@Generated(value="com.amazonaws:aws-java-sdk-code-generator") public class AbstractAWSCognitoIdentityProvider extends Object implements AWSCognitoIdentityProvider
AWSCognitoIdentityProvider. Convenient method forms pass through to the
corresponding overload that takes a request object, which throws an UnsupportedOperationException.ENDPOINT_PREFIX| Modifier and Type | Method and Description |
|---|---|
AddCustomAttributesResult |
addCustomAttributes(AddCustomAttributesRequest request)
Adds additional user attributes to the user pool schema.
|
AdminAddUserToGroupResult |
adminAddUserToGroup(AdminAddUserToGroupRequest request)
Adds the specified user to the specified group.
|
AdminConfirmSignUpResult |
adminConfirmSignUp(AdminConfirmSignUpRequest request)
Confirms user registration as an admin without using a confirmation code.
|
AdminCreateUserResult |
adminCreateUser(AdminCreateUserRequest request)
Creates a new user in the specified user pool.
|
AdminDeleteUserResult |
adminDeleteUser(AdminDeleteUserRequest request)
Deletes a user as an administrator.
|
AdminDeleteUserAttributesResult |
adminDeleteUserAttributes(AdminDeleteUserAttributesRequest request)
Deletes the user attributes in a user pool as an administrator.
|
AdminDisableProviderForUserResult |
adminDisableProviderForUser(AdminDisableProviderForUserRequest request)
Disables the user from signing in with the specified external (SAML or social) identity provider.
|
AdminDisableUserResult |
adminDisableUser(AdminDisableUserRequest request)
Disables the specified user.
|
AdminEnableUserResult |
adminEnableUser(AdminEnableUserRequest request)
Enables the specified user as an administrator.
|
AdminForgetDeviceResult |
adminForgetDevice(AdminForgetDeviceRequest request)
Forgets the device, as an administrator.
|
AdminGetDeviceResult |
adminGetDevice(AdminGetDeviceRequest request)
Gets the device, as an administrator.
|
AdminGetUserResult |
adminGetUser(AdminGetUserRequest request)
Gets the specified user by user name in a user pool as an administrator.
|
AdminInitiateAuthResult |
adminInitiateAuth(AdminInitiateAuthRequest request)
Initiates the authentication flow, as an administrator.
|
AdminLinkProviderForUserResult |
adminLinkProviderForUser(AdminLinkProviderForUserRequest request)
Links an existing user account in a user pool (
DestinationUser) to an identity from an external
identity provider (SourceUser) based on a specified attribute name and value from the external
identity provider. |
AdminListDevicesResult |
adminListDevices(AdminListDevicesRequest request)
Lists devices, as an administrator.
|
AdminListGroupsForUserResult |
adminListGroupsForUser(AdminListGroupsForUserRequest request)
Lists the groups that the user belongs to.
|
AdminListUserAuthEventsResult |
adminListUserAuthEvents(AdminListUserAuthEventsRequest request)
Lists a history of user activity and any risks detected as part of Amazon Cognito advanced security.
|
AdminRemoveUserFromGroupResult |
adminRemoveUserFromGroup(AdminRemoveUserFromGroupRequest request)
Removes the specified user from the specified group.
|
AdminResetUserPasswordResult |
adminResetUserPassword(AdminResetUserPasswordRequest request)
Resets the specified user's password in a user pool as an administrator.
|
AdminRespondToAuthChallengeResult |
adminRespondToAuthChallenge(AdminRespondToAuthChallengeRequest request)
Responds to an authentication challenge, as an administrator.
|
AdminSetUserMFAPreferenceResult |
adminSetUserMFAPreference(AdminSetUserMFAPreferenceRequest request)
Sets the user's multi-factor authentication (MFA) preference, including which MFA options are enabled and if any
are preferred.
|
AdminSetUserPasswordResult |
adminSetUserPassword(AdminSetUserPasswordRequest request)
Sets the specified user's password in a user pool as an administrator.
|
AdminSetUserSettingsResult |
adminSetUserSettings(AdminSetUserSettingsRequest request)
This action is no longer supported. You can use it to configure only SMS MFA.
|
AdminUpdateAuthEventFeedbackResult |
adminUpdateAuthEventFeedback(AdminUpdateAuthEventFeedbackRequest request)
Provides feedback for an authentication event as to whether it was from a valid user.
|
AdminUpdateDeviceStatusResult |
adminUpdateDeviceStatus(AdminUpdateDeviceStatusRequest request)
Updates the device status as an administrator.
|
AdminUpdateUserAttributesResult |
adminUpdateUserAttributes(AdminUpdateUserAttributesRequest request)
Updates the specified user's attributes, including developer attributes, as an administrator.
|
AdminUserGlobalSignOutResult |
adminUserGlobalSignOut(AdminUserGlobalSignOutRequest request)
Signs out users from all devices, as an administrator.
|
AssociateSoftwareTokenResult |
associateSoftwareToken(AssociateSoftwareTokenRequest request)
Returns a unique generated shared secret key code for the user account.
|
ChangePasswordResult |
changePassword(ChangePasswordRequest request)
Changes the password for a specified user in a user pool.
|
ConfirmDeviceResult |
confirmDevice(ConfirmDeviceRequest request)
Confirms tracking of the device.
|
ConfirmForgotPasswordResult |
confirmForgotPassword(ConfirmForgotPasswordRequest request)
Allows a user to enter a confirmation code to reset a forgotten password.
|
ConfirmSignUpResult |
confirmSignUp(ConfirmSignUpRequest request)
Confirms registration of a user and handles the existing alias from a previous user.
|
CreateGroupResult |
createGroup(CreateGroupRequest request)
Creates a new group in the specified user pool.
|
CreateIdentityProviderResult |
createIdentityProvider(CreateIdentityProviderRequest request)
Creates an identity provider for a user pool.
|
CreateResourceServerResult |
createResourceServer(CreateResourceServerRequest request)
Creates a new OAuth2.0 resource server and defines custom scopes in it.
|
CreateUserImportJobResult |
createUserImportJob(CreateUserImportJobRequest request)
Creates the user import job.
|
CreateUserPoolResult |
createUserPool(CreateUserPoolRequest request)
Creates a new Amazon Cognito user pool and sets the password policy for the pool.
|
CreateUserPoolClientResult |
createUserPoolClient(CreateUserPoolClientRequest request)
Creates the user pool client.
|
CreateUserPoolDomainResult |
createUserPoolDomain(CreateUserPoolDomainRequest request)
Creates a new domain for a user pool.
|
DeleteGroupResult |
deleteGroup(DeleteGroupRequest request)
Deletes a group.
|
DeleteIdentityProviderResult |
deleteIdentityProvider(DeleteIdentityProviderRequest request)
Deletes an identity provider for a user pool.
|
DeleteResourceServerResult |
deleteResourceServer(DeleteResourceServerRequest request)
Deletes a resource server.
|
DeleteUserResult |
deleteUser(DeleteUserRequest request)
Allows a user to delete himself or herself.
|
DeleteUserAttributesResult |
deleteUserAttributes(DeleteUserAttributesRequest request)
Deletes the attributes for a user.
|
DeleteUserPoolResult |
deleteUserPool(DeleteUserPoolRequest request)
Deletes the specified Amazon Cognito user pool.
|
DeleteUserPoolClientResult |
deleteUserPoolClient(DeleteUserPoolClientRequest request)
Allows the developer to delete the user pool client.
|
DeleteUserPoolDomainResult |
deleteUserPoolDomain(DeleteUserPoolDomainRequest request)
Deletes a domain for a user pool.
|
DescribeIdentityProviderResult |
describeIdentityProvider(DescribeIdentityProviderRequest request)
Gets information about a specific identity provider.
|
DescribeResourceServerResult |
describeResourceServer(DescribeResourceServerRequest request)
Describes a resource server.
|
DescribeRiskConfigurationResult |
describeRiskConfiguration(DescribeRiskConfigurationRequest request)
Describes the risk configuration.
|
DescribeUserImportJobResult |
describeUserImportJob(DescribeUserImportJobRequest request)
Describes the user import job.
|
DescribeUserPoolResult |
describeUserPool(DescribeUserPoolRequest request)
Returns the configuration information and metadata of the specified user pool.
|
DescribeUserPoolClientResult |
describeUserPoolClient(DescribeUserPoolClientRequest request)
Client method for returning the configuration information and metadata of the specified user pool app client.
|
DescribeUserPoolDomainResult |
describeUserPoolDomain(DescribeUserPoolDomainRequest request)
Gets information about a domain.
|
ForgetDeviceResult |
forgetDevice(ForgetDeviceRequest request)
Forgets the specified device.
|
ForgotPasswordResult |
forgotPassword(ForgotPasswordRequest request)
Calling this API causes a message to be sent to the end user with a confirmation code that is required to change
the user's password.
|
ResponseMetadata |
getCachedResponseMetadata(AmazonWebServiceRequest request)
Returns additional metadata for a previously executed successful request, typically used for debugging issues
where a service isn't acting as expected.
|
GetCSVHeaderResult |
getCSVHeader(GetCSVHeaderRequest request)
Gets the header information for the .csv file to be used as input for the user import job.
|
GetDeviceResult |
getDevice(GetDeviceRequest request)
Gets the device.
|
GetGroupResult |
getGroup(GetGroupRequest request)
Gets a group.
|
GetIdentityProviderByIdentifierResult |
getIdentityProviderByIdentifier(GetIdentityProviderByIdentifierRequest request)
Gets the specified identity provider.
|
GetSigningCertificateResult |
getSigningCertificate(GetSigningCertificateRequest request)
This method takes a user pool ID, and returns the signing certificate.
|
GetUICustomizationResult |
getUICustomization(GetUICustomizationRequest request)
Gets the UI Customization information for a particular app client's app UI, if there is something set.
|
GetUserResult |
getUser(GetUserRequest request)
Gets the user attributes and metadata for a user.
|
GetUserAttributeVerificationCodeResult |
getUserAttributeVerificationCode(GetUserAttributeVerificationCodeRequest request)
Gets the user attribute verification code for the specified attribute name.
|
GetUserPoolMfaConfigResult |
getUserPoolMfaConfig(GetUserPoolMfaConfigRequest request)
Gets the user pool multi-factor authentication (MFA) configuration.
|
GlobalSignOutResult |
globalSignOut(GlobalSignOutRequest request)
Signs out users from all devices.
|
InitiateAuthResult |
initiateAuth(InitiateAuthRequest request)
Initiates the authentication flow.
|
ListDevicesResult |
listDevices(ListDevicesRequest request)
Lists the devices.
|
ListGroupsResult |
listGroups(ListGroupsRequest request)
Lists the groups associated with a user pool.
|
ListIdentityProvidersResult |
listIdentityProviders(ListIdentityProvidersRequest request)
Lists information about all identity providers for a user pool.
|
ListResourceServersResult |
listResourceServers(ListResourceServersRequest request)
Lists the resource servers for a user pool.
|
ListTagsForResourceResult |
listTagsForResource(ListTagsForResourceRequest request)
Lists the tags that are assigned to an Amazon Cognito user pool.
|
ListUserImportJobsResult |
listUserImportJobs(ListUserImportJobsRequest request)
Lists the user import jobs.
|
ListUserPoolClientsResult |
listUserPoolClients(ListUserPoolClientsRequest request)
Lists the clients that have been created for the specified user pool.
|
ListUserPoolsResult |
listUserPools(ListUserPoolsRequest request)
Lists the user pools associated with an AWS account.
|
ListUsersResult |
listUsers(ListUsersRequest request)
Lists the users in the Amazon Cognito user pool.
|
ListUsersInGroupResult |
listUsersInGroup(ListUsersInGroupRequest request)
Lists the users in the specified group.
|
ResendConfirmationCodeResult |
resendConfirmationCode(ResendConfirmationCodeRequest request)
Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
|
RespondToAuthChallengeResult |
respondToAuthChallenge(RespondToAuthChallengeRequest request)
Responds to the authentication challenge.
|
void |
setEndpoint(String endpoint)
Overrides the default endpoint for this client ("https://cognito-idp.us-east-1.amazonaws.com").
|
void |
setRegion(Region region)
An alternative to
AWSCognitoIdentityProvider.setEndpoint(String), sets the regional endpoint for this
client's service calls. |
SetRiskConfigurationResult |
setRiskConfiguration(SetRiskConfigurationRequest request)
Configures actions on detected risks.
|
SetUICustomizationResult |
setUICustomization(SetUICustomizationRequest request)
Sets the UI customization information for a user pool's built-in app UI.
|
SetUserMFAPreferenceResult |
setUserMFAPreference(SetUserMFAPreferenceRequest request)
Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are enabled and
if any are preferred.
|
SetUserPoolMfaConfigResult |
setUserPoolMfaConfig(SetUserPoolMfaConfigRequest request)
Set the user pool multi-factor authentication (MFA) configuration.
|
SetUserSettingsResult |
setUserSettings(SetUserSettingsRequest request)
This action is no longer supported. You can use it to configure only SMS MFA.
|
void |
shutdown()
Shuts down this client object, releasing any resources that might be held open.
|
SignUpResult |
signUp(SignUpRequest request)
Registers the user in the specified user pool and creates a user name, password, and user attributes.
|
StartUserImportJobResult |
startUserImportJob(StartUserImportJobRequest request)
Starts the user import.
|
StopUserImportJobResult |
stopUserImportJob(StopUserImportJobRequest request)
Stops the user import job.
|
TagResourceResult |
tagResource(TagResourceRequest request)
Assigns a set of tags to an Amazon Cognito user pool.
|
UntagResourceResult |
untagResource(UntagResourceRequest request)
Removes the specified tags from an Amazon Cognito user pool.
|
UpdateAuthEventFeedbackResult |
updateAuthEventFeedback(UpdateAuthEventFeedbackRequest request)
Provides the feedback for an authentication event whether it was from a valid user or not.
|
UpdateDeviceStatusResult |
updateDeviceStatus(UpdateDeviceStatusRequest request)
Updates the device status.
|
UpdateGroupResult |
updateGroup(UpdateGroupRequest request)
Updates the specified group with the specified attributes.
|
UpdateIdentityProviderResult |
updateIdentityProvider(UpdateIdentityProviderRequest request)
Updates identity provider information for a user pool.
|
UpdateResourceServerResult |
updateResourceServer(UpdateResourceServerRequest request)
Updates the name and scopes of resource server.
|
UpdateUserAttributesResult |
updateUserAttributes(UpdateUserAttributesRequest request)
Allows a user to update a specific attribute (one at a time).
|
UpdateUserPoolResult |
updateUserPool(UpdateUserPoolRequest request)
Updates the specified user pool with the specified attributes.
|
UpdateUserPoolClientResult |
updateUserPoolClient(UpdateUserPoolClientRequest request)
Updates the specified user pool app client with the specified attributes.
|
UpdateUserPoolDomainResult |
updateUserPoolDomain(UpdateUserPoolDomainRequest request)
Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.
|
VerifySoftwareTokenResult |
verifySoftwareToken(VerifySoftwareTokenRequest request)
Use this API to register a user's entered TOTP code and mark the user's software token MFA status as "verified"
if successful.
|
VerifyUserAttributeResult |
verifyUserAttribute(VerifyUserAttributeRequest request)
Verifies the specified user attributes in the user pool.
|
public void setEndpoint(String endpoint)
AWSCognitoIdentityProvider
Callers can pass in just the endpoint (ex: "cognito-idp.us-east-1.amazonaws.com") or a full URL, including the
protocol (ex: "https://cognito-idp.us-east-1.amazonaws.com"). If the protocol is not specified here, the default
protocol from this client's ClientConfiguration will be used, which by default is HTTPS.
For more information on using AWS regions with the AWS SDK for Java, and a complete list of all available endpoints for all AWS services, see: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/java-dg-region-selection.html#region-selection- choose-endpoint
This method is not threadsafe. An endpoint should be configured when the client is created and before any service requests are made. Changing it afterwards creates inevitable race conditions for any service requests in transit or retrying.
setEndpoint in interface AWSCognitoIdentityProviderendpoint - The endpoint (ex: "cognito-idp.us-east-1.amazonaws.com") or a full URL, including the protocol (ex:
"https://cognito-idp.us-east-1.amazonaws.com") of the region specific AWS endpoint this client will
communicate with.public void setRegion(Region region)
AWSCognitoIdentityProviderAWSCognitoIdentityProvider.setEndpoint(String), sets the regional endpoint for this
client's service calls. Callers can use this method to control which AWS region they want to work with.
By default, all service endpoints in all regions use the https protocol. To use http instead, specify it in the
ClientConfiguration supplied at construction.
This method is not threadsafe. A region should be configured when the client is created and before any service requests are made. Changing it afterwards creates inevitable race conditions for any service requests in transit or retrying.
setRegion in interface AWSCognitoIdentityProviderregion - The region this client will communicate with. See Region.getRegion(com.amazonaws.regions.Regions)
for accessing a given region. Must not be null and must be a region where the service is available.Region.getRegion(com.amazonaws.regions.Regions),
Region.createClient(Class, com.amazonaws.auth.AWSCredentialsProvider, ClientConfiguration),
Region.isServiceSupported(String)public AddCustomAttributesResult addCustomAttributes(AddCustomAttributesRequest request)
AWSCognitoIdentityProviderAdds additional user attributes to the user pool schema.
addCustomAttributes in interface AWSCognitoIdentityProviderrequest - Represents the request to add custom attributes.public AdminAddUserToGroupResult adminAddUserToGroup(AdminAddUserToGroupRequest request)
AWSCognitoIdentityProviderAdds the specified user to the specified group.
Calling this action requires developer credentials.
adminAddUserToGroup in interface AWSCognitoIdentityProviderpublic AdminConfirmSignUpResult adminConfirmSignUp(AdminConfirmSignUpRequest request)
AWSCognitoIdentityProviderConfirms user registration as an admin without using a confirmation code. Works on any user.
Calling this action requires developer credentials.
adminConfirmSignUp in interface AWSCognitoIdentityProviderrequest - Represents the request to confirm user registration.public AdminCreateUserResult adminCreateUser(AdminCreateUserRequest request)
AWSCognitoIdentityProviderCreates a new user in the specified user pool.
If MessageAction is not set, the default is to send a welcome message via email or phone (SMS).
This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.
Alternatively, you can call AdminCreateUser with “SUPPRESS” for the MessageAction
parameter, and Amazon Cognito will not send any email.
In either case, the user will be in the FORCE_CHANGE_PASSWORD state until they sign in and change
their password.
AdminCreateUser requires developer credentials.
adminCreateUser in interface AWSCognitoIdentityProviderrequest - Represents the request to create a user in the specified user pool.public AdminDeleteUserResult adminDeleteUser(AdminDeleteUserRequest request)
AWSCognitoIdentityProviderDeletes a user as an administrator. Works on any user.
Calling this action requires developer credentials.
adminDeleteUser in interface AWSCognitoIdentityProviderrequest - Represents the request to delete a user as an administrator.public AdminDeleteUserAttributesResult adminDeleteUserAttributes(AdminDeleteUserAttributesRequest request)
AWSCognitoIdentityProviderDeletes the user attributes in a user pool as an administrator. Works on any user.
Calling this action requires developer credentials.
adminDeleteUserAttributes in interface AWSCognitoIdentityProviderrequest - Represents the request to delete user attributes as an administrator.public AdminDisableProviderForUserResult adminDisableProviderForUser(AdminDisableProviderForUserRequest request)
AWSCognitoIdentityProvider
Disables the user from signing in with the specified external (SAML or social) identity provider. If the user to
disable is a Cognito User Pools native username + password user, they are not permitted to use their password to
sign-in. If the user to disable is a linked external IdP user, any link between that user and an existing user is
removed. The next time the external user (no longer attached to the previously linked
DestinationUser) signs in, they must create a new user account. See AdminLinkProviderForUser.
This action is enabled only for admin access and requires developer credentials.
The ProviderName must match the value specified when creating an IdP for the pool.
To disable a native username + password user, the ProviderName value must be Cognito
and the ProviderAttributeName must be Cognito_Subject, with the
ProviderAttributeValue being the name that is used in the user pool for the user.
The ProviderAttributeName must always be Cognito_Subject for social identity providers.
The ProviderAttributeValue must always be the exact subject that was used when the user was
originally linked as a source user.
For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign-in,
the ProviderAttributeName and ProviderAttributeValue must be the same values that were
used for the SourceUser when the identities were originally linked using
AdminLinkProviderForUser call. (If the linking was done with ProviderAttributeName set
to Cognito_Subject, the same applies here). However, if the user has already signed in, the
ProviderAttributeName must be Cognito_Subject and ProviderAttributeValue
must be the subject of the SAML assertion.
adminDisableProviderForUser in interface AWSCognitoIdentityProviderpublic AdminDisableUserResult adminDisableUser(AdminDisableUserRequest request)
AWSCognitoIdentityProviderDisables the specified user.
Calling this action requires developer credentials.
adminDisableUser in interface AWSCognitoIdentityProviderrequest - Represents the request to disable any user as an administrator.public AdminEnableUserResult adminEnableUser(AdminEnableUserRequest request)
AWSCognitoIdentityProviderEnables the specified user as an administrator. Works on any user.
Calling this action requires developer credentials.
adminEnableUser in interface AWSCognitoIdentityProviderrequest - Represents the request that enables the user as an administrator.public AdminForgetDeviceResult adminForgetDevice(AdminForgetDeviceRequest request)
AWSCognitoIdentityProviderForgets the device, as an administrator.
Calling this action requires developer credentials.
adminForgetDevice in interface AWSCognitoIdentityProviderrequest - Sends the forgot device request, as an administrator.public AdminGetDeviceResult adminGetDevice(AdminGetDeviceRequest request)
AWSCognitoIdentityProviderGets the device, as an administrator.
Calling this action requires developer credentials.
adminGetDevice in interface AWSCognitoIdentityProviderrequest - Represents the request to get the device, as an administrator.public AdminGetUserResult adminGetUser(AdminGetUserRequest request)
AWSCognitoIdentityProviderGets the specified user by user name in a user pool as an administrator. Works on any user.
Calling this action requires developer credentials.
adminGetUser in interface AWSCognitoIdentityProviderrequest - Represents the request to get the specified user as an administrator.public AdminInitiateAuthResult adminInitiateAuth(AdminInitiateAuthRequest request)
AWSCognitoIdentityProviderInitiates the authentication flow, as an administrator.
Calling this action requires developer credentials.
adminInitiateAuth in interface AWSCognitoIdentityProviderrequest - Initiates the authorization request, as an administrator.public AdminLinkProviderForUserResult adminLinkProviderForUser(AdminLinkProviderForUserRequest request)
AWSCognitoIdentityProvider
Links an existing user account in a user pool (DestinationUser) to an identity from an external
identity provider (SourceUser) based on a specified attribute name and value from the external
identity provider. This allows you to create a link from the existing user account to an external federated user
identity that has not yet been used to sign in, so that the federated user identity can be used to sign in as the
existing user account.
For example, if there is an existing user with a username and password, this API links that user to a federated user identity, so that when the federated user identity is used, the user signs in as the existing user account.
The maximum number of federated identities linked to a user is 5.
Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external identity providers and provider attributes that have been trusted by the application owner.
This action is enabled only for admin access and requires developer credentials.
adminLinkProviderForUser in interface AWSCognitoIdentityProviderpublic AdminListDevicesResult adminListDevices(AdminListDevicesRequest request)
AWSCognitoIdentityProviderLists devices, as an administrator.
Calling this action requires developer credentials.
adminListDevices in interface AWSCognitoIdentityProviderrequest - Represents the request to list devices, as an administrator.public AdminListGroupsForUserResult adminListGroupsForUser(AdminListGroupsForUserRequest request)
AWSCognitoIdentityProviderLists the groups that the user belongs to.
Calling this action requires developer credentials.
adminListGroupsForUser in interface AWSCognitoIdentityProviderpublic AdminListUserAuthEventsResult adminListUserAuthEvents(AdminListUserAuthEventsRequest request)
AWSCognitoIdentityProviderLists a history of user activity and any risks detected as part of Amazon Cognito advanced security.
adminListUserAuthEvents in interface AWSCognitoIdentityProviderpublic AdminRemoveUserFromGroupResult adminRemoveUserFromGroup(AdminRemoveUserFromGroupRequest request)
AWSCognitoIdentityProviderRemoves the specified user from the specified group.
Calling this action requires developer credentials.
adminRemoveUserFromGroup in interface AWSCognitoIdentityProviderpublic AdminResetUserPasswordResult adminResetUserPassword(AdminResetUserPasswordRequest request)
AWSCognitoIdentityProviderResets the specified user's password in a user pool as an administrator. Works on any user.
When a developer calls this API, the current password is invalidated, so it must be changed. If a user tries to sign in after the API is called, the app will get a PasswordResetRequiredException exception back and should direct the user down the flow to reset the password, which is the same as the forgot password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.
Calling this action requires developer credentials.
adminResetUserPassword in interface AWSCognitoIdentityProviderrequest - Represents the request to reset a user's password as an administrator.public AdminRespondToAuthChallengeResult adminRespondToAuthChallenge(AdminRespondToAuthChallengeRequest request)
AWSCognitoIdentityProviderResponds to an authentication challenge, as an administrator.
Calling this action requires developer credentials.
adminRespondToAuthChallenge in interface AWSCognitoIdentityProviderrequest - The request to respond to the authentication challenge, as an administrator.public AdminSetUserMFAPreferenceResult adminSetUserMFAPreference(AdminSetUserMFAPreferenceRequest request)
AWSCognitoIdentityProviderSets the user's multi-factor authentication (MFA) preference, including which MFA options are enabled and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are enabled. If multiple options are enabled and no preference is set, a challenge to choose an MFA option will be returned during sign in.
adminSetUserMFAPreference in interface AWSCognitoIdentityProviderpublic AdminSetUserPasswordResult adminSetUserPassword(AdminSetUserPasswordRequest request)
AWSCognitoIdentityProviderSets the specified user's password in a user pool as an administrator. Works on any user.
The password can be temporary or permanent. If it is temporary, the user status will be placed into the
FORCE_CHANGE_PASSWORD state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth
response will contain the NEW_PASSWORD_REQUIRED challenge. If the user does not sign in before it
expires, the user will not be able to sign in and their password will need to be reset by an administrator.
Once the user has set a new password, or the password is permanent, the user status will be set to
Confirmed.
adminSetUserPassword in interface AWSCognitoIdentityProviderpublic AdminSetUserSettingsResult adminSetUserSettings(AdminSetUserSettingsRequest request)
AWSCognitoIdentityProviderThis action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.
adminSetUserSettings in interface AWSCognitoIdentityProviderrequest - You can use this parameter to set an MFA configuration that uses the SMS delivery medium.public AdminUpdateAuthEventFeedbackResult adminUpdateAuthEventFeedback(AdminUpdateAuthEventFeedbackRequest request)
AWSCognitoIdentityProviderProvides feedback for an authentication event as to whether it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
adminUpdateAuthEventFeedback in interface AWSCognitoIdentityProviderpublic AdminUpdateDeviceStatusResult adminUpdateDeviceStatus(AdminUpdateDeviceStatusRequest request)
AWSCognitoIdentityProviderUpdates the device status as an administrator.
Calling this action requires developer credentials.
adminUpdateDeviceStatus in interface AWSCognitoIdentityProviderrequest - The request to update the device status, as an administrator.public AdminUpdateUserAttributesResult adminUpdateUserAttributes(AdminUpdateUserAttributesRequest request)
AWSCognitoIdentityProviderUpdates the specified user's attributes, including developer attributes, as an administrator. Works on any user.
For custom attributes, you must prepend the custom: prefix to the attribute name.
In addition to updating user attributes, this API can also be used to mark phone and email as verified.
Calling this action requires developer credentials.
adminUpdateUserAttributes in interface AWSCognitoIdentityProviderrequest - Represents the request to update the user's attributes as an administrator.public AdminUserGlobalSignOutResult adminUserGlobalSignOut(AdminUserGlobalSignOutRequest request)
AWSCognitoIdentityProviderSigns out users from all devices, as an administrator. It also invalidates all refresh tokens issued to a user. The user's current access and Id tokens remain valid until their expiry. Access and Id tokens expire one hour after they are issued.
Calling this action requires developer credentials.
adminUserGlobalSignOut in interface AWSCognitoIdentityProviderrequest - The request to sign out of all devices, as an administrator.public AssociateSoftwareTokenResult associateSoftwareToken(AssociateSoftwareTokenRequest request)
AWSCognitoIdentityProviderReturns a unique generated shared secret key code for the user account. The request takes an access token or a session string, but not both.
associateSoftwareToken in interface AWSCognitoIdentityProviderpublic ChangePasswordResult changePassword(ChangePasswordRequest request)
AWSCognitoIdentityProviderChanges the password for a specified user in a user pool.
changePassword in interface AWSCognitoIdentityProviderrequest - Represents the request to change a user password.public ConfirmDeviceResult confirmDevice(ConfirmDeviceRequest request)
AWSCognitoIdentityProviderConfirms tracking of the device. This API call is the call that begins device tracking.
confirmDevice in interface AWSCognitoIdentityProviderrequest - Confirms the device request.public ConfirmForgotPasswordResult confirmForgotPassword(ConfirmForgotPasswordRequest request)
AWSCognitoIdentityProviderAllows a user to enter a confirmation code to reset a forgotten password.
confirmForgotPassword in interface AWSCognitoIdentityProviderrequest - The request representing the confirmation for a password reset.public ConfirmSignUpResult confirmSignUp(ConfirmSignUpRequest request)
AWSCognitoIdentityProviderConfirms registration of a user and handles the existing alias from a previous user.
confirmSignUp in interface AWSCognitoIdentityProviderrequest - Represents the request to confirm registration of a user.public CreateGroupResult createGroup(CreateGroupRequest request)
AWSCognitoIdentityProviderCreates a new group in the specified user pool.
Calling this action requires developer credentials.
createGroup in interface AWSCognitoIdentityProviderpublic CreateIdentityProviderResult createIdentityProvider(CreateIdentityProviderRequest request)
AWSCognitoIdentityProviderCreates an identity provider for a user pool.
createIdentityProvider in interface AWSCognitoIdentityProviderpublic CreateResourceServerResult createResourceServer(CreateResourceServerRequest request)
AWSCognitoIdentityProviderCreates a new OAuth2.0 resource server and defines custom scopes in it.
createResourceServer in interface AWSCognitoIdentityProviderpublic CreateUserImportJobResult createUserImportJob(CreateUserImportJobRequest request)
AWSCognitoIdentityProviderCreates the user import job.
createUserImportJob in interface AWSCognitoIdentityProviderrequest - Represents the request to create the user import job.public CreateUserPoolResult createUserPool(CreateUserPoolRequest request)
AWSCognitoIdentityProviderCreates a new Amazon Cognito user pool and sets the password policy for the pool.
createUserPool in interface AWSCognitoIdentityProviderrequest - Represents the request to create a user pool.public CreateUserPoolClientResult createUserPoolClient(CreateUserPoolClientRequest request)
AWSCognitoIdentityProviderCreates the user pool client.
createUserPoolClient in interface AWSCognitoIdentityProviderrequest - Represents the request to create a user pool client.public CreateUserPoolDomainResult createUserPoolDomain(CreateUserPoolDomainRequest request)
AWSCognitoIdentityProviderCreates a new domain for a user pool.
createUserPoolDomain in interface AWSCognitoIdentityProviderpublic DeleteGroupResult deleteGroup(DeleteGroupRequest request)
AWSCognitoIdentityProviderDeletes a group. Currently only groups with no members can be deleted.
Calling this action requires developer credentials.
deleteGroup in interface AWSCognitoIdentityProviderpublic DeleteIdentityProviderResult deleteIdentityProvider(DeleteIdentityProviderRequest request)
AWSCognitoIdentityProviderDeletes an identity provider for a user pool.
deleteIdentityProvider in interface AWSCognitoIdentityProviderpublic DeleteResourceServerResult deleteResourceServer(DeleteResourceServerRequest request)
AWSCognitoIdentityProviderDeletes a resource server.
deleteResourceServer in interface AWSCognitoIdentityProviderpublic DeleteUserResult deleteUser(DeleteUserRequest request)
AWSCognitoIdentityProviderAllows a user to delete himself or herself.
deleteUser in interface AWSCognitoIdentityProviderrequest - Represents the request to delete a user.public DeleteUserAttributesResult deleteUserAttributes(DeleteUserAttributesRequest request)
AWSCognitoIdentityProviderDeletes the attributes for a user.
deleteUserAttributes in interface AWSCognitoIdentityProviderrequest - Represents the request to delete user attributes.public DeleteUserPoolResult deleteUserPool(DeleteUserPoolRequest request)
AWSCognitoIdentityProviderDeletes the specified Amazon Cognito user pool.
deleteUserPool in interface AWSCognitoIdentityProviderrequest - Represents the request to delete a user pool.public DeleteUserPoolClientResult deleteUserPoolClient(DeleteUserPoolClientRequest request)
AWSCognitoIdentityProviderAllows the developer to delete the user pool client.
deleteUserPoolClient in interface AWSCognitoIdentityProviderrequest - Represents the request to delete a user pool client.public DeleteUserPoolDomainResult deleteUserPoolDomain(DeleteUserPoolDomainRequest request)
AWSCognitoIdentityProviderDeletes a domain for a user pool.
deleteUserPoolDomain in interface AWSCognitoIdentityProviderpublic DescribeIdentityProviderResult describeIdentityProvider(DescribeIdentityProviderRequest request)
AWSCognitoIdentityProviderGets information about a specific identity provider.
describeIdentityProvider in interface AWSCognitoIdentityProviderpublic DescribeResourceServerResult describeResourceServer(DescribeResourceServerRequest request)
AWSCognitoIdentityProviderDescribes a resource server.
describeResourceServer in interface AWSCognitoIdentityProviderpublic DescribeRiskConfigurationResult describeRiskConfiguration(DescribeRiskConfigurationRequest request)
AWSCognitoIdentityProviderDescribes the risk configuration.
describeRiskConfiguration in interface AWSCognitoIdentityProviderpublic DescribeUserImportJobResult describeUserImportJob(DescribeUserImportJobRequest request)
AWSCognitoIdentityProviderDescribes the user import job.
describeUserImportJob in interface AWSCognitoIdentityProviderrequest - Represents the request to describe the user import job.public DescribeUserPoolResult describeUserPool(DescribeUserPoolRequest request)
AWSCognitoIdentityProviderReturns the configuration information and metadata of the specified user pool.
describeUserPool in interface AWSCognitoIdentityProviderrequest - Represents the request to describe the user pool.public DescribeUserPoolClientResult describeUserPoolClient(DescribeUserPoolClientRequest request)
AWSCognitoIdentityProviderClient method for returning the configuration information and metadata of the specified user pool app client.
describeUserPoolClient in interface AWSCognitoIdentityProviderrequest - Represents the request to describe a user pool client.public DescribeUserPoolDomainResult describeUserPoolDomain(DescribeUserPoolDomainRequest request)
AWSCognitoIdentityProviderGets information about a domain.
describeUserPoolDomain in interface AWSCognitoIdentityProviderpublic ForgetDeviceResult forgetDevice(ForgetDeviceRequest request)
AWSCognitoIdentityProviderForgets the specified device.
forgetDevice in interface AWSCognitoIdentityProviderrequest - Represents the request to forget the device.public ForgotPasswordResult forgotPassword(ForgotPasswordRequest request)
AWSCognitoIdentityProvider
Calling this API causes a message to be sent to the end user with a confirmation code that is required to change
the user's password. For the Username parameter, you can use the username or user alias. The method
used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more
information, see Recovering
User Accounts in the Amazon Cognito Developer Guide. If neither a verified phone number nor a verified
email exists, an InvalidParameterException is thrown. To use the confirmation code for resetting the
password, call ConfirmForgotPassword.
forgotPassword in interface AWSCognitoIdentityProviderrequest - Represents the request to reset a user's password.public GetCSVHeaderResult getCSVHeader(GetCSVHeaderRequest request)
AWSCognitoIdentityProviderGets the header information for the .csv file to be used as input for the user import job.
getCSVHeader in interface AWSCognitoIdentityProviderrequest - Represents the request to get the header information for the .csv file for the user import job.public GetDeviceResult getDevice(GetDeviceRequest request)
AWSCognitoIdentityProviderGets the device.
getDevice in interface AWSCognitoIdentityProviderrequest - Represents the request to get the device.public GetGroupResult getGroup(GetGroupRequest request)
AWSCognitoIdentityProviderGets a group.
Calling this action requires developer credentials.
getGroup in interface AWSCognitoIdentityProviderpublic GetIdentityProviderByIdentifierResult getIdentityProviderByIdentifier(GetIdentityProviderByIdentifierRequest request)
AWSCognitoIdentityProviderGets the specified identity provider.
getIdentityProviderByIdentifier in interface AWSCognitoIdentityProviderpublic GetSigningCertificateResult getSigningCertificate(GetSigningCertificateRequest request)
AWSCognitoIdentityProviderThis method takes a user pool ID, and returns the signing certificate.
getSigningCertificate in interface AWSCognitoIdentityProviderrequest - Request to get a signing certificate from Cognito.public GetUICustomizationResult getUICustomization(GetUICustomizationRequest request)
AWSCognitoIdentityProvider
Gets the UI Customization information for a particular app client's app UI, if there is something set. If nothing
is set for the particular client, but there is an existing pool level customization (app clientId
will be ALL), then that is returned. If nothing is present, then an empty shape is returned.
getUICustomization in interface AWSCognitoIdentityProviderpublic GetUserResult getUser(GetUserRequest request)
AWSCognitoIdentityProviderGets the user attributes and metadata for a user.
getUser in interface AWSCognitoIdentityProviderrequest - Represents the request to get information about the user.public GetUserAttributeVerificationCodeResult getUserAttributeVerificationCode(GetUserAttributeVerificationCodeRequest request)
AWSCognitoIdentityProviderGets the user attribute verification code for the specified attribute name.
getUserAttributeVerificationCode in interface AWSCognitoIdentityProviderrequest - Represents the request to get user attribute verification.public GetUserPoolMfaConfigResult getUserPoolMfaConfig(GetUserPoolMfaConfigRequest request)
AWSCognitoIdentityProviderGets the user pool multi-factor authentication (MFA) configuration.
getUserPoolMfaConfig in interface AWSCognitoIdentityProviderpublic GlobalSignOutResult globalSignOut(GlobalSignOutRequest request)
AWSCognitoIdentityProviderSigns out users from all devices. It also invalidates all refresh tokens issued to a user. The user's current access and Id tokens remain valid until their expiry. Access and Id tokens expire one hour after they are issued.
globalSignOut in interface AWSCognitoIdentityProviderrequest - Represents the request to sign out all devices.public InitiateAuthResult initiateAuth(InitiateAuthRequest request)
AWSCognitoIdentityProviderInitiates the authentication flow.
initiateAuth in interface AWSCognitoIdentityProviderrequest - Initiates the authentication request.public ListDevicesResult listDevices(ListDevicesRequest request)
AWSCognitoIdentityProviderLists the devices.
listDevices in interface AWSCognitoIdentityProviderrequest - Represents the request to list the devices.public ListGroupsResult listGroups(ListGroupsRequest request)
AWSCognitoIdentityProviderLists the groups associated with a user pool.
Calling this action requires developer credentials.
listGroups in interface AWSCognitoIdentityProviderpublic ListIdentityProvidersResult listIdentityProviders(ListIdentityProvidersRequest request)
AWSCognitoIdentityProviderLists information about all identity providers for a user pool.
listIdentityProviders in interface AWSCognitoIdentityProviderpublic ListResourceServersResult listResourceServers(ListResourceServersRequest request)
AWSCognitoIdentityProviderLists the resource servers for a user pool.
listResourceServers in interface AWSCognitoIdentityProviderpublic ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest request)
AWSCognitoIdentityProviderLists the tags that are assigned to an Amazon Cognito user pool.
A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
You can use this action up to 10 times per second, per account.
listTagsForResource in interface AWSCognitoIdentityProviderpublic ListUserImportJobsResult listUserImportJobs(ListUserImportJobsRequest request)
AWSCognitoIdentityProviderLists the user import jobs.
listUserImportJobs in interface AWSCognitoIdentityProviderrequest - Represents the request to list the user import jobs.public ListUserPoolClientsResult listUserPoolClients(ListUserPoolClientsRequest request)
AWSCognitoIdentityProviderLists the clients that have been created for the specified user pool.
listUserPoolClients in interface AWSCognitoIdentityProviderrequest - Represents the request to list the user pool clients.public ListUserPoolsResult listUserPools(ListUserPoolsRequest request)
AWSCognitoIdentityProviderLists the user pools associated with an AWS account.
listUserPools in interface AWSCognitoIdentityProviderrequest - Represents the request to list user pools.public ListUsersResult listUsers(ListUsersRequest request)
AWSCognitoIdentityProviderLists the users in the Amazon Cognito user pool.
listUsers in interface AWSCognitoIdentityProviderrequest - Represents the request to list users.public ListUsersInGroupResult listUsersInGroup(ListUsersInGroupRequest request)
AWSCognitoIdentityProviderLists the users in the specified group.
Calling this action requires developer credentials.
listUsersInGroup in interface AWSCognitoIdentityProviderpublic ResendConfirmationCodeResult resendConfirmationCode(ResendConfirmationCodeRequest request)
AWSCognitoIdentityProviderResends the confirmation (for confirmation of registration) to a specific user in the user pool.
resendConfirmationCode in interface AWSCognitoIdentityProviderrequest - Represents the request to resend the confirmation code.public RespondToAuthChallengeResult respondToAuthChallenge(RespondToAuthChallengeRequest request)
AWSCognitoIdentityProviderResponds to the authentication challenge.
respondToAuthChallenge in interface AWSCognitoIdentityProviderrequest - The request to respond to an authentication challenge.public SetRiskConfigurationResult setRiskConfiguration(SetRiskConfigurationRequest request)
AWSCognitoIdentityProvider
Configures actions on detected risks. To delete the risk configuration for UserPoolId or
ClientId, pass null values for all four configuration types.
To enable Amazon Cognito advanced security features, update the user pool to include the
UserPoolAddOns keyAdvancedSecurityMode.
setRiskConfiguration in interface AWSCognitoIdentityProviderpublic SetUICustomizationResult setUICustomization(SetUICustomizationRequest request)
AWSCognitoIdentityProviderSets the UI customization information for a user pool's built-in app UI.
You can specify app UI customization settings for a single client (with a specific clientId) or for
all clients (by setting the clientId to ALL). If you specify ALL, the
default configuration will be used for every client that has no UI customization set previously. If you specify
UI customization settings for a particular client, it will no longer fall back to the ALL
configuration.
To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.
setUICustomization in interface AWSCognitoIdentityProviderpublic SetUserMFAPreferenceResult setUserMFAPreference(SetUserMFAPreferenceRequest request)
AWSCognitoIdentityProviderSet the user's multi-factor authentication (MFA) method preference, including which MFA factors are enabled and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are enabled. If multiple options are enabled and no preference is set, a challenge to choose an MFA option will be returned during sign in. If an MFA type is enabled for a user, the user will be prompted for MFA during all sign in attempts, unless device tracking is turned on and the device has been trusted. If you would like MFA to be applied selectively based on the assessed risk level of sign in attempts, disable MFA for users and turn on Adaptive Authentication for the user pool.
setUserMFAPreference in interface AWSCognitoIdentityProviderpublic SetUserPoolMfaConfigResult setUserPoolMfaConfig(SetUserPoolMfaConfigRequest request)
AWSCognitoIdentityProviderSet the user pool multi-factor authentication (MFA) configuration.
setUserPoolMfaConfig in interface AWSCognitoIdentityProviderpublic SetUserSettingsResult setUserSettings(SetUserSettingsRequest request)
AWSCognitoIdentityProviderThis action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.
setUserSettings in interface AWSCognitoIdentityProviderrequest - Represents the request to set user settings.public SignUpResult signUp(SignUpRequest request)
AWSCognitoIdentityProviderRegisters the user in the specified user pool and creates a user name, password, and user attributes.
signUp in interface AWSCognitoIdentityProviderrequest - Represents the request to register a user.public StartUserImportJobResult startUserImportJob(StartUserImportJobRequest request)
AWSCognitoIdentityProviderStarts the user import.
startUserImportJob in interface AWSCognitoIdentityProviderrequest - Represents the request to start the user import job.public StopUserImportJobResult stopUserImportJob(StopUserImportJobRequest request)
AWSCognitoIdentityProviderStops the user import job.
stopUserImportJob in interface AWSCognitoIdentityProviderrequest - Represents the request to stop the user import job.public TagResourceResult tagResource(TagResourceRequest request)
AWSCognitoIdentityProviderAssigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
Each tag consists of a key and value, both of which you define. A key is a general category for more specific
values. For example, if you have two versions of a user pool, one for testing and another for production, you
might assign an Environment tag key to both user pools. The value of this key might be
Test for one user pool and Production for the other.
Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an IAM policy, you can constrain permissions for user pools based on specific tags or tag values.
You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.
tagResource in interface AWSCognitoIdentityProviderpublic UntagResourceResult untagResource(UntagResourceRequest request)
AWSCognitoIdentityProviderRemoves the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account
untagResource in interface AWSCognitoIdentityProviderpublic UpdateAuthEventFeedbackResult updateAuthEventFeedback(UpdateAuthEventFeedbackRequest request)
AWSCognitoIdentityProviderProvides the feedback for an authentication event whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
updateAuthEventFeedback in interface AWSCognitoIdentityProviderpublic UpdateDeviceStatusResult updateDeviceStatus(UpdateDeviceStatusRequest request)
AWSCognitoIdentityProviderUpdates the device status.
updateDeviceStatus in interface AWSCognitoIdentityProviderrequest - Represents the request to update the device status.public UpdateGroupResult updateGroup(UpdateGroupRequest request)
AWSCognitoIdentityProviderUpdates the specified group with the specified attributes.
Calling this action requires developer credentials.
If you don't provide a value for an attribute, it will be set to the default value.
updateGroup in interface AWSCognitoIdentityProviderpublic UpdateIdentityProviderResult updateIdentityProvider(UpdateIdentityProviderRequest request)
AWSCognitoIdentityProviderUpdates identity provider information for a user pool.
updateIdentityProvider in interface AWSCognitoIdentityProviderpublic UpdateResourceServerResult updateResourceServer(UpdateResourceServerRequest request)
AWSCognitoIdentityProviderUpdates the name and scopes of resource server. All other fields are read-only.
If you don't provide a value for an attribute, it will be set to the default value.
updateResourceServer in interface AWSCognitoIdentityProviderpublic UpdateUserAttributesResult updateUserAttributes(UpdateUserAttributesRequest request)
AWSCognitoIdentityProviderAllows a user to update a specific attribute (one at a time).
updateUserAttributes in interface AWSCognitoIdentityProviderrequest - Represents the request to update user attributes.public UpdateUserPoolResult updateUserPool(UpdateUserPoolRequest request)
AWSCognitoIdentityProviderUpdates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.
If you don't provide a value for an attribute, it will be set to the default value.
updateUserPool in interface AWSCognitoIdentityProviderrequest - Represents the request to update the user pool.public UpdateUserPoolClientResult updateUserPoolClient(UpdateUserPoolClientRequest request)
AWSCognitoIdentityProviderUpdates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient.
If you don't provide a value for an attribute, it will be set to the default value.
updateUserPoolClient in interface AWSCognitoIdentityProviderrequest - Represents the request to update the user pool client.public UpdateUserPoolDomainResult updateUserPoolDomain(UpdateUserPoolDomainRequest request)
AWSCognitoIdentityProviderUpdates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.
You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You cannot use it to change the domain for a user pool.
A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with AWS Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.
Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically.
However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito.
When you add your new certificate in ACM, you must choose US East (N. Virginia) as the AWS Region.
After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.
For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.
updateUserPoolDomain in interface AWSCognitoIdentityProviderrequest - The UpdateUserPoolDomain request input.public VerifySoftwareTokenResult verifySoftwareToken(VerifySoftwareTokenRequest request)
AWSCognitoIdentityProviderUse this API to register a user's entered TOTP code and mark the user's software token MFA status as "verified" if successful. The request takes an access token or a session string, but not both.
verifySoftwareToken in interface AWSCognitoIdentityProviderpublic VerifyUserAttributeResult verifyUserAttribute(VerifyUserAttributeRequest request)
AWSCognitoIdentityProviderVerifies the specified user attributes in the user pool.
verifyUserAttribute in interface AWSCognitoIdentityProviderrequest - Represents the request to verify user attributes.public void shutdown()
AWSCognitoIdentityProvidershutdown in interface AWSCognitoIdentityProviderpublic ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request)
AWSCognitoIdentityProviderResponse metadata is only cached for a limited period of time, so if you need to access this extra diagnostic information for an executed request, you should use this method to retrieve it as soon as possible after executing a request.
getCachedResponseMetadata in interface AWSCognitoIdentityProviderrequest - The originally executed request.