GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
Paws::CognitoIdp(3) User Contributed Perl Documentation Paws::CognitoIdp(3)

Paws::CognitoIdp - Perl Interface to AWS Amazon Cognito Identity Provider

  use Paws;
  my $obj = Paws->service('CognitoIdp');
  my $res = $obj->Method(
    Arg1 => $val1,
    Arg2 => [ 'V1', 'V2' ],
    # if Arg3 is an object, the HashRef will be used as arguments to the constructor
    # of the arguments type
    Arg3 => { Att1 => 'Val1' },
    # if Arg4 is an array of objects, the HashRefs will be passed as arguments to
    # the constructor of the arguments type
    Arg4 => [ { Att1 => 'Val1'  }, { Att1 => 'Val2' } ],
  );

Using the Amazon Cognito User Pools API, you can create a user pool to manage directories and users. You can authenticate a user to obtain tokens related to user identity and access policies.

This API reference provides information about user pools in Amazon Cognito User Pools.

For more information, see the Amazon Cognito Documentation (https://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.html).

For the AWS API documentation, see <https://docs.aws.amazon.com/cognito/>

Each argument is described in detail in: Paws::CognitoIdp::AddCustomAttributes

Returns: a Paws::CognitoIdp::AddCustomAttributesResponse instance

Adds additional user attributes to the user pool schema.

Each argument is described in detail in: Paws::CognitoIdp::AdminAddUserToGroup

Returns: nothing

Adds the specified user to the specified group.

Calling this action requires developer credentials.

[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]

Each argument is described in detail in: Paws::CognitoIdp::AdminConfirmSignUp

Returns: a Paws::CognitoIdp::AdminConfirmSignUpResponse instance

Confirms user registration as an admin without using a confirmation code. Works on any user.

Calling this action requires developer credentials.

[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]
[DesiredDeliveryMediums => ArrayRef[Str|Undef]]
[ForceAliasCreation => Bool]
[MessageAction => Str]
[TemporaryPassword => Str]
[UserAttributes => ArrayRef[Paws::CognitoIdp::AttributeType]]
[ValidationData => ArrayRef[Paws::CognitoIdp::AttributeType]]

Each argument is described in detail in: Paws::CognitoIdp::AdminCreateUser

Returns: a Paws::CognitoIdp::AdminCreateUserResponse instance

Creates a new user in the specified user pool.

If "MessageAction" is not set, the default is to send a welcome message via email or phone (SMS).

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.

Alternatively, you can call "AdminCreateUser" with “SUPPRESS” for the "MessageAction" parameter, and Amazon Cognito will not send any email.

In either case, the user will be in the "FORCE_CHANGE_PASSWORD" state until they sign in and change their password.

"AdminCreateUser" requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::AdminDeleteUser

Returns: nothing

Deletes a user as an administrator. Works on any user.

Calling this action requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::AdminDeleteUserAttributes

Returns: a Paws::CognitoIdp::AdminDeleteUserAttributesResponse instance

Deletes the user attributes in a user pool as an administrator. Works on any user.

Calling this action requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::AdminDisableProviderForUser

Returns: a Paws::CognitoIdp::AdminDisableProviderForUserResponse instance

Disables the user from signing in with the specified external (SAML or social) identity provider. If the user to disable is a Cognito User Pools native username + password user, they are not permitted to use their password to sign-in. If the user to disable is a linked external IdP user, any link between that user and an existing user is removed. The next time the external user (no longer attached to the previously linked "DestinationUser") signs in, they must create a new user account. See AdminLinkProviderForUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminLinkProviderForUser.html).

This action is enabled only for admin access and requires developer credentials.

The "ProviderName" must match the value specified when creating an IdP for the pool.

To disable a native username + password user, the "ProviderName" value must be "Cognito" and the "ProviderAttributeName" must be "Cognito_Subject", with the "ProviderAttributeValue" being the name that is used in the user pool for the user.

The "ProviderAttributeName" must always be "Cognito_Subject" for social identity providers. The "ProviderAttributeValue" must always be the exact subject that was used when the user was originally linked as a source user.

For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign-in, the "ProviderAttributeName" and "ProviderAttributeValue" must be the same values that were used for the "SourceUser" when the identities were originally linked using " AdminLinkProviderForUser" call. (If the linking was done with "ProviderAttributeName" set to "Cognito_Subject", the same applies here). However, if the user has already signed in, the "ProviderAttributeName" must be "Cognito_Subject" and "ProviderAttributeValue" must be the subject of the SAML assertion.

Each argument is described in detail in: Paws::CognitoIdp::AdminDisableUser

Returns: a Paws::CognitoIdp::AdminDisableUserResponse instance

Disables the specified user.

Calling this action requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::AdminEnableUser

Returns: a Paws::CognitoIdp::AdminEnableUserResponse instance

Enables the specified user as an administrator. Works on any user.

Calling this action requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::AdminForgetDevice

Returns: nothing

Forgets the device, as an administrator.

Calling this action requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::AdminGetDevice

Returns: a Paws::CognitoIdp::AdminGetDeviceResponse instance

Gets the device, as an administrator.

Calling this action requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::AdminGetUser

Returns: a Paws::CognitoIdp::AdminGetUserResponse instance

Gets the specified user by user name in a user pool as an administrator. Works on any user.

Calling this action requires developer credentials.

[AnalyticsMetadata => Paws::CognitoIdp::AnalyticsMetadataType]
[AuthParameters => Paws::CognitoIdp::AuthParametersType]
[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]
[ContextData => Paws::CognitoIdp::ContextDataType]

Each argument is described in detail in: Paws::CognitoIdp::AdminInitiateAuth

Returns: a Paws::CognitoIdp::AdminInitiateAuthResponse instance

Initiates the authentication flow, as an administrator.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

Calling this action requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::AdminLinkProviderForUser

Returns: a Paws::CognitoIdp::AdminLinkProviderForUserResponse instance

Links an existing user account in a user pool ("DestinationUser") to an identity from an external identity provider ("SourceUser") based on a specified attribute name and value from the external identity provider. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in, so that the federated user identity can be used to sign in as the existing user account.

For example, if there is an existing user with a username and password, this API links that user to a federated user identity, so that when the federated user identity is used, the user signs in as the existing user account.

The maximum number of federated identities linked to a user is 5.

Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external identity providers and provider attributes that have been trusted by the application owner.

This action is enabled only for admin access and requires developer credentials.

[Limit => Int]
[PaginationToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::AdminListDevices

Returns: a Paws::CognitoIdp::AdminListDevicesResponse instance

Lists devices, as an administrator.

Calling this action requires developer credentials.

[Limit => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::AdminListGroupsForUser

Returns: a Paws::CognitoIdp::AdminListGroupsForUserResponse instance

Lists the groups that the user belongs to.

Calling this action requires developer credentials.

[MaxResults => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::AdminListUserAuthEvents

Returns: a Paws::CognitoIdp::AdminListUserAuthEventsResponse instance

Lists a history of user activity and any risks detected as part of Amazon Cognito advanced security.

Each argument is described in detail in: Paws::CognitoIdp::AdminRemoveUserFromGroup

Returns: nothing

Removes the specified user from the specified group.

Calling this action requires developer credentials.

[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]

Each argument is described in detail in: Paws::CognitoIdp::AdminResetUserPassword

Returns: a Paws::CognitoIdp::AdminResetUserPasswordResponse instance

Resets the specified user's password in a user pool as an administrator. Works on any user.

When a developer calls this API, the current password is invalidated, so it must be changed. If a user tries to sign in after the API is called, the app will get a PasswordResetRequiredException exception back and should direct the user down the flow to reset the password, which is the same as the forgot password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

Calling this action requires developer credentials.

[AnalyticsMetadata => Paws::CognitoIdp::AnalyticsMetadataType]
[ChallengeResponses => Paws::CognitoIdp::ChallengeResponsesType]
[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]
[ContextData => Paws::CognitoIdp::ContextDataType]
[Session => Str]

Each argument is described in detail in: Paws::CognitoIdp::AdminRespondToAuthChallenge

Returns: a Paws::CognitoIdp::AdminRespondToAuthChallengeResponse instance

Responds to an authentication challenge, as an administrator.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

Calling this action requires developer credentials.

[SMSMfaSettings => Paws::CognitoIdp::SMSMfaSettingsType]
[SoftwareTokenMfaSettings => Paws::CognitoIdp::SoftwareTokenMfaSettingsType]

Each argument is described in detail in: Paws::CognitoIdp::AdminSetUserMFAPreference

Returns: a Paws::CognitoIdp::AdminSetUserMFAPreferenceResponse instance

Sets the user's multi-factor authentication (MFA) preference, including which MFA options are enabled and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are enabled. If multiple options are enabled and no preference is set, a challenge to choose an MFA option will be returned during sign in.

[Permanent => Bool]

Each argument is described in detail in: Paws::CognitoIdp::AdminSetUserPassword

Returns: a Paws::CognitoIdp::AdminSetUserPasswordResponse instance

Sets the specified user's password in a user pool as an administrator. Works on any user.

The password can be temporary or permanent. If it is temporary, the user status will be placed into the "FORCE_CHANGE_PASSWORD" state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth response will contain the "NEW_PASSWORD_REQUIRED" challenge. If the user does not sign in before it expires, the user will not be able to sign in and their password will need to be reset by an administrator.

Once the user has set a new password, or the password is permanent, the user status will be set to "Confirmed".

Each argument is described in detail in: Paws::CognitoIdp::AdminSetUserSettings

Returns: a Paws::CognitoIdp::AdminSetUserSettingsResponse instance

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html) instead.

Each argument is described in detail in: Paws::CognitoIdp::AdminUpdateAuthEventFeedback

Returns: a Paws::CognitoIdp::AdminUpdateAuthEventFeedbackResponse instance

Provides feedback for an authentication event as to whether it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

[DeviceRememberedStatus => Str]

Each argument is described in detail in: Paws::CognitoIdp::AdminUpdateDeviceStatus

Returns: a Paws::CognitoIdp::AdminUpdateDeviceStatusResponse instance

Updates the device status as an administrator.

Calling this action requires developer credentials.

[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]

Each argument is described in detail in: Paws::CognitoIdp::AdminUpdateUserAttributes

Returns: a Paws::CognitoIdp::AdminUpdateUserAttributesResponse instance

Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user.

For custom attributes, you must prepend the "custom:" prefix to the attribute name.

In addition to updating user attributes, this API can also be used to mark phone and email as verified.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

Calling this action requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::AdminUserGlobalSignOut

Returns: a Paws::CognitoIdp::AdminUserGlobalSignOutResponse instance

Signs out users from all devices, as an administrator. It also invalidates all refresh tokens issued to a user. The user's current access and Id tokens remain valid until their expiry. Access and Id tokens expire one hour after they are issued.

Calling this action requires developer credentials.

[AccessToken => Str]
[Session => Str]

Each argument is described in detail in: Paws::CognitoIdp::AssociateSoftwareToken

Returns: a Paws::CognitoIdp::AssociateSoftwareTokenResponse instance

Returns a unique generated shared secret key code for the user account. The request takes an access token or a session string, but not both.

Calling AssociateSoftwareToken immediately disassociates the existing software token from the user account. If the user doesn't subsequently verify the software token, their account is essentially set up to authenticate without MFA. If MFA config is set to Optional at the user pool level, the user can then login without MFA. However, if MFA is set to Required for the user pool, the user will be asked to setup a new software token MFA during sign in.

Each argument is described in detail in: Paws::CognitoIdp::ChangePassword

Returns: a Paws::CognitoIdp::ChangePasswordResponse instance

Changes the password for a specified user in a user pool.

[DeviceName => Str]
[DeviceSecretVerifierConfig => Paws::CognitoIdp::DeviceSecretVerifierConfigType]

Each argument is described in detail in: Paws::CognitoIdp::ConfirmDevice

Returns: a Paws::CognitoIdp::ConfirmDeviceResponse instance

Confirms tracking of the device. This API call is the call that begins device tracking.

[AnalyticsMetadata => Paws::CognitoIdp::AnalyticsMetadataType]
[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]
[SecretHash => Str]
[UserContextData => Paws::CognitoIdp::UserContextDataType]

Each argument is described in detail in: Paws::CognitoIdp::ConfirmForgotPassword

Returns: a Paws::CognitoIdp::ConfirmForgotPasswordResponse instance

Allows a user to enter a confirmation code to reset a forgotten password.

[AnalyticsMetadata => Paws::CognitoIdp::AnalyticsMetadataType]
[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]
[ForceAliasCreation => Bool]
[SecretHash => Str]
[UserContextData => Paws::CognitoIdp::UserContextDataType]

Each argument is described in detail in: Paws::CognitoIdp::ConfirmSignUp

Returns: a Paws::CognitoIdp::ConfirmSignUpResponse instance

Confirms registration of a user and handles the existing alias from a previous user.

[Description => Str]
[Precedence => Int]
[RoleArn => Str]

Each argument is described in detail in: Paws::CognitoIdp::CreateGroup

Returns: a Paws::CognitoIdp::CreateGroupResponse instance

Creates a new group in the specified user pool.

Calling this action requires developer credentials.

[AttributeMapping => Paws::CognitoIdp::AttributeMappingType]
[IdpIdentifiers => ArrayRef[Str|Undef]]

Each argument is described in detail in: Paws::CognitoIdp::CreateIdentityProvider

Returns: a Paws::CognitoIdp::CreateIdentityProviderResponse instance

Creates an identity provider for a user pool.

[Scopes => ArrayRef[Paws::CognitoIdp::ResourceServerScopeType]]

Each argument is described in detail in: Paws::CognitoIdp::CreateResourceServer

Returns: a Paws::CognitoIdp::CreateResourceServerResponse instance

Creates a new OAuth2.0 resource server and defines custom scopes in it.

Each argument is described in detail in: Paws::CognitoIdp::CreateUserImportJob

Returns: a Paws::CognitoIdp::CreateUserImportJobResponse instance

Creates the user import job.

[AccountRecoverySetting => Paws::CognitoIdp::AccountRecoverySettingType]
[AdminCreateUserConfig => Paws::CognitoIdp::AdminCreateUserConfigType]
[AliasAttributes => ArrayRef[Str|Undef]]
[AutoVerifiedAttributes => ArrayRef[Str|Undef]]
[DeviceConfiguration => Paws::CognitoIdp::DeviceConfigurationType]
[EmailConfiguration => Paws::CognitoIdp::EmailConfigurationType]
[EmailVerificationMessage => Str]
[EmailVerificationSubject => Str]
[LambdaConfig => Paws::CognitoIdp::LambdaConfigType]
[MfaConfiguration => Str]
[Policies => Paws::CognitoIdp::UserPoolPolicyType]
[Schema => ArrayRef[Paws::CognitoIdp::SchemaAttributeType]]
[SmsAuthenticationMessage => Str]
[SmsConfiguration => Paws::CognitoIdp::SmsConfigurationType]
[SmsVerificationMessage => Str]
[UsernameAttributes => ArrayRef[Str|Undef]]
[UsernameConfiguration => Paws::CognitoIdp::UsernameConfigurationType]
[UserPoolAddOns => Paws::CognitoIdp::UserPoolAddOnsType]
[UserPoolTags => Paws::CognitoIdp::UserPoolTagsType]
[VerificationMessageTemplate => Paws::CognitoIdp::VerificationMessageTemplateType]

Each argument is described in detail in: Paws::CognitoIdp::CreateUserPool

Returns: a Paws::CognitoIdp::CreateUserPoolResponse instance

Creates a new Amazon Cognito user pool and sets the password policy for the pool.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

[AccessTokenValidity => Int]
[AllowedOAuthFlows => ArrayRef[Str|Undef]]
[AllowedOAuthFlowsUserPoolClient => Bool]
[AllowedOAuthScopes => ArrayRef[Str|Undef]]
[AnalyticsConfiguration => Paws::CognitoIdp::AnalyticsConfigurationType]
[CallbackURLs => ArrayRef[Str|Undef]]
[DefaultRedirectURI => Str]
[EnableTokenRevocation => Bool]
[ExplicitAuthFlows => ArrayRef[Str|Undef]]
[GenerateSecret => Bool]
[IdTokenValidity => Int]
[LogoutURLs => ArrayRef[Str|Undef]]
[PreventUserExistenceErrors => Str]
[ReadAttributes => ArrayRef[Str|Undef]]
[RefreshTokenValidity => Int]
[SupportedIdentityProviders => ArrayRef[Str|Undef]]
[TokenValidityUnits => Paws::CognitoIdp::TokenValidityUnitsType]
[WriteAttributes => ArrayRef[Str|Undef]]

Each argument is described in detail in: Paws::CognitoIdp::CreateUserPoolClient

Returns: a Paws::CognitoIdp::CreateUserPoolClientResponse instance

Creates the user pool client.

When you create a new user pool client, token revocation is automatically enabled. For more information about revoking tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).

[CustomDomainConfig => Paws::CognitoIdp::CustomDomainConfigType]

Each argument is described in detail in: Paws::CognitoIdp::CreateUserPoolDomain

Returns: a Paws::CognitoIdp::CreateUserPoolDomainResponse instance

Creates a new domain for a user pool.

Each argument is described in detail in: Paws::CognitoIdp::DeleteGroup

Returns: nothing

Deletes a group.

Calling this action requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::DeleteIdentityProvider

Returns: nothing

Deletes an identity provider for a user pool.

Each argument is described in detail in: Paws::CognitoIdp::DeleteResourceServer

Returns: nothing

Deletes a resource server.

Each argument is described in detail in: Paws::CognitoIdp::DeleteUser

Returns: nothing

Allows a user to delete himself or herself.

Each argument is described in detail in: Paws::CognitoIdp::DeleteUserAttributes

Returns: a Paws::CognitoIdp::DeleteUserAttributesResponse instance

Deletes the attributes for a user.

Each argument is described in detail in: Paws::CognitoIdp::DeleteUserPool

Returns: nothing

Deletes the specified Amazon Cognito user pool.

Each argument is described in detail in: Paws::CognitoIdp::DeleteUserPoolClient

Returns: nothing

Allows the developer to delete the user pool client.

Each argument is described in detail in: Paws::CognitoIdp::DeleteUserPoolDomain

Returns: a Paws::CognitoIdp::DeleteUserPoolDomainResponse instance

Deletes a domain for a user pool.

Each argument is described in detail in: Paws::CognitoIdp::DescribeIdentityProvider

Returns: a Paws::CognitoIdp::DescribeIdentityProviderResponse instance

Gets information about a specific identity provider.

Each argument is described in detail in: Paws::CognitoIdp::DescribeResourceServer

Returns: a Paws::CognitoIdp::DescribeResourceServerResponse instance

Describes a resource server.

[ClientId => Str]

Each argument is described in detail in: Paws::CognitoIdp::DescribeRiskConfiguration

Returns: a Paws::CognitoIdp::DescribeRiskConfigurationResponse instance

Describes the risk configuration.

Each argument is described in detail in: Paws::CognitoIdp::DescribeUserImportJob

Returns: a Paws::CognitoIdp::DescribeUserImportJobResponse instance

Describes the user import job.

Each argument is described in detail in: Paws::CognitoIdp::DescribeUserPool

Returns: a Paws::CognitoIdp::DescribeUserPoolResponse instance

Returns the configuration information and metadata of the specified user pool.

Each argument is described in detail in: Paws::CognitoIdp::DescribeUserPoolClient

Returns: a Paws::CognitoIdp::DescribeUserPoolClientResponse instance

Client method for returning the configuration information and metadata of the specified user pool app client.

Each argument is described in detail in: Paws::CognitoIdp::DescribeUserPoolDomain

Returns: a Paws::CognitoIdp::DescribeUserPoolDomainResponse instance

Gets information about a domain.

[AccessToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::ForgetDevice

Returns: nothing

Forgets the specified device.

[AnalyticsMetadata => Paws::CognitoIdp::AnalyticsMetadataType]
[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]
[SecretHash => Str]
[UserContextData => Paws::CognitoIdp::UserContextDataType]

Each argument is described in detail in: Paws::CognitoIdp::ForgotPassword

Returns: a Paws::CognitoIdp::ForgotPasswordResponse instance

Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the "Username" parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts (https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html) in the Amazon Cognito Developer Guide. If neither a verified phone number nor a verified email exists, an "InvalidParameterException" is thrown. To use the confirmation code for resetting the password, call ConfirmForgotPassword (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html).

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

Each argument is described in detail in: Paws::CognitoIdp::GetCSVHeader

Returns: a Paws::CognitoIdp::GetCSVHeaderResponse instance

Gets the header information for the .csv file to be used as input for the user import job.

[AccessToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::GetDevice

Returns: a Paws::CognitoIdp::GetDeviceResponse instance

Gets the device.

Each argument is described in detail in: Paws::CognitoIdp::GetGroup

Returns: a Paws::CognitoIdp::GetGroupResponse instance

Gets a group.

Calling this action requires developer credentials.

Each argument is described in detail in: Paws::CognitoIdp::GetIdentityProviderByIdentifier

Returns: a Paws::CognitoIdp::GetIdentityProviderByIdentifierResponse instance

Gets the specified identity provider.

Each argument is described in detail in: Paws::CognitoIdp::GetSigningCertificate

Returns: a Paws::CognitoIdp::GetSigningCertificateResponse instance

This method takes a user pool ID, and returns the signing certificate.

[ClientId => Str]

Each argument is described in detail in: Paws::CognitoIdp::GetUICustomization

Returns: a Paws::CognitoIdp::GetUICustomizationResponse instance

Gets the UI Customization information for a particular app client's app UI, if there is something set. If nothing is set for the particular client, but there is an existing pool level customization (app "clientId" will be "ALL"), then that is returned. If nothing is present, then an empty shape is returned.

Each argument is described in detail in: Paws::CognitoIdp::GetUser

Returns: a Paws::CognitoIdp::GetUserResponse instance

Gets the user attributes and metadata for a user.

[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]

Each argument is described in detail in: Paws::CognitoIdp::GetUserAttributeVerificationCode

Returns: a Paws::CognitoIdp::GetUserAttributeVerificationCodeResponse instance

Gets the user attribute verification code for the specified attribute name.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

Each argument is described in detail in: Paws::CognitoIdp::GetUserPoolMfaConfig

Returns: a Paws::CognitoIdp::GetUserPoolMfaConfigResponse instance

Gets the user pool multi-factor authentication (MFA) configuration.

Each argument is described in detail in: Paws::CognitoIdp::GlobalSignOut

Returns: a Paws::CognitoIdp::GlobalSignOutResponse instance

Signs out users from all devices. It also invalidates all refresh tokens issued to a user. The user's current access and Id tokens remain valid until their expiry. Access and Id tokens expire one hour after they are issued.

[AnalyticsMetadata => Paws::CognitoIdp::AnalyticsMetadataType]
[AuthParameters => Paws::CognitoIdp::AuthParametersType]
[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]
[UserContextData => Paws::CognitoIdp::UserContextDataType]

Each argument is described in detail in: Paws::CognitoIdp::InitiateAuth

Returns: a Paws::CognitoIdp::InitiateAuthResponse instance

Initiates the authentication flow.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

[Limit => Int]
[PaginationToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::ListDevices

Returns: a Paws::CognitoIdp::ListDevicesResponse instance

Lists the devices.

[Limit => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::ListGroups

Returns: a Paws::CognitoIdp::ListGroupsResponse instance

Lists the groups associated with a user pool.

Calling this action requires developer credentials.

[MaxResults => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::ListIdentityProviders

Returns: a Paws::CognitoIdp::ListIdentityProvidersResponse instance

Lists information about all identity providers for a user pool.

[MaxResults => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::ListResourceServers

Returns: a Paws::CognitoIdp::ListResourceServersResponse instance

Lists the resource servers for a user pool.

Each argument is described in detail in: Paws::CognitoIdp::ListTagsForResource

Returns: a Paws::CognitoIdp::ListTagsForResourceResponse instance

Lists the tags that are assigned to an Amazon Cognito user pool.

A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

You can use this action up to 10 times per second, per account.

[PaginationToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::ListUserImportJobs

Returns: a Paws::CognitoIdp::ListUserImportJobsResponse instance

Lists the user import jobs.

[MaxResults => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::ListUserPoolClients

Returns: a Paws::CognitoIdp::ListUserPoolClientsResponse instance

Lists the clients that have been created for the specified user pool.

[NextToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::ListUserPools

Returns: a Paws::CognitoIdp::ListUserPoolsResponse instance

Lists the user pools associated with an AWS account.

[AttributesToGet => ArrayRef[Str|Undef]]
[Filter => Str]
[Limit => Int]
[PaginationToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::ListUsers

Returns: a Paws::CognitoIdp::ListUsersResponse instance

Lists the users in the Amazon Cognito user pool.

[Limit => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::CognitoIdp::ListUsersInGroup

Returns: a Paws::CognitoIdp::ListUsersInGroupResponse instance

Lists the users in the specified group.

Calling this action requires developer credentials.

[AnalyticsMetadata => Paws::CognitoIdp::AnalyticsMetadataType]
[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]
[SecretHash => Str]
[UserContextData => Paws::CognitoIdp::UserContextDataType]

Each argument is described in detail in: Paws::CognitoIdp::ResendConfirmationCode

Returns: a Paws::CognitoIdp::ResendConfirmationCodeResponse instance

Resends the confirmation (for confirmation of registration) to a specific user in the user pool.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

[AnalyticsMetadata => Paws::CognitoIdp::AnalyticsMetadataType]
[ChallengeResponses => Paws::CognitoIdp::ChallengeResponsesType]
[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]
[Session => Str]
[UserContextData => Paws::CognitoIdp::UserContextDataType]

Each argument is described in detail in: Paws::CognitoIdp::RespondToAuthChallenge

Returns: a Paws::CognitoIdp::RespondToAuthChallengeResponse instance

Responds to the authentication challenge.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

[ClientSecret => Str]

Each argument is described in detail in: Paws::CognitoIdp::RevokeToken

Returns: a Paws::CognitoIdp::RevokeTokenResponse instance

Revokes all of the access tokens generated by the specified refresh token. After the token is revoked, you can not use the revoked token to access Cognito authenticated APIs.

[AccountTakeoverRiskConfiguration => Paws::CognitoIdp::AccountTakeoverRiskConfigurationType]
[ClientId => Str]
[CompromisedCredentialsRiskConfiguration => Paws::CognitoIdp::CompromisedCredentialsRiskConfigurationType]
[RiskExceptionConfiguration => Paws::CognitoIdp::RiskExceptionConfigurationType]

Each argument is described in detail in: Paws::CognitoIdp::SetRiskConfiguration

Returns: a Paws::CognitoIdp::SetRiskConfigurationResponse instance

Configures actions on detected risks. To delete the risk configuration for "UserPoolId" or "ClientId", pass null values for all four configuration types.

To enable Amazon Cognito advanced security features, update the user pool to include the "UserPoolAddOns" key"AdvancedSecurityMode".

[ClientId => Str]
[CSS => Str]
[ImageFile => Str]

Each argument is described in detail in: Paws::CognitoIdp::SetUICustomization

Returns: a Paws::CognitoIdp::SetUICustomizationResponse instance

Sets the UI customization information for a user pool's built-in app UI.

You can specify app UI customization settings for a single client (with a specific "clientId") or for all clients (by setting the "clientId" to "ALL"). If you specify "ALL", the default configuration will be used for every client that has no UI customization set previously. If you specify UI customization settings for a particular client, it will no longer fall back to the "ALL" configuration.

To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.

[SMSMfaSettings => Paws::CognitoIdp::SMSMfaSettingsType]
[SoftwareTokenMfaSettings => Paws::CognitoIdp::SoftwareTokenMfaSettingsType]

Each argument is described in detail in: Paws::CognitoIdp::SetUserMFAPreference

Returns: a Paws::CognitoIdp::SetUserMFAPreferenceResponse instance

Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are enabled and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are enabled. If multiple options are enabled and no preference is set, a challenge to choose an MFA option will be returned during sign in. If an MFA type is enabled for a user, the user will be prompted for MFA during all sign in attempts, unless device tracking is turned on and the device has been trusted. If you would like MFA to be applied selectively based on the assessed risk level of sign in attempts, disable MFA for users and turn on Adaptive Authentication for the user pool.

[MfaConfiguration => Str]
[SmsMfaConfiguration => Paws::CognitoIdp::SmsMfaConfigType]
[SoftwareTokenMfaConfiguration => Paws::CognitoIdp::SoftwareTokenMfaConfigType]

Each argument is described in detail in: Paws::CognitoIdp::SetUserPoolMfaConfig

Returns: a Paws::CognitoIdp::SetUserPoolMfaConfigResponse instance

Set the user pool multi-factor authentication (MFA) configuration.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

Each argument is described in detail in: Paws::CognitoIdp::SetUserSettings

Returns: a Paws::CognitoIdp::SetUserSettingsResponse instance

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either type of MFA, use SetUserMFAPreference (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html) instead.

[AnalyticsMetadata => Paws::CognitoIdp::AnalyticsMetadataType]
[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]
[SecretHash => Str]
[UserAttributes => ArrayRef[Paws::CognitoIdp::AttributeType]]
[UserContextData => Paws::CognitoIdp::UserContextDataType]
[ValidationData => ArrayRef[Paws::CognitoIdp::AttributeType]]

Each argument is described in detail in: Paws::CognitoIdp::SignUp

Returns: a Paws::CognitoIdp::SignUpResponse instance

Registers the user in the specified user pool and creates a user name, password, and user attributes.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

Each argument is described in detail in: Paws::CognitoIdp::StartUserImportJob

Returns: a Paws::CognitoIdp::StartUserImportJobResponse instance

Starts the user import.

Each argument is described in detail in: Paws::CognitoIdp::StopUserImportJob

Returns: a Paws::CognitoIdp::StopUserImportJobResponse instance

Stops the user import job.

Each argument is described in detail in: Paws::CognitoIdp::TagResource

Returns: a Paws::CognitoIdp::TagResourceResponse instance

Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.

Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool, one for testing and another for production, you might assign an "Environment" tag key to both user pools. The value of this key might be "Test" for one user pool and "Production" for the other.

Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an IAM policy, you can constrain permissions for user pools based on specific tags or tag values.

You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.

Each argument is described in detail in: Paws::CognitoIdp::UntagResource

Returns: a Paws::CognitoIdp::UntagResourceResponse instance

Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account

Each argument is described in detail in: Paws::CognitoIdp::UpdateAuthEventFeedback

Returns: a Paws::CognitoIdp::UpdateAuthEventFeedbackResponse instance

Provides the feedback for an authentication event whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

[DeviceRememberedStatus => Str]

Each argument is described in detail in: Paws::CognitoIdp::UpdateDeviceStatus

Returns: a Paws::CognitoIdp::UpdateDeviceStatusResponse instance

Updates the device status.

[Description => Str]
[Precedence => Int]
[RoleArn => Str]

Each argument is described in detail in: Paws::CognitoIdp::UpdateGroup

Returns: a Paws::CognitoIdp::UpdateGroupResponse instance

Updates the specified group with the specified attributes.

Calling this action requires developer credentials.

If you don't provide a value for an attribute, it will be set to the default value.

[AttributeMapping => Paws::CognitoIdp::AttributeMappingType]
[IdpIdentifiers => ArrayRef[Str|Undef]]
[ProviderDetails => Paws::CognitoIdp::ProviderDetailsType]

Each argument is described in detail in: Paws::CognitoIdp::UpdateIdentityProvider

Returns: a Paws::CognitoIdp::UpdateIdentityProviderResponse instance

Updates identity provider information for a user pool.

[Scopes => ArrayRef[Paws::CognitoIdp::ResourceServerScopeType]]

Each argument is described in detail in: Paws::CognitoIdp::UpdateResourceServer

Returns: a Paws::CognitoIdp::UpdateResourceServerResponse instance

Updates the name and scopes of resource server. All other fields are read-only.

If you don't provide a value for an attribute, it will be set to the default value.

[ClientMetadata => Paws::CognitoIdp::ClientMetadataType]

Each argument is described in detail in: Paws::CognitoIdp::UpdateUserAttributes

Returns: a Paws::CognitoIdp::UpdateUserAttributesResponse instance

Allows a user to update a specific attribute (one at a time).

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

[AccountRecoverySetting => Paws::CognitoIdp::AccountRecoverySettingType]
[AdminCreateUserConfig => Paws::CognitoIdp::AdminCreateUserConfigType]
[AutoVerifiedAttributes => ArrayRef[Str|Undef]]
[DeviceConfiguration => Paws::CognitoIdp::DeviceConfigurationType]
[EmailConfiguration => Paws::CognitoIdp::EmailConfigurationType]
[EmailVerificationMessage => Str]
[EmailVerificationSubject => Str]
[LambdaConfig => Paws::CognitoIdp::LambdaConfigType]
[MfaConfiguration => Str]
[Policies => Paws::CognitoIdp::UserPoolPolicyType]
[SmsAuthenticationMessage => Str]
[SmsConfiguration => Paws::CognitoIdp::SmsConfigurationType]
[SmsVerificationMessage => Str]
[UserPoolAddOns => Paws::CognitoIdp::UserPoolAddOnsType]
[UserPoolTags => Paws::CognitoIdp::UserPoolTagsType]
[VerificationMessageTemplate => Paws::CognitoIdp::VerificationMessageTemplateType]

Each argument is described in detail in: Paws::CognitoIdp::UpdateUserPool

Returns: a Paws::CognitoIdp::UpdateUserPoolResponse instance

Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). If you don't provide a value for an attribute, it will be set to the default value.

This action might generate an SMS text message. Starting June 1, 2021, U.S. telecom carriers require that you register an origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Cognito will use the the registered number automatically. Otherwise, Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other AWS service, Amazon SNS might place your account in SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you’ll have limitations, such as sending messages to only verified phone numbers. After testing in the sandbox environment, you can move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html) in the Amazon Cognito Developer Guide.

[AccessTokenValidity => Int]
[AllowedOAuthFlows => ArrayRef[Str|Undef]]
[AllowedOAuthFlowsUserPoolClient => Bool]
[AllowedOAuthScopes => ArrayRef[Str|Undef]]
[AnalyticsConfiguration => Paws::CognitoIdp::AnalyticsConfigurationType]
[CallbackURLs => ArrayRef[Str|Undef]]
[ClientName => Str]
[DefaultRedirectURI => Str]
[EnableTokenRevocation => Bool]
[ExplicitAuthFlows => ArrayRef[Str|Undef]]
[IdTokenValidity => Int]
[LogoutURLs => ArrayRef[Str|Undef]]
[PreventUserExistenceErrors => Str]
[ReadAttributes => ArrayRef[Str|Undef]]
[RefreshTokenValidity => Int]
[SupportedIdentityProviders => ArrayRef[Str|Undef]]
[TokenValidityUnits => Paws::CognitoIdp::TokenValidityUnitsType]
[WriteAttributes => ArrayRef[Str|Undef]]

Each argument is described in detail in: Paws::CognitoIdp::UpdateUserPoolClient

Returns: a Paws::CognitoIdp::UpdateUserPoolClientResponse instance

Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html).

If you don't provide a value for an attribute, it will be set to the default value.

You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).

Each argument is described in detail in: Paws::CognitoIdp::UpdateUserPoolDomain

Returns: a Paws::CognitoIdp::UpdateUserPoolDomainResponse instance

Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.

You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You cannot use it to change the domain for a user pool.

A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with AWS Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.

Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically.

However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito.

When you add your new certificate in ACM, you must choose US East (N. Virginia) as the AWS Region.

After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.

For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html).

[AccessToken => Str]
[FriendlyDeviceName => Str]
[Session => Str]

Each argument is described in detail in: Paws::CognitoIdp::VerifySoftwareToken

Returns: a Paws::CognitoIdp::VerifySoftwareTokenResponse instance

Use this API to register a user's entered TOTP code and mark the user's software token MFA status as "verified" if successful. The request takes an access token or a session string, but not both.

Each argument is described in detail in: Paws::CognitoIdp::VerifyUserAttribute

Returns: a Paws::CognitoIdp::VerifyUserAttributeResponse instance

Verifies the specified user attributes in the user pool.

Paginator methods are helpers that repetively call methods that return partial results

If passed a sub as first parameter, it will call the sub for each element found in :

 - Groups, passing the object as the first parameter, and the string 'Groups' as the second parameter

If not, it will return a a Paws::CognitoIdp::AdminListGroupsForUserResponse instance with all the "param"s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

If passed a sub as first parameter, it will call the sub for each element found in :

 - AuthEvents, passing the object as the first parameter, and the string 'AuthEvents' as the second parameter

If not, it will return a a Paws::CognitoIdp::AdminListUserAuthEventsResponse instance with all the "param"s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

If passed a sub as first parameter, it will call the sub for each element found in :

 - Groups, passing the object as the first parameter, and the string 'Groups' as the second parameter

If not, it will return a a Paws::CognitoIdp::ListGroupsResponse instance with all the "param"s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

If passed a sub as first parameter, it will call the sub for each element found in :

 - Providers, passing the object as the first parameter, and the string 'Providers' as the second parameter

If not, it will return a a Paws::CognitoIdp::ListIdentityProvidersResponse instance with all the "param"s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

If passed a sub as first parameter, it will call the sub for each element found in :

 - ResourceServers, passing the object as the first parameter, and the string 'ResourceServers' as the second parameter

If not, it will return a a Paws::CognitoIdp::ListResourceServersResponse instance with all the "param"s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

If passed a sub as first parameter, it will call the sub for each element found in :

 - UserPoolClients, passing the object as the first parameter, and the string 'UserPoolClients' as the second parameter

If not, it will return a a Paws::CognitoIdp::ListUserPoolClientsResponse instance with all the "param"s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

If passed a sub as first parameter, it will call the sub for each element found in :

 - UserPools, passing the object as the first parameter, and the string 'UserPools' as the second parameter

If not, it will return a a Paws::CognitoIdp::ListUserPoolsResponse instance with all the "param"s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

If passed a sub as first parameter, it will call the sub for each element found in :

 - Users, passing the object as the first parameter, and the string 'Users' as the second parameter

If not, it will return a a Paws::CognitoIdp::ListUsersResponse instance with all the "param"s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

If passed a sub as first parameter, it will call the sub for each element found in :

 - Users, passing the object as the first parameter, and the string 'Users' as the second parameter

If not, it will return a a Paws::CognitoIdp::ListUsersInGroupResponse instance with all the "param"s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

This service class forms part of Paws

The source code is located here: <https://github.com/pplu/aws-sdk-perl>

Please report bugs to: <https://github.com/pplu/aws-sdk-perl/issues>

2022-06-01 perl v5.40.2
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.