aws-sdk-cognitoidentityprovider 1.97.0 → 1.107.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +50 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-cognitoidentityprovider/client.rb +237 -108
- data/lib/aws-sdk-cognitoidentityprovider/client_api.rb +50 -0
- data/lib/aws-sdk-cognitoidentityprovider/endpoints.rb +103 -412
- data/lib/aws-sdk-cognitoidentityprovider/errors.rb +16 -0
- data/lib/aws-sdk-cognitoidentityprovider/plugins/endpoints.rb +18 -6
- data/lib/aws-sdk-cognitoidentityprovider/types.rb +386 -82
- data/lib/aws-sdk-cognitoidentityprovider.rb +15 -11
- data/sig/client.rbs +40 -10
- data/sig/errors.rbs +3 -0
- data/sig/resource.rbs +2 -0
- data/sig/types.rbs +49 -8
- metadata +4 -4
@@ -762,7 +762,7 @@ module Aws::CognitoIdentityProvider
|
|
762
762
|
#
|
763
763
|
# @!attribute [rw] user_mfa_setting_list
|
764
764
|
# The MFA options that are activated for the user. The possible values
|
765
|
-
# in this list are `SMS_MFA` and `SOFTWARE_TOKEN_MFA`.
|
765
|
+
# in this list are `SMS_MFA`, `EMAIL_OTP`, and `SOFTWARE_TOKEN_MFA`.
|
766
766
|
# @return [Array<String>]
|
767
767
|
#
|
768
768
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminGetUserResponse AWS API Documentation
|
@@ -960,11 +960,15 @@ module Aws::CognitoIdentityProvider
|
|
960
960
|
# to authenticate.
|
961
961
|
#
|
962
962
|
# * `SELECT_MFA_TYPE`: Selects the MFA type. Valid MFA options are
|
963
|
-
# `SMS_MFA` for
|
964
|
-
# time-based one-time password (TOTP)
|
963
|
+
# `SMS_MFA` for SMS message MFA, `EMAIL_OTP` for email message MFA,
|
964
|
+
# and `SOFTWARE_TOKEN_MFA` for time-based one-time password (TOTP)
|
965
|
+
# software token MFA.
|
965
966
|
#
|
966
|
-
# * `SMS_MFA`: Next challenge is to supply an `SMS_MFA_CODE
|
967
|
-
# delivered
|
967
|
+
# * `SMS_MFA`: Next challenge is to supply an `SMS_MFA_CODE`that your
|
968
|
+
# user pool delivered in an SMS message.
|
969
|
+
#
|
970
|
+
# * `EMAIL_OTP`: Next challenge is to supply an `EMAIL_OTP_CODE` that
|
971
|
+
# your user pool delivered in an email message.
|
968
972
|
#
|
969
973
|
# * `PASSWORD_VERIFIER`: Next challenge is to supply
|
970
974
|
# `PASSWORD_CLAIM_SIGNATURE`, `PASSWORD_CLAIM_SECRET_BLOCK`, and
|
@@ -1430,11 +1434,21 @@ module Aws::CognitoIdentityProvider
|
|
1430
1434
|
# SMS\_MFA
|
1431
1435
|
#
|
1432
1436
|
# : `"ChallengeName": "SMS_MFA", "ChallengeResponses":
|
1433
|
-
# \{"SMS_MFA_CODE": "[
|
1437
|
+
# \{"SMS_MFA_CODE": "[code]", "USERNAME": "[username]"\}`
|
1438
|
+
#
|
1439
|
+
# EMAIL\_OTP
|
1440
|
+
#
|
1441
|
+
# : `"ChallengeName": "EMAIL_OTP", "ChallengeResponses":
|
1442
|
+
# \{"EMAIL_OTP_CODE": "[code]", "USERNAME": "[username]"\}`
|
1434
1443
|
#
|
1435
1444
|
# PASSWORD\_VERIFIER
|
1436
1445
|
#
|
1437
|
-
# :
|
1446
|
+
# : This challenge response is part of the SRP flow. Amazon Cognito
|
1447
|
+
# requires that your application respond to this challenge within a
|
1448
|
+
# few seconds. When the response time exceeds this period, your user
|
1449
|
+
# pool returns a `NotAuthorizedException` error.
|
1450
|
+
#
|
1451
|
+
# `"ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses":
|
1438
1452
|
# \{"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]",
|
1439
1453
|
# "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP":
|
1440
1454
|
# [timestamp], "USERNAME": "[username]"\}`
|
@@ -1648,13 +1662,28 @@ module Aws::CognitoIdentityProvider
|
|
1648
1662
|
end
|
1649
1663
|
|
1650
1664
|
# @!attribute [rw] sms_mfa_settings
|
1651
|
-
#
|
1665
|
+
# User preferences for SMS message MFA. Activates or deactivates SMS
|
1666
|
+
# MFA and sets it as the preferred MFA method when multiple methods
|
1667
|
+
# are available.
|
1652
1668
|
# @return [Types::SMSMfaSettingsType]
|
1653
1669
|
#
|
1654
1670
|
# @!attribute [rw] software_token_mfa_settings
|
1655
|
-
#
|
1671
|
+
# User preferences for time-based one-time password (TOTP) MFA.
|
1672
|
+
# Activates or deactivates TOTP MFA and sets it as the preferred MFA
|
1673
|
+
# method when multiple methods are available.
|
1656
1674
|
# @return [Types::SoftwareTokenMfaSettingsType]
|
1657
1675
|
#
|
1676
|
+
# @!attribute [rw] email_mfa_settings
|
1677
|
+
# User preferences for email message MFA. Activates or deactivates
|
1678
|
+
# email MFA and sets it as the preferred MFA method when multiple
|
1679
|
+
# methods are available. To activate this setting, [ advanced security
|
1680
|
+
# features][1] must be active in your user pool.
|
1681
|
+
#
|
1682
|
+
#
|
1683
|
+
#
|
1684
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
1685
|
+
# @return [Types::EmailMfaSettingsType]
|
1686
|
+
#
|
1658
1687
|
# @!attribute [rw] username
|
1659
1688
|
# The username of the user that you want to query or modify. The value
|
1660
1689
|
# of this parameter is typically your user's username, but it can be
|
@@ -1664,7 +1693,8 @@ module Aws::CognitoIdentityProvider
|
|
1664
1693
|
# @return [String]
|
1665
1694
|
#
|
1666
1695
|
# @!attribute [rw] user_pool_id
|
1667
|
-
# The user pool
|
1696
|
+
# The ID of the user pool where you want to set a user's MFA
|
1697
|
+
# preferences.
|
1668
1698
|
# @return [String]
|
1669
1699
|
#
|
1670
1700
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserMFAPreferenceRequest AWS API Documentation
|
@@ -1672,6 +1702,7 @@ module Aws::CognitoIdentityProvider
|
|
1672
1702
|
class AdminSetUserMFAPreferenceRequest < Struct.new(
|
1673
1703
|
:sms_mfa_settings,
|
1674
1704
|
:software_token_mfa_settings,
|
1705
|
+
:email_mfa_settings,
|
1675
1706
|
:username,
|
1676
1707
|
:user_pool_id)
|
1677
1708
|
SENSITIVE = [:username]
|
@@ -1961,6 +1992,27 @@ module Aws::CognitoIdentityProvider
|
|
1961
1992
|
#
|
1962
1993
|
class AdminUserGlobalSignOutResponse < Aws::EmptyStructure; end
|
1963
1994
|
|
1995
|
+
# Advanced security configuration options for additional authentication
|
1996
|
+
# types in your user pool, including custom authentication.
|
1997
|
+
#
|
1998
|
+
# @!attribute [rw] custom_auth_mode
|
1999
|
+
# The operating mode of advanced security features in custom
|
2000
|
+
# authentication with [ Custom authentication challenge Lambda
|
2001
|
+
# triggers][1].
|
2002
|
+
#
|
2003
|
+
#
|
2004
|
+
#
|
2005
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html
|
2006
|
+
# @return [String]
|
2007
|
+
#
|
2008
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdvancedSecurityAdditionalFlowsType AWS API Documentation
|
2009
|
+
#
|
2010
|
+
class AdvancedSecurityAdditionalFlowsType < Struct.new(
|
2011
|
+
:custom_auth_mode)
|
2012
|
+
SENSITIVE = []
|
2013
|
+
include Aws::Structure
|
2014
|
+
end
|
2015
|
+
|
1964
2016
|
# This exception is thrown when a user tries to confirm the account with
|
1965
2017
|
# an email address or phone number that has already been supplied as an
|
1966
2018
|
# alias for a different user profile. This exception indicates that an
|
@@ -2257,8 +2309,9 @@ module Aws::CognitoIdentityProvider
|
|
2257
2309
|
#
|
2258
2310
|
class ChangePasswordResponse < Aws::EmptyStructure; end
|
2259
2311
|
|
2260
|
-
#
|
2261
|
-
# logging
|
2312
|
+
# Configuration for the CloudWatch log group destination of user pool
|
2313
|
+
# detailed activity logging, or of user activity log export with
|
2314
|
+
# advanced security features.
|
2262
2315
|
#
|
2263
2316
|
# @!attribute [rw] log_group_arn
|
2264
2317
|
# The Amazon Resource Name (arn) of a CloudWatch Logs log group where
|
@@ -3093,20 +3146,21 @@ module Aws::CognitoIdentityProvider
|
|
3093
3146
|
#
|
3094
3147
|
# @!attribute [rw] read_attributes
|
3095
3148
|
# The list of user attributes that you want your app client to have
|
3096
|
-
# read
|
3097
|
-
#
|
3098
|
-
#
|
3099
|
-
#
|
3149
|
+
# read access to. After your user authenticates in your app, their
|
3150
|
+
# access token authorizes them to read their own attribute value for
|
3151
|
+
# any attribute in this list. An example of this kind of activity is
|
3152
|
+
# when your user selects a link to view their profile information.
|
3100
3153
|
# Your app makes a [GetUser][1] API request to retrieve and display
|
3101
3154
|
# your user's profile data.
|
3102
3155
|
#
|
3103
3156
|
# When you don't specify the `ReadAttributes` for your app client,
|
3104
3157
|
# your app can read the values of `email_verified`,
|
3105
3158
|
# `phone_number_verified`, and the Standard attributes of your user
|
3106
|
-
# pool. When your user pool has read access to these
|
3107
|
-
# attributes, `ReadAttributes` doesn't return any
|
3108
|
-
# Cognito only populates `ReadAttributes` in the
|
3109
|
-
# have specified your own custom set of read
|
3159
|
+
# pool. When your user pool app client has read access to these
|
3160
|
+
# default attributes, `ReadAttributes` doesn't return any
|
3161
|
+
# information. Amazon Cognito only populates `ReadAttributes` in the
|
3162
|
+
# API response if you have specified your own custom set of read
|
3163
|
+
# attributes.
|
3110
3164
|
#
|
3111
3165
|
#
|
3112
3166
|
#
|
@@ -3329,6 +3383,8 @@ module Aws::CognitoIdentityProvider
|
|
3329
3383
|
#
|
3330
3384
|
# * `LEGACY` - This represents the early behavior of Amazon Cognito
|
3331
3385
|
# where user existence related errors aren't prevented.
|
3386
|
+
#
|
3387
|
+
# Defaults to `LEGACY` when you don't provide a value.
|
3332
3388
|
# @return [String]
|
3333
3389
|
#
|
3334
3390
|
# @!attribute [rw] enable_token_revocation
|
@@ -4479,6 +4535,66 @@ module Aws::CognitoIdentityProvider
|
|
4479
4535
|
include Aws::Structure
|
4480
4536
|
end
|
4481
4537
|
|
4538
|
+
# Sets or shows user pool email message configuration for MFA. Includes
|
4539
|
+
# the subject and body of the email message template for MFA messages.
|
4540
|
+
# To activate this setting, [ advanced security features][1] must be
|
4541
|
+
# active in your user pool.
|
4542
|
+
#
|
4543
|
+
#
|
4544
|
+
#
|
4545
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
4546
|
+
#
|
4547
|
+
# @!attribute [rw] message
|
4548
|
+
# The template for the email message that your user pool sends to
|
4549
|
+
# users with an MFA code. The message must contain the `\{####\}`
|
4550
|
+
# placeholder. In the message, Amazon Cognito replaces this
|
4551
|
+
# placeholder with the code. If you don't provide this parameter,
|
4552
|
+
# Amazon Cognito sends messages in the default format.
|
4553
|
+
# @return [String]
|
4554
|
+
#
|
4555
|
+
# @!attribute [rw] subject
|
4556
|
+
# The subject of the email message that your user pool sends to users
|
4557
|
+
# with an MFA code.
|
4558
|
+
# @return [String]
|
4559
|
+
#
|
4560
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/EmailMfaConfigType AWS API Documentation
|
4561
|
+
#
|
4562
|
+
class EmailMfaConfigType < Struct.new(
|
4563
|
+
:message,
|
4564
|
+
:subject)
|
4565
|
+
SENSITIVE = []
|
4566
|
+
include Aws::Structure
|
4567
|
+
end
|
4568
|
+
|
4569
|
+
# User preferences for multi-factor authentication with email messages.
|
4570
|
+
# Activates or deactivates email MFA and sets it as the preferred MFA
|
4571
|
+
# method when multiple methods are available. To activate this setting,
|
4572
|
+
# [ advanced security features][1] must be active in your user pool.
|
4573
|
+
#
|
4574
|
+
#
|
4575
|
+
#
|
4576
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
4577
|
+
#
|
4578
|
+
# @!attribute [rw] enabled
|
4579
|
+
# Specifies whether email message MFA is active for a user. When the
|
4580
|
+
# value of this parameter is `Enabled`, the user will be prompted for
|
4581
|
+
# MFA during all sign-in attempts, unless device tracking is turned on
|
4582
|
+
# and the device has been trusted.
|
4583
|
+
# @return [Boolean]
|
4584
|
+
#
|
4585
|
+
# @!attribute [rw] preferred_mfa
|
4586
|
+
# Specifies whether email message MFA is the user's preferred method.
|
4587
|
+
# @return [Boolean]
|
4588
|
+
#
|
4589
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/EmailMfaSettingsType AWS API Documentation
|
4590
|
+
#
|
4591
|
+
class EmailMfaSettingsType < Struct.new(
|
4592
|
+
:enabled,
|
4593
|
+
:preferred_mfa)
|
4594
|
+
SENSITIVE = []
|
4595
|
+
include Aws::Structure
|
4596
|
+
end
|
4597
|
+
|
4482
4598
|
# This exception is thrown when there is a code mismatch and the service
|
4483
4599
|
# fails to configure the software token TOTP multi-factor authentication
|
4484
4600
|
# (MFA).
|
@@ -4598,6 +4714,22 @@ module Aws::CognitoIdentityProvider
|
|
4598
4714
|
include Aws::Structure
|
4599
4715
|
end
|
4600
4716
|
|
4717
|
+
# Configuration for the Amazon Data Firehose stream destination of user
|
4718
|
+
# activity log export with advanced security features.
|
4719
|
+
#
|
4720
|
+
# @!attribute [rw] stream_arn
|
4721
|
+
# The ARN of an Amazon Data Firehose stream that's the destination
|
4722
|
+
# for advanced security features log export.
|
4723
|
+
# @return [String]
|
4724
|
+
#
|
4725
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/FirehoseConfigurationType AWS API Documentation
|
4726
|
+
#
|
4727
|
+
class FirehoseConfigurationType < Struct.new(
|
4728
|
+
:stream_arn)
|
4729
|
+
SENSITIVE = []
|
4730
|
+
include Aws::Structure
|
4731
|
+
end
|
4732
|
+
|
4601
4733
|
# This exception is thrown when WAF doesn't allow your request based on
|
4602
4734
|
# a web ACL that's associated with your user pool.
|
4603
4735
|
#
|
@@ -4864,8 +4996,8 @@ module Aws::CognitoIdentityProvider
|
|
4864
4996
|
end
|
4865
4997
|
|
4866
4998
|
# @!attribute [rw] user_pool_id
|
4867
|
-
# The ID of the user pool
|
4868
|
-
#
|
4999
|
+
# The ID of the user pool that has the logging configuration that you
|
5000
|
+
# want to view.
|
4869
5001
|
# @return [String]
|
4870
5002
|
#
|
4871
5003
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetLogDeliveryConfigurationRequest AWS API Documentation
|
@@ -4877,8 +5009,7 @@ module Aws::CognitoIdentityProvider
|
|
4877
5009
|
end
|
4878
5010
|
|
4879
5011
|
# @!attribute [rw] log_delivery_configuration
|
4880
|
-
# The
|
4881
|
-
# pool.
|
5012
|
+
# The logging configuration of the requested user pool.
|
4882
5013
|
# @return [Types::LogDeliveryConfigurationType]
|
4883
5014
|
#
|
4884
5015
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetLogDeliveryConfigurationResponse AWS API Documentation
|
@@ -5035,14 +5166,27 @@ module Aws::CognitoIdentityProvider
|
|
5035
5166
|
end
|
5036
5167
|
|
5037
5168
|
# @!attribute [rw] sms_mfa_configuration
|
5038
|
-
#
|
5039
|
-
# configuration
|
5169
|
+
# Shows user pool SMS message configuration for MFA. Includes the
|
5170
|
+
# message template and the SMS message sending configuration for
|
5171
|
+
# Amazon SNS.
|
5040
5172
|
# @return [Types::SmsMfaConfigType]
|
5041
5173
|
#
|
5042
5174
|
# @!attribute [rw] software_token_mfa_configuration
|
5043
|
-
#
|
5175
|
+
# Shows user pool configuration for time-based one-time password
|
5176
|
+
# (TOTP) MFA. Includes TOTP enabled or disabled state.
|
5044
5177
|
# @return [Types::SoftwareTokenMfaConfigType]
|
5045
5178
|
#
|
5179
|
+
# @!attribute [rw] email_mfa_configuration
|
5180
|
+
# Shows user pool email message configuration for MFA. Includes the
|
5181
|
+
# subject and body of the email message template for MFA messages. To
|
5182
|
+
# activate this setting, [ advanced security features][1] must be
|
5183
|
+
# active in your user pool.
|
5184
|
+
#
|
5185
|
+
#
|
5186
|
+
#
|
5187
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
5188
|
+
# @return [Types::EmailMfaConfigType]
|
5189
|
+
#
|
5046
5190
|
# @!attribute [rw] mfa_configuration
|
5047
5191
|
# The multi-factor authentication (MFA) configuration. Valid values
|
5048
5192
|
# include:
|
@@ -5060,6 +5204,7 @@ module Aws::CognitoIdentityProvider
|
|
5060
5204
|
class GetUserPoolMfaConfigResponse < Struct.new(
|
5061
5205
|
:sms_mfa_configuration,
|
5062
5206
|
:software_token_mfa_configuration,
|
5207
|
+
:email_mfa_configuration,
|
5063
5208
|
:mfa_configuration)
|
5064
5209
|
SENSITIVE = []
|
5065
5210
|
include Aws::Structure
|
@@ -5108,7 +5253,7 @@ module Aws::CognitoIdentityProvider
|
|
5108
5253
|
#
|
5109
5254
|
# @!attribute [rw] user_mfa_setting_list
|
5110
5255
|
# The MFA options that are activated for the user. The possible values
|
5111
|
-
# in this list are `SMS_MFA` and `SOFTWARE_TOKEN_MFA`.
|
5256
|
+
# in this list are `SMS_MFA`, `EMAIL_OTP`, and `SOFTWARE_TOKEN_MFA`.
|
5112
5257
|
# @return [Array<String>]
|
5113
5258
|
#
|
5114
5259
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUserResponse AWS API Documentation
|
@@ -5590,8 +5735,11 @@ module Aws::CognitoIdentityProvider
|
|
5590
5735
|
#
|
5591
5736
|
# </note>
|
5592
5737
|
#
|
5593
|
-
# * `SMS_MFA`: Next challenge is to supply an `SMS_MFA_CODE
|
5594
|
-
# delivered
|
5738
|
+
# * `SMS_MFA`: Next challenge is to supply an `SMS_MFA_CODE`that your
|
5739
|
+
# user pool delivered in an SMS message.
|
5740
|
+
#
|
5741
|
+
# * `EMAIL_OTP`: Next challenge is to supply an `EMAIL_OTP_CODE` that
|
5742
|
+
# your user pool delivered in an email message.
|
5595
5743
|
#
|
5596
5744
|
# * `PASSWORD_VERIFIER`: Next challenge is to supply
|
5597
5745
|
# `PASSWORD_CLAIM_SIGNATURE`, `PASSWORD_CLAIM_SECRET_BLOCK`, and
|
@@ -6487,37 +6635,73 @@ module Aws::CognitoIdentityProvider
|
|
6487
6635
|
#
|
6488
6636
|
# @!attribute [rw] log_level
|
6489
6637
|
# The `errorlevel` selection of logs that a user pool sends for
|
6490
|
-
# detailed activity logging.
|
6638
|
+
# detailed activity logging. To send `userNotification` activity with
|
6639
|
+
# [information about message delivery][1], choose `ERROR` with
|
6640
|
+
# `CloudWatchLogsConfiguration`. To send `userAuthEvents` activity
|
6641
|
+
# with user logs from advanced security features, choose `INFO` with
|
6642
|
+
# one of `CloudWatchLogsConfiguration`, `FirehoseConfiguration`, or
|
6643
|
+
# `S3Configuration`.
|
6644
|
+
#
|
6645
|
+
#
|
6646
|
+
#
|
6647
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/tracking-quotas-and-usage-in-cloud-watch-logs.html
|
6491
6648
|
# @return [String]
|
6492
6649
|
#
|
6493
6650
|
# @!attribute [rw] event_source
|
6494
|
-
# The source of events that your user pool sends for
|
6495
|
-
#
|
6651
|
+
# The source of events that your user pool sends for logging. To send
|
6652
|
+
# error-level logs about user notification activity, set to
|
6653
|
+
# `userNotification`. To send info-level logs about advanced security
|
6654
|
+
# features user activity, set to `userAuthEvents`.
|
6496
6655
|
# @return [String]
|
6497
6656
|
#
|
6498
6657
|
# @!attribute [rw] cloud_watch_logs_configuration
|
6499
|
-
# The CloudWatch
|
6658
|
+
# The CloudWatch log group destination of user pool detailed activity
|
6659
|
+
# logs, or of user activity log export with advanced security
|
6660
|
+
# features.
|
6500
6661
|
# @return [Types::CloudWatchLogsConfigurationType]
|
6501
6662
|
#
|
6663
|
+
# @!attribute [rw] s3_configuration
|
6664
|
+
# The Amazon S3 bucket destination of user activity log export with
|
6665
|
+
# advanced security features. To activate this setting, [ advanced
|
6666
|
+
# security features][1] must be active in your user pool.
|
6667
|
+
#
|
6668
|
+
#
|
6669
|
+
#
|
6670
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
6671
|
+
# @return [Types::S3ConfigurationType]
|
6672
|
+
#
|
6673
|
+
# @!attribute [rw] firehose_configuration
|
6674
|
+
# The Amazon Data Firehose stream destination of user activity log
|
6675
|
+
# export with advanced security features. To activate this setting, [
|
6676
|
+
# advanced security features][1] must be active in your user pool.
|
6677
|
+
#
|
6678
|
+
#
|
6679
|
+
#
|
6680
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
6681
|
+
# @return [Types::FirehoseConfigurationType]
|
6682
|
+
#
|
6502
6683
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/LogConfigurationType AWS API Documentation
|
6503
6684
|
#
|
6504
6685
|
class LogConfigurationType < Struct.new(
|
6505
6686
|
:log_level,
|
6506
6687
|
:event_source,
|
6507
|
-
:cloud_watch_logs_configuration
|
6688
|
+
:cloud_watch_logs_configuration,
|
6689
|
+
:s3_configuration,
|
6690
|
+
:firehose_configuration)
|
6508
6691
|
SENSITIVE = []
|
6509
6692
|
include Aws::Structure
|
6510
6693
|
end
|
6511
6694
|
|
6512
|
-
# The logging parameters of a user pool
|
6695
|
+
# The logging parameters of a user pool returned in response to
|
6696
|
+
# `GetLogDeliveryConfiguration`.
|
6513
6697
|
#
|
6514
6698
|
# @!attribute [rw] user_pool_id
|
6515
|
-
# The ID of the user pool where you configured
|
6516
|
-
# logging.
|
6699
|
+
# The ID of the user pool where you configured logging.
|
6517
6700
|
# @return [String]
|
6518
6701
|
#
|
6519
6702
|
# @!attribute [rw] log_configurations
|
6520
|
-
#
|
6703
|
+
# A logging destination of a user pool. User pools can have multiple
|
6704
|
+
# logging destinations for message-delivery and user-activity logs.
|
6521
6705
|
# @return [Array<Types::LogConfigurationType>]
|
6522
6706
|
#
|
6523
6707
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/LogDeliveryConfigurationType AWS API Documentation
|
@@ -6727,6 +6911,20 @@ module Aws::CognitoIdentityProvider
|
|
6727
6911
|
include Aws::Structure
|
6728
6912
|
end
|
6729
6913
|
|
6914
|
+
# The message returned when a user's new password matches a previous
|
6915
|
+
# password and doesn't comply with the password-history policy.
|
6916
|
+
#
|
6917
|
+
# @!attribute [rw] message
|
6918
|
+
# @return [String]
|
6919
|
+
#
|
6920
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/PasswordHistoryPolicyViolationException AWS API Documentation
|
6921
|
+
#
|
6922
|
+
class PasswordHistoryPolicyViolationException < Struct.new(
|
6923
|
+
:message)
|
6924
|
+
SENSITIVE = []
|
6925
|
+
include Aws::Structure
|
6926
|
+
end
|
6927
|
+
|
6730
6928
|
# The password policy type.
|
6731
6929
|
#
|
6732
6930
|
# @!attribute [rw] minimum_length
|
@@ -6756,6 +6954,23 @@ module Aws::CognitoIdentityProvider
|
|
6756
6954
|
# required users to use at least one symbol in their password.
|
6757
6955
|
# @return [Boolean]
|
6758
6956
|
#
|
6957
|
+
# @!attribute [rw] password_history_size
|
6958
|
+
# The number of previous passwords that you want Amazon Cognito to
|
6959
|
+
# restrict each user from reusing. Users can't set a password that
|
6960
|
+
# matches any of `n` previous passwords, where `n` is the value of
|
6961
|
+
# `PasswordHistorySize`.
|
6962
|
+
#
|
6963
|
+
# Password history isn't enforced and isn't displayed in
|
6964
|
+
# [DescribeUserPool][1] responses when you set this value to `0` or
|
6965
|
+
# don't provide it. To activate this setting, [ advanced security
|
6966
|
+
# features][2] must be active in your user pool.
|
6967
|
+
#
|
6968
|
+
#
|
6969
|
+
#
|
6970
|
+
# [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html
|
6971
|
+
# [2]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
6972
|
+
# @return [Integer]
|
6973
|
+
#
|
6759
6974
|
# @!attribute [rw] temporary_password_validity_days
|
6760
6975
|
# The number of days a temporary password is valid in the password
|
6761
6976
|
# policy. If the user doesn't sign in during this time, an
|
@@ -6778,6 +6993,7 @@ module Aws::CognitoIdentityProvider
|
|
6778
6993
|
:require_lowercase,
|
6779
6994
|
:require_numbers,
|
6780
6995
|
:require_symbols,
|
6996
|
+
:password_history_size,
|
6781
6997
|
:temporary_password_validity_days)
|
6782
6998
|
SENSITIVE = []
|
6783
6999
|
include Aws::Structure
|
@@ -7124,11 +7340,21 @@ module Aws::CognitoIdentityProvider
|
|
7124
7340
|
# SMS\_MFA
|
7125
7341
|
#
|
7126
7342
|
# : `"ChallengeName": "SMS_MFA", "ChallengeResponses":
|
7127
|
-
# \{"SMS_MFA_CODE": "[
|
7343
|
+
# \{"SMS_MFA_CODE": "[code]", "USERNAME": "[username]"\}`
|
7344
|
+
#
|
7345
|
+
# EMAIL\_OTP
|
7346
|
+
#
|
7347
|
+
# : `"ChallengeName": "EMAIL_OTP", "ChallengeResponses":
|
7348
|
+
# \{"EMAIL_OTP_CODE": "[code]", "USERNAME": "[username]"\}`
|
7128
7349
|
#
|
7129
7350
|
# PASSWORD\_VERIFIER
|
7130
7351
|
#
|
7131
|
-
# :
|
7352
|
+
# : This challenge response is part of the SRP flow. Amazon Cognito
|
7353
|
+
# requires that your application respond to this challenge within a
|
7354
|
+
# few seconds. When the response time exceeds this period, your user
|
7355
|
+
# pool returns a `NotAuthorizedException` error.
|
7356
|
+
#
|
7357
|
+
# `"ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses":
|
7132
7358
|
# \{"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]",
|
7133
7359
|
# "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP":
|
7134
7360
|
# [timestamp], "USERNAME": "[username]"\}`
|
@@ -7408,6 +7634,22 @@ module Aws::CognitoIdentityProvider
|
|
7408
7634
|
include Aws::Structure
|
7409
7635
|
end
|
7410
7636
|
|
7637
|
+
# Configuration for the Amazon S3 bucket destination of user activity
|
7638
|
+
# log export with advanced security features.
|
7639
|
+
#
|
7640
|
+
# @!attribute [rw] bucket_arn
|
7641
|
+
# The ARN of an Amazon S3 bucket that's the destination for advanced
|
7642
|
+
# security features log export.
|
7643
|
+
# @return [String]
|
7644
|
+
#
|
7645
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/S3ConfigurationType AWS API Documentation
|
7646
|
+
#
|
7647
|
+
class S3ConfigurationType < Struct.new(
|
7648
|
+
:bucket_arn)
|
7649
|
+
SENSITIVE = []
|
7650
|
+
include Aws::Structure
|
7651
|
+
end
|
7652
|
+
|
7411
7653
|
# The type used for enabling SMS multi-factor authentication (MFA) at
|
7412
7654
|
# the user level. Phone numbers don't need to be verified to be used
|
7413
7655
|
# for SMS MFA. If an MFA type is activated for a user, the user will be
|
@@ -7418,10 +7660,10 @@ module Aws::CognitoIdentityProvider
|
|
7418
7660
|
# for the user pool.
|
7419
7661
|
#
|
7420
7662
|
# @!attribute [rw] enabled
|
7421
|
-
# Specifies whether SMS
|
7422
|
-
#
|
7423
|
-
#
|
7424
|
-
#
|
7663
|
+
# Specifies whether SMS message MFA is activated. If an MFA type is
|
7664
|
+
# activated for a user, the user will be prompted for MFA during all
|
7665
|
+
# sign-in attempts, unless device tracking is turned on and the device
|
7666
|
+
# has been trusted.
|
7425
7667
|
# @return [Boolean]
|
7426
7668
|
#
|
7427
7669
|
# @!attribute [rw] preferred_mfa
|
@@ -7548,13 +7790,11 @@ module Aws::CognitoIdentityProvider
|
|
7548
7790
|
end
|
7549
7791
|
|
7550
7792
|
# @!attribute [rw] user_pool_id
|
7551
|
-
# The ID of the user pool where you want to configure
|
7552
|
-
# activity logging .
|
7793
|
+
# The ID of the user pool where you want to configure logging.
|
7553
7794
|
# @return [String]
|
7554
7795
|
#
|
7555
7796
|
# @!attribute [rw] log_configurations
|
7556
|
-
# A collection of
|
7557
|
-
# for a user pool.
|
7797
|
+
# A collection of the logging configurations for a user pool.
|
7558
7798
|
# @return [Array<Types::LogConfigurationType>]
|
7559
7799
|
#
|
7560
7800
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetLogDeliveryConfigurationRequest AWS API Documentation
|
@@ -7670,13 +7910,28 @@ module Aws::CognitoIdentityProvider
|
|
7670
7910
|
end
|
7671
7911
|
|
7672
7912
|
# @!attribute [rw] sms_mfa_settings
|
7673
|
-
#
|
7913
|
+
# User preferences for SMS message MFA. Activates or deactivates SMS
|
7914
|
+
# MFA and sets it as the preferred MFA method when multiple methods
|
7915
|
+
# are available.
|
7674
7916
|
# @return [Types::SMSMfaSettingsType]
|
7675
7917
|
#
|
7676
7918
|
# @!attribute [rw] software_token_mfa_settings
|
7677
|
-
#
|
7919
|
+
# User preferences for time-based one-time password (TOTP) MFA.
|
7920
|
+
# Activates or deactivates TOTP MFA and sets it as the preferred MFA
|
7921
|
+
# method when multiple methods are available.
|
7678
7922
|
# @return [Types::SoftwareTokenMfaSettingsType]
|
7679
7923
|
#
|
7924
|
+
# @!attribute [rw] email_mfa_settings
|
7925
|
+
# User preferences for email message MFA. Activates or deactivates
|
7926
|
+
# email MFA and sets it as the preferred MFA method when multiple
|
7927
|
+
# methods are available. To activate this setting, [ advanced security
|
7928
|
+
# features][1] must be active in your user pool.
|
7929
|
+
#
|
7930
|
+
#
|
7931
|
+
#
|
7932
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
7933
|
+
# @return [Types::EmailMfaSettingsType]
|
7934
|
+
#
|
7680
7935
|
# @!attribute [rw] access_token
|
7681
7936
|
# A valid access token that Amazon Cognito issued to the user whose
|
7682
7937
|
# MFA preference you want to set.
|
@@ -7687,6 +7942,7 @@ module Aws::CognitoIdentityProvider
|
|
7687
7942
|
class SetUserMFAPreferenceRequest < Struct.new(
|
7688
7943
|
:sms_mfa_settings,
|
7689
7944
|
:software_token_mfa_settings,
|
7945
|
+
:email_mfa_settings,
|
7690
7946
|
:access_token)
|
7691
7947
|
SENSITIVE = [:access_token]
|
7692
7948
|
include Aws::Structure
|
@@ -7701,13 +7957,26 @@ module Aws::CognitoIdentityProvider
|
|
7701
7957
|
# @return [String]
|
7702
7958
|
#
|
7703
7959
|
# @!attribute [rw] sms_mfa_configuration
|
7704
|
-
#
|
7960
|
+
# Configures user pool SMS messages for MFA. Sets the message template
|
7961
|
+
# and the SMS message sending configuration for Amazon SNS.
|
7705
7962
|
# @return [Types::SmsMfaConfigType]
|
7706
7963
|
#
|
7707
7964
|
# @!attribute [rw] software_token_mfa_configuration
|
7708
|
-
#
|
7965
|
+
# Configures a user pool for time-based one-time password (TOTP) MFA.
|
7966
|
+
# Enables or disables TOTP.
|
7709
7967
|
# @return [Types::SoftwareTokenMfaConfigType]
|
7710
7968
|
#
|
7969
|
+
# @!attribute [rw] email_mfa_configuration
|
7970
|
+
# Configures user pool email messages for MFA. Sets the subject and
|
7971
|
+
# body of the email message template for MFA messages. To activate
|
7972
|
+
# this setting, [ advanced security features][1] must be active in
|
7973
|
+
# your user pool.
|
7974
|
+
#
|
7975
|
+
#
|
7976
|
+
#
|
7977
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
7978
|
+
# @return [Types::EmailMfaConfigType]
|
7979
|
+
#
|
7711
7980
|
# @!attribute [rw] mfa_configuration
|
7712
7981
|
# The MFA configuration. If you set the MfaConfiguration value to
|
7713
7982
|
# ‘ON’, only users who have set up an MFA factor can sign in. To learn
|
@@ -7732,19 +8001,34 @@ module Aws::CognitoIdentityProvider
|
|
7732
8001
|
:user_pool_id,
|
7733
8002
|
:sms_mfa_configuration,
|
7734
8003
|
:software_token_mfa_configuration,
|
8004
|
+
:email_mfa_configuration,
|
7735
8005
|
:mfa_configuration)
|
7736
8006
|
SENSITIVE = []
|
7737
8007
|
include Aws::Structure
|
7738
8008
|
end
|
7739
8009
|
|
7740
8010
|
# @!attribute [rw] sms_mfa_configuration
|
7741
|
-
#
|
8011
|
+
# Shows user pool SMS message configuration for MFA. Includes the
|
8012
|
+
# message template and the SMS message sending configuration for
|
8013
|
+
# Amazon SNS.
|
7742
8014
|
# @return [Types::SmsMfaConfigType]
|
7743
8015
|
#
|
7744
8016
|
# @!attribute [rw] software_token_mfa_configuration
|
7745
|
-
#
|
8017
|
+
# Shows user pool configuration for time-based one-time password
|
8018
|
+
# (TOTP) MFA. Includes TOTP enabled or disabled state.
|
7746
8019
|
# @return [Types::SoftwareTokenMfaConfigType]
|
7747
8020
|
#
|
8021
|
+
# @!attribute [rw] email_mfa_configuration
|
8022
|
+
# Shows user pool email message configuration for MFA. Includes the
|
8023
|
+
# subject and body of the email message template for MFA messages. To
|
8024
|
+
# activate this setting, [ advanced security features][1] must be
|
8025
|
+
# active in your user pool.
|
8026
|
+
#
|
8027
|
+
#
|
8028
|
+
#
|
8029
|
+
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
8030
|
+
# @return [Types::EmailMfaConfigType]
|
8031
|
+
#
|
7748
8032
|
# @!attribute [rw] mfa_configuration
|
7749
8033
|
# The MFA configuration. Valid values include:
|
7750
8034
|
#
|
@@ -7761,6 +8045,7 @@ module Aws::CognitoIdentityProvider
|
|
7761
8045
|
class SetUserPoolMfaConfigResponse < Struct.new(
|
7762
8046
|
:sms_mfa_configuration,
|
7763
8047
|
:software_token_mfa_configuration,
|
8048
|
+
:email_mfa_configuration,
|
7764
8049
|
:mfa_configuration)
|
7765
8050
|
SENSITIVE = []
|
7766
8051
|
include Aws::Structure
|
@@ -7923,7 +8208,7 @@ module Aws::CognitoIdentityProvider
|
|
7923
8208
|
# @return [Types::CodeDeliveryDetailsType]
|
7924
8209
|
#
|
7925
8210
|
# @!attribute [rw] user_sub
|
7926
|
-
# The
|
8211
|
+
# The 128-bit ID of the authenticated user. This isn't the same as
|
7927
8212
|
# `username`.
|
7928
8213
|
# @return [String]
|
7929
8214
|
#
|
@@ -8001,14 +8286,16 @@ module Aws::CognitoIdentityProvider
|
|
8001
8286
|
include Aws::Structure
|
8002
8287
|
end
|
8003
8288
|
|
8004
|
-
#
|
8005
|
-
#
|
8289
|
+
# Configures user pool SMS messages for multi-factor authentication
|
8290
|
+
# (MFA). Sets the message template and the SMS message sending
|
8291
|
+
# configuration for Amazon SNS.
|
8006
8292
|
#
|
8007
8293
|
# @!attribute [rw] sms_authentication_message
|
8008
|
-
# The SMS
|
8009
|
-
#
|
8010
|
-
#
|
8011
|
-
#
|
8294
|
+
# The SMS message that your user pool sends to users with an MFA code.
|
8295
|
+
# The message must contain the `\{####\}` placeholder. In the message,
|
8296
|
+
# Amazon Cognito replaces this placeholder with the code. If you
|
8297
|
+
# don't provide this parameter, Amazon Cognito sends messages in the
|
8298
|
+
# default format.
|
8012
8299
|
# @return [String]
|
8013
8300
|
#
|
8014
8301
|
# @!attribute [rw] sms_configuration
|
@@ -8044,7 +8331,8 @@ module Aws::CognitoIdentityProvider
|
|
8044
8331
|
include Aws::Structure
|
8045
8332
|
end
|
8046
8333
|
|
8047
|
-
#
|
8334
|
+
# Configures a user pool for time-based one-time password (TOTP)
|
8335
|
+
# multi-factor authentication (MFA). Enables or disables TOTP.
|
8048
8336
|
#
|
8049
8337
|
# @!attribute [rw] enabled
|
8050
8338
|
# Specifies whether software token MFA is activated.
|
@@ -8925,20 +9213,21 @@ module Aws::CognitoIdentityProvider
|
|
8925
9213
|
#
|
8926
9214
|
# @!attribute [rw] read_attributes
|
8927
9215
|
# The list of user attributes that you want your app client to have
|
8928
|
-
# read
|
8929
|
-
#
|
8930
|
-
#
|
8931
|
-
#
|
9216
|
+
# read access to. After your user authenticates in your app, their
|
9217
|
+
# access token authorizes them to read their own attribute value for
|
9218
|
+
# any attribute in this list. An example of this kind of activity is
|
9219
|
+
# when your user selects a link to view their profile information.
|
8932
9220
|
# Your app makes a [GetUser][1] API request to retrieve and display
|
8933
9221
|
# your user's profile data.
|
8934
9222
|
#
|
8935
9223
|
# When you don't specify the `ReadAttributes` for your app client,
|
8936
9224
|
# your app can read the values of `email_verified`,
|
8937
9225
|
# `phone_number_verified`, and the Standard attributes of your user
|
8938
|
-
# pool. When your user pool has read access to these
|
8939
|
-
# attributes, `ReadAttributes` doesn't return any
|
8940
|
-
# Cognito only populates `ReadAttributes` in the
|
8941
|
-
# have specified your own custom set of read
|
9226
|
+
# pool. When your user pool app client has read access to these
|
9227
|
+
# default attributes, `ReadAttributes` doesn't return any
|
9228
|
+
# information. Amazon Cognito only populates `ReadAttributes` in the
|
9229
|
+
# API response if you have specified your own custom set of read
|
9230
|
+
# attributes.
|
8942
9231
|
#
|
8943
9232
|
#
|
8944
9233
|
#
|
@@ -9156,6 +9445,8 @@ module Aws::CognitoIdentityProvider
|
|
9156
9445
|
#
|
9157
9446
|
# * `LEGACY` - This represents the early behavior of Amazon Cognito
|
9158
9447
|
# where user existence related errors aren't prevented.
|
9448
|
+
#
|
9449
|
+
# Defaults to `LEGACY` when you don't provide a value.
|
9159
9450
|
# @return [String]
|
9160
9451
|
#
|
9161
9452
|
# @!attribute [rw] enable_token_revocation
|
@@ -9736,13 +10027,22 @@ module Aws::CognitoIdentityProvider
|
|
9736
10027
|
# [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
|
9737
10028
|
#
|
9738
10029
|
# @!attribute [rw] advanced_security_mode
|
9739
|
-
# The operating mode of advanced security features
|
10030
|
+
# The operating mode of advanced security features for standard
|
10031
|
+
# authentication types in your user pool, including username-password
|
10032
|
+
# and secure remote password (SRP) authentication.
|
9740
10033
|
# @return [String]
|
9741
10034
|
#
|
10035
|
+
# @!attribute [rw] advanced_security_additional_flows
|
10036
|
+
# Advanced security configuration options for additional
|
10037
|
+
# authentication types in your user pool, including custom
|
10038
|
+
# authentication.
|
10039
|
+
# @return [Types::AdvancedSecurityAdditionalFlowsType]
|
10040
|
+
#
|
9742
10041
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UserPoolAddOnsType AWS API Documentation
|
9743
10042
|
#
|
9744
10043
|
class UserPoolAddOnsType < Struct.new(
|
9745
|
-
:advanced_security_mode
|
10044
|
+
:advanced_security_mode,
|
10045
|
+
:advanced_security_additional_flows)
|
9746
10046
|
SENSITIVE = []
|
9747
10047
|
include Aws::Structure
|
9748
10048
|
end
|
@@ -9864,20 +10164,21 @@ module Aws::CognitoIdentityProvider
|
|
9864
10164
|
#
|
9865
10165
|
# @!attribute [rw] read_attributes
|
9866
10166
|
# The list of user attributes that you want your app client to have
|
9867
|
-
# read
|
9868
|
-
#
|
9869
|
-
#
|
9870
|
-
#
|
10167
|
+
# read access to. After your user authenticates in your app, their
|
10168
|
+
# access token authorizes them to read their own attribute value for
|
10169
|
+
# any attribute in this list. An example of this kind of activity is
|
10170
|
+
# when your user selects a link to view their profile information.
|
9871
10171
|
# Your app makes a [GetUser][1] API request to retrieve and display
|
9872
10172
|
# your user's profile data.
|
9873
10173
|
#
|
9874
10174
|
# When you don't specify the `ReadAttributes` for your app client,
|
9875
10175
|
# your app can read the values of `email_verified`,
|
9876
10176
|
# `phone_number_verified`, and the Standard attributes of your user
|
9877
|
-
# pool. When your user pool has read access to these
|
9878
|
-
# attributes, `ReadAttributes` doesn't return any
|
9879
|
-
# Cognito only populates `ReadAttributes` in the
|
9880
|
-
# have specified your own custom set of read
|
10177
|
+
# pool. When your user pool app client has read access to these
|
10178
|
+
# default attributes, `ReadAttributes` doesn't return any
|
10179
|
+
# information. Amazon Cognito only populates `ReadAttributes` in the
|
10180
|
+
# API response if you have specified your own custom set of read
|
10181
|
+
# attributes.
|
9881
10182
|
#
|
9882
10183
|
#
|
9883
10184
|
#
|
@@ -10092,8 +10393,10 @@ module Aws::CognitoIdentityProvider
|
|
10092
10393
|
#
|
10093
10394
|
# * `ENABLED` - This prevents user existence-related errors.
|
10094
10395
|
#
|
10095
|
-
# * `LEGACY` - This represents the
|
10396
|
+
# * `LEGACY` - This represents the early behavior of Amazon Cognito
|
10096
10397
|
# where user existence related errors aren't prevented.
|
10398
|
+
#
|
10399
|
+
# Defaults to `LEGACY` when you don't provide a value.
|
10097
10400
|
# @return [String]
|
10098
10401
|
#
|
10099
10402
|
# @!attribute [rw] enable_token_revocation
|
@@ -10832,3 +11135,4 @@ module Aws::CognitoIdentityProvider
|
|
10832
11135
|
|
10833
11136
|
end
|
10834
11137
|
end
|
11138
|
+
|