@ThreadSafe @Generated(value="com.amazonaws:aws-java-sdk-code-generator") public class AWSCognitoIdentityProviderAsyncClient extends AWSCognitoIdentityProviderClient implements AWSCognitoIdentityProviderAsync
AsyncHandler
can be used to
receive notification when an asynchronous operation completes.
With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To authenticate users from third-party identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the authentication and authorization of federated users at Adding user pool sign-in through a third party and in the User pool federation endpoints and hosted UI reference.
This API reference provides detailed information about API operations and object types in Amazon Cognito.
Along with resource management operations, the Amazon Cognito user pools API includes classes of operations and authorization models for client-side and server-side authentication of users. You can interact with operations in the Amazon Cognito user pools API as any of the following subjects.
An administrator who wants to configure user pools, app clients, users, groups, or other user pool functions.
A server-side app, like a web application, that wants to use its Amazon Web Services privileges to manage, authenticate, or authorize a user.
A client-side app, like a mobile app, that wants to make unauthenticated requests to manage, authenticate, or authorize a user.
For more information, see Using the Amazon Cognito user pools API and user pool endpoints in the Amazon Cognito Developer Guide.
With your Amazon Web Services SDK, you can build the logic to support operational flows in every use case for this
API. You can also make direct REST API requests to Amazon Cognito user pools service endpoints. The following links can get you started with the
CognitoIdentityProvider
client in other supported Amazon Web Services SDKs.
To get started with an Amazon Web Services SDK, see Tools to Build on Amazon Web Services. For example actions and scenarios, see Code examples for Amazon Cognito Identity Provider using Amazon Web Services SDKs.
LOGGING_AWS_REQUEST_METRIC
ENDPOINT_PREFIX
addCustomAttributes, adminAddUserToGroup, adminConfirmSignUp, adminCreateUser, adminDeleteUser, adminDeleteUserAttributes, adminDisableProviderForUser, adminDisableUser, adminEnableUser, adminForgetDevice, adminGetDevice, adminGetUser, adminInitiateAuth, adminLinkProviderForUser, adminListDevices, adminListGroupsForUser, adminListUserAuthEvents, adminRemoveUserFromGroup, adminResetUserPassword, adminRespondToAuthChallenge, adminSetUserMFAPreference, adminSetUserPassword, adminSetUserSettings, adminUpdateAuthEventFeedback, adminUpdateDeviceStatus, adminUpdateUserAttributes, adminUserGlobalSignOut, associateSoftwareToken, builder, changePassword, confirmDevice, confirmForgotPassword, confirmSignUp, createGroup, createIdentityProvider, createResourceServer, createUserImportJob, createUserPool, createUserPoolClient, createUserPoolDomain, deleteGroup, deleteIdentityProvider, deleteResourceServer, deleteUser, deleteUserAttributes, deleteUserPool, deleteUserPoolClient, deleteUserPoolDomain, describeIdentityProvider, describeResourceServer, describeRiskConfiguration, describeUserImportJob, describeUserPool, describeUserPoolClient, describeUserPoolDomain, forgetDevice, forgotPassword, getCachedResponseMetadata, getCSVHeader, getDevice, getGroup, getIdentityProviderByIdentifier, getLogDeliveryConfiguration, getSigningCertificate, getUICustomization, getUser, getUserAttributeVerificationCode, getUserPoolMfaConfig, globalSignOut, initiateAuth, listDevices, listGroups, listIdentityProviders, listResourceServers, listTagsForResource, listUserImportJobs, listUserPoolClients, listUserPools, listUsers, listUsersInGroup, resendConfirmationCode, respondToAuthChallenge, revokeToken, setLogDeliveryConfiguration, setRiskConfiguration, setUICustomization, setUserMFAPreference, setUserPoolMfaConfig, setUserSettings, signUp, startUserImportJob, stopUserImportJob, tagResource, untagResource, updateAuthEventFeedback, updateDeviceStatus, updateGroup, updateIdentityProvider, updateResourceServer, updateUserAttributes, updateUserPool, updateUserPoolClient, updateUserPoolDomain, verifySoftwareToken, verifyUserAttribute
addRequestHandler, addRequestHandler, configureRegion, getClientConfiguration, getEndpointPrefix, getMonitoringListeners, getRequestMetricsCollector, getServiceName, getSignerByURI, getSignerOverride, getSignerRegionOverride, getTimeOffset, makeImmutable, removeRequestHandler, removeRequestHandler, setEndpoint, setEndpoint, setRegion, setServiceNameIntern, setSignerRegionOverride, setTimeOffset, withEndpoint, withRegion, withRegion, withTimeOffset
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
addCustomAttributes, adminAddUserToGroup, adminConfirmSignUp, adminCreateUser, adminDeleteUser, adminDeleteUserAttributes, adminDisableProviderForUser, adminDisableUser, adminEnableUser, adminForgetDevice, adminGetDevice, adminGetUser, adminInitiateAuth, adminLinkProviderForUser, adminListDevices, adminListGroupsForUser, adminListUserAuthEvents, adminRemoveUserFromGroup, adminResetUserPassword, adminRespondToAuthChallenge, adminSetUserMFAPreference, adminSetUserPassword, adminSetUserSettings, adminUpdateAuthEventFeedback, adminUpdateDeviceStatus, adminUpdateUserAttributes, adminUserGlobalSignOut, associateSoftwareToken, changePassword, confirmDevice, confirmForgotPassword, confirmSignUp, createGroup, createIdentityProvider, createResourceServer, createUserImportJob, createUserPool, createUserPoolClient, createUserPoolDomain, deleteGroup, deleteIdentityProvider, deleteResourceServer, deleteUser, deleteUserAttributes, deleteUserPool, deleteUserPoolClient, deleteUserPoolDomain, describeIdentityProvider, describeResourceServer, describeRiskConfiguration, describeUserImportJob, describeUserPool, describeUserPoolClient, describeUserPoolDomain, forgetDevice, forgotPassword, getCachedResponseMetadata, getCSVHeader, getDevice, getGroup, getIdentityProviderByIdentifier, getLogDeliveryConfiguration, getSigningCertificate, getUICustomization, getUser, getUserAttributeVerificationCode, getUserPoolMfaConfig, globalSignOut, initiateAuth, listDevices, listGroups, listIdentityProviders, listResourceServers, listTagsForResource, listUserImportJobs, listUserPoolClients, listUserPools, listUsers, listUsersInGroup, resendConfirmationCode, respondToAuthChallenge, revokeToken, setEndpoint, setLogDeliveryConfiguration, setRegion, setRiskConfiguration, setUICustomization, setUserMFAPreference, setUserPoolMfaConfig, setUserSettings, signUp, startUserImportJob, stopUserImportJob, tagResource, untagResource, updateAuthEventFeedback, updateDeviceStatus, updateGroup, updateIdentityProvider, updateResourceServer, updateUserAttributes, updateUserPool, updateUserPoolClient, updateUserPoolDomain, verifySoftwareToken, verifyUserAttribute
@Deprecated public AWSCognitoIdentityProviderAsyncClient()
AWSCognitoIdentityProviderAsyncClientBuilder.defaultClient()
Asynchronous methods are delegated to a fixed-size thread pool containing 50 threads (to match the default maximum number of concurrent connections to the service).
@Deprecated public AWSCognitoIdentityProviderAsyncClient(ClientConfiguration clientConfiguration)
AwsClientBuilder.withClientConfiguration(ClientConfiguration)
Asynchronous methods are delegated to a fixed-size thread pool containing a number of threads equal to the
maximum number of concurrent connections configured via ClientConfiguration.getMaxConnections()
.
clientConfiguration
- The client configuration options controlling how this client connects to Amazon Cognito Identity Provider
(ex: proxy settings, retry counts, etc).DefaultAWSCredentialsProviderChain
,
Executors.newFixedThreadPool(int)
@Deprecated public AWSCognitoIdentityProviderAsyncClient(AWSCredentials awsCredentials)
AwsClientBuilder.withCredentials(AWSCredentialsProvider)
Asynchronous methods are delegated to a fixed-size thread pool containing 50 threads (to match the default maximum number of concurrent connections to the service).
awsCredentials
- The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.Executors.newFixedThreadPool(int)
@Deprecated public AWSCognitoIdentityProviderAsyncClient(AWSCredentials awsCredentials, ExecutorService executorService)
AwsClientBuilder.withCredentials(AWSCredentialsProvider)
and
AwsAsyncClientBuilder.withExecutorFactory(com.amazonaws.client.builder.ExecutorFactory)
awsCredentials
- The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.executorService
- The executor service by which all asynchronous requests will be executed.@Deprecated public AWSCognitoIdentityProviderAsyncClient(AWSCredentials awsCredentials, ClientConfiguration clientConfiguration, ExecutorService executorService)
AwsClientBuilder.withCredentials(AWSCredentialsProvider)
and
AwsClientBuilder.withClientConfiguration(ClientConfiguration)
and
AwsAsyncClientBuilder.withExecutorFactory(com.amazonaws.client.builder.ExecutorFactory)
awsCredentials
- The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.clientConfiguration
- Client configuration options (ex: max retry limit, proxy settings, etc).executorService
- The executor service by which all asynchronous requests will be executed.@Deprecated public AWSCognitoIdentityProviderAsyncClient(AWSCredentialsProvider awsCredentialsProvider)
AwsClientBuilder.withCredentials(AWSCredentialsProvider)
Asynchronous methods are delegated to a fixed-size thread pool containing 50 threads (to match the default maximum number of concurrent connections to the service).
awsCredentialsProvider
- The AWS credentials provider which will provide credentials to authenticate requests with AWS services.Executors.newFixedThreadPool(int)
@Deprecated public AWSCognitoIdentityProviderAsyncClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration)
AwsClientBuilder.withCredentials(AWSCredentialsProvider)
and
AwsClientBuilder.withClientConfiguration(ClientConfiguration)
Asynchronous methods are delegated to a fixed-size thread pool containing a number of threads equal to the
maximum number of concurrent connections configured via ClientConfiguration.getMaxConnections()
.
awsCredentialsProvider
- The AWS credentials provider which will provide credentials to authenticate requests with AWS services.clientConfiguration
- Client configuration options (ex: max retry limit, proxy settings, etc).DefaultAWSCredentialsProviderChain
,
Executors.newFixedThreadPool(int)
@Deprecated public AWSCognitoIdentityProviderAsyncClient(AWSCredentialsProvider awsCredentialsProvider, ExecutorService executorService)
AwsClientBuilder.withCredentials(AWSCredentialsProvider)
and
AwsAsyncClientBuilder.withExecutorFactory(com.amazonaws.client.builder.ExecutorFactory)
awsCredentialsProvider
- The AWS credentials provider which will provide credentials to authenticate requests with AWS services.executorService
- The executor service by which all asynchronous requests will be executed.@Deprecated public AWSCognitoIdentityProviderAsyncClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration, ExecutorService executorService)
AwsClientBuilder.withCredentials(AWSCredentialsProvider)
and
AwsClientBuilder.withClientConfiguration(ClientConfiguration)
and
AwsAsyncClientBuilder.withExecutorFactory(com.amazonaws.client.builder.ExecutorFactory)
awsCredentialsProvider
- The AWS credentials provider which will provide credentials to authenticate requests with AWS services.clientConfiguration
- Client configuration options (ex: max retry limit, proxy settings, etc).executorService
- The executor service by which all asynchronous requests will be executed.public static AWSCognitoIdentityProviderAsyncClientBuilder asyncBuilder()
public ExecutorService getExecutorService()
public Future<AddCustomAttributesResult> addCustomAttributesAsync(AddCustomAttributesRequest request)
AWSCognitoIdentityProviderAsync
Adds additional user attributes to the user pool schema.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
addCustomAttributesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to add custom attributes.public Future<AddCustomAttributesResult> addCustomAttributesAsync(AddCustomAttributesRequest request, AsyncHandler<AddCustomAttributesRequest,AddCustomAttributesResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Adds additional user attributes to the user pool schema.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
addCustomAttributesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to add custom attributes.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminAddUserToGroupResult> adminAddUserToGroupAsync(AdminAddUserToGroupRequest request)
AWSCognitoIdentityProviderAsync
Adds a user to a group. A user who is in a group can present a preferred-role claim to an identity pool, and
populates a cognito:groups
claim to their access and identity tokens.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminAddUserToGroupAsync
in interface AWSCognitoIdentityProviderAsync
public Future<AdminAddUserToGroupResult> adminAddUserToGroupAsync(AdminAddUserToGroupRequest request, AsyncHandler<AdminAddUserToGroupRequest,AdminAddUserToGroupResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Adds a user to a group. A user who is in a group can present a preferred-role claim to an identity pool, and
populates a cognito:groups
claim to their access and identity tokens.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminAddUserToGroupAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminConfirmSignUpResult> adminConfirmSignUpAsync(AdminConfirmSignUpRequest request)
AWSCognitoIdentityProviderAsync
This IAM-authenticated API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.
Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users confirm their accounts when they respond to their invitation email message and choose a password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminConfirmSignUpAsync
in interface AWSCognitoIdentityProviderAsync
request
- Confirm a user's registration as a user pool administrator.public Future<AdminConfirmSignUpResult> adminConfirmSignUpAsync(AdminConfirmSignUpRequest request, AsyncHandler<AdminConfirmSignUpRequest,AdminConfirmSignUpResult> asyncHandler)
AWSCognitoIdentityProviderAsync
This IAM-authenticated API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.
Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users confirm their accounts when they respond to their invitation email message and choose a password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminConfirmSignUpAsync
in interface AWSCognitoIdentityProviderAsync
request
- Confirm a user's registration as a user pool administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminCreateUserResult> adminCreateUserAsync(AdminCreateUserRequest request)
AWSCognitoIdentityProviderAsync
Creates a new user in the specified user pool.
If MessageAction
isn't set, the default is to send a welcome message via email or phone (SMS).
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.
Alternatively, you can call AdminCreateUser
with SUPPRESS
for the
MessageAction
parameter, and Amazon Cognito won't send any email.
In either case, the user will be in the FORCE_CHANGE_PASSWORD
state until they sign in and change
their password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminCreateUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to create a user in the specified user pool.public Future<AdminCreateUserResult> adminCreateUserAsync(AdminCreateUserRequest request, AsyncHandler<AdminCreateUserRequest,AdminCreateUserResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Creates a new user in the specified user pool.
If MessageAction
isn't set, the default is to send a welcome message via email or phone (SMS).
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.
Alternatively, you can call AdminCreateUser
with SUPPRESS
for the
MessageAction
parameter, and Amazon Cognito won't send any email.
In either case, the user will be in the FORCE_CHANGE_PASSWORD
state until they sign in and change
their password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminCreateUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to create a user in the specified user pool.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminDeleteUserResult> adminDeleteUserAsync(AdminDeleteUserRequest request)
AWSCognitoIdentityProviderAsync
Deletes a user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminDeleteUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete a user as an administrator.public Future<AdminDeleteUserResult> adminDeleteUserAsync(AdminDeleteUserRequest request, AsyncHandler<AdminDeleteUserRequest,AdminDeleteUserResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Deletes a user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminDeleteUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete a user as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminDeleteUserAttributesResult> adminDeleteUserAttributesAsync(AdminDeleteUserAttributesRequest request)
AWSCognitoIdentityProviderAsync
Deletes the user attributes in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminDeleteUserAttributesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete user attributes as an administrator.public Future<AdminDeleteUserAttributesResult> adminDeleteUserAttributesAsync(AdminDeleteUserAttributesRequest request, AsyncHandler<AdminDeleteUserAttributesRequest,AdminDeleteUserAttributesResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Deletes the user attributes in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminDeleteUserAttributesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete user attributes as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminDisableProviderForUserResult> adminDisableProviderForUserAsync(AdminDisableProviderForUserRequest request)
AWSCognitoIdentityProviderAsync
Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the
user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can't use
their password to sign in. If the user to deactivate is a linked external IdP user, any link between that user
and an existing user is removed. When the external user signs in again, and the user is no longer attached to the
previously linked DestinationUser
, the user must create a new user account. See AdminLinkProviderForUser.
The ProviderName
must match the value specified when creating an IdP for the pool.
To deactivate a native username + password user, the ProviderName
value must be Cognito
and the ProviderAttributeName
must be Cognito_Subject
. The
ProviderAttributeValue
must be the name that is used in the user pool for the user.
The ProviderAttributeName
must always be Cognito_Subject
for social IdPs. The
ProviderAttributeValue
must always be the exact subject that was used when the user was originally
linked as a source user.
For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in,
the ProviderAttributeName
and ProviderAttributeValue
must be the same values that were
used for the SourceUser
when the identities were originally linked using
AdminLinkProviderForUser
call. (If the linking was done with ProviderAttributeName
set
to Cognito_Subject
, the same applies here). However, if the user has already signed in, the
ProviderAttributeName
must be Cognito_Subject
and ProviderAttributeValue
must be the subject of the SAML assertion.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminDisableProviderForUserAsync
in interface AWSCognitoIdentityProviderAsync
public Future<AdminDisableProviderForUserResult> adminDisableProviderForUserAsync(AdminDisableProviderForUserRequest request, AsyncHandler<AdminDisableProviderForUserRequest,AdminDisableProviderForUserResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the
user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can't use
their password to sign in. If the user to deactivate is a linked external IdP user, any link between that user
and an existing user is removed. When the external user signs in again, and the user is no longer attached to the
previously linked DestinationUser
, the user must create a new user account. See AdminLinkProviderForUser.
The ProviderName
must match the value specified when creating an IdP for the pool.
To deactivate a native username + password user, the ProviderName
value must be Cognito
and the ProviderAttributeName
must be Cognito_Subject
. The
ProviderAttributeValue
must be the name that is used in the user pool for the user.
The ProviderAttributeName
must always be Cognito_Subject
for social IdPs. The
ProviderAttributeValue
must always be the exact subject that was used when the user was originally
linked as a source user.
For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in,
the ProviderAttributeName
and ProviderAttributeValue
must be the same values that were
used for the SourceUser
when the identities were originally linked using
AdminLinkProviderForUser
call. (If the linking was done with ProviderAttributeName
set
to Cognito_Subject
, the same applies here). However, if the user has already signed in, the
ProviderAttributeName
must be Cognito_Subject
and ProviderAttributeValue
must be the subject of the SAML assertion.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminDisableProviderForUserAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminDisableUserResult> adminDisableUserAsync(AdminDisableUserRequest request)
AWSCognitoIdentityProviderAsync
Deactivates a user and revokes all access tokens for the user. A deactivated user can't sign in, but still
appears in the responses to GetUser
and ListUsers
API requests.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminDisableUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to disable the user as an administrator.public Future<AdminDisableUserResult> adminDisableUserAsync(AdminDisableUserRequest request, AsyncHandler<AdminDisableUserRequest,AdminDisableUserResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Deactivates a user and revokes all access tokens for the user. A deactivated user can't sign in, but still
appears in the responses to GetUser
and ListUsers
API requests.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminDisableUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to disable the user as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminEnableUserResult> adminEnableUserAsync(AdminEnableUserRequest request)
AWSCognitoIdentityProviderAsync
Enables the specified user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminEnableUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request that enables the user as an administrator.public Future<AdminEnableUserResult> adminEnableUserAsync(AdminEnableUserRequest request, AsyncHandler<AdminEnableUserRequest,AdminEnableUserResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Enables the specified user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminEnableUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request that enables the user as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminForgetDeviceResult> adminForgetDeviceAsync(AdminForgetDeviceRequest request)
AWSCognitoIdentityProviderAsync
Forgets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminForgetDeviceAsync
in interface AWSCognitoIdentityProviderAsync
request
- Sends the forgot device request, as an administrator.public Future<AdminForgetDeviceResult> adminForgetDeviceAsync(AdminForgetDeviceRequest request, AsyncHandler<AdminForgetDeviceRequest,AdminForgetDeviceResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Forgets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminForgetDeviceAsync
in interface AWSCognitoIdentityProviderAsync
request
- Sends the forgot device request, as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminGetDeviceResult> adminGetDeviceAsync(AdminGetDeviceRequest request)
AWSCognitoIdentityProviderAsync
Gets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminGetDeviceAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get the device, as an administrator.public Future<AdminGetDeviceResult> adminGetDeviceAsync(AdminGetDeviceRequest request, AsyncHandler<AdminGetDeviceRequest,AdminGetDeviceResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminGetDeviceAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get the device, as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminGetUserResult> adminGetUserAsync(AdminGetUserRequest request)
AWSCognitoIdentityProviderAsync
Gets the specified user by user name in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminGetUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get the specified user as an administrator.public Future<AdminGetUserResult> adminGetUserAsync(AdminGetUserRequest request, AsyncHandler<AdminGetUserRequest,AdminGetUserResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets the specified user by user name in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminGetUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get the specified user as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminInitiateAuthResult> adminInitiateAuthAsync(AdminInitiateAuthRequest request)
AWSCognitoIdentityProviderAsync
Initiates the authentication flow, as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminInitiateAuthAsync
in interface AWSCognitoIdentityProviderAsync
request
- Initiates the authorization request, as an administrator.public Future<AdminInitiateAuthResult> adminInitiateAuthAsync(AdminInitiateAuthRequest request, AsyncHandler<AdminInitiateAuthRequest,AdminInitiateAuthResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Initiates the authentication flow, as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminInitiateAuthAsync
in interface AWSCognitoIdentityProviderAsync
request
- Initiates the authorization request, as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminLinkProviderForUserResult> adminLinkProviderForUserAsync(AdminLinkProviderForUserRequest request)
AWSCognitoIdentityProviderAsync
Links an existing user account in a user pool (DestinationUser
) to an identity from an external IdP
(SourceUser
) based on a specified attribute name and value from the external IdP. This allows you to
create a link from the existing user account to an external federated user identity that has not yet been used to
sign in. You can then use the federated user identity to sign in as the existing user account.
For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account.
The maximum number of federated identities linked to a user is five.
Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminLinkProviderForUserAsync
in interface AWSCognitoIdentityProviderAsync
public Future<AdminLinkProviderForUserResult> adminLinkProviderForUserAsync(AdminLinkProviderForUserRequest request, AsyncHandler<AdminLinkProviderForUserRequest,AdminLinkProviderForUserResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Links an existing user account in a user pool (DestinationUser
) to an identity from an external IdP
(SourceUser
) based on a specified attribute name and value from the external IdP. This allows you to
create a link from the existing user account to an external federated user identity that has not yet been used to
sign in. You can then use the federated user identity to sign in as the existing user account.
For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account.
The maximum number of federated identities linked to a user is five.
Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminLinkProviderForUserAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminListDevicesResult> adminListDevicesAsync(AdminListDevicesRequest request)
AWSCognitoIdentityProviderAsync
Lists devices, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminListDevicesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list devices, as an administrator.public Future<AdminListDevicesResult> adminListDevicesAsync(AdminListDevicesRequest request, AsyncHandler<AdminListDevicesRequest,AdminListDevicesResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists devices, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminListDevicesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list devices, as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminListGroupsForUserResult> adminListGroupsForUserAsync(AdminListGroupsForUserRequest request)
AWSCognitoIdentityProviderAsync
Lists the groups that a user belongs to.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminListGroupsForUserAsync
in interface AWSCognitoIdentityProviderAsync
public Future<AdminListGroupsForUserResult> adminListGroupsForUserAsync(AdminListGroupsForUserRequest request, AsyncHandler<AdminListGroupsForUserRequest,AdminListGroupsForUserResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists the groups that a user belongs to.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminListGroupsForUserAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminListUserAuthEventsResult> adminListUserAuthEventsAsync(AdminListUserAuthEventsRequest request)
AWSCognitoIdentityProviderAsync
A history of user activity and any risks detected as part of Amazon Cognito advanced security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminListUserAuthEventsAsync
in interface AWSCognitoIdentityProviderAsync
public Future<AdminListUserAuthEventsResult> adminListUserAuthEventsAsync(AdminListUserAuthEventsRequest request, AsyncHandler<AdminListUserAuthEventsRequest,AdminListUserAuthEventsResult> asyncHandler)
AWSCognitoIdentityProviderAsync
A history of user activity and any risks detected as part of Amazon Cognito advanced security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminListUserAuthEventsAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminRemoveUserFromGroupResult> adminRemoveUserFromGroupAsync(AdminRemoveUserFromGroupRequest request)
AWSCognitoIdentityProviderAsync
Removes the specified user from the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminRemoveUserFromGroupAsync
in interface AWSCognitoIdentityProviderAsync
public Future<AdminRemoveUserFromGroupResult> adminRemoveUserFromGroupAsync(AdminRemoveUserFromGroupRequest request, AsyncHandler<AdminRemoveUserFromGroupRequest,AdminRemoveUserFromGroupResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Removes the specified user from the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminRemoveUserFromGroupAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminResetUserPasswordResult> adminResetUserPasswordAsync(AdminResetUserPasswordRequest request)
AWSCognitoIdentityProviderAsync
Resets the specified user's password in a user pool as an administrator. Works on any user.
To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Deactivates a user's password, requiring them to change it. If a user tries to sign in after the API is called,
Amazon Cognito responds with a PasswordResetRequiredException
error. Your app must then perform the
actions that reset your user's password: the forgot-password flow. In addition, if the user pool has phone
verification selected and a verified phone number exists for the user, or if email verification is selected and a
verified email exists for the user, calling this API will also result in sending a message to the end user with
the code to change their password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminResetUserPasswordAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to reset a user's password as an administrator.public Future<AdminResetUserPasswordResult> adminResetUserPasswordAsync(AdminResetUserPasswordRequest request, AsyncHandler<AdminResetUserPasswordRequest,AdminResetUserPasswordResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Resets the specified user's password in a user pool as an administrator. Works on any user.
To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Deactivates a user's password, requiring them to change it. If a user tries to sign in after the API is called,
Amazon Cognito responds with a PasswordResetRequiredException
error. Your app must then perform the
actions that reset your user's password: the forgot-password flow. In addition, if the user pool has phone
verification selected and a verified phone number exists for the user, or if email verification is selected and a
verified email exists for the user, calling this API will also result in sending a message to the end user with
the code to change their password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminResetUserPasswordAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to reset a user's password as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminRespondToAuthChallengeResult> adminRespondToAuthChallengeAsync(AdminRespondToAuthChallengeRequest request)
AWSCognitoIdentityProviderAsync
Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication
that bypasses MFA, or for a custom authentication challenge. An AdminRespondToAuthChallenge
API
request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a
response to an authentication challenge vary with the type of challenge.
For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminRespondToAuthChallengeAsync
in interface AWSCognitoIdentityProviderAsync
request
- The request to respond to the authentication challenge, as an administrator.public Future<AdminRespondToAuthChallengeResult> adminRespondToAuthChallengeAsync(AdminRespondToAuthChallengeRequest request, AsyncHandler<AdminRespondToAuthChallengeRequest,AdminRespondToAuthChallengeResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication
that bypasses MFA, or for a custom authentication challenge. An AdminRespondToAuthChallenge
API
request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a
response to an authentication challenge vary with the type of challenge.
For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminRespondToAuthChallengeAsync
in interface AWSCognitoIdentityProviderAsync
request
- The request to respond to the authentication challenge, as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminSetUserMFAPreferenceResult> adminSetUserMFAPreferenceAsync(AdminSetUserMFAPreferenceRequest request)
AWSCognitoIdentityProviderAsync
The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminSetUserMFAPreferenceAsync
in interface AWSCognitoIdentityProviderAsync
public Future<AdminSetUserMFAPreferenceResult> adminSetUserMFAPreferenceAsync(AdminSetUserMFAPreferenceRequest request, AsyncHandler<AdminSetUserMFAPreferenceRequest,AdminSetUserMFAPreferenceResult> asyncHandler)
AWSCognitoIdentityProviderAsync
The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminSetUserMFAPreferenceAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminSetUserPasswordResult> adminSetUserPasswordAsync(AdminSetUserPasswordRequest request)
AWSCognitoIdentityProviderAsync
Sets the specified user's password in a user pool as an administrator. Works on any user.
The password can be temporary or permanent. If it is temporary, the user status enters the
FORCE_CHANGE_PASSWORD
state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth
response will contain the NEW_PASSWORD_REQUIRED
challenge. If the user doesn't sign in before it
expires, the user won't be able to sign in, and an administrator must reset their password.
Once the user has set a new password, or the password is permanent, the user status is set to
Confirmed
.
AdminSetUserPassword
can set a password for the user profile that Amazon Cognito creates for
third-party federated users. When you set a password, the federated user's status changes from
EXTERNAL_PROVIDER
to CONFIRMED
. A user in this state can sign in as a federated user,
and initiate authentication flows in the API like a linked native user. They can also modify their password and
attributes in token-authenticated API requests like ChangePassword
and
UpdateUserAttributes
. As a best security practice and to keep users in sync with your external IdP,
don't set passwords on federated user profiles. To set up a federated user for native sign-in with a linked
native user, refer to Linking federated users to an existing user profile.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminSetUserPasswordAsync
in interface AWSCognitoIdentityProviderAsync
public Future<AdminSetUserPasswordResult> adminSetUserPasswordAsync(AdminSetUserPasswordRequest request, AsyncHandler<AdminSetUserPasswordRequest,AdminSetUserPasswordResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Sets the specified user's password in a user pool as an administrator. Works on any user.
The password can be temporary or permanent. If it is temporary, the user status enters the
FORCE_CHANGE_PASSWORD
state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth
response will contain the NEW_PASSWORD_REQUIRED
challenge. If the user doesn't sign in before it
expires, the user won't be able to sign in, and an administrator must reset their password.
Once the user has set a new password, or the password is permanent, the user status is set to
Confirmed
.
AdminSetUserPassword
can set a password for the user profile that Amazon Cognito creates for
third-party federated users. When you set a password, the federated user's status changes from
EXTERNAL_PROVIDER
to CONFIRMED
. A user in this state can sign in as a federated user,
and initiate authentication flows in the API like a linked native user. They can also modify their password and
attributes in token-authenticated API requests like ChangePassword
and
UpdateUserAttributes
. As a best security practice and to keep users in sync with your external IdP,
don't set passwords on federated user profiles. To set up a federated user for native sign-in with a linked
native user, refer to Linking federated users to an existing user profile.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminSetUserPasswordAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminSetUserSettingsResult> adminSetUserSettingsAsync(AdminSetUserSettingsRequest request)
AWSCognitoIdentityProviderAsync
This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminSetUserSettingsAsync
in interface AWSCognitoIdentityProviderAsync
request
- You can use this parameter to set an MFA configuration that uses the SMS delivery medium.public Future<AdminSetUserSettingsResult> adminSetUserSettingsAsync(AdminSetUserSettingsRequest request, AsyncHandler<AdminSetUserSettingsRequest,AdminSetUserSettingsResult> asyncHandler)
AWSCognitoIdentityProviderAsync
This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminSetUserSettingsAsync
in interface AWSCognitoIdentityProviderAsync
request
- You can use this parameter to set an MFA configuration that uses the SMS delivery medium.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminUpdateAuthEventFeedbackResult> adminUpdateAuthEventFeedbackAsync(AdminUpdateAuthEventFeedbackRequest request)
AWSCognitoIdentityProviderAsync
Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminUpdateAuthEventFeedbackAsync
in interface AWSCognitoIdentityProviderAsync
public Future<AdminUpdateAuthEventFeedbackResult> adminUpdateAuthEventFeedbackAsync(AdminUpdateAuthEventFeedbackRequest request, AsyncHandler<AdminUpdateAuthEventFeedbackRequest,AdminUpdateAuthEventFeedbackResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminUpdateAuthEventFeedbackAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminUpdateDeviceStatusResult> adminUpdateDeviceStatusAsync(AdminUpdateDeviceStatusRequest request)
AWSCognitoIdentityProviderAsync
Updates the device status as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminUpdateDeviceStatusAsync
in interface AWSCognitoIdentityProviderAsync
request
- The request to update the device status, as an administrator.public Future<AdminUpdateDeviceStatusResult> adminUpdateDeviceStatusAsync(AdminUpdateDeviceStatusRequest request, AsyncHandler<AdminUpdateDeviceStatusRequest,AdminUpdateDeviceStatusResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Updates the device status as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminUpdateDeviceStatusAsync
in interface AWSCognitoIdentityProviderAsync
request
- The request to update the device status, as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminUpdateUserAttributesResult> adminUpdateUserAttributesAsync(AdminUpdateUserAttributesRequest request)
AWSCognitoIdentityProviderAsync
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.
For custom attributes, you must prepend the custom:
prefix to the attribute name.
In addition to updating user attributes, this API can also be used to mark phone and email as verified.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminUpdateUserAttributesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to update the user's attributes as an administrator.public Future<AdminUpdateUserAttributesResult> adminUpdateUserAttributesAsync(AdminUpdateUserAttributesRequest request, AsyncHandler<AdminUpdateUserAttributesRequest,AdminUpdateUserAttributesResult> asyncHandler)
AWSCognitoIdentityProviderAsync
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.
For custom attributes, you must prepend the custom:
prefix to the attribute name.
In addition to updating user attributes, this API can also be used to mark phone and email as verified.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminUpdateUserAttributesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to update the user's attributes as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AdminUserGlobalSignOutResult> adminUserGlobalSignOutAsync(AdminUserGlobalSignOutRequest request)
AWSCognitoIdentityProviderAsync
Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.
Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.
Amazon Cognito returns an Access Token has been revoked
error when your app attempts to authorize a
user pools API request with a revoked access token that contains the scope
aws.cognito.signin.user.admin
.
Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an
identity pool with ServerSideTokenCheck
enabled for its user pool IdP configuration in CognitoIdentityProvider.
Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.
Other requests might be valid until your user's token expires.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminUserGlobalSignOutAsync
in interface AWSCognitoIdentityProviderAsync
request
- The request to sign out of all devices, as an administrator.public Future<AdminUserGlobalSignOutResult> adminUserGlobalSignOutAsync(AdminUserGlobalSignOutRequest request, AsyncHandler<AdminUserGlobalSignOutRequest,AdminUserGlobalSignOutResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.
Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.
Amazon Cognito returns an Access Token has been revoked
error when your app attempts to authorize a
user pools API request with a revoked access token that contains the scope
aws.cognito.signin.user.admin
.
Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an
identity pool with ServerSideTokenCheck
enabled for its user pool IdP configuration in CognitoIdentityProvider.
Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.
Other requests might be valid until your user's token expires.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
adminUserGlobalSignOutAsync
in interface AWSCognitoIdentityProviderAsync
request
- The request to sign out of all devices, as an administrator.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<AssociateSoftwareTokenResult> associateSoftwareTokenAsync(AssociateSoftwareTokenRequest request)
AWSCognitoIdentityProviderAsync
Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique
private key that Amazon Cognito generates and returns in the API response. You can authorize an
AssociateSoftwareToken
request with either the user's access token, or a session string from a
challenge response that you received from Amazon Cognito.
Amazon Cognito disassociates an existing software token when you verify the new token in a
VerifySoftwareToken API request. If you don't verify the software token and your user pool doesn't require
MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires
TOTP MFA, Amazon Cognito generates an MFA_SETUP
or SOFTWARE_TOKEN_SETUP
challenge each
time your user signs. Complete setup with AssociateSoftwareToken
and
VerifySoftwareToken
.
After you set up software token MFA for your user, Amazon Cognito generates a SOFTWARE_TOKEN_MFA
challenge when they authenticate. Respond to this challenge with your user's TOTP.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
associateSoftwareTokenAsync
in interface AWSCognitoIdentityProviderAsync
public Future<AssociateSoftwareTokenResult> associateSoftwareTokenAsync(AssociateSoftwareTokenRequest request, AsyncHandler<AssociateSoftwareTokenRequest,AssociateSoftwareTokenResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique
private key that Amazon Cognito generates and returns in the API response. You can authorize an
AssociateSoftwareToken
request with either the user's access token, or a session string from a
challenge response that you received from Amazon Cognito.
Amazon Cognito disassociates an existing software token when you verify the new token in a
VerifySoftwareToken API request. If you don't verify the software token and your user pool doesn't require
MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires
TOTP MFA, Amazon Cognito generates an MFA_SETUP
or SOFTWARE_TOKEN_SETUP
challenge each
time your user signs. Complete setup with AssociateSoftwareToken
and
VerifySoftwareToken
.
After you set up software token MFA for your user, Amazon Cognito generates a SOFTWARE_TOKEN_MFA
challenge when they authenticate. Respond to this challenge with your user's TOTP.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
associateSoftwareTokenAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ChangePasswordResult> changePasswordAsync(ChangePasswordRequest request)
AWSCognitoIdentityProviderAsync
Changes the password for a specified user in a user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
changePasswordAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to change a user password.public Future<ChangePasswordResult> changePasswordAsync(ChangePasswordRequest request, AsyncHandler<ChangePasswordRequest,ChangePasswordResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Changes the password for a specified user in a user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
changePasswordAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to change a user password.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ConfirmDeviceResult> confirmDeviceAsync(ConfirmDeviceRequest request)
AWSCognitoIdentityProviderAsync
Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
confirmDeviceAsync
in interface AWSCognitoIdentityProviderAsync
request
- Confirms the device request.public Future<ConfirmDeviceResult> confirmDeviceAsync(ConfirmDeviceRequest request, AsyncHandler<ConfirmDeviceRequest,ConfirmDeviceResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
confirmDeviceAsync
in interface AWSCognitoIdentityProviderAsync
request
- Confirms the device request.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ConfirmForgotPasswordResult> confirmForgotPasswordAsync(ConfirmForgotPasswordRequest request)
AWSCognitoIdentityProviderAsync
Allows a user to enter a confirmation code to reset a forgotten password.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
confirmForgotPasswordAsync
in interface AWSCognitoIdentityProviderAsync
request
- The request representing the confirmation for a password reset.public Future<ConfirmForgotPasswordResult> confirmForgotPasswordAsync(ConfirmForgotPasswordRequest request, AsyncHandler<ConfirmForgotPasswordRequest,ConfirmForgotPasswordResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Allows a user to enter a confirmation code to reset a forgotten password.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
confirmForgotPasswordAsync
in interface AWSCognitoIdentityProviderAsync
request
- The request representing the confirmation for a password reset.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ConfirmSignUpResult> confirmSignUpAsync(ConfirmSignUpRequest request)
AWSCognitoIdentityProviderAsync
This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.
Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
confirmSignUpAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to confirm registration of a user.public Future<ConfirmSignUpResult> confirmSignUpAsync(ConfirmSignUpRequest request, AsyncHandler<ConfirmSignUpRequest,ConfirmSignUpResult> asyncHandler)
AWSCognitoIdentityProviderAsync
This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.
Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
confirmSignUpAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to confirm registration of a user.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<CreateGroupResult> createGroupAsync(CreateGroupRequest request)
AWSCognitoIdentityProviderAsync
Creates a new group in the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createGroupAsync
in interface AWSCognitoIdentityProviderAsync
public Future<CreateGroupResult> createGroupAsync(CreateGroupRequest request, AsyncHandler<CreateGroupRequest,CreateGroupResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Creates a new group in the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createGroupAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<CreateIdentityProviderResult> createIdentityProviderAsync(CreateIdentityProviderRequest request)
AWSCognitoIdentityProviderAsync
Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createIdentityProviderAsync
in interface AWSCognitoIdentityProviderAsync
public Future<CreateIdentityProviderResult> createIdentityProviderAsync(CreateIdentityProviderRequest request, AsyncHandler<CreateIdentityProviderRequest,CreateIdentityProviderResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createIdentityProviderAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<CreateResourceServerResult> createResourceServerAsync(CreateResourceServerRequest request)
AWSCognitoIdentityProviderAsync
Creates a new OAuth2.0 resource server and defines custom scopes within it.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createResourceServerAsync
in interface AWSCognitoIdentityProviderAsync
public Future<CreateResourceServerResult> createResourceServerAsync(CreateResourceServerRequest request, AsyncHandler<CreateResourceServerRequest,CreateResourceServerResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Creates a new OAuth2.0 resource server and defines custom scopes within it.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createResourceServerAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<CreateUserImportJobResult> createUserImportJobAsync(CreateUserImportJobRequest request)
AWSCognitoIdentityProviderAsync
Creates a user import job.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createUserImportJobAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to create the user import job.public Future<CreateUserImportJobResult> createUserImportJobAsync(CreateUserImportJobRequest request, AsyncHandler<CreateUserImportJobRequest,CreateUserImportJobResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Creates a user import job.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createUserImportJobAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to create the user import job.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<CreateUserPoolResult> createUserPoolAsync(CreateUserPoolRequest request)
AWSCognitoIdentityProviderAsync
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Creates a new Amazon Cognito user pool and sets the password policy for the pool.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createUserPoolAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to create a user pool.public Future<CreateUserPoolResult> createUserPoolAsync(CreateUserPoolRequest request, AsyncHandler<CreateUserPoolRequest,CreateUserPoolResult> asyncHandler)
AWSCognitoIdentityProviderAsync
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Creates a new Amazon Cognito user pool and sets the password policy for the pool.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createUserPoolAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to create a user pool.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<CreateUserPoolClientResult> createUserPoolClientAsync(CreateUserPoolClientRequest request)
AWSCognitoIdentityProviderAsync
Creates the user pool client.
When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, see RevokeToken.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createUserPoolClientAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to create a user pool client.public Future<CreateUserPoolClientResult> createUserPoolClientAsync(CreateUserPoolClientRequest request, AsyncHandler<CreateUserPoolClientRequest,CreateUserPoolClientResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Creates the user pool client.
When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, see RevokeToken.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createUserPoolClientAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to create a user pool client.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<CreateUserPoolDomainResult> createUserPoolDomainAsync(CreateUserPoolDomainRequest request)
AWSCognitoIdentityProviderAsync
Creates a new domain for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createUserPoolDomainAsync
in interface AWSCognitoIdentityProviderAsync
public Future<CreateUserPoolDomainResult> createUserPoolDomainAsync(CreateUserPoolDomainRequest request, AsyncHandler<CreateUserPoolDomainRequest,CreateUserPoolDomainResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Creates a new domain for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
createUserPoolDomainAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DeleteGroupResult> deleteGroupAsync(DeleteGroupRequest request)
AWSCognitoIdentityProviderAsync
Deletes a group.
Calling this action requires developer credentials.
deleteGroupAsync
in interface AWSCognitoIdentityProviderAsync
public Future<DeleteGroupResult> deleteGroupAsync(DeleteGroupRequest request, AsyncHandler<DeleteGroupRequest,DeleteGroupResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Deletes a group.
Calling this action requires developer credentials.
deleteGroupAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DeleteIdentityProviderResult> deleteIdentityProviderAsync(DeleteIdentityProviderRequest request)
AWSCognitoIdentityProviderAsync
Deletes an IdP for a user pool.
deleteIdentityProviderAsync
in interface AWSCognitoIdentityProviderAsync
public Future<DeleteIdentityProviderResult> deleteIdentityProviderAsync(DeleteIdentityProviderRequest request, AsyncHandler<DeleteIdentityProviderRequest,DeleteIdentityProviderResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Deletes an IdP for a user pool.
deleteIdentityProviderAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DeleteResourceServerResult> deleteResourceServerAsync(DeleteResourceServerRequest request)
AWSCognitoIdentityProviderAsync
Deletes a resource server.
deleteResourceServerAsync
in interface AWSCognitoIdentityProviderAsync
public Future<DeleteResourceServerResult> deleteResourceServerAsync(DeleteResourceServerRequest request, AsyncHandler<DeleteResourceServerRequest,DeleteResourceServerResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Deletes a resource server.
deleteResourceServerAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DeleteUserResult> deleteUserAsync(DeleteUserRequest request)
AWSCognitoIdentityProviderAsync
Allows a user to delete their own user profile.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
deleteUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete a user.public Future<DeleteUserResult> deleteUserAsync(DeleteUserRequest request, AsyncHandler<DeleteUserRequest,DeleteUserResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Allows a user to delete their own user profile.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
deleteUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete a user.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DeleteUserAttributesResult> deleteUserAttributesAsync(DeleteUserAttributesRequest request)
AWSCognitoIdentityProviderAsync
Deletes the attributes for a user.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
deleteUserAttributesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete user attributes.public Future<DeleteUserAttributesResult> deleteUserAttributesAsync(DeleteUserAttributesRequest request, AsyncHandler<DeleteUserAttributesRequest,DeleteUserAttributesResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Deletes the attributes for a user.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
deleteUserAttributesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete user attributes.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DeleteUserPoolResult> deleteUserPoolAsync(DeleteUserPoolRequest request)
AWSCognitoIdentityProviderAsync
Deletes the specified Amazon Cognito user pool.
deleteUserPoolAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete a user pool.public Future<DeleteUserPoolResult> deleteUserPoolAsync(DeleteUserPoolRequest request, AsyncHandler<DeleteUserPoolRequest,DeleteUserPoolResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Deletes the specified Amazon Cognito user pool.
deleteUserPoolAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete a user pool.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DeleteUserPoolClientResult> deleteUserPoolClientAsync(DeleteUserPoolClientRequest request)
AWSCognitoIdentityProviderAsync
Allows the developer to delete the user pool client.
deleteUserPoolClientAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete a user pool client.public Future<DeleteUserPoolClientResult> deleteUserPoolClientAsync(DeleteUserPoolClientRequest request, AsyncHandler<DeleteUserPoolClientRequest,DeleteUserPoolClientResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Allows the developer to delete the user pool client.
deleteUserPoolClientAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to delete a user pool client.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DeleteUserPoolDomainResult> deleteUserPoolDomainAsync(DeleteUserPoolDomainRequest request)
AWSCognitoIdentityProviderAsync
Deletes a domain for a user pool.
deleteUserPoolDomainAsync
in interface AWSCognitoIdentityProviderAsync
public Future<DeleteUserPoolDomainResult> deleteUserPoolDomainAsync(DeleteUserPoolDomainRequest request, AsyncHandler<DeleteUserPoolDomainRequest,DeleteUserPoolDomainResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Deletes a domain for a user pool.
deleteUserPoolDomainAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DescribeIdentityProviderResult> describeIdentityProviderAsync(DescribeIdentityProviderRequest request)
AWSCognitoIdentityProviderAsync
Gets information about a specific IdP.
describeIdentityProviderAsync
in interface AWSCognitoIdentityProviderAsync
public Future<DescribeIdentityProviderResult> describeIdentityProviderAsync(DescribeIdentityProviderRequest request, AsyncHandler<DescribeIdentityProviderRequest,DescribeIdentityProviderResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets information about a specific IdP.
describeIdentityProviderAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DescribeResourceServerResult> describeResourceServerAsync(DescribeResourceServerRequest request)
AWSCognitoIdentityProviderAsync
Describes a resource server.
describeResourceServerAsync
in interface AWSCognitoIdentityProviderAsync
public Future<DescribeResourceServerResult> describeResourceServerAsync(DescribeResourceServerRequest request, AsyncHandler<DescribeResourceServerRequest,DescribeResourceServerResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Describes a resource server.
describeResourceServerAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DescribeRiskConfigurationResult> describeRiskConfigurationAsync(DescribeRiskConfigurationRequest request)
AWSCognitoIdentityProviderAsync
Describes the risk configuration.
describeRiskConfigurationAsync
in interface AWSCognitoIdentityProviderAsync
public Future<DescribeRiskConfigurationResult> describeRiskConfigurationAsync(DescribeRiskConfigurationRequest request, AsyncHandler<DescribeRiskConfigurationRequest,DescribeRiskConfigurationResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Describes the risk configuration.
describeRiskConfigurationAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DescribeUserImportJobResult> describeUserImportJobAsync(DescribeUserImportJobRequest request)
AWSCognitoIdentityProviderAsync
Describes the user import job.
describeUserImportJobAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to describe the user import job.public Future<DescribeUserImportJobResult> describeUserImportJobAsync(DescribeUserImportJobRequest request, AsyncHandler<DescribeUserImportJobRequest,DescribeUserImportJobResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Describes the user import job.
describeUserImportJobAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to describe the user import job.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DescribeUserPoolResult> describeUserPoolAsync(DescribeUserPoolRequest request)
AWSCognitoIdentityProviderAsync
Returns the configuration information and metadata of the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
describeUserPoolAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to describe the user pool.public Future<DescribeUserPoolResult> describeUserPoolAsync(DescribeUserPoolRequest request, AsyncHandler<DescribeUserPoolRequest,DescribeUserPoolResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Returns the configuration information and metadata of the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
describeUserPoolAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to describe the user pool.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DescribeUserPoolClientResult> describeUserPoolClientAsync(DescribeUserPoolClientRequest request)
AWSCognitoIdentityProviderAsync
Client method for returning the configuration information and metadata of the specified user pool app client.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
describeUserPoolClientAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to describe a user pool client.public Future<DescribeUserPoolClientResult> describeUserPoolClientAsync(DescribeUserPoolClientRequest request, AsyncHandler<DescribeUserPoolClientRequest,DescribeUserPoolClientResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Client method for returning the configuration information and metadata of the specified user pool app client.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
describeUserPoolClientAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to describe a user pool client.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<DescribeUserPoolDomainResult> describeUserPoolDomainAsync(DescribeUserPoolDomainRequest request)
AWSCognitoIdentityProviderAsync
Gets information about a domain.
describeUserPoolDomainAsync
in interface AWSCognitoIdentityProviderAsync
public Future<DescribeUserPoolDomainResult> describeUserPoolDomainAsync(DescribeUserPoolDomainRequest request, AsyncHandler<DescribeUserPoolDomainRequest,DescribeUserPoolDomainResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets information about a domain.
describeUserPoolDomainAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ForgetDeviceResult> forgetDeviceAsync(ForgetDeviceRequest request)
AWSCognitoIdentityProviderAsync
Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
forgetDeviceAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to forget the device.public Future<ForgetDeviceResult> forgetDeviceAsync(ForgetDeviceRequest request, AsyncHandler<ForgetDeviceRequest,ForgetDeviceResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
forgetDeviceAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to forget the device.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ForgotPasswordResult> forgotPasswordAsync(ForgotPasswordRequest request)
AWSCognitoIdentityProviderAsync
Calling this API causes a message to be sent to the end user with a confirmation code that is required to change
the user's password. For the Username
parameter, you can use the username or user alias. The method
used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more
information, see Recovering
User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the
password, call ConfirmForgotPassword.
If neither a verified phone number nor a verified email exists, this API returns
InvalidParameterException
. If your app client has a client secret and you don't provide a
SECRET_HASH
parameter, this API returns NotAuthorizedException
.
To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
forgotPasswordAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to reset a user's password.public Future<ForgotPasswordResult> forgotPasswordAsync(ForgotPasswordRequest request, AsyncHandler<ForgotPasswordRequest,ForgotPasswordResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Calling this API causes a message to be sent to the end user with a confirmation code that is required to change
the user's password. For the Username
parameter, you can use the username or user alias. The method
used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more
information, see Recovering
User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the
password, call ConfirmForgotPassword.
If neither a verified phone number nor a verified email exists, this API returns
InvalidParameterException
. If your app client has a client secret and you don't provide a
SECRET_HASH
parameter, this API returns NotAuthorizedException
.
To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
forgotPasswordAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to reset a user's password.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GetCSVHeaderResult> getCSVHeaderAsync(GetCSVHeaderRequest request)
AWSCognitoIdentityProviderAsync
Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.
getCSVHeaderAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get the header information of the CSV file for the user import job.public Future<GetCSVHeaderResult> getCSVHeaderAsync(GetCSVHeaderRequest request, AsyncHandler<GetCSVHeaderRequest,GetCSVHeaderResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.
getCSVHeaderAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get the header information of the CSV file for the user import job.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GetDeviceResult> getDeviceAsync(GetDeviceRequest request)
AWSCognitoIdentityProviderAsync
Gets the device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
getDeviceAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get the device.public Future<GetDeviceResult> getDeviceAsync(GetDeviceRequest request, AsyncHandler<GetDeviceRequest,GetDeviceResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets the device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
getDeviceAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get the device.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GetGroupResult> getGroupAsync(GetGroupRequest request)
AWSCognitoIdentityProviderAsync
Gets a group.
Calling this action requires developer credentials.
getGroupAsync
in interface AWSCognitoIdentityProviderAsync
public Future<GetGroupResult> getGroupAsync(GetGroupRequest request, AsyncHandler<GetGroupRequest,GetGroupResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets a group.
Calling this action requires developer credentials.
getGroupAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GetIdentityProviderByIdentifierResult> getIdentityProviderByIdentifierAsync(GetIdentityProviderByIdentifierRequest request)
AWSCognitoIdentityProviderAsync
Gets the specified IdP.
getIdentityProviderByIdentifierAsync
in interface AWSCognitoIdentityProviderAsync
public Future<GetIdentityProviderByIdentifierResult> getIdentityProviderByIdentifierAsync(GetIdentityProviderByIdentifierRequest request, AsyncHandler<GetIdentityProviderByIdentifierRequest,GetIdentityProviderByIdentifierResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets the specified IdP.
getIdentityProviderByIdentifierAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GetLogDeliveryConfigurationResult> getLogDeliveryConfigurationAsync(GetLogDeliveryConfigurationRequest request)
AWSCognitoIdentityProviderAsync
Gets the detailed activity logging configuration for a user pool.
getLogDeliveryConfigurationAsync
in interface AWSCognitoIdentityProviderAsync
public Future<GetLogDeliveryConfigurationResult> getLogDeliveryConfigurationAsync(GetLogDeliveryConfigurationRequest request, AsyncHandler<GetLogDeliveryConfigurationRequest,GetLogDeliveryConfigurationResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets the detailed activity logging configuration for a user pool.
getLogDeliveryConfigurationAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GetSigningCertificateResult> getSigningCertificateAsync(GetSigningCertificateRequest request)
AWSCognitoIdentityProviderAsync
This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.
Amazon Cognito issues and assigns a new signing certificate annually. This process returns a new value in the
response to GetSigningCertificate
, but doesn't invalidate the original certificate.
getSigningCertificateAsync
in interface AWSCognitoIdentityProviderAsync
request
- Request to get a signing certificate from Amazon Cognito.public Future<GetSigningCertificateResult> getSigningCertificateAsync(GetSigningCertificateRequest request, AsyncHandler<GetSigningCertificateRequest,GetSigningCertificateResult> asyncHandler)
AWSCognitoIdentityProviderAsync
This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.
Amazon Cognito issues and assigns a new signing certificate annually. This process returns a new value in the
response to GetSigningCertificate
, but doesn't invalidate the original certificate.
getSigningCertificateAsync
in interface AWSCognitoIdentityProviderAsync
request
- Request to get a signing certificate from Amazon Cognito.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GetUICustomizationResult> getUICustomizationAsync(GetUICustomizationRequest request)
AWSCognitoIdentityProviderAsync
Gets the user interface (UI) Customization information for a particular app client's app UI, if any such
information exists for the client. If nothing is set for the particular client, but there is an existing pool
level customization (the app clientId
is ALL
), then that information is returned. If
nothing is present, then an empty shape is returned.
getUICustomizationAsync
in interface AWSCognitoIdentityProviderAsync
public Future<GetUICustomizationResult> getUICustomizationAsync(GetUICustomizationRequest request, AsyncHandler<GetUICustomizationRequest,GetUICustomizationResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets the user interface (UI) Customization information for a particular app client's app UI, if any such
information exists for the client. If nothing is set for the particular client, but there is an existing pool
level customization (the app clientId
is ALL
), then that information is returned. If
nothing is present, then an empty shape is returned.
getUICustomizationAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GetUserResult> getUserAsync(GetUserRequest request)
AWSCognitoIdentityProviderAsync
Gets the user attributes and metadata for a user.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
getUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get information about the user.public Future<GetUserResult> getUserAsync(GetUserRequest request, AsyncHandler<GetUserRequest,GetUserResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets the user attributes and metadata for a user.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
getUserAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get information about the user.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GetUserAttributeVerificationCodeResult> getUserAttributeVerificationCodeAsync(GetUserAttributeVerificationCodeRequest request)
AWSCognitoIdentityProviderAsync
Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
getUserAttributeVerificationCodeAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get user attribute verification.public Future<GetUserAttributeVerificationCodeResult> getUserAttributeVerificationCodeAsync(GetUserAttributeVerificationCodeRequest request, AsyncHandler<GetUserAttributeVerificationCodeRequest,GetUserAttributeVerificationCodeResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
getUserAttributeVerificationCodeAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to get user attribute verification.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GetUserPoolMfaConfigResult> getUserPoolMfaConfigAsync(GetUserPoolMfaConfigRequest request)
AWSCognitoIdentityProviderAsync
Gets the user pool multi-factor authentication (MFA) configuration.
getUserPoolMfaConfigAsync
in interface AWSCognitoIdentityProviderAsync
public Future<GetUserPoolMfaConfigResult> getUserPoolMfaConfigAsync(GetUserPoolMfaConfigRequest request, AsyncHandler<GetUserPoolMfaConfigRequest,GetUserPoolMfaConfigResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Gets the user pool multi-factor authentication (MFA) configuration.
getUserPoolMfaConfigAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<GlobalSignOutResult> globalSignOutAsync(GlobalSignOutRequest request)
AWSCognitoIdentityProviderAsync
Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.
Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.
Amazon Cognito returns an Access Token has been revoked
error when your app attempts to authorize a
user pools API request with a revoked access token that contains the scope
aws.cognito.signin.user.admin
.
Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an
identity pool with ServerSideTokenCheck
enabled for its user pool IdP configuration in CognitoIdentityProvider.
Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.
Other requests might be valid until your user's token expires.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
globalSignOutAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to sign out all devices.public Future<GlobalSignOutResult> globalSignOutAsync(GlobalSignOutRequest request, AsyncHandler<GlobalSignOutRequest,GlobalSignOutResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.
Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.
Amazon Cognito returns an Access Token has been revoked
error when your app attempts to authorize a
user pools API request with a revoked access token that contains the scope
aws.cognito.signin.user.admin
.
Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an
identity pool with ServerSideTokenCheck
enabled for its user pool IdP configuration in CognitoIdentityProvider.
Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.
Other requests might be valid until your user's token expires.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
globalSignOutAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to sign out all devices.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<InitiateAuthResult> initiateAuthAsync(InitiateAuthRequest request)
AWSCognitoIdentityProviderAsync
Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP
with InitiateAuth
. For more information, see
Adding user pool sign-in through a third party.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
initiateAuthAsync
in interface AWSCognitoIdentityProviderAsync
request
- Initiates the authentication request.public Future<InitiateAuthResult> initiateAuthAsync(InitiateAuthRequest request, AsyncHandler<InitiateAuthRequest,InitiateAuthResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP
with InitiateAuth
. For more information, see
Adding user pool sign-in through a third party.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
initiateAuthAsync
in interface AWSCognitoIdentityProviderAsync
request
- Initiates the authentication request.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ListDevicesResult> listDevicesAsync(ListDevicesRequest request)
AWSCognitoIdentityProviderAsync
Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
listDevicesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list the devices.public Future<ListDevicesResult> listDevicesAsync(ListDevicesRequest request, AsyncHandler<ListDevicesRequest,ListDevicesResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
listDevicesAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list the devices.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ListGroupsResult> listGroupsAsync(ListGroupsRequest request)
AWSCognitoIdentityProviderAsync
Lists the groups associated with a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listGroupsAsync
in interface AWSCognitoIdentityProviderAsync
public Future<ListGroupsResult> listGroupsAsync(ListGroupsRequest request, AsyncHandler<ListGroupsRequest,ListGroupsResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists the groups associated with a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listGroupsAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ListIdentityProvidersResult> listIdentityProvidersAsync(ListIdentityProvidersRequest request)
AWSCognitoIdentityProviderAsync
Lists information about all IdPs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listIdentityProvidersAsync
in interface AWSCognitoIdentityProviderAsync
public Future<ListIdentityProvidersResult> listIdentityProvidersAsync(ListIdentityProvidersRequest request, AsyncHandler<ListIdentityProvidersRequest,ListIdentityProvidersResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists information about all IdPs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listIdentityProvidersAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ListResourceServersResult> listResourceServersAsync(ListResourceServersRequest request)
AWSCognitoIdentityProviderAsync
Lists the resource servers for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listResourceServersAsync
in interface AWSCognitoIdentityProviderAsync
public Future<ListResourceServersResult> listResourceServersAsync(ListResourceServersRequest request, AsyncHandler<ListResourceServersRequest,ListResourceServersResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists the resource servers for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listResourceServersAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ListTagsForResourceResult> listTagsForResourceAsync(ListTagsForResourceRequest request)
AWSCognitoIdentityProviderAsync
Lists the tags that are assigned to an Amazon Cognito user pool.
A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
You can use this action up to 10 times per second, per account.
listTagsForResourceAsync
in interface AWSCognitoIdentityProviderAsync
public Future<ListTagsForResourceResult> listTagsForResourceAsync(ListTagsForResourceRequest request, AsyncHandler<ListTagsForResourceRequest,ListTagsForResourceResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists the tags that are assigned to an Amazon Cognito user pool.
A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
You can use this action up to 10 times per second, per account.
listTagsForResourceAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ListUserImportJobsResult> listUserImportJobsAsync(ListUserImportJobsRequest request)
AWSCognitoIdentityProviderAsync
Lists user import jobs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listUserImportJobsAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list the user import jobs.public Future<ListUserImportJobsResult> listUserImportJobsAsync(ListUserImportJobsRequest request, AsyncHandler<ListUserImportJobsRequest,ListUserImportJobsResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists user import jobs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listUserImportJobsAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list the user import jobs.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ListUserPoolClientsResult> listUserPoolClientsAsync(ListUserPoolClientsRequest request)
AWSCognitoIdentityProviderAsync
Lists the clients that have been created for the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listUserPoolClientsAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list the user pool clients.public Future<ListUserPoolClientsResult> listUserPoolClientsAsync(ListUserPoolClientsRequest request, AsyncHandler<ListUserPoolClientsRequest,ListUserPoolClientsResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists the clients that have been created for the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listUserPoolClientsAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list the user pool clients.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ListUserPoolsResult> listUserPoolsAsync(ListUserPoolsRequest request)
AWSCognitoIdentityProviderAsync
Lists the user pools associated with an Amazon Web Services account.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listUserPoolsAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list user pools.public Future<ListUserPoolsResult> listUserPoolsAsync(ListUserPoolsRequest request, AsyncHandler<ListUserPoolsRequest,ListUserPoolsResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists the user pools associated with an Amazon Web Services account.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listUserPoolsAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list user pools.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ListUsersResult> listUsersAsync(ListUsersRequest request)
AWSCognitoIdentityProviderAsync
Lists users and their basic details in a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listUsersAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list users.public Future<ListUsersResult> listUsersAsync(ListUsersRequest request, AsyncHandler<ListUsersRequest,ListUsersResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists users and their basic details in a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listUsersAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to list users.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ListUsersInGroupResult> listUsersInGroupAsync(ListUsersInGroupRequest request)
AWSCognitoIdentityProviderAsync
Lists the users in the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listUsersInGroupAsync
in interface AWSCognitoIdentityProviderAsync
public Future<ListUsersInGroupResult> listUsersInGroupAsync(ListUsersInGroupRequest request, AsyncHandler<ListUsersInGroupRequest,ListUsersInGroupResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Lists the users in the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
listUsersInGroupAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<ResendConfirmationCodeResult> resendConfirmationCodeAsync(ResendConfirmationCodeRequest request)
AWSCognitoIdentityProviderAsync
Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
resendConfirmationCodeAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to resend the confirmation code.public Future<ResendConfirmationCodeResult> resendConfirmationCodeAsync(ResendConfirmationCodeRequest request, AsyncHandler<ResendConfirmationCodeRequest,ResendConfirmationCodeResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
resendConfirmationCodeAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to resend the confirmation code.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<RespondToAuthChallengeResult> respondToAuthChallengeAsync(RespondToAuthChallengeRequest request)
AWSCognitoIdentityProviderAsync
Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication
that bypasses MFA, or for a custom authentication challenge. A RespondToAuthChallenge
API request
provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a
response to an authentication challenge vary with the type of challenge.
For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
respondToAuthChallengeAsync
in interface AWSCognitoIdentityProviderAsync
request
- The request to respond to an authentication challenge.public Future<RespondToAuthChallengeResult> respondToAuthChallengeAsync(RespondToAuthChallengeRequest request, AsyncHandler<RespondToAuthChallengeRequest,RespondToAuthChallengeResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication
that bypasses MFA, or for a custom authentication challenge. A RespondToAuthChallenge
API request
provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a
response to an authentication challenge vary with the type of challenge.
For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
respondToAuthChallengeAsync
in interface AWSCognitoIdentityProviderAsync
request
- The request to respond to an authentication challenge.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<RevokeTokenResult> revokeTokenAsync(RevokeTokenRequest request)
AWSCognitoIdentityProviderAsync
Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
revokeTokenAsync
in interface AWSCognitoIdentityProviderAsync
public Future<RevokeTokenResult> revokeTokenAsync(RevokeTokenRequest request, AsyncHandler<RevokeTokenRequest,RevokeTokenResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
revokeTokenAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<SetLogDeliveryConfigurationResult> setLogDeliveryConfigurationAsync(SetLogDeliveryConfigurationRequest request)
AWSCognitoIdentityProviderAsync
Sets up or modifies the detailed activity logging configuration of a user pool.
setLogDeliveryConfigurationAsync
in interface AWSCognitoIdentityProviderAsync
public Future<SetLogDeliveryConfigurationResult> setLogDeliveryConfigurationAsync(SetLogDeliveryConfigurationRequest request, AsyncHandler<SetLogDeliveryConfigurationRequest,SetLogDeliveryConfigurationResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Sets up or modifies the detailed activity logging configuration of a user pool.
setLogDeliveryConfigurationAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<SetRiskConfigurationResult> setRiskConfigurationAsync(SetRiskConfigurationRequest request)
AWSCognitoIdentityProviderAsync
Configures actions on detected risks. To delete the risk configuration for UserPoolId
or
ClientId
, pass null values for all four configuration types.
To activate Amazon Cognito advanced security features, update the user pool to include the
UserPoolAddOns
keyAdvancedSecurityMode
.
setRiskConfigurationAsync
in interface AWSCognitoIdentityProviderAsync
public Future<SetRiskConfigurationResult> setRiskConfigurationAsync(SetRiskConfigurationRequest request, AsyncHandler<SetRiskConfigurationRequest,SetRiskConfigurationResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Configures actions on detected risks. To delete the risk configuration for UserPoolId
or
ClientId
, pass null values for all four configuration types.
To activate Amazon Cognito advanced security features, update the user pool to include the
UserPoolAddOns
keyAdvancedSecurityMode
.
setRiskConfigurationAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<SetUICustomizationResult> setUICustomizationAsync(SetUICustomizationRequest request)
AWSCognitoIdentityProviderAsync
Sets the user interface (UI) customization information for a user pool's built-in app UI.
You can specify app UI customization settings for a single client (with a specific clientId
) or for
all clients (by setting the clientId
to ALL
). If you specify ALL
, the
default configuration is used for every client that has no previously set UI customization. If you specify UI
customization settings for a particular client, it will no longer return to the ALL
configuration.
To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.
setUICustomizationAsync
in interface AWSCognitoIdentityProviderAsync
public Future<SetUICustomizationResult> setUICustomizationAsync(SetUICustomizationRequest request, AsyncHandler<SetUICustomizationRequest,SetUICustomizationResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Sets the user interface (UI) customization information for a user pool's built-in app UI.
You can specify app UI customization settings for a single client (with a specific clientId
) or for
all clients (by setting the clientId
to ALL
). If you specify ALL
, the
default configuration is used for every client that has no previously set UI customization. If you specify UI
customization settings for a particular client, it will no longer return to the ALL
configuration.
To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.
setUICustomizationAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<SetUserMFAPreferenceResult> setUserMFAPreferenceAsync(SetUserMFAPreferenceRequest request)
AWSCognitoIdentityProviderAsync
Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
setUserMFAPreferenceAsync
in interface AWSCognitoIdentityProviderAsync
public Future<SetUserMFAPreferenceResult> setUserMFAPreferenceAsync(SetUserMFAPreferenceRequest request, AsyncHandler<SetUserMFAPreferenceRequest,SetUserMFAPreferenceResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
setUserMFAPreferenceAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<SetUserPoolMfaConfigResult> setUserPoolMfaConfigAsync(SetUserPoolMfaConfigRequest request)
AWSCognitoIdentityProviderAsync
Sets the user pool multi-factor authentication (MFA) configuration.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
setUserPoolMfaConfigAsync
in interface AWSCognitoIdentityProviderAsync
public Future<SetUserPoolMfaConfigResult> setUserPoolMfaConfigAsync(SetUserPoolMfaConfigRequest request, AsyncHandler<SetUserPoolMfaConfigRequest,SetUserPoolMfaConfigResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Sets the user pool multi-factor authentication (MFA) configuration.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
setUserPoolMfaConfigAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<SetUserSettingsResult> setUserSettingsAsync(SetUserSettingsRequest request)
AWSCognitoIdentityProviderAsync
This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
setUserSettingsAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to set user settings.public Future<SetUserSettingsResult> setUserSettingsAsync(SetUserSettingsRequest request, AsyncHandler<SetUserSettingsRequest,SetUserSettingsResult> asyncHandler)
AWSCognitoIdentityProviderAsync
This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
setUserSettingsAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to set user settings.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<SignUpResult> signUpAsync(SignUpRequest request)
AWSCognitoIdentityProviderAsync
Registers the user in the specified user pool and creates a user name, password, and user attributes.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
signUpAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to register a user.public Future<SignUpResult> signUpAsync(SignUpRequest request, AsyncHandler<SignUpRequest,SignUpResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Registers the user in the specified user pool and creates a user name, password, and user attributes.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
signUpAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to register a user.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<StartUserImportJobResult> startUserImportJobAsync(StartUserImportJobRequest request)
AWSCognitoIdentityProviderAsync
Starts the user import.
startUserImportJobAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to start the user import job.public Future<StartUserImportJobResult> startUserImportJobAsync(StartUserImportJobRequest request, AsyncHandler<StartUserImportJobRequest,StartUserImportJobResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Starts the user import.
startUserImportJobAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to start the user import job.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<StopUserImportJobResult> stopUserImportJobAsync(StopUserImportJobRequest request)
AWSCognitoIdentityProviderAsync
Stops the user import job.
stopUserImportJobAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to stop the user import job.public Future<StopUserImportJobResult> stopUserImportJobAsync(StopUserImportJobRequest request, AsyncHandler<StopUserImportJobRequest,StopUserImportJobResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Stops the user import job.
stopUserImportJobAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to stop the user import job.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<TagResourceResult> tagResourceAsync(TagResourceRequest request)
AWSCognitoIdentityProviderAsync
Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
Each tag consists of a key and value, both of which you define. A key is a general category for more specific
values. For example, if you have two versions of a user pool, one for testing and another for production, you
might assign an Environment
tag key to both user pools. The value of this key might be
Test
for one user pool, and Production
for the other.
Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.
You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.
tagResourceAsync
in interface AWSCognitoIdentityProviderAsync
public Future<TagResourceResult> tagResourceAsync(TagResourceRequest request, AsyncHandler<TagResourceRequest,TagResourceResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
Each tag consists of a key and value, both of which you define. A key is a general category for more specific
values. For example, if you have two versions of a user pool, one for testing and another for production, you
might assign an Environment
tag key to both user pools. The value of this key might be
Test
for one user pool, and Production
for the other.
Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.
You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.
tagResourceAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<UntagResourceResult> untagResourceAsync(UntagResourceRequest request)
AWSCognitoIdentityProviderAsync
Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.
untagResourceAsync
in interface AWSCognitoIdentityProviderAsync
public Future<UntagResourceResult> untagResourceAsync(UntagResourceRequest request, AsyncHandler<UntagResourceRequest,UntagResourceResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.
untagResourceAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<UpdateAuthEventFeedbackResult> updateAuthEventFeedbackAsync(UpdateAuthEventFeedbackRequest request)
AWSCognitoIdentityProviderAsync
Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
updateAuthEventFeedbackAsync
in interface AWSCognitoIdentityProviderAsync
public Future<UpdateAuthEventFeedbackResult> updateAuthEventFeedbackAsync(UpdateAuthEventFeedbackRequest request, AsyncHandler<UpdateAuthEventFeedbackRequest,UpdateAuthEventFeedbackResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
updateAuthEventFeedbackAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<UpdateDeviceStatusResult> updateDeviceStatusAsync(UpdateDeviceStatusRequest request)
AWSCognitoIdentityProviderAsync
Updates the device status. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
updateDeviceStatusAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to update the device status.public Future<UpdateDeviceStatusResult> updateDeviceStatusAsync(UpdateDeviceStatusRequest request, AsyncHandler<UpdateDeviceStatusRequest,UpdateDeviceStatusResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Updates the device status. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
updateDeviceStatusAsync
in interface AWSCognitoIdentityProviderAsync
request
- Represents the request to update the device status.asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<UpdateGroupResult> updateGroupAsync(UpdateGroupRequest request)
AWSCognitoIdentityProviderAsync
Updates the specified group with the specified attributes.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
updateGroupAsync
in interface AWSCognitoIdentityProviderAsync
public Future<UpdateGroupResult> updateGroupAsync(UpdateGroupRequest request, AsyncHandler<UpdateGroupRequest,UpdateGroupResult> asyncHandler)
AWSCognitoIdentityProviderAsync
Updates the specified group with the specified attributes.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
updateGroupAsync
in interface AWSCognitoIdentityProviderAsync
asyncHandler
- Asynchronous callback handler for events in the lifecycle of the request. Users can provide an
implementation of the callback methods in this interface to receive notification of successful or
unsuccessful completion of the operation.public Future<UpdateIdentityProviderResult> updateIdentityProviderAsync(UpdateIdentityProviderRequest request)
AWSCognitoIdentityProviderAsync
Updates IdP information for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
updateIdentityProviderAsync
in interface AWSCognitoIdentityProviderAsync
public Future<UpdateIdentityProviderResult> updateIdentityProviderAsync(UpdateIdentityProviderRequest request, AsyncHandler<UpdateIdentityProviderRequest,UpdateIdentityProviderResult> asyncHandler)