software.amazon.awssdk.services.cognitoidentityprovider.model

Class CreateUserPoolClientRequest

java.lang.Object

software.amazon.awssdk.core.SdkRequest

software.amazon.awssdk.awscore.AwsRequest

software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderRequest

software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolClientRequest

All Implemented Interfaces:

SdkPojo, ToCopyableBuilder<CreateUserPoolClientRequest.Builder,CreateUserPoolClientRequest>

@Generated(value="software.amazon.awssdk:codegen")
public final class CreateUserPoolClientRequest
extends CognitoIdentityProviderRequest
implements ToCopyableBuilder<CreateUserPoolClientRequest.Builder,CreateUserPoolClientRequest>

Represents the request to create a user pool client.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static interface	CreateUserPoolClientRequest.Builder

Method Summary

Modifier and Type	Method and Description
Integer	accessTokenValidity() The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and can't be used.
List<OAuthFlowType>	allowedOAuthFlows() The allowed OAuth flows.
List<String>	allowedOAuthFlowsAsStrings() The allowed OAuth flows.
Boolean	allowedOAuthFlowsUserPoolClient() Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.
List<String>	allowedOAuthScopes() The allowed OAuth scopes.
AnalyticsConfigurationType	analyticsConfiguration() The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.
static CreateUserPoolClientRequest.Builder	builder()
List<String>	callbackURLs() A list of allowed redirect (callback) URLs for the identity providers.
String	clientName() The client name for the user pool client you would like to create.
String	defaultRedirectURI() The default redirect URI.
Boolean	enableTokenRevocation() Activates or deactivates token revocation.
boolean	equals(Object obj)
boolean	equalsBySdkFields(Object obj)
List<ExplicitAuthFlowsType>	explicitAuthFlows() The authentication flows that are supported by the user pool clients.
List<String>	explicitAuthFlowsAsStrings() The authentication flows that are supported by the user pool clients.
Boolean	generateSecret() Boolean to specify whether you want to generate a secret for the user pool client being created.
<T> Optional<T>	getValueForField(String fieldName, Class<T> clazz)
boolean	hasAllowedOAuthFlows() For responses, this returns true if the service returned a value for the AllowedOAuthFlows property.
boolean	hasAllowedOAuthScopes() For responses, this returns true if the service returned a value for the AllowedOAuthScopes property.
boolean	hasCallbackURLs() For responses, this returns true if the service returned a value for the CallbackURLs property.
boolean	hasExplicitAuthFlows() For responses, this returns true if the service returned a value for the ExplicitAuthFlows property.
int	hashCode()
boolean	hasLogoutURLs() For responses, this returns true if the service returned a value for the LogoutURLs property.
boolean	hasReadAttributes() For responses, this returns true if the service returned a value for the ReadAttributes property.
boolean	hasSupportedIdentityProviders() For responses, this returns true if the service returned a value for the SupportedIdentityProviders property.
boolean	hasWriteAttributes() For responses, this returns true if the service returned a value for the WriteAttributes property.
Integer	idTokenValidity() The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and can't be used.
List<String>	logoutURLs() A list of allowed logout URLs for the identity providers.
PreventUserExistenceErrorTypes	preventUserExistenceErrors() Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool.
String	preventUserExistenceErrorsAsString() Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool.
List<String>	readAttributes() The read attributes.
Integer	refreshTokenValidity() The time limit, in days, after which the refresh token is no longer valid and can't be used.
List<SdkField<?>>	sdkFields()
static Class<? extends CreateUserPoolClientRequest.Builder>	serializableBuilderClass()
List<String>	supportedIdentityProviders() A list of provider names for the identity providers that are supported on this client.
CreateUserPoolClientRequest.Builder	toBuilder()
TokenValidityUnitsType	tokenValidityUnits() The units in which the validity times are represented.
String	toString() Returns a string representation of this object.
String	userPoolId() The user pool ID for the user pool where you want to create a user pool client.
List<String>	writeAttributes() The user pool attributes that the app client can write to.

Methods inherited from class software.amazon.awssdk.awscore.AwsRequest

overrideConfiguration

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder

copy

Method Detail

userPoolId

public final String userPoolId()

The user pool ID for the user pool where you want to create a user pool client.

Returns:

The user pool ID for the user pool where you want to create a user pool client.

clientName

public final String clientName()

The client name for the user pool client you would like to create.

Returns:

The client name for the user pool client you would like to create.

generateSecret

public final Boolean generateSecret()

Boolean to specify whether you want to generate a secret for the user pool client being created.

Returns:

Boolean to specify whether you want to generate a secret for the user pool client being created.

refreshTokenValidity

public final Integer refreshTokenValidity()

The time limit, in days, after which the refresh token is no longer valid and can't be used.

Returns:

The time limit, in days, after which the refresh token is no longer valid and can't be used.

accessTokenValidity

public final Integer accessTokenValidity()

The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and can't be used. If you supply a TokenValidityUnits value, you will override the default time unit.

Returns:

The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and can't be used. If you supply a TokenValidityUnits value, you will override the default time unit.

idTokenValidity

public final Integer idTokenValidity()

The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and can't be used. If you supply a TokenValidityUnits value, you will override the default time unit.

Returns:

The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and can't be used. If you supply a TokenValidityUnits value, you will override the default time unit.

tokenValidityUnits

public final TokenValidityUnitsType tokenValidityUnits()

The units in which the validity times are represented. Default for RefreshToken is days, and default for ID and access tokens are hours.

Returns:

The units in which the validity times are represented. Default for RefreshToken is days, and default for ID and access tokens are hours.

hasReadAttributes

public final boolean hasReadAttributes()

For responses, this returns true if the service returned a value for the ReadAttributes property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

readAttributes

public final List<String> readAttributes()

The read attributes.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasReadAttributes() method.

Returns:

The read attributes.

hasWriteAttributes

public final boolean hasWriteAttributes()

For responses, this returns true if the service returned a value for the WriteAttributes property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

writeAttributes

public final List<String> writeAttributes()

The user pool attributes that the app client can write to.

If your app client allows users to sign in through an identity provider, this array must include all attributes that you have mapped to identity provider attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see Specifying Identity Provider Attribute Mappings for Your user pool.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasWriteAttributes() method.

Returns:

The user pool attributes that the app client can write to.

If your app client allows users to sign in through an identity provider, this array must include all attributes that you have mapped to identity provider attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see Specifying Identity Provider Attribute Mappings for Your user pool.

explicitAuthFlows

public final List<ExplicitAuthFlowsType> explicitAuthFlows()

The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported, in favor of new names with the ALLOW_ prefix.

Values with ALLOW_ prefix must be used only along with the ALLOW_ prefix.

Valid values include:

• ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to verify passwords.

• ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.

• ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.

• ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.

• ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasExplicitAuthFlows() method.

Returns:

The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported, in favor of new names with the ALLOW_ prefix.

Values with ALLOW_ prefix must be used only along with the ALLOW_ prefix.

Valid values include:

• ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to verify passwords.

• ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.

• ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.

• ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.

• ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.

hasExplicitAuthFlows

public final boolean hasExplicitAuthFlows()

For responses, this returns true if the service returned a value for the ExplicitAuthFlows property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

explicitAuthFlowsAsStrings

public final List<String> explicitAuthFlowsAsStrings()

The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported, in favor of new names with the ALLOW_ prefix.

Values with ALLOW_ prefix must be used only along with the ALLOW_ prefix.

Valid values include:

• ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to verify passwords.

• ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.

• ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.

• ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.

• ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasExplicitAuthFlows() method.

Returns:

The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported, in favor of new names with the ALLOW_ prefix.

Values with ALLOW_ prefix must be used only along with the ALLOW_ prefix.

Valid values include:

• ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to verify passwords.

• ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.

• ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.

• ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.

• ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.

hasSupportedIdentityProviders

public final boolean hasSupportedIdentityProviders()

For responses, this returns true if the service returned a value for the SupportedIdentityProviders property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

supportedIdentityProviders

public final List<String> supportedIdentityProviders()

A list of provider names for the identity providers that are supported on this client. The following are supported: COGNITO, Facebook, Google and LoginWithAmazon.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasSupportedIdentityProviders() method.

Returns:

A list of provider names for the identity providers that are supported on this client. The following are supported: COGNITO, Facebook, Google and LoginWithAmazon.

hasCallbackURLs

public final boolean hasCallbackURLs()

For responses, this returns true if the service returned a value for the CallbackURLs property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

callbackURLs

public final List<String> callbackURLs()

A list of allowed redirect (callback) URLs for the identity providers.

A redirect URI must:

• Be an absolute URI.

• Be registered with the authorization server.

• Not include a fragment component.

See OAuth 2.0 - Redirection Endpoint.

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.

App callback URLs such as myapp://example are also supported.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasCallbackURLs() method.

Returns:

A list of allowed redirect (callback) URLs for the identity providers.

A redirect URI must:

• Be an absolute URI.

• Be registered with the authorization server.

• Not include a fragment component.

See OAuth 2.0 - Redirection Endpoint.

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.

App callback URLs such as myapp://example are also supported.

hasLogoutURLs

public final boolean hasLogoutURLs()

For responses, this returns true if the service returned a value for the LogoutURLs property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

logoutURLs

public final List<String> logoutURLs()

A list of allowed logout URLs for the identity providers.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasLogoutURLs() method.

Returns:

A list of allowed logout URLs for the identity providers.

defaultRedirectURI

public final String defaultRedirectURI()

The default redirect URI. Must be in the CallbackURLs list.

A redirect URI must:

• Be an absolute URI.

• Be registered with the authorization server.

• Not include a fragment component.

See OAuth 2.0 - Redirection Endpoint.

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.

App callback URLs such as myapp://example are also supported.

Returns:

The default redirect URI. Must be in the CallbackURLs list.

A redirect URI must:

• Be an absolute URI.

• Be registered with the authorization server.

• Not include a fragment component.

See OAuth 2.0 - Redirection Endpoint.

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.

App callback URLs such as myapp://example are also supported.

allowedOAuthFlows

public final List<OAuthFlowType> allowedOAuthFlows()

The allowed OAuth flows.

Set to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.

Set to implicit to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.

Set to client_credentials to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a combination of client and client_secret.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasAllowedOAuthFlows() method.

Returns:

The allowed OAuth flows.

Set to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.

Set to implicit to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.

Set to client_credentials to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a combination of client and client_secret.

hasAllowedOAuthFlows

public final boolean hasAllowedOAuthFlows()

For responses, this returns true if the service returned a value for the AllowedOAuthFlows property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

allowedOAuthFlowsAsStrings

public final List<String> allowedOAuthFlowsAsStrings()

The allowed OAuth flows.

Set to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.

Set to implicit to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.

Set to client_credentials to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a combination of client and client_secret.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasAllowedOAuthFlows() method.

Returns:

The allowed OAuth flows.

Set to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.

Set to implicit to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.

Set to client_credentials to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a combination of client and client_secret.

hasAllowedOAuthScopes

public final boolean hasAllowedOAuthScopes()

For responses, this returns true if the service returned a value for the AllowedOAuthScopes property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

allowedOAuthScopes

public final List<String> allowedOAuthScopes()

The allowed OAuth scopes. Possible values provided by OAuth are: phone, email, openid, and profile. Possible values provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasAllowedOAuthScopes() method.

Returns:

The allowed OAuth scopes. Possible values provided by OAuth are: phone, email, openid, and profile. Possible values provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.

allowedOAuthFlowsUserPoolClient

public final Boolean allowedOAuthFlowsUserPoolClient()

Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.

Returns:

Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.

analyticsConfiguration

public final AnalyticsConfigurationType analyticsConfiguration()

The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.

In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only support sending events to Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where Amazon Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same Region.

Returns:

The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.

In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only support sending events to Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where Amazon Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same Region.

preventUserExistenceErrors

public final PreventUserExistenceErrorTypes preventUserExistenceErrors()

Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to ENABLED and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs return a UserNotFoundException exception if the user doesn't exist in the user pool.

Valid values include:

• ENABLED - This prevents user existence-related errors.

• LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.

If the service returns an enum value that is not available in the current SDK version, preventUserExistenceErrors will return PreventUserExistenceErrorTypes.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from preventUserExistenceErrorsAsString().

Returns:

Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to ENABLED and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs return a UserNotFoundException exception if the user doesn't exist in the user pool.

Valid values include:

• ENABLED - This prevents user existence-related errors.

• LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.

See Also:

PreventUserExistenceErrorTypes

preventUserExistenceErrorsAsString

public final String preventUserExistenceErrorsAsString()

Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to ENABLED and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs return a UserNotFoundException exception if the user doesn't exist in the user pool.

Valid values include:

• ENABLED - This prevents user existence-related errors.

• LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.

If the service returns an enum value that is not available in the current SDK version, preventUserExistenceErrors will return PreventUserExistenceErrorTypes.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from preventUserExistenceErrorsAsString().

Returns:

Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to ENABLED and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs return a UserNotFoundException exception if the user doesn't exist in the user pool.

Valid values include:

• ENABLED - This prevents user existence-related errors.

• LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.

See Also:

PreventUserExistenceErrorTypes

enableTokenRevocation

public final Boolean enableTokenRevocation()

Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken.

If you don't include this parameter, token revocation is automatically activated for the new user pool client.

Returns:

Activates or deactivates token revocation. For more information about revoking tokens, see RevokeToken.

If you don't include this parameter, token revocation is automatically activated for the new user pool client.

toBuilder

public CreateUserPoolClientRequest.Builder toBuilder()

Specified by:

toBuilder in interface ToCopyableBuilder<CreateUserPoolClientRequest.Builder,CreateUserPoolClientRequest>

Specified by:

toBuilder in class CognitoIdentityProviderRequest

builder

public static CreateUserPoolClientRequest.Builder builder()

serializableBuilderClass

public static Class<? extends CreateUserPoolClientRequest.Builder> serializableBuilderClass()

hashCode

public final int hashCode()

Overrides:

hashCode in class AwsRequest

equals

public final boolean equals(Object obj)

Overrides:

equals in class AwsRequest

equalsBySdkFields

public final boolean equalsBySdkFields(Object obj)

Specified by:

equalsBySdkFields in interface SdkPojo

toString

public final String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

getValueForField

public final <T> Optional<T> getValueForField(String fieldName,
                                              Class<T> clazz)

Overrides:

getValueForField in class SdkRequest

sdkFields

public final List<SdkField<?>> sdkFields()

Specified by:

sdkFields in interface SdkPojo