@aws-sdk/client-cognito-identity-provider 3.709.0 → 3.712.0

package/README.md

@@ -86,6 +86,11 @@ V3</a>
 for Ruby V3</a>
 </p>
 </li>
+<li>
+<p>
+<a href="https://sdk.amazonaws.com/kotlin/api/latest/cognitoidentityprovider/aws.sdk.kotlin.services.cognitoidentityprovider/-cognito-identity-provider-client/index.html">Amazon Web Services SDK for Kotlin</a>
+</p>
+</li>
 </ul>
 <p>To get started with an Amazon Web Services SDK, see <a href="http://aws.amazon.com/developer/tools/">Tools to Build on Amazon Web Services</a>. For example actions and scenarios, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/service_code_examples_cognito-identity-provider.html">Code examples for Amazon Cognito Identity Provider using Amazon Web Services
 SDKs</a>.</p>

package/dist-types/CognitoIdentityProvider.d.ts

@@ -876,6 +876,11 @@ export interface CognitoIdentityProvider {
  *                     for Ruby V3</a>
  *                </p>
  *             </li>
+ *             <li>
+ *                <p>
+ *                   <a href="https://sdk.amazonaws.com/kotlin/api/latest/cognitoidentityprovider/aws.sdk.kotlin.services.cognitoidentityprovider/-cognito-identity-provider-client/index.html">Amazon Web Services SDK for Kotlin</a>
+ *                </p>
+ *             </li>
  *          </ul>
  *          <p>To get started with an Amazon Web Services SDK, see <a href="http://aws.amazon.com/developer/tools/">Tools to Build on Amazon Web Services</a>. For example actions and scenarios, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/service_code_examples_cognito-identity-provider.html">Code examples for Amazon Cognito Identity Provider using Amazon Web Services
  *                 SDKs</a>.</p>

package/dist-types/CognitoIdentityProviderClient.d.ts

@@ -344,6 +344,11 @@ export interface CognitoIdentityProviderClientResolvedConfig extends CognitoIden
  *                     for Ruby V3</a>
  *                </p>
  *             </li>
+ *             <li>
+ *                <p>
+ *                   <a href="https://sdk.amazonaws.com/kotlin/api/latest/cognitoidentityprovider/aws.sdk.kotlin.services.cognitoidentityprovider/-cognito-identity-provider-client/index.html">Amazon Web Services SDK for Kotlin</a>
+ *                </p>
+ *             </li>
  *          </ul>
  *          <p>To get started with an Amazon Web Services SDK, see <a href="http://aws.amazon.com/developer/tools/">Tools to Build on Amazon Web Services</a>. For example actions and scenarios, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/service_code_examples_cognito-identity-provider.html">Code examples for Amazon Cognito Identity Provider using Amazon Web Services
  *                 SDKs</a>.</p>

package/dist-types/commands/AddCustomAttributesCommand.d.ts

@@ -27,7 +27,12 @@ declare const AddCustomAttributesCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Adds additional user attributes to the user pool schema.</p>
+ * <p>Adds additional user attributes to the user pool schema. Custom attributes can be
+ *             mutable or immutable and have a <code>custom:</code> or <code>dev:</code> prefix. For
+ *             more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-custom-attributes">Custom attributes</a>.</p>
+ *          <p>You can also create custom attributes in the <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html#CognitoUserPools-CreateUserPool-request-Schema">Schema parameter</a> of <code>CreateUserPool</code> and
+ *                 <code>UpdateUserPool</code>. You can't delete custom attributes after you
+ *             create them.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminConfirmSignUpCommand.d.ts

@@ -27,8 +27,7 @@ declare const AdminConfirmSignUpCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>This IAM-authenticated API operation confirms user sign-up as an administrator.
- *             Unlike <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmSignUp.html">ConfirmSignUp</a>, your IAM credentials authorize user account confirmation.
+ * <p>Confirms user sign-up as an administrator. Unlike <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmSignUp.html">ConfirmSignUp</a>, your IAM credentials authorize user account confirmation.
  *             No confirmation code is required.</p>
  *          <p>This request sets a user account active in a user pool that <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#signing-up-users-in-your-app-and-confirming-them-as-admin">requires confirmation of new user accounts</a> before they can sign in. You can
  *             configure your user pool to not send confirmation codes to new users and instead confirm
@@ -53,6 +52,9 @@ declare const AdminConfirmSignUpCommand_base: {
  *                </li>
  *             </ul>
  *          </note>
+ *          <p>To configure your user pool to require administrative confirmation of users, set
+ *                 <code>AllowAdminCreateUserOnly</code> to <code>true</code> in a
+ *                 <code>CreateUserPool</code> or <code>UpdateUserPool</code> request.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/AdminDeleteUserAttributesCommand.d.ts

@@ -27,8 +27,9 @@ declare const AdminDeleteUserAttributesCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Deletes the user attributes in a user pool as an administrator. Works on any
- *             user.</p>
+ * <p>Deletes attribute values from a user. This operation doesn't affect tokens for
+ *             existing user sessions. The next ID token that the user receives will no longer have
+ *             this attribute.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminDeleteUserCommand.d.ts

@@ -27,7 +27,7 @@ declare const AdminDeleteUserCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Deletes a user as an administrator. Works on any user.</p>
+ * <p>Deletes a user profile in your user pool.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminDisableUserCommand.d.ts

@@ -27,9 +27,9 @@ declare const AdminDisableUserCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Deactivates a user and revokes all access tokens for the user. A deactivated user
- *             can't sign in, but still appears in the responses to <code>GetUser</code> and
- *                 <code>ListUsers</code> API requests.</p>
+ * <p>Deactivates a user profile and revokes all access tokens for the user. A deactivated
+ *             user can't sign in, but still appears in the responses to <code>ListUsers</code>
+ *             API requests.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminEnableUserCommand.d.ts

@@ -27,7 +27,8 @@ declare const AdminEnableUserCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Enables the specified user as an administrator. Works on any user.</p>
+ * <p>Activate sign-in for a user profile that previously had sign-in access
+ *             disabled.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminForgetDeviceCommand.d.ts

@@ -27,7 +27,9 @@ declare const AdminForgetDeviceCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Forgets the device, as an administrator.</p>
+ * <p>Forgets, or deletes, a remembered device from a user's profile. After you forget
+ *             the device, the user can no longer complete device authentication with that device and
+ *             when applicable, must submit MFA codes again. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with devices</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminGetDeviceCommand.d.ts

@@ -27,7 +27,8 @@ declare const AdminGetDeviceCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Gets the device, as an administrator.</p>
+ * <p>Given the device key, returns details for a user' device. For more information,
+ *             see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with devices</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminGetUserCommand.d.ts

@@ -27,9 +27,9 @@ declare const AdminGetUserCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Gets the specified user by user name in a user pool as an administrator. Works on any
- *             user. This operation contributes to your monthly active user (MAU) count for the purpose
- *             of billing.</p>
+ * <p>Given the username, returns details about a user profile in a user pool. This
+ *             operation contributes to your monthly active user (MAU) count for the purpose of
+ *             billing. You can specify alias attributes in the <code>Username</code> parameter.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminInitiateAuthCommand.d.ts

@@ -27,7 +27,11 @@ declare const AdminInitiateAuthCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Initiates the authentication flow, as an administrator.</p>
+ * <p>Starts sign-in for applications with a server-side component, for example a
+ *             traditional web application. This operation specifies the authentication flow that
+ *             you'd like to begin. The authentication flow that you specify must be supported in
+ *             your app client configuration. For more information about authentication flows, see
+ *                 <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html">Authentication flows</a>.</p>
  *          <note>
  *             <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers
  *             require you to register an origination phone number before you can send SMS messages

package/dist-types/commands/AdminListDevicesCommand.d.ts

@@ -27,7 +27,10 @@ declare const AdminListDevicesCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists a user's registered devices.</p>
+ * <p>Lists a user's registered devices. Remembered devices are used in authentication
+ *             services where you offer a "Remember me" option for users who you want to permit to sign
+ *             in without MFA from a trusted device. Users can bypass MFA while your application
+ *             performs device SRP authentication on the back end. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with devices</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminListGroupsForUserCommand.d.ts

@@ -27,7 +27,9 @@ declare const AdminListGroupsForUserCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists the groups that a user belongs to.</p>
+ * <p>Lists the groups that a user belongs to. User pool groups are identifiers that you can
+ *             reference from the contents of ID and access tokens, and set preferred IAM roles for
+ *             identity-pool authentication. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html">Adding groups to a user pool</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminListUserAuthEventsCommand.d.ts

@@ -27,8 +27,8 @@ declare const AdminListUserAuthEventsCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>A history of user activity and any risks detected as part of Amazon Cognito advanced
- *             security.</p>
+ * <p>Requests a history of user activity and any risks detected as part of Amazon Cognito threat
+ *             protection. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-event-user-history">Viewing user event history</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminRemoveUserFromGroupCommand.d.ts

@@ -27,7 +27,9 @@ declare const AdminRemoveUserFromGroupCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Removes the specified user from the specified group.</p>
+ * <p>Given a username and a group name. removes them from the group. User pool groups are
+ *             identifiers that you can reference from the contents of ID and access tokens, and set
+ *             preferred IAM roles for identity-pool authentication. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html">Adding groups to a user pool</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminResetUserPasswordCommand.d.ts

@@ -27,8 +27,18 @@ declare const AdminResetUserPasswordCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Resets the specified user's password in a user pool as an administrator. Works on any
- *             user.</p>
+ * <p>Resets the specified user's password in a user pool. This operation doesn't
+ *             change the user's password, but sends a password-reset code. This operation is the
+ *             administrative authentication API equivalent to <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html">ForgotPassword</a>.</p>
+ *          <p>This operation deactivates a user's password, requiring them to change it. If a user
+ *             tries to sign in after the API request, Amazon Cognito responds with a
+ *                 <code>PasswordResetRequiredException</code> error. Your app must then complete the
+ *             forgot-password flow by prompting the user for their code and a new password, then
+ *             submitting those values in a <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html">ConfirmForgotPassword</a> request. In addition, if the user
+ *             pool has phone verification selected and a verified phone number exists for the user, or
+ *             if email verification is selected and a verified email exists for the user, calling this
+ *             API will also result in sending a message to the end user with the code to change their
+ *             password.</p>
  *          <p>To use this API operation, your user pool must have self-service account recovery
  *             configured. Use <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserPassword.html">AdminSetUserPassword</a> if you manage passwords as an administrator.</p>
  *          <note>
@@ -48,14 +58,6 @@ declare const AdminResetUserPasswordCommand_base: {
  *             of the sandbox and into production. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito
  *                 Developer Guide</i>.</p>
  *          </note>
- *          <p>Deactivates a user's password, requiring them to change it. If a user tries to sign in
- *             after the API is called, Amazon Cognito responds with a
- *                 <code>PasswordResetRequiredException</code> error. Your app must then perform the
- *             actions that reset your user's password: the forgot-password flow. In addition, if the
- *             user pool has phone verification selected and a verified phone number exists for the
- *             user, or if email verification is selected and a verified email exists for the user,
- *             calling this API will also result in sending a message to the end user with the code to
- *             change their password.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminSetUserMFAPreferenceCommand.d.ts

@@ -32,6 +32,9 @@ declare const AdminSetUserMFAPreferenceCommand_base: {
  *             preferred. The preferred MFA factor will be used to authenticate a user if multiple
  *             factors are activated. If multiple options are activated and no preference is set, a
  *             challenge to choose an MFA option will be returned during sign-in.</p>
+ *          <p>This operation doesn't reset an existing TOTP MFA for a user. To register a new
+ *             TOTP factor for a user, make an <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AssociateSoftwareToken.html">AssociateSoftwareToken</a> request. For more information,
+ *             see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-totp.html">TOTP software token MFA</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminSetUserPasswordCommand.d.ts

@@ -27,16 +27,21 @@ declare const AdminSetUserPasswordCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Sets the specified user's password in a user pool as an administrator. Works on any
- *             user. </p>
- *          <p>The password can be temporary or permanent. If it is temporary, the user status enters
- *             the <code>FORCE_CHANGE_PASSWORD</code> state. When the user next tries to sign in, the
- *             InitiateAuth/AdminInitiateAuth response will contain the
- *                 <code>NEW_PASSWORD_REQUIRED</code> challenge. If the user doesn't sign in before it
- *             expires, the user won't be able to sign in, and an administrator must reset their
- *             password. </p>
- *          <p>Once the user has set a new password, or the password is permanent, the user status is
- *             set to <code>Confirmed</code>.</p>
+ * <p>Sets the specified user's password in a user pool. This operation administratively
+ *             sets a temporary or permanent password for a user. With this operation, you can bypass
+ *             self-service password changes and permit immediate sign-in with the password that you
+ *             set. To do this, set <code>Permanent</code> to <code>true</code>.</p>
+ *          <p>You can also set a new temporary password in this request, send it to a user, and
+ *             require them to choose a new password on their next sign-in. To do this, set
+ *                 <code>Permanent</code> to <code>false</code>.</p>
+ *          <p>If the password is temporary, the user's <code>Status</code> becomes
+ *                 <code>FORCE_CHANGE_PASSWORD</code>. When the user next tries to sign in, the
+ *                 <code>InitiateAuth</code> or <code>AdminInitiateAuth</code> response includes the
+ *                 <code>NEW_PASSWORD_REQUIRED</code> challenge. If the user doesn't sign in
+ *             before the temporary password expires, they can no longer sign in and you must repeat
+ *             this operation to set a temporary or permanent password for them.</p>
+ *          <p>After the user sets a new password, or if you set a permanent password, their status
+ *             becomes <code>Confirmed</code>.</p>
  *          <p>
  *             <code>AdminSetUserPassword</code> can set a password for the user profile that Amazon Cognito
  *             creates for third-party federated users. When you set a password, the federated user's

package/dist-types/commands/AdminUpdateAuthEventFeedbackCommand.d.ts

@@ -29,7 +29,11 @@ declare const AdminUpdateAuthEventFeedbackCommand_base: {
 /**
  * <p>Provides feedback for an authentication event indicating if it was from a valid user.
  *             This feedback is used for improving the risk evaluation decision for the user pool as
- *             part of Amazon Cognito advanced security.</p>
+ *             part of Amazon Cognito threat protection. To train the threat-protection model to recognize
+ *             trusted and untrusted sign-in characteristics, configure threat protection in audit-only
+ *             mode and provide a mechanism for users or administrators to submit feedback. Your
+ *             feedback can tell Amazon Cognito that a risk rating was assigned at a level you don't agree
+ *             with.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminUpdateDeviceStatusCommand.d.ts

@@ -27,7 +27,12 @@ declare const AdminUpdateDeviceStatusCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Updates the device status as an administrator.</p>
+ * <p>Updates the status of a user's device so that it is marked as remembered or not
+ *             remembered for the purpose of device authentication. Device authentication is a
+ *             "remember me" mechanism that silently completes sign-in from trusted devices with a
+ *             device key instead of a user-provided MFA code. This operation changes the status of a
+ *             device without deleting it, so you can enable it again later. For more information about
+ *             device authentication, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with devices</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminUpdateUserAttributesCommand.d.ts

@@ -44,13 +44,14 @@ declare const AdminUpdateUserAttributesCommand_base: {
  *             of the sandbox and into production. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito
  *                 Developer Guide</i>.</p>
  *          </note>
- *          <p>Updates the specified user's attributes, including developer attributes, as an
- *             administrator. Works on any user. To delete an attribute from your user, submit the
- *             attribute in your API request with a blank value.</p>
+ *          <p>Updates the specified user's attributes. To delete an attribute from your user,
+ *             submit the attribute in your API request with a blank value.</p>
  *          <p>For custom attributes, you must prepend the <code>custom:</code> prefix to the
  *             attribute name.</p>
- *          <p>In addition to updating user attributes, this API can also be used to mark phone and
- *             email as verified.</p>
+ *          <p>This operation can set a user's email address or phone number as verified and
+ *             permit immediate sign-in in user pools that require verification of these attributes. To
+ *             do this, set the <code>email_verified</code> or <code>phone_number_verified</code>
+ *             attribute to <code>true</code>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminUserGlobalSignOutCommand.d.ts

@@ -29,7 +29,7 @@ declare const AdminUserGlobalSignOutCommand_base: {
 /**
  * <p>Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call
  *             this operation with your administrative credentials when your user signs out of your
- *             app. This results in the following behavior. </p>
+ *             app. This results in the following behavior.</p>
  *          <ul>
  *             <li>
  *                <p>Amazon Cognito no longer accepts <i>token-authorized</i> user operations
@@ -50,7 +50,10 @@ declare const AdminUserGlobalSignOutCommand_base: {
  *                     requests.</p>
  *             </li>
  *          </ul>
- *          <p>Other requests might be valid until your user's token expires.</p>
+ *          <p>Other requests might be valid until your user's token expires. This operation
+ *             doesn't clear the <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html">managed login</a> session cookie. To clear the session for
+ *             a user who signed in with managed login or the classic hosted UI, direct their browser
+ *             session to the <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html">logout endpoint</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AssociateSoftwareTokenCommand.d.ts

@@ -50,6 +50,7 @@ declare const AssociateSoftwareTokenCommand_base: {
  *     grant IAM permissions in policies. For more information about authorization models in
  *     Amazon Cognito, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p>
  *          </note>
+ *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/ConfirmDeviceCommand.d.ts

@@ -27,8 +27,10 @@ declare const ConfirmDeviceCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Confirms tracking of the device. This API call is the call that begins device
- *             tracking. For more information about device authentication, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with user devices in your user pool</a>.</p>
+ * <p>Confirms a device that a user wants to remember. A remembered device is a "Remember me
+ *             on this device" option for user pools that perform authentication with the device key of
+ *             a trusted device in the back end, instead of a user-provided MFA code. For more
+ *             information about device authentication, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with user devices in your user pool</a>.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/ConfirmForgotPasswordCommand.d.ts

@@ -27,7 +27,8 @@ declare const ConfirmForgotPasswordCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Allows a user to enter a confirmation code to reset a forgotten password.</p>
+ * <p>This public API operation accepts a confirmation code that Amazon Cognito sent to a user and
+ *             accepts a new password for that user.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you can't use IAM credentials to authorize requests, and you can't

package/dist-types/commands/ConfirmSignUpCommand.d.ts

@@ -27,8 +27,8 @@ declare const ConfirmSignUpCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>This public API operation provides a code that Amazon Cognito sent to your user when they
- *             signed up in your user pool via the <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html">SignUp</a>
+ * <p>This public API operation submits a code that Amazon Cognito sent to your user when they signed
+ *             up in your user pool via the <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html">SignUp</a>
  *             API operation. After your user enters their code, they confirm ownership of the email
  *             address or phone number that they provided, and their user account becomes active.
  *             Depending on your user pool configuration, your users will receive their confirmation

package/dist-types/commands/CreateGroupCommand.d.ts

@@ -27,7 +27,8 @@ declare const CreateGroupCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Creates a new group in the specified user pool.</p>
+ * <p>Creates a new group in the specified user pool. For more information about user pool
+ *             groups see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html">Adding groups to a user pool</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/CreateIdentityProviderCommand.d.ts

@@ -28,7 +28,8 @@ declare const CreateIdentityProviderCommand_base: {
 };
 /**
  * <p>Adds a configuration and trust relationship between a third-party identity provider
- *             (IdP) and a user pool.</p>
+ *             (IdP) and a user pool. Amazon Cognito accepts sign-in with third-party identity providers through
+ *             managed login and OIDC relying-party libraries. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html">Third-party IdP sign-in</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/CreateManagedLoginBrandingCommand.d.ts

@@ -33,14 +33,17 @@ declare const CreateManagedLoginBrandingCommand_base: {
  *          <p>Provides values for UI customization in a <code>Settings</code> JSON object and image
  *             files in an <code>Assets</code> array. To send the JSON object <code>Document</code>
  *             type parameter in <code>Settings</code>, you might need to update to the most recent
- *             version of your Amazon Web Services SDK. </p>
+ *             version of your Amazon Web Services SDK. To create a new style with default settings, set
+ *                 <code>UseCognitoProvidedValues</code> to <code>true</code> and don't provide
+ *             values for any other options.</p>
  *          <p> This operation has a 2-megabyte request-size limit and include the CSS settings and
  *             image assets for your app client. Your branding settings might exceed 2MB in size. Amazon Cognito
  *             doesn't require that you pass all parameters in one request and preserves existing
  *             style settings that you don't specify. If your request is larger than 2MB, separate it
  *             into multiple requests, each with a size smaller than the limit. </p>
- *          <p>For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/managed-login-brandingdesigner.html#branding-designer-api">API and SDK operations for managed login branding</a>
- *          </p>
+ *          <p>As a best practice, modify the output of <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeManagedLoginBrandingByClient.html">DescribeManagedLoginBrandingByClient</a> into the request parameters for this
+ *             operation. To get all settings, set <code>ReturnMergedResources</code> to
+ *                 <code>true</code>. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/managed-login-brandingdesigner.html#branding-designer-api">API and SDK operations for managed login branding</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/CreateResourceServerCommand.d.ts

@@ -27,7 +27,9 @@ declare const CreateResourceServerCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Creates a new OAuth2.0 resource server and defines custom scopes within it.</p>
+ * <p>Creates a new OAuth2.0 resource server and defines custom scopes within it. Resource
+ *             servers are associated with custom scopes and machine-to-machine (M2M) authorization.
+ *             For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-define-resource-servers.html">Access control with resource servers</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/CreateUserImportJobCommand.d.ts

@@ -27,7 +27,10 @@ declare const CreateUserImportJobCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Creates a user import job.</p>
+ * <p>Creates a user import job. You can import users into user pools from a comma-separated
+ *             values (CSV) file without adding Amazon Cognito MAU costs to your Amazon Web Services bill. To generate a
+ *             template for your import, see <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetCSVHeader.html">GetCSVHeader</a>. To learn more about CSV import, see
+ *                 <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-using-import-tool.html">Importing users from a CSV file</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/CreateUserPoolClientCommand.d.ts

@@ -27,9 +27,12 @@ declare const CreateUserPoolClientCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Creates the user pool client.</p>
- *          <p>When you create a new user pool client, token revocation is automatically activated.
- *             For more information about revoking tokens, see <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html">RevokeToken</a>.</p>
+ * <p>Creates an app client in a user pool. This operation sets basic and advanced
+ *             configuration options. You can create an app client in the Amazon Cognito console to your
+ *             preferences and use the output of <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html">DescribeUserPoolClient</a> to generate requests from that
+ *             baseline.</p>
+ *          <p>New app clients activate token revocation by default. For more information about
+ *             revoking tokens, see <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html">RevokeToken</a>.</p>
  *          <important>
  *             <p>If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.</p>
  *          </important>

package/dist-types/commands/CreateUserPoolCommand.d.ts

@@ -44,8 +44,10 @@ declare const CreateUserPoolCommand_base: {
  *             of the sandbox and into production. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito
  *                 Developer Guide</i>.</p>
  *          </note>
- *          <p>Creates a new Amazon Cognito user pool and sets the password policy for the
- *             pool.</p>
+ *          <p>Creates a new Amazon Cognito user pool. This operation sets basic and advanced configuration
+ *             options. You can create a user pool in the Amazon Cognito console to your preferences and use the
+ *             output of <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html">DescribeUserPool</a> to generate requests from that
+ *             baseline.</p>
  *          <important>
  *             <p>If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.</p>
  *          </important>

package/dist-types/commands/CreateUserPoolDomainCommand.d.ts

@@ -27,8 +27,16 @@ declare const CreateUserPoolDomainCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Creates a new domain for a user pool. The domain hosts user pool domain services like
- *             managed login, the hosted UI (classic), and the user pool authorization server.</p>
+ * <p>A user pool domain hosts managed login, an authorization server and web server for
+ *             authentication in your application. This operation creates a new user pool prefix or
+ *             custom domain and sets the managed login branding version. Set the branding version to
+ *                 <code>1</code> for hosted UI (classic) or <code>2</code> for managed login. When you
+ *             choose a custom domain, you must provide an SSL certificate in the US East (N. Virginia)
+ *             Amazon Web Services Region in your request.</p>
+ *          <p>Your prefix domain might take up to one minute to take effect. Your custom domain is
+ *             online within five minutes, but it can take up to one hour to distribute your SSL
+ *             certificate.</p>
+ *          <p>For more information about adding a custom domain to your user pool, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html">Configuring a user pool domain</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must