Menu
Amazon Cognito Identity Provider
API Reference (API Version 2016-04-18)

UpdateUserPoolClient

Allows the developer to update the specified user pool client and password policy.

Request Syntax

{
   "AllowedOAuthFlows": [ "string" ],
   "AllowedOAuthFlowsUserPoolClient": boolean,
   "AllowedOAuthScopes": [ "string" ],
   "AnalyticsConfiguration": { 
      "ApplicationId": "string",
      "ExternalId": "string",
      "RoleArn": "string",
      "UserDataShared": boolean
   },
   "CallbackURLs": [ "string" ],
   "ClientId": "string",
   "ClientName": "string",
   "DefaultRedirectURI": "string",
   "ExplicitAuthFlows": [ "string" ],
   "LogoutURLs": [ "string" ],
   "ReadAttributes": [ "string" ],
   "RefreshTokenValidity": number,
   "SupportedIdentityProviders": [ "string" ],
   "UserPoolId": "string",
   "WriteAttributes": [ "string" ]
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

AllowedOAuthFlows

Set to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.

Set to token to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 3 items.

Valid Values: code | implicit | client_credentials

Required: No

AllowedOAuthFlowsUserPoolClient

Set to TRUE if the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.

Type: Boolean

Required: No

AllowedOAuthScopes

A list of allowed OAuth scopes. Currently supported values are "phone", "email", "openid", and "Cognito".

Type: Array of strings

Array Members: Maximum number of 25 items.

Length Constraints: Minimum length of 1. Maximum length of 256.

Pattern: [\x21\x23-\x5B\x5D-\x7E]+

Required: No

AnalyticsConfiguration

The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.

Type: AnalyticsConfigurationType object

Required: No

CallbackURLs

A list of allowed callback URLs for the identity providers.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 100 items.

Length Constraints: Minimum length of 1. Maximum length of 1024.

Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+

Required: No

ClientId

The ID of the client associated with the user pool.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w+]+

Required: Yes

ClientName

The client name from the update user pool client request.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w\s+=,.@-]+

Required: No

DefaultRedirectURI

The default redirect URI. Must be in the CallbackURLs list.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+

Required: No

ExplicitAuthFlows

Explicit authentication flows.

Type: Array of strings

Valid Values: ADMIN_NO_SRP_AUTH | CUSTOM_AUTH_FLOW_ONLY

Required: No

LogoutURLs

A list of allowed logout URLs for the identity providers.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 100 items.

Length Constraints: Minimum length of 1. Maximum length of 1024.

Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+

Required: No

ReadAttributes

The read-only attributes of the user pool.

Type: Array of strings

Length Constraints: Minimum length of 1. Maximum length of 2048.

Required: No

RefreshTokenValidity

The time limit, in days, after which the refresh token is no longer valid and cannot be used.

Type: Integer

Valid Range: Minimum value of 0. Maximum value of 3650.

Required: No

SupportedIdentityProviders

A list of provider names for the identity providers that are supported on this client.

Type: Array of strings

Length Constraints: Minimum length of 1. Maximum length of 32.

Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+

Required: No

UserPoolId

The user pool ID for the user pool where you want to update the user pool client.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 55.

Pattern: [\w-]+_[0-9a-zA-Z]+

Required: Yes

WriteAttributes

The writeable attributes of the user pool.

Type: Array of strings

Length Constraints: Minimum length of 1. Maximum length of 2048.

Required: No

Response Syntax

{
   "UserPoolClient": { 
      "AllowedOAuthFlows": [ "string" ],
      "AllowedOAuthFlowsUserPoolClient": boolean,
      "AllowedOAuthScopes": [ "string" ],
      "AnalyticsConfiguration": { 
         "ApplicationId": "string",
         "ExternalId": "string",
         "RoleArn": "string",
         "UserDataShared": boolean
      },
      "CallbackURLs": [ "string" ],
      "ClientId": "string",
      "ClientName": "string",
      "ClientSecret": "string",
      "CreationDate": number,
      "DefaultRedirectURI": "string",
      "ExplicitAuthFlows": [ "string" ],
      "LastModifiedDate": number,
      "LogoutURLs": [ "string" ],
      "ReadAttributes": [ "string" ],
      "RefreshTokenValidity": number,
      "SupportedIdentityProviders": [ "string" ],
      "UserPoolId": "string",
      "WriteAttributes": [ "string" ]
   }
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

UserPoolClient

The user pool client value from the response from the server when an update user pool client request is made.

Type: UserPoolClientType object

Errors

For information about the errors that are common to all actions, see Common Errors.

ConcurrentModificationException

This exception is thrown if two or more modifications are happening concurrently.

HTTP Status Code: 400

InternalErrorException

This exception is thrown when Amazon Cognito encounters an internal error.

HTTP Status Code: 500

InvalidOAuthFlowException

This exception is thrown when the specified OAuth flow is invalid.

HTTP Status Code: 400

InvalidParameterException

This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

HTTP Status Code: 400

NotAuthorizedException

This exception is thrown when a user is not authorized.

HTTP Status Code: 400

ResourceNotFoundException

This exception is thrown when the Amazon Cognito service cannot find the requested resource.

HTTP Status Code: 400

ScopeDoesNotExistException

This exception is thrown when the specified scope does not exist.

HTTP Status Code: 400

TooManyRequestsException

This exception is thrown when the user has made too many requests for a given operation.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: