@aws-sdk/client-cognito-identity-provider 3.758.0 → 3.768.0

package/dist-types/commands/GetUserPoolMfaConfigCommand.d.ts

@@ -28,7 +28,45 @@ declare const GetUserPoolMfaConfigCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Gets the user pool multi-factor authentication (MFA) configuration.</p>
+ * <p>Given a user pool ID, returns configuration for sign-in with WebAuthn authenticators
+ *             and for multi-factor authentication (MFA). This operation describes the
+ *             following:</p>
+ *          <ul>
+ *             <li>
+ *                <p>The WebAuthn relying party (RP) ID and user-verification settings.</p>
+ *             </li>
+ *             <li>
+ *                <p>The required, optional, or disabled state of MFA for all user pool
+ *                     users.</p>
+ *             </li>
+ *             <li>
+ *                <p>The message templates for email and SMS MFA.</p>
+ *             </li>
+ *             <li>
+ *                <p>The enabled or disabled state of time-based one-time password (TOTP)
+ *                     MFA.</p>
+ *             </li>
+ *          </ul>
+ *          <note>
+ *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
+ *     this operation, you must use IAM credentials to authorize requests, and you must
+ *     grant yourself the corresponding IAM permission in a policy.</p>
+ *             <p class="title">
+ *                <b>Learn more</b>
+ *             </p>
+ *             <ul>
+ *                <li>
+ *                   <p>
+ *                      <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services API Requests</a>
+ *                   </p>
+ *                </li>
+ *                <li>
+ *                   <p>
+ *                      <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using the Amazon Cognito user pools API and user pool endpoints</a>
+ *                   </p>
+ *                </li>
+ *             </ul>
+ *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/InitiateAuthCommand.d.ts

@@ -27,8 +27,11 @@ declare const InitiateAuthCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user
- *             with a federated IdP with <code>InitiateAuth</code>. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html"> Adding user pool sign-in through a third party</a>.</p>
+ * <p>Declares an authentication flow and initiates sign-in for a user in the Amazon Cognito user
+ *             directory. Amazon Cognito might respond with an additional challenge or an
+ *                 <code>AuthenticationResult</code> that contains the outcome of a successful
+ *             authentication. You can't sign in a user with a federated IdP with
+ *                 <code>InitiateAuth</code>. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/authentication.html">Authentication</a>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you can't use IAM credentials to authorize requests, and you can't

package/dist-types/commands/ListDevicesCommand.d.ts

@@ -27,7 +27,7 @@ declare const ListDevicesCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists the sign-in devices that Amazon Cognito has registered to the current user. For more
+ * <p>Lists the devices that Amazon Cognito has registered to the currently signed-in user. For more
  *             information about device authentication, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with user devices in your user pool</a>.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>

package/dist-types/commands/ListGroupsCommand.d.ts

@@ -27,7 +27,7 @@ declare const ListGroupsCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists the groups associated with a user pool.</p>
+ * <p>Given a user pool ID, returns user pool groups and their details.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/ListIdentityProvidersCommand.d.ts

@@ -27,7 +27,8 @@ declare const ListIdentityProvidersCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists information about all IdPs for a user pool.</p>
+ * <p>Given a user pool ID, returns information about configured identity providers (IdPs).
+ *             For more information about IdPs, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html">Third-party IdP sign-in</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/ListResourceServersCommand.d.ts

@@ -27,7 +27,8 @@ declare const ListResourceServersCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists the resource servers for a user pool.</p>
+ * <p>Given a user pool ID, returns all resource servers and their details. For more
+ *             information about resource servers, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-define-resource-servers.html">Access control with resource servers</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/ListTagsForResourceCommand.d.ts

@@ -27,10 +27,9 @@ declare const ListTagsForResourceCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists the tags that are assigned to an Amazon Cognito user pool.</p>
- *          <p>A tag is a label that you can apply to user pools to categorize and manage them in
- *             different ways, such as by purpose, owner, environment, or other criteria.</p>
- *          <p>You can use this action up to 10 times per second, per account.</p>
+ * <p>Lists the tags that are assigned to an Amazon Cognito user pool. For more information, see
+ *                 <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/tagging.html">Tagging
+ *                 resources</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/ListUserImportJobsCommand.d.ts

@@ -27,7 +27,9 @@ declare const ListUserImportJobsCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists user import jobs for a user pool.</p>
+ * <p>Given a user pool ID, returns user import jobs and their details. Import jobs are
+ *             retained in user pool configuration so that you can stage, stop, start, review, and
+ *             delete them. For more information about user import, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-using-import-tool.html">Importing users from a CSV file</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/ListUserPoolClientsCommand.d.ts

@@ -27,7 +27,8 @@ declare const ListUserPoolClientsCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists the clients that have been created for the specified user pool.</p>
+ * <p>Given a user pool ID, lists app clients. App clients are sets of rules for the access
+ *             that you want a user pool to grant to one application. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html">App clients</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/ListUserPoolsCommand.d.ts

@@ -27,7 +27,7 @@ declare const ListUserPoolsCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists the user pools associated with an Amazon Web Services account.</p>
+ * <p>Lists user pools and their details in the current Amazon Web Services account.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must
@@ -77,7 +77,7 @@ declare const ListUserPoolsCommand_base: {
  * //         PreTokenGeneration: "STRING_VALUE",
  * //         UserMigration: "STRING_VALUE",
  * //         PreTokenGenerationConfig: { // PreTokenGenerationVersionConfigType
- * //           LambdaVersion: "V1_0" || "V2_0", // required
+ * //           LambdaVersion: "V1_0" || "V2_0" || "V3_0", // required
  * //           LambdaArn: "STRING_VALUE", // required
  * //         },
  * //         CustomSMSSender: { // CustomSMSLambdaVersionConfigType

package/dist-types/commands/ListUsersCommand.d.ts

@@ -27,7 +27,8 @@ declare const ListUsersCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists users and their basic details in a user pool.</p>
+ * <p>Given a user pool ID, returns a list of users and their basic details in a user
+ *             pool.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/ListUsersInGroupCommand.d.ts

@@ -27,7 +27,8 @@ declare const ListUsersInGroupCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists the users in the specified group.</p>
+ * <p>Given a user pool ID and a group name, returns a list of users in the group. For more
+ *             information about user pool groups, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html">Adding groups to a user pool</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/ListWebAuthnCredentialsCommand.d.ts

@@ -27,8 +27,15 @@ declare const ListWebAuthnCredentialsCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Generates a list of the current user's registered passkey, or webauthN,
- *             credentials.</p>
+ * <p>Generates a list of the currently signed-in user's registered passkey, or
+ *             WebAuthn, credentials.</p>
+ *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
+ *          <note>
+ *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For
+ *     this operation, you can't use IAM credentials to authorize requests, and you can't
+ *     grant IAM permissions in policies. For more information about authorization models in
+ *     Amazon Cognito, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using the Amazon Cognito user pools API and user pool endpoints</a>.</p>
+ *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/ResendConfirmationCodeCommand.d.ts

@@ -27,8 +27,11 @@ declare const ResendConfirmationCodeCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Resends the confirmation (for confirmation of registration) to a specific user in the
- *             user pool.</p>
+ * <p>Resends the code that confirms a new account for a user who has signed up in your user
+ *             pool. Amazon Cognito sends confirmation codes to the user attribute in the
+ *                 <code>AutoVerifiedAttributes</code> property of your user pool. When you prompt new
+ *             users for the confirmation code, include a "Resend code" option that generates a call to
+ *             this API operation.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you can't use IAM credentials to authorize requests, and you can't

package/dist-types/commands/SetLogDeliveryConfigurationCommand.d.ts

@@ -28,7 +28,9 @@ declare const SetLogDeliveryConfigurationCommand_base: {
 };
 /**
  * <p>Sets up or modifies the logging configuration of a user pool. User pools can export
- *             user notification logs and advanced security features user activity logs.</p>
+ *             user notification logs and, when threat protection is active, user-activity logs. For
+ *             more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html">Exporting user
+ *                 pool logs</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/SetRiskConfigurationCommand.d.ts

@@ -27,11 +27,30 @@ declare const SetRiskConfigurationCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Configures actions on detected risks. To delete the risk configuration for
- *                 <code>UserPoolId</code> or <code>ClientId</code>, pass null values for all four
- *             configuration types.</p>
- *          <p>To activate Amazon Cognito advanced security features, update the user pool to include the
- *                 <code>UserPoolAddOns</code> key<code>AdvancedSecurityMode</code>.</p>
+ * <p>Configures threat protection for a user pool or app client. Sets configuration for the
+ *             following.</p>
+ *          <ul>
+ *             <li>
+ *                <p>Responses to risks with adaptive authentication</p>
+ *             </li>
+ *             <li>
+ *                <p>Responses to vulnerable passwords with compromised-credentials
+ *                     detection</p>
+ *             </li>
+ *             <li>
+ *                <p>Notifications to users who have had risky activity detected</p>
+ *             </li>
+ *             <li>
+ *                <p>IP-address denylist and allowlist</p>
+ *             </li>
+ *          </ul>
+ *          <p>To set the risk configuration for the user pool to defaults, send this request with
+ *             only the <code>UserPoolId</code> parameter. To reset the threat protection settings of
+ *             an app client to be inherited from the user pool, send <code>UserPoolId</code> and
+ *                 <code>ClientId</code> parameters only. To change threat protection to audit-only or
+ *             off, update the value of <code>UserPoolAddOns</code> in an <code>UpdateUserPool</code>
+ *             request. To activate this setting, your user pool must be on the <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html">
+ *                      Plus tier</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/SetUICustomizationCommand.d.ts

@@ -27,18 +27,31 @@ declare const SetUICustomizationCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Sets the user interface (UI) customization information for a user pool's built-in app
- *             UI.</p>
- *          <p>You can specify app UI customization settings for a single client (with a specific
- *                 <code>clientId</code>) or for all clients (by setting the <code>clientId</code> to
- *                 <code>ALL</code>). If you specify <code>ALL</code>, the default configuration is
- *             used for every client that has no previously set UI customization. If you specify UI
- *             customization settings for a particular client, it will no longer return to the
+ * <p>Configures UI branding settings for domains with the hosted UI (classic) branding
+ *             version. Your user pool must have a domain. Configure a domain with .</p>
+ *          <p>Set the default configuration for all clients with a <code>ClientId</code> of
+ *                 <code>ALL</code>. When the <code>ClientId</code> value is an app client ID, the
+ *             settings you pass in this request apply to that app client and override the default
  *                 <code>ALL</code> configuration.</p>
  *          <note>
- *             <p>To use this API, your user pool must have a domain associated with it. Otherwise,
- *                 there is no place to host the app's pages, and the service will throw an
- *                 error.</p>
+ *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
+ *     this operation, you must use IAM credentials to authorize requests, and you must
+ *     grant yourself the corresponding IAM permission in a policy.</p>
+ *             <p class="title">
+ *                <b>Learn more</b>
+ *             </p>
+ *             <ul>
+ *                <li>
+ *                   <p>
+ *                      <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services API Requests</a>
+ *                   </p>
+ *                </li>
+ *                <li>
+ *                   <p>
+ *                      <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using the Amazon Cognito user pools API and user pool endpoints</a>
+ *                   </p>
+ *                </li>
+ *             </ul>
  *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/SetUserMFAPreferenceCommand.d.ts

@@ -36,9 +36,6 @@ declare const SetUserMFAPreferenceCommand_base: {
  *             unless device tracking is turned on and the device has been trusted. If you want MFA to
  *             be applied selectively based on the assessed risk level of sign-in attempts, deactivate
  *             MFA for users and turn on Adaptive Authentication for the user pool.</p>
- *          <p>This operation doesn't reset an existing TOTP MFA for a user. To register a new
- *             TOTP factor for a user, make an <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AssociateSoftwareToken.html">AssociateSoftwareToken</a> request. For more information,
- *             see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-totp.html">TOTP software token MFA</a>.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/SetUserPoolMfaConfigCommand.d.ts

@@ -27,7 +27,8 @@ declare const SetUserPoolMfaConfigCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Sets the user pool multi-factor authentication (MFA) and passkey configuration.</p>
+ * <p>Sets user pool multi-factor authentication (MFA) and passkey configuration. For more
+ *             information about user pool MFA, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html">Adding MFA</a>. For more information about WebAuthn passkeys see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html#amazon-cognito-user-pools-authentication-flow-methods-passkey">Authentication flows</a>.</p>
  *          <note>
  *             <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers
  *             require you to register an origination phone number before you can send SMS messages

package/dist-types/commands/SetUserSettingsCommand.d.ts

@@ -30,7 +30,7 @@ declare const SetUserSettingsCommand_base: {
  * <p>
  *             <i>This action is no longer supported.</i> You can use it to configure
  *             only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software
- *             token MFA. To configure either type of MFA, use <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html">SetUserMFAPreference</a> instead.</p>
+ *             token or email MFA.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/SignUpCommand.d.ts

@@ -27,8 +27,8 @@ declare const SignUpCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Registers the user in the specified user pool and creates a user name, password, and
- *             user attributes.</p>
+ * <p>Registers a user with an app client and requests a user name, password, and user
+ *             attributes in the user pool.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you can't use IAM credentials to authorize requests, and you can't
@@ -56,9 +56,7 @@ declare const SignUpCommand_base: {
  *             if you have exceeded a rate quota for email or SMS messages, and if your user pool
  *             automatically verifies email addresses or phone numbers. When you get this exception in
  *             the response, the user is successfully created and is in an <code>UNCONFIRMED</code>
- *             state. You can send a new code with the <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ResendConfirmationCode.html"> ResendConfirmationCode</a> request, or confirm the user as an administrator
- *             with an <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminConfirmSignUp.html">
- *                 AdminConfirmSignUp</a> request.</p>
+ *             state.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/StartUserImportJobCommand.d.ts

@@ -27,7 +27,9 @@ declare const StartUserImportJobCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Starts the user import.</p>
+ * <p>Instructs your user pool to start importing users from a CSV file that contains their
+ *             usernames and attributes. For more information about importing users from a CSV file,
+ *             see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-using-import-tool.html">Importing users from a CSV file</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/StartWebAuthnRegistrationCommand.d.ts

@@ -27,12 +27,10 @@ declare const StartWebAuthnRegistrationCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Requests credential creation options from your user pool for registration of a passkey
- *             authenticator. Returns information about the user pool, the user profile, and
- *             authentication requirements. Users must provide this information in their request to
- *             enroll your application with their passkey provider.</p>
- *          <p>After users present this data and register with their passkey provider, return the
- *             response to your user pool in a <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CompleteWebAuthnRegistration.html"> CompleteWebAuthnRegistration</a> API request.</p>
+ * <p>Requests credential creation options from your user pool for the currently signed-in
+ *             user. Returns information about the user pool, the user profile, and authentication
+ *             requirements. Users must provide this information in their request to enroll your
+ *             application with their passkey provider.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/StopUserImportJobCommand.d.ts

@@ -27,7 +27,9 @@ declare const StopUserImportJobCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Stops the user import job.</p>
+ * <p>Instructs your user pool to stop a running job that's importing users from a CSV
+ *             file that contains their usernames and attributes. For more information about importing
+ *             users from a CSV file, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-using-import-tool.html">Importing users from a CSV file</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/UntagResourceCommand.d.ts

@@ -27,8 +27,7 @@ declare const UntagResourceCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5
- *             times per second, per account.</p>
+ * <p>Given tag IDs that you previously assigned to a user pool, removes them.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/UpdateAuthEventFeedbackCommand.d.ts

@@ -27,9 +27,19 @@ declare const UpdateAuthEventFeedbackCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Provides the feedback for an authentication event, whether it was from a valid user or
- *             not. This feedback is used for improving the risk evaluation decision for the user pool
- *             as part of Amazon Cognito advanced security.</p>
+ * <p>Provides the feedback for an authentication event generated by threat protection
+ *             features. The user's response indicates that you think that the event either was from a
+ *             valid user or was an unwanted authentication attempt. This feedback improves the risk
+ *             evaluation decision for the user pool as part of Amazon Cognito threat protection.
+ *             To activate this setting, your user pool must be on the <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html">
+ *                      Plus tier</a>.</p>
+ *          <p>This operation requires a <code>FeedbackToken</code> that Amazon Cognito generates and adds to
+ *             notification emails when users have potentially suspicious authentication events. Users
+ *             invoke this operation when they select the link that corresponds to
+ *                 <code>\{one-click-link-valid\}</code> or <code>\{one-click-link-invalid\}</code> in your
+ *             notification template. Because <code>FeedbackToken</code> is a required parameter, you
+ *             can' make requests to <code>UpdateAuthEventFeedback</code> without the contents of
+ *             the notification email message.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you can't use IAM credentials to authorize requests, and you can't

package/dist-types/commands/UpdateDeviceStatusCommand.d.ts

@@ -27,8 +27,12 @@ declare const UpdateDeviceStatusCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Updates the device status. For more information about device authentication, see
- *                 <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with user devices in your user pool</a>.</p>
+ * <p>Updates the status of a the currently signed-in user's device so that it is
+ *             marked as remembered or not remembered for the purpose of device authentication. Device
+ *             authentication is a "remember me" mechanism that silently completes sign-in from trusted
+ *             devices with a device key instead of a user-provided MFA code. This operation changes
+ *             the status of a device without deleting it, so you can enable it again later. For more
+ *             information about device authentication, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with devices</a>.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/UpdateGroupCommand.d.ts

@@ -27,7 +27,8 @@ declare const UpdateGroupCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Updates the specified group with the specified attributes.</p>
+ * <p>Given the name of a user pool group, updates any of the properties for precedence,
+ *             IAM role, or description. For more information about user pool groups, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html">Adding groups to a user pool</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/UpdateIdentityProviderCommand.d.ts

@@ -27,7 +27,10 @@ declare const UpdateIdentityProviderCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Updates IdP information for a user pool.</p>
+ * <p>Modifies the configuration and trust relationship between a third-party identity
+ *             provider (IdP) and a user pool. Amazon Cognito accepts sign-in with third-party identity
+ *             providers through managed login and OIDC relying-party libraries. For more information,
+ *             see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html">Third-party IdP sign-in</a>.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/UpdateManagedLoginBrandingCommand.d.ts

@@ -35,11 +35,7 @@ declare const UpdateManagedLoginBrandingCommand_base: {
  *             image assets for your app client. Your branding settings might exceed 2MB in size. Amazon Cognito
  *             doesn't require that you pass all parameters in one request and preserves existing
  *             style settings that you don't specify. If your request is larger than 2MB, separate it
- *             into multiple requests, each with a size smaller than the limit. </p>
- *          <p>As a best practice, modify the output of <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeManagedLoginBrandingByClient.html">DescribeManagedLoginBrandingByClient</a> into the request parameters for this
- *             operation. To get all settings, set <code>ReturnMergedResources</code> to
- *                 <code>true</code>. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/managed-login-brandingdesigner.html#branding-designer-api">API and SDK operations for managed login branding</a>
- *          </p>
+ *             into multiple requests, each with a size smaller than the limit.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/UpdateResourceServerCommand.d.ts

@@ -27,7 +27,8 @@ declare const UpdateResourceServerCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Updates the name and scopes of resource server. All other fields are read-only.</p>
+ * <p>Updates the name and scopes of a resource server. All other fields are read-only. For
+ *             more information about resource servers, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-define-resource-servers.html">Access control with resource servers</a>.</p>
  *          <important>
  *             <p>If you don't provide a value for an attribute, it is set to the default
  *                 value.</p>

package/dist-types/commands/UpdateUserAttributesCommand.d.ts

@@ -27,11 +27,10 @@ declare const UpdateUserAttributesCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>With this operation, your users can update one or more of their attributes with their
- *             own credentials. You authorize this API request with the user's access token. To delete
- *             an attribute from your user, submit the attribute in your API request with a blank
- *             value. Custom attribute values in this request must include the <code>custom:</code>
- *             prefix.</p>
+ * <p>Updates the currently signed-in user's attributes. To delete an attribute from
+ *             the user, submit the attribute in your API request with a blank value.</p>
+ *          <p>For custom attributes, you must add a <code>custom:</code> prefix to the attribute
+ *             name, for example <code>custom:department</code>.</p>
  *          <p>Authorize this action with a signed-in user's access token. It must include the scope <code>aws.cognito.signin.user.admin</code>.</p>
  *          <note>
  *             <p>Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For

package/dist-types/commands/UpdateUserPoolClientCommand.d.ts

@@ -27,13 +27,16 @@ declare const UpdateUserPoolClientCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Updates the specified user pool app client with the specified attributes. You can get
- *             a list of the current user pool app client settings using <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html">DescribeUserPoolClient</a>.</p>
+ * <p>Given a user pool app client ID, updates the configuration. To avoid setting
+ *             parameters to Amazon Cognito defaults, construct this API request to pass the existing
+ *             configuration of your app client, modified to include the changes that you want to
+ *             make.</p>
  *          <important>
  *             <p>If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.</p>
  *          </important>
- *          <p>You can also use this operation to enable token revocation for user pool clients. For
- *             more information about revoking tokens, see <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html">RevokeToken</a>.</p>
+ *          <p>Unlike app clients created in the console, Amazon Cognito doesn't automatically assign a
+ * branding style to app clients that you configure with this API operation. Managed login and classic hosted UI pages aren't
+ * available for your client until after you apply a branding style.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must