AdminGetUser
Gets the specified user by user name in a user pool as an administrator. Works on any user.
Calling this action requires developer credentials.
Request Syntax
{
"Username": "string",
"UserPoolId": "string"
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- Username
-
The user name of the user you want to retrieve.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[\p{L}\p{M}\p{S}\p{N}\p{P}]+Required: Yes
- UserPoolId
-
The user pool ID for the user pool where you want to get information about the user.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern:
[\w-]+_[0-9a-zA-Z]+Required: Yes
Response Syntax
{
"Enabled": boolean,
"MFAOptions": [
{
"AttributeName": "string",
"DeliveryMedium": "string"
}
],
"PreferredMfaSetting": "string",
"UserAttributes": [
{
"Name": "string",
"Value": "string"
}
],
"UserCreateDate": number,
"UserLastModifiedDate": number,
"UserMFASettingList": [ "string" ],
"Username": "string",
"UserStatus": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- Enabled
-
Indicates that the status is
enabled.Type: Boolean
- MFAOptions
-
This response parameter is no longer supported. It provides information only about SMS MFA configurations. It doesn't provide information about time-based one-time password (TOTP) software token MFA configurations. To look up information about either type of MFA configuration, use UserMFASettingList instead.
Type: Array of MFAOptionType objects
- PreferredMfaSetting
-
The user's preferred MFA setting.
Type: String
- UserAttributes
-
An array of name-value pairs representing user attributes.
Type: Array of AttributeType objects
- UserCreateDate
-
The date the user was created.
Type: Timestamp
- UserLastModifiedDate
-
The date the user was last modified.
Type: Timestamp
- UserMFASettingList
-
The MFA options that are activated for the user. The possible values in this list are
SMS_MFAandSOFTWARE_TOKEN_MFA.Type: Array of strings
- Username
-
The user name of the user about whom you're receiving information.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[\p{L}\p{M}\p{S}\p{N}\p{P}]+ - UserStatus
-
The user status. Can be one of the following:
-
UNCONFIRMED - User has been created but not confirmed.
-
CONFIRMED - User has been confirmed.
-
ARCHIVED - User is no longer active.
-
UNKNOWN - User status isn't known.
-
RESET_REQUIRED - User is confirmed, but the user must request a code and reset their password before they can sign in.
-
FORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign in using a temporary password, but on first sign-in, the user must change their password to a new value before doing anything else.
Type: String
Valid Values:
UNCONFIRMED | CONFIRMED | ARCHIVED | COMPROMISED | UNKNOWN | RESET_REQUIRED | FORCE_CHANGE_PASSWORD -
Errors
For information about the errors that are common to all actions, see Common Errors.
- InternalErrorException
-
This exception is thrown when Amazon Cognito encounters an internal error.
HTTP Status Code: 500
- InvalidParameterException
-
This exception is thrown when the Amazon Cognito service encounters an invalid parameter.
HTTP Status Code: 400
- NotAuthorizedException
-
This exception is thrown when a user isn't authorized.
HTTP Status Code: 400
- ResourceNotFoundException
-
This exception is thrown when the Amazon Cognito service can't find the requested resource.
HTTP Status Code: 400
- TooManyRequestsException
-
This exception is thrown when the user has made too many requests for a given operation.
HTTP Status Code: 400
- UserNotFoundException
-
This exception is thrown when a user isn't found.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
