@aws-sdk/client-cognito-identity-provider 3.998.0 → 3.1000.0

package/dist-types/models/models_1.d.ts

@@ -1,5 +1,316 @@
-import { ExplicitAuthFlowsType, OAuthFlowType, PreventUserExistenceErrorTypes, VerifySoftwareTokenResponseType } from "./enums";
-import type { AnalyticsConfigurationType, CustomDomainConfigType, RefreshTokenRotationType, TokenValidityUnitsType, UserPoolClientType } from "./models_0";
+import { DeletionProtectionType, ExplicitAuthFlowsType, OAuthFlowType, PreventUserExistenceErrorTypes, TermsEnforcementType, TermsSourceType, UserPoolMfaType, UserPoolTierType, VerifiedAttributeType, VerifySoftwareTokenResponseType } from "./enums";
+import { type AccountRecoverySettingType, type AdminCreateUserConfigType, type AnalyticsConfigurationType, type CustomDomainConfigType, type DeviceConfigurationType, type EmailConfigurationType, type LambdaConfigType, type RefreshTokenRotationType, type ResourceServerType, type SmsConfigurationType, type TermsType, type TokenValidityUnitsType, type UserAttributeUpdateSettingsType, type UserPoolAddOnsType, type UserPoolClientType, type UserPoolPolicyType, type VerificationMessageTemplateType, AttributeType, CodeDeliveryDetailsType } from "./models_0";
+/**
+ * @public
+ */
+export interface UpdateResourceServerResponse {
+    /**
+     * <p>The updated details of the requested resource server.</p>
+     * @public
+     */
+    ResourceServer: ResourceServerType | undefined;
+}
+/**
+ * @public
+ */
+export interface UpdateTermsRequest {
+    /**
+     * <p>The ID of the terms document that you want to update.</p>
+     * @public
+     */
+    TermsId: string | undefined;
+    /**
+     * <p>The ID of the user pool that contains the terms that you want to update.</p>
+     * @public
+     */
+    UserPoolId: string | undefined;
+    /**
+     * <p>The new name that you want to apply to the requested terms documents.</p>
+     * @public
+     */
+    TermsName?: string | undefined;
+    /**
+     * <p>This parameter is reserved for future use and currently accepts only one value.</p>
+     * @public
+     */
+    TermsSource?: TermsSourceType | undefined;
+    /**
+     * <p>This parameter is reserved for future use and currently accepts only one value.</p>
+     * @public
+     */
+    Enforcement?: TermsEnforcementType | undefined;
+    /**
+     * <p>A map of URLs to languages. For each localized language that will view the requested
+     *             <code>TermsName</code>, assign a URL. A selection of <code>cognito:default</code>
+     *             displays for all languages that don't have a language-specific URL.</p>
+     *          <p>For example, <code>"cognito:default": "https://terms.example.com", "cognito:spanish":
+     *                 "https://terms.example.com/es"</code>.</p>
+     * @public
+     */
+    Links?: Record<string, string> | undefined;
+}
+/**
+ * @public
+ */
+export interface UpdateTermsResponse {
+    /**
+     * <p>A summary of the updates to your terms documents.</p>
+     * @public
+     */
+    Terms?: TermsType | undefined;
+}
+/**
+ * <p>Represents the request to update user attributes.</p>
+ * @public
+ */
+export interface UpdateUserAttributesRequest {
+    /**
+     * <p>An array of name-value pairs representing user attributes.</p>
+     *          <p>For custom attributes, you must add a <code>custom:</code> prefix to the attribute
+     *             name.</p>
+     *          <p>If you have set an attribute to require verification before Amazon Cognito updates its value,
+     *             this request doesn’t immediately update the value of that attribute. After your user
+     *             receives and responds to a verification message to verify the new value, Amazon Cognito updates
+     *             the attribute value. Your user can sign in and receive messages with the original
+     *             attribute value until they verify the new value.</p>
+     * @public
+     */
+    UserAttributes: AttributeType[] | undefined;
+    /**
+     * <p>A valid access token that Amazon Cognito issued to the currently signed-in user. Must include a scope claim for
+     * <code>aws.cognito.signin.user.admin</code>.</p>
+     * @public
+     */
+    AccessToken: string | undefined;
+    /**
+     * <p>A map of custom key-value pairs that you can provide as input for any custom workflows
+     *             that this action triggers. You create custom workflows by assigning Lambda functions
+     *             to user pool triggers.</p>
+     *          <p>When Amazon Cognito invokes any of these functions, it passes a JSON payload, which the
+     *             function receives as input. This payload contains a <code>clientMetadata</code>
+     *             attribute that provides the data that you assigned to the ClientMetadata parameter in
+     *             your request. In your function code, you can process the <code>clientMetadata</code>
+     *             value to enhance your workflow for your specific needs.</p>
+     *          <p>To review the Lambda trigger types that Amazon Cognito invokes at runtime with API requests, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-working-with-lambda-triggers.html#lambda-triggers-by-event">
+     * Connecting API actions to Lambda triggers</a> in the <i>Amazon Cognito Developer Guide</i>.</p>
+     *          <note>
+     *             <p>When you use the <code>ClientMetadata</code> parameter, note that Amazon Cognito won't do the
+     *                 following:</p>
+     *             <ul>
+     *                <li>
+     *                   <p>Store the <code>ClientMetadata</code> value. This data is available only
+     *                         to Lambda triggers that are assigned to a user pool to support custom
+     *                         workflows. If your user pool configuration doesn't include triggers, the
+     *                         <code>ClientMetadata</code> parameter serves no purpose.</p>
+     *                </li>
+     *                <li>
+     *                   <p>Validate the <code>ClientMetadata</code> value.</p>
+     *                </li>
+     *                <li>
+     *                   <p>Encrypt the <code>ClientMetadata</code> value. Don't send sensitive
+     *                         information in this parameter.</p>
+     *                </li>
+     *             </ul>
+     *          </note>
+     * @public
+     */
+    ClientMetadata?: Record<string, string> | undefined;
+}
+/**
+ * <p>Represents the response from the server for the request to update user
+ *             attributes.</p>
+ * @public
+ */
+export interface UpdateUserAttributesResponse {
+    /**
+     * <p>When the attribute-update request includes an email address or phone number attribute,
+     *             Amazon Cognito sends a message to users with a code that confirms ownership of the new value that
+     *             they entered. The <code>CodeDeliveryDetails</code> object is information about the
+     *             delivery destination for that link or code. This behavior happens in user pools
+     *             configured to automatically verify changes to those attributes. For more information,
+     *             see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#verifying-when-users-change-their-email-or-phone-number">Verifying when users change their email or phone
+     *             number</a>.</p>
+     * @public
+     */
+    CodeDeliveryDetailsList?: CodeDeliveryDetailsType[] | undefined;
+}
+/**
+ * <p>Represents the request to update the user pool.</p>
+ * @public
+ */
+export interface UpdateUserPoolRequest {
+    /**
+     * <p>The ID of the user pool you want to update.</p>
+     * @public
+     */
+    UserPoolId: string | undefined;
+    /**
+     * <p>The password policy and sign-in policy in the user pool. The password policy sets
+     *             options like password complexity requirements and password history. The sign-in policy
+     *             sets the options available to applications in <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/authentication-flows-selection-sdk.html#authentication-flows-selection-choice">choice-based authentication</a>.</p>
+     * @public
+     */
+    Policies?: UserPoolPolicyType | undefined;
+    /**
+     * <p>When active, <code>DeletionProtection</code> prevents accidental deletion of your user
+     * pool. Before you can delete a user pool that you have protected against deletion, you
+     * must deactivate this feature.</p>
+     *          <p>When you try to delete a protected user pool in a <code>DeleteUserPool</code> API request,
+     * Amazon Cognito returns an <code>InvalidParameterException</code> error. To delete a protected user pool,
+     * send a new <code>DeleteUserPool</code> request after you deactivate deletion protection in an
+     * <code>UpdateUserPool</code> API request.</p>
+     * @public
+     */
+    DeletionProtection?: DeletionProtectionType | undefined;
+    /**
+     * <p>A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible
+     *             stages of authentication operations. Triggers can modify the outcome of the operations
+     *             that invoked them.</p>
+     * @public
+     */
+    LambdaConfig?: LambdaConfigType | undefined;
+    /**
+     * <p>The attributes that you want your user pool to automatically verify. Possible values:
+     *                 <b>email</b>, <b>phone_number</b>. For more information see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#allowing-users-to-sign-up-and-confirm-themselves">Verifying contact information at sign-up</a>.</p>
+     * @public
+     */
+    AutoVerifiedAttributes?: VerifiedAttributeType[] | undefined;
+    /**
+     * <p>This parameter is no longer used.</p>
+     * @public
+     */
+    SmsVerificationMessage?: string | undefined;
+    /**
+     * <p>This parameter is no longer used.</p>
+     * @public
+     */
+    EmailVerificationMessage?: string | undefined;
+    /**
+     * <p>This parameter is no longer used.</p>
+     * @public
+     */
+    EmailVerificationSubject?: string | undefined;
+    /**
+     * <p>The template for the verification message that your user pool delivers to users who
+     *             set an email address or phone number attribute.</p>
+     *          <p>Set the email message type that corresponds to your <code>DefaultEmailOption</code>
+     *             selection. For <code>CONFIRM_WITH_LINK</code>, specify an
+     *                 <code>EmailMessageByLink</code> and leave <code>EmailMessage</code> blank. For
+     *                 <code>CONFIRM_WITH_CODE</code>, specify an <code>EmailMessage</code> and leave
+     *                 <code>EmailMessageByLink</code> blank. When you supply both parameters with either
+     *             choice, Amazon Cognito returns an error.</p>
+     * @public
+     */
+    VerificationMessageTemplate?: VerificationMessageTemplateType | undefined;
+    /**
+     * <p>The contents of the SMS message that your user pool sends to users in SMS
+     *             authentication.</p>
+     * @public
+     */
+    SmsAuthenticationMessage?: string | undefined;
+    /**
+     * <p>The settings for updates to user attributes. These settings include the property <code>AttributesRequireVerificationBeforeUpdate</code>,
+     * a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For
+     * more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates">
+     * Verifying updates to email addresses and phone numbers</a>.</p>
+     * @public
+     */
+    UserAttributeUpdateSettings?: UserAttributeUpdateSettingsType | undefined;
+    /**
+     * <p>Sets multi-factor authentication (MFA) to be on, off, or optional. When
+     *                 <code>ON</code>, all users must set up MFA before they can sign in. When
+     *                 <code>OPTIONAL</code>, your application must make a client-side determination of
+     *             whether a user wants to register an MFA device. For user pools with adaptive
+     *             authentication with threat protection, choose <code>OPTIONAL</code>.</p>
+     *          <p>When <code>MfaConfiguration</code> is <code>OPTIONAL</code>, managed login
+     *             doesn't automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in
+     *             API responses and in managed login for users who have chosen and configured a preferred
+     *             MFA factor.</p>
+     * @public
+     */
+    MfaConfiguration?: UserPoolMfaType | undefined;
+    /**
+     * <p>The device-remembering configuration for a user pool. Device remembering or device
+     *             tracking is a "Remember me on this device" option for user pools that perform
+     *             authentication with the device key of a trusted device in the back end, instead of a
+     *             user-provided MFA code. For more information about device authentication, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with user devices in your user pool</a>. A null value indicates that
+     *             you have deactivated device remembering in your user pool.</p>
+     *          <note>
+     *             <p>When you provide a value for any <code>DeviceConfiguration</code> field, you
+     *                 activate the Amazon Cognito device-remembering feature. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html">Working with devices</a>.</p>
+     *          </note>
+     * @public
+     */
+    DeviceConfiguration?: DeviceConfigurationType | undefined;
+    /**
+     * <p>The email configuration of your user pool. The email configuration type sets your
+     *             preferred sending method, Amazon Web Services Region, and sender for email invitation and verification
+     *             messages from your user pool.</p>
+     * @public
+     */
+    EmailConfiguration?: EmailConfigurationType | undefined;
+    /**
+     * <p>The SMS configuration with the settings for your Amazon Cognito user pool to send SMS message
+     *             with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the
+     *             Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account. For
+     *             more information see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html">SMS message settings</a>.</p>
+     * @public
+     */
+    SmsConfiguration?: SmsConfigurationType | undefined;
+    /**
+     * <p>The tag keys and values to assign to the user pool. A tag is a label that you can use
+     *             to categorize and manage user pools in different ways, such as by purpose, owner,
+     *             environment, or other criteria.</p>
+     * @public
+     */
+    UserPoolTags?: Record<string, string> | undefined;
+    /**
+     * <p>The configuration for administrative creation of users. Includes the template for the
+     *             invitation message for new users, the duration of temporary passwords, and permitting
+     *             self-service sign-up.</p>
+     * @public
+     */
+    AdminCreateUserConfig?: AdminCreateUserConfigType | undefined;
+    /**
+     * <p>Contains settings for activation of threat protection, including the operating
+     * mode and additional authentication types. To log user security information but take
+     * no action, set to <code>AUDIT</code>. To configure automatic security responses to
+     * potentially unwanted traffic to your user pool, set to <code>ENFORCED</code>.</p>
+     *          <p>For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html">Adding advanced security to a user pool</a>. To activate this setting, your user pool must be on the <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html">
+     *                      Plus tier</a>.</p>
+     * @public
+     */
+    UserPoolAddOns?: UserPoolAddOnsType | undefined;
+    /**
+     * <p>The available verified method a user can use to recover their password when they call
+     *                 <code>ForgotPassword</code>. You can use this setting to define a preferred method
+     *             when a user has more than one method available. With this setting, SMS doesn't qualify
+     *             for a valid password recovery mechanism if the user also has SMS multi-factor
+     *             authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy
+     *             behavior to determine the recovery method where SMS is preferred through email.</p>
+     * @public
+     */
+    AccountRecoverySetting?: AccountRecoverySettingType | undefined;
+    /**
+     * <p>The updated name of your user pool.</p>
+     * @public
+     */
+    PoolName?: string | undefined;
+    /**
+     * <p>The user pool <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-sign-in-feature-plans.html">feature plan</a>, or tier. This parameter determines the
+     *             eligibility of the user pool for features like managed login, access-token
+     *             customization, and threat protection. Defaults to <code>ESSENTIALS</code>.</p>
+     * @public
+     */
+    UserPoolTier?: UserPoolTierType | undefined;
+}
+/**
+ * <p>Represents the response from the server when you make a request to update the user
+ *             pool.</p>
+ * @public
+ */
+export interface UpdateUserPoolResponse {
+}
 /**
  * <p>Represents the request to update the user pool client.</p>
  * @public

package/dist-types/schemas/schemas_0.d.ts

@@ -1,6 +1,7 @@
 import { TypeRegistry } from "@smithy/core/schema";
 import type { StaticErrorSchema, StaticOperationSchema, StaticStructureSchema } from "@smithy/types";
 export declare var CognitoIdentityProviderServiceException$: StaticErrorSchema;
+export declare var AccessDeniedException$: StaticErrorSchema;
 export declare var AliasExistsException$: StaticErrorSchema;
 export declare var CodeDeliveryFailureException$: StaticErrorSchema;
 export declare var CodeMismatchException$: StaticErrorSchema;
@@ -13,6 +14,7 @@ export declare var FeatureUnavailableInTierException$: StaticErrorSchema;
 export declare var ForbiddenException$: StaticErrorSchema;
 export declare var GroupExistsException$: StaticErrorSchema;
 export declare var InternalErrorException$: StaticErrorSchema;
+export declare var InternalServerException$: StaticErrorSchema;
 export declare var InvalidEmailRoleAccessPolicyException$: StaticErrorSchema;
 export declare var InvalidLambdaResponseException$: StaticErrorSchema;
 export declare var InvalidOAuthFlowException$: StaticErrorSchema;
@@ -68,6 +70,8 @@ export declare var AccountTakeoverActionType$: StaticStructureSchema;
 export declare var AccountTakeoverRiskConfigurationType$: StaticStructureSchema;
 export declare var AddCustomAttributesRequest$: StaticStructureSchema;
 export declare var AddCustomAttributesResponse$: StaticStructureSchema;
+export declare var AddUserPoolClientSecretRequest$: StaticStructureSchema;
+export declare var AddUserPoolClientSecretResponse$: StaticStructureSchema;
 export declare var AdminAddUserToGroupRequest$: StaticStructureSchema;
 export declare var AdminConfirmSignUpRequest$: StaticStructureSchema;
 export declare var AdminConfirmSignUpResponse$: StaticStructureSchema;
@@ -129,6 +133,7 @@ export declare var AuthEventType$: StaticStructureSchema;
 export declare var ChallengeResponseType$: StaticStructureSchema;
 export declare var ChangePasswordRequest$: StaticStructureSchema;
 export declare var ChangePasswordResponse$: StaticStructureSchema;
+export declare var ClientSecretDescriptorType$: StaticStructureSchema;
 export declare var CloudWatchLogsConfigurationType$: StaticStructureSchema;
 export declare var CodeDeliveryDetailsType$: StaticStructureSchema;
 export declare var CompleteWebAuthnRegistrationRequest$: StaticStructureSchema;
@@ -171,6 +176,8 @@ export declare var DeleteTermsRequest$: StaticStructureSchema;
 export declare var DeleteUserAttributesRequest$: StaticStructureSchema;
 export declare var DeleteUserAttributesResponse$: StaticStructureSchema;
 export declare var DeleteUserPoolClientRequest$: StaticStructureSchema;
+export declare var DeleteUserPoolClientSecretRequest$: StaticStructureSchema;
+export declare var DeleteUserPoolClientSecretResponse$: StaticStructureSchema;
 export declare var DeleteUserPoolDomainRequest$: StaticStructureSchema;
 export declare var DeleteUserPoolDomainResponse$: StaticStructureSchema;
 export declare var DeleteUserPoolRequest$: StaticStructureSchema;
@@ -258,6 +265,8 @@ export declare var ListTermsRequest$: StaticStructureSchema;
 export declare var ListTermsResponse$: StaticStructureSchema;
 export declare var ListUserImportJobsRequest$: StaticStructureSchema;
 export declare var ListUserImportJobsResponse$: StaticStructureSchema;
+export declare var ListUserPoolClientSecretsRequest$: StaticStructureSchema;
+export declare var ListUserPoolClientSecretsResponse$: StaticStructureSchema;
 export declare var ListUserPoolClientsRequest$: StaticStructureSchema;
 export declare var ListUserPoolClientsResponse$: StaticStructureSchema;
 export declare var ListUserPoolsRequest$: StaticStructureSchema;
@@ -371,6 +380,7 @@ export declare var VerifyUserAttributeResponse$: StaticStructureSchema;
 export declare var WebAuthnConfigurationType$: StaticStructureSchema;
 export declare var WebAuthnCredentialDescription$: StaticStructureSchema;
 export declare var AddCustomAttributes$: StaticOperationSchema;
+export declare var AddUserPoolClientSecret$: StaticOperationSchema;
 export declare var AdminAddUserToGroup$: StaticOperationSchema;
 export declare var AdminConfirmSignUp$: StaticOperationSchema;
 export declare var AdminCreateUser$: StaticOperationSchema;
@@ -421,6 +431,7 @@ export declare var DeleteUser$: StaticOperationSchema;
 export declare var DeleteUserAttributes$: StaticOperationSchema;
 export declare var DeleteUserPool$: StaticOperationSchema;
 export declare var DeleteUserPoolClient$: StaticOperationSchema;
+export declare var DeleteUserPoolClientSecret$: StaticOperationSchema;
 export declare var DeleteUserPoolDomain$: StaticOperationSchema;
 export declare var DeleteWebAuthnCredential$: StaticOperationSchema;
 export declare var DescribeIdentityProvider$: StaticOperationSchema;
@@ -457,6 +468,7 @@ export declare var ListTagsForResource$: StaticOperationSchema;
 export declare var ListTerms$: StaticOperationSchema;
 export declare var ListUserImportJobs$: StaticOperationSchema;
 export declare var ListUserPoolClients$: StaticOperationSchema;
+export declare var ListUserPoolClientSecrets$: StaticOperationSchema;
 export declare var ListUserPools$: StaticOperationSchema;
 export declare var ListUsers$: StaticOperationSchema;
 export declare var ListUsersInGroup$: StaticOperationSchema;

package/dist-types/ts3.4/CognitoIdentityProvider.d.ts

@@ -8,6 +8,10 @@ import {
   AddCustomAttributesCommandInput,
   AddCustomAttributesCommandOutput,
 } from "./commands/AddCustomAttributesCommand";
+import {
+  AddUserPoolClientSecretCommandInput,
+  AddUserPoolClientSecretCommandOutput,
+} from "./commands/AddUserPoolClientSecretCommand";
 import {
   AdminAddUserToGroupCommandInput,
   AdminAddUserToGroupCommandOutput,
@@ -204,6 +208,10 @@ import {
   DeleteUserPoolClientCommandInput,
   DeleteUserPoolClientCommandOutput,
 } from "./commands/DeleteUserPoolClientCommand";
+import {
+  DeleteUserPoolClientSecretCommandInput,
+  DeleteUserPoolClientSecretCommandOutput,
+} from "./commands/DeleteUserPoolClientSecretCommand";
 import {
   DeleteUserPoolCommandInput,
   DeleteUserPoolCommandOutput,
@@ -352,6 +360,10 @@ import {
   ListUserPoolClientsCommandInput,
   ListUserPoolClientsCommandOutput,
 } from "./commands/ListUserPoolClientsCommand";
+import {
+  ListUserPoolClientSecretsCommandInput,
+  ListUserPoolClientSecretsCommandOutput,
+} from "./commands/ListUserPoolClientSecretsCommand";
 import {
   ListUserPoolsCommandInput,
   ListUserPoolsCommandOutput,
@@ -494,6 +506,19 @@ export interface CognitoIdentityProvider {
     options: __HttpHandlerOptions,
     cb: (err: any, data?: AddCustomAttributesCommandOutput) => void
   ): void;
+  addUserPoolClientSecret(
+    args: AddUserPoolClientSecretCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<AddUserPoolClientSecretCommandOutput>;
+  addUserPoolClientSecret(
+    args: AddUserPoolClientSecretCommandInput,
+    cb: (err: any, data?: AddUserPoolClientSecretCommandOutput) => void
+  ): void;
+  addUserPoolClientSecret(
+    args: AddUserPoolClientSecretCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: AddUserPoolClientSecretCommandOutput) => void
+  ): void;
   adminAddUserToGroup(
     args: AdminAddUserToGroupCommandInput,
     options?: __HttpHandlerOptions
@@ -1145,6 +1170,19 @@ export interface CognitoIdentityProvider {
     options: __HttpHandlerOptions,
     cb: (err: any, data?: DeleteUserPoolClientCommandOutput) => void
   ): void;
+  deleteUserPoolClientSecret(
+    args: DeleteUserPoolClientSecretCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<DeleteUserPoolClientSecretCommandOutput>;
+  deleteUserPoolClientSecret(
+    args: DeleteUserPoolClientSecretCommandInput,
+    cb: (err: any, data?: DeleteUserPoolClientSecretCommandOutput) => void
+  ): void;
+  deleteUserPoolClientSecret(
+    args: DeleteUserPoolClientSecretCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: DeleteUserPoolClientSecretCommandOutput) => void
+  ): void;
   deleteUserPoolDomain(
     args: DeleteUserPoolDomainCommandInput,
     options?: __HttpHandlerOptions
@@ -1619,6 +1657,19 @@ export interface CognitoIdentityProvider {
     options: __HttpHandlerOptions,
     cb: (err: any, data?: ListUserPoolClientsCommandOutput) => void
   ): void;
+  listUserPoolClientSecrets(
+    args: ListUserPoolClientSecretsCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<ListUserPoolClientSecretsCommandOutput>;
+  listUserPoolClientSecrets(
+    args: ListUserPoolClientSecretsCommandInput,
+    cb: (err: any, data?: ListUserPoolClientSecretsCommandOutput) => void
+  ): void;
+  listUserPoolClientSecrets(
+    args: ListUserPoolClientSecretsCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: ListUserPoolClientSecretsCommandOutput) => void
+  ): void;
   listUserPools(
     args: ListUserPoolsCommandInput,
     options?: __HttpHandlerOptions

package/dist-types/ts3.4/CognitoIdentityProviderClient.d.ts

@@ -49,6 +49,10 @@ import {
   AddCustomAttributesCommandInput,
   AddCustomAttributesCommandOutput,
 } from "./commands/AddCustomAttributesCommand";
+import {
+  AddUserPoolClientSecretCommandInput,
+  AddUserPoolClientSecretCommandOutput,
+} from "./commands/AddUserPoolClientSecretCommand";
 import {
   AdminAddUserToGroupCommandInput,
   AdminAddUserToGroupCommandOutput,
@@ -245,6 +249,10 @@ import {
   DeleteUserPoolClientCommandInput,
   DeleteUserPoolClientCommandOutput,
 } from "./commands/DeleteUserPoolClientCommand";
+import {
+  DeleteUserPoolClientSecretCommandInput,
+  DeleteUserPoolClientSecretCommandOutput,
+} from "./commands/DeleteUserPoolClientSecretCommand";
 import {
   DeleteUserPoolCommandInput,
   DeleteUserPoolCommandOutput,
@@ -393,6 +401,10 @@ import {
   ListUserPoolClientsCommandInput,
   ListUserPoolClientsCommandOutput,
 } from "./commands/ListUserPoolClientsCommand";
+import {
+  ListUserPoolClientSecretsCommandInput,
+  ListUserPoolClientSecretsCommandOutput,
+} from "./commands/ListUserPoolClientSecretsCommand";
 import {
   ListUserPoolsCommandInput,
   ListUserPoolsCommandOutput,
@@ -530,6 +542,7 @@ import { RuntimeExtension, RuntimeExtensionsConfig } from "./runtimeExtensions";
 export { __Client };
 export type ServiceInputTypes =
   | AddCustomAttributesCommandInput
+  | AddUserPoolClientSecretCommandInput
   | AdminAddUserToGroupCommandInput
   | AdminConfirmSignUpCommandInput
   | AdminCreateUserCommandInput
@@ -579,6 +592,7 @@ export type ServiceInputTypes =
   | DeleteUserAttributesCommandInput
   | DeleteUserCommandInput
   | DeleteUserPoolClientCommandInput
+  | DeleteUserPoolClientSecretCommandInput
   | DeleteUserPoolCommandInput
   | DeleteUserPoolDomainCommandInput
   | DeleteWebAuthnCredentialCommandInput
@@ -615,6 +629,7 @@ export type ServiceInputTypes =
   | ListTagsForResourceCommandInput
   | ListTermsCommandInput
   | ListUserImportJobsCommandInput
+  | ListUserPoolClientSecretsCommandInput
   | ListUserPoolClientsCommandInput
   | ListUserPoolsCommandInput
   | ListUsersCommandInput
@@ -650,6 +665,7 @@ export type ServiceInputTypes =
   | VerifyUserAttributeCommandInput;
 export type ServiceOutputTypes =
   | AddCustomAttributesCommandOutput
+  | AddUserPoolClientSecretCommandOutput
   | AdminAddUserToGroupCommandOutput
   | AdminConfirmSignUpCommandOutput
   | AdminCreateUserCommandOutput
@@ -699,6 +715,7 @@ export type ServiceOutputTypes =
   | DeleteUserAttributesCommandOutput
   | DeleteUserCommandOutput
   | DeleteUserPoolClientCommandOutput
+  | DeleteUserPoolClientSecretCommandOutput
   | DeleteUserPoolCommandOutput
   | DeleteUserPoolDomainCommandOutput
   | DeleteWebAuthnCredentialCommandOutput
@@ -735,6 +752,7 @@ export type ServiceOutputTypes =
   | ListTagsForResourceCommandOutput
   | ListTermsCommandOutput
   | ListUserImportJobsCommandOutput
+  | ListUserPoolClientSecretsCommandOutput
   | ListUserPoolClientsCommandOutput
   | ListUserPoolsCommandOutput
   | ListUsersCommandOutput

package/dist-types/ts3.4/commands/AddUserPoolClientSecretCommand.d.ts

@@ -0,0 +1,51 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import {
+  CognitoIdentityProviderClientResolvedConfig,
+  ServiceInputTypes,
+  ServiceOutputTypes,
+} from "../CognitoIdentityProviderClient";
+import {
+  AddUserPoolClientSecretRequest,
+  AddUserPoolClientSecretResponse,
+} from "../models/models_0";
+export { __MetadataBearer };
+export { $Command };
+export interface AddUserPoolClientSecretCommandInput
+  extends AddUserPoolClientSecretRequest {}
+export interface AddUserPoolClientSecretCommandOutput
+  extends AddUserPoolClientSecretResponse,
+    __MetadataBearer {}
+declare const AddUserPoolClientSecretCommand_base: {
+  new (
+    input: AddUserPoolClientSecretCommandInput
+  ): import("@smithy/smithy-client").CommandImpl<
+    AddUserPoolClientSecretCommandInput,
+    AddUserPoolClientSecretCommandOutput,
+    CognitoIdentityProviderClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >;
+  new (
+    input: AddUserPoolClientSecretCommandInput
+  ): import("@smithy/smithy-client").CommandImpl<
+    AddUserPoolClientSecretCommandInput,
+    AddUserPoolClientSecretCommandOutput,
+    CognitoIdentityProviderClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >;
+  getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+export declare class AddUserPoolClientSecretCommand extends AddUserPoolClientSecretCommand_base {
+  protected static __types: {
+    api: {
+      input: AddUserPoolClientSecretRequest;
+      output: AddUserPoolClientSecretResponse;
+    };
+    sdk: {
+      input: AddUserPoolClientSecretCommandInput;
+      output: AddUserPoolClientSecretCommandOutput;
+    };
+  };
+}

package/dist-types/ts3.4/commands/DeleteUserPoolClientSecretCommand.d.ts

@@ -0,0 +1,51 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import {
+  CognitoIdentityProviderClientResolvedConfig,
+  ServiceInputTypes,
+  ServiceOutputTypes,
+} from "../CognitoIdentityProviderClient";
+import {
+  DeleteUserPoolClientSecretRequest,
+  DeleteUserPoolClientSecretResponse,
+} from "../models/models_0";
+export { __MetadataBearer };
+export { $Command };
+export interface DeleteUserPoolClientSecretCommandInput
+  extends DeleteUserPoolClientSecretRequest {}
+export interface DeleteUserPoolClientSecretCommandOutput
+  extends DeleteUserPoolClientSecretResponse,
+    __MetadataBearer {}
+declare const DeleteUserPoolClientSecretCommand_base: {
+  new (
+    input: DeleteUserPoolClientSecretCommandInput
+  ): import("@smithy/smithy-client").CommandImpl<
+    DeleteUserPoolClientSecretCommandInput,
+    DeleteUserPoolClientSecretCommandOutput,
+    CognitoIdentityProviderClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >;
+  new (
+    input: DeleteUserPoolClientSecretCommandInput
+  ): import("@smithy/smithy-client").CommandImpl<
+    DeleteUserPoolClientSecretCommandInput,
+    DeleteUserPoolClientSecretCommandOutput,
+    CognitoIdentityProviderClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >;
+  getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+export declare class DeleteUserPoolClientSecretCommand extends DeleteUserPoolClientSecretCommand_base {
+  protected static __types: {
+    api: {
+      input: DeleteUserPoolClientSecretRequest;
+      output: {};
+    };
+    sdk: {
+      input: DeleteUserPoolClientSecretCommandInput;
+      output: DeleteUserPoolClientSecretCommandOutput;
+    };
+  };
+}