aws-sdk-cognitoidentityprovider 1.79.0 → 1.80.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-cognitoidentityprovider/client.rb +1512 -155
- data/lib/aws-sdk-cognitoidentityprovider/client_api.rb +63 -0
- data/lib/aws-sdk-cognitoidentityprovider/endpoints.rb +28 -0
- data/lib/aws-sdk-cognitoidentityprovider/plugins/endpoints.rb +4 -0
- data/lib/aws-sdk-cognitoidentityprovider/types.rb +560 -120
- data/lib/aws-sdk-cognitoidentityprovider.rb +1 -1
- metadata +2 -2
@@ -400,6 +400,24 @@ module Aws::CognitoIdentityProvider
|
|
400
400
|
|
401
401
|
# Adds additional user attributes to the user pool schema.
|
402
402
|
#
|
403
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
404
|
+
# in requests for this API operation. For this operation, you must use
|
405
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
406
|
+
# corresponding IAM permission in a policy.
|
407
|
+
#
|
408
|
+
# **Learn more**
|
409
|
+
#
|
410
|
+
# * [Signing Amazon Web Services API Requests][1]
|
411
|
+
#
|
412
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
413
|
+
#
|
414
|
+
# </note>
|
415
|
+
#
|
416
|
+
#
|
417
|
+
#
|
418
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
419
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
420
|
+
#
|
403
421
|
# @option params [required, String] :user_pool_id
|
404
422
|
# The user pool ID for the user pool where you want to add custom
|
405
423
|
# attributes.
|
@@ -443,7 +461,23 @@ module Aws::CognitoIdentityProvider
|
|
443
461
|
|
444
462
|
# Adds the specified user to the specified group.
|
445
463
|
#
|
446
|
-
#
|
464
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
465
|
+
# in requests for this API operation. For this operation, you must use
|
466
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
467
|
+
# corresponding IAM permission in a policy.
|
468
|
+
#
|
469
|
+
# **Learn more**
|
470
|
+
#
|
471
|
+
# * [Signing Amazon Web Services API Requests][1]
|
472
|
+
#
|
473
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
474
|
+
#
|
475
|
+
# </note>
|
476
|
+
#
|
477
|
+
#
|
478
|
+
#
|
479
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
480
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
447
481
|
#
|
448
482
|
# @option params [required, String] :user_pool_id
|
449
483
|
# The user pool ID for the user pool.
|
@@ -476,7 +510,23 @@ module Aws::CognitoIdentityProvider
|
|
476
510
|
# Confirms user registration as an admin without using a confirmation
|
477
511
|
# code. Works on any user.
|
478
512
|
#
|
479
|
-
#
|
513
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
514
|
+
# in requests for this API operation. For this operation, you must use
|
515
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
516
|
+
# corresponding IAM permission in a policy.
|
517
|
+
#
|
518
|
+
# **Learn more**
|
519
|
+
#
|
520
|
+
# * [Signing Amazon Web Services API Requests][1]
|
521
|
+
#
|
522
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
523
|
+
#
|
524
|
+
# </note>
|
525
|
+
#
|
526
|
+
#
|
527
|
+
#
|
528
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
529
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
480
530
|
#
|
481
531
|
# @option params [required, String] :user_pool_id
|
482
532
|
# The user pool ID for which you want to confirm user registration.
|
@@ -578,12 +628,25 @@ module Aws::CognitoIdentityProvider
|
|
578
628
|
# In either case, the user will be in the `FORCE_CHANGE_PASSWORD` state
|
579
629
|
# until they sign in and change their password.
|
580
630
|
#
|
581
|
-
#
|
631
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
632
|
+
# in requests for this API operation. For this operation, you must use
|
633
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
634
|
+
# corresponding IAM permission in a policy.
|
635
|
+
#
|
636
|
+
# **Learn more**
|
637
|
+
#
|
638
|
+
# * [Signing Amazon Web Services API Requests][3]
|
639
|
+
#
|
640
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][4]
|
641
|
+
#
|
642
|
+
# </note>
|
582
643
|
#
|
583
644
|
#
|
584
645
|
#
|
585
646
|
# [1]: https://console.aws.amazon.com/pinpoint/home/
|
586
|
-
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/
|
647
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
648
|
+
# [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
649
|
+
# [4]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
587
650
|
#
|
588
651
|
# @option params [required, String] :user_pool_id
|
589
652
|
# The user pool ID for the user pool where the user will be created.
|
@@ -656,10 +719,9 @@ module Aws::CognitoIdentityProvider
|
|
656
719
|
# Cognito generates one for you.
|
657
720
|
#
|
658
721
|
# The temporary password can only be used until the user account
|
659
|
-
# expiration limit that you
|
660
|
-
#
|
661
|
-
#
|
662
|
-
# parameter.
|
722
|
+
# expiration limit that you set for your user pool. To reset the account
|
723
|
+
# after that time limit, you must call `AdminCreateUser` again and
|
724
|
+
# specify `RESEND` for the `MessageAction` parameter.
|
663
725
|
#
|
664
726
|
# @option params [Boolean] :force_alias_creation
|
665
727
|
# This parameter is used only if the `phone_number_verified` or
|
@@ -777,7 +839,23 @@ module Aws::CognitoIdentityProvider
|
|
777
839
|
|
778
840
|
# Deletes a user as an administrator. Works on any user.
|
779
841
|
#
|
780
|
-
#
|
842
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
843
|
+
# in requests for this API operation. For this operation, you must use
|
844
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
845
|
+
# corresponding IAM permission in a policy.
|
846
|
+
#
|
847
|
+
# **Learn more**
|
848
|
+
#
|
849
|
+
# * [Signing Amazon Web Services API Requests][1]
|
850
|
+
#
|
851
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
852
|
+
#
|
853
|
+
# </note>
|
854
|
+
#
|
855
|
+
#
|
856
|
+
#
|
857
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
858
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
781
859
|
#
|
782
860
|
# @option params [required, String] :user_pool_id
|
783
861
|
# The user pool ID for the user pool where you want to delete the user.
|
@@ -806,7 +884,23 @@ module Aws::CognitoIdentityProvider
|
|
806
884
|
# Deletes the user attributes in a user pool as an administrator. Works
|
807
885
|
# on any user.
|
808
886
|
#
|
809
|
-
#
|
887
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
888
|
+
# in requests for this API operation. For this operation, you must use
|
889
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
890
|
+
# corresponding IAM permission in a policy.
|
891
|
+
#
|
892
|
+
# **Learn more**
|
893
|
+
#
|
894
|
+
# * [Signing Amazon Web Services API Requests][1]
|
895
|
+
#
|
896
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
897
|
+
#
|
898
|
+
# </note>
|
899
|
+
#
|
900
|
+
#
|
901
|
+
#
|
902
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
903
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
810
904
|
#
|
811
905
|
# @option params [required, String] :user_pool_id
|
812
906
|
# The user pool ID for the user pool where you want to delete user
|
@@ -852,9 +946,6 @@ module Aws::CognitoIdentityProvider
|
|
852
946
|
# `DestinationUser`, the user must create a new user account. See
|
853
947
|
# [AdminLinkProviderForUser][1].
|
854
948
|
#
|
855
|
-
# This action is enabled only for admin access and requires developer
|
856
|
-
# credentials.
|
857
|
-
#
|
858
949
|
# The `ProviderName` must match the value specified when creating an IdP
|
859
950
|
# for the pool.
|
860
951
|
#
|
@@ -878,9 +969,24 @@ module Aws::CognitoIdentityProvider
|
|
878
969
|
# `ProviderAttributeName` must be `Cognito_Subject` and
|
879
970
|
# `ProviderAttributeValue` must be the subject of the SAML assertion.
|
880
971
|
#
|
972
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
973
|
+
# in requests for this API operation. For this operation, you must use
|
974
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
975
|
+
# corresponding IAM permission in a policy.
|
976
|
+
#
|
977
|
+
# **Learn more**
|
978
|
+
#
|
979
|
+
# * [Signing Amazon Web Services API Requests][2]
|
980
|
+
#
|
981
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][3]
|
982
|
+
#
|
983
|
+
# </note>
|
984
|
+
#
|
881
985
|
#
|
882
986
|
#
|
883
987
|
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminLinkProviderForUser.html
|
988
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
989
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
884
990
|
#
|
885
991
|
# @option params [required, String] :user_pool_id
|
886
992
|
# The user pool ID for the user pool.
|
@@ -914,8 +1020,23 @@ module Aws::CognitoIdentityProvider
|
|
914
1020
|
# deactivated user can't sign in, but still appears in the responses to
|
915
1021
|
# `GetUser` and `ListUsers` API requests.
|
916
1022
|
#
|
917
|
-
#
|
918
|
-
#
|
1023
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1024
|
+
# in requests for this API operation. For this operation, you must use
|
1025
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1026
|
+
# corresponding IAM permission in a policy.
|
1027
|
+
#
|
1028
|
+
# **Learn more**
|
1029
|
+
#
|
1030
|
+
# * [Signing Amazon Web Services API Requests][1]
|
1031
|
+
#
|
1032
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
1033
|
+
#
|
1034
|
+
# </note>
|
1035
|
+
#
|
1036
|
+
#
|
1037
|
+
#
|
1038
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1039
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
919
1040
|
#
|
920
1041
|
# @option params [required, String] :user_pool_id
|
921
1042
|
# The user pool ID for the user pool where you want to disable the user.
|
@@ -943,7 +1064,23 @@ module Aws::CognitoIdentityProvider
|
|
943
1064
|
|
944
1065
|
# Enables the specified user as an administrator. Works on any user.
|
945
1066
|
#
|
946
|
-
#
|
1067
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1068
|
+
# in requests for this API operation. For this operation, you must use
|
1069
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1070
|
+
# corresponding IAM permission in a policy.
|
1071
|
+
#
|
1072
|
+
# **Learn more**
|
1073
|
+
#
|
1074
|
+
# * [Signing Amazon Web Services API Requests][1]
|
1075
|
+
#
|
1076
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
1077
|
+
#
|
1078
|
+
# </note>
|
1079
|
+
#
|
1080
|
+
#
|
1081
|
+
#
|
1082
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1083
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
947
1084
|
#
|
948
1085
|
# @option params [required, String] :user_pool_id
|
949
1086
|
# The user pool ID for the user pool where you want to enable the user.
|
@@ -971,7 +1108,23 @@ module Aws::CognitoIdentityProvider
|
|
971
1108
|
|
972
1109
|
# Forgets the device, as an administrator.
|
973
1110
|
#
|
974
|
-
#
|
1111
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1112
|
+
# in requests for this API operation. For this operation, you must use
|
1113
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1114
|
+
# corresponding IAM permission in a policy.
|
1115
|
+
#
|
1116
|
+
# **Learn more**
|
1117
|
+
#
|
1118
|
+
# * [Signing Amazon Web Services API Requests][1]
|
1119
|
+
#
|
1120
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
1121
|
+
#
|
1122
|
+
# </note>
|
1123
|
+
#
|
1124
|
+
#
|
1125
|
+
#
|
1126
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1127
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
975
1128
|
#
|
976
1129
|
# @option params [required, String] :user_pool_id
|
977
1130
|
# The user pool ID.
|
@@ -1003,7 +1156,23 @@ module Aws::CognitoIdentityProvider
|
|
1003
1156
|
|
1004
1157
|
# Gets the device, as an administrator.
|
1005
1158
|
#
|
1006
|
-
#
|
1159
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1160
|
+
# in requests for this API operation. For this operation, you must use
|
1161
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1162
|
+
# corresponding IAM permission in a policy.
|
1163
|
+
#
|
1164
|
+
# **Learn more**
|
1165
|
+
#
|
1166
|
+
# * [Signing Amazon Web Services API Requests][1]
|
1167
|
+
#
|
1168
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
1169
|
+
#
|
1170
|
+
# </note>
|
1171
|
+
#
|
1172
|
+
#
|
1173
|
+
#
|
1174
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1175
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
1007
1176
|
#
|
1008
1177
|
# @option params [required, String] :device_key
|
1009
1178
|
# The device key.
|
@@ -1048,7 +1217,23 @@ module Aws::CognitoIdentityProvider
|
|
1048
1217
|
# Gets the specified user by user name in a user pool as an
|
1049
1218
|
# administrator. Works on any user.
|
1050
1219
|
#
|
1051
|
-
#
|
1220
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1221
|
+
# in requests for this API operation. For this operation, you must use
|
1222
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1223
|
+
# corresponding IAM permission in a policy.
|
1224
|
+
#
|
1225
|
+
# **Learn more**
|
1226
|
+
#
|
1227
|
+
# * [Signing Amazon Web Services API Requests][1]
|
1228
|
+
#
|
1229
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
1230
|
+
#
|
1231
|
+
# </note>
|
1232
|
+
#
|
1233
|
+
#
|
1234
|
+
#
|
1235
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1236
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
1052
1237
|
#
|
1053
1238
|
# @option params [required, String] :user_pool_id
|
1054
1239
|
# The user pool ID for the user pool where you want to get information
|
@@ -1125,12 +1310,25 @@ module Aws::CognitoIdentityProvider
|
|
1125
1310
|
#
|
1126
1311
|
# </note>
|
1127
1312
|
#
|
1128
|
-
#
|
1313
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1314
|
+
# in requests for this API operation. For this operation, you must use
|
1315
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1316
|
+
# corresponding IAM permission in a policy.
|
1317
|
+
#
|
1318
|
+
# **Learn more**
|
1319
|
+
#
|
1320
|
+
# * [Signing Amazon Web Services API Requests][3]
|
1321
|
+
#
|
1322
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][4]
|
1323
|
+
#
|
1324
|
+
# </note>
|
1129
1325
|
#
|
1130
1326
|
#
|
1131
1327
|
#
|
1132
1328
|
# [1]: https://console.aws.amazon.com/pinpoint/home/
|
1133
|
-
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/
|
1329
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
1330
|
+
# [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1331
|
+
# [4]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
1134
1332
|
#
|
1135
1333
|
# @option params [required, String] :user_pool_id
|
1136
1334
|
# The ID of the Amazon Cognito user pool.
|
@@ -1181,19 +1379,28 @@ module Aws::CognitoIdentityProvider
|
|
1181
1379
|
# `SECRET_HASH` (required if the app client is configured with a
|
1182
1380
|
# client secret), `DEVICE_KEY`.
|
1183
1381
|
#
|
1382
|
+
# * For `ADMIN_USER_PASSWORD_AUTH`: `USERNAME` (required), `PASSWORD`
|
1383
|
+
# (required), `SECRET_HASH` (required if the app client is configured
|
1384
|
+
# with a client secret), `DEVICE_KEY`.
|
1385
|
+
#
|
1184
1386
|
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN`: `REFRESH_TOKEN` (required),
|
1185
1387
|
# `SECRET_HASH` (required if the app client is configured with a
|
1186
1388
|
# client secret), `DEVICE_KEY`.
|
1187
1389
|
#
|
1188
|
-
# * For `ADMIN_NO_SRP_AUTH`: `USERNAME` (required), `SECRET_HASH` (if
|
1189
|
-
# app client is configured with client secret), `PASSWORD` (required),
|
1190
|
-
# `DEVICE_KEY`.
|
1191
|
-
#
|
1192
1390
|
# * For `CUSTOM_AUTH`: `USERNAME` (required), `SECRET_HASH` (if app
|
1193
1391
|
# client is configured with client secret), `DEVICE_KEY`. To start the
|
1194
1392
|
# authentication flow with password verification, include
|
1195
1393
|
# `ChallengeName: SRP_A` and `SRP_A: (The SRP_A Value)`.
|
1196
1394
|
#
|
1395
|
+
# For more information about `SECRET_HASH`, see [Computing secret hash
|
1396
|
+
# values][1]. For information about `DEVICE_KEY`, see [Working with user
|
1397
|
+
# devices in your user pool][2].
|
1398
|
+
#
|
1399
|
+
#
|
1400
|
+
#
|
1401
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash
|
1402
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html
|
1403
|
+
#
|
1197
1404
|
# @option params [Hash<String,String>] :client_metadata
|
1198
1405
|
# A map of custom key-value pairs that you can provide as input for
|
1199
1406
|
# certain custom workflows that this action triggers.
|
@@ -1347,14 +1554,30 @@ module Aws::CognitoIdentityProvider
|
|
1347
1554
|
# only be used with external IdPs and provider attributes that have been
|
1348
1555
|
# trusted by the application owner.
|
1349
1556
|
#
|
1350
|
-
#
|
1557
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1558
|
+
# in requests for this API operation. For this operation, you must use
|
1559
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1560
|
+
# corresponding IAM permission in a policy.
|
1561
|
+
#
|
1562
|
+
# **Learn more**
|
1563
|
+
#
|
1564
|
+
# * [Signing Amazon Web Services API Requests][1]
|
1565
|
+
#
|
1566
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
1567
|
+
#
|
1568
|
+
# </note>
|
1569
|
+
#
|
1570
|
+
#
|
1571
|
+
#
|
1572
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1573
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
1351
1574
|
#
|
1352
1575
|
# @option params [required, String] :user_pool_id
|
1353
1576
|
# The user pool ID for the user pool.
|
1354
1577
|
#
|
1355
1578
|
# @option params [required, Types::ProviderUserIdentifierType] :destination_user
|
1356
1579
|
# The existing user in the user pool that you want to assign to the
|
1357
|
-
# external IdP user account. This user can be a
|
1580
|
+
# external IdP user account. This user can be a local (Username +
|
1358
1581
|
# Password) Amazon Cognito user pools user or a federated user (for
|
1359
1582
|
# example, a SAML or Facebook user). If the user doesn't exist, Amazon
|
1360
1583
|
# Cognito generates an exception. Amazon Cognito returns this user when
|
@@ -1389,13 +1612,21 @@ module Aws::CognitoIdentityProvider
|
|
1389
1612
|
#
|
1390
1613
|
#
|
1391
1614
|
#
|
1615
|
+
# For OIDC, the `ProviderAttributeName` can be any value that matches a
|
1616
|
+
# claim in the ID token, or that your app retrieves from the `userInfo`
|
1617
|
+
# endpoint. You must map the claim to a user pool attribute in your IdP
|
1618
|
+
# configuration, and set the user pool attribute name as the value of
|
1619
|
+
# `ProviderAttributeName` in your `AdminLinkProviderForUser` request.
|
1620
|
+
#
|
1392
1621
|
# For SAML, the `ProviderAttributeName` can be any value that matches a
|
1393
|
-
# claim in the SAML assertion.
|
1394
|
-
#
|
1395
|
-
#
|
1396
|
-
#
|
1622
|
+
# claim in the SAML assertion. To link SAML users based on the subject
|
1623
|
+
# of the SAML assertion, map the subject to a claim through the SAML IdP
|
1624
|
+
# and set that claim name as the value of `ProviderAttributeName` in
|
1625
|
+
# your `AdminLinkProviderForUser` request.
|
1626
|
+
#
|
1627
|
+
# For both OIDC and SAML users, when you set `ProviderAttributeName` to
|
1397
1628
|
# `Cognito_Subject`, Amazon Cognito will automatically parse the default
|
1398
|
-
# unique identifier found in the subject from the
|
1629
|
+
# unique identifier found in the subject from the IdP token.
|
1399
1630
|
#
|
1400
1631
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1401
1632
|
#
|
@@ -1426,7 +1657,23 @@ module Aws::CognitoIdentityProvider
|
|
1426
1657
|
|
1427
1658
|
# Lists devices, as an administrator.
|
1428
1659
|
#
|
1429
|
-
#
|
1660
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1661
|
+
# in requests for this API operation. For this operation, you must use
|
1662
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1663
|
+
# corresponding IAM permission in a policy.
|
1664
|
+
#
|
1665
|
+
# **Learn more**
|
1666
|
+
#
|
1667
|
+
# * [Signing Amazon Web Services API Requests][1]
|
1668
|
+
#
|
1669
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
1670
|
+
#
|
1671
|
+
# </note>
|
1672
|
+
#
|
1673
|
+
#
|
1674
|
+
#
|
1675
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1676
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
1430
1677
|
#
|
1431
1678
|
# @option params [required, String] :user_pool_id
|
1432
1679
|
# The user pool ID.
|
@@ -1477,7 +1724,23 @@ module Aws::CognitoIdentityProvider
|
|
1477
1724
|
|
1478
1725
|
# Lists the groups that the user belongs to.
|
1479
1726
|
#
|
1480
|
-
#
|
1727
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1728
|
+
# in requests for this API operation. For this operation, you must use
|
1729
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1730
|
+
# corresponding IAM permission in a policy.
|
1731
|
+
#
|
1732
|
+
# **Learn more**
|
1733
|
+
#
|
1734
|
+
# * [Signing Amazon Web Services API Requests][1]
|
1735
|
+
#
|
1736
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
1737
|
+
#
|
1738
|
+
# </note>
|
1739
|
+
#
|
1740
|
+
#
|
1741
|
+
#
|
1742
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1743
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
1481
1744
|
#
|
1482
1745
|
# @option params [required, String] :username
|
1483
1746
|
# The username for the user.
|
@@ -1533,6 +1796,24 @@ module Aws::CognitoIdentityProvider
|
|
1533
1796
|
# A history of user activity and any risks detected as part of Amazon
|
1534
1797
|
# Cognito advanced security.
|
1535
1798
|
#
|
1799
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1800
|
+
# in requests for this API operation. For this operation, you must use
|
1801
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1802
|
+
# corresponding IAM permission in a policy.
|
1803
|
+
#
|
1804
|
+
# **Learn more**
|
1805
|
+
#
|
1806
|
+
# * [Signing Amazon Web Services API Requests][1]
|
1807
|
+
#
|
1808
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
1809
|
+
#
|
1810
|
+
# </note>
|
1811
|
+
#
|
1812
|
+
#
|
1813
|
+
#
|
1814
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1815
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
1816
|
+
#
|
1536
1817
|
# @option params [required, String] :user_pool_id
|
1537
1818
|
# The user pool ID.
|
1538
1819
|
#
|
@@ -1597,7 +1878,23 @@ module Aws::CognitoIdentityProvider
|
|
1597
1878
|
|
1598
1879
|
# Removes the specified user from the specified group.
|
1599
1880
|
#
|
1600
|
-
#
|
1881
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1882
|
+
# in requests for this API operation. For this operation, you must use
|
1883
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1884
|
+
# corresponding IAM permission in a policy.
|
1885
|
+
#
|
1886
|
+
# **Learn more**
|
1887
|
+
#
|
1888
|
+
# * [Signing Amazon Web Services API Requests][1]
|
1889
|
+
#
|
1890
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
1891
|
+
#
|
1892
|
+
# </note>
|
1893
|
+
#
|
1894
|
+
#
|
1895
|
+
#
|
1896
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1897
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
1601
1898
|
#
|
1602
1899
|
# @option params [required, String] :user_pool_id
|
1603
1900
|
# The user pool ID for the user pool.
|
@@ -1630,17 +1927,6 @@ module Aws::CognitoIdentityProvider
|
|
1630
1927
|
# Resets the specified user's password in a user pool as an
|
1631
1928
|
# administrator. Works on any user.
|
1632
1929
|
#
|
1633
|
-
# When a developer calls this API, the current password is invalidated,
|
1634
|
-
# so it must be changed. If a user tries to sign in after the API is
|
1635
|
-
# called, the app will get a PasswordResetRequiredException exception
|
1636
|
-
# back and should direct the user down the flow to reset the password,
|
1637
|
-
# which is the same as the forgot password flow. In addition, if the
|
1638
|
-
# user pool has phone verification selected and a verified phone number
|
1639
|
-
# exists for the user, or if email verification is selected and a
|
1640
|
-
# verified email exists for the user, calling this API will also result
|
1641
|
-
# in sending a message to the end user with the code to change their
|
1642
|
-
# password.
|
1643
|
-
#
|
1644
1930
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
1645
1931
|
# US telecom carriers require you to register an origination phone
|
1646
1932
|
# number before you can send SMS messages to US phone numbers. If you
|
@@ -1662,12 +1948,35 @@ module Aws::CognitoIdentityProvider
|
|
1662
1948
|
#
|
1663
1949
|
# </note>
|
1664
1950
|
#
|
1665
|
-
#
|
1951
|
+
# Deactivates a user's password, requiring them to change it. If a user
|
1952
|
+
# tries to sign in after the API is called, Amazon Cognito responds with
|
1953
|
+
# a `PasswordResetRequiredException` error. Your app must then perform
|
1954
|
+
# the actions that reset your user's password: the forgot-password
|
1955
|
+
# flow. In addition, if the user pool has phone verification selected
|
1956
|
+
# and a verified phone number exists for the user, or if email
|
1957
|
+
# verification is selected and a verified email exists for the user,
|
1958
|
+
# calling this API will also result in sending a message to the end user
|
1959
|
+
# with the code to change their password.
|
1960
|
+
#
|
1961
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
1962
|
+
# in requests for this API operation. For this operation, you must use
|
1963
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
1964
|
+
# corresponding IAM permission in a policy.
|
1965
|
+
#
|
1966
|
+
# **Learn more**
|
1967
|
+
#
|
1968
|
+
# * [Signing Amazon Web Services API Requests][3]
|
1969
|
+
#
|
1970
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][4]
|
1971
|
+
#
|
1972
|
+
# </note>
|
1666
1973
|
#
|
1667
1974
|
#
|
1668
1975
|
#
|
1669
1976
|
# [1]: https://console.aws.amazon.com/pinpoint/home/
|
1670
|
-
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/
|
1977
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
1978
|
+
# [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
1979
|
+
# [4]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
1671
1980
|
#
|
1672
1981
|
# @option params [required, String] :user_pool_id
|
1673
1982
|
# The user pool ID for the user pool where you want to reset the user's
|
@@ -1757,12 +2066,25 @@ module Aws::CognitoIdentityProvider
|
|
1757
2066
|
#
|
1758
2067
|
# </note>
|
1759
2068
|
#
|
1760
|
-
#
|
2069
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
2070
|
+
# in requests for this API operation. For this operation, you must use
|
2071
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
2072
|
+
# corresponding IAM permission in a policy.
|
2073
|
+
#
|
2074
|
+
# **Learn more**
|
2075
|
+
#
|
2076
|
+
# * [Signing Amazon Web Services API Requests][3]
|
2077
|
+
#
|
2078
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][4]
|
2079
|
+
#
|
2080
|
+
# </note>
|
1761
2081
|
#
|
1762
2082
|
#
|
1763
2083
|
#
|
1764
2084
|
# [1]: https://console.aws.amazon.com/pinpoint/home/
|
1765
|
-
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/
|
2085
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
2086
|
+
# [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
2087
|
+
# [4]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
1766
2088
|
#
|
1767
2089
|
# @option params [required, String] :user_pool_id
|
1768
2090
|
# The ID of the Amazon Cognito user pool.
|
@@ -1823,6 +2145,15 @@ module Aws::CognitoIdentityProvider
|
|
1823
2145
|
# happens even if you specified an alias in your call to
|
1824
2146
|
# `AdminInitiateAuth`.
|
1825
2147
|
#
|
2148
|
+
# For more information about `SECRET_HASH`, see [Computing secret hash
|
2149
|
+
# values][1]. For information about `DEVICE_KEY`, see [Working with user
|
2150
|
+
# devices in your user pool][2].
|
2151
|
+
#
|
2152
|
+
#
|
2153
|
+
#
|
2154
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash
|
2155
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html
|
2156
|
+
#
|
1826
2157
|
# @option params [String] :session
|
1827
2158
|
# The session that should be passed both ways in challenge-response
|
1828
2159
|
# calls to the service. If an `InitiateAuth` or `RespondToAuthChallenge`
|
@@ -1963,6 +2294,24 @@ module Aws::CognitoIdentityProvider
|
|
1963
2294
|
# options are activated and no preference is set, a challenge to choose
|
1964
2295
|
# an MFA option will be returned during sign-in.
|
1965
2296
|
#
|
2297
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
2298
|
+
# in requests for this API operation. For this operation, you must use
|
2299
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
2300
|
+
# corresponding IAM permission in a policy.
|
2301
|
+
#
|
2302
|
+
# **Learn more**
|
2303
|
+
#
|
2304
|
+
# * [Signing Amazon Web Services API Requests][1]
|
2305
|
+
#
|
2306
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
2307
|
+
#
|
2308
|
+
# </note>
|
2309
|
+
#
|
2310
|
+
#
|
2311
|
+
#
|
2312
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
2313
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2314
|
+
#
|
1966
2315
|
# @option params [Types::SMSMfaSettingsType] :sms_mfa_settings
|
1967
2316
|
# The SMS text message MFA settings.
|
1968
2317
|
#
|
@@ -2014,6 +2363,38 @@ module Aws::CognitoIdentityProvider
|
|
2014
2363
|
# Once the user has set a new password, or the password is permanent,
|
2015
2364
|
# the user status is set to `Confirmed`.
|
2016
2365
|
#
|
2366
|
+
# `AdminSetUserPassword` can set a password for the user profile that
|
2367
|
+
# Amazon Cognito creates for third-party federated users. When you set a
|
2368
|
+
# password, the federated user's status changes from
|
2369
|
+
# `EXTERNAL_PROVIDER` to `CONFIRMED`. A user in this state can sign in
|
2370
|
+
# as a federated user, and initiate authentication flows in the API like
|
2371
|
+
# a linked native user. They can also modify their password and
|
2372
|
+
# attributes in token-authenticated API requests like `ChangePassword`
|
2373
|
+
# and `UpdateUserAttributes`. As a best security practice and to keep
|
2374
|
+
# users in sync with your external IdP, don't set passwords on
|
2375
|
+
# federated user profiles. To set up a federated user for native sign-in
|
2376
|
+
# with a linked native user, refer to [Linking federated users to an
|
2377
|
+
# existing user profile][1].
|
2378
|
+
#
|
2379
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
2380
|
+
# in requests for this API operation. For this operation, you must use
|
2381
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
2382
|
+
# corresponding IAM permission in a policy.
|
2383
|
+
#
|
2384
|
+
# **Learn more**
|
2385
|
+
#
|
2386
|
+
# * [Signing Amazon Web Services API Requests][2]
|
2387
|
+
#
|
2388
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][3]
|
2389
|
+
#
|
2390
|
+
# </note>
|
2391
|
+
#
|
2392
|
+
#
|
2393
|
+
#
|
2394
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html
|
2395
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
2396
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2397
|
+
#
|
2017
2398
|
# @option params [required, String] :user_pool_id
|
2018
2399
|
# The user pool ID for the user pool where you want to set the user's
|
2019
2400
|
# password.
|
@@ -2052,9 +2433,24 @@ module Aws::CognitoIdentityProvider
|
|
2052
2433
|
# (TOTP) software token MFA. To configure either type of MFA, use
|
2053
2434
|
# [AdminSetUserMFAPreference][1] instead.
|
2054
2435
|
#
|
2436
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
2437
|
+
# in requests for this API operation. For this operation, you must use
|
2438
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
2439
|
+
# corresponding IAM permission in a policy.
|
2440
|
+
#
|
2441
|
+
# **Learn more**
|
2442
|
+
#
|
2443
|
+
# * [Signing Amazon Web Services API Requests][2]
|
2444
|
+
#
|
2445
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][3]
|
2446
|
+
#
|
2447
|
+
# </note>
|
2448
|
+
#
|
2055
2449
|
#
|
2056
2450
|
#
|
2057
2451
|
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html
|
2452
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
2453
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2058
2454
|
#
|
2059
2455
|
# @option params [required, String] :user_pool_id
|
2060
2456
|
# The ID of the user pool that contains the user whose options you're
|
@@ -2096,6 +2492,24 @@ module Aws::CognitoIdentityProvider
|
|
2096
2492
|
# evaluation decision for the user pool as part of Amazon Cognito
|
2097
2493
|
# advanced security.
|
2098
2494
|
#
|
2495
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
2496
|
+
# in requests for this API operation. For this operation, you must use
|
2497
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
2498
|
+
# corresponding IAM permission in a policy.
|
2499
|
+
#
|
2500
|
+
# **Learn more**
|
2501
|
+
#
|
2502
|
+
# * [Signing Amazon Web Services API Requests][1]
|
2503
|
+
#
|
2504
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
2505
|
+
#
|
2506
|
+
# </note>
|
2507
|
+
#
|
2508
|
+
#
|
2509
|
+
#
|
2510
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
2511
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2512
|
+
#
|
2099
2513
|
# @option params [required, String] :user_pool_id
|
2100
2514
|
# The user pool ID.
|
2101
2515
|
#
|
@@ -2106,7 +2520,12 @@ module Aws::CognitoIdentityProvider
|
|
2106
2520
|
# The authentication event ID.
|
2107
2521
|
#
|
2108
2522
|
# @option params [required, String] :feedback_value
|
2109
|
-
# The authentication event feedback value.
|
2523
|
+
# The authentication event feedback value. When you provide a
|
2524
|
+
# `FeedbackValue` value of `valid`, you tell Amazon Cognito that you
|
2525
|
+
# trust a user session where Amazon Cognito has evaluated some level of
|
2526
|
+
# risk. When you provide a `FeedbackValue` value of `invalid`, you tell
|
2527
|
+
# Amazon Cognito that you don't trust a user session, or you don't
|
2528
|
+
# believe that Amazon Cognito evaluated a high-enough risk level.
|
2110
2529
|
#
|
2111
2530
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2112
2531
|
#
|
@@ -2130,7 +2549,23 @@ module Aws::CognitoIdentityProvider
|
|
2130
2549
|
|
2131
2550
|
# Updates the device status as an administrator.
|
2132
2551
|
#
|
2133
|
-
#
|
2552
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
2553
|
+
# in requests for this API operation. For this operation, you must use
|
2554
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
2555
|
+
# corresponding IAM permission in a policy.
|
2556
|
+
#
|
2557
|
+
# **Learn more**
|
2558
|
+
#
|
2559
|
+
# * [Signing Amazon Web Services API Requests][1]
|
2560
|
+
#
|
2561
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
2562
|
+
#
|
2563
|
+
# </note>
|
2564
|
+
#
|
2565
|
+
#
|
2566
|
+
#
|
2567
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
2568
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2134
2569
|
#
|
2135
2570
|
# @option params [required, String] :user_pool_id
|
2136
2571
|
# The user pool ID.
|
@@ -2164,15 +2599,6 @@ module Aws::CognitoIdentityProvider
|
|
2164
2599
|
req.send_request(options)
|
2165
2600
|
end
|
2166
2601
|
|
2167
|
-
# Updates the specified user's attributes, including developer
|
2168
|
-
# attributes, as an administrator. Works on any user.
|
2169
|
-
#
|
2170
|
-
# For custom attributes, you must prepend the `custom:` prefix to the
|
2171
|
-
# attribute name.
|
2172
|
-
#
|
2173
|
-
# In addition to updating user attributes, this API can also be used to
|
2174
|
-
# mark phone and email as verified.
|
2175
|
-
#
|
2176
2602
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
2177
2603
|
# US telecom carriers require you to register an origination phone
|
2178
2604
|
# number before you can send SMS messages to US phone numbers. If you
|
@@ -2194,12 +2620,34 @@ module Aws::CognitoIdentityProvider
|
|
2194
2620
|
#
|
2195
2621
|
# </note>
|
2196
2622
|
#
|
2197
|
-
#
|
2623
|
+
# Updates the specified user's attributes, including developer
|
2624
|
+
# attributes, as an administrator. Works on any user.
|
2625
|
+
#
|
2626
|
+
# For custom attributes, you must prepend the `custom:` prefix to the
|
2627
|
+
# attribute name.
|
2628
|
+
#
|
2629
|
+
# In addition to updating user attributes, this API can also be used to
|
2630
|
+
# mark phone and email as verified.
|
2631
|
+
#
|
2632
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
2633
|
+
# in requests for this API operation. For this operation, you must use
|
2634
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
2635
|
+
# corresponding IAM permission in a policy.
|
2636
|
+
#
|
2637
|
+
# **Learn more**
|
2638
|
+
#
|
2639
|
+
# * [Signing Amazon Web Services API Requests][3]
|
2640
|
+
#
|
2641
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][4]
|
2642
|
+
#
|
2643
|
+
# </note>
|
2198
2644
|
#
|
2199
2645
|
#
|
2200
2646
|
#
|
2201
2647
|
# [1]: https://console.aws.amazon.com/pinpoint/home/
|
2202
|
-
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/
|
2648
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
2649
|
+
# [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
2650
|
+
# [4]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2203
2651
|
#
|
2204
2652
|
# @option params [required, String] :user_pool_id
|
2205
2653
|
# The user pool ID for the user pool where you want to update user
|
@@ -2293,16 +2741,34 @@ module Aws::CognitoIdentityProvider
|
|
2293
2741
|
req.send_request(options)
|
2294
2742
|
end
|
2295
2743
|
|
2296
|
-
# Signs out a user from all devices.
|
2297
|
-
#
|
2298
|
-
#
|
2299
|
-
#
|
2300
|
-
#
|
2301
|
-
# expire one hour after they're issued. A user can still use a hosted
|
2302
|
-
# UI cookie to retrieve new tokens for the duration of the cookie
|
2303
|
-
# validity period of 1 hour.
|
2744
|
+
# Signs out a user from all devices. `AdminUserGlobalSignOut`
|
2745
|
+
# invalidates all identity, access and refresh tokens that Amazon
|
2746
|
+
# Cognito has issued to a user. A user can still use a hosted UI cookie
|
2747
|
+
# to retrieve new tokens for the duration of the 1-hour cookie validity
|
2748
|
+
# period.
|
2304
2749
|
#
|
2305
|
-
#
|
2750
|
+
# Your app isn't aware that a user's access token is revoked unless it
|
2751
|
+
# attempts to authorize a user pools API request with an access token
|
2752
|
+
# that contains the scope `aws.cognito.signin.user.admin`. Your app
|
2753
|
+
# might otherwise accept access tokens until they expire.
|
2754
|
+
#
|
2755
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
2756
|
+
# in requests for this API operation. For this operation, you must use
|
2757
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
2758
|
+
# corresponding IAM permission in a policy.
|
2759
|
+
#
|
2760
|
+
# **Learn more**
|
2761
|
+
#
|
2762
|
+
# * [Signing Amazon Web Services API Requests][1]
|
2763
|
+
#
|
2764
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
2765
|
+
#
|
2766
|
+
# </note>
|
2767
|
+
#
|
2768
|
+
#
|
2769
|
+
#
|
2770
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
2771
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2306
2772
|
#
|
2307
2773
|
# @option params [required, String] :user_pool_id
|
2308
2774
|
# The user pool ID.
|
@@ -2350,9 +2816,19 @@ module Aws::CognitoIdentityProvider
|
|
2350
2816
|
#
|
2351
2817
|
# </note>
|
2352
2818
|
#
|
2819
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
2820
|
+
# policies in requests for this API operation. For this operation, you
|
2821
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
2822
|
+
# IAM permissions in policies. For more information about authorization
|
2823
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
2824
|
+
# OIDC APIs][2].
|
2825
|
+
#
|
2826
|
+
# </note>
|
2827
|
+
#
|
2353
2828
|
#
|
2354
2829
|
#
|
2355
2830
|
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifySoftwareToken.html
|
2831
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2356
2832
|
#
|
2357
2833
|
# @option params [String] :access_token
|
2358
2834
|
# A valid access token that Amazon Cognito issued to the user whose
|
@@ -2391,6 +2867,19 @@ module Aws::CognitoIdentityProvider
|
|
2391
2867
|
|
2392
2868
|
# Changes the password for a specified user in a user pool.
|
2393
2869
|
#
|
2870
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
2871
|
+
# policies in requests for this API operation. For this operation, you
|
2872
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
2873
|
+
# IAM permissions in policies. For more information about authorization
|
2874
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
2875
|
+
# OIDC APIs][1].
|
2876
|
+
#
|
2877
|
+
# </note>
|
2878
|
+
#
|
2879
|
+
#
|
2880
|
+
#
|
2881
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2882
|
+
#
|
2394
2883
|
# @option params [required, String] :previous_password
|
2395
2884
|
# The old password.
|
2396
2885
|
#
|
@@ -2423,6 +2912,19 @@ module Aws::CognitoIdentityProvider
|
|
2423
2912
|
# Confirms tracking of the device. This API call is the call that begins
|
2424
2913
|
# device tracking.
|
2425
2914
|
#
|
2915
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
2916
|
+
# policies in requests for this API operation. For this operation, you
|
2917
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
2918
|
+
# IAM permissions in policies. For more information about authorization
|
2919
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
2920
|
+
# OIDC APIs][1].
|
2921
|
+
#
|
2922
|
+
# </note>
|
2923
|
+
#
|
2924
|
+
#
|
2925
|
+
#
|
2926
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2927
|
+
#
|
2426
2928
|
# @option params [required, String] :access_token
|
2427
2929
|
# A valid access token that Amazon Cognito issued to the user whose
|
2428
2930
|
# device you want to confirm.
|
@@ -2468,13 +2970,31 @@ module Aws::CognitoIdentityProvider
|
|
2468
2970
|
# Allows a user to enter a confirmation code to reset a forgotten
|
2469
2971
|
# password.
|
2470
2972
|
#
|
2973
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
2974
|
+
# policies in requests for this API operation. For this operation, you
|
2975
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
2976
|
+
# IAM permissions in policies. For more information about authorization
|
2977
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
2978
|
+
# OIDC APIs][1].
|
2979
|
+
#
|
2980
|
+
# </note>
|
2981
|
+
#
|
2982
|
+
#
|
2983
|
+
#
|
2984
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2985
|
+
#
|
2471
2986
|
# @option params [required, String] :client_id
|
2472
2987
|
# The app client ID of the app associated with the user pool.
|
2473
2988
|
#
|
2474
2989
|
# @option params [String] :secret_hash
|
2475
2990
|
# A keyed-hash message authentication code (HMAC) calculated using the
|
2476
2991
|
# secret key of a user pool client and username plus the client ID in
|
2477
|
-
# the message.
|
2992
|
+
# the message. For more information about `SecretHash`, see [Computing
|
2993
|
+
# secret hash values][1].
|
2994
|
+
#
|
2995
|
+
#
|
2996
|
+
#
|
2997
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash
|
2478
2998
|
#
|
2479
2999
|
# @option params [required, String] :username
|
2480
3000
|
# The user name of the user for whom you want to enter a code to
|
@@ -2572,6 +3092,19 @@ module Aws::CognitoIdentityProvider
|
|
2572
3092
|
|
2573
3093
|
# Confirms registration of a new user.
|
2574
3094
|
#
|
3095
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
3096
|
+
# policies in requests for this API operation. For this operation, you
|
3097
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
3098
|
+
# IAM permissions in policies. For more information about authorization
|
3099
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
3100
|
+
# OIDC APIs][1].
|
3101
|
+
#
|
3102
|
+
# </note>
|
3103
|
+
#
|
3104
|
+
#
|
3105
|
+
#
|
3106
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
3107
|
+
#
|
2575
3108
|
# @option params [required, String] :client_id
|
2576
3109
|
# The ID of the app client associated with the user pool.
|
2577
3110
|
#
|
@@ -2676,7 +3209,23 @@ module Aws::CognitoIdentityProvider
|
|
2676
3209
|
|
2677
3210
|
# Creates a new group in the specified user pool.
|
2678
3211
|
#
|
2679
|
-
#
|
3212
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
3213
|
+
# in requests for this API operation. For this operation, you must use
|
3214
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
3215
|
+
# corresponding IAM permission in a policy.
|
3216
|
+
#
|
3217
|
+
# **Learn more**
|
3218
|
+
#
|
3219
|
+
# * [Signing Amazon Web Services API Requests][1]
|
3220
|
+
#
|
3221
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
3222
|
+
#
|
3223
|
+
# </note>
|
3224
|
+
#
|
3225
|
+
#
|
3226
|
+
#
|
3227
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
3228
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2680
3229
|
#
|
2681
3230
|
# @option params [required, String] :group_name
|
2682
3231
|
# The name of the group. Must be unique.
|
@@ -2745,6 +3294,24 @@ module Aws::CognitoIdentityProvider
|
|
2745
3294
|
|
2746
3295
|
# Creates an IdP for a user pool.
|
2747
3296
|
#
|
3297
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
3298
|
+
# in requests for this API operation. For this operation, you must use
|
3299
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
3300
|
+
# corresponding IAM permission in a policy.
|
3301
|
+
#
|
3302
|
+
# **Learn more**
|
3303
|
+
#
|
3304
|
+
# * [Signing Amazon Web Services API Requests][1]
|
3305
|
+
#
|
3306
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
3307
|
+
#
|
3308
|
+
# </note>
|
3309
|
+
#
|
3310
|
+
#
|
3311
|
+
#
|
3312
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
3313
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
3314
|
+
#
|
2748
3315
|
# @option params [required, String] :user_pool_id
|
2749
3316
|
# The user pool ID.
|
2750
3317
|
#
|
@@ -2876,6 +3443,24 @@ module Aws::CognitoIdentityProvider
|
|
2876
3443
|
# Creates a new OAuth2.0 resource server and defines custom scopes
|
2877
3444
|
# within it.
|
2878
3445
|
#
|
3446
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
3447
|
+
# in requests for this API operation. For this operation, you must use
|
3448
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
3449
|
+
# corresponding IAM permission in a policy.
|
3450
|
+
#
|
3451
|
+
# **Learn more**
|
3452
|
+
#
|
3453
|
+
# * [Signing Amazon Web Services API Requests][1]
|
3454
|
+
#
|
3455
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
3456
|
+
#
|
3457
|
+
# </note>
|
3458
|
+
#
|
3459
|
+
#
|
3460
|
+
#
|
3461
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
3462
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
3463
|
+
#
|
2879
3464
|
# @option params [required, String] :user_pool_id
|
2880
3465
|
# The user pool ID for the user pool.
|
2881
3466
|
#
|
@@ -2927,7 +3512,25 @@ module Aws::CognitoIdentityProvider
|
|
2927
3512
|
req.send_request(options)
|
2928
3513
|
end
|
2929
3514
|
|
2930
|
-
# Creates
|
3515
|
+
# Creates a user import job.
|
3516
|
+
#
|
3517
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
3518
|
+
# in requests for this API operation. For this operation, you must use
|
3519
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
3520
|
+
# corresponding IAM permission in a policy.
|
3521
|
+
#
|
3522
|
+
# **Learn more**
|
3523
|
+
#
|
3524
|
+
# * [Signing Amazon Web Services API Requests][1]
|
3525
|
+
#
|
3526
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
3527
|
+
#
|
3528
|
+
# </note>
|
3529
|
+
#
|
3530
|
+
#
|
3531
|
+
#
|
3532
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
3533
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
2931
3534
|
#
|
2932
3535
|
# @option params [required, String] :job_name
|
2933
3536
|
# The job name for the user import job.
|
@@ -2977,9 +3580,6 @@ module Aws::CognitoIdentityProvider
|
|
2977
3580
|
req.send_request(options)
|
2978
3581
|
end
|
2979
3582
|
|
2980
|
-
# Creates a new Amazon Cognito user pool and sets the password policy
|
2981
|
-
# for the pool.
|
2982
|
-
#
|
2983
3583
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
2984
3584
|
# US telecom carriers require you to register an origination phone
|
2985
3585
|
# number before you can send SMS messages to US phone numbers. If you
|
@@ -3001,10 +3601,31 @@ module Aws::CognitoIdentityProvider
|
|
3001
3601
|
#
|
3002
3602
|
# </note>
|
3003
3603
|
#
|
3604
|
+
# Creates a new Amazon Cognito user pool and sets the password policy
|
3605
|
+
# for the pool.
|
3606
|
+
#
|
3607
|
+
# If you don't provide a value for an attribute, Amazon Cognito sets it
|
3608
|
+
# to its default value.
|
3609
|
+
#
|
3610
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
3611
|
+
# in requests for this API operation. For this operation, you must use
|
3612
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
3613
|
+
# corresponding IAM permission in a policy.
|
3614
|
+
#
|
3615
|
+
# **Learn more**
|
3616
|
+
#
|
3617
|
+
# * [Signing Amazon Web Services API Requests][3]
|
3618
|
+
#
|
3619
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][4]
|
3620
|
+
#
|
3621
|
+
# </note>
|
3622
|
+
#
|
3004
3623
|
#
|
3005
3624
|
#
|
3006
3625
|
# [1]: https://console.aws.amazon.com/pinpoint/home/
|
3007
|
-
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/
|
3626
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
3627
|
+
# [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
3628
|
+
# [4]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
3008
3629
|
#
|
3009
3630
|
# @option params [required, String] :pool_name
|
3010
3631
|
# A string used to name the user pool.
|
@@ -3139,15 +3760,32 @@ module Aws::CognitoIdentityProvider
|
|
3139
3760
|
# can be standard or custom attributes.
|
3140
3761
|
#
|
3141
3762
|
# @option params [Types::UserPoolAddOnsType] :user_pool_add_ons
|
3142
|
-
#
|
3143
|
-
#
|
3763
|
+
# User pool add-ons. Contains settings for activation of advanced
|
3764
|
+
# security features. To log user security information but take no
|
3765
|
+
# action, set to `AUDIT`. To configure automatic security responses to
|
3766
|
+
# risky traffic to your user pool, set to `ENFORCED`.
|
3767
|
+
#
|
3768
|
+
# For more information, see [Adding advanced security to a user
|
3769
|
+
# pool][1].
|
3770
|
+
#
|
3771
|
+
#
|
3772
|
+
#
|
3773
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
3144
3774
|
#
|
3145
3775
|
# @option params [Types::UsernameConfigurationType] :username_configuration
|
3146
3776
|
# Case sensitivity on the username input for the selected sign-in
|
3147
|
-
# option.
|
3148
|
-
# can sign in
|
3149
|
-
#
|
3150
|
-
#
|
3777
|
+
# option. When case sensitivity is set to `False` (case insensitive),
|
3778
|
+
# users can sign in with any combination of capital and lowercase
|
3779
|
+
# letters. For example, `username`, `USERNAME`, or `UserName`, or for
|
3780
|
+
# email, `email@example.com` or `EMaiL@eXamplE.Com`. For most use cases,
|
3781
|
+
# set case sensitivity to `False` (case insensitive) as a best practice.
|
3782
|
+
# When usernames and email addresses are case insensitive, Amazon
|
3783
|
+
# Cognito treats any variation in case as the same user, and prevents a
|
3784
|
+
# case variation from being assigned to the same attribute for a
|
3785
|
+
# different user.
|
3786
|
+
#
|
3787
|
+
# This configuration is immutable after you set it. For more
|
3788
|
+
# information, see [UsernameConfigurationType][1].
|
3151
3789
|
#
|
3152
3790
|
#
|
3153
3791
|
#
|
@@ -3385,9 +4023,27 @@ module Aws::CognitoIdentityProvider
|
|
3385
4023
|
# automatically activated. For more information about revoking tokens,
|
3386
4024
|
# see [RevokeToken][1].
|
3387
4025
|
#
|
4026
|
+
# If you don't provide a value for an attribute, Amazon Cognito sets it
|
4027
|
+
# to its default value.
|
4028
|
+
#
|
4029
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
4030
|
+
# in requests for this API operation. For this operation, you must use
|
4031
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
4032
|
+
# corresponding IAM permission in a policy.
|
4033
|
+
#
|
4034
|
+
# **Learn more**
|
4035
|
+
#
|
4036
|
+
# * [Signing Amazon Web Services API Requests][2]
|
4037
|
+
#
|
4038
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][3]
|
4039
|
+
#
|
4040
|
+
# </note>
|
4041
|
+
#
|
3388
4042
|
#
|
3389
4043
|
#
|
3390
4044
|
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
|
4045
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
4046
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
3391
4047
|
#
|
3392
4048
|
# @option params [required, String] :user_pool_id
|
3393
4049
|
# The user pool ID for the user pool where you want to create a user
|
@@ -3444,7 +4100,7 @@ module Aws::CognitoIdentityProvider
|
|
3444
4100
|
# `TokenValidityUnits` as `hours`, your user can authenticate their
|
3445
4101
|
# session with their ID token for 10 hours.
|
3446
4102
|
#
|
3447
|
-
# The default time unit for `
|
4103
|
+
# The default time unit for `IdTokenValidity` in an API request is
|
3448
4104
|
# hours. *Valid range* is displayed below in seconds.
|
3449
4105
|
#
|
3450
4106
|
# If you don't specify otherwise in the configuration of your app
|
@@ -3593,8 +4249,26 @@ module Aws::CognitoIdentityProvider
|
|
3593
4249
|
# created in Resource Servers are also supported.
|
3594
4250
|
#
|
3595
4251
|
# @option params [Boolean] :allowed_o_auth_flows_user_pool_client
|
3596
|
-
# Set to true
|
3597
|
-
#
|
4252
|
+
# Set to `true` to use OAuth 2.0 features in your user pool app client.
|
4253
|
+
#
|
4254
|
+
# `AllowedOAuthFlowsUserPoolClient` must be `true` before you can
|
4255
|
+
# configure the following features in your app client.
|
4256
|
+
#
|
4257
|
+
# * `CallBackURLs`: Callback URLs.
|
4258
|
+
#
|
4259
|
+
# * `LogoutURLs`: Sign-out redirect URLs.
|
4260
|
+
#
|
4261
|
+
# * `AllowedOAuthScopes`: OAuth 2.0 scopes.
|
4262
|
+
#
|
4263
|
+
# * `AllowedOAuthFlows`: Support for authorization code, implicit, and
|
4264
|
+
# client credentials OAuth 2.0 grants.
|
4265
|
+
#
|
4266
|
+
# To use OAuth 2.0 features, configure one of these features in the
|
4267
|
+
# Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to
|
4268
|
+
# `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API
|
4269
|
+
# request. If you don't set a value for
|
4270
|
+
# `AllowedOAuthFlowsUserPoolClient` in a request with the CLI or SDKs,
|
4271
|
+
# it defaults to `false`.
|
3598
4272
|
#
|
3599
4273
|
# @option params [Types::AnalyticsConfigurationType] :analytics_configuration
|
3600
4274
|
# The user pool analytics configuration for collecting metrics and
|
@@ -3750,6 +4424,24 @@ module Aws::CognitoIdentityProvider
|
|
3750
4424
|
|
3751
4425
|
# Creates a new domain for a user pool.
|
3752
4426
|
#
|
4427
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
4428
|
+
# in requests for this API operation. For this operation, you must use
|
4429
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
4430
|
+
# corresponding IAM permission in a policy.
|
4431
|
+
#
|
4432
|
+
# **Learn more**
|
4433
|
+
#
|
4434
|
+
# * [Signing Amazon Web Services API Requests][1]
|
4435
|
+
#
|
4436
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
4437
|
+
#
|
4438
|
+
# </note>
|
4439
|
+
#
|
4440
|
+
#
|
4441
|
+
#
|
4442
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
4443
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
4444
|
+
#
|
3753
4445
|
# @option params [required, String] :domain
|
3754
4446
|
# The domain string. For custom domains, this is the fully-qualified
|
3755
4447
|
# domain name, such as `auth.example.com`. For Amazon Cognito prefix
|
@@ -3880,7 +4572,20 @@ module Aws::CognitoIdentityProvider
|
|
3880
4572
|
req.send_request(options)
|
3881
4573
|
end
|
3882
4574
|
|
3883
|
-
# Allows a user to delete
|
4575
|
+
# Allows a user to delete their own user profile.
|
4576
|
+
#
|
4577
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
4578
|
+
# policies in requests for this API operation. For this operation, you
|
4579
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
4580
|
+
# IAM permissions in policies. For more information about authorization
|
4581
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
4582
|
+
# OIDC APIs][1].
|
4583
|
+
#
|
4584
|
+
# </note>
|
4585
|
+
#
|
4586
|
+
#
|
4587
|
+
#
|
4588
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
3884
4589
|
#
|
3885
4590
|
# @option params [required, String] :access_token
|
3886
4591
|
# A valid access token that Amazon Cognito issued to the user whose user
|
@@ -3905,6 +4610,19 @@ module Aws::CognitoIdentityProvider
|
|
3905
4610
|
|
3906
4611
|
# Deletes the attributes for a user.
|
3907
4612
|
#
|
4613
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
4614
|
+
# policies in requests for this API operation. For this operation, you
|
4615
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
4616
|
+
# IAM permissions in policies. For more information about authorization
|
4617
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
4618
|
+
# OIDC APIs][1].
|
4619
|
+
#
|
4620
|
+
# </note>
|
4621
|
+
#
|
4622
|
+
#
|
4623
|
+
#
|
4624
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
4625
|
+
#
|
3908
4626
|
# @option params [required, Array<String>] :user_attribute_names
|
3909
4627
|
# An array of strings representing the user attribute names you want to
|
3910
4628
|
# delete.
|
@@ -4197,6 +4915,24 @@ module Aws::CognitoIdentityProvider
|
|
4197
4915
|
# Returns the configuration information and metadata of the specified
|
4198
4916
|
# user pool.
|
4199
4917
|
#
|
4918
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
4919
|
+
# in requests for this API operation. For this operation, you must use
|
4920
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
4921
|
+
# corresponding IAM permission in a policy.
|
4922
|
+
#
|
4923
|
+
# **Learn more**
|
4924
|
+
#
|
4925
|
+
# * [Signing Amazon Web Services API Requests][1]
|
4926
|
+
#
|
4927
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
4928
|
+
#
|
4929
|
+
# </note>
|
4930
|
+
#
|
4931
|
+
#
|
4932
|
+
#
|
4933
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
4934
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
4935
|
+
#
|
4200
4936
|
# @option params [required, String] :user_pool_id
|
4201
4937
|
# The user pool ID for the user pool you want to describe.
|
4202
4938
|
#
|
@@ -4309,6 +5045,24 @@ module Aws::CognitoIdentityProvider
|
|
4309
5045
|
# Client method for returning the configuration information and metadata
|
4310
5046
|
# of the specified user pool app client.
|
4311
5047
|
#
|
5048
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
5049
|
+
# in requests for this API operation. For this operation, you must use
|
5050
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
5051
|
+
# corresponding IAM permission in a policy.
|
5052
|
+
#
|
5053
|
+
# **Learn more**
|
5054
|
+
#
|
5055
|
+
# * [Signing Amazon Web Services API Requests][1]
|
5056
|
+
#
|
5057
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
5058
|
+
#
|
5059
|
+
# </note>
|
5060
|
+
#
|
5061
|
+
#
|
5062
|
+
#
|
5063
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
5064
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5065
|
+
#
|
4312
5066
|
# @option params [required, String] :user_pool_id
|
4313
5067
|
# The user pool ID for the user pool you want to describe.
|
4314
5068
|
#
|
@@ -4416,6 +5170,19 @@ module Aws::CognitoIdentityProvider
|
|
4416
5170
|
|
4417
5171
|
# Forgets the specified device.
|
4418
5172
|
#
|
5173
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
5174
|
+
# policies in requests for this API operation. For this operation, you
|
5175
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
5176
|
+
# IAM permissions in policies. For more information about authorization
|
5177
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
5178
|
+
# OIDC APIs][1].
|
5179
|
+
#
|
5180
|
+
# </note>
|
5181
|
+
#
|
5182
|
+
#
|
5183
|
+
#
|
5184
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5185
|
+
#
|
4419
5186
|
# @option params [String] :access_token
|
4420
5187
|
# A valid access token that Amazon Cognito issued to the user whose
|
4421
5188
|
# registered device you want to forget.
|
@@ -4447,15 +5214,28 @@ module Aws::CognitoIdentityProvider
|
|
4447
5214
|
# method used to send the confirmation code is sent according to the
|
4448
5215
|
# specified AccountRecoverySetting. For more information, see
|
4449
5216
|
# [Recovering User Accounts][1] in the *Amazon Cognito Developer Guide*.
|
4450
|
-
#
|
4451
|
-
#
|
4452
|
-
#
|
5217
|
+
# To use the confirmation code for resetting the password, call
|
5218
|
+
# [ConfirmForgotPassword][2].
|
5219
|
+
#
|
5220
|
+
# If neither a verified phone number nor a verified email exists, this
|
5221
|
+
# API returns `InvalidParameterException`. If your app client has a
|
5222
|
+
# client secret and you don't provide a `SECRET_HASH` parameter, this
|
5223
|
+
# API returns `NotAuthorizedException`.
|
5224
|
+
#
|
5225
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
5226
|
+
# policies in requests for this API operation. For this operation, you
|
5227
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
5228
|
+
# IAM permissions in policies. For more information about authorization
|
5229
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
5230
|
+
# OIDC APIs][3].
|
5231
|
+
#
|
5232
|
+
# </note>
|
4453
5233
|
#
|
4454
5234
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
4455
5235
|
# US telecom carriers require you to register an origination phone
|
4456
5236
|
# number before you can send SMS messages to US phone numbers. If you
|
4457
5237
|
# use SMS text messages in Amazon Cognito, you must register a phone
|
4458
|
-
# number with [Amazon Pinpoint][
|
5238
|
+
# number with [Amazon Pinpoint][4]. Amazon Cognito uses the registered
|
4459
5239
|
# number automatically. Otherwise, Amazon Cognito users who must receive
|
4460
5240
|
# SMS messages might not be able to sign up, activate their accounts, or
|
4461
5241
|
# sign in.
|
@@ -4467,7 +5247,7 @@ module Aws::CognitoIdentityProvider
|
|
4467
5247
|
# mode</a> </i>, you can send messages only to verified phone numbers.
|
4468
5248
|
# After you test your app while in the sandbox environment, you can move
|
4469
5249
|
# out of the sandbox and into production. For more information, see [
|
4470
|
-
# SMS message settings for Amazon Cognito user pools][
|
5250
|
+
# SMS message settings for Amazon Cognito user pools][5] in the *Amazon
|
4471
5251
|
# Cognito Developer Guide*.
|
4472
5252
|
#
|
4473
5253
|
# </note>
|
@@ -4476,8 +5256,9 @@ module Aws::CognitoIdentityProvider
|
|
4476
5256
|
#
|
4477
5257
|
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html
|
4478
5258
|
# [2]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html
|
4479
|
-
# [3]: https://
|
4480
|
-
# [4]: https://
|
5259
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5260
|
+
# [4]: https://console.aws.amazon.com/pinpoint/home/
|
5261
|
+
# [5]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
4481
5262
|
#
|
4482
5263
|
# @option params [required, String] :client_id
|
4483
5264
|
# The ID of the client associated with the user pool.
|
@@ -4611,6 +5392,19 @@ module Aws::CognitoIdentityProvider
|
|
4611
5392
|
|
4612
5393
|
# Gets the device.
|
4613
5394
|
#
|
5395
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
5396
|
+
# policies in requests for this API operation. For this operation, you
|
5397
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
5398
|
+
# IAM permissions in policies. For more information about authorization
|
5399
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
5400
|
+
# OIDC APIs][1].
|
5401
|
+
#
|
5402
|
+
# </note>
|
5403
|
+
#
|
5404
|
+
#
|
5405
|
+
#
|
5406
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5407
|
+
#
|
4614
5408
|
# @option params [required, String] :device_key
|
4615
5409
|
# The device key.
|
4616
5410
|
#
|
@@ -4730,6 +5524,39 @@ module Aws::CognitoIdentityProvider
|
|
4730
5524
|
req.send_request(options)
|
4731
5525
|
end
|
4732
5526
|
|
5527
|
+
# Gets the detailed activity logging configuration for a user pool.
|
5528
|
+
#
|
5529
|
+
# @option params [required, String] :user_pool_id
|
5530
|
+
# The ID of the user pool where you want to view detailed activity
|
5531
|
+
# logging configuration.
|
5532
|
+
#
|
5533
|
+
# @return [Types::GetLogDeliveryConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
5534
|
+
#
|
5535
|
+
# * {Types::GetLogDeliveryConfigurationResponse#log_delivery_configuration #log_delivery_configuration} => Types::LogDeliveryConfigurationType
|
5536
|
+
#
|
5537
|
+
# @example Request syntax with placeholder values
|
5538
|
+
#
|
5539
|
+
# resp = client.get_log_delivery_configuration({
|
5540
|
+
# user_pool_id: "UserPoolIdType", # required
|
5541
|
+
# })
|
5542
|
+
#
|
5543
|
+
# @example Response structure
|
5544
|
+
#
|
5545
|
+
# resp.log_delivery_configuration.user_pool_id #=> String
|
5546
|
+
# resp.log_delivery_configuration.log_configurations #=> Array
|
5547
|
+
# resp.log_delivery_configuration.log_configurations[0].log_level #=> String, one of "ERROR"
|
5548
|
+
# resp.log_delivery_configuration.log_configurations[0].event_source #=> String, one of "userNotification"
|
5549
|
+
# resp.log_delivery_configuration.log_configurations[0].cloud_watch_logs_configuration.log_group_arn #=> String
|
5550
|
+
#
|
5551
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetLogDeliveryConfiguration AWS API Documentation
|
5552
|
+
#
|
5553
|
+
# @overload get_log_delivery_configuration(params = {})
|
5554
|
+
# @param [Hash] params ({})
|
5555
|
+
def get_log_delivery_configuration(params = {}, options = {})
|
5556
|
+
req = build_request(:get_log_delivery_configuration, params)
|
5557
|
+
req.send_request(options)
|
5558
|
+
end
|
5559
|
+
|
4733
5560
|
# This method takes a user pool ID, and returns the signing certificate.
|
4734
5561
|
# The issued certificate is valid for 10 years from the date of issue.
|
4735
5562
|
#
|
@@ -4809,6 +5636,19 @@ module Aws::CognitoIdentityProvider
|
|
4809
5636
|
|
4810
5637
|
# Gets the user attributes and metadata for a user.
|
4811
5638
|
#
|
5639
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
5640
|
+
# policies in requests for this API operation. For this operation, you
|
5641
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
5642
|
+
# IAM permissions in policies. For more information about authorization
|
5643
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
5644
|
+
# OIDC APIs][1].
|
5645
|
+
#
|
5646
|
+
# </note>
|
5647
|
+
#
|
5648
|
+
#
|
5649
|
+
#
|
5650
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5651
|
+
#
|
4812
5652
|
# @option params [required, String] :access_token
|
4813
5653
|
# A non-expired access token for the user whose information you want to
|
4814
5654
|
# query.
|
@@ -4853,11 +5693,20 @@ module Aws::CognitoIdentityProvider
|
|
4853
5693
|
# attribute name. Sends a message to a user with a code that they must
|
4854
5694
|
# return in a VerifyUserAttribute request.
|
4855
5695
|
#
|
5696
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
5697
|
+
# policies in requests for this API operation. For this operation, you
|
5698
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
5699
|
+
# IAM permissions in policies. For more information about authorization
|
5700
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
5701
|
+
# OIDC APIs][1].
|
5702
|
+
#
|
5703
|
+
# </note>
|
5704
|
+
#
|
4856
5705
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
4857
5706
|
# US telecom carriers require you to register an origination phone
|
4858
5707
|
# number before you can send SMS messages to US phone numbers. If you
|
4859
5708
|
# use SMS text messages in Amazon Cognito, you must register a phone
|
4860
|
-
# number with [Amazon Pinpoint][
|
5709
|
+
# number with [Amazon Pinpoint][2]. Amazon Cognito uses the registered
|
4861
5710
|
# number automatically. Otherwise, Amazon Cognito users who must receive
|
4862
5711
|
# SMS messages might not be able to sign up, activate their accounts, or
|
4863
5712
|
# sign in.
|
@@ -4869,15 +5718,16 @@ module Aws::CognitoIdentityProvider
|
|
4869
5718
|
# mode</a> </i>, you can send messages only to verified phone numbers.
|
4870
5719
|
# After you test your app while in the sandbox environment, you can move
|
4871
5720
|
# out of the sandbox and into production. For more information, see [
|
4872
|
-
# SMS message settings for Amazon Cognito user pools][
|
5721
|
+
# SMS message settings for Amazon Cognito user pools][3] in the *Amazon
|
4873
5722
|
# Cognito Developer Guide*.
|
4874
5723
|
#
|
4875
5724
|
# </note>
|
4876
5725
|
#
|
4877
5726
|
#
|
4878
5727
|
#
|
4879
|
-
# [1]: https://
|
4880
|
-
# [2]: https://
|
5728
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5729
|
+
# [2]: https://console.aws.amazon.com/pinpoint/home/
|
5730
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
4881
5731
|
#
|
4882
5732
|
# @option params [required, String] :access_token
|
4883
5733
|
# A non-expired access token for the user whose attribute verification
|
@@ -4988,10 +5838,28 @@ module Aws::CognitoIdentityProvider
|
|
4988
5838
|
req.send_request(options)
|
4989
5839
|
end
|
4990
5840
|
|
4991
|
-
# Signs out
|
4992
|
-
# tokens that Amazon Cognito has issued to
|
4993
|
-
# a hosted UI cookie to retrieve new tokens
|
4994
|
-
# 1-hour cookie validity period.
|
5841
|
+
# Signs out a user from all devices. `GlobalSignOut` invalidates all
|
5842
|
+
# identity, access and refresh tokens that Amazon Cognito has issued to
|
5843
|
+
# a user. A user can still use a hosted UI cookie to retrieve new tokens
|
5844
|
+
# for the duration of the 1-hour cookie validity period.
|
5845
|
+
#
|
5846
|
+
# Your app isn't aware that a user's access token is revoked unless it
|
5847
|
+
# attempts to authorize a user pools API request with an access token
|
5848
|
+
# that contains the scope `aws.cognito.signin.user.admin`. Your app
|
5849
|
+
# might otherwise accept access tokens until they expire.
|
5850
|
+
#
|
5851
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
5852
|
+
# policies in requests for this API operation. For this operation, you
|
5853
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
5854
|
+
# IAM permissions in policies. For more information about authorization
|
5855
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
5856
|
+
# OIDC APIs][1].
|
5857
|
+
#
|
5858
|
+
# </note>
|
5859
|
+
#
|
5860
|
+
#
|
5861
|
+
#
|
5862
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
4995
5863
|
#
|
4996
5864
|
# @option params [required, String] :access_token
|
4997
5865
|
# A valid access token that Amazon Cognito issued to the user who you
|
@@ -5019,11 +5887,20 @@ module Aws::CognitoIdentityProvider
|
|
5019
5887
|
# more information, see [ Adding user pool sign-in through a third
|
5020
5888
|
# party][1].
|
5021
5889
|
#
|
5890
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
5891
|
+
# policies in requests for this API operation. For this operation, you
|
5892
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
5893
|
+
# IAM permissions in policies. For more information about authorization
|
5894
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
5895
|
+
# OIDC APIs][2].
|
5896
|
+
#
|
5897
|
+
# </note>
|
5898
|
+
#
|
5022
5899
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
5023
5900
|
# US telecom carriers require you to register an origination phone
|
5024
5901
|
# number before you can send SMS messages to US phone numbers. If you
|
5025
5902
|
# use SMS text messages in Amazon Cognito, you must register a phone
|
5026
|
-
# number with [Amazon Pinpoint][
|
5903
|
+
# number with [Amazon Pinpoint][3]. Amazon Cognito uses the registered
|
5027
5904
|
# number automatically. Otherwise, Amazon Cognito users who must receive
|
5028
5905
|
# SMS messages might not be able to sign up, activate their accounts, or
|
5029
5906
|
# sign in.
|
@@ -5035,7 +5912,7 @@ module Aws::CognitoIdentityProvider
|
|
5035
5912
|
# mode</a> </i>, you can send messages only to verified phone numbers.
|
5036
5913
|
# After you test your app while in the sandbox environment, you can move
|
5037
5914
|
# out of the sandbox and into production. For more information, see [
|
5038
|
-
# SMS message settings for Amazon Cognito user pools][
|
5915
|
+
# SMS message settings for Amazon Cognito user pools][4] in the *Amazon
|
5039
5916
|
# Cognito Developer Guide*.
|
5040
5917
|
#
|
5041
5918
|
# </note>
|
@@ -5043,8 +5920,9 @@ module Aws::CognitoIdentityProvider
|
|
5043
5920
|
#
|
5044
5921
|
#
|
5045
5922
|
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html
|
5046
|
-
# [2]: https://
|
5047
|
-
# [3]: https://
|
5923
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5924
|
+
# [3]: https://console.aws.amazon.com/pinpoint/home/
|
5925
|
+
# [4]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
5048
5926
|
#
|
5049
5927
|
# @option params [required, String] :auth_flow
|
5050
5928
|
# The authentication flow for this call to run. The API action will
|
@@ -5086,6 +5964,10 @@ module Aws::CognitoIdentityProvider
|
|
5086
5964
|
# `SECRET_HASH` (required if the app client is configured with a
|
5087
5965
|
# client secret), `DEVICE_KEY`.
|
5088
5966
|
#
|
5967
|
+
# * For `USER_PASSWORD_AUTH`: `USERNAME` (required), `PASSWORD`
|
5968
|
+
# (required), `SECRET_HASH` (required if the app client is configured
|
5969
|
+
# with a client secret), `DEVICE_KEY`.
|
5970
|
+
#
|
5089
5971
|
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN`: `REFRESH_TOKEN` (required),
|
5090
5972
|
# `SECRET_HASH` (required if the app client is configured with a
|
5091
5973
|
# client secret), `DEVICE_KEY`.
|
@@ -5095,6 +5977,15 @@ module Aws::CognitoIdentityProvider
|
|
5095
5977
|
# authentication flow with password verification, include
|
5096
5978
|
# `ChallengeName: SRP_A` and `SRP_A: (The SRP_A Value)`.
|
5097
5979
|
#
|
5980
|
+
# For more information about `SECRET_HASH`, see [Computing secret hash
|
5981
|
+
# values][1]. For information about `DEVICE_KEY`, see [Working with user
|
5982
|
+
# devices in your user pool][2].
|
5983
|
+
#
|
5984
|
+
#
|
5985
|
+
#
|
5986
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash
|
5987
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html
|
5988
|
+
#
|
5098
5989
|
# @option params [Hash<String,String>] :client_metadata
|
5099
5990
|
# A map of custom key-value pairs that you can provide as input for
|
5100
5991
|
# certain custom workflows that this action triggers.
|
@@ -5224,6 +6115,19 @@ module Aws::CognitoIdentityProvider
|
|
5224
6115
|
# Lists the sign-in devices that Amazon Cognito has registered to the
|
5225
6116
|
# current user.
|
5226
6117
|
#
|
6118
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
6119
|
+
# policies in requests for this API operation. For this operation, you
|
6120
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
6121
|
+
# IAM permissions in policies. For more information about authorization
|
6122
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
6123
|
+
# OIDC APIs][1].
|
6124
|
+
#
|
6125
|
+
# </note>
|
6126
|
+
#
|
6127
|
+
#
|
6128
|
+
#
|
6129
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
6130
|
+
#
|
5227
6131
|
# @option params [required, String] :access_token
|
5228
6132
|
# A valid access token that Amazon Cognito issued to the user whose list
|
5229
6133
|
# of devices you want to view.
|
@@ -5270,7 +6174,23 @@ module Aws::CognitoIdentityProvider
|
|
5270
6174
|
|
5271
6175
|
# Lists the groups associated with a user pool.
|
5272
6176
|
#
|
5273
|
-
#
|
6177
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
6178
|
+
# in requests for this API operation. For this operation, you must use
|
6179
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
6180
|
+
# corresponding IAM permission in a policy.
|
6181
|
+
#
|
6182
|
+
# **Learn more**
|
6183
|
+
#
|
6184
|
+
# * [Signing Amazon Web Services API Requests][1]
|
6185
|
+
#
|
6186
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
6187
|
+
#
|
6188
|
+
# </note>
|
6189
|
+
#
|
6190
|
+
#
|
6191
|
+
#
|
6192
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
6193
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5274
6194
|
#
|
5275
6195
|
# @option params [required, String] :user_pool_id
|
5276
6196
|
# The user pool ID for the user pool.
|
@@ -5321,6 +6241,24 @@ module Aws::CognitoIdentityProvider
|
|
5321
6241
|
|
5322
6242
|
# Lists information about all IdPs for a user pool.
|
5323
6243
|
#
|
6244
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
6245
|
+
# in requests for this API operation. For this operation, you must use
|
6246
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
6247
|
+
# corresponding IAM permission in a policy.
|
6248
|
+
#
|
6249
|
+
# **Learn more**
|
6250
|
+
#
|
6251
|
+
# * [Signing Amazon Web Services API Requests][1]
|
6252
|
+
#
|
6253
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
6254
|
+
#
|
6255
|
+
# </note>
|
6256
|
+
#
|
6257
|
+
#
|
6258
|
+
#
|
6259
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
6260
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
6261
|
+
#
|
5324
6262
|
# @option params [required, String] :user_pool_id
|
5325
6263
|
# The user pool ID.
|
5326
6264
|
#
|
@@ -5365,6 +6303,24 @@ module Aws::CognitoIdentityProvider
|
|
5365
6303
|
|
5366
6304
|
# Lists the resource servers for a user pool.
|
5367
6305
|
#
|
6306
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
6307
|
+
# in requests for this API operation. For this operation, you must use
|
6308
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
6309
|
+
# corresponding IAM permission in a policy.
|
6310
|
+
#
|
6311
|
+
# **Learn more**
|
6312
|
+
#
|
6313
|
+
# * [Signing Amazon Web Services API Requests][1]
|
6314
|
+
#
|
6315
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
6316
|
+
#
|
6317
|
+
# </note>
|
6318
|
+
#
|
6319
|
+
#
|
6320
|
+
#
|
6321
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
6322
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
6323
|
+
#
|
5368
6324
|
# @option params [required, String] :user_pool_id
|
5369
6325
|
# The user pool ID for the user pool.
|
5370
6326
|
#
|
@@ -5445,7 +6401,25 @@ module Aws::CognitoIdentityProvider
|
|
5445
6401
|
req.send_request(options)
|
5446
6402
|
end
|
5447
6403
|
|
5448
|
-
# Lists
|
6404
|
+
# Lists user import jobs for a user pool.
|
6405
|
+
#
|
6406
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
6407
|
+
# in requests for this API operation. For this operation, you must use
|
6408
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
6409
|
+
# corresponding IAM permission in a policy.
|
6410
|
+
#
|
6411
|
+
# **Learn more**
|
6412
|
+
#
|
6413
|
+
# * [Signing Amazon Web Services API Requests][1]
|
6414
|
+
#
|
6415
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
6416
|
+
#
|
6417
|
+
# </note>
|
6418
|
+
#
|
6419
|
+
#
|
6420
|
+
#
|
6421
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
6422
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5449
6423
|
#
|
5450
6424
|
# @option params [required, String] :user_pool_id
|
5451
6425
|
# The user pool ID for the user pool that the users are being imported
|
@@ -5501,6 +6475,24 @@ module Aws::CognitoIdentityProvider
|
|
5501
6475
|
|
5502
6476
|
# Lists the clients that have been created for the specified user pool.
|
5503
6477
|
#
|
6478
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
6479
|
+
# in requests for this API operation. For this operation, you must use
|
6480
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
6481
|
+
# corresponding IAM permission in a policy.
|
6482
|
+
#
|
6483
|
+
# **Learn more**
|
6484
|
+
#
|
6485
|
+
# * [Signing Amazon Web Services API Requests][1]
|
6486
|
+
#
|
6487
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
6488
|
+
#
|
6489
|
+
# </note>
|
6490
|
+
#
|
6491
|
+
#
|
6492
|
+
#
|
6493
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
6494
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
6495
|
+
#
|
5504
6496
|
# @option params [required, String] :user_pool_id
|
5505
6497
|
# The user pool ID for the user pool where you want to list user pool
|
5506
6498
|
# clients.
|
@@ -5548,6 +6540,24 @@ module Aws::CognitoIdentityProvider
|
|
5548
6540
|
|
5549
6541
|
# Lists the user pools associated with an Amazon Web Services account.
|
5550
6542
|
#
|
6543
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
6544
|
+
# in requests for this API operation. For this operation, you must use
|
6545
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
6546
|
+
# corresponding IAM permission in a policy.
|
6547
|
+
#
|
6548
|
+
# **Learn more**
|
6549
|
+
#
|
6550
|
+
# * [Signing Amazon Web Services API Requests][1]
|
6551
|
+
#
|
6552
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
6553
|
+
#
|
6554
|
+
# </note>
|
6555
|
+
#
|
6556
|
+
#
|
6557
|
+
#
|
6558
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
6559
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
6560
|
+
#
|
5551
6561
|
# @option params [String] :next_token
|
5552
6562
|
# An identifier that was returned from the previous call to this
|
5553
6563
|
# operation, which can be used to return the next set of items in the
|
@@ -5605,16 +6615,35 @@ module Aws::CognitoIdentityProvider
|
|
5605
6615
|
req.send_request(options)
|
5606
6616
|
end
|
5607
6617
|
|
5608
|
-
# Lists
|
6618
|
+
# Lists users and their basic details in a user pool.
|
6619
|
+
#
|
6620
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
6621
|
+
# in requests for this API operation. For this operation, you must use
|
6622
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
6623
|
+
# corresponding IAM permission in a policy.
|
6624
|
+
#
|
6625
|
+
# **Learn more**
|
6626
|
+
#
|
6627
|
+
# * [Signing Amazon Web Services API Requests][1]
|
6628
|
+
#
|
6629
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
6630
|
+
#
|
6631
|
+
# </note>
|
6632
|
+
#
|
6633
|
+
#
|
6634
|
+
#
|
6635
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
6636
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5609
6637
|
#
|
5610
6638
|
# @option params [required, String] :user_pool_id
|
5611
6639
|
# The user pool ID for the user pool on which the search should be
|
5612
6640
|
# performed.
|
5613
6641
|
#
|
5614
6642
|
# @option params [Array<String>] :attributes_to_get
|
5615
|
-
#
|
5616
|
-
#
|
5617
|
-
#
|
6643
|
+
# A JSON array of user attribute names, for example `given_name`, that
|
6644
|
+
# you want Amazon Cognito to include in the response for each user. When
|
6645
|
+
# you don't provide an `AttributesToGet` parameter, Amazon Cognito
|
6646
|
+
# returns all attributes for each user.
|
5618
6647
|
#
|
5619
6648
|
# @option params [Integer] :limit
|
5620
6649
|
# Maximum number of users to be returned.
|
@@ -5737,7 +6766,23 @@ module Aws::CognitoIdentityProvider
|
|
5737
6766
|
|
5738
6767
|
# Lists the users in the specified group.
|
5739
6768
|
#
|
5740
|
-
#
|
6769
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
6770
|
+
# in requests for this API operation. For this operation, you must use
|
6771
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
6772
|
+
# corresponding IAM permission in a policy.
|
6773
|
+
#
|
6774
|
+
# **Learn more**
|
6775
|
+
#
|
6776
|
+
# * [Signing Amazon Web Services API Requests][1]
|
6777
|
+
#
|
6778
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
6779
|
+
#
|
6780
|
+
# </note>
|
6781
|
+
#
|
6782
|
+
#
|
6783
|
+
#
|
6784
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
6785
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
5741
6786
|
#
|
5742
6787
|
# @option params [required, String] :user_pool_id
|
5743
6788
|
# The user pool ID for the user pool.
|
@@ -5797,11 +6842,20 @@ module Aws::CognitoIdentityProvider
|
|
5797
6842
|
# Resends the confirmation (for confirmation of registration) to a
|
5798
6843
|
# specific user in the user pool.
|
5799
6844
|
#
|
6845
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
6846
|
+
# policies in requests for this API operation. For this operation, you
|
6847
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
6848
|
+
# IAM permissions in policies. For more information about authorization
|
6849
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
6850
|
+
# OIDC APIs][1].
|
6851
|
+
#
|
6852
|
+
# </note>
|
6853
|
+
#
|
5800
6854
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
5801
6855
|
# US telecom carriers require you to register an origination phone
|
5802
6856
|
# number before you can send SMS messages to US phone numbers. If you
|
5803
6857
|
# use SMS text messages in Amazon Cognito, you must register a phone
|
5804
|
-
# number with [Amazon Pinpoint][
|
6858
|
+
# number with [Amazon Pinpoint][2]. Amazon Cognito uses the registered
|
5805
6859
|
# number automatically. Otherwise, Amazon Cognito users who must receive
|
5806
6860
|
# SMS messages might not be able to sign up, activate their accounts, or
|
5807
6861
|
# sign in.
|
@@ -5813,15 +6867,16 @@ module Aws::CognitoIdentityProvider
|
|
5813
6867
|
# mode</a> </i>, you can send messages only to verified phone numbers.
|
5814
6868
|
# After you test your app while in the sandbox environment, you can move
|
5815
6869
|
# out of the sandbox and into production. For more information, see [
|
5816
|
-
# SMS message settings for Amazon Cognito user pools][
|
6870
|
+
# SMS message settings for Amazon Cognito user pools][3] in the *Amazon
|
5817
6871
|
# Cognito Developer Guide*.
|
5818
6872
|
#
|
5819
6873
|
# </note>
|
5820
6874
|
#
|
5821
6875
|
#
|
5822
6876
|
#
|
5823
|
-
# [1]: https://
|
5824
|
-
# [2]: https://
|
6877
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
6878
|
+
# [2]: https://console.aws.amazon.com/pinpoint/home/
|
6879
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
5825
6880
|
#
|
5826
6881
|
# @option params [required, String] :client_id
|
5827
6882
|
# The ID of the client associated with the user pool.
|
@@ -5922,11 +6977,20 @@ module Aws::CognitoIdentityProvider
|
|
5922
6977
|
|
5923
6978
|
# Responds to the authentication challenge.
|
5924
6979
|
#
|
6980
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
6981
|
+
# policies in requests for this API operation. For this operation, you
|
6982
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
6983
|
+
# IAM permissions in policies. For more information about authorization
|
6984
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
6985
|
+
# OIDC APIs][1].
|
6986
|
+
#
|
6987
|
+
# </note>
|
6988
|
+
#
|
5925
6989
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
5926
6990
|
# US telecom carriers require you to register an origination phone
|
5927
6991
|
# number before you can send SMS messages to US phone numbers. If you
|
5928
6992
|
# use SMS text messages in Amazon Cognito, you must register a phone
|
5929
|
-
# number with [Amazon Pinpoint][
|
6993
|
+
# number with [Amazon Pinpoint][2]. Amazon Cognito uses the registered
|
5930
6994
|
# number automatically. Otherwise, Amazon Cognito users who must receive
|
5931
6995
|
# SMS messages might not be able to sign up, activate their accounts, or
|
5932
6996
|
# sign in.
|
@@ -5938,15 +7002,16 @@ module Aws::CognitoIdentityProvider
|
|
5938
7002
|
# mode</a> </i>, you can send messages only to verified phone numbers.
|
5939
7003
|
# After you test your app while in the sandbox environment, you can move
|
5940
7004
|
# out of the sandbox and into production. For more information, see [
|
5941
|
-
# SMS message settings for Amazon Cognito user pools][
|
7005
|
+
# SMS message settings for Amazon Cognito user pools][3] in the *Amazon
|
5942
7006
|
# Cognito Developer Guide*.
|
5943
7007
|
#
|
5944
7008
|
# </note>
|
5945
7009
|
#
|
5946
7010
|
#
|
5947
7011
|
#
|
5948
|
-
# [1]: https://
|
5949
|
-
# [2]: https://
|
7012
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
7013
|
+
# [2]: https://console.aws.amazon.com/pinpoint/home/
|
7014
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
5950
7015
|
#
|
5951
7016
|
# @option params [required, String] :client_id
|
5952
7017
|
# The app client ID.
|
@@ -6015,6 +7080,15 @@ module Aws::CognitoIdentityProvider
|
|
6015
7080
|
# * `MFA_SETUP` requires `USERNAME`, plus you must use the session value
|
6016
7081
|
# returned by `VerifySoftwareToken` in the `Session` parameter.
|
6017
7082
|
#
|
7083
|
+
# For more information about `SECRET_HASH`, see [Computing secret hash
|
7084
|
+
# values][1]. For information about `DEVICE_KEY`, see [Working with user
|
7085
|
+
# devices in your user pool][2].
|
7086
|
+
#
|
7087
|
+
#
|
7088
|
+
#
|
7089
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash
|
7090
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html
|
7091
|
+
#
|
6018
7092
|
# @option params [Types::AnalyticsMetadataType] :analytics_metadata
|
6019
7093
|
# The Amazon Pinpoint analytics metadata that contributes to your
|
6020
7094
|
# metrics for `RespondToAuthChallenge` calls.
|
@@ -6121,6 +7195,19 @@ module Aws::CognitoIdentityProvider
|
|
6121
7195
|
# use the revoked token to access Amazon Cognito user APIs, or to
|
6122
7196
|
# authorize access to your resource server.
|
6123
7197
|
#
|
7198
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
7199
|
+
# policies in requests for this API operation. For this operation, you
|
7200
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
7201
|
+
# IAM permissions in policies. For more information about authorization
|
7202
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
7203
|
+
# OIDC APIs][1].
|
7204
|
+
#
|
7205
|
+
# </note>
|
7206
|
+
#
|
7207
|
+
#
|
7208
|
+
#
|
7209
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
7210
|
+
#
|
6124
7211
|
# @option params [required, String] :token
|
6125
7212
|
# The refresh token that you want to revoke.
|
6126
7213
|
#
|
@@ -6150,6 +7237,53 @@ module Aws::CognitoIdentityProvider
|
|
6150
7237
|
req.send_request(options)
|
6151
7238
|
end
|
6152
7239
|
|
7240
|
+
# Sets up or modifies the detailed activity logging configuration of a
|
7241
|
+
# user pool.
|
7242
|
+
#
|
7243
|
+
# @option params [required, String] :user_pool_id
|
7244
|
+
# The ID of the user pool where you want to configure detailed activity
|
7245
|
+
# logging .
|
7246
|
+
#
|
7247
|
+
# @option params [required, Array<Types::LogConfigurationType>] :log_configurations
|
7248
|
+
# A collection of all of the detailed activity logging configurations
|
7249
|
+
# for a user pool.
|
7250
|
+
#
|
7251
|
+
# @return [Types::SetLogDeliveryConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
7252
|
+
#
|
7253
|
+
# * {Types::SetLogDeliveryConfigurationResponse#log_delivery_configuration #log_delivery_configuration} => Types::LogDeliveryConfigurationType
|
7254
|
+
#
|
7255
|
+
# @example Request syntax with placeholder values
|
7256
|
+
#
|
7257
|
+
# resp = client.set_log_delivery_configuration({
|
7258
|
+
# user_pool_id: "UserPoolIdType", # required
|
7259
|
+
# log_configurations: [ # required
|
7260
|
+
# {
|
7261
|
+
# log_level: "ERROR", # required, accepts ERROR
|
7262
|
+
# event_source: "userNotification", # required, accepts userNotification
|
7263
|
+
# cloud_watch_logs_configuration: {
|
7264
|
+
# log_group_arn: "ArnType",
|
7265
|
+
# },
|
7266
|
+
# },
|
7267
|
+
# ],
|
7268
|
+
# })
|
7269
|
+
#
|
7270
|
+
# @example Response structure
|
7271
|
+
#
|
7272
|
+
# resp.log_delivery_configuration.user_pool_id #=> String
|
7273
|
+
# resp.log_delivery_configuration.log_configurations #=> Array
|
7274
|
+
# resp.log_delivery_configuration.log_configurations[0].log_level #=> String, one of "ERROR"
|
7275
|
+
# resp.log_delivery_configuration.log_configurations[0].event_source #=> String, one of "userNotification"
|
7276
|
+
# resp.log_delivery_configuration.log_configurations[0].cloud_watch_logs_configuration.log_group_arn #=> String
|
7277
|
+
#
|
7278
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetLogDeliveryConfiguration AWS API Documentation
|
7279
|
+
#
|
7280
|
+
# @overload set_log_delivery_configuration(params = {})
|
7281
|
+
# @param [Hash] params ({})
|
7282
|
+
def set_log_delivery_configuration(params = {}, options = {})
|
7283
|
+
req = build_request(:set_log_delivery_configuration, params)
|
7284
|
+
req.send_request(options)
|
7285
|
+
end
|
7286
|
+
|
6153
7287
|
# Configures actions on detected risks. To delete the risk configuration
|
6154
7288
|
# for `UserPoolId` or `ClientId`, pass null values for all four
|
6155
7289
|
# configuration types.
|
@@ -6347,6 +7481,19 @@ module Aws::CognitoIdentityProvider
|
|
6347
7481
|
# based on the assessed risk level of sign-in attempts, deactivate MFA
|
6348
7482
|
# for users and turn on Adaptive Authentication for the user pool.
|
6349
7483
|
#
|
7484
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
7485
|
+
# policies in requests for this API operation. For this operation, you
|
7486
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
7487
|
+
# IAM permissions in policies. For more information about authorization
|
7488
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
7489
|
+
# OIDC APIs][1].
|
7490
|
+
#
|
7491
|
+
# </note>
|
7492
|
+
#
|
7493
|
+
#
|
7494
|
+
#
|
7495
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
7496
|
+
#
|
6350
7497
|
# @option params [Types::SMSMfaSettingsType] :sms_mfa_settings
|
6351
7498
|
# The SMS text message multi-factor authentication (MFA) settings.
|
6352
7499
|
#
|
@@ -6408,7 +7555,7 @@ module Aws::CognitoIdentityProvider
|
|
6408
7555
|
#
|
6409
7556
|
#
|
6410
7557
|
# [1]: https://console.aws.amazon.com/pinpoint/home/
|
6411
|
-
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/
|
7558
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
6412
7559
|
#
|
6413
7560
|
# @option params [required, String] :user_pool_id
|
6414
7561
|
# The user pool ID.
|
@@ -6483,9 +7630,19 @@ module Aws::CognitoIdentityProvider
|
|
6483
7630
|
# (TOTP) software token MFA. To configure either type of MFA, use
|
6484
7631
|
# [SetUserMFAPreference][1] instead.
|
6485
7632
|
#
|
7633
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
7634
|
+
# policies in requests for this API operation. For this operation, you
|
7635
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
7636
|
+
# IAM permissions in policies. For more information about authorization
|
7637
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
7638
|
+
# OIDC APIs][2].
|
7639
|
+
#
|
7640
|
+
# </note>
|
7641
|
+
#
|
6486
7642
|
#
|
6487
7643
|
#
|
6488
7644
|
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html
|
7645
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
6489
7646
|
#
|
6490
7647
|
# @option params [required, String] :access_token
|
6491
7648
|
# A valid access token that Amazon Cognito issued to the user whose user
|
@@ -6521,11 +7678,20 @@ module Aws::CognitoIdentityProvider
|
|
6521
7678
|
# Registers the user in the specified user pool and creates a user name,
|
6522
7679
|
# password, and user attributes.
|
6523
7680
|
#
|
7681
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
7682
|
+
# policies in requests for this API operation. For this operation, you
|
7683
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
7684
|
+
# IAM permissions in policies. For more information about authorization
|
7685
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
7686
|
+
# OIDC APIs][1].
|
7687
|
+
#
|
7688
|
+
# </note>
|
7689
|
+
#
|
6524
7690
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
6525
7691
|
# US telecom carriers require you to register an origination phone
|
6526
7692
|
# number before you can send SMS messages to US phone numbers. If you
|
6527
7693
|
# use SMS text messages in Amazon Cognito, you must register a phone
|
6528
|
-
# number with [Amazon Pinpoint][
|
7694
|
+
# number with [Amazon Pinpoint][2]. Amazon Cognito uses the registered
|
6529
7695
|
# number automatically. Otherwise, Amazon Cognito users who must receive
|
6530
7696
|
# SMS messages might not be able to sign up, activate their accounts, or
|
6531
7697
|
# sign in.
|
@@ -6537,15 +7703,16 @@ module Aws::CognitoIdentityProvider
|
|
6537
7703
|
# mode</a> </i>, you can send messages only to verified phone numbers.
|
6538
7704
|
# After you test your app while in the sandbox environment, you can move
|
6539
7705
|
# out of the sandbox and into production. For more information, see [
|
6540
|
-
# SMS message settings for Amazon Cognito user pools][
|
7706
|
+
# SMS message settings for Amazon Cognito user pools][3] in the *Amazon
|
6541
7707
|
# Cognito Developer Guide*.
|
6542
7708
|
#
|
6543
7709
|
# </note>
|
6544
7710
|
#
|
6545
7711
|
#
|
6546
7712
|
#
|
6547
|
-
# [1]: https://
|
6548
|
-
# [2]: https://
|
7713
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
7714
|
+
# [2]: https://console.aws.amazon.com/pinpoint/home/
|
7715
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
6549
7716
|
#
|
6550
7717
|
# @option params [required, String] :client_id
|
6551
7718
|
# The ID of the client associated with the user pool.
|
@@ -6841,6 +8008,19 @@ module Aws::CognitoIdentityProvider
|
|
6841
8008
|
# evaluation decision for the user pool as part of Amazon Cognito
|
6842
8009
|
# advanced security.
|
6843
8010
|
#
|
8011
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
8012
|
+
# policies in requests for this API operation. For this operation, you
|
8013
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
8014
|
+
# IAM permissions in policies. For more information about authorization
|
8015
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
8016
|
+
# OIDC APIs][1].
|
8017
|
+
#
|
8018
|
+
# </note>
|
8019
|
+
#
|
8020
|
+
#
|
8021
|
+
#
|
8022
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
8023
|
+
#
|
6844
8024
|
# @option params [required, String] :user_pool_id
|
6845
8025
|
# The user pool ID.
|
6846
8026
|
#
|
@@ -6854,7 +8034,12 @@ module Aws::CognitoIdentityProvider
|
|
6854
8034
|
# The feedback token.
|
6855
8035
|
#
|
6856
8036
|
# @option params [required, String] :feedback_value
|
6857
|
-
# The authentication event feedback value.
|
8037
|
+
# The authentication event feedback value. When you provide a
|
8038
|
+
# `FeedbackValue` value of `valid`, you tell Amazon Cognito that you
|
8039
|
+
# trust a user session where Amazon Cognito has evaluated some level of
|
8040
|
+
# risk. When you provide a `FeedbackValue` value of `invalid`, you tell
|
8041
|
+
# Amazon Cognito that you don't trust a user session, or you don't
|
8042
|
+
# believe that Amazon Cognito evaluated a high-enough risk level.
|
6858
8043
|
#
|
6859
8044
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
6860
8045
|
#
|
@@ -6879,6 +8064,19 @@ module Aws::CognitoIdentityProvider
|
|
6879
8064
|
|
6880
8065
|
# Updates the device status.
|
6881
8066
|
#
|
8067
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
8068
|
+
# policies in requests for this API operation. For this operation, you
|
8069
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
8070
|
+
# IAM permissions in policies. For more information about authorization
|
8071
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
8072
|
+
# OIDC APIs][1].
|
8073
|
+
#
|
8074
|
+
# </note>
|
8075
|
+
#
|
8076
|
+
#
|
8077
|
+
#
|
8078
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
8079
|
+
#
|
6882
8080
|
# @option params [required, String] :access_token
|
6883
8081
|
# A valid access token that Amazon Cognito issued to the user whose
|
6884
8082
|
# device status you want to update.
|
@@ -6910,7 +8108,23 @@ module Aws::CognitoIdentityProvider
|
|
6910
8108
|
|
6911
8109
|
# Updates the specified group with the specified attributes.
|
6912
8110
|
#
|
6913
|
-
#
|
8111
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
8112
|
+
# in requests for this API operation. For this operation, you must use
|
8113
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
8114
|
+
# corresponding IAM permission in a policy.
|
8115
|
+
#
|
8116
|
+
# **Learn more**
|
8117
|
+
#
|
8118
|
+
# * [Signing Amazon Web Services API Requests][1]
|
8119
|
+
#
|
8120
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
8121
|
+
#
|
8122
|
+
# </note>
|
8123
|
+
#
|
8124
|
+
#
|
8125
|
+
#
|
8126
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
8127
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
6914
8128
|
#
|
6915
8129
|
# @option params [required, String] :group_name
|
6916
8130
|
# The name of the group.
|
@@ -6969,6 +8183,24 @@ module Aws::CognitoIdentityProvider
|
|
6969
8183
|
|
6970
8184
|
# Updates IdP information for a user pool.
|
6971
8185
|
#
|
8186
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
8187
|
+
# in requests for this API operation. For this operation, you must use
|
8188
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
8189
|
+
# corresponding IAM permission in a policy.
|
8190
|
+
#
|
8191
|
+
# **Learn more**
|
8192
|
+
#
|
8193
|
+
# * [Signing Amazon Web Services API Requests][1]
|
8194
|
+
#
|
8195
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
8196
|
+
#
|
8197
|
+
# </note>
|
8198
|
+
#
|
8199
|
+
#
|
8200
|
+
#
|
8201
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
8202
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
8203
|
+
#
|
6972
8204
|
# @option params [required, String] :user_pool_id
|
6973
8205
|
# The user pool ID.
|
6974
8206
|
#
|
@@ -7032,6 +8264,24 @@ module Aws::CognitoIdentityProvider
|
|
7032
8264
|
# If you don't provide a value for an attribute, it is set to the
|
7033
8265
|
# default value.
|
7034
8266
|
#
|
8267
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
8268
|
+
# in requests for this API operation. For this operation, you must use
|
8269
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
8270
|
+
# corresponding IAM permission in a policy.
|
8271
|
+
#
|
8272
|
+
# **Learn more**
|
8273
|
+
#
|
8274
|
+
# * [Signing Amazon Web Services API Requests][1]
|
8275
|
+
#
|
8276
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][2]
|
8277
|
+
#
|
8278
|
+
# </note>
|
8279
|
+
#
|
8280
|
+
#
|
8281
|
+
#
|
8282
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
8283
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
8284
|
+
#
|
7035
8285
|
# @option params [required, String] :user_pool_id
|
7036
8286
|
# The user pool ID for the user pool.
|
7037
8287
|
#
|
@@ -7082,11 +8332,20 @@ module Aws::CognitoIdentityProvider
|
|
7082
8332
|
|
7083
8333
|
# Allows a user to update a specific attribute (one at a time).
|
7084
8334
|
#
|
8335
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
8336
|
+
# policies in requests for this API operation. For this operation, you
|
8337
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
8338
|
+
# IAM permissions in policies. For more information about authorization
|
8339
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
8340
|
+
# OIDC APIs][1].
|
8341
|
+
#
|
8342
|
+
# </note>
|
8343
|
+
#
|
7085
8344
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
7086
8345
|
# US telecom carriers require you to register an origination phone
|
7087
8346
|
# number before you can send SMS messages to US phone numbers. If you
|
7088
8347
|
# use SMS text messages in Amazon Cognito, you must register a phone
|
7089
|
-
# number with [Amazon Pinpoint][
|
8348
|
+
# number with [Amazon Pinpoint][2]. Amazon Cognito uses the registered
|
7090
8349
|
# number automatically. Otherwise, Amazon Cognito users who must receive
|
7091
8350
|
# SMS messages might not be able to sign up, activate their accounts, or
|
7092
8351
|
# sign in.
|
@@ -7098,15 +8357,16 @@ module Aws::CognitoIdentityProvider
|
|
7098
8357
|
# mode</a> </i>, you can send messages only to verified phone numbers.
|
7099
8358
|
# After you test your app while in the sandbox environment, you can move
|
7100
8359
|
# out of the sandbox and into production. For more information, see [
|
7101
|
-
# SMS message settings for Amazon Cognito user pools][
|
8360
|
+
# SMS message settings for Amazon Cognito user pools][3] in the *Amazon
|
7102
8361
|
# Cognito Developer Guide*.
|
7103
8362
|
#
|
7104
8363
|
# </note>
|
7105
8364
|
#
|
7106
8365
|
#
|
7107
8366
|
#
|
7108
|
-
# [1]: https://
|
7109
|
-
# [2]: https://
|
8367
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
8368
|
+
# [2]: https://console.aws.amazon.com/pinpoint/home/
|
8369
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
7110
8370
|
#
|
7111
8371
|
# @option params [required, Array<Types::AttributeType>] :user_attributes
|
7112
8372
|
# An array of name-value pairs representing user attributes.
|
@@ -7196,16 +8456,11 @@ module Aws::CognitoIdentityProvider
|
|
7196
8456
|
req.send_request(options)
|
7197
8457
|
end
|
7198
8458
|
|
7199
|
-
# Updates the specified user pool with the specified attributes. You can
|
7200
|
-
# get a list of the current user pool settings using
|
7201
|
-
# [DescribeUserPool][1]. If you don't provide a value for an attribute,
|
7202
|
-
# it will be set to the default value.
|
7203
|
-
#
|
7204
8459
|
# <note markdown="1"> This action might generate an SMS text message. Starting June 1, 2021,
|
7205
8460
|
# US telecom carriers require you to register an origination phone
|
7206
8461
|
# number before you can send SMS messages to US phone numbers. If you
|
7207
8462
|
# use SMS text messages in Amazon Cognito, you must register a phone
|
7208
|
-
# number with [Amazon Pinpoint][
|
8463
|
+
# number with [Amazon Pinpoint][1]. Amazon Cognito uses the registered
|
7209
8464
|
# number automatically. Otherwise, Amazon Cognito users who must receive
|
7210
8465
|
# SMS messages might not be able to sign up, activate their accounts, or
|
7211
8466
|
# sign in.
|
@@ -7217,16 +8472,38 @@ module Aws::CognitoIdentityProvider
|
|
7217
8472
|
# mode</a> </i>, you can send messages only to verified phone numbers.
|
7218
8473
|
# After you test your app while in the sandbox environment, you can move
|
7219
8474
|
# out of the sandbox and into production. For more information, see [
|
7220
|
-
# SMS message settings for Amazon Cognito user pools][
|
8475
|
+
# SMS message settings for Amazon Cognito user pools][2] in the *Amazon
|
7221
8476
|
# Cognito Developer Guide*.
|
7222
8477
|
#
|
7223
8478
|
# </note>
|
7224
8479
|
#
|
8480
|
+
# Updates the specified user pool with the specified attributes. You can
|
8481
|
+
# get a list of the current user pool settings using
|
8482
|
+
# [DescribeUserPool][3].
|
7225
8483
|
#
|
8484
|
+
# If you don't provide a value for an attribute, Amazon Cognito sets it
|
8485
|
+
# to its default value.
|
7226
8486
|
#
|
7227
|
-
#
|
7228
|
-
#
|
7229
|
-
#
|
8487
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
8488
|
+
# in requests for this API operation. For this operation, you must use
|
8489
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
8490
|
+
# corresponding IAM permission in a policy.
|
8491
|
+
#
|
8492
|
+
# **Learn more**
|
8493
|
+
#
|
8494
|
+
# * [Signing Amazon Web Services API Requests][4]
|
8495
|
+
#
|
8496
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][5]
|
8497
|
+
#
|
8498
|
+
# </note>
|
8499
|
+
#
|
8500
|
+
#
|
8501
|
+
#
|
8502
|
+
# [1]: https://console.aws.amazon.com/pinpoint/home/
|
8503
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html
|
8504
|
+
# [3]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html
|
8505
|
+
# [4]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
8506
|
+
# [5]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
7230
8507
|
#
|
7231
8508
|
# @option params [required, String] :user_pool_id
|
7232
8509
|
# The user pool ID for the user pool you want to update.
|
@@ -7346,8 +8623,17 @@ module Aws::CognitoIdentityProvider
|
|
7346
8623
|
# The configuration for `AdminCreateUser` requests.
|
7347
8624
|
#
|
7348
8625
|
# @option params [Types::UserPoolAddOnsType] :user_pool_add_ons
|
7349
|
-
#
|
7350
|
-
#
|
8626
|
+
# User pool add-ons. Contains settings for activation of advanced
|
8627
|
+
# security features. To log user security information but take no
|
8628
|
+
# action, set to `AUDIT`. To configure automatic security responses to
|
8629
|
+
# risky traffic to your user pool, set to `ENFORCED`.
|
8630
|
+
#
|
8631
|
+
# For more information, see [Adding advanced security to a user
|
8632
|
+
# pool][1].
|
8633
|
+
#
|
8634
|
+
#
|
8635
|
+
#
|
8636
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
7351
8637
|
#
|
7352
8638
|
# @option params [Types::AccountRecoverySettingType] :account_recovery_setting
|
7353
8639
|
# The available verified method a user can use to recover their password
|
@@ -7468,17 +8754,32 @@ module Aws::CognitoIdentityProvider
|
|
7468
8754
|
# attributes. You can get a list of the current user pool app client
|
7469
8755
|
# settings using [DescribeUserPoolClient][1].
|
7470
8756
|
#
|
7471
|
-
# If you don't provide a value for an attribute,
|
7472
|
-
# default value.
|
8757
|
+
# If you don't provide a value for an attribute, Amazon Cognito sets it
|
8758
|
+
# to its default value.
|
7473
8759
|
#
|
7474
8760
|
# You can also use this operation to enable token revocation for user
|
7475
8761
|
# pool clients. For more information about revoking tokens, see
|
7476
8762
|
# [RevokeToken][2].
|
7477
8763
|
#
|
8764
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
8765
|
+
# in requests for this API operation. For this operation, you must use
|
8766
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
8767
|
+
# corresponding IAM permission in a policy.
|
8768
|
+
#
|
8769
|
+
# **Learn more**
|
8770
|
+
#
|
8771
|
+
# * [Signing Amazon Web Services API Requests][3]
|
8772
|
+
#
|
8773
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][4]
|
8774
|
+
#
|
8775
|
+
# </note>
|
8776
|
+
#
|
7478
8777
|
#
|
7479
8778
|
#
|
7480
8779
|
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html
|
7481
8780
|
# [2]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
|
8781
|
+
# [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
8782
|
+
# [4]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
7482
8783
|
#
|
7483
8784
|
# @option params [required, String] :user_pool_id
|
7484
8785
|
# The user pool ID for the user pool where you want to update the user
|
@@ -7534,16 +8835,16 @@ module Aws::CognitoIdentityProvider
|
|
7534
8835
|
# `TokenValidityUnits` as `hours`, your user can authenticate their
|
7535
8836
|
# session with their ID token for 10 hours.
|
7536
8837
|
#
|
7537
|
-
# The default time unit for `
|
8838
|
+
# The default time unit for `IdTokenValidity` in an API request is
|
7538
8839
|
# hours. *Valid range* is displayed below in seconds.
|
7539
8840
|
#
|
7540
8841
|
# If you don't specify otherwise in the configuration of your app
|
7541
8842
|
# client, your ID tokens are valid for one hour.
|
7542
8843
|
#
|
7543
8844
|
# @option params [Types::TokenValidityUnitsType] :token_validity_units
|
7544
|
-
# The units
|
7545
|
-
# unit for RefreshToken is days, and the
|
7546
|
-
# tokens is hours.
|
8845
|
+
# The time units you use when you set the duration of ID, access, and
|
8846
|
+
# refresh tokens. The default unit for RefreshToken is days, and the
|
8847
|
+
# default for ID and access tokens is hours.
|
7547
8848
|
#
|
7548
8849
|
# @option params [Array<String>] :read_attributes
|
7549
8850
|
# The read-only attributes of the user pool.
|
@@ -7670,8 +8971,26 @@ module Aws::CognitoIdentityProvider
|
|
7670
8971
|
# created in Resource Servers are also supported.
|
7671
8972
|
#
|
7672
8973
|
# @option params [Boolean] :allowed_o_auth_flows_user_pool_client
|
7673
|
-
# Set to true
|
7674
|
-
#
|
8974
|
+
# Set to `true` to use OAuth 2.0 features in your user pool app client.
|
8975
|
+
#
|
8976
|
+
# `AllowedOAuthFlowsUserPoolClient` must be `true` before you can
|
8977
|
+
# configure the following features in your app client.
|
8978
|
+
#
|
8979
|
+
# * `CallBackURLs`: Callback URLs.
|
8980
|
+
#
|
8981
|
+
# * `LogoutURLs`: Sign-out redirect URLs.
|
8982
|
+
#
|
8983
|
+
# * `AllowedOAuthScopes`: OAuth 2.0 scopes.
|
8984
|
+
#
|
8985
|
+
# * `AllowedOAuthFlows`: Support for authorization code, implicit, and
|
8986
|
+
# client credentials OAuth 2.0 grants.
|
8987
|
+
#
|
8988
|
+
# To use OAuth 2.0 features, configure one of these features in the
|
8989
|
+
# Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to
|
8990
|
+
# `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API
|
8991
|
+
# request. If you don't set a value for
|
8992
|
+
# `AllowedOAuthFlowsUserPoolClient` in a request with the CLI or SDKs,
|
8993
|
+
# it defaults to `false`.
|
7675
8994
|
#
|
7676
8995
|
# @option params [Types::AnalyticsConfigurationType] :analytics_configuration
|
7677
8996
|
# The Amazon Pinpoint analytics configuration necessary to collect
|
@@ -7853,9 +9172,24 @@ module Aws::CognitoIdentityProvider
|
|
7853
9172
|
# For more information about adding a custom domain to your user pool,
|
7854
9173
|
# see [Using Your Own Domain for the Hosted UI][1].
|
7855
9174
|
#
|
9175
|
+
# <note markdown="1"> Amazon Cognito evaluates Identity and Access Management (IAM) policies
|
9176
|
+
# in requests for this API operation. For this operation, you must use
|
9177
|
+
# IAM credentials to authorize requests, and you must grant yourself the
|
9178
|
+
# corresponding IAM permission in a policy.
|
9179
|
+
#
|
9180
|
+
# **Learn more**
|
9181
|
+
#
|
9182
|
+
# * [Signing Amazon Web Services API Requests][2]
|
9183
|
+
#
|
9184
|
+
# * [Using the Amazon Cognito user pools API and user pool endpoints][3]
|
9185
|
+
#
|
9186
|
+
# </note>
|
9187
|
+
#
|
7856
9188
|
#
|
7857
9189
|
#
|
7858
9190
|
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html
|
9191
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html
|
9192
|
+
# [3]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
7859
9193
|
#
|
7860
9194
|
# @option params [required, String] :domain
|
7861
9195
|
# The domain name for the custom domain that hosts the sign-up and
|
@@ -7907,6 +9241,19 @@ module Aws::CognitoIdentityProvider
|
|
7907
9241
|
# "verified" if successful. The request takes an access token or a
|
7908
9242
|
# session string, but not both.
|
7909
9243
|
#
|
9244
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
9245
|
+
# policies in requests for this API operation. For this operation, you
|
9246
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
9247
|
+
# IAM permissions in policies. For more information about authorization
|
9248
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
9249
|
+
# OIDC APIs][1].
|
9250
|
+
#
|
9251
|
+
# </note>
|
9252
|
+
#
|
9253
|
+
#
|
9254
|
+
#
|
9255
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
9256
|
+
#
|
7910
9257
|
# @option params [String] :access_token
|
7911
9258
|
# A valid access token that Amazon Cognito issued to the user whose
|
7912
9259
|
# software token you want to verify.
|
@@ -7961,9 +9308,19 @@ module Aws::CognitoIdentityProvider
|
|
7961
9308
|
# attribute to its pending value. For more information, see [
|
7962
9309
|
# UserAttributeUpdateSettingsType][1].
|
7963
9310
|
#
|
9311
|
+
# <note markdown="1"> Amazon Cognito doesn't evaluate Identity and Access Management (IAM)
|
9312
|
+
# policies in requests for this API operation. For this operation, you
|
9313
|
+
# can't use IAM credentials to authorize requests, and you can't grant
|
9314
|
+
# IAM permissions in policies. For more information about authorization
|
9315
|
+
# models in Amazon Cognito, see [Using the Amazon Cognito native and
|
9316
|
+
# OIDC APIs][2].
|
9317
|
+
#
|
9318
|
+
# </note>
|
9319
|
+
#
|
7964
9320
|
#
|
7965
9321
|
#
|
7966
9322
|
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserAttributeUpdateSettingsType.html
|
9323
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
|
7967
9324
|
#
|
7968
9325
|
# @option params [required, String] :access_token
|
7969
9326
|
# A valid access token that Amazon Cognito issued to the user whose user
|
@@ -8007,7 +9364,7 @@ module Aws::CognitoIdentityProvider
|
|
8007
9364
|
params: params,
|
8008
9365
|
config: config)
|
8009
9366
|
context[:gem_name] = 'aws-sdk-cognitoidentityprovider'
|
8010
|
-
context[:gem_version] = '1.
|
9367
|
+
context[:gem_version] = '1.80.0'
|
8011
9368
|
Seahorse::Client::Request.new(handlers, context)
|
8012
9369
|
end
|
8013
9370
|
|