aws-sdk-cognitoidentityprovider 1.73.0 → 1.74.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-cognitoidentityprovider/client.rb +47 -42
- data/lib/aws-sdk-cognitoidentityprovider/types.rb +88 -88
- data/lib/aws-sdk-cognitoidentityprovider.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 354641e6d84b13711594a00465484dc475f43fd98708cc6ebb6b5cd4845d0f0a
|
4
|
+
data.tar.gz: 20c05df61f32257cc396593cb3cba9fd781d353281a2eb2587e7b7ddf346abaf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: df2966f078929a53b3be4c598ac0b3a120e7eae270dc97844584ccb86ab816422275246a5e20ef1f7794f9087893cb4e77081d9cc78093a53b405e6491b02481
|
7
|
+
data.tar.gz: 062bd5966ff56495db66676f5f839211058dc1126a14ed1044239bf155b4aab0f5dd7b314bed66b50afaa54e03d01844a57077826631709da9246a8df75ac335
|
data/CHANGELOG.md
CHANGED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.74.0
|
@@ -275,6 +275,11 @@ module Aws::CognitoIdentityProvider
|
|
275
275
|
# in the future.
|
276
276
|
#
|
277
277
|
#
|
278
|
+
# @option options [String] :sdk_ua_app_id
|
279
|
+
# A unique and opaque application ID that is appended to the
|
280
|
+
# User-Agent header as app/<sdk_ua_app_id>. It should have a
|
281
|
+
# maximum length of 50.
|
282
|
+
#
|
278
283
|
# @option options [String] :secret_access_key
|
279
284
|
#
|
280
285
|
# @option options [String] :session_token
|
@@ -595,12 +600,12 @@ module Aws::CognitoIdentityProvider
|
|
595
600
|
# attribute to `True`. You can also do this by calling
|
596
601
|
# [AdminUpdateUserAttributes][1].
|
597
602
|
#
|
598
|
-
# * **email
|
603
|
+
# * **email**: The email address of the user to whom the message that
|
599
604
|
# contains the code and username will be sent. Required if the
|
600
605
|
# `email_verified` attribute is set to `True`, or if `"EMAIL"` is
|
601
606
|
# specified in the `DesiredDeliveryMediums` parameter.
|
602
607
|
#
|
603
|
-
# * **phone\_number
|
608
|
+
# * **phone\_number**: The phone number of the user to whom the message
|
604
609
|
# that contains the code and username will be sent. Required if the
|
605
610
|
# `phone_number_verified` attribute is set to `True`, or if `"SMS"` is
|
606
611
|
# specified in the `DesiredDeliveryMediums` parameter.
|
@@ -1134,20 +1139,20 @@ module Aws::CognitoIdentityProvider
|
|
1134
1139
|
#
|
1135
1140
|
# Valid values include:
|
1136
1141
|
#
|
1137
|
-
# * `USER_SRP_AUTH
|
1142
|
+
# * `USER_SRP_AUTH`: Authentication flow for the Secure Remote Password
|
1138
1143
|
# (SRP) protocol.
|
1139
1144
|
#
|
1140
|
-
# * `REFRESH_TOKEN_AUTH`/`REFRESH_TOKEN
|
1145
|
+
# * `REFRESH_TOKEN_AUTH`/`REFRESH_TOKEN`: Authentication flow for
|
1141
1146
|
# refreshing the access token and ID token by supplying a valid
|
1142
1147
|
# refresh token.
|
1143
1148
|
#
|
1144
|
-
# * `CUSTOM_AUTH
|
1149
|
+
# * `CUSTOM_AUTH`: Custom authentication flow.
|
1145
1150
|
#
|
1146
|
-
# * `ADMIN_NO_SRP_AUTH
|
1151
|
+
# * `ADMIN_NO_SRP_AUTH`: Non-SRP authentication flow; you can pass in
|
1147
1152
|
# the USERNAME and PASSWORD directly if the flow is enabled for
|
1148
1153
|
# calling the app client.
|
1149
1154
|
#
|
1150
|
-
# * `ADMIN_USER_PASSWORD_AUTH
|
1155
|
+
# * `ADMIN_USER_PASSWORD_AUTH`: Admin-based user password
|
1151
1156
|
# authentication. This replaces the `ADMIN_NO_SRP_AUTH` authentication
|
1152
1157
|
# flow. In this flow, Amazon Cognito receives the password in the
|
1153
1158
|
# request instead of using the SRP process to verify passwords.
|
@@ -1155,21 +1160,21 @@ module Aws::CognitoIdentityProvider
|
|
1155
1160
|
# @option params [Hash<String,String>] :auth_parameters
|
1156
1161
|
# The authentication parameters. These are inputs corresponding to the
|
1157
1162
|
# `AuthFlow` that you're invoking. The required values depend on the
|
1158
|
-
# value of `AuthFlow
|
1163
|
+
# value of `AuthFlow`:
|
1159
1164
|
#
|
1160
|
-
# * For `USER_SRP_AUTH
|
1165
|
+
# * For `USER_SRP_AUTH`: `USERNAME` (required), `SRP_A` (required),
|
1161
1166
|
# `SECRET_HASH` (required if the app client is configured with a
|
1162
1167
|
# client secret), `DEVICE_KEY`.
|
1163
1168
|
#
|
1164
|
-
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN
|
1169
|
+
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN`: `REFRESH_TOKEN` (required),
|
1165
1170
|
# `SECRET_HASH` (required if the app client is configured with a
|
1166
1171
|
# client secret), `DEVICE_KEY`.
|
1167
1172
|
#
|
1168
|
-
# * For `ADMIN_NO_SRP_AUTH
|
1173
|
+
# * For `ADMIN_NO_SRP_AUTH`: `USERNAME` (required), `SECRET_HASH` (if
|
1169
1174
|
# app client is configured with client secret), `PASSWORD` (required),
|
1170
1175
|
# `DEVICE_KEY`.
|
1171
1176
|
#
|
1172
|
-
# * For `CUSTOM_AUTH
|
1177
|
+
# * For `CUSTOM_AUTH`: `USERNAME` (required), `SECRET_HASH` (if app
|
1173
1178
|
# client is configured with client secret), `DEVICE_KEY`. To start the
|
1174
1179
|
# authentication flow with password verification, include
|
1175
1180
|
# `ChallengeName: SRP_A` and `SRP_A: (The SRP_A Value)`.
|
@@ -1761,10 +1766,10 @@ module Aws::CognitoIdentityProvider
|
|
1761
1766
|
# The challenge responses. These are inputs corresponding to the value
|
1762
1767
|
# of `ChallengeName`, for example:
|
1763
1768
|
#
|
1764
|
-
# * `SMS_MFA
|
1769
|
+
# * `SMS_MFA`: `SMS_MFA_CODE`, `USERNAME`, `SECRET_HASH` (if app client
|
1765
1770
|
# is configured with client secret).
|
1766
1771
|
#
|
1767
|
-
# * `PASSWORD_VERIFIER
|
1772
|
+
# * `PASSWORD_VERIFIER`: `PASSWORD_CLAIM_SIGNATURE`,
|
1768
1773
|
# `PASSWORD_CLAIM_SECRET_BLOCK`, `TIMESTAMP`, `USERNAME`,
|
1769
1774
|
# `SECRET_HASH` (if app client is configured with client secret).
|
1770
1775
|
#
|
@@ -1773,10 +1778,10 @@ module Aws::CognitoIdentityProvider
|
|
1773
1778
|
#
|
1774
1779
|
# </note>
|
1775
1780
|
#
|
1776
|
-
# * `ADMIN_NO_SRP_AUTH
|
1781
|
+
# * `ADMIN_NO_SRP_AUTH`: `PASSWORD`, `USERNAME`, `SECRET_HASH` (if app
|
1777
1782
|
# client is configured with client secret).
|
1778
1783
|
#
|
1779
|
-
# * `NEW_PASSWORD_REQUIRED
|
1784
|
+
# * `NEW_PASSWORD_REQUIRED`: `NEW_PASSWORD`, `USERNAME`, `SECRET_HASH`
|
1780
1785
|
# (if app client is configured with client secret). To set any
|
1781
1786
|
# required attributes that Amazon Cognito returned as
|
1782
1787
|
# `requiredAttributes` in the `AdminInitiateAuth` response, add a
|
@@ -3468,23 +3473,23 @@ module Aws::CognitoIdentityProvider
|
|
3468
3473
|
#
|
3469
3474
|
# Valid values include:
|
3470
3475
|
#
|
3471
|
-
# * `ALLOW_ADMIN_USER_PASSWORD_AUTH
|
3476
|
+
# * `ALLOW_ADMIN_USER_PASSWORD_AUTH`: Enable admin based user password
|
3472
3477
|
# authentication flow `ADMIN_USER_PASSWORD_AUTH`. This setting
|
3473
3478
|
# replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication
|
3474
3479
|
# flow, your app passes a user name and password to Amazon Cognito in
|
3475
3480
|
# the request, instead of using the Secure Remote Password (SRP)
|
3476
3481
|
# protocol to securely transmit the password.
|
3477
3482
|
#
|
3478
|
-
# * `ALLOW_CUSTOM_AUTH
|
3483
|
+
# * `ALLOW_CUSTOM_AUTH`: Enable Lambda trigger based authentication.
|
3479
3484
|
#
|
3480
|
-
# * `ALLOW_USER_PASSWORD_AUTH
|
3485
|
+
# * `ALLOW_USER_PASSWORD_AUTH`: Enable user password-based
|
3481
3486
|
# authentication. In this flow, Amazon Cognito receives the password
|
3482
3487
|
# in the request instead of using the SRP protocol to verify
|
3483
3488
|
# passwords.
|
3484
3489
|
#
|
3485
|
-
# * `ALLOW_USER_SRP_AUTH
|
3490
|
+
# * `ALLOW_USER_SRP_AUTH`: Enable SRP-based authentication.
|
3486
3491
|
#
|
3487
|
-
# * `ALLOW_REFRESH_TOKEN_AUTH
|
3492
|
+
# * `ALLOW_REFRESH_TOKEN_AUTH`: Enable authflow to refresh tokens.
|
3488
3493
|
#
|
3489
3494
|
# In some environments, you will see the values `ADMIN_NO_SRP_AUTH`,
|
3490
3495
|
# `CUSTOM_AUTH_FLOW_ONLY`, or `USER_PASSWORD_AUTH`. You can't assign
|
@@ -5041,16 +5046,16 @@ module Aws::CognitoIdentityProvider
|
|
5041
5046
|
#
|
5042
5047
|
# Valid values include:
|
5043
5048
|
#
|
5044
|
-
# * `USER_SRP_AUTH
|
5049
|
+
# * `USER_SRP_AUTH`: Authentication flow for the Secure Remote Password
|
5045
5050
|
# (SRP) protocol.
|
5046
5051
|
#
|
5047
|
-
# * `REFRESH_TOKEN_AUTH`/`REFRESH_TOKEN
|
5052
|
+
# * `REFRESH_TOKEN_AUTH`/`REFRESH_TOKEN`: Authentication flow for
|
5048
5053
|
# refreshing the access token and ID token by supplying a valid
|
5049
5054
|
# refresh token.
|
5050
5055
|
#
|
5051
|
-
# * `CUSTOM_AUTH
|
5056
|
+
# * `CUSTOM_AUTH`: Custom authentication flow.
|
5052
5057
|
#
|
5053
|
-
# * `USER_PASSWORD_AUTH
|
5058
|
+
# * `USER_PASSWORD_AUTH`: Non-SRP authentication flow; user name and
|
5054
5059
|
# password are passed directly. If a user migration Lambda trigger is
|
5055
5060
|
# set, this flow will invoke the user migration Lambda if it doesn't
|
5056
5061
|
# find the user name in the user pool.
|
@@ -5060,17 +5065,17 @@ module Aws::CognitoIdentityProvider
|
|
5060
5065
|
# @option params [Hash<String,String>] :auth_parameters
|
5061
5066
|
# The authentication parameters. These are inputs corresponding to the
|
5062
5067
|
# `AuthFlow` that you're invoking. The required values depend on the
|
5063
|
-
# value of `AuthFlow
|
5068
|
+
# value of `AuthFlow`:
|
5064
5069
|
#
|
5065
|
-
# * For `USER_SRP_AUTH
|
5070
|
+
# * For `USER_SRP_AUTH`: `USERNAME` (required), `SRP_A` (required),
|
5066
5071
|
# `SECRET_HASH` (required if the app client is configured with a
|
5067
5072
|
# client secret), `DEVICE_KEY`.
|
5068
5073
|
#
|
5069
|
-
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN
|
5074
|
+
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN`: `REFRESH_TOKEN` (required),
|
5070
5075
|
# `SECRET_HASH` (required if the app client is configured with a
|
5071
5076
|
# client secret), `DEVICE_KEY`.
|
5072
5077
|
#
|
5073
|
-
# * For `CUSTOM_AUTH
|
5078
|
+
# * For `CUSTOM_AUTH`: `USERNAME` (required), `SECRET_HASH` (if app
|
5074
5079
|
# client is configured with client secret), `DEVICE_KEY`. To start the
|
5075
5080
|
# authentication flow with password verification, include
|
5076
5081
|
# `ChallengeName: SRP_A` and `SRP_A: (The SRP_A Value)`.
|
@@ -5610,14 +5615,14 @@ module Aws::CognitoIdentityProvider
|
|
5610
5615
|
# be escaped using the backslash (\\) character. For example,
|
5611
5616
|
# "`family_name` = \\"Reddy\\"".
|
5612
5617
|
#
|
5613
|
-
# * *AttributeName
|
5618
|
+
# * *AttributeName*: The name of the attribute to search for. You can
|
5614
5619
|
# only search for one attribute at a time.
|
5615
5620
|
#
|
5616
|
-
# * *Filter-Type
|
5621
|
+
# * *Filter-Type*: For an exact match, use =, for example,
|
5617
5622
|
# "`given_name` = \\"Jon\\"". For a prefix ("starts with")
|
5618
5623
|
# match, use ^=, for example, "`given_name` ^= \\"Jon\\"".
|
5619
5624
|
#
|
5620
|
-
# * *AttributeValue
|
5625
|
+
# * *AttributeValue*: The attribute value that must be matched for each
|
5621
5626
|
# user.
|
5622
5627
|
#
|
5623
5628
|
# If the filter string is empty, `ListUsers` returns all users in the
|
@@ -5956,9 +5961,9 @@ module Aws::CognitoIdentityProvider
|
|
5956
5961
|
#
|
5957
5962
|
# </note>
|
5958
5963
|
#
|
5959
|
-
# * `SMS_MFA
|
5964
|
+
# * `SMS_MFA`: `SMS_MFA_CODE`, `USERNAME`.
|
5960
5965
|
#
|
5961
|
-
# * `PASSWORD_VERIFIER
|
5966
|
+
# * `PASSWORD_VERIFIER`: `PASSWORD_CLAIM_SIGNATURE`,
|
5962
5967
|
# `PASSWORD_CLAIM_SECRET_BLOCK`, `TIMESTAMP`, `USERNAME`.
|
5963
5968
|
#
|
5964
5969
|
# <note markdown="1"> `PASSWORD_VERIFIER` requires `DEVICE_KEY` when you sign in with a
|
@@ -5966,7 +5971,7 @@ module Aws::CognitoIdentityProvider
|
|
5966
5971
|
#
|
5967
5972
|
# </note>
|
5968
5973
|
#
|
5969
|
-
# * `NEW_PASSWORD_REQUIRED
|
5974
|
+
# * `NEW_PASSWORD_REQUIRED`: `NEW_PASSWORD`, `USERNAME`, `SECRET_HASH`
|
5970
5975
|
# (if app client is configured with client secret). To set any
|
5971
5976
|
# required attributes that Amazon Cognito returned as
|
5972
5977
|
# `requiredAttributes` in the `InitiateAuth` response, add a
|
@@ -5983,7 +5988,7 @@ module Aws::CognitoIdentityProvider
|
|
5983
5988
|
#
|
5984
5989
|
# </note>
|
5985
5990
|
#
|
5986
|
-
# * `SOFTWARE_TOKEN_MFA
|
5991
|
+
# * `SOFTWARE_TOKEN_MFA`: `USERNAME` and `SOFTWARE_TOKEN_MFA_CODE` are
|
5987
5992
|
# required attributes.
|
5988
5993
|
#
|
5989
5994
|
# * `DEVICE_SRP_AUTH` requires `USERNAME`, `DEVICE_KEY`, `SRP_A` (and
|
@@ -7546,23 +7551,23 @@ module Aws::CognitoIdentityProvider
|
|
7546
7551
|
#
|
7547
7552
|
# Valid values include:
|
7548
7553
|
#
|
7549
|
-
# * `ALLOW_ADMIN_USER_PASSWORD_AUTH
|
7554
|
+
# * `ALLOW_ADMIN_USER_PASSWORD_AUTH`: Enable admin based user password
|
7550
7555
|
# authentication flow `ADMIN_USER_PASSWORD_AUTH`. This setting
|
7551
7556
|
# replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication
|
7552
7557
|
# flow, your app passes a user name and password to Amazon Cognito in
|
7553
7558
|
# the request, instead of using the Secure Remote Password (SRP)
|
7554
7559
|
# protocol to securely transmit the password.
|
7555
7560
|
#
|
7556
|
-
# * `ALLOW_CUSTOM_AUTH
|
7561
|
+
# * `ALLOW_CUSTOM_AUTH`: Enable Lambda trigger based authentication.
|
7557
7562
|
#
|
7558
|
-
# * `ALLOW_USER_PASSWORD_AUTH
|
7563
|
+
# * `ALLOW_USER_PASSWORD_AUTH`: Enable user password-based
|
7559
7564
|
# authentication. In this flow, Amazon Cognito receives the password
|
7560
7565
|
# in the request instead of using the SRP protocol to verify
|
7561
7566
|
# passwords.
|
7562
7567
|
#
|
7563
|
-
# * `ALLOW_USER_SRP_AUTH
|
7568
|
+
# * `ALLOW_USER_SRP_AUTH`: Enable SRP-based authentication.
|
7564
7569
|
#
|
7565
|
-
# * `ALLOW_REFRESH_TOKEN_AUTH
|
7570
|
+
# * `ALLOW_REFRESH_TOKEN_AUTH`: Enable authflow to refresh tokens.
|
7566
7571
|
#
|
7567
7572
|
# In some environments, you will see the values `ADMIN_NO_SRP_AUTH`,
|
7568
7573
|
# `CUSTOM_AUTH_FLOW_ONLY`, or `USER_PASSWORD_AUTH`. You can't assign
|
@@ -7987,7 +7992,7 @@ module Aws::CognitoIdentityProvider
|
|
7987
7992
|
params: params,
|
7988
7993
|
config: config)
|
7989
7994
|
context[:gem_name] = 'aws-sdk-cognitoidentityprovider'
|
7990
|
-
context[:gem_version] = '1.
|
7995
|
+
context[:gem_version] = '1.74.0'
|
7991
7996
|
Seahorse::Client::Request.new(handlers, context)
|
7992
7997
|
end
|
7993
7998
|
|
@@ -289,12 +289,12 @@ module Aws::CognitoIdentityProvider
|
|
289
289
|
# attribute to `True`. You can also do this by calling
|
290
290
|
# [AdminUpdateUserAttributes][1].
|
291
291
|
#
|
292
|
-
# * **email
|
292
|
+
# * **email**: The email address of the user to whom the message that
|
293
293
|
# contains the code and username will be sent. Required if the
|
294
294
|
# `email_verified` attribute is set to `True`, or if `"EMAIL"` is
|
295
295
|
# specified in the `DesiredDeliveryMediums` parameter.
|
296
296
|
#
|
297
|
-
# * **phone\_number
|
297
|
+
# * **phone\_number**: The phone number of the user to whom the
|
298
298
|
# message that contains the code and username will be sent. Required
|
299
299
|
# if the `phone_number_verified` attribute is set to `True`, or if
|
300
300
|
# `"SMS"` is specified in the `DesiredDeliveryMediums` parameter.
|
@@ -752,20 +752,20 @@ module Aws::CognitoIdentityProvider
|
|
752
752
|
#
|
753
753
|
# Valid values include:
|
754
754
|
#
|
755
|
-
# * `USER_SRP_AUTH
|
755
|
+
# * `USER_SRP_AUTH`: Authentication flow for the Secure Remote
|
756
756
|
# Password (SRP) protocol.
|
757
757
|
#
|
758
|
-
# * `REFRESH_TOKEN_AUTH`/`REFRESH_TOKEN
|
758
|
+
# * `REFRESH_TOKEN_AUTH`/`REFRESH_TOKEN`: Authentication flow for
|
759
759
|
# refreshing the access token and ID token by supplying a valid
|
760
760
|
# refresh token.
|
761
761
|
#
|
762
|
-
# * `CUSTOM_AUTH
|
762
|
+
# * `CUSTOM_AUTH`: Custom authentication flow.
|
763
763
|
#
|
764
|
-
# * `ADMIN_NO_SRP_AUTH
|
764
|
+
# * `ADMIN_NO_SRP_AUTH`: Non-SRP authentication flow; you can pass in
|
765
765
|
# the USERNAME and PASSWORD directly if the flow is enabled for
|
766
766
|
# calling the app client.
|
767
767
|
#
|
768
|
-
# * `ADMIN_USER_PASSWORD_AUTH
|
768
|
+
# * `ADMIN_USER_PASSWORD_AUTH`: Admin-based user password
|
769
769
|
# authentication. This replaces the `ADMIN_NO_SRP_AUTH`
|
770
770
|
# authentication flow. In this flow, Amazon Cognito receives the
|
771
771
|
# password in the request instead of using the SRP process to verify
|
@@ -775,21 +775,21 @@ module Aws::CognitoIdentityProvider
|
|
775
775
|
# @!attribute [rw] auth_parameters
|
776
776
|
# The authentication parameters. These are inputs corresponding to the
|
777
777
|
# `AuthFlow` that you're invoking. The required values depend on the
|
778
|
-
# value of `AuthFlow
|
778
|
+
# value of `AuthFlow`:
|
779
779
|
#
|
780
|
-
# * For `USER_SRP_AUTH
|
780
|
+
# * For `USER_SRP_AUTH`: `USERNAME` (required), `SRP_A` (required),
|
781
781
|
# `SECRET_HASH` (required if the app client is configured with a
|
782
782
|
# client secret), `DEVICE_KEY`.
|
783
783
|
#
|
784
|
-
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN
|
784
|
+
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN`: `REFRESH_TOKEN`
|
785
785
|
# (required), `SECRET_HASH` (required if the app client is
|
786
786
|
# configured with a client secret), `DEVICE_KEY`.
|
787
787
|
#
|
788
|
-
# * For `ADMIN_NO_SRP_AUTH
|
788
|
+
# * For `ADMIN_NO_SRP_AUTH`: `USERNAME` (required), `SECRET_HASH` (if
|
789
789
|
# app client is configured with client secret), `PASSWORD`
|
790
790
|
# (required), `DEVICE_KEY`.
|
791
791
|
#
|
792
|
-
# * For `CUSTOM_AUTH
|
792
|
+
# * For `CUSTOM_AUTH`: `USERNAME` (required), `SECRET_HASH` (if app
|
793
793
|
# client is configured with client secret), `DEVICE_KEY`. To start
|
794
794
|
# the authentication flow with password verification, include
|
795
795
|
# `ChallengeName: SRP_A` and `SRP_A: (The SRP_A Value)`.
|
@@ -892,38 +892,38 @@ module Aws::CognitoIdentityProvider
|
|
892
892
|
# This is returned in the `AdminInitiateAuth` response if you must
|
893
893
|
# pass another challenge.
|
894
894
|
#
|
895
|
-
# * `MFA_SETUP
|
895
|
+
# * `MFA_SETUP`: If MFA is required, users who don't have at least
|
896
896
|
# one of the MFA methods set up are presented with an `MFA_SETUP`
|
897
897
|
# challenge. The user must set up at least one MFA type to continue
|
898
898
|
# to authenticate.
|
899
899
|
#
|
900
|
-
# * `SELECT_MFA_TYPE
|
900
|
+
# * `SELECT_MFA_TYPE`: Selects the MFA type. Valid MFA options are
|
901
901
|
# `SMS_MFA` for text SMS MFA, and `SOFTWARE_TOKEN_MFA` for
|
902
902
|
# time-based one-time password (TOTP) software token MFA.
|
903
903
|
#
|
904
|
-
# * `SMS_MFA
|
904
|
+
# * `SMS_MFA`: Next challenge is to supply an `SMS_MFA_CODE`,
|
905
905
|
# delivered via SMS.
|
906
906
|
#
|
907
|
-
# * `PASSWORD_VERIFIER
|
907
|
+
# * `PASSWORD_VERIFIER`: Next challenge is to supply
|
908
908
|
# `PASSWORD_CLAIM_SIGNATURE`, `PASSWORD_CLAIM_SECRET_BLOCK`, and
|
909
909
|
# `TIMESTAMP` after the client-side SRP calculations.
|
910
910
|
#
|
911
|
-
# * `CUSTOM_CHALLENGE
|
912
|
-
#
|
913
|
-
#
|
911
|
+
# * `CUSTOM_CHALLENGE`: This is returned if your custom authentication
|
912
|
+
# flow determines that the user should pass another challenge before
|
913
|
+
# tokens are issued.
|
914
914
|
#
|
915
|
-
# * `DEVICE_SRP_AUTH
|
915
|
+
# * `DEVICE_SRP_AUTH`: If device tracking was activated in your user
|
916
916
|
# pool and the previous challenges were passed, this challenge is
|
917
917
|
# returned so that Amazon Cognito can start tracking this device.
|
918
918
|
#
|
919
|
-
# * `DEVICE_PASSWORD_VERIFIER
|
919
|
+
# * `DEVICE_PASSWORD_VERIFIER`: Similar to `PASSWORD_VERIFIER`, but
|
920
920
|
# for devices only.
|
921
921
|
#
|
922
|
-
# * `ADMIN_NO_SRP_AUTH
|
922
|
+
# * `ADMIN_NO_SRP_AUTH`: This is returned if you must authenticate
|
923
923
|
# with `USERNAME` and `PASSWORD` directly. An app client must be
|
924
924
|
# enabled to use this flow.
|
925
925
|
#
|
926
|
-
# * `NEW_PASSWORD_REQUIRED
|
926
|
+
# * `NEW_PASSWORD_REQUIRED`: For users who are required to change
|
927
927
|
# their passwords after successful first login. Respond to this
|
928
928
|
# challenge with `NEW_PASSWORD` and any required attributes that
|
929
929
|
# Amazon Cognito returned in the `requiredAttributes` parameter. You
|
@@ -940,7 +940,7 @@ module Aws::CognitoIdentityProvider
|
|
940
940
|
#
|
941
941
|
# </note>
|
942
942
|
#
|
943
|
-
# * `MFA_SETUP
|
943
|
+
# * `MFA_SETUP`: For users who are required to set up an MFA factor
|
944
944
|
# before they can sign in. The MFA types activated for the user pool
|
945
945
|
# will be listed in the challenge parameters `MFA_CAN_SETUP` value.
|
946
946
|
#
|
@@ -1321,10 +1321,10 @@ module Aws::CognitoIdentityProvider
|
|
1321
1321
|
# The challenge responses. These are inputs corresponding to the value
|
1322
1322
|
# of `ChallengeName`, for example:
|
1323
1323
|
#
|
1324
|
-
# * `SMS_MFA
|
1324
|
+
# * `SMS_MFA`: `SMS_MFA_CODE`, `USERNAME`, `SECRET_HASH` (if app
|
1325
1325
|
# client is configured with client secret).
|
1326
1326
|
#
|
1327
|
-
# * `PASSWORD_VERIFIER
|
1327
|
+
# * `PASSWORD_VERIFIER`: `PASSWORD_CLAIM_SIGNATURE`,
|
1328
1328
|
# `PASSWORD_CLAIM_SECRET_BLOCK`, `TIMESTAMP`, `USERNAME`,
|
1329
1329
|
# `SECRET_HASH` (if app client is configured with client secret).
|
1330
1330
|
#
|
@@ -1333,12 +1333,12 @@ module Aws::CognitoIdentityProvider
|
|
1333
1333
|
#
|
1334
1334
|
# </note>
|
1335
1335
|
#
|
1336
|
-
# * `ADMIN_NO_SRP_AUTH
|
1337
|
-
#
|
1336
|
+
# * `ADMIN_NO_SRP_AUTH`: `PASSWORD`, `USERNAME`, `SECRET_HASH` (if app
|
1337
|
+
# client is configured with client secret).
|
1338
1338
|
#
|
1339
|
-
# * `NEW_PASSWORD_REQUIRED
|
1340
|
-
#
|
1341
|
-
#
|
1339
|
+
# * `NEW_PASSWORD_REQUIRED`: `NEW_PASSWORD`, `USERNAME`, `SECRET_HASH`
|
1340
|
+
# (if app client is configured with client secret). To set any
|
1341
|
+
# required attributes that Amazon Cognito returned as
|
1342
1342
|
# `requiredAttributes` in the `AdminInitiateAuth` response, add a
|
1343
1343
|
# `userAttributes.attributename ` parameter. This parameter can also
|
1344
1344
|
# set values for writable attributes that aren't required by your
|
@@ -2849,23 +2849,23 @@ module Aws::CognitoIdentityProvider
|
|
2849
2849
|
#
|
2850
2850
|
# Valid values include:
|
2851
2851
|
#
|
2852
|
-
# * `ALLOW_ADMIN_USER_PASSWORD_AUTH
|
2853
|
-
#
|
2854
|
-
#
|
2855
|
-
#
|
2856
|
-
#
|
2857
|
-
#
|
2852
|
+
# * `ALLOW_ADMIN_USER_PASSWORD_AUTH`: Enable admin based user password
|
2853
|
+
# authentication flow `ADMIN_USER_PASSWORD_AUTH`. This setting
|
2854
|
+
# replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication
|
2855
|
+
# flow, your app passes a user name and password to Amazon Cognito
|
2856
|
+
# in the request, instead of using the Secure Remote Password (SRP)
|
2857
|
+
# protocol to securely transmit the password.
|
2858
2858
|
#
|
2859
|
-
# * `ALLOW_CUSTOM_AUTH
|
2859
|
+
# * `ALLOW_CUSTOM_AUTH`: Enable Lambda trigger based authentication.
|
2860
2860
|
#
|
2861
|
-
# * `ALLOW_USER_PASSWORD_AUTH
|
2861
|
+
# * `ALLOW_USER_PASSWORD_AUTH`: Enable user password-based
|
2862
2862
|
# authentication. In this flow, Amazon Cognito receives the password
|
2863
2863
|
# in the request instead of using the SRP protocol to verify
|
2864
2864
|
# passwords.
|
2865
2865
|
#
|
2866
|
-
# * `ALLOW_USER_SRP_AUTH
|
2866
|
+
# * `ALLOW_USER_SRP_AUTH`: Enable SRP-based authentication.
|
2867
2867
|
#
|
2868
|
-
# * `ALLOW_REFRESH_TOKEN_AUTH
|
2868
|
+
# * `ALLOW_REFRESH_TOKEN_AUTH`: Enable authflow to refresh tokens.
|
2869
2869
|
#
|
2870
2870
|
# In some environments, you will see the values `ADMIN_NO_SRP_AUTH`,
|
2871
2871
|
# `CUSTOM_AUTH_FLOW_ONLY`, or `USER_PASSWORD_AUTH`. You can't assign
|
@@ -4966,16 +4966,16 @@ module Aws::CognitoIdentityProvider
|
|
4966
4966
|
#
|
4967
4967
|
# Valid values include:
|
4968
4968
|
#
|
4969
|
-
# * `USER_SRP_AUTH
|
4969
|
+
# * `USER_SRP_AUTH`: Authentication flow for the Secure Remote
|
4970
4970
|
# Password (SRP) protocol.
|
4971
4971
|
#
|
4972
|
-
# * `REFRESH_TOKEN_AUTH`/`REFRESH_TOKEN
|
4972
|
+
# * `REFRESH_TOKEN_AUTH`/`REFRESH_TOKEN`: Authentication flow for
|
4973
4973
|
# refreshing the access token and ID token by supplying a valid
|
4974
4974
|
# refresh token.
|
4975
4975
|
#
|
4976
|
-
# * `CUSTOM_AUTH
|
4976
|
+
# * `CUSTOM_AUTH`: Custom authentication flow.
|
4977
4977
|
#
|
4978
|
-
# * `USER_PASSWORD_AUTH
|
4978
|
+
# * `USER_PASSWORD_AUTH`: Non-SRP authentication flow; user name and
|
4979
4979
|
# password are passed directly. If a user migration Lambda trigger
|
4980
4980
|
# is set, this flow will invoke the user migration Lambda if it
|
4981
4981
|
# doesn't find the user name in the user pool.
|
@@ -4986,17 +4986,17 @@ module Aws::CognitoIdentityProvider
|
|
4986
4986
|
# @!attribute [rw] auth_parameters
|
4987
4987
|
# The authentication parameters. These are inputs corresponding to the
|
4988
4988
|
# `AuthFlow` that you're invoking. The required values depend on the
|
4989
|
-
# value of `AuthFlow
|
4989
|
+
# value of `AuthFlow`:
|
4990
4990
|
#
|
4991
|
-
# * For `USER_SRP_AUTH
|
4991
|
+
# * For `USER_SRP_AUTH`: `USERNAME` (required), `SRP_A` (required),
|
4992
4992
|
# `SECRET_HASH` (required if the app client is configured with a
|
4993
4993
|
# client secret), `DEVICE_KEY`.
|
4994
4994
|
#
|
4995
|
-
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN
|
4995
|
+
# * For `REFRESH_TOKEN_AUTH/REFRESH_TOKEN`: `REFRESH_TOKEN`
|
4996
4996
|
# (required), `SECRET_HASH` (required if the app client is
|
4997
4997
|
# configured with a client secret), `DEVICE_KEY`.
|
4998
4998
|
#
|
4999
|
-
# * For `CUSTOM_AUTH
|
4999
|
+
# * For `CUSTOM_AUTH`: `USERNAME` (required), `SECRET_HASH` (if app
|
5000
5000
|
# client is configured with client secret), `DEVICE_KEY`. To start
|
5001
5001
|
# the authentication flow with password verification, include
|
5002
5002
|
# `ChallengeName: SRP_A` and `SRP_A: (The SRP_A Value)`.
|
@@ -5109,25 +5109,25 @@ module Aws::CognitoIdentityProvider
|
|
5109
5109
|
#
|
5110
5110
|
# </note>
|
5111
5111
|
#
|
5112
|
-
# * `SMS_MFA
|
5112
|
+
# * `SMS_MFA`: Next challenge is to supply an `SMS_MFA_CODE`,
|
5113
5113
|
# delivered via SMS.
|
5114
5114
|
#
|
5115
|
-
# * `PASSWORD_VERIFIER
|
5115
|
+
# * `PASSWORD_VERIFIER`: Next challenge is to supply
|
5116
5116
|
# `PASSWORD_CLAIM_SIGNATURE`, `PASSWORD_CLAIM_SECRET_BLOCK`, and
|
5117
5117
|
# `TIMESTAMP` after the client-side SRP calculations.
|
5118
5118
|
#
|
5119
|
-
# * `CUSTOM_CHALLENGE
|
5120
|
-
#
|
5121
|
-
#
|
5119
|
+
# * `CUSTOM_CHALLENGE`: This is returned if your custom authentication
|
5120
|
+
# flow determines that the user should pass another challenge before
|
5121
|
+
# tokens are issued.
|
5122
5122
|
#
|
5123
|
-
# * `DEVICE_SRP_AUTH
|
5123
|
+
# * `DEVICE_SRP_AUTH`: If device tracking was activated on your user
|
5124
5124
|
# pool and the previous challenges were passed, this challenge is
|
5125
5125
|
# returned so that Amazon Cognito can start tracking this device.
|
5126
5126
|
#
|
5127
|
-
# * `DEVICE_PASSWORD_VERIFIER
|
5127
|
+
# * `DEVICE_PASSWORD_VERIFIER`: Similar to `PASSWORD_VERIFIER`, but
|
5128
5128
|
# for devices only.
|
5129
5129
|
#
|
5130
|
-
# * `NEW_PASSWORD_REQUIRED
|
5130
|
+
# * `NEW_PASSWORD_REQUIRED`: For users who are required to change
|
5131
5131
|
# their passwords after successful first login.
|
5132
5132
|
#
|
5133
5133
|
# Respond to this challenge with `NEW_PASSWORD` and any required
|
@@ -5146,7 +5146,7 @@ module Aws::CognitoIdentityProvider
|
|
5146
5146
|
#
|
5147
5147
|
# </note>
|
5148
5148
|
#
|
5149
|
-
# * `MFA_SETUP
|
5149
|
+
# * `MFA_SETUP`: For users who are required to setup an MFA factor
|
5150
5150
|
# before they can sign in. The MFA types activated for the user pool
|
5151
5151
|
# will be listed in the challenge parameters `MFA_CAN_SETUP` value.
|
5152
5152
|
#
|
@@ -5842,14 +5842,14 @@ module Aws::CognitoIdentityProvider
|
|
5842
5842
|
# must be escaped using the backslash (\\) character. For example,
|
5843
5843
|
# "`family_name` = \\"Reddy\\"".
|
5844
5844
|
#
|
5845
|
-
# * *AttributeName
|
5845
|
+
# * *AttributeName*: The name of the attribute to search for. You can
|
5846
5846
|
# only search for one attribute at a time.
|
5847
5847
|
#
|
5848
|
-
# * *Filter-Type
|
5848
|
+
# * *Filter-Type*: For an exact match, use =, for example,
|
5849
5849
|
# "`given_name` = \\"Jon\\"". For a prefix ("starts with")
|
5850
5850
|
# match, use ^=, for example, "`given_name` ^= \\"Jon\\"".
|
5851
5851
|
#
|
5852
|
-
# * *AttributeValue
|
5852
|
+
# * *AttributeValue*: The attribute value that must be matched for
|
5853
5853
|
# each user.
|
5854
5854
|
#
|
5855
5855
|
# If the filter string is empty, `ListUsers` returns all users in the
|
@@ -6489,9 +6489,9 @@ module Aws::CognitoIdentityProvider
|
|
6489
6489
|
#
|
6490
6490
|
# </note>
|
6491
6491
|
#
|
6492
|
-
# * `SMS_MFA
|
6492
|
+
# * `SMS_MFA`: `SMS_MFA_CODE`, `USERNAME`.
|
6493
6493
|
#
|
6494
|
-
# * `PASSWORD_VERIFIER
|
6494
|
+
# * `PASSWORD_VERIFIER`: `PASSWORD_CLAIM_SIGNATURE`,
|
6495
6495
|
# `PASSWORD_CLAIM_SECRET_BLOCK`, `TIMESTAMP`, `USERNAME`.
|
6496
6496
|
#
|
6497
6497
|
# <note markdown="1"> `PASSWORD_VERIFIER` requires `DEVICE_KEY` when you sign in with a
|
@@ -6499,9 +6499,9 @@ module Aws::CognitoIdentityProvider
|
|
6499
6499
|
#
|
6500
6500
|
# </note>
|
6501
6501
|
#
|
6502
|
-
# * `NEW_PASSWORD_REQUIRED
|
6503
|
-
#
|
6504
|
-
#
|
6502
|
+
# * `NEW_PASSWORD_REQUIRED`: `NEW_PASSWORD`, `USERNAME`, `SECRET_HASH`
|
6503
|
+
# (if app client is configured with client secret). To set any
|
6504
|
+
# required attributes that Amazon Cognito returned as
|
6505
6505
|
# `requiredAttributes` in the `InitiateAuth` response, add a
|
6506
6506
|
# `userAttributes.attributename ` parameter. This parameter can also
|
6507
6507
|
# set values for writable attributes that aren't required by your
|
@@ -6516,8 +6516,8 @@ module Aws::CognitoIdentityProvider
|
|
6516
6516
|
#
|
6517
6517
|
# </note>
|
6518
6518
|
#
|
6519
|
-
# * `SOFTWARE_TOKEN_MFA
|
6520
|
-
#
|
6519
|
+
# * `SOFTWARE_TOKEN_MFA`: `USERNAME` and `SOFTWARE_TOKEN_MFA_CODE` are
|
6520
|
+
# required attributes.
|
6521
6521
|
#
|
6522
6522
|
# * `DEVICE_SRP_AUTH` requires `USERNAME`, `DEVICE_KEY`, `SRP_A` (and
|
6523
6523
|
# `SECRET_HASH`).
|
@@ -8046,23 +8046,23 @@ module Aws::CognitoIdentityProvider
|
|
8046
8046
|
#
|
8047
8047
|
# Valid values include:
|
8048
8048
|
#
|
8049
|
-
# * `ALLOW_ADMIN_USER_PASSWORD_AUTH
|
8050
|
-
#
|
8051
|
-
#
|
8052
|
-
#
|
8053
|
-
#
|
8054
|
-
#
|
8049
|
+
# * `ALLOW_ADMIN_USER_PASSWORD_AUTH`: Enable admin based user password
|
8050
|
+
# authentication flow `ADMIN_USER_PASSWORD_AUTH`. This setting
|
8051
|
+
# replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication
|
8052
|
+
# flow, your app passes a user name and password to Amazon Cognito
|
8053
|
+
# in the request, instead of using the Secure Remote Password (SRP)
|
8054
|
+
# protocol to securely transmit the password.
|
8055
8055
|
#
|
8056
|
-
# * `ALLOW_CUSTOM_AUTH
|
8056
|
+
# * `ALLOW_CUSTOM_AUTH`: Enable Lambda trigger based authentication.
|
8057
8057
|
#
|
8058
|
-
# * `ALLOW_USER_PASSWORD_AUTH
|
8058
|
+
# * `ALLOW_USER_PASSWORD_AUTH`: Enable user password-based
|
8059
8059
|
# authentication. In this flow, Amazon Cognito receives the password
|
8060
8060
|
# in the request instead of using the SRP protocol to verify
|
8061
8061
|
# passwords.
|
8062
8062
|
#
|
8063
|
-
# * `ALLOW_USER_SRP_AUTH
|
8063
|
+
# * `ALLOW_USER_SRP_AUTH`: Enable SRP-based authentication.
|
8064
8064
|
#
|
8065
|
-
# * `ALLOW_REFRESH_TOKEN_AUTH
|
8065
|
+
# * `ALLOW_REFRESH_TOKEN_AUTH`: Enable authflow to refresh tokens.
|
8066
8066
|
#
|
8067
8067
|
# In some environments, you will see the values `ADMIN_NO_SRP_AUTH`,
|
8068
8068
|
# `CUSTOM_AUTH_FLOW_ONLY`, or `USER_PASSWORD_AUTH`. You can't assign
|
@@ -8894,23 +8894,23 @@ module Aws::CognitoIdentityProvider
|
|
8894
8894
|
#
|
8895
8895
|
# Valid values include:
|
8896
8896
|
#
|
8897
|
-
# * `ALLOW_ADMIN_USER_PASSWORD_AUTH
|
8898
|
-
#
|
8899
|
-
#
|
8900
|
-
#
|
8901
|
-
#
|
8902
|
-
#
|
8897
|
+
# * `ALLOW_ADMIN_USER_PASSWORD_AUTH`: Enable admin based user password
|
8898
|
+
# authentication flow `ADMIN_USER_PASSWORD_AUTH`. This setting
|
8899
|
+
# replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication
|
8900
|
+
# flow, your app passes a user name and password to Amazon Cognito
|
8901
|
+
# in the request, instead of using the Secure Remote Password (SRP)
|
8902
|
+
# protocol to securely transmit the password.
|
8903
8903
|
#
|
8904
|
-
# * `ALLOW_CUSTOM_AUTH
|
8904
|
+
# * `ALLOW_CUSTOM_AUTH`: Enable Lambda trigger based authentication.
|
8905
8905
|
#
|
8906
|
-
# * `ALLOW_USER_PASSWORD_AUTH
|
8906
|
+
# * `ALLOW_USER_PASSWORD_AUTH`: Enable user password-based
|
8907
8907
|
# authentication. In this flow, Amazon Cognito receives the password
|
8908
8908
|
# in the request instead of using the SRP protocol to verify
|
8909
8909
|
# passwords.
|
8910
8910
|
#
|
8911
|
-
# * `ALLOW_USER_SRP_AUTH
|
8911
|
+
# * `ALLOW_USER_SRP_AUTH`: Enable SRP-based authentication.
|
8912
8912
|
#
|
8913
|
-
# * `ALLOW_REFRESH_TOKEN_AUTH
|
8913
|
+
# * `ALLOW_REFRESH_TOKEN_AUTH`: Enable authflow to refresh tokens.
|
8914
8914
|
#
|
8915
8915
|
# In some environments, you will see the values `ADMIN_NO_SRP_AUTH`,
|
8916
8916
|
# `CUSTOM_AUTH_FLOW_ONLY`, or `USER_PASSWORD_AUTH`. You can't assign
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-cognitoidentityprovider
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.74.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-05-31 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: '3'
|
20
20
|
- - ">="
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: 3.
|
22
|
+
version: 3.174.0
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: '3'
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.
|
32
|
+
version: 3.174.0
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: aws-sigv4
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|