@aws-sdk/client-cognito-identity-provider 3.750.0 → 3.760.0

package/dist-types/commands/AdminLinkProviderForUserCommand.d.ts

@@ -27,22 +27,21 @@ declare const AdminLinkProviderForUserCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Links an existing user account in a user pool (<code>DestinationUser</code>) to an
- *             identity from an external IdP (<code>SourceUser</code>) based on a specified attribute
- *             name and value from the external IdP. This allows you to create a link from the existing
- *             user account to an external federated user identity that has not yet been used to sign
- *             in. You can then use the federated user identity to sign in as the existing user
- *             account. </p>
- *          <p> For example, if there is an existing user with a username and password, this API
- *             links that user to a federated user identity. When the user signs in with a federated
- *             user identity, they sign in as the existing user account.</p>
+ * <p>Links an existing user account in a user pool, or <code>DestinationUser</code>, to an
+ *             identity from an external IdP, or <code>SourceUser</code>, based on a specified
+ *             attribute name and value from the external IdP.</p>
+ *          <p>This operation connects a local user profile with a user identity who hasn't yet
+ *             signed in from their third-party IdP. When the user signs in with their IdP, they get
+ *             access-control configuration from the local user profile. Linked local users can also
+ *             sign in with SDK-based API operations like <code>InitiateAuth</code> after they sign in
+ *             at least once through their IdP. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html">Linking federated users</a>.</p>
  *          <note>
  *             <p>The maximum number of federated identities linked to a user is five.</p>
  *          </note>
  *          <important>
- *             <p>Because this API allows a user with an external federated identity to sign in as
- *                 an existing user in the user pool, it is critical that it only be used with external
- *                 IdPs and provider attributes that have been trusted by the application owner.</p>
+ *             <p>Because this API allows a user with an external federated identity to sign in as a
+ *                 local user, it is critical that it only be used with external IdPs and linked
+ *                 attributes that you trust.</p>
  *          </important>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/AdminRemoveUserFromGroupCommand.d.ts

@@ -27,7 +27,7 @@ declare const AdminRemoveUserFromGroupCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Given a username and a group name. removes them from the group. User pool groups are
+ * <p>Given a username and a group name, removes them from the group. User pool groups are
  *             identifiers that you can reference from the contents of ID and access tokens, and set
  *             preferred IAM roles for identity-pool authentication. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html">Adding groups to a user pool</a>.</p>
  *          <note>

package/dist-types/commands/AdminResetUserPasswordCommand.d.ts

@@ -28,19 +28,9 @@ declare const AdminResetUserPasswordCommand_base: {
 };
 /**
  * <p>Resets the specified user's password in a user pool. This operation doesn't
- *             change the user's password, but sends a password-reset code. This operation is the
- *             administrative authentication API equivalent to <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html">ForgotPassword</a>.</p>
- *          <p>This operation deactivates a user's password, requiring them to change it. If a user
- *             tries to sign in after the API request, Amazon Cognito responds with a
- *                 <code>PasswordResetRequiredException</code> error. Your app must then complete the
- *             forgot-password flow by prompting the user for their code and a new password, then
- *             submitting those values in a <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html">ConfirmForgotPassword</a> request. In addition, if the user
- *             pool has phone verification selected and a verified phone number exists for the user, or
- *             if email verification is selected and a verified email exists for the user, calling this
- *             API will also result in sending a message to the end user with the code to change their
- *             password.</p>
+ *             change the user's password, but sends a password-reset code.</p>
  *          <p>To use this API operation, your user pool must have self-service account recovery
- *             configured. Use <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserPassword.html">AdminSetUserPassword</a> if you manage passwords as an administrator.</p>
+ *             configured.</p>
  *          <note>
  *             <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers
  *             require you to register an origination phone number before you can send SMS messages

package/dist-types/commands/AdminSetUserMFAPreferenceCommand.d.ts

@@ -32,9 +32,6 @@ declare const AdminSetUserMFAPreferenceCommand_base: {
  *             preferred. The preferred MFA factor will be used to authenticate a user if multiple
  *             factors are activated. If multiple options are activated and no preference is set, a
  *             challenge to choose an MFA option will be returned during sign-in.</p>
- *          <p>This operation doesn't reset an existing TOTP MFA for a user. To register a new
- *             TOTP factor for a user, make an <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AssociateSoftwareToken.html">AssociateSoftwareToken</a> request. For more information,
- *             see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-totp.html">TOTP software token MFA</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminSetUserSettingsCommand.d.ts

@@ -30,7 +30,7 @@ declare const AdminSetUserSettingsCommand_base: {
  * <p>
  *             <i>This action is no longer supported.</i> You can use it to configure
  *             only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software
- *             token MFA. To configure either type of MFA, use <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html">AdminSetUserMFAPreference</a> instead.</p>
+ *             token MFA.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminUpdateAuthEventFeedbackCommand.d.ts

@@ -27,13 +27,16 @@ declare const AdminUpdateAuthEventFeedbackCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Provides feedback for an authentication event indicating if it was from a valid user.
- *             This feedback is used for improving the risk evaluation decision for the user pool as
- *             part of Amazon Cognito threat protection. To train the threat-protection model to recognize
- *             trusted and untrusted sign-in characteristics, configure threat protection in audit-only
- *             mode and provide a mechanism for users or administrators to submit feedback. Your
- *             feedback can tell Amazon Cognito that a risk rating was assigned at a level you don't agree
- *             with.</p>
+ * <p>Provides the feedback for an authentication event generated by threat protection
+ *             features. Your response indicates that you think that the event either was from a valid
+ *             user or was an unwanted authentication attempt. This feedback improves the risk
+ *             evaluation decision for the user pool as part of Amazon Cognito threat protection.
+ *             To activate this setting, your user pool must be on the <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html">
+ *                      Plus tier</a>.</p>
+ *          <p>To train the threat-protection model to recognize trusted and untrusted sign-in
+ *             characteristics, configure threat protection in audit-only mode and provide a mechanism
+ *             for users or administrators to submit feedback. Your feedback can tell Amazon Cognito that a risk
+ *             rating was assigned at a level you don't agree with.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminUpdateUserAttributesCommand.d.ts

@@ -27,27 +27,10 @@ declare const AdminUpdateUserAttributesCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <note>
- *             <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers
- *             require you to register an origination phone number before you can send SMS messages
- *             to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a
- *             phone number with <a href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>.
- *             Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must
- *             receive SMS messages might not be able to sign up, activate their accounts, or sign
- *             in.</p>
- *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service,
- *             Amazon Simple Notification Service might place your account in the SMS sandbox. In <i>
- *                   <a href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
- *                     mode</a>
- *                </i>, you can send messages only to verified phone
- *             numbers. After you test your app while in the sandbox environment, you can move out
- *             of the sandbox and into production. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito
- *                 Developer Guide</i>.</p>
- *          </note>
- *          <p>Updates the specified user's attributes. To delete an attribute from your user,
+ * <p>Updates the specified user's attributes. To delete an attribute from your user,
  *             submit the attribute in your API request with a blank value.</p>
- *          <p>For custom attributes, you must prepend the <code>custom:</code> prefix to the
- *             attribute name.</p>
+ *          <p>For custom attributes, you must add a <code>custom:</code> prefix to the attribute
+ *             name, for example <code>custom:department</code>.</p>
  *          <p>This operation can set a user's email address or phone number as verified and
  *             permit immediate sign-in in user pools that require verification of these attributes. To
  *             do this, set the <code>email_verified</code> or <code>phone_number_verified</code>
@@ -72,6 +55,23 @@ declare const AdminUpdateUserAttributesCommand_base: {
  *                </li>
  *             </ul>
  *          </note>
+ *          <note>
+ *             <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers
+ *             require you to register an origination phone number before you can send SMS messages
+ *             to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a
+ *             phone number with <a href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>.
+ *             Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must
+ *             receive SMS messages might not be able to sign up, activate their accounts, or sign
+ *             in.</p>
+ *             <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service,
+ *             Amazon Simple Notification Service might place your account in the SMS sandbox. In <i>
+ *                   <a href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox
+ *                     mode</a>
+ *                </i>, you can send messages only to verified phone
+ *             numbers. After you test your app while in the sandbox environment, you can move out
+ *             of the sandbox and into production. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito
+ *                 Developer Guide</i>.</p>
+ *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/AssociateSoftwareTokenCommand.d.ts

@@ -33,18 +33,6 @@ declare const AssociateSoftwareTokenCommand_base: {
  *             the user's access token, or a session string from a challenge response that you received
  *             from Amazon Cognito.</p>
  *          <note>
- *             <p>Amazon Cognito disassociates an existing software token when you verify the new token in a
- *                     <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifySoftwareToken.html"> VerifySoftwareToken</a> API request. If you don't verify the software
- *                 token and your user pool doesn't require MFA, the user can then authenticate with
- *                 user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito
- *                 generates an <code>MFA_SETUP</code> or <code>SOFTWARE_TOKEN_SETUP</code> challenge
- *                 each time your user signs in. Complete setup with
- *                     <code>AssociateSoftwareToken</code> and <code>VerifySoftwareToken</code>.</p>
- *             <p>After you set up software token MFA for your user, Amazon Cognito generates a
- *                     <code>SOFTWARE_TOKEN_MFA</code> challenge when they authenticate. Respond to
- *                 this challenge with your user's TOTP.</p>
- *          </note>
- *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you can't use IAM credentials to authorize requests, and you can't
  *     grant IAM permissions in policies. For more information about authorization models in

package/dist-types/commands/ChangePasswordCommand.d.ts

@@ -27,7 +27,7 @@ declare const ChangePasswordCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Changes the password for a specified user in a user pool.</p>
+ * <p>Changes the password for the currently signed-in user.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/CompleteWebAuthnRegistrationCommand.d.ts

@@ -27,9 +27,8 @@ declare const CompleteWebAuthnRegistrationCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Completes registration of a passkey authenticator for the current user. Your
- *             application provides data from a successful registration request with the data from the
- *             output of a <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_StartWebAuthnRegistration.html"> StartWebAuthnRegistration</a>.</p>
+ * <p>Completes registration of a passkey authenticator for the currently signed-in
+ *             user.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/ConfirmDeviceCommand.d.ts

@@ -67,6 +67,10 @@ declare const ConfirmDeviceCommand_base: {
  * @see {@link ConfirmDeviceCommandOutput} for command's `response` shape.
  * @see {@link CognitoIdentityProviderClientResolvedConfig | config} for CognitoIdentityProviderClient's `config` shape.
  *
+ * @throws {@link DeviceKeyExistsException} (client fault)
+ *  <p>This exception is thrown when a user attempts to confirm a device with a device key
+ *             that already exists.</p>
+ *
  * @throws {@link ForbiddenException} (client fault)
  *  <p>This exception is thrown when WAF doesn't allow your request based on a web
  *             ACL that's associated with your user pool.</p>

package/dist-types/commands/ConfirmSignUpCommand.d.ts

@@ -27,18 +27,15 @@ declare const ConfirmSignUpCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>This public API operation submits a code that Amazon Cognito sent to your user when they signed
- *             up in your user pool via the <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html">SignUp</a>
- *             API operation. After your user enters their code, they confirm ownership of the email
- *             address or phone number that they provided, and their user account becomes active.
- *             Depending on your user pool configuration, your users will receive their confirmation
- *             code in an email or SMS message.</p>
+ * <p>Confirms the account of a new user. This public API operation submits a code that
+ *             Amazon Cognito sent to your user when they signed up in your user pool. After your user enters
+ *             their code, they confirm ownership of the email address or phone number that they
+ *             provided, and their user account becomes active. Depending on your user pool
+ *             configuration, your users will receive their confirmation code in an email or SMS
+ *             message.</p>
  *          <p>Local users who signed up in your user pool are the only type of user who can confirm
  *             sign-up with a code. Users who federate through an external identity provider (IdP) have
- *             already been confirmed by their IdP. Administrator-created users, users created with the
- *                 <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminCreateUser.html">AdminCreateUser</a> API operation, confirm their accounts when they respond to
- *             their invitation email message and choose a password. They do not receive a confirmation
- *             code. Instead, they receive a temporary password.</p>
+ *             already been confirmed by their IdP.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you can't use IAM credentials to authorize requests, and you can't

package/dist-types/commands/CreateGroupCommand.d.ts

@@ -28,7 +28,7 @@ declare const CreateGroupCommand_base: {
 };
 /**
  * <p>Creates a new group in the specified user pool. For more information about user pool
- *             groups see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html">Adding groups to a user pool</a>.</p>
+ *             groups, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html">Adding groups to a user pool</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/CreateManagedLoginBrandingCommand.d.ts

@@ -41,9 +41,6 @@ declare const CreateManagedLoginBrandingCommand_base: {
  *             doesn't require that you pass all parameters in one request and preserves existing
  *             style settings that you don't specify. If your request is larger than 2MB, separate it
  *             into multiple requests, each with a size smaller than the limit. </p>
- *          <p>As a best practice, modify the output of <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeManagedLoginBrandingByClient.html">DescribeManagedLoginBrandingByClient</a> into the request parameters for this
- *             operation. To get all settings, set <code>ReturnMergedResources</code> to
- *                 <code>true</code>. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/managed-login-brandingdesigner.html#branding-designer-api">API and SDK operations for managed login branding</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/CreateUserImportJobCommand.d.ts

@@ -28,9 +28,7 @@ declare const CreateUserImportJobCommand_base: {
 };
 /**
  * <p>Creates a user import job. You can import users into user pools from a comma-separated
- *             values (CSV) file without adding Amazon Cognito MAU costs to your Amazon Web Services bill. To generate a
- *             template for your import, see <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetCSVHeader.html">GetCSVHeader</a>. To learn more about CSV import, see
- *                 <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-using-import-tool.html">Importing users from a CSV file</a>.</p>
+ *             values (CSV) file without adding Amazon Cognito MAU costs to your Amazon Web Services bill.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/CreateUserPoolClientCommand.d.ts

@@ -28,11 +28,10 @@ declare const CreateUserPoolClientCommand_base: {
 };
 /**
  * <p>Creates an app client in a user pool. This operation sets basic and advanced
- *             configuration options. You can create an app client in the Amazon Cognito console to your
- *             preferences and use the output of <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html">DescribeUserPoolClient</a> to generate requests from that
- *             baseline.</p>
- *          <p>New app clients activate token revocation by default. For more information about
- *             revoking tokens, see <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html">RevokeToken</a>.</p>
+ *             configuration options.</p>
+ *          <p>Unlike app clients created in the console, Amazon Cognito doesn't automatically assign a
+ * branding style to app clients that you configure with this API operation. Managed login and classic hosted UI pages aren't
+ * available for your client until after you apply a branding style.</p>
  *          <important>
  *             <p>If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.</p>
  *          </important>

package/dist-types/commands/CreateUserPoolCommand.d.ts

@@ -27,7 +27,12 @@ declare const CreateUserPoolCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <note>
+ * <p>Creates a new Amazon Cognito user pool. This operation sets basic and advanced configuration
+ *             options.</p>
+ *          <important>
+ *             <p>If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.</p>
+ *          </important>
+ *          <note>
  *             <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers
  *             require you to register an origination phone number before you can send SMS messages
  *             to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a
@@ -44,13 +49,6 @@ declare const CreateUserPoolCommand_base: {
  *             of the sandbox and into production. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito
  *                 Developer Guide</i>.</p>
  *          </note>
- *          <p>Creates a new Amazon Cognito user pool. This operation sets basic and advanced configuration
- *             options. You can create a user pool in the Amazon Cognito console to your preferences and use the
- *             output of <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html">DescribeUserPool</a> to generate requests from that
- *             baseline.</p>
- *          <important>
- *             <p>If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.</p>
- *          </important>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must
@@ -108,7 +106,7 @@ declare const CreateUserPoolCommand_base: {
  *     PreTokenGeneration: "STRING_VALUE",
  *     UserMigration: "STRING_VALUE",
  *     PreTokenGenerationConfig: { // PreTokenGenerationVersionConfigType
- *       LambdaVersion: "V1_0" || "V2_0", // required
+ *       LambdaVersion: "V1_0" || "V2_0" || "V3_0", // required
  *       LambdaArn: "STRING_VALUE", // required
  *     },
  *     CustomSMSSender: { // CustomSMSLambdaVersionConfigType
@@ -247,7 +245,7 @@ declare const CreateUserPoolCommand_base: {
  * //       PreTokenGeneration: "STRING_VALUE",
  * //       UserMigration: "STRING_VALUE",
  * //       PreTokenGenerationConfig: { // PreTokenGenerationVersionConfigType
- * //         LambdaVersion: "V1_0" || "V2_0", // required
+ * //         LambdaVersion: "V1_0" || "V2_0" || "V3_0", // required
  * //         LambdaArn: "STRING_VALUE", // required
  * //       },
  * //       CustomSMSSender: { // CustomSMSLambdaVersionConfigType

package/dist-types/commands/CreateUserPoolDomainCommand.d.ts

@@ -28,9 +28,9 @@ declare const CreateUserPoolDomainCommand_base: {
 };
 /**
  * <p>A user pool domain hosts managed login, an authorization server and web server for
- *             authentication in your application. This operation creates a new user pool prefix or
- *             custom domain and sets the managed login branding version. Set the branding version to
- *                 <code>1</code> for hosted UI (classic) or <code>2</code> for managed login. When you
+ *             authentication in your application. This operation creates a new user pool prefix domain
+ *             or custom domain and sets the managed login branding version. Set the branding version
+ *             to <code>1</code> for hosted UI (classic) or <code>2</code> for managed login. When you
  *             choose a custom domain, you must provide an SSL certificate in the US East (N. Virginia)
  *             Amazon Web Services Region in your request.</p>
  *          <p>Your prefix domain might take up to one minute to take effect. Your custom domain is

package/dist-types/commands/DeleteUserAttributesCommand.d.ts

@@ -27,9 +27,9 @@ declare const DeleteUserAttributesCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Self-deletes attributes for a user. For example, your application can submit a request
- *             to this operation when a user wants to remove their <code>birthdate</code> attribute
- *             value.</p>
+ * <p>Deletes attributes from the currently signed-in user. For example, your application
+ *             can submit a request to this operation when a user wants to remove their
+ *                 <code>birthdate</code> attribute value.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/DeleteUserCommand.d.ts

@@ -27,8 +27,8 @@ declare const DeleteUserCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Self-deletes a user profile. A deleted user profile can no longer be used to sign in
- *             and can't be restored.</p>
+ * <p>Deletes the profile of the currently signed-in user. A deleted user profile can no
+ *             longer be used to sign in and can't be restored.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/DeleteUserPoolCommand.d.ts

@@ -29,7 +29,13 @@ declare const DeleteUserPoolCommand_base: {
 /**
  * <p>Deletes a user pool. After you delete a user pool, users can no longer sign in to any
  *             associated applications. </p>
- *          <p></p>
+ *          <p>When you delete a user pool, it's no longer visible or operational in your Amazon Web Services account. Amazon Cognito retains deleted user pools in an inactive state for 14
+ *             days, then begins a cleanup process that fully removes them from Amazon Web Services systems. In case
+ *             of accidental deletion, contact Amazon Web Services Support within 14 days for restoration
+ *             assistance.</p>
+ *          <p>Amazon Cognito begins full deletion of all resources from deleted user pools after 14 days. In
+ *             the case of large user pools, the cleanup process might take significant additional time
+ *             before all user data is permanently deleted.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DeleteWebAuthnCredentialCommand.d.ts

@@ -27,7 +27,7 @@ declare const DeleteWebAuthnCredentialCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Deletes a registered passkey, or webauthN, authenticator for the currently signed-in
+ * <p>Deletes a registered passkey, or WebAuthn, authenticator for the currently signed-in
  *             user.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>

package/dist-types/commands/DescribeUserPoolCommand.d.ts

@@ -94,7 +94,7 @@ declare const DescribeUserPoolCommand_base: {
  * //       PreTokenGeneration: "STRING_VALUE",
  * //       UserMigration: "STRING_VALUE",
  * //       PreTokenGenerationConfig: { // PreTokenGenerationVersionConfigType
- * //         LambdaVersion: "V1_0" || "V2_0", // required
+ * //         LambdaVersion: "V1_0" || "V2_0" || "V3_0", // required
  * //         LambdaArn: "STRING_VALUE", // required
  * //       },
  * //       CustomSMSSender: { // CustomSMSLambdaVersionConfigType

package/dist-types/commands/ForgetDeviceCommand.d.ts

@@ -27,8 +27,8 @@ declare const ForgetDeviceCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Forgets the specified device. For more information about device authentication, see
- *                 <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with user devices in your user pool</a>.</p>
+ * <p>Given a device key, deletes a remembered device as the currently signed-in user. For
+ *             more information about device authentication, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with user devices in your user pool</a>.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/ForgotPasswordCommand.d.ts

@@ -27,18 +27,13 @@ declare const ForgotPasswordCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Calling this API causes a message to be sent to the end user with a confirmation code
- *             that is required to change the user's password. For the <code>Username</code> parameter,
- *             you can use the username or user alias. The method used to send the confirmation code is
- *             sent according to the specified AccountRecoverySetting. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html">Recovering
- *                 User Accounts</a> in the <i>Amazon Cognito Developer Guide</i>. To
- *             use the confirmation code for resetting the password, call <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html">ConfirmForgotPassword</a>. </p>
- *          <p>If neither a verified phone number nor a verified email exists, this API returns
- *                 <code>InvalidParameterException</code>. If your app client has a client secret and
- *             you don't provide a <code>SECRET_HASH</code> parameter, this API returns
+ * <p>Sends a password-reset confirmation code for the currently signed-in user.</p>
+ *          <p>For the <code>Username</code> parameter, you can use the username or user
+ *             alias.</p>
+ *          <p>If neither a verified phone number nor a verified email exists, Amazon Cognito responds with an
+ *                 <code>InvalidParameterException</code> error . If your app client has a client
+ *             secret and you don't provide a <code>SECRET_HASH</code> parameter, this API returns
  *                 <code>NotAuthorizedException</code>.</p>
- *          <p>To use this API operation, your user pool must have self-service account recovery
- *             configured. Use <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserPassword.html">AdminSetUserPassword</a> if you manage passwords as an administrator.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you can't use IAM credentials to authorize requests, and you can't

package/dist-types/commands/GetCSVHeaderCommand.d.ts

@@ -27,8 +27,32 @@ declare const GetCSVHeaderCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Gets the header information for the comma-separated value (CSV) file to be used as
- *             input for the user import job.</p>
+ * <p>Given a user pool ID, generates a comma-separated value (CSV) list populated with
+ *             available user attributes in the user pool. This list is the header for the CSV file
+ *             that determines the users in a user import job. Save the content of
+ *                 <code>CSVHeader</code> in the response as a <code>.csv</code> file and populate it
+ *             with the usernames and attributes of users that you want to import. For more information
+ *             about CSV user import, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-using-import-tool.html">Importing users from a CSV file</a>.</p>
+ *          <note>
+ *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
+ *     this operation, you must use IAM credentials to authorize requests, and you must
+ *     grant yourself the corresponding IAM permission in a policy.</p>
+ *             <p class="title">
+ *                <b>Learn more</b>
+ *             </p>
+ *             <ul>
+ *                <li>
+ *                   <p>
+ *                      <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services API Requests</a>
+ *                   </p>
+ *                </li>
+ *                <li>
+ *                   <p>
+ *                      <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using the Amazon Cognito user pools API and user pool endpoints</a>
+ *                   </p>
+ *                </li>
+ *             </ul>
+ *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/GetDeviceCommand.d.ts

@@ -27,7 +27,8 @@ declare const GetDeviceCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Gets the device. For more information about device authentication, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with user devices in your user pool</a>.</p>
+ * <p>Given a device key, returns information about a remembered device for the current
+ *             user. For more information about device authentication, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with user devices in your user pool</a>.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/GetGroupCommand.d.ts

@@ -27,8 +27,29 @@ declare const GetGroupCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Gets a group.</p>
- *          <p>Calling this action requires developer credentials.</p>
+ * <p>Given a user pool ID and a group name, returns information about the user
+ *             group.</p>
+ *          <p> For more information about user pool groups, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html">Adding groups to a user pool</a>.</p>
+ *          <note>
+ *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
+ *     this operation, you must use IAM credentials to authorize requests, and you must
+ *     grant yourself the corresponding IAM permission in a policy.</p>
+ *             <p class="title">
+ *                <b>Learn more</b>
+ *             </p>
+ *             <ul>
+ *                <li>
+ *                   <p>
+ *                      <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services API Requests</a>
+ *                   </p>
+ *                </li>
+ *                <li>
+ *                   <p>
+ *                      <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using the Amazon Cognito user pools API and user pool endpoints</a>
+ *                   </p>
+ *                </li>
+ *             </ul>
+ *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/GetIdentityProviderByIdentifierCommand.d.ts

@@ -27,7 +27,9 @@ declare const GetIdentityProviderByIdentifierCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Gets the specified IdP.</p>
+ * <p>Given the identifier of an identity provider (IdP), for example
+ *                 <code>examplecorp</code>, returns information about the user pool configuration for
+ *             that IdP. For more information about IdPs, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html">Third-party IdP sign-in</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript