Boolean allowAdminCreateUserOnly
Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app.
Integer unusedAccountValidityDays
The user account expiration limit, in days, after which the account is no longer usable. To reset the account after that time limit, you must call AdminCreateUser again, specifying "RESEND" for the MessageAction parameter. The default value for this paameter is 7.
MessageTemplateType inviteMessageTemplate
The message template to be used for the welcome message to new users.
String userPoolId
The user pool ID for the user pool where the user will be created.
String username
The username for the user. Must be unique within the user pool. Must be a UTF-8 string between 1 and 128 characters. After the user is created, the username cannot be changed.
List<E> userAttributes
An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than Username. However, any attributes that you specify as required (in CreateUserPool or in the Attributes tab of the console) must be supplied either by you (in your call to AdminCreateUser) or by the user (when he or she signs up in response to your welcome message).
To send a message inviting the user to sign up, you must specify the user's email address or phone number. This can be done in your call to AdminCreateUser or in the Users tab of the Amazon Cognito console for managing your user pools.
In your call to AdminCreateUser, you can set the email_verified attribute to True, and you can set the phone_number_verified attribute to True. (You cannot do this by calling other operations such as AdminUpdateUserAttributes.)
email: The email address of the user to whom the message that contains the code and username will be sent. Required if the email_verified attribute is set to True, or if "EMAIL" is specified in the DesiredDeliveryMediums parameter.
phone_number: The phone number of the user to whom the message that contains the code and username will be sent. Required if the phone_number_verified attribute is set to True, or if "SMS" is specified in the DesiredDeliveryMediums parameter.
List<E> validationData
The user's validation data. This is an array of name-value pairs that contain user attributes and attribute values that you can use for custom validation, such as restricting the types of user accounts that can be registered. For example, you might choose to allow or disallow user sign-up based on the user's domain.
To configure custom validation, you must create a Pre Sign-up Lambda trigger for the user pool as described in the Amazon Cognito Developer Guide. The Lambda trigger receives the validation data and uses it in the validation process.
The user's validation data is not persisted.
String temporaryPassword
The user's temporary password. This password must conform to the password policy that you specified when you created the user pool.
The temporary password is valid only once. To complete the Admin Create User flow, the user must enter the temporary password in the sign-in page along with a new password to be used in all future sign-ins.
This parameter is not required. If you do not specify a value, Amazon Cognito generates one for you.
The temporary password can only be used until the user account expiration limit that you specified when you created the user pool. To reset the account after that time limit, you must call AdminCreateUser again, specifying "RESEND" for the MessageAction parameter.
Boolean forceAliasCreation
This parameter is only used if the phone_number_verified or email_verified attribute is set to True. Otherwise, it is ignored.
If this parameter is set to True and the phone number or email address specified in the UserAttributes parameter already exists as an alias with a different user, the API call will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias.
If this parameter is set to False, the API throws an AliasExistsException error if the alias already exists. The default value is False.
String messageAction
Set to "RESEND" to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to "SUPPRESS" to suppress sending the message. Only one value can be specified.
List<E> desiredDeliveryMediums
Specify "EMAIL" if email will be used to send the welcome message. Specify "SMS" if the phone number will be used. The default value is "SMS". More than one value can be specified.
UserType user
The user returned in the request to create a new user.
String userPoolId
The user pool ID for the user pool where you want to delete user attributes.
String username
The user name of the user from which you would like to delete attributes.
List<E> userAttributeNames
An array of strings representing the user attribute names you wish to delete.
DeviceType device
The device.
String username
The user name of the user about whom you are receiving information.
List<E> userAttributes
An array of name-value pairs representing user attributes.
Date userCreateDate
The date the user was created.
Date userLastModifiedDate
The date the user was last modified.
Boolean enabled
Indicates that the status is enabled.
String userStatus
The user status. Can be one of the following:
UNCONFIRMED - User has been created but not confirmed.
CONFIRMED - User has been confirmed.
ARCHIVED - User is no longer active.
COMPROMISED - User is disabled due to a potential security threat.
UNKNOWN - User status is not known.
List<E> mFAOptions
Specifies the options for MFA (e.g., email or phone number).
String username
The username for the user.
String userPoolId
The user pool ID for the user pool.
Integer limit
The limit of the request to list groups.
String nextToken
An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
String challengeName
The name of the challenge.
String session
The session.
Map<K,V> challengeParameters
The challenge parameters.
AuthenticationResultType authenticationResult
The result returned by the server in response to the authentication request.
String userPoolId
The user pool ID for the user pool where you want to set the user's settings, such as MFA options.
String username
The user name of the user for whom you wish to set user settings.
List<E> mFAOptions
Specifies the options for MFA (e.g., email or phone number).
String accessToken
The access token of the authentication result.
Integer expiresIn
The expiration period of the authentication result.
String tokenType
The token type of the authentication result.
String refreshToken
The refresh token of the authentication result.
String idToken
The ID token of the authentication result.
NewDeviceMetadataType newDeviceMetadata
The new device metadata from an authentication result.
String accessToken
The access token.
String deviceKey
The device key.
DeviceSecretVerifierConfigType deviceSecretVerifierConfig
The configuration of the device secret verifier.
String deviceName
The device name.
Boolean userConfirmationNecessary
Indicates whether the user confirmation is necessary to confirm the device response.
String clientId
The ID of the client associated with the user pool.
String secretHash
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
String username
The user name of the user for whom you want to enter a code to retrieve a forgotten password.
String confirmationCode
The confirmation code sent by a user's request to retrieve a forgotten password.
String password
The password sent by sent by a user's request to retrieve a forgotten password.
String clientId
The ID of the client associated with the user pool.
String secretHash
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
String username
The user name of the user whose registration you wish to confirm.
String confirmationCode
The confirmation code sent by a user's request to confirm registration.
Boolean forceAliasCreation
Boolean to be specified to force user confirmation irrespective of existing alias. By default set to False. If this parameter is set to True and the phone number/email used for sign up confirmation already exists as an alias with a different user, the API call will migrate the alias from the previous user to the newly created user being confirmed. If set to False, the API will throw an AliasExistsException error.
String groupName
The name of the group. Must be unique.
String userPoolId
The user pool ID for the user pool.
String description
A string containing the description of the group.
String roleArn
The role ARN for the group.
Integer precedence
A nonnegative integer value that specifies the precedence of this group relative to the other groups that a user
can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence
values take precedence over groups with higher or null Precedence values. If a user belongs to two
or more groups, it is the group with the lowest precedence value whose role ARN will be used in the
cognito:roles and cognito:preferred_role claims in the user's tokens.
Two groups can have the same Precedence value. If this happens, neither group takes precedence over
the other. If two groups with the same Precedence have the same role ARN, that role is used in the
cognito:preferred_role claim in tokens for users in each group. If the two groups have different
role ARNs, the cognito:preferred_role claim is not set in users' tokens.
The default Precedence value is null.
GroupType group
The group object for the group.
UserImportJobType userImportJob
The job object that represents the user import job.
String userPoolId
The user pool ID for the user pool where you want to create a user pool client.
String clientName
The client name for the user pool client you would like to create.
Boolean generateSecret
Boolean to specify whether you want to generate a secret for the user pool client being created.
Integer refreshTokenValidity
The validity of the refresh token, in days.
List<E> readAttributes
The read attributes.
List<E> writeAttributes
The write attributes.
List<E> explicitAuthFlows
The explicit authentication flows.
UserPoolClientType userPoolClient
The user pool client that was just created.
String poolName
A string used to name the user pool.
UserPoolPolicyType policies
The policies associated with the new user pool.
LambdaConfigType lambdaConfig
The Lambda trigger configuration information for the new user pool.
List<E> autoVerifiedAttributes
The attributes to be auto-verified. Possible values: email, phone_number.
List<E> aliasAttributes
Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username.
String smsVerificationMessage
A string representing the SMS verification message.
String emailVerificationMessage
A string representing the email verification message.
String emailVerificationSubject
A string representing the email verification subject.
String smsAuthenticationMessage
A string representing the SMS authentication message.
String mfaConfiguration
Specifies MFA configuration details.
DeviceConfigurationType deviceConfiguration
The device configuration.
EmailConfigurationType emailConfiguration
The email configuration.
SmsConfigurationType smsConfiguration
The SMS configuration.
Map<K,V> userPoolTags
The cost allocation tags for the user pool. For more information, see Adding Cost Allocation Tags to Your User Pool
AdminCreateUserConfigType adminCreateUserConfig
The configuration for AdminCreateUser requests.
List<E> schema
An array of schema attributes for the new user pool. These attributes can be standard or custom attributes.
UserPoolType userPool
A container for the user pool details.
String userPoolId
The user pool ID for the user pool you want to delete.
String accessToken
The access token from a request to delete a user.
UserImportJobType userImportJob
The job object that represents the user import job.
UserPoolClientType userPoolClient
The user pool client from a server response to describe the user pool client.
String userPoolId
The user pool ID for the user pool you want to describe.
UserPoolType userPool
The container of metadata returned by the server to describe the pool.
String deviceKey
The device key.
List<E> deviceAttributes
The device attributes.
Date deviceCreateDate
The creation date of the device.
Date deviceLastModifiedDate
The last modified date of the device.
Date deviceLastAuthenticatedDate
The date in which the device was last authenticated.
String clientId
The ID of the client associated with the user pool.
String secretHash
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
String username
The user name of the user for whom you want to enter a code to reset a forgotten password.
CodeDeliveryDetailsType codeDeliveryDetails
The code delivery details returned by the server in response to the request to reset a password.
String userPoolId
The user pool ID for the user pool that the users are to be imported into.
DeviceType device
The device.
GroupType group
The group object for the group.
CodeDeliveryDetailsType codeDeliveryDetails
The code delivery details returned by the server in response to the request to get the user attribute verification code.
String accessToken
The access token returned by the server response to get information about the user.
String accessToken
The access token.
String groupName
The name of the group.
String userPoolId
The user pool ID for the user pool.
String description
A string containing the description of the group.
String roleArn
The role ARN for the group.
Integer precedence
A nonnegative integer value that specifies the precedence of this group relative to the other groups that a user
can belong to in the user pool. If a user belongs to two or more groups, it is the group with the highest
precedence whose role ARN will be used in the cognito:roles and cognito:preferred_role
claims in the user's tokens. Groups with higher Precedence values take precedence over groups with
lower Precedence values or with null Precedence values.
Two groups can have the same Precedence value. If this happens, neither group takes precedence over
the other. If two groups with the same Precedence have the same role ARN, that role is used in the
cognito:preferred_role claim in tokens for users in each group. If the two groups have different
role ARNs, the cognito:preferred_role claim is not set in users' tokens.
The default Precedence value is null.
Date lastModifiedDate
The date the group was last modified.
Date creationDate
The date the group was created.
String challengeName
The name of the challenge.
String session
The session.
Map<K,V> challengeParameters
The challenge parameters.
AuthenticationResultType authenticationResult
The result returned by the server in response to the request to initiate authentication.
String preSignUp
A pre-registration AWS Lambda trigger.
String customMessage
A custom Message AWS Lambda trigger.
String postConfirmation
A post-confirmation AWS Lambda trigger.
String preAuthentication
A pre-authentication AWS Lambda trigger.
String postAuthentication
A post-authentication AWS Lambda trigger.
String defineAuthChallenge
Defines the authentication challenge.
String createAuthChallenge
Creates an authentication challenge.
String verifyAuthChallengeResponse
Verifies the authentication challenge response.
String userPoolId
The user pool ID for the user pool that the users are being imported into.
Integer maxResults
The maximum number of import jobs you want the request to return.
String paginationToken
An identifier that was returned from the previous call to ListUserImportJobs, which can be used to return the next set of import jobs in the list.
String userPoolId
The user pool ID for the user pool where you want to list user pool clients.
Integer maxResults
The maximum number of results you want the request to return when listing the user pool clients.
String nextToken
An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
String userPoolId
The user pool ID for the user pool.
String groupName
The name of the group.
Integer limit
The limit of the request to list users.
String nextToken
An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
String userPoolId
The user pool ID for which you want to list users.
List<E> attributesToGet
The attributes to get from the request to list users.
Integer limit
The limit of the request to list users.
String paginationToken
An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
String filter
The filter for the list users request.
Integer minimumLength
The minimum length of the password policy that you have set. Cannot be less than 6.
Boolean requireUppercase
In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.
Boolean requireLowercase
In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.
Boolean requireNumbers
In the password policy that you have set, refers to whether you have required users to use at least one number in their password.
Boolean requireSymbols
In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.
String clientId
The ID of the client associated with the user pool.
String secretHash
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
String username
The user name of the user to whom you wish to resend a confirmation code.
CodeDeliveryDetailsType codeDeliveryDetails
The code delivery details returned by the server in response to the request to resend the confirmation code.
String challengeName
The challenge name.
String session
The session.
Map<K,V> challengeParameters
The challenge parameters.
AuthenticationResultType authenticationResult
The result returned by the server in response to the request to respond to the authentication challenge.
String name
A schema attribute of the name type.
String attributeDataType
The attribute data type.
Boolean developerOnlyAttribute
Specifies whether the attribute type is developer only.
Boolean mutable
Specifies whether the attribute can be changed once it has been created.
Boolean required
Specifies whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail.
NumberAttributeConstraintsType numberAttributeConstraints
Specifies the constraints for an attribute of the number type.
StringAttributeConstraintsType stringAttributeConstraints
Specifies the constraints for an attribute of the string type.
String clientId
The ID of the client associated with the user pool.
String secretHash
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
String username
The user name of the user you wish to register.
String password
The password of the user you wish to register.
List<E> userAttributes
An array of name-value pairs representing user attributes.
List<E> validationData
The validation data in the request to register a user.
Boolean userConfirmed
A response from the server indicating that a user registration has been confirmed.
CodeDeliveryDetailsType codeDeliveryDetails
The code delivery details returned by the server response to the user registration request.
UserImportJobType userImportJob
The job object that represents the user import job.
UserImportJobType userImportJob
The job object that represents the user import job.
String groupName
The name of the group.
String userPoolId
The user pool ID for the user pool.
String description
A string containing the new description of the group.
String roleArn
The new role ARN for the group. This is used for setting the cognito:roles and
cognito:preferred_role claims in the token.
Integer precedence
The new precedence value for the group. For more information about this parameter, see CreateGroupRequest.
GroupType group
The group object for the group.
String userPoolId
The user pool ID for the user pool where you want to update the user pool client.
String clientId
The ID of the client associated with the user pool.
String clientName
The client name from the update user pool client request.
Integer refreshTokenValidity
The validity of the refresh token, in days.
List<E> readAttributes
The read-only attributes of the user pool.
List<E> writeAttributes
The writeable attributes of the user pool.
List<E> explicitAuthFlows
Explicit authentication flows.
UserPoolClientType userPoolClient
The user pool client value from the response from the server when an update user pool client request is made.
String userPoolId
The user pool ID for the user pool you want to update.
UserPoolPolicyType policies
A container with the policies you wish to update in a user pool.
LambdaConfigType lambdaConfig
The AWS Lambda configuration information from the request to update the user pool.
List<E> autoVerifiedAttributes
The attributes that are automatically verified when the Amazon Cognito service makes a request to update user pools.
String smsVerificationMessage
A container with information about the SMS verification message.
String emailVerificationMessage
The contents of the email verification message.
String emailVerificationSubject
The subject of the email verfication message.
String smsAuthenticationMessage
The contents of the SMS authentication message.
String mfaConfiguration
Can be one of the following values:
OFF - MFA tokens are not required and cannot be specified during user registration.
ON - MFA tokens are required for all user registrations. You can only specify required when you are
initially creating a user pool.
OPTIONAL - Users have the option when registering to create an MFA token.
DeviceConfigurationType deviceConfiguration
Device configuration.
EmailConfigurationType emailConfiguration
Email configuration.
SmsConfigurationType smsConfiguration
SMS configuration.
Map<K,V> userPoolTags
The cost allocation tags for the user pool. For more information, see Adding Cost Allocation Tags to Your User Pool
AdminCreateUserConfigType adminCreateUserConfig
The configuration for AdminCreateUser requests.
String jobName
The job name for the user import job.
String jobId
The job ID for the user import job.
String userPoolId
The user pool ID for the user pool that the users are being imported into.
String preSignedUrl
The pre-signed URL to be used to upload the .csv file.
Date creationDate
The date when the user import job was created.
Date startDate
The date when the user import job was started.
Date completionDate
The date when the user imoprt job was completed.
String status
The status of the user import job. One of the following:
Created - The job was created but not started.
Pending - A transition state. You have started the job, but it has not begun importing users yet.
InProgress - The job has started, and users are being imported.
Stopping - You have stopped the job, but the job has not stopped importing users yet.
Stopped - You have stopped the job, and the job has stopped importing users.
Succeeded - The job has completed successfully.
Failed - The job has stopped due to an error.
Expired - You created a job, but did not start the job within 24-48 hours. All data associated with the job was deleted, and the job cannot be started.
String cloudWatchLogsRoleArn
The role ARN for the Amazon CloudWatch Logging role for the user import job. For more information, see "Creating the CloudWatch Logs IAM Role" in the Amazon Cognito Developer Guide.
Long importedUsers
The number of users that were successfully imported.
Long skippedUsers
The number of users that were skipped.
Long failedUsers
The number of users that could not be imported.
String completionMessage
The message returned when the user import job is completed.
String userPoolId
The user pool ID for the user pool client.
String clientName
The client name from the user pool request of the client type.
String clientId
The ID of the client associated with the user pool.
String clientSecret
The client secret from the user pool request of the client type.
Date lastModifiedDate
The last modified date from the user pool request of the client type.
Date creationDate
The creation date from the user pool request of the client type.
Integer refreshTokenValidity
The validity of the refresh token, in days.
List<E> readAttributes
The Read-only attributes.
List<E> writeAttributes
The writeable attributes.
List<E> explicitAuthFlows
The explicit authentication flows.
String id
The ID in a user pool description.
String name
The name in a user pool description.
LambdaConfigType lambdaConfig
The AWS Lambda configuration information in a user pool description.
String status
The user pool status in a user pool description.
Date lastModifiedDate
The last modified date in a user pool description.
Date creationDate
The creation date in a user pool description.
PasswordPolicyType passwordPolicy
A container with information about the user pool password policy.
String id
The ID of the user pool.
String name
The name of the user pool.
UserPoolPolicyType policies
A container describing the policies associated with a user pool.
LambdaConfigType lambdaConfig
A container describing the AWS Lambda triggers associated with a user pool.
String status
The status of a user pool.
Date lastModifiedDate
The last modified date of a user pool.
Date creationDate
The creation date of a user pool.
List<E> schemaAttributes
A container with the schema attributes of a user pool.
List<E> autoVerifiedAttributes
Specifies the attributes that are auto-verified in a user pool.
List<E> aliasAttributes
Specifies the attributes that are aliased in a user pool.
String smsVerificationMessage
The contents of the SMS verification message.
String emailVerificationMessage
The contents of the email verification message.
String emailVerificationSubject
The subject of the email verification message.
String smsAuthenticationMessage
The contents of the SMS authentication message.
String mfaConfiguration
Can be one of the following values:
OFF - MFA tokens are not required and cannot be specified during user registration.
ON - MFA tokens are required for all user registrations. You can only specify required when you are
initially creating a user pool.
OPTIONAL - Users have the option when registering to create an MFA token.
DeviceConfigurationType deviceConfiguration
The device configuration.
Integer estimatedNumberOfUsers
A number estimating the size of the user pool.
EmailConfigurationType emailConfiguration
The email configuration.
SmsConfigurationType smsConfiguration
The SMS configuration.
Map<K,V> userPoolTags
The cost allocation tags for the user pool. For more information, see Adding Cost Allocation Tags to Your User Pool
String smsConfigurationFailure
The reason why the SMS configuration cannot send the message(s) to your users.
String emailConfigurationFailure
The reason why the email configuration cannot send the messages to your users.
AdminCreateUserConfigType adminCreateUserConfig
The configuration for AdminCreateUser requests.
String username
The user name of the user you wish to describe.
List<E> attributes
A container with information about the user type attributes.
Date userCreateDate
The creation date of the user.
Date userLastModifiedDate
The last modified date of the user.
Boolean enabled
Specifies whether the user is enabled.
String userStatus
The user status. Can be one of the following:
UNCONFIRMED - User has been created but not confirmed.
CONFIRMED - User has been confirmed.
ARCHIVED - User is no longer active.
COMPROMISED - User is disabled due to a potential security threat.
UNKNOWN - User status is not known.
List<E> mFAOptions
The MFA options for the user.
Copyright © 2017. All rights reserved.