AuthFlow

class aws_cdk.aws_cognito.AuthFlow(*, admin_user_password=None, custom=None, user=None, user_password=None, user_srp=None)

Bases: object

Types of authentication flow.

Parameters:

  • admin_user_password (Optional[bool]) – Enable admin based user password authentication flow. Default: false

  • custom (Optional[bool]) – Enable custom authentication flow. Default: false

  • user (Optional[bool]) – Enable Choice-based authentication. Default: false

  • user_password (Optional[bool]) – Enable auth using username & password. Default: false

  • user_srp (Optional[bool]) – Enable SRP based authentication. Default: false

See:

https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow.html

ExampleMetadata:

infused

Example:

user_pool = cognito.UserPool(self, "myuserpool",
    sign_in_policy=cognito.SignInPolicy(
        allowed_first_auth_factors=cognito.AllowedFirstAuthFactors(
            password=True,  # password authentication must be enabled
            email_otp=True,  # enables email message one-time password
            sms_otp=True,  # enables SMS message one-time password
            passkey=True
        )
    )
)

# You should also configure the user pool client with USER_AUTH authentication flow allowed
user_pool.add_client("myclient",
    auth_flows=cognito.AuthFlow(user=True)
)

Attributes

admin_user_password

Enable admin based user password authentication flow.

Default:

false

custom

Enable custom authentication flow.

Default:

false

user

Enable Choice-based authentication.

Default:

false

user_password

Enable auth using username & password.

Default:

false

user_srp

Enable SRP based authentication.

Default:

false