your app generates and passes to Amazon Cognito when it makes API
1228
+ # requests.
1227
1229
  #
1228
1230
  # @return [Types::AdminInitiateAuthResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1229
1231
  #
@@ -1791,9 +1793,11 @@ module Aws::CognitoIdentityProvider
1791
1793
  # `AdminRespondToAuthChallenge` calls.
1792
1794
  #
1793
1795
  # @option params [Types::ContextDataType] :context_data
1794
- # Contextual data such as the user's device fingerprint, IP address, or
1795
- # location used for evaluating the risk of an unexpected event by Amazon
1796
- # Cognito advanced security.
1796
+ # Contextual data about your user session, such as the device
1797
+ # fingerprint, IP address, or location. Amazon Cognito advanced security
1798
+ # evaluates the risk of an authentication event based on the context
1799
+ # that your app generates and passes to Amazon Cognito when it makes API
1800
+ # requests.
1797
1801
  #
1798
1802
  # @option params [Hash<String,String>] :client_metadata
1799
1803
  # A map of custom key-value pairs that you can provide as input for any
@@ -2282,20 +2286,32 @@ module Aws::CognitoIdentityProvider
2282
2286
  req.send_request(options)
2283
2287
  end
2284
2288
 
2285
- # Returns a unique generated shared secret key code for the user
2286
- # account. The request takes an access token or a session string, but
2287
- # not both.
2288
- #
2289
- # <note markdown="1"> Calling AssociateSoftwareToken immediately disassociates the existing
2290
- # software token from the user account. If the user doesn't
2291
- # subsequently verify the software token, their account is set up to
2292
- # authenticate without MFA. If MFA config is set to Optional at the user
2293
- # pool level, the user can then log in without MFA. However, if MFA is
2294
- # set to Required for the user pool, the user is asked to set up a new
2295
- # software token MFA during sign-in.
2289
+ # Begins setup of time-based one-time password multi-factor
2290
+ # authentication (TOTP MFA) for a user, with a unique private key that
2291
+ # Amazon Cognito generates and returns in the API response. You can
2292
+ # authorize an `AssociateSoftwareToken` request with either the user's
2293
+ # access token, or a session string from a challenge response that you
2294
+ # received from Amazon Cognito.
2295
+ #
2296
+ # <note markdown="1"> Amazon Cognito disassociates an existing software token when you
2297
+ # verify the new token in a [ VerifySoftwareToken][1] API request. If
2298
+ # you don't verify the software token and your user pool doesn't
2299
+ # require MFA, the user can then authenticate with user name and
2300
+ # password credentials alone. If your user pool requires TOTP MFA,
2301
+ # Amazon Cognito generates an `MFA_SETUP` or `SOFTWARE_TOKEN_SETUP`
2302
+ # challenge each time your user signs. Complete setup with
2303
+ # `AssociateSoftwareToken` and `VerifySoftwareToken`.
2304
+ #
2305
+ # After you set up software token MFA for your user, Amazon Cognito
2306
+ # generates a `SOFTWARE_TOKEN_MFA` challenge when they authenticate.
2307
+ # Respond to this challenge with your user's TOTP.
2296
2308
  #
2297
2309
  # </note>
2298
2310
  #
2311
+ #
2312
+ #
2313
+ # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifySoftwareToken.html
2314
+ #
2299
2315
  # @option params [String] :access_token
2300
2316
  # A valid access token that Amazon Cognito issued to the user whose
2301
2317
  # software token you want to generate.
@@ -2439,9 +2455,11 @@ module Aws::CognitoIdentityProvider
2439
2455
  # `ConfirmForgotPassword` calls.
2440
2456
  #
2441
2457
  # @option params [Types::UserContextDataType] :user_context_data
2442
- # Contextual data such as the user's device fingerprint, IP address, or
2443
- # location used for evaluating the risk of an unexpected event by Amazon
2444
- # Cognito advanced security.
2458
+ # Contextual data about your user session, such as the device
2459
+ # fingerprint, IP address, or location. Amazon Cognito advanced security
2460
+ # evaluates the risk of an authentication event based on the context
2461
+ # that your app generates and passes to Amazon Cognito when it makes API
2462
+ # requests.
2445
2463
  #
2446
2464
  # @option params [Hash<String,String>] :client_metadata
2447
2465
  # A map of custom key-value pairs that you can provide as input for any
@@ -2494,6 +2512,7 @@ module Aws::CognitoIdentityProvider
2494
2512
  # analytics_endpoint_id: "StringType",
2495
2513
  # },
2496
2514
  # user_context_data: {
2515
+ # ip_address: "StringType",
2497
2516
  # encoded_data: "StringType",
2498
2517
  # },
2499
2518
  # client_metadata: {
@@ -2541,9 +2560,11 @@ module Aws::CognitoIdentityProvider
2541
2560
  # `ConfirmSignUp` calls.
2542
2561
  #
2543
2562
  # @option params [Types::UserContextDataType] :user_context_data
2544
- # Contextual data such as the user's device fingerprint, IP address, or
2545
- # location used for evaluating the risk of an unexpected event by Amazon
2546
- # Cognito advanced security.
2563
+ # Contextual data about your user session, such as the device
2564
+ # fingerprint, IP address, or location. Amazon Cognito advanced security
2565
+ # evaluates the risk of an authentication event based on the context
2566
+ # that your app generates and passes to Amazon Cognito when it makes API
2567
+ # requests.
2547
2568
  #
2548
2569
  # @option params [Hash<String,String>] :client_metadata
2549
2570
  # A map of custom key-value pairs that you can provide as input for any
@@ -2595,6 +2616,7 @@ module Aws::CognitoIdentityProvider
2595
2616
  # analytics_endpoint_id: "StringType",
2596
2617
  # },
2597
2618
  # user_context_data: {
2619
+ # ip_address: "StringType",
2598
2620
  # encoded_data: "StringType",
2599
2621
  # },
2600
2622
  # client_metadata: {
@@ -3015,6 +3037,16 @@ module Aws::CognitoIdentityProvider
3015
3037
  # Specifies MFA configuration details.
3016
3038
  #
3017
3039
  # @option params [Types::UserAttributeUpdateSettingsType] :user_attribute_update_settings
3040
+ # The settings for updates to user attributes. These settings include
3041
+ # the property `AttributesRequireVerificationBeforeUpdate`, a user-pool
3042
+ # setting that tells Amazon Cognito how to handle changes to the value
3043
+ # of your users' email address and phone number attributes. For more
3044
+ # information, see [ Verifying updates to to email addresses and phone
3045
+ # numbers][1].
3046
+ #
3047
+ #
3048
+ #
3049
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates
3018
3050
  #
3019
3051
  # @option params [Types::DeviceConfigurationType] :device_configuration
3020
3052
  # The device configuration.
@@ -3524,6 +3556,19 @@ module Aws::CognitoIdentityProvider
3524
3556
  #
3525
3557
  # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
3526
3558
  #
3559
+ # @option params [Boolean] :enable_propagate_additional_user_context_data
3560
+ # Activates the propagation of additional user context data. For more
3561
+ # information about propagation of user context data, see [ Adding
3562
+ # advanced security to a user pool][1]. If you don’t include this
3563
+ # parameter, you can't send device fingerprint information, including
3564
+ # source IP address, to Amazon Cognito advanced security. You can only
3565
+ # activate `EnablePropagateAdditionalUserContextData` in an app client
3566
+ # that has a client secret.
3567
+ #
3568
+ #
3569
+ #
3570
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
3571
+ #
3527
3572
  # @return [Types::CreateUserPoolClientResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3528
3573
  #
3529
3574
  # * {Types::CreateUserPoolClientResponse#user_pool_client #user_pool_client} => Types::UserPoolClientType
@@ -3561,6 +3606,7 @@ module Aws::CognitoIdentityProvider
3561
3606
  # },
3562
3607
  # prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
3563
3608
  # enable_token_revocation: false,
3609
+ # enable_propagate_additional_user_context_data: false,
3564
3610
  # })
3565
3611
  #
3566
3612
  # @example Response structure
@@ -3602,6 +3648,7 @@ module Aws::CognitoIdentityProvider
3602
3648
  # resp.user_pool_client.analytics_configuration.user_data_shared #=> Boolean
3603
3649
  # resp.user_pool_client.prevent_user_existence_errors #=> String, one of "LEGACY", "ENABLED"
3604
3650
  # resp.user_pool_client.enable_token_revocation #=> Boolean
3651
+ # resp.user_pool_client.enable_propagate_additional_user_context_data #=> Boolean
3605
3652
  #
3606
3653
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolClient AWS API Documentation
3607
3654
  #
@@ -4228,6 +4275,7 @@ module Aws::CognitoIdentityProvider
4228
4275
  # resp.user_pool_client.analytics_configuration.user_data_shared #=> Boolean
4229
4276
  # resp.user_pool_client.prevent_user_existence_errors #=> String, one of "LEGACY", "ENABLED"
4230
4277
  # resp.user_pool_client.enable_token_revocation #=> Boolean
4278
+ # resp.user_pool_client.enable_propagate_additional_user_context_data #=> Boolean
4231
4279
  #
4232
4280
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolClient AWS API Documentation
4233
4281
  #
@@ -4349,9 +4397,11 @@ module Aws::CognitoIdentityProvider
4349
4397
  # the message.
4350
4398
  #
4351
4399
  # @option params [Types::UserContextDataType] :user_context_data
4352
- # Contextual data such as the user's device fingerprint, IP address, or
4353
- # location used for evaluating the risk of an unexpected event by Amazon
4354
- # Cognito advanced security.
4400
+ # Contextual data about your user session, such as the device
4401
+ # fingerprint, IP address, or location. Amazon Cognito advanced security
4402
+ # evaluates the risk of an authentication event based on the context
4403
+ # that your app generates and passes to Amazon Cognito when it makes API
4404
+ # requests.
4355
4405
  #
4356
4406
  # @option params [required, String] :username
4357
4407
  # The user name of the user for whom you want to enter a code to reset a
@@ -4408,6 +4458,7 @@ module Aws::CognitoIdentityProvider
4408
4458
  # client_id: "ClientIdType", # required
4409
4459
  # secret_hash: "SecretHashType",
4410
4460
  # user_context_data: {
4461
+ # ip_address: "StringType",
4411
4462
  # encoded_data: "StringType",
4412
4463
  # },
4413
4464
  # username: "UsernameType", # required
@@ -5019,9 +5070,11 @@ module Aws::CognitoIdentityProvider
5019
5070
  # metrics for `InitiateAuth` calls.
5020
5071
  #
5021
5072
  # @option params [Types::UserContextDataType] :user_context_data
5022
- # Contextual data such as the user's device fingerprint, IP address, or
5023
- # location used for evaluating the risk of an unexpected event by Amazon
5024
- # Cognito advanced security.
5073
+ # Contextual data about your user session, such as the device
5074
+ # fingerprint, IP address, or location. Amazon Cognito advanced security
5075
+ # evaluates the risk of an authentication event based on the context
5076
+ # that your app generates and passes to Amazon Cognito when it makes API
5077
+ # requests.
5025
5078
  #
5026
5079
  # @return [Types::InitiateAuthResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5027
5080
  #
@@ -5045,6 +5098,7 @@ module Aws::CognitoIdentityProvider
5045
5098
  # analytics_endpoint_id: "StringType",
5046
5099
  # },
5047
5100
  # user_context_data: {
5101
+ # ip_address: "StringType",
5048
5102
  # encoded_data: "StringType",
5049
5103
  # },
5050
5104
  # })
@@ -5683,9 +5737,11 @@ module Aws::CognitoIdentityProvider
5683
5737
  # the message.
5684
5738
  #
5685
5739
  # @option params [Types::UserContextDataType] :user_context_data
5686
- # Contextual data such as the user's device fingerprint, IP address, or
5687
- # location used for evaluating the risk of an unexpected event by Amazon
5688
- # Cognito advanced security.
5740
+ # Contextual data about your user session, such as the device
5741
+ # fingerprint, IP address, or location. Amazon Cognito advanced security
5742
+ # evaluates the risk of an authentication event based on the context
5743
+ # that your app generates and passes to Amazon Cognito when it makes API
5744
+ # requests.
5689
5745
  #
5690
5746
  # @option params [required, String] :username
5691
5747
  # The `username` attribute of the user to whom you want to resend a
@@ -5742,6 +5798,7 @@ module Aws::CognitoIdentityProvider
5742
5798
  # client_id: "ClientIdType", # required
5743
5799
  # secret_hash: "SecretHashType",
5744
5800
  # user_context_data: {
5801
+ # ip_address: "StringType",
5745
5802
  # encoded_data: "StringType",
5746
5803
  # },
5747
5804
  # username: "UsernameType", # required
@@ -5868,9 +5925,11 @@ module Aws::CognitoIdentityProvider
5868
5925
  # metrics for `RespondToAuthChallenge` calls.
5869
5926
  #
5870
5927
  # @option params [Types::UserContextDataType] :user_context_data
5871
- # Contextual data such as the user's device fingerprint, IP address, or
5872
- # location used for evaluating the risk of an unexpected event by Amazon
5873
- # Cognito advanced security.
5928
+ # Contextual data about your user session, such as the device
5929
+ # fingerprint, IP address, or location. Amazon Cognito advanced security
5930
+ # evaluates the risk of an authentication event based on the context
5931
+ # that your app generates and passes to Amazon Cognito when it makes API
5932
+ # requests.
5874
5933
  #
5875
5934
  # @option params [Hash<String,String>] :client_metadata
5876
5935
  # A map of custom key-value pairs that you can provide as input for any
@@ -5931,6 +5990,7 @@ module Aws::CognitoIdentityProvider
5931
5990
  # analytics_endpoint_id: "StringType",
5932
5991
  # },
5933
5992
  # user_context_data: {
5993
+ # ip_address: "StringType",
5934
5994
  # encoded_data: "StringType",
5935
5995
  # },
5936
5996
  # client_metadata: {
@@ -6416,9 +6476,11 @@ module Aws::CognitoIdentityProvider
6416
6476
  # metrics for `SignUp` calls.
6417
6477
  #
6418
6478
  # @option params [Types::UserContextDataType] :user_context_data
6419
- # Contextual data such as the user's device fingerprint, IP address, or
6420
- # location used for evaluating the risk of an unexpected event by Amazon
6421
- # Cognito advanced security.
6479
+ # Contextual data about your user session, such as the device
6480
+ # fingerprint, IP address, or location. Amazon Cognito advanced security
6481
+ # evaluates the risk of an authentication event based on the context
6482
+ # that your app generates and passes to Amazon Cognito when it makes API
6483
+ # requests.
6422
6484
  #
6423
6485
  # @option params [Hash<String,String>] :client_metadata
6424
6486
  # A map of custom key-value pairs that you can provide as input for any
@@ -6486,6 +6548,7 @@ module Aws::CognitoIdentityProvider
6486
6548
  # analytics_endpoint_id: "StringType",
6487
6549
  # },
6488
6550
  # user_context_data: {
6551
+ # ip_address: "StringType",
6489
6552
  # encoded_data: "StringType",
6490
6553
  # },
6491
6554
  # client_metadata: {
@@ -7096,6 +7159,16 @@ module Aws::CognitoIdentityProvider
7096
7159
  # The contents of the SMS authentication message.
7097
7160
  #
7098
7161
  # @option params [Types::UserAttributeUpdateSettingsType] :user_attribute_update_settings
7162
+ # The settings for updates to user attributes. These settings include
7163
+ # the property `AttributesRequireVerificationBeforeUpdate`, a user-pool
7164
+ # setting that tells Amazon Cognito how to handle changes to the value
7165
+ # of your users' email address and phone number attributes. For more
7166
+ # information, see [ Verifying updates to to email addresses and phone
7167
+ # numbers][1].
7168
+ #
7169
+ #
7170
+ #
7171
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates
7099
7172
  #
7100
7173
  # @option params [String] :mfa_configuration
7101
7174
  # Possible values include:
@@ -7482,6 +7555,19 @@ module Aws::CognitoIdentityProvider
7482
7555
  #
7483
7556
  # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
7484
7557
  #
7558
+ # @option params [Boolean] :enable_propagate_additional_user_context_data
7559
+ # Activates the propagation of additional user context data. For more
7560
+ # information about propagation of user context data, see [ Adding
7561
+ # advanced security to a user pool][1]. If you don’t include this
7562
+ # parameter, you can't send device fingerprint information, including
7563
+ # source IP address, to Amazon Cognito advanced security. You can only
7564
+ # activate `EnablePropagateAdditionalUserContextData` in an app client
7565
+ # that has a client secret.
7566
+ #
7567
+ #
7568
+ #
7569
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
7570
+ #
7485
7571
  # @return [Types::UpdateUserPoolClientResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
7486
7572
  #
7487
7573
  # * {Types::UpdateUserPoolClientResponse#user_pool_client #user_pool_client} => Types::UserPoolClientType
@@ -7519,6 +7605,7 @@ module Aws::CognitoIdentityProvider
7519
7605
  # },
7520
7606
  # prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
7521
7607
  # enable_token_revocation: false,
7608
+ # enable_propagate_additional_user_context_data: false,
7522
7609
  # })
7523
7610
  #
7524
7611
  # @example Response structure
@@ -7560,6 +7647,7 @@ module Aws::CognitoIdentityProvider
7560
7647
  # resp.user_pool_client.analytics_configuration.user_data_shared #=> Boolean
7561
7648
  # resp.user_pool_client.prevent_user_existence_errors #=> String, one of "LEGACY", "ENABLED"
7562
7649
  # resp.user_pool_client.enable_token_revocation #=> Boolean
7650
+ # resp.user_pool_client.enable_propagate_additional_user_context_data #=> Boolean
7563
7651
  #
7564
7652
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolClient AWS API Documentation
7565
7653
  #
@@ -7755,7 +7843,7 @@ module Aws::CognitoIdentityProvider
7755
7843
  params: params,
7756
7844
  config: config)
7757
7845
  context[:gem_name] = 'aws-sdk-cognitoidentityprovider'
7758
- context[:gem_version] = '1.66.0'
7846
+ context[:gem_version] = '1.67.0'
7759
7847
  Seahorse::Client::Request.new(handlers, context)
7760
7848
  end
7761
7849
 
@@ -928,6 +928,7 @@ module Aws::CognitoIdentityProvider
928
928
  CreateUserPoolClientRequest.add_member(:analytics_configuration, Shapes::ShapeRef.new(shape: AnalyticsConfigurationType, location_name: "AnalyticsConfiguration"))
929
929
  CreateUserPoolClientRequest.add_member(:prevent_user_existence_errors, Shapes::ShapeRef.new(shape: PreventUserExistenceErrorTypes, location_name: "PreventUserExistenceErrors"))
930
930
  CreateUserPoolClientRequest.add_member(:enable_token_revocation, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnableTokenRevocation"))
931
+ CreateUserPoolClientRequest.add_member(:enable_propagate_additional_user_context_data, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnablePropagateAdditionalUserContextData"))
931
932
  CreateUserPoolClientRequest.struct_class = Types::CreateUserPoolClientRequest
932
933
 
933
934
  CreateUserPoolClientResponse.add_member(:user_pool_client, Shapes::ShapeRef.new(shape: UserPoolClientType, location_name: "UserPoolClient"))
@@ -1782,6 +1783,7 @@ module Aws::CognitoIdentityProvider
1782
1783
  UpdateUserPoolClientRequest.add_member(:analytics_configuration, Shapes::ShapeRef.new(shape: AnalyticsConfigurationType, location_name: "AnalyticsConfiguration"))
1783
1784
  UpdateUserPoolClientRequest.add_member(:prevent_user_existence_errors, Shapes::ShapeRef.new(shape: PreventUserExistenceErrorTypes, location_name: "PreventUserExistenceErrors"))
1784
1785
  UpdateUserPoolClientRequest.add_member(:enable_token_revocation, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnableTokenRevocation"))
1786
+ UpdateUserPoolClientRequest.add_member(:enable_propagate_additional_user_context_data, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnablePropagateAdditionalUserContextData"))
1785
1787
  UpdateUserPoolClientRequest.struct_class = Types::UpdateUserPoolClientRequest
1786
1788
 
1787
1789
  UpdateUserPoolClientResponse.add_member(:user_pool_client, Shapes::ShapeRef.new(shape: UserPoolClientType, location_name: "UserPoolClient"))
@@ -1820,6 +1822,7 @@ module Aws::CognitoIdentityProvider
1820
1822
  UserAttributeUpdateSettingsType.add_member(:attributes_require_verification_before_update, Shapes::ShapeRef.new(shape: AttributesRequireVerificationBeforeUpdateType, location_name: "AttributesRequireVerificationBeforeUpdate"))
1821
1823
  UserAttributeUpdateSettingsType.struct_class = Types::UserAttributeUpdateSettingsType
1822
1824
 
1825
+ UserContextDataType.add_member(:ip_address, Shapes::ShapeRef.new(shape: StringType, location_name: "IpAddress"))
1823
1826
  UserContextDataType.add_member(:encoded_data, Shapes::ShapeRef.new(shape: StringType, location_name: "EncodedData"))
1824
1827
  UserContextDataType.struct_class = Types::UserContextDataType
1825
1828
 
@@ -1890,6 +1893,7 @@ module Aws::CognitoIdentityProvider
1890
1893
  UserPoolClientType.add_member(:analytics_configuration, Shapes::ShapeRef.new(shape: AnalyticsConfigurationType, location_name: "AnalyticsConfiguration"))
1891
1894
  UserPoolClientType.add_member(:prevent_user_existence_errors, Shapes::ShapeRef.new(shape: PreventUserExistenceErrorTypes, location_name: "PreventUserExistenceErrors"))
1892
1895
  UserPoolClientType.add_member(:enable_token_revocation, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnableTokenRevocation"))
1896
+ UserPoolClientType.add_member(:enable_propagate_additional_user_context_data, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnablePropagateAdditionalUserContextData"))
1893
1897
  UserPoolClientType.struct_class = Types::UserPoolClientType
1894
1898
 
1895
1899
  UserPoolDescriptionType.add_member(:id, Shapes::ShapeRef.new(shape: UserPoolIdType, location_name: "Id"))
@@ -1127,9 +1127,11 @@ module Aws::CognitoIdentityProvider
1127
1127
  # @return [Types::AnalyticsMetadataType]
1128
1128
  #
1129
1129
  # @!attribute [rw] context_data
1130
- # Contextual data such as the user's device fingerprint, IP address,
1131
- # or location used for evaluating the risk of an unexpected event by
1132
- # Amazon Cognito advanced security.
1130
+ # Contextual data about your user session, such as the device
1131
+ # fingerprint, IP address, or location. Amazon Cognito advanced
1132
+ # security evaluates the risk of an authentication event based on the
1133
+ # context that your app generates and passes to Amazon Cognito when it
1134
+ # makes API requests.
1133
1135
  # @return [Types::ContextDataType]
1134
1136
  #
1135
1137
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminInitiateAuthRequest AWS API Documentation
@@ -1737,9 +1739,11 @@ module Aws::CognitoIdentityProvider
1737
1739
  # @return [Types::AnalyticsMetadataType]
1738
1740
  #
1739
1741
  # @!attribute [rw] context_data
1740
- # Contextual data such as the user's device fingerprint, IP address,
1741
- # or location used for evaluating the risk of an unexpected event by
1742
- # Amazon Cognito advanced security.
1742
+ # Contextual data about your user session, such as the device
1743
+ # fingerprint, IP address, or location. Amazon Cognito advanced
1744
+ # security evaluates the risk of an authentication event based on the
1745
+ # context that your app generates and passes to Amazon Cognito when it
1746
+ # makes API requests.
1743
1747
  # @return [Types::ContextDataType]
1744
1748
  #
1745
1749
  # @!attribute [rw] client_metadata
@@ -2225,7 +2229,7 @@ module Aws::CognitoIdentityProvider
2225
2229
 
2226
2230
  # This exception is thrown when a user tries to confirm the account with
2227
2231
  # an email address or phone number that has already been supplied as an
2228
- # alias from a different account. This exception indicates that an
2232
+ # alias for a different user profile. This exception indicates that an
2229
2233
  # account with this email address or phone already exists in a user pool
2230
2234
  # that you've configured to use email address or phone number as a
2231
2235
  # sign-in alias.
@@ -2755,6 +2759,7 @@ module Aws::CognitoIdentityProvider
2755
2759
  # analytics_endpoint_id: "StringType",
2756
2760
  # },
2757
2761
  # user_context_data: {
2762
+ # ip_address: "StringType",
2758
2763
  # encoded_data: "StringType",
2759
2764
  # },
2760
2765
  # client_metadata: {
@@ -2797,9 +2802,11 @@ module Aws::CognitoIdentityProvider
2797
2802
  # @return [Types::AnalyticsMetadataType]
2798
2803
  #
2799
2804
  # @!attribute [rw] user_context_data
2800
- # Contextual data such as the user's device fingerprint, IP address,
2801
- # or location used for evaluating the risk of an unexpected event by
2802
- # Amazon Cognito advanced security.
2805
+ # Contextual data about your user session, such as the device
2806
+ # fingerprint, IP address, or location. Amazon Cognito advanced
2807
+ # security evaluates the risk of an authentication event based on the
2808
+ # context that your app generates and passes to Amazon Cognito when it
2809
+ # makes API requests.
2803
2810
  # @return [Types::UserContextDataType]
2804
2811
  #
2805
2812
  # @!attribute [rw] client_metadata
@@ -2877,6 +2884,7 @@ module Aws::CognitoIdentityProvider
2877
2884
  # analytics_endpoint_id: "StringType",
2878
2885
  # },
2879
2886
  # user_context_data: {
2887
+ # ip_address: "StringType",
2880
2888
  # encoded_data: "StringType",
2881
2889
  # },
2882
2890
  # client_metadata: {
@@ -2919,9 +2927,11 @@ module Aws::CognitoIdentityProvider
2919
2927
  # @return [Types::AnalyticsMetadataType]
2920
2928
  #
2921
2929
  # @!attribute [rw] user_context_data
2922
- # Contextual data such as the user's device fingerprint, IP address,
2923
- # or location used for evaluating the risk of an unexpected event by
2924
- # Amazon Cognito advanced security.
2930
+ # Contextual data about your user session, such as the device
2931
+ # fingerprint, IP address, or location. Amazon Cognito advanced
2932
+ # security evaluates the risk of an authentication event based on the
2933
+ # context that your app generates and passes to Amazon Cognito when it
2934
+ # makes API requests.
2925
2935
  # @return [Types::UserContextDataType]
2926
2936
  #
2927
2937
  # @!attribute [rw] client_metadata
@@ -3004,7 +3014,7 @@ module Aws::CognitoIdentityProvider
3004
3014
  # }
3005
3015
  #
3006
3016
  # @!attribute [rw] ip_address
3007
- # Source IP address of your user.
3017
+ # The source IP address of your user's device.
3008
3018
  # @return [String]
3009
3019
  #
3010
3020
  # @!attribute [rw] server_name
@@ -3020,8 +3030,14 @@ module Aws::CognitoIdentityProvider
3020
3030
  # @return [Array<Types::HttpHeader>]
3021
3031
  #
3022
3032
  # @!attribute [rw] encoded_data
3023
- # Encoded data containing device fingerprinting details collected
3024
- # using the Amazon Cognito context data collection library.
3033
+ # Encoded device-fingerprint details that your app collected with the
3034
+ # Amazon Cognito context data collection library. For more
3035
+ # information, see [Adding user device and session data to API
3036
+ # requests][1].
3037
+ #
3038
+ #
3039
+ #
3040
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint
3025
3041
  # @return [String]
3026
3042
  #
3027
3043
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ContextDataType AWS API Documentation
@@ -3384,6 +3400,7 @@ module Aws::CognitoIdentityProvider
3384
3400
  # },
3385
3401
  # prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
3386
3402
  # enable_token_revocation: false,
3403
+ # enable_propagate_additional_user_context_data: false,
3387
3404
  # }
3388
3405
  #
3389
3406
  # @!attribute [rw] user_pool_id
@@ -3639,6 +3656,20 @@ module Aws::CognitoIdentityProvider
3639
3656
  # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
3640
3657
  # @return [Boolean]
3641
3658
  #
3659
+ # @!attribute [rw] enable_propagate_additional_user_context_data
3660
+ # Activates the propagation of additional user context data. For more
3661
+ # information about propagation of user context data, see [ Adding
3662
+ # advanced security to a user pool][1]. If you don’t include this
3663
+ # parameter, you can't send device fingerprint information, including
3664
+ # source IP address, to Amazon Cognito advanced security. You can only
3665
+ # activate `EnablePropagateAdditionalUserContextData` in an app client
3666
+ # that has a client secret.
3667
+ #
3668
+ #
3669
+ #
3670
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
3671
+ # @return [Boolean]
3672
+ #
3642
3673
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolClientRequest AWS API Documentation
3643
3674
  #
3644
3675
  class CreateUserPoolClientRequest < Struct.new(
@@ -3661,7 +3692,8 @@ module Aws::CognitoIdentityProvider
3661
3692
  :allowed_o_auth_flows_user_pool_client,
3662
3693
  :analytics_configuration,
3663
3694
  :prevent_user_existence_errors,
3664
- :enable_token_revocation)
3695
+ :enable_token_revocation,
3696
+ :enable_propagate_additional_user_context_data)
3665
3697
  SENSITIVE = []
3666
3698
  include Aws::Structure
3667
3699
  end
@@ -3942,6 +3974,16 @@ module Aws::CognitoIdentityProvider
3942
3974
  # @return [String]
3943
3975
  #
3944
3976
  # @!attribute [rw] user_attribute_update_settings
3977
+ # The settings for updates to user attributes. These settings include
3978
+ # the property `AttributesRequireVerificationBeforeUpdate`, a
3979
+ # user-pool setting that tells Amazon Cognito how to handle changes to
3980
+ # the value of your users' email address and phone number attributes.
3981
+ # For more information, see [ Verifying updates to to email addresses
3982
+ # and phone numbers][1].
3983
+ #
3984
+ #
3985
+ #
3986
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates
3945
3987
  # @return [Types::UserAttributeUpdateSettingsType]
3946
3988
  #
3947
3989
  # @!attribute [rw] device_configuration
@@ -4959,7 +5001,7 @@ module Aws::CognitoIdentityProvider
4959
5001
  # request.
4960
5002
  #
4961
5003
  # @!attribute [rw] ip_address
4962
- # The user's IP address.
5004
+ # The source IP address of your user's device.
4963
5005
  # @return [String]
4964
5006
  #
4965
5007
  # @!attribute [rw] device_name
@@ -5090,6 +5132,7 @@ module Aws::CognitoIdentityProvider
5090
5132
  # client_id: "ClientIdType", # required
5091
5133
  # secret_hash: "SecretHashType",
5092
5134
  # user_context_data: {
5135
+ # ip_address: "StringType",
5093
5136
  # encoded_data: "StringType",
5094
5137
  # },
5095
5138
  # username: "UsernameType", # required
@@ -5112,9 +5155,11 @@ module Aws::CognitoIdentityProvider
5112
5155
  # @return [String]
5113
5156
  #
5114
5157
  # @!attribute [rw] user_context_data
5115
- # Contextual data such as the user's device fingerprint, IP address,
5116
- # or location used for evaluating the risk of an unexpected event by
5117
- # Amazon Cognito advanced security.
5158
+ # Contextual data about your user session, such as the device
5159
+ # fingerprint, IP address, or location. Amazon Cognito advanced
5160
+ # security evaluates the risk of an authentication event based on the
5161
+ # context that your app generates and passes to Amazon Cognito when it
5162
+ # makes API requests.
5118
5163
  # @return [Types::UserContextDataType]
5119
5164
  #
5120
5165
  # @!attribute [rw] username
@@ -5179,8 +5224,7 @@ module Aws::CognitoIdentityProvider
5179
5224
  include Aws::Structure
5180
5225
  end
5181
5226
 
5182
- # Represents the response from the server regarding the request to reset
5183
- # a password.
5227
+ # The response from Amazon Cognito to a request to reset a password.
5184
5228
  #
5185
5229
  # @!attribute [rw] code_delivery_details
5186
5230
  # The code delivery details returned by the server in response to the
@@ -5895,6 +5939,7 @@ module Aws::CognitoIdentityProvider
5895
5939
  # analytics_endpoint_id: "StringType",
5896
5940
  # },
5897
5941
  # user_context_data: {
5942
+ # ip_address: "StringType",
5898
5943
  # encoded_data: "StringType",
5899
5944
  # },
5900
5945
  # }
@@ -6023,9 +6068,11 @@ module Aws::CognitoIdentityProvider
6023
6068
  # @return [Types::AnalyticsMetadataType]
6024
6069
  #
6025
6070
  # @!attribute [rw] user_context_data
6026
- # Contextual data such as the user's device fingerprint, IP address,
6027
- # or location used for evaluating the risk of an unexpected event by
6028
- # Amazon Cognito advanced security.
6071
+ # Contextual data about your user session, such as the device
6072
+ # fingerprint, IP address, or location. Amazon Cognito advanced
6073
+ # security evaluates the risk of an authentication event based on the
6074
+ # context that your app generates and passes to Amazon Cognito when it
6075
+ # makes API requests.
6029
6076
  # @return [Types::UserContextDataType]
6030
6077
  #
6031
6078
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/InitiateAuthRequest AWS API Documentation
@@ -7450,6 +7497,7 @@ module Aws::CognitoIdentityProvider
7450
7497
  # client_id: "ClientIdType", # required
7451
7498
  # secret_hash: "SecretHashType",
7452
7499
  # user_context_data: {
7500
+ # ip_address: "StringType",
7453
7501
  # encoded_data: "StringType",
7454
7502
  # },
7455
7503
  # username: "UsernameType", # required
@@ -7472,9 +7520,11 @@ module Aws::CognitoIdentityProvider
7472
7520
  # @return [String]
7473
7521
  #
7474
7522
  # @!attribute [rw] user_context_data
7475
- # Contextual data such as the user's device fingerprint, IP address,
7476
- # or location used for evaluating the risk of an unexpected event by
7477
- # Amazon Cognito advanced security.
7523
+ # Contextual data about your user session, such as the device
7524
+ # fingerprint, IP address, or location. Amazon Cognito advanced
7525
+ # security evaluates the risk of an authentication event based on the
7526
+ # context that your app generates and passes to Amazon Cognito when it
7527
+ # makes API requests.
7478
7528
  # @return [Types::UserContextDataType]
7479
7529
  #
7480
7530
  # @!attribute [rw] username
@@ -7642,6 +7692,7 @@ module Aws::CognitoIdentityProvider
7642
7692
  # analytics_endpoint_id: "StringType",
7643
7693
  # },
7644
7694
  # user_context_data: {
7695
+ # ip_address: "StringType",
7645
7696
  # encoded_data: "StringType",
7646
7697
  # },
7647
7698
  # client_metadata: {
@@ -7729,9 +7780,11 @@ module Aws::CognitoIdentityProvider
7729
7780
  # @return [Types::AnalyticsMetadataType]
7730
7781
  #
7731
7782
  # @!attribute [rw] user_context_data
7732
- # Contextual data such as the user's device fingerprint, IP address,
7733
- # or location used for evaluating the risk of an unexpected event by
7734
- # Amazon Cognito advanced security.
7783
+ # Contextual data about your user session, such as the device
7784
+ # fingerprint, IP address, or location. Amazon Cognito advanced
7785
+ # security evaluates the risk of an authentication event based on the
7786
+ # context that your app generates and passes to Amazon Cognito when it
7787
+ # makes API requests.
7735
7788
  # @return [Types::UserContextDataType]
7736
7789
  #
7737
7790
  # @!attribute [rw] client_metadata
@@ -8429,6 +8482,7 @@ module Aws::CognitoIdentityProvider
8429
8482
  # analytics_endpoint_id: "StringType",
8430
8483
  # },
8431
8484
  # user_context_data: {
8485
+ # ip_address: "StringType",
8432
8486
  # encoded_data: "StringType",
8433
8487
  # },
8434
8488
  # client_metadata: {
@@ -8471,9 +8525,11 @@ module Aws::CognitoIdentityProvider
8471
8525
  # @return [Types::AnalyticsMetadataType]
8472
8526
  #
8473
8527
  # @!attribute [rw] user_context_data
8474
- # Contextual data such as the user's device fingerprint, IP address,
8475
- # or location used for evaluating the risk of an unexpected event by
8476
- # Amazon Cognito advanced security.
8528
+ # Contextual data about your user session, such as the device
8529
+ # fingerprint, IP address, or location. Amazon Cognito advanced
8530
+ # security evaluates the risk of an authentication event based on the
8531
+ # context that your app generates and passes to Amazon Cognito when it
8532
+ # makes API requests.
8477
8533
  # @return [Types::UserContextDataType]
8478
8534
  #
8479
8535
  # @!attribute [rw] client_metadata
@@ -8899,18 +8955,21 @@ module Aws::CognitoIdentityProvider
8899
8955
  # }
8900
8956
  #
8901
8957
  # @!attribute [rw] access_token
8902
- # A time unit in seconds”, minutes”, hours”, or days for the
8903
- # value in AccessTokenValidity, defaulting to hours.
8958
+ # A time unit of `seconds`, `minutes`, `hours`, or `days` for the
8959
+ # value that you set in the `AccessTokenValidity` parameter. The
8960
+ # default `AccessTokenValidity` time unit is hours.
8904
8961
  # @return [String]
8905
8962
  #
8906
8963
  # @!attribute [rw] id_token
8907
- # A time unit in seconds”, minutes”, hours”, or days for the
8908
- # value in IdTokenValidity, defaulting to hours.
8964
+ # A time unit of `seconds`, `minutes`, `hours`, or `days` for the
8965
+ # value that you set in the `IdTokenValidity` parameter. The default
8966
+ # `IdTokenValidity` time unit is hours.
8909
8967
  # @return [String]
8910
8968
  #
8911
8969
  # @!attribute [rw] refresh_token
8912
- # A time unit in seconds”, minutes”, hours”, or days for the
8913
- # value in RefreshTokenValidity, defaulting to days.
8970
+ # A time unit of `seconds`, `minutes`, `hours`, or `days` for the
8971
+ # value that you set in the `RefreshTokenValidity` parameter. The
8972
+ # default `RefreshTokenValidity` time unit is days.
8914
8973
  # @return [String]
8915
8974
  #
8916
8975
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/TokenValidityUnitsType AWS API Documentation
@@ -9517,6 +9576,7 @@ module Aws::CognitoIdentityProvider
9517
9576
  # },
9518
9577
  # prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
9519
9578
  # enable_token_revocation: false,
9579
+ # enable_propagate_additional_user_context_data: false,
9520
9580
  # }
9521
9581
  #
9522
9582
  # @!attribute [rw] user_pool_id
@@ -9749,6 +9809,20 @@ module Aws::CognitoIdentityProvider
9749
9809
  # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
9750
9810
  # @return [Boolean]
9751
9811
  #
9812
+ # @!attribute [rw] enable_propagate_additional_user_context_data
9813
+ # Activates the propagation of additional user context data. For more
9814
+ # information about propagation of user context data, see [ Adding
9815
+ # advanced security to a user pool][1]. If you don’t include this
9816
+ # parameter, you can't send device fingerprint information, including
9817
+ # source IP address, to Amazon Cognito advanced security. You can only
9818
+ # activate `EnablePropagateAdditionalUserContextData` in an app client
9819
+ # that has a client secret.
9820
+ #
9821
+ #
9822
+ #
9823
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
9824
+ # @return [Boolean]
9825
+ #
9752
9826
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolClientRequest AWS API Documentation
9753
9827
  #
9754
9828
  class UpdateUserPoolClientRequest < Struct.new(
@@ -9771,7 +9845,8 @@ module Aws::CognitoIdentityProvider
9771
9845
  :allowed_o_auth_flows_user_pool_client,
9772
9846
  :analytics_configuration,
9773
9847
  :prevent_user_existence_errors,
9774
- :enable_token_revocation)
9848
+ :enable_token_revocation,
9849
+ :enable_propagate_additional_user_context_data)
9775
9850
  SENSITIVE = [:client_id]
9776
9851
  include Aws::Structure
9777
9852
  end
@@ -9986,6 +10061,16 @@ module Aws::CognitoIdentityProvider
9986
10061
  # @return [String]
9987
10062
  #
9988
10063
  # @!attribute [rw] user_attribute_update_settings
10064
+ # The settings for updates to user attributes. These settings include
10065
+ # the property `AttributesRequireVerificationBeforeUpdate`, a
10066
+ # user-pool setting that tells Amazon Cognito how to handle changes to
10067
+ # the value of your users' email address and phone number attributes.
10068
+ # For more information, see [ Verifying updates to to email addresses
10069
+ # and phone numbers][1].
10070
+ #
10071
+ #
10072
+ #
10073
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates
9989
10074
  # @return [Types::UserAttributeUpdateSettingsType]
9990
10075
  #
9991
10076
  # @!attribute [rw] mfa_configuration
@@ -10085,7 +10170,16 @@ module Aws::CognitoIdentityProvider
10085
10170
  #
10086
10171
  class UpdateUserPoolResponse < Aws::EmptyStructure; end
10087
10172
 
10088
- # The settings for updates to user attributes.
10173
+ # The settings for updates to user attributes. These settings include
10174
+ # the property `AttributesRequireVerificationBeforeUpdate`, a user-pool
10175
+ # setting that tells Amazon Cognito how to handle changes to the value
10176
+ # of your users' email address and phone number attributes. For more
10177
+ # information, see [ Verifying updates to to email addresses and phone
10178
+ # numbers][1].
10179
+ #
10180
+ #
10181
+ #
10182
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates
10089
10183
  #
10090
10184
  # @note When making an API call, you may pass UserAttributeUpdateSettingsType
10091
10185
  # data as a hash:
@@ -10130,27 +10224,37 @@ module Aws::CognitoIdentityProvider
10130
10224
  include Aws::Structure
10131
10225
  end
10132
10226
 
10133
- # Information that your app generates about a user's
10134
- # `AdminInitiateAuth` or `AdminRespondToAuthChallenge` session. Amazon
10135
- # Cognito advanced security features calculate risk levels for user
10136
- # sessions based on this context data.
10227
+ # Contextual data, such as the user's device fingerprint, IP address,
10228
+ # or location, used for evaluating the risk of an unexpected event by
10229
+ # Amazon Cognito advanced security.
10137
10230
  #
10138
10231
  # @note When making an API call, you may pass UserContextDataType
10139
10232
  # data as a hash:
10140
10233
  #
10141
10234
  # {
10235
+ # ip_address: "StringType",
10142
10236
  # encoded_data: "StringType",
10143
10237
  # }
10144
10238
  #
10239
+ # @!attribute [rw] ip_address
10240
+ # The source IP address of your user's device.
10241
+ # @return [String]
10242
+ #
10145
10243
  # @!attribute [rw] encoded_data
10146
- # Contextual data, such as the user's device fingerprint, IP address,
10147
- # or location, used for evaluating the risk of an unexpected event by
10148
- # Amazon Cognito advanced security.
10244
+ # Encoded device-fingerprint details that your app collected with the
10245
+ # Amazon Cognito context data collection library. For more
10246
+ # information, see [Adding user device and session data to API
10247
+ # requests][1].
10248
+ #
10249
+ #
10250
+ #
10251
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint
10149
10252
  # @return [String]
10150
10253
  #
10151
10254
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UserContextDataType AWS API Documentation
10152
10255
  #
10153
10256
  class UserContextDataType < Struct.new(
10257
+ :ip_address,
10154
10258
  :encoded_data)
10155
10259
  SENSITIVE = []
10156
10260
  include Aws::Structure
@@ -10616,6 +10720,33 @@ module Aws::CognitoIdentityProvider
10616
10720
  # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
10617
10721
  # @return [Boolean]
10618
10722
  #
10723
+ # @!attribute [rw] enable_propagate_additional_user_context_data
10724
+ # When `EnablePropagateAdditionalUserContextData` is true, Amazon
10725
+ # Cognito accepts an `IpAddress` value that you send in the
10726
+ # `UserContextData` parameter. The `UserContextData` parameter sends
10727
+ # information to Amazon Cognito advanced security for risk analysis.
10728
+ # You can send `UserContextData` when you sign in Amazon Cognito
10729
+ # native users with the `InitiateAuth` and `RespondToAuthChallenge`
10730
+ # API operations.
10731
+ #
10732
+ # When `EnablePropagateAdditionalUserContextData` is false, you can't
10733
+ # send your user's source IP address to Amazon Cognito advanced
10734
+ # security with unauthenticated API operations.
10735
+ # `EnablePropagateAdditionalUserContextData` doesn't affect whether
10736
+ # you can send a source IP address in a `ContextData` parameter with
10737
+ # the authenticated API operations `AdminInitiateAuth` and
10738
+ # `AdminRespondToAuthChallenge`.
10739
+ #
10740
+ # You can only activate `EnablePropagateAdditionalUserContextData` in
10741
+ # an app client that has a client secret. For more information about
10742
+ # propagation of user context data, see [Adding user device and
10743
+ # session data to API requests][1].
10744
+ #
10745
+ #
10746
+ #
10747
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint
10748
+ # @return [Boolean]
10749
+ #
10619
10750
  # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UserPoolClientType AWS API Documentation
10620
10751
  #
10621
10752
  class UserPoolClientType < Struct.new(
@@ -10641,7 +10772,8 @@ module Aws::CognitoIdentityProvider
10641
10772
  :allowed_o_auth_flows_user_pool_client,
10642
10773
  :analytics_configuration,
10643
10774
  :prevent_user_existence_errors,
10644
- :enable_token_revocation)
10775
+ :enable_token_revocation,
10776
+ :enable_propagate_additional_user_context_data)
10645
10777
  SENSITIVE = [:client_id, :client_secret]
10646
10778
  include Aws::Structure
10647
10779
  end
@@ -10795,6 +10927,16 @@ module Aws::CognitoIdentityProvider
10795
10927
  # @return [String]
10796
10928
  #
10797
10929
  # @!attribute [rw] user_attribute_update_settings
10930
+ # The settings for updates to user attributes. These settings include
10931
+ # the property `AttributesRequireVerificationBeforeUpdate`, a
10932
+ # user-pool setting that tells Amazon Cognito how to handle changes to
10933
+ # the value of your users' email address and phone number attributes.
10934
+ # For more information, see [ Verifying updates to to email addresses
10935
+ # and phone numbers][1].
10936
+ #
10937
+ #
10938
+ #
10939
+ # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates
10798
10940
  # @return [Types::UserAttributeUpdateSettingsType]
10799
10941
  #
10800
10942
  # @!attribute [rw] mfa_configuration
@@ -48,6 +48,6 @@ require_relative 'aws-sdk-cognitoidentityprovider/customizations'
48
48
  # @!group service
49
49
  module Aws::CognitoIdentityProvider
50
50
 
51
- GEM_VERSION = '1.66.0'
51
+ GEM_VERSION = '1.67.0'
52
52
 
53
53
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-cognitoidentityprovider
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.66.0
4
+ version: 1.67.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-05-24 00:00:00.000000000 Z
11
+ date: 2022-05-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core