@aws-sdk/client-cognito-identity-provider 3.473.0 → 3.476.0

package/dist-types/models/models_1.d.ts

@@ -1,6 +1,52 @@
 import { ExceptionOptionType as __ExceptionOptionType } from "@smithy/smithy-client";
 import { CognitoIdentityProviderServiceException as __BaseException } from "./CognitoIdentityProviderServiceException";
-import { AccountRecoverySettingType, AdminCreateUserConfigType, AnalyticsConfigurationType, AnalyticsMetadataType, AttributeType, CodeDeliveryDetailsType, CustomDomainConfigType, DeletionProtectionType, DeviceConfigurationType, DeviceRememberedStatusType, EmailConfigurationType, ExplicitAuthFlowsType, FeedbackValueType, GroupType, IdentityProviderType, LambdaConfigType, MFAOptionType, OAuthFlowType, PreventUserExistenceErrorTypes, ResourceServerScopeType, ResourceServerType, RiskConfigurationType, SmsConfigurationType, SmsMfaConfigType, SMSMfaSettingsType, SoftwareTokenMfaConfigType, SoftwareTokenMfaSettingsType, TokenValidityUnitsType, UICustomizationType, UserAttributeUpdateSettingsType, UserContextDataType, UserImportJobType, UserPoolAddOnsType, UserPoolClientType, UserPoolMfaType, UserPoolPolicyType, VerificationMessageTemplateType, VerifiedAttributeType } from "./models_0";
+import { AccountRecoverySettingType, AccountTakeoverRiskConfigurationType, AdminCreateUserConfigType, AnalyticsConfigurationType, AnalyticsMetadataType, AttributeType, CodeDeliveryDetailsType, CompromisedCredentialsRiskConfigurationType, CustomDomainConfigType, DeletionProtectionType, DeviceConfigurationType, DeviceRememberedStatusType, EmailConfigurationType, ExplicitAuthFlowsType, FeedbackValueType, GroupType, IdentityProviderType, LambdaConfigType, LogDeliveryConfigurationType, MFAOptionType, OAuthFlowType, PreventUserExistenceErrorTypes, ResourceServerScopeType, ResourceServerType, RiskConfigurationType, RiskExceptionConfigurationType, SmsConfigurationType, SmsMfaConfigType, SMSMfaSettingsType, SoftwareTokenMfaConfigType, SoftwareTokenMfaSettingsType, TokenValidityUnitsType, UICustomizationType, UserAttributeUpdateSettingsType, UserContextDataType, UserImportJobType, UserPoolAddOnsType, UserPoolClientType, UserPoolMfaType, UserPoolPolicyType, VerificationMessageTemplateType, VerifiedAttributeType } from "./models_0";
+/**
+ * @public
+ */
+export interface SetLogDeliveryConfigurationResponse {
+    /**
+     * @public
+     * <p>The detailed activity logging configuration that you applied to the requested user
+     *             pool.</p>
+     */
+    LogDeliveryConfiguration?: LogDeliveryConfigurationType;
+}
+/**
+ * @public
+ */
+export interface SetRiskConfigurationRequest {
+    /**
+     * @public
+     * <p>The user pool ID. </p>
+     */
+    UserPoolId: string | undefined;
+    /**
+     * @public
+     * <p>The app client ID. If <code>ClientId</code> is null, then the risk configuration is
+     *             mapped to <code>userPoolId</code>. When the client ID is null, the same risk
+     *             configuration is applied to all the clients in the userPool.</p>
+     *          <p>Otherwise, <code>ClientId</code> is mapped to the client. When the client ID isn't
+     *             null, the user pool configuration is overridden and the risk configuration for the
+     *             client is used instead.</p>
+     */
+    ClientId?: string;
+    /**
+     * @public
+     * <p>The compromised credentials risk configuration.</p>
+     */
+    CompromisedCredentialsRiskConfiguration?: CompromisedCredentialsRiskConfigurationType;
+    /**
+     * @public
+     * <p>The account takeover risk configuration.</p>
+     */
+    AccountTakeoverRiskConfiguration?: AccountTakeoverRiskConfigurationType;
+    /**
+     * @public
+     * <p>The configuration to override the risk decision.</p>
+     */
+    RiskExceptionConfiguration?: RiskExceptionConfigurationType;
+}
 /**
  * @public
  */
@@ -191,7 +237,8 @@ export interface SignUpRequest {
     SecretHash?: string;
     /**
      * @public
-     * <p>The user name of the user you want to register.</p>
+     * <p>The username of the user that you want to sign up. The value of this parameter is
+     *             typically a username, but can be any alias attribute in your user pool.</p>
      */
     Username: string | undefined;
     /**
@@ -208,7 +255,15 @@ export interface SignUpRequest {
     UserAttributes?: AttributeType[];
     /**
      * @public
-     * <p>The validation data in the request to register a user.</p>
+     * <p>Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda
+     *             trigger. This set of key-value pairs are for custom validation of information that you
+     *             collect from your users but don't need to retain.</p>
+     *          <p>Your Lambda function can analyze this additional data and act on it. Your function
+     *             might perform external API operations like logging user attributes and validation data
+     *             to Amazon CloudWatch Logs. Validation data might also affect the response that your function returns
+     *             to Amazon Cognito, like automatically confirming the user if they sign up from within your
+     *             network.</p>
+     *          <p>For more information about the pre sign-up Lambda trigger, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html">Pre sign-up Lambda trigger</a>.</p>
      */
     ValidationData?: AttributeType[];
     /**
@@ -392,7 +447,9 @@ export interface UpdateAuthEventFeedbackRequest {
     UserPoolId: string | undefined;
     /**
      * @public
-     * <p>The user pool username.</p>
+     * <p>The username of the user that you want to query or modify. The value of this parameter is typically your user's
+     * username, but it can be any of their alias attributes. If <code>username</code> isn't an alias attribute in
+     * your user pool, you can also use their <code>sub</code> in this request.</p>
      */
     Username: string | undefined;
     /**
@@ -874,12 +931,41 @@ export interface UpdateUserPoolClientRequest {
     TokenValidityUnits?: TokenValidityUnitsType;
     /**
      * @public
-     * <p>The read-only attributes of the user pool.</p>
+     * <p>The list of user attributes that you want your app client to have read-only access to.
+     *             After your user authenticates in your app, their access token authorizes them to read
+     *             their own attribute value for any attribute in this list. An example of this kind of
+     *             activity is when your user selects a link to view their profile information. Your app
+     *             makes a <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html">GetUser</a> API request to retrieve and display your user's profile
+     *             data.</p>
+     *          <p>When you don't specify the <code>ReadAttributes</code> for your app client, your
+     *             app can read the values of <code>email_verified</code>,
+     *                 <code>phone_number_verified</code>, and the Standard attributes of your user pool.
+     *             When your user pool has read access to these default attributes,
+     *                 <code>ReadAttributes</code> doesn't return any information. Amazon Cognito only
+     *             populates <code>ReadAttributes</code> in the API response if you have specified your own
+     *             custom set of read attributes.</p>
      */
     ReadAttributes?: string[];
     /**
      * @public
-     * <p>The writeable attributes of the user pool.</p>
+     * <p>The list of user attributes that you want your app client to have write access to.
+     *             After your user authenticates in your app, their access token authorizes them to set or
+     *             modify their own attribute value for any attribute in this list. An example of this kind
+     *             of activity is when you present your user with a form to update their profile
+     *             information and they change their last name. Your app then makes an <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html">UpdateUserAttributes</a> API request and sets <code>family_name</code> to the
+     *             new value. </p>
+     *          <p>When you don't specify the <code>WriteAttributes</code> for your app client, your
+     *             app can write the values of the Standard attributes of your user pool. When your user
+     *             pool has write access to these default attributes, <code>WriteAttributes</code>
+     *             doesn't return any information. Amazon Cognito only populates
+     *                 <code>WriteAttributes</code> in the API response if you have specified your own
+     *             custom set of write attributes.</p>
+     *          <p>If your app client allows users to sign in through an IdP, this array must include all
+     *             attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when
+     *             users sign in to your application through an IdP. If your app client does not have write
+     *             access to a mapped attribute, Amazon Cognito throws an error when it tries to update the
+     *             attribute. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html">Specifying IdP Attribute Mappings for Your user
+     *             pool</a>.</p>
      */
     WriteAttributes?: string[];
     /**
@@ -1253,6 +1339,10 @@ export interface VerifyUserAttributeRequest {
  */
 export interface VerifyUserAttributeResponse {
 }
+/**
+ * @internal
+ */
+export declare const SetRiskConfigurationRequestFilterSensitiveLog: (obj: SetRiskConfigurationRequest) => any;
 /**
  * @internal
  */

package/dist-types/ts3.4/commands/SetLogDeliveryConfigurationCommand.d.ts

@@ -11,10 +11,8 @@ import {
   ServiceInputTypes,
   ServiceOutputTypes,
 } from "../CognitoIdentityProviderClient";
-import {
-  SetLogDeliveryConfigurationRequest,
-  SetLogDeliveryConfigurationResponse,
-} from "../models/models_0";
+import { SetLogDeliveryConfigurationRequest } from "../models/models_0";
+import { SetLogDeliveryConfigurationResponse } from "../models/models_1";
 export { __MetadataBearer, $Command };
 export interface SetLogDeliveryConfigurationCommandInput
   extends SetLogDeliveryConfigurationRequest {}

package/dist-types/ts3.4/commands/SetRiskConfigurationCommand.d.ts

@@ -11,8 +11,10 @@ import {
   ServiceInputTypes,
   ServiceOutputTypes,
 } from "../CognitoIdentityProviderClient";
-import { SetRiskConfigurationRequest } from "../models/models_0";
-import { SetRiskConfigurationResponse } from "../models/models_1";
+import {
+  SetRiskConfigurationRequest,
+  SetRiskConfigurationResponse,
+} from "../models/models_1";
 export { __MetadataBearer, $Command };
 export interface SetRiskConfigurationCommandInput
   extends SetRiskConfigurationRequest {}

package/dist-types/ts3.4/models/models_0.d.ts

@@ -957,6 +957,16 @@ export interface CustomSMSLambdaVersionConfigType {
   LambdaVersion: CustomSMSSenderLambdaVersionType | undefined;
   LambdaArn: string | undefined;
 }
+export declare const PreTokenGenerationLambdaVersionType: {
+  readonly V1_0: "V1_0";
+  readonly V2_0: "V2_0";
+};
+export type PreTokenGenerationLambdaVersionType =
+  (typeof PreTokenGenerationLambdaVersionType)[keyof typeof PreTokenGenerationLambdaVersionType];
+export interface PreTokenGenerationVersionConfigType {
+  LambdaVersion: PreTokenGenerationLambdaVersionType | undefined;
+  LambdaArn: string | undefined;
+}
 export interface LambdaConfigType {
   PreSignUp?: string;
   CustomMessage?: string;
@@ -967,6 +977,7 @@ export interface LambdaConfigType {
   CreateAuthChallenge?: string;
   VerifyAuthChallengeResponse?: string;
   PreTokenGeneration?: string;
+  PreTokenGenerationConfig?: PreTokenGenerationVersionConfigType;
   UserMigration?: string;
   CustomSMSSender?: CustomSMSLambdaVersionConfigType;
   CustomEmailSender?: CustomEmailLambdaVersionConfigType;
@@ -1667,16 +1678,6 @@ export interface SetLogDeliveryConfigurationRequest {
   UserPoolId: string | undefined;
   LogConfigurations: LogConfigurationType[] | undefined;
 }
-export interface SetLogDeliveryConfigurationResponse {
-  LogDeliveryConfiguration?: LogDeliveryConfigurationType;
-}
-export interface SetRiskConfigurationRequest {
-  UserPoolId: string | undefined;
-  ClientId?: string;
-  CompromisedCredentialsRiskConfiguration?: CompromisedCredentialsRiskConfigurationType;
-  AccountTakeoverRiskConfiguration?: AccountTakeoverRiskConfigurationType;
-  RiskExceptionConfiguration?: RiskExceptionConfigurationType;
-}
 export declare const AdminAddUserToGroupRequestFilterSensitiveLog: (
   obj: AdminAddUserToGroupRequest
 ) => any;
@@ -1895,6 +1896,3 @@ export declare const RespondToAuthChallengeResponseFilterSensitiveLog: (
 export declare const RevokeTokenRequestFilterSensitiveLog: (
   obj: RevokeTokenRequest
 ) => any;
-export declare const SetRiskConfigurationRequestFilterSensitiveLog: (
-  obj: SetRiskConfigurationRequest
-) => any;

package/dist-types/ts3.4/models/models_1.d.ts

@@ -2,11 +2,13 @@ import { ExceptionOptionType as __ExceptionOptionType } from "@smithy/smithy-cli
 import { CognitoIdentityProviderServiceException as __BaseException } from "./CognitoIdentityProviderServiceException";
 import {
   AccountRecoverySettingType,
+  AccountTakeoverRiskConfigurationType,
   AdminCreateUserConfigType,
   AnalyticsConfigurationType,
   AnalyticsMetadataType,
   AttributeType,
   CodeDeliveryDetailsType,
+  CompromisedCredentialsRiskConfigurationType,
   CustomDomainConfigType,
   DeletionProtectionType,
   DeviceConfigurationType,
@@ -17,12 +19,14 @@ import {
   GroupType,
   IdentityProviderType,
   LambdaConfigType,
+  LogDeliveryConfigurationType,
   MFAOptionType,
   OAuthFlowType,
   PreventUserExistenceErrorTypes,
   ResourceServerScopeType,
   ResourceServerType,
   RiskConfigurationType,
+  RiskExceptionConfigurationType,
   SmsConfigurationType,
   SmsMfaConfigType,
   SMSMfaSettingsType,
@@ -40,6 +44,16 @@ import {
   VerificationMessageTemplateType,
   VerifiedAttributeType,
 } from "./models_0";
+export interface SetLogDeliveryConfigurationResponse {
+  LogDeliveryConfiguration?: LogDeliveryConfigurationType;
+}
+export interface SetRiskConfigurationRequest {
+  UserPoolId: string | undefined;
+  ClientId?: string;
+  CompromisedCredentialsRiskConfiguration?: CompromisedCredentialsRiskConfigurationType;
+  AccountTakeoverRiskConfiguration?: AccountTakeoverRiskConfigurationType;
+  RiskExceptionConfiguration?: RiskExceptionConfigurationType;
+}
 export interface SetRiskConfigurationResponse {
   RiskConfiguration: RiskConfigurationType | undefined;
 }
@@ -254,6 +268,9 @@ export interface VerifyUserAttributeRequest {
   Code: string | undefined;
 }
 export interface VerifyUserAttributeResponse {}
+export declare const SetRiskConfigurationRequestFilterSensitiveLog: (
+  obj: SetRiskConfigurationRequest
+) => any;
 export declare const SetRiskConfigurationResponseFilterSensitiveLog: (
   obj: SetRiskConfigurationResponse
 ) => any;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-cognito-identity-provider",
   "description": "AWS SDK for JavaScript Cognito Identity Provider Client for Node.js, Browser and React Native",
-  "version": "3.473.0",
+  "version": "3.476.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -20,9 +20,9 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "3.0.0",
     "@aws-crypto/sha256-js": "3.0.0",
-    "@aws-sdk/client-sts": "3.473.0",
-    "@aws-sdk/core": "3.468.0",
-    "@aws-sdk/credential-provider-node": "3.470.0",
+    "@aws-sdk/client-sts": "3.476.0",
+    "@aws-sdk/core": "3.476.0",
+    "@aws-sdk/credential-provider-node": "3.476.0",
     "@aws-sdk/middleware-host-header": "3.468.0",
     "@aws-sdk/middleware-logger": "3.468.0",
     "@aws-sdk/middleware-recursion-detection": "3.468.0",