@aws-sdk/client-cognito-identity-provider 3.693.0 → 3.699.0

package/dist-types/commands/RespondToAuthChallengeCommand.d.ts

@@ -1,8 +1,7 @@
 import { Command as $Command } from "@smithy/smithy-client";
 import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 import { CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../CognitoIdentityProviderClient";
-import { RespondToAuthChallengeRequest } from "../models/models_0";
-import { RespondToAuthChallengeResponse } from "../models/models_1";
+import { RespondToAuthChallengeRequest, RespondToAuthChallengeResponse } from "../models/models_1";
 /**
  * @public
  */
@@ -49,7 +48,7 @@ declare const RespondToAuthChallengeCommand_base: {
  *             Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must
  *             receive SMS messages might not be able to sign up, activate their accounts, or sign
  *             in.</p>
- *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice,
+ *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service,
  *             Amazon Simple Notification Service might place your account in the SMS sandbox. In <i>
  *                   <a href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
  *                     mode</a>
@@ -66,7 +65,7 @@ declare const RespondToAuthChallengeCommand_base: {
  * const client = new CognitoIdentityProviderClient(config);
  * const input = { // RespondToAuthChallengeRequest
  *   ClientId: "STRING_VALUE", // required
- *   ChallengeName: "SMS_MFA" || "EMAIL_OTP" || "SOFTWARE_TOKEN_MFA" || "SELECT_MFA_TYPE" || "MFA_SETUP" || "PASSWORD_VERIFIER" || "CUSTOM_CHALLENGE" || "DEVICE_SRP_AUTH" || "DEVICE_PASSWORD_VERIFIER" || "ADMIN_NO_SRP_AUTH" || "NEW_PASSWORD_REQUIRED", // required
+ *   ChallengeName: "SMS_MFA" || "EMAIL_OTP" || "SOFTWARE_TOKEN_MFA" || "SELECT_MFA_TYPE" || "MFA_SETUP" || "PASSWORD_VERIFIER" || "CUSTOM_CHALLENGE" || "SELECT_CHALLENGE" || "DEVICE_SRP_AUTH" || "DEVICE_PASSWORD_VERIFIER" || "ADMIN_NO_SRP_AUTH" || "NEW_PASSWORD_REQUIRED" || "SMS_OTP" || "PASSWORD" || "WEB_AUTHN" || "PASSWORD_SRP", // required
  *   Session: "STRING_VALUE",
  *   ChallengeResponses: { // ChallengeResponsesType
  *     "<keys>": "STRING_VALUE",
@@ -85,7 +84,7 @@ declare const RespondToAuthChallengeCommand_base: {
  * const command = new RespondToAuthChallengeCommand(input);
  * const response = await client.send(command);
  * // { // RespondToAuthChallengeResponse
- * //   ChallengeName: "SMS_MFA" || "EMAIL_OTP" || "SOFTWARE_TOKEN_MFA" || "SELECT_MFA_TYPE" || "MFA_SETUP" || "PASSWORD_VERIFIER" || "CUSTOM_CHALLENGE" || "DEVICE_SRP_AUTH" || "DEVICE_PASSWORD_VERIFIER" || "ADMIN_NO_SRP_AUTH" || "NEW_PASSWORD_REQUIRED",
+ * //   ChallengeName: "SMS_MFA" || "EMAIL_OTP" || "SOFTWARE_TOKEN_MFA" || "SELECT_MFA_TYPE" || "MFA_SETUP" || "PASSWORD_VERIFIER" || "CUSTOM_CHALLENGE" || "SELECT_CHALLENGE" || "DEVICE_SRP_AUTH" || "DEVICE_PASSWORD_VERIFIER" || "ADMIN_NO_SRP_AUTH" || "NEW_PASSWORD_REQUIRED" || "SMS_OTP" || "PASSWORD" || "WEB_AUTHN" || "PASSWORD_SRP",
  * //   Session: "STRING_VALUE",
  * //   ChallengeParameters: { // ChallengeParametersType
  * //     "<keys>": "STRING_VALUE",
@@ -153,7 +152,7 @@ declare const RespondToAuthChallengeCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link InvalidUserPoolConfigurationException} (client fault)

package/dist-types/commands/SetLogDeliveryConfigurationCommand.d.ts

@@ -84,6 +84,10 @@ declare const SetLogDeliveryConfigurationCommand_base: {
  * @see {@link SetLogDeliveryConfigurationCommandOutput} for command's `response` shape.
  * @see {@link CognitoIdentityProviderClientResolvedConfig | config} for CognitoIdentityProviderClient's `config` shape.
  *
+ * @throws {@link FeatureUnavailableInTierException} (client fault)
+ *  <p>This exception is thrown when a feature you attempted to configure isn't
+ *             available in your current feature plan.</p>
+ *
  * @throws {@link InternalErrorException} (server fault)
  *  <p>This exception is thrown when Amazon Cognito encounters an internal error.</p>
  *

package/dist-types/commands/SetUserPoolMfaConfigCommand.d.ts

@@ -27,7 +27,7 @@ declare const SetUserPoolMfaConfigCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Sets the user pool multi-factor authentication (MFA) configuration.</p>
+ * <p>Sets the user pool multi-factor authentication (MFA) and passkey configuration.</p>
  *          <note>
  *             <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers
  *             require you to register an origination phone number before you can send SMS messages
@@ -36,7 +36,7 @@ declare const SetUserPoolMfaConfigCommand_base: {
  *             Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must
  *             receive SMS messages might not be able to sign up, activate their accounts, or sign
  *             in.</p>
- *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice,
+ *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service,
  *             Amazon Simple Notification Service might place your account in the SMS sandbox. In <i>
  *                   <a href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
  *                     mode</a>
@@ -69,6 +69,10 @@ declare const SetUserPoolMfaConfigCommand_base: {
  *     Subject: "STRING_VALUE",
  *   },
  *   MfaConfiguration: "OFF" || "ON" || "OPTIONAL",
+ *   WebAuthnConfiguration: { // WebAuthnConfigurationType
+ *     RelyingPartyId: "STRING_VALUE",
+ *     UserVerification: "required" || "preferred",
+ *   },
  * };
  * const command = new SetUserPoolMfaConfigCommand(input);
  * const response = await client.send(command);
@@ -89,6 +93,10 @@ declare const SetUserPoolMfaConfigCommand_base: {
  * //     Subject: "STRING_VALUE",
  * //   },
  * //   MfaConfiguration: "OFF" || "ON" || "OPTIONAL",
+ * //   WebAuthnConfiguration: { // WebAuthnConfigurationType
+ * //     RelyingPartyId: "STRING_VALUE",
+ * //     UserVerification: "required" || "preferred",
+ * //   },
  * // };
  *
  * ```
@@ -103,6 +111,10 @@ declare const SetUserPoolMfaConfigCommand_base: {
  *  <p>This exception is thrown if two or more modifications are happening
  *             concurrently.</p>
  *
+ * @throws {@link FeatureUnavailableInTierException} (client fault)
+ *  <p>This exception is thrown when a feature you attempted to configure isn't
+ *             available in your current feature plan.</p>
+ *
  * @throws {@link InternalErrorException} (server fault)
  *  <p>This exception is thrown when Amazon Cognito encounters an internal error.</p>
  *
@@ -117,7 +129,7 @@ declare const SetUserPoolMfaConfigCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link NotAuthorizedException} (client fault)

package/dist-types/commands/SignUpCommand.d.ts

@@ -43,7 +43,7 @@ declare const SignUpCommand_base: {
  *             Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must
  *             receive SMS messages might not be able to sign up, activate their accounts, or sign
  *             in.</p>
- *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice,
+ *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service,
  *             Amazon Simple Notification Service might place your account in the SMS sandbox. In <i>
  *                   <a href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
  *                     mode</a>
@@ -52,6 +52,13 @@ declare const SignUpCommand_base: {
  *             of the sandbox and into production. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito
  *                 Developer Guide</i>.</p>
  *          </note>
+ *          <p>You might receive a <code>LimitExceeded</code> exception in response to this request
+ *             if you have exceeded a rate quota for email or SMS messages, and if your user pool
+ *             automatically verifies email addresses or phone numbers. When you get this exception in
+ *             the response, the user is successfully created and is in an <code>UNCONFIRMED</code>
+ *             state. You can send a new code with the <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ResendConfirmationCode.html"> ResendConfirmationCode</a> request, or confirm the user as an administrator
+ *             with an <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminConfirmSignUp.html">
+ *                 AdminConfirmSignUp</a> request.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -62,7 +69,7 @@ declare const SignUpCommand_base: {
  *   ClientId: "STRING_VALUE", // required
  *   SecretHash: "STRING_VALUE",
  *   Username: "STRING_VALUE", // required
- *   Password: "STRING_VALUE", // required
+ *   Password: "STRING_VALUE",
  *   UserAttributes: [ // AttributeListType
  *     { // AttributeType
  *       Name: "STRING_VALUE", // required
@@ -96,6 +103,7 @@ declare const SignUpCommand_base: {
  * //     AttributeName: "STRING_VALUE",
  * //   },
  * //   UserSub: "STRING_VALUE", // required
+ * //   Session: "STRING_VALUE",
  * // };
  *
  * ```
@@ -138,7 +146,7 @@ declare const SignUpCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link LimitExceededException} (client fault)

package/dist-types/commands/StartWebAuthnRegistrationCommand.d.ts

@@ -0,0 +1,107 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../CognitoIdentityProviderClient";
+import { StartWebAuthnRegistrationRequest, StartWebAuthnRegistrationResponse } from "../models/models_1";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link StartWebAuthnRegistrationCommand}.
+ */
+export interface StartWebAuthnRegistrationCommandInput extends StartWebAuthnRegistrationRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link StartWebAuthnRegistrationCommand}.
+ */
+export interface StartWebAuthnRegistrationCommandOutput extends StartWebAuthnRegistrationResponse, __MetadataBearer {
+}
+declare const StartWebAuthnRegistrationCommand_base: {
+    new (input: StartWebAuthnRegistrationCommandInput): import("@smithy/smithy-client").CommandImpl<StartWebAuthnRegistrationCommandInput, StartWebAuthnRegistrationCommandOutput, CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (__0_0: StartWebAuthnRegistrationCommandInput): import("@smithy/smithy-client").CommandImpl<StartWebAuthnRegistrationCommandInput, StartWebAuthnRegistrationCommandOutput, CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Requests credential creation options from your user pool for registration of a passkey
+ *             authenticator. Returns information about the user pool, the user profile, and
+ *             authentication requirements. Users must provide this information in their request to
+ *             enroll your application with their passkey provider.</p>
+ *          <p>After users present this data and register with their passkey provider, return the
+ *             response to your user pool in a <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CompleteWebAuthnRegistration.html"> CompleteWebAuthnRegistration</a> API request.</p>
+ *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { CognitoIdentityProviderClient, StartWebAuthnRegistrationCommand } from "@aws-sdk/client-cognito-identity-provider"; // ES Modules import
+ * // const { CognitoIdentityProviderClient, StartWebAuthnRegistrationCommand } = require("@aws-sdk/client-cognito-identity-provider"); // CommonJS import
+ * const client = new CognitoIdentityProviderClient(config);
+ * const input = { // StartWebAuthnRegistrationRequest
+ *   AccessToken: "STRING_VALUE", // required
+ * };
+ * const command = new StartWebAuthnRegistrationCommand(input);
+ * const response = await client.send(command);
+ * // { // StartWebAuthnRegistrationResponse
+ * //   CredentialCreationOptions: "DOCUMENT_VALUE", // required
+ * // };
+ *
+ * ```
+ *
+ * @param StartWebAuthnRegistrationCommandInput - {@link StartWebAuthnRegistrationCommandInput}
+ * @returns {@link StartWebAuthnRegistrationCommandOutput}
+ * @see {@link StartWebAuthnRegistrationCommandInput} for command's `input` shape.
+ * @see {@link StartWebAuthnRegistrationCommandOutput} for command's `response` shape.
+ * @see {@link CognitoIdentityProviderClientResolvedConfig | config} for CognitoIdentityProviderClient's `config` shape.
+ *
+ * @throws {@link ForbiddenException} (client fault)
+ *  <p>This exception is thrown when WAF doesn't allow your request based on a web
+ *             ACL that's associated with your user pool.</p>
+ *
+ * @throws {@link InternalErrorException} (server fault)
+ *  <p>This exception is thrown when Amazon Cognito encounters an internal error.</p>
+ *
+ * @throws {@link InvalidParameterException} (client fault)
+ *  <p>This exception is thrown when the Amazon Cognito service encounters an invalid
+ *             parameter.</p>
+ *
+ * @throws {@link LimitExceededException} (client fault)
+ *  <p>This exception is thrown when a user exceeds the limit for a requested Amazon Web Services
+ *             resource.</p>
+ *
+ * @throws {@link NotAuthorizedException} (client fault)
+ *  <p>This exception is thrown when a user isn't authorized.</p>
+ *
+ * @throws {@link TooManyRequestsException} (client fault)
+ *  <p>This exception is thrown when the user has made too many requests for a given
+ *             operation.</p>
+ *
+ * @throws {@link WebAuthnConfigurationMissingException} (client fault)
+ *  <p>This exception is thrown when a user pool doesn't have a configured relying party
+ *             id or a user pool domain.</p>
+ *
+ * @throws {@link WebAuthnNotEnabledException} (client fault)
+ *  <p>This exception is thrown when the passkey feature isn't enabled for the user
+ *             pool.</p>
+ *
+ * @throws {@link CognitoIdentityProviderServiceException}
+ * <p>Base exception class for all service exceptions from CognitoIdentityProvider service.</p>
+ *
+ * @public
+ */
+export declare class StartWebAuthnRegistrationCommand extends StartWebAuthnRegistrationCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: StartWebAuthnRegistrationRequest;
+            output: StartWebAuthnRegistrationResponse;
+        };
+        sdk: {
+            input: StartWebAuthnRegistrationCommandInput;
+            output: StartWebAuthnRegistrationCommandOutput;
+        };
+    };
+}

package/dist-types/commands/UpdateManagedLoginBrandingCommand.d.ts

@@ -0,0 +1,150 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../CognitoIdentityProviderClient";
+import { UpdateManagedLoginBrandingRequest, UpdateManagedLoginBrandingResponse } from "../models/models_1";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link UpdateManagedLoginBrandingCommand}.
+ */
+export interface UpdateManagedLoginBrandingCommandInput extends UpdateManagedLoginBrandingRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link UpdateManagedLoginBrandingCommand}.
+ */
+export interface UpdateManagedLoginBrandingCommandOutput extends UpdateManagedLoginBrandingResponse, __MetadataBearer {
+}
+declare const UpdateManagedLoginBrandingCommand_base: {
+    new (input: UpdateManagedLoginBrandingCommandInput): import("@smithy/smithy-client").CommandImpl<UpdateManagedLoginBrandingCommandInput, UpdateManagedLoginBrandingCommandOutput, CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (...[input]: [] | [UpdateManagedLoginBrandingCommandInput]): import("@smithy/smithy-client").CommandImpl<UpdateManagedLoginBrandingCommandInput, UpdateManagedLoginBrandingCommandOutput, CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Configures the branding settings for a user pool style. This operation is the
+ *             programmatic option for the configuration of a style in the branding designer.</p>
+ *          <p>Provides values for UI customization in a <code>Settings</code> JSON object and image
+ *             files in an <code>Assets</code> array.</p>
+ *          <p> This operation has a 2-megabyte request-size limit and include the CSS settings and
+ *             image assets for your app client. Your branding settings might exceed 2MB in size. Amazon Cognito
+ *             doesn't require that you pass all parameters in one request and preserves existing
+ *             style settings that you don't specify. If your request is larger than 2MB, separate it
+ *             into multiple requests, each with a size smaller than the limit. </p>
+ *          <p>For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/managed-login-brandingdesigner.html#branding-designer-api">API and SDK operations for managed login branding</a>.</p>
+ *          <note>
+ *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
+ *     this operation, you must use IAM credentials to authorize requests, and you must
+ *     grant yourself the corresponding IAM permission in a policy.</p>
+ *             <p class="title">
+ *                <b>Learn more</b>
+ *             </p>
+ *             <ul>
+ *                <li>
+ *                   <p>
+ *                      <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services API Requests</a>
+ *                   </p>
+ *                </li>
+ *                <li>
+ *                   <p>
+ *                      <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using the Amazon Cognito user pools API and user pool endpoints</a>
+ *                   </p>
+ *                </li>
+ *             </ul>
+ *          </note>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { CognitoIdentityProviderClient, UpdateManagedLoginBrandingCommand } from "@aws-sdk/client-cognito-identity-provider"; // ES Modules import
+ * // const { CognitoIdentityProviderClient, UpdateManagedLoginBrandingCommand } = require("@aws-sdk/client-cognito-identity-provider"); // CommonJS import
+ * const client = new CognitoIdentityProviderClient(config);
+ * const input = { // UpdateManagedLoginBrandingRequest
+ *   UserPoolId: "STRING_VALUE",
+ *   ManagedLoginBrandingId: "STRING_VALUE",
+ *   UseCognitoProvidedValues: true || false,
+ *   Settings: "DOCUMENT_VALUE",
+ *   Assets: [ // AssetListType
+ *     { // AssetType
+ *       Category: "FAVICON_ICO" || "FAVICON_SVG" || "EMAIL_GRAPHIC" || "SMS_GRAPHIC" || "AUTH_APP_GRAPHIC" || "PASSWORD_GRAPHIC" || "PASSKEY_GRAPHIC" || "PAGE_HEADER_LOGO" || "PAGE_HEADER_BACKGROUND" || "PAGE_FOOTER_LOGO" || "PAGE_FOOTER_BACKGROUND" || "PAGE_BACKGROUND" || "FORM_BACKGROUND" || "FORM_LOGO" || "IDP_BUTTON_ICON", // required
+ *       ColorMode: "LIGHT" || "DARK" || "DYNAMIC", // required
+ *       Extension: "ICO" || "JPEG" || "PNG" || "SVG" || "WEBP", // required
+ *       Bytes: new Uint8Array(), // e.g. Buffer.from("") or new TextEncoder().encode("")
+ *       ResourceId: "STRING_VALUE",
+ *     },
+ *   ],
+ * };
+ * const command = new UpdateManagedLoginBrandingCommand(input);
+ * const response = await client.send(command);
+ * // { // UpdateManagedLoginBrandingResponse
+ * //   ManagedLoginBranding: { // ManagedLoginBrandingType
+ * //     ManagedLoginBrandingId: "STRING_VALUE",
+ * //     UserPoolId: "STRING_VALUE",
+ * //     UseCognitoProvidedValues: true || false,
+ * //     Settings: "DOCUMENT_VALUE",
+ * //     Assets: [ // AssetListType
+ * //       { // AssetType
+ * //         Category: "FAVICON_ICO" || "FAVICON_SVG" || "EMAIL_GRAPHIC" || "SMS_GRAPHIC" || "AUTH_APP_GRAPHIC" || "PASSWORD_GRAPHIC" || "PASSKEY_GRAPHIC" || "PAGE_HEADER_LOGO" || "PAGE_HEADER_BACKGROUND" || "PAGE_FOOTER_LOGO" || "PAGE_FOOTER_BACKGROUND" || "PAGE_BACKGROUND" || "FORM_BACKGROUND" || "FORM_LOGO" || "IDP_BUTTON_ICON", // required
+ * //         ColorMode: "LIGHT" || "DARK" || "DYNAMIC", // required
+ * //         Extension: "ICO" || "JPEG" || "PNG" || "SVG" || "WEBP", // required
+ * //         Bytes: new Uint8Array(),
+ * //         ResourceId: "STRING_VALUE",
+ * //       },
+ * //     ],
+ * //     CreationDate: new Date("TIMESTAMP"),
+ * //     LastModifiedDate: new Date("TIMESTAMP"),
+ * //   },
+ * // };
+ *
+ * ```
+ *
+ * @param UpdateManagedLoginBrandingCommandInput - {@link UpdateManagedLoginBrandingCommandInput}
+ * @returns {@link UpdateManagedLoginBrandingCommandOutput}
+ * @see {@link UpdateManagedLoginBrandingCommandInput} for command's `input` shape.
+ * @see {@link UpdateManagedLoginBrandingCommandOutput} for command's `response` shape.
+ * @see {@link CognitoIdentityProviderClientResolvedConfig | config} for CognitoIdentityProviderClient's `config` shape.
+ *
+ * @throws {@link ConcurrentModificationException} (client fault)
+ *  <p>This exception is thrown if two or more modifications are happening
+ *             concurrently.</p>
+ *
+ * @throws {@link InternalErrorException} (server fault)
+ *  <p>This exception is thrown when Amazon Cognito encounters an internal error.</p>
+ *
+ * @throws {@link InvalidParameterException} (client fault)
+ *  <p>This exception is thrown when the Amazon Cognito service encounters an invalid
+ *             parameter.</p>
+ *
+ * @throws {@link NotAuthorizedException} (client fault)
+ *  <p>This exception is thrown when a user isn't authorized.</p>
+ *
+ * @throws {@link ResourceNotFoundException} (client fault)
+ *  <p>This exception is thrown when the Amazon Cognito service can't find the requested
+ *             resource.</p>
+ *
+ * @throws {@link TooManyRequestsException} (client fault)
+ *  <p>This exception is thrown when the user has made too many requests for a given
+ *             operation.</p>
+ *
+ * @throws {@link CognitoIdentityProviderServiceException}
+ * <p>Base exception class for all service exceptions from CognitoIdentityProvider service.</p>
+ *
+ * @public
+ */
+export declare class UpdateManagedLoginBrandingCommand extends UpdateManagedLoginBrandingCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: UpdateManagedLoginBrandingRequest;
+            output: UpdateManagedLoginBrandingResponse;
+        };
+        sdk: {
+            input: UpdateManagedLoginBrandingCommandInput;
+            output: UpdateManagedLoginBrandingCommandOutput;
+        };
+    };
+}

package/dist-types/commands/UpdateUserAttributesCommand.d.ts

@@ -47,7 +47,7 @@ declare const UpdateUserAttributesCommand_base: {
  *             Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must
  *             receive SMS messages might not be able to sign up, activate their accounts, or sign
  *             in.</p>
- *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice,
+ *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service,
  *             Amazon Simple Notification Service might place your account in the SMS sandbox. In <i>
  *                   <a href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
  *                     mode</a>
@@ -137,7 +137,7 @@ declare const UpdateUserAttributesCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link NotAuthorizedException} (client fault)

package/dist-types/commands/UpdateUserPoolClientCommand.d.ts

@@ -79,7 +79,7 @@ declare const UpdateUserPoolClientCommand_base: {
  *     "STRING_VALUE",
  *   ],
  *   ExplicitAuthFlows: [ // ExplicitAuthFlowsListType
- *     "ADMIN_NO_SRP_AUTH" || "CUSTOM_AUTH_FLOW_ONLY" || "USER_PASSWORD_AUTH" || "ALLOW_ADMIN_USER_PASSWORD_AUTH" || "ALLOW_CUSTOM_AUTH" || "ALLOW_USER_PASSWORD_AUTH" || "ALLOW_USER_SRP_AUTH" || "ALLOW_REFRESH_TOKEN_AUTH",
+ *     "ADMIN_NO_SRP_AUTH" || "CUSTOM_AUTH_FLOW_ONLY" || "USER_PASSWORD_AUTH" || "ALLOW_ADMIN_USER_PASSWORD_AUTH" || "ALLOW_CUSTOM_AUTH" || "ALLOW_USER_PASSWORD_AUTH" || "ALLOW_USER_SRP_AUTH" || "ALLOW_REFRESH_TOKEN_AUTH" || "ALLOW_USER_AUTH",
  *   ],
  *   SupportedIdentityProviders: [ // SupportedIdentityProvidersListType
  *     "STRING_VALUE",
@@ -135,7 +135,7 @@ declare const UpdateUserPoolClientCommand_base: {
  * //       "STRING_VALUE",
  * //     ],
  * //     ExplicitAuthFlows: [ // ExplicitAuthFlowsListType
- * //       "ADMIN_NO_SRP_AUTH" || "CUSTOM_AUTH_FLOW_ONLY" || "USER_PASSWORD_AUTH" || "ALLOW_ADMIN_USER_PASSWORD_AUTH" || "ALLOW_CUSTOM_AUTH" || "ALLOW_USER_PASSWORD_AUTH" || "ALLOW_USER_SRP_AUTH" || "ALLOW_REFRESH_TOKEN_AUTH",
+ * //       "ADMIN_NO_SRP_AUTH" || "CUSTOM_AUTH_FLOW_ONLY" || "USER_PASSWORD_AUTH" || "ALLOW_ADMIN_USER_PASSWORD_AUTH" || "ALLOW_CUSTOM_AUTH" || "ALLOW_USER_PASSWORD_AUTH" || "ALLOW_USER_SRP_AUTH" || "ALLOW_REFRESH_TOKEN_AUTH" || "ALLOW_USER_AUTH",
  * //     ],
  * //     SupportedIdentityProviders: [ // SupportedIdentityProvidersListType
  * //       "STRING_VALUE",

package/dist-types/commands/UpdateUserPoolCommand.d.ts

@@ -35,7 +35,7 @@ declare const UpdateUserPoolCommand_base: {
  *             Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must
  *             receive SMS messages might not be able to sign up, activate their accounts, or sign
  *             in.</p>
- *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice,
+ *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service,
  *             Amazon Simple Notification Service might place your account in the SMS sandbox. In <i>
  *                   <a href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
  *                     mode</a>
@@ -87,6 +87,11 @@ declare const UpdateUserPoolCommand_base: {
  *       PasswordHistorySize: Number("int"),
  *       TemporaryPasswordValidityDays: Number("int"),
  *     },
+ *     SignInPolicy: { // SignInPolicyType
+ *       AllowedFirstAuthFactors: [ // AllowedFirstAuthFactorsListType
+ *         "PASSWORD" || "EMAIL_OTP" || "SMS_OTP" || "WEB_AUTHN",
+ *       ],
+ *     },
  *   },
  *   DeletionProtection: "ACTIVE" || "INACTIVE",
  *   LambdaConfig: { // LambdaConfigType
@@ -177,6 +182,8 @@ declare const UpdateUserPoolCommand_base: {
  *       },
  *     ],
  *   },
+ *   PoolName: "STRING_VALUE",
+ *   UserPoolTier: "LITE" || "ESSENTIALS" || "PLUS",
  * };
  * const command = new UpdateUserPoolCommand(input);
  * const response = await client.send(command);
@@ -194,6 +201,10 @@ declare const UpdateUserPoolCommand_base: {
  *  <p>This exception is thrown if two or more modifications are happening
  *             concurrently.</p>
  *
+ * @throws {@link FeatureUnavailableInTierException} (client fault)
+ *  <p>This exception is thrown when a feature you attempted to configure isn't
+ *             available in your current feature plan.</p>
+ *
  * @throws {@link InternalErrorException} (server fault)
  *  <p>This exception is thrown when Amazon Cognito encounters an internal error.</p>
  *
@@ -212,7 +223,7 @@ declare const UpdateUserPoolCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link NotAuthorizedException} (client fault)
@@ -222,6 +233,10 @@ declare const UpdateUserPoolCommand_base: {
  *  <p>This exception is thrown when the Amazon Cognito service can't find the requested
  *             resource.</p>
  *
+ * @throws {@link TierChangeNotAllowedException} (client fault)
+ *  <p>This exception is thrown when you've attempted to change your feature plan but
+ *             the operation isn't permitted.</p>
+ *
  * @throws {@link TooManyRequestsException} (client fault)
  *  <p>This exception is thrown when the user has made too many requests for a given
  *             operation.</p>

package/dist-types/commands/UpdateUserPoolDomainCommand.d.ts

@@ -75,6 +75,7 @@ declare const UpdateUserPoolDomainCommand_base: {
  * const input = { // UpdateUserPoolDomainRequest
  *   Domain: "STRING_VALUE", // required
  *   UserPoolId: "STRING_VALUE", // required
+ *   ManagedLoginVersion: Number("int"),
  *   CustomDomainConfig: { // CustomDomainConfigType
  *     CertificateArn: "STRING_VALUE", // required
  *   },
@@ -82,6 +83,7 @@ declare const UpdateUserPoolDomainCommand_base: {
  * const command = new UpdateUserPoolDomainCommand(input);
  * const response = await client.send(command);
  * // { // UpdateUserPoolDomainResponse
+ * //   ManagedLoginVersion: Number("int"),
  * //   CloudFrontDomain: "STRING_VALUE",
  * // };
  *
@@ -93,6 +95,10 @@ declare const UpdateUserPoolDomainCommand_base: {
  * @see {@link UpdateUserPoolDomainCommandOutput} for command's `response` shape.
  * @see {@link CognitoIdentityProviderClientResolvedConfig | config} for CognitoIdentityProviderClient's `config` shape.
  *
+ * @throws {@link FeatureUnavailableInTierException} (client fault)
+ *  <p>This exception is thrown when a feature you attempted to configure isn't
+ *             available in your current feature plan.</p>
+ *
  * @throws {@link InternalErrorException} (server fault)
  *  <p>This exception is thrown when Amazon Cognito encounters an internal error.</p>
  *

package/dist-types/commands/index.d.ts

@@ -27,11 +27,13 @@ export * from "./AdminUpdateUserAttributesCommand";
 export * from "./AdminUserGlobalSignOutCommand";
 export * from "./AssociateSoftwareTokenCommand";
 export * from "./ChangePasswordCommand";
+export * from "./CompleteWebAuthnRegistrationCommand";
 export * from "./ConfirmDeviceCommand";
 export * from "./ConfirmForgotPasswordCommand";
 export * from "./ConfirmSignUpCommand";
 export * from "./CreateGroupCommand";
 export * from "./CreateIdentityProviderCommand";
+export * from "./CreateManagedLoginBrandingCommand";
 export * from "./CreateResourceServerCommand";
 export * from "./CreateUserImportJobCommand";
 export * from "./CreateUserPoolClientCommand";
@@ -39,13 +41,17 @@ export * from "./CreateUserPoolCommand";
 export * from "./CreateUserPoolDomainCommand";
 export * from "./DeleteGroupCommand";
 export * from "./DeleteIdentityProviderCommand";
+export * from "./DeleteManagedLoginBrandingCommand";
 export * from "./DeleteResourceServerCommand";
 export * from "./DeleteUserAttributesCommand";
 export * from "./DeleteUserCommand";
 export * from "./DeleteUserPoolClientCommand";
 export * from "./DeleteUserPoolCommand";
 export * from "./DeleteUserPoolDomainCommand";
+export * from "./DeleteWebAuthnCredentialCommand";
 export * from "./DescribeIdentityProviderCommand";
+export * from "./DescribeManagedLoginBrandingByClientCommand";
+export * from "./DescribeManagedLoginBrandingCommand";
 export * from "./DescribeResourceServerCommand";
 export * from "./DescribeRiskConfigurationCommand";
 export * from "./DescribeUserImportJobCommand";
@@ -62,6 +68,7 @@ export * from "./GetLogDeliveryConfigurationCommand";
 export * from "./GetSigningCertificateCommand";
 export * from "./GetUICustomizationCommand";
 export * from "./GetUserAttributeVerificationCodeCommand";
+export * from "./GetUserAuthFactorsCommand";
 export * from "./GetUserCommand";
 export * from "./GetUserPoolMfaConfigCommand";
 export * from "./GlobalSignOutCommand";
@@ -76,6 +83,7 @@ export * from "./ListUserPoolClientsCommand";
 export * from "./ListUserPoolsCommand";
 export * from "./ListUsersCommand";
 export * from "./ListUsersInGroupCommand";
+export * from "./ListWebAuthnCredentialsCommand";
 export * from "./ResendConfirmationCodeCommand";
 export * from "./RespondToAuthChallengeCommand";
 export * from "./RevokeTokenCommand";
@@ -87,6 +95,7 @@ export * from "./SetUserPoolMfaConfigCommand";
 export * from "./SetUserSettingsCommand";
 export * from "./SignUpCommand";
 export * from "./StartUserImportJobCommand";
+export * from "./StartWebAuthnRegistrationCommand";
 export * from "./StopUserImportJobCommand";
 export * from "./TagResourceCommand";
 export * from "./UntagResourceCommand";
@@ -94,6 +103,7 @@ export * from "./UpdateAuthEventFeedbackCommand";
 export * from "./UpdateDeviceStatusCommand";
 export * from "./UpdateGroupCommand";
 export * from "./UpdateIdentityProviderCommand";
+export * from "./UpdateManagedLoginBrandingCommand";
 export * from "./UpdateResourceServerCommand";
 export * from "./UpdateUserAttributesCommand";
 export * from "./UpdateUserPoolClientCommand";