AWS SDK for C++

AWS SDK for C++ Version 1.11.643
Loading...
Searching...
No Matches
Public Member Functions | List of all members
Aws::CognitoIdentityProvider::Model::InitiateAuthRequest Class Reference

#include <InitiateAuthRequest.h>

Inheritance diagram for Aws::CognitoIdentityProvider::Model::InitiateAuthRequest:
[legend]

Public Member Functions

AWS_COGNITOIDENTITYPROVIDER_API InitiateAuthRequest ()=default
 
virtual const char * GetServiceRequestName () const override
 
AWS_COGNITOIDENTITYPROVIDER_API Aws::String SerializePayload () const override
 
AWS_COGNITOIDENTITYPROVIDER_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders () const override
 
AuthFlowType GetAuthFlow () const
 
bool AuthFlowHasBeenSet () const
 
void SetAuthFlow (AuthFlowType value)
 
InitiateAuthRequestWithAuthFlow (AuthFlowType value)
 
const Aws::Map< Aws::String, Aws::String > & GetAuthParameters () const
 
bool AuthParametersHasBeenSet () const
 
template<typename AuthParametersT = Aws::Map<Aws::String, Aws::String>>
void SetAuthParameters (AuthParametersT &&value)
 
template<typename AuthParametersT = Aws::Map<Aws::String, Aws::String>>
InitiateAuthRequestWithAuthParameters (AuthParametersT &&value)
 
template<typename AuthParametersKeyT = Aws::String, typename AuthParametersValueT = Aws::String>
InitiateAuthRequestAddAuthParameters (AuthParametersKeyT &&key, AuthParametersValueT &&value)
 
const Aws::Map< Aws::String, Aws::String > & GetClientMetadata () const
 
bool ClientMetadataHasBeenSet () const
 
template<typename ClientMetadataT = Aws::Map<Aws::String, Aws::String>>
void SetClientMetadata (ClientMetadataT &&value)
 
template<typename ClientMetadataT = Aws::Map<Aws::String, Aws::String>>
InitiateAuthRequestWithClientMetadata (ClientMetadataT &&value)
 
template<typename ClientMetadataKeyT = Aws::String, typename ClientMetadataValueT = Aws::String>
InitiateAuthRequestAddClientMetadata (ClientMetadataKeyT &&key, ClientMetadataValueT &&value)
 
const Aws::StringGetClientId () const
 
bool ClientIdHasBeenSet () const
 
template<typename ClientIdT = Aws::String>
void SetClientId (ClientIdT &&value)
 
template<typename ClientIdT = Aws::String>
InitiateAuthRequestWithClientId (ClientIdT &&value)
 
const AnalyticsMetadataTypeGetAnalyticsMetadata () const
 
bool AnalyticsMetadataHasBeenSet () const
 
template<typename AnalyticsMetadataT = AnalyticsMetadataType>
void SetAnalyticsMetadata (AnalyticsMetadataT &&value)
 
template<typename AnalyticsMetadataT = AnalyticsMetadataType>
InitiateAuthRequestWithAnalyticsMetadata (AnalyticsMetadataT &&value)
 
const UserContextDataTypeGetUserContextData () const
 
bool UserContextDataHasBeenSet () const
 
template<typename UserContextDataT = UserContextDataType>
void SetUserContextData (UserContextDataT &&value)
 
template<typename UserContextDataT = UserContextDataType>
InitiateAuthRequestWithUserContextData (UserContextDataT &&value)
 
const Aws::StringGetSession () const
 
bool SessionHasBeenSet () const
 
template<typename SessionT = Aws::String>
void SetSession (SessionT &&value)
 
template<typename SessionT = Aws::String>
InitiateAuthRequestWithSession (SessionT &&value)
 

Public Member Functions inherited from Aws::CognitoIdentityProvider::CognitoIdentityProviderRequest

virtual ~CognitoIdentityProviderRequest ()
 
void AddParametersToRequest (Aws::Http::HttpRequest &httpRequest) const
 
Aws::Http::HeaderValueCollection GetHeaders () const override
 

Public Member Functions inherited from Aws::AmazonSerializableWebServiceRequest

 AmazonSerializableWebServiceRequest ()
 
virtual ~AmazonSerializableWebServiceRequest ()
 
std::shared_ptr< Aws::IOStreamGetBody () const override
 

Public Member Functions inherited from Aws::AmazonWebServiceRequest

 AmazonWebServiceRequest ()
 
virtual ~AmazonWebServiceRequest ()=default
 
virtual const Aws::Http::HeaderValueCollectionGetAdditionalCustomHeaders () const
 
virtual void SetAdditionalCustomHeaderValue (const Aws::String &headerName, const Aws::String &headerValue)
 
virtual void AddQueryStringParameters (Aws::Http::URI &uri) const
 
virtual void PutToPresignedUrl (Aws::Http::URI &uri) const
 
virtual bool IsStreaming () const
 
virtual bool IsEventStreamRequest () const
 
virtual bool HasEventStreamResponse () const
 
virtual bool SignBody () const
 
virtual bool HasEmbeddedError (Aws::IOStream &body, const Aws::Http::HeaderValueCollection &header) const
 
virtual bool IsChunked () const
 
virtual void SetRequestSignedHandler (const RequestSignedHandler &handler)
 
virtual const RequestSignedHandlerGetRequestSignedHandler () const
 
const Aws::IOStreamFactoryGetResponseStreamFactory () const
 
void SetResponseStreamFactory (const Aws::IOStreamFactory &factory)
 
virtual const Aws::Http::HeadersReceivedEventHandlerGetHeadersReceivedEventHandler () const
 
virtual const Aws::Http::DataReceivedEventHandlerGetDataReceivedEventHandler () const
 
virtual const Aws::Http::DataSentEventHandlerGetDataSentEventHandler () const
 
virtual const Aws::Http::ContinueRequestHandlerGetContinueRequestHandler () const
 
virtual const RequestRetryHandlerGetRequestRetryHandler () const
 
virtual bool ShouldComputeContentMd5 () const
 
virtual bool ShouldValidateResponseChecksum () const
 
virtual Aws::Vector< Aws::StringGetResponseChecksumAlgorithmNames () const
 
virtual Aws::String GetChecksumAlgorithmName () const
 
virtual void SetServiceSpecificParameters (const std::shared_ptr< Http::ServiceSpecificParameters > &serviceSpecificParameters) const
 
virtual std::shared_ptr< Http::ServiceSpecificParametersGetServiceSpecificParameters () const
 
virtual EndpointParameters GetEndpointContextParams () const
 
virtual Aws::Client::CompressionAlgorithm GetSelectedCompressionAlgorithm (Aws::Client::RequestCompressionConfig) const
 
void AddUserAgentFeature (Aws::Client::UserAgentFeature feature) const
 
Aws::Set< Aws::Client::UserAgentFeatureGetUserAgentFeatures () const
 
virtual bool RequestChecksumRequired () const
 
RetryContext GetRetryContext () const
 
void SetRetryContext (const RetryContext &context) const
 
virtual void SetHeadersReceivedEventHandler (const Aws::Http::HeadersReceivedEventHandler &headersReceivedEventHandler)
 
virtual void SetHeadersReceivedEventHandler (Aws::Http::HeadersReceivedEventHandler &&headersReceivedEventHandler)
 
virtual void SetDataReceivedEventHandler (const Aws::Http::DataReceivedEventHandler &dataReceivedEventHandler)
 
virtual void SetDataReceivedEventHandler (Aws::Http::DataReceivedEventHandler &&dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (const Aws::Http::DataSentEventHandler &dataSentEventHandler)
 
virtual void SetDataSentEventHandler (Aws::Http::DataSentEventHandler &&dataSentEventHandler)
 
virtual void SetContinueRequestHandler (const Aws::Http::ContinueRequestHandler &continueRequestHandler)
 
virtual void SetContinueRequestHandler (Aws::Http::ContinueRequestHandler &&continueRequestHandler)
 
virtual void SetRequestRetryHandler (const RequestRetryHandler &handler)
 
virtual void SetRequestRetryHandler (RequestRetryHandler &&handler)
 
virtual void SetHeadersReceivedEventHandler (const Aws::Http::HeadersReceivedEventHandler &headersReceivedEventHandler)
 
virtual void SetHeadersReceivedEventHandler (Aws::Http::HeadersReceivedEventHandler &&headersReceivedEventHandler)
 
virtual void SetDataReceivedEventHandler (const Aws::Http::DataReceivedEventHandler &dataReceivedEventHandler)
 
virtual void SetDataReceivedEventHandler (Aws::Http::DataReceivedEventHandler &&dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (const Aws::Http::DataSentEventHandler &dataSentEventHandler)
 
virtual void SetDataSentEventHandler (Aws::Http::DataSentEventHandler &&dataSentEventHandler)
 
virtual void SetContinueRequestHandler (const Aws::Http::ContinueRequestHandler &continueRequestHandler)
 
virtual void SetContinueRequestHandler (Aws::Http::ContinueRequestHandler &&continueRequestHandler)
 
virtual void SetRequestRetryHandler (const RequestRetryHandler &handler)
 
virtual void SetRequestRetryHandler (RequestRetryHandler &&handler)
 

Additional Inherited Members

Public Types inherited from Aws::CognitoIdentityProvider::CognitoIdentityProviderRequest

using EndpointParameter = Aws::Endpoint::EndpointParameter
 
using EndpointParameters = Aws::Endpoint::EndpointParameters
 

Public Types inherited from Aws::AmazonWebServiceRequest

typedef Aws::Vector< Aws::Endpoint::EndpointParameterEndpointParameters
 

Protected Member Functions inherited from Aws::AmazonWebServiceRequest

virtual void DumpBodyToUrl (Aws::Http::URI &uri) const
 

Protected Attributes inherited from Aws::AmazonWebServiceRequest

Aws::Http::HeaderValueCollection m_additionalCustomHeaders
 

Detailed Description

Initiates the authentication request.

See Also:

AWS API Reference

Definition at line 28 of file InitiateAuthRequest.h.

Constructor & Destructor Documentation

◆ InitiateAuthRequest()

AWS_COGNITOIDENTITYPROVIDER_API Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::InitiateAuthRequest ( )
default

Member Function Documentation

◆ AddAuthParameters()

template<typename AuthParametersKeyT = Aws::String, typename AuthParametersValueT = Aws::String>
InitiateAuthRequest & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::AddAuthParameters ( AuthParametersKeyT &&  key,
AuthParametersValueT &&  value 
)
inline

The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking.

The following are some authentication flows and their parameters. Add a SECRET_HASH parameter if your app client has a client secret. Add DEVICE_KEY if you want to bypass multi-factor authentication with a remembered device.

USER_AUTH

  • USERNAME (required)

  • PREFERRED_CHALLENGE. If you don't provide a value for PREFERRED_CHALLENGE, Amazon Cognito responds with the AvailableChallenges parameter that specifies the available sign-in methods.

USER_SRP_AUTH

  • USERNAME (required)

  • SRP_A (required)

USER_PASSWORD_AUTH

  • USERNAME (required)

  • PASSWORD (required)

REFRESH_TOKEN_AUTH/REFRESH_TOKEN

  • REFRESH_TOKEN(required)

CUSTOM_AUTH

  • USERNAME (required)

  • ChallengeName: SRP_A (when doing SRP authentication before custom challenges)

  • SRP_A: (An SRP_A value) (when doing SRP authentication before custom challenges)

For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.

Definition at line 119 of file InitiateAuthRequest.h.

◆ AddClientMetadata()

template<typename ClientMetadataKeyT = Aws::String, typename ClientMetadataValueT = Aws::String>
InitiateAuthRequest & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::AddClientMetadata ( ClientMetadataKeyT &&  key,
ClientMetadataValueT &&  value 
)
inline

A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.

You create custom workflows by assigning Lambda functions to user pool triggers. When you send an InitiateAuth request, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers.

  • Pre sign-up

  • Pre authentication

  • User migration

When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload as input to the function. This payload contains a validationData attribute with the data that you assigned to the ClientMetadata parameter in your InitiateAuth request. In your function, validationData can contribute to operations that require data that isn't in the default payload.

InitiateAuth requests invokes the following triggers without ClientMetadata as input.

  • Post authentication

  • Custom message

  • Pre token generation

  • Create auth challenge

  • Define auth challenge

  • Custom email sender

  • Custom SMS sender

For more information, see Using Lambda triggers in the Amazon Cognito Developer Guide.

When you use the ClientMetadata parameter, note that Amazon Cognito won't do the following:

  • Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.

  • Validate the ClientMetadata value.

  • Encrypt the ClientMetadata value. Don't send sensitive information in this parameter.

Definition at line 164 of file InitiateAuthRequest.h.

◆ AnalyticsMetadataHasBeenSet()

bool Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::AnalyticsMetadataHasBeenSet ( ) const
inline

Information that supports analytics outcomes with Amazon Pinpoint, including the user's endpoint ID. The endpoint ID is a destination for Amazon Pinpoint push notifications, for example a device identifier, email address, or phone number.

Definition at line 189 of file InitiateAuthRequest.h.

◆ AuthFlowHasBeenSet()

bool Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::AuthFlowHasBeenSet ( ) const
inline

The authentication flow that you want to initiate. Each AuthFlow has linked AuthParameters that you must submit. The following are some example flows.

USER_AUTH

The entry point for choice-based authentication with passwords, one-time passwords, and WebAuthn authenticators. Request a preferred authentication type or review available authentication types. From the offered authentication types, select one in a challenge response and then authenticate with that method in an additional challenge response. To activate this setting, your user pool must be in the Essentials tier or higher.

USER_SRP_AUTH

Username-password authentication with the Secure Remote Password (SRP) protocol. For more information, see Use SRP password verification in custom authentication flow.

REFRESH_TOKEN_AUTH and REFRESH_TOKEN

Receive new ID and access tokens when you pass a REFRESH_TOKEN parameter with a valid refresh token as the value. For more information, see Using the refresh token.

CUSTOM_AUTH

Custom authentication with Lambda triggers. For more information, see Custom authentication challenge Lambda triggers.

USER_PASSWORD_AUTH

Client-side username-password authentication with the password sent directly in the request. For more information about client-side and server-side authentication, see SDK authorization models.

ADMIN_USER_PASSWORD_AUTH is a flow type of AdminInitiateAuth and isn't valid for InitiateAuth. ADMIN_NO_SRP_AUTH is a legacy server-side username-password flow and isn't valid for InitiateAuth.

Definition at line 80 of file InitiateAuthRequest.h.

◆ AuthParametersHasBeenSet()

bool Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::AuthParametersHasBeenSet ( ) const
inline

The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking.

The following are some authentication flows and their parameters. Add a SECRET_HASH parameter if your app client has a client secret. Add DEVICE_KEY if you want to bypass multi-factor authentication with a remembered device.

USER_AUTH

  • USERNAME (required)

  • PREFERRED_CHALLENGE. If you don't provide a value for PREFERRED_CHALLENGE, Amazon Cognito responds with the AvailableChallenges parameter that specifies the available sign-in methods.

USER_SRP_AUTH

  • USERNAME (required)

  • SRP_A (required)

USER_PASSWORD_AUTH

  • USERNAME (required)

  • PASSWORD (required)

REFRESH_TOKEN_AUTH/REFRESH_TOKEN

  • REFRESH_TOKEN(required)

CUSTOM_AUTH

  • USERNAME (required)

  • ChallengeName: SRP_A (when doing SRP authentication before custom challenges)

  • SRP_A: (An SRP_A value) (when doing SRP authentication before custom challenges)

For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.

Definition at line 113 of file InitiateAuthRequest.h.

◆ ClientIdHasBeenSet()

bool Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::ClientIdHasBeenSet ( ) const
inline

The ID of the app client that your user wants to sign in to.

Definition at line 174 of file InitiateAuthRequest.h.

◆ ClientMetadataHasBeenSet()

bool Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::ClientMetadataHasBeenSet ( ) const
inline

A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.

You create custom workflows by assigning Lambda functions to user pool triggers. When you send an InitiateAuth request, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers.

  • Pre sign-up

  • Pre authentication

  • User migration

When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload as input to the function. This payload contains a validationData attribute with the data that you assigned to the ClientMetadata parameter in your InitiateAuth request. In your function, validationData can contribute to operations that require data that isn't in the default payload.

InitiateAuth requests invokes the following triggers without ClientMetadata as input.

  • Post authentication

  • Custom message

  • Pre token generation

  • Create auth challenge

  • Define auth challenge

  • Custom email sender

  • Custom SMS sender

For more information, see Using Lambda triggers in the Amazon Cognito Developer Guide.

When you use the ClientMetadata parameter, note that Amazon Cognito won't do the following:

  • Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.

  • Validate the ClientMetadata value.

  • Encrypt the ClientMetadata value. Don't send sensitive information in this parameter.

Definition at line 158 of file InitiateAuthRequest.h.

◆ GetAnalyticsMetadata()

const AnalyticsMetadataType & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::GetAnalyticsMetadata ( ) const
inline

Information that supports analytics outcomes with Amazon Pinpoint, including the user's endpoint ID. The endpoint ID is a destination for Amazon Pinpoint push notifications, for example a device identifier, email address, or phone number.

Definition at line 188 of file InitiateAuthRequest.h.

◆ GetAuthFlow()

AuthFlowType Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::GetAuthFlow ( ) const
inline

The authentication flow that you want to initiate. Each AuthFlow has linked AuthParameters that you must submit. The following are some example flows.

USER_AUTH

The entry point for choice-based authentication with passwords, one-time passwords, and WebAuthn authenticators. Request a preferred authentication type or review available authentication types. From the offered authentication types, select one in a challenge response and then authenticate with that method in an additional challenge response. To activate this setting, your user pool must be in the Essentials tier or higher.

USER_SRP_AUTH

Username-password authentication with the Secure Remote Password (SRP) protocol. For more information, see Use SRP password verification in custom authentication flow.

REFRESH_TOKEN_AUTH and REFRESH_TOKEN

Receive new ID and access tokens when you pass a REFRESH_TOKEN parameter with a valid refresh token as the value. For more information, see Using the refresh token.

CUSTOM_AUTH

Custom authentication with Lambda triggers. For more information, see Custom authentication challenge Lambda triggers.

USER_PASSWORD_AUTH

Client-side username-password authentication with the password sent directly in the request. For more information about client-side and server-side authentication, see SDK authorization models.

ADMIN_USER_PASSWORD_AUTH is a flow type of AdminInitiateAuth and isn't valid for InitiateAuth. ADMIN_NO_SRP_AUTH is a legacy server-side username-password flow and isn't valid for InitiateAuth.

Definition at line 79 of file InitiateAuthRequest.h.

◆ GetAuthParameters()

const Aws::Map< Aws::String, Aws::String > & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::GetAuthParameters ( ) const
inline

The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking.

The following are some authentication flows and their parameters. Add a SECRET_HASH parameter if your app client has a client secret. Add DEVICE_KEY if you want to bypass multi-factor authentication with a remembered device.

USER_AUTH

  • USERNAME (required)

  • PREFERRED_CHALLENGE. If you don't provide a value for PREFERRED_CHALLENGE, Amazon Cognito responds with the AvailableChallenges parameter that specifies the available sign-in methods.

USER_SRP_AUTH

  • USERNAME (required)

  • SRP_A (required)

USER_PASSWORD_AUTH

  • USERNAME (required)

  • PASSWORD (required)

REFRESH_TOKEN_AUTH/REFRESH_TOKEN

  • REFRESH_TOKEN(required)

CUSTOM_AUTH

  • USERNAME (required)

  • ChallengeName: SRP_A (when doing SRP authentication before custom challenges)

  • SRP_A: (An SRP_A value) (when doing SRP authentication before custom challenges)

For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.

Definition at line 112 of file InitiateAuthRequest.h.

◆ GetClientId()

const Aws::String & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::GetClientId ( ) const
inline

The ID of the app client that your user wants to sign in to.

Definition at line 173 of file InitiateAuthRequest.h.

◆ GetClientMetadata()

const Aws::Map< Aws::String, Aws::String > & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::GetClientMetadata ( ) const
inline

A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.

You create custom workflows by assigning Lambda functions to user pool triggers. When you send an InitiateAuth request, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers.

  • Pre sign-up

  • Pre authentication

  • User migration

When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload as input to the function. This payload contains a validationData attribute with the data that you assigned to the ClientMetadata parameter in your InitiateAuth request. In your function, validationData can contribute to operations that require data that isn't in the default payload.

InitiateAuth requests invokes the following triggers without ClientMetadata as input.

  • Post authentication

  • Custom message

  • Pre token generation

  • Create auth challenge

  • Define auth challenge

  • Custom email sender

  • Custom SMS sender

For more information, see Using Lambda triggers in the Amazon Cognito Developer Guide.

When you use the ClientMetadata parameter, note that Amazon Cognito won't do the following:

  • Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.

  • Validate the ClientMetadata value.

  • Encrypt the ClientMetadata value. Don't send sensitive information in this parameter.

Definition at line 157 of file InitiateAuthRequest.h.

◆ GetRequestSpecificHeaders()

AWS_COGNITOIDENTITYPROVIDER_API Aws::Http::HeaderValueCollection Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::GetRequestSpecificHeaders ( ) const
overridevirtual

Reimplemented from Aws::CognitoIdentityProvider::CognitoIdentityProviderRequest.

◆ GetServiceRequestName()

virtual const char * Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::GetServiceRequestName ( ) const
inlineoverridevirtual

Implements Aws::AmazonWebServiceRequest.

Definition at line 37 of file InitiateAuthRequest.h.

◆ GetSession()

const Aws::String & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::GetSession ( ) const
inline

The optional session ID from a ConfirmSignUp API request. You can sign in a user directly from the sign-up process with the USER_AUTH authentication flow. When you pass the session ID to InitiateAuth, Amazon Cognito assumes the SMS or email message one-time verification password from ConfirmSignUp as the primary authentication factor. You're not required to submit this code a second time. This option is only valid for users who have confirmed their sign-up and are signing in for the first time within the authentication flow session duration of the session ID.

Definition at line 225 of file InitiateAuthRequest.h.

◆ GetUserContextData()

const UserContextDataType & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::GetUserContextData ( ) const
inline

Contextual data about your user session like the device fingerprint, IP address, or location. Amazon Cognito threat protection evaluates the risk of an authentication event based on the context that your app generates and passes to Amazon Cognito when it makes API requests.

For more information, see Collecting data for threat protection in applications.

Definition at line 205 of file InitiateAuthRequest.h.

◆ SerializePayload()

AWS_COGNITOIDENTITYPROVIDER_API Aws::String Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::SerializePayload ( ) const
overridevirtual

Implements Aws::AmazonSerializableWebServiceRequest.

◆ SessionHasBeenSet()

bool Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::SessionHasBeenSet ( ) const
inline

The optional session ID from a ConfirmSignUp API request. You can sign in a user directly from the sign-up process with the USER_AUTH authentication flow. When you pass the session ID to InitiateAuth, Amazon Cognito assumes the SMS or email message one-time verification password from ConfirmSignUp as the primary authentication factor. You're not required to submit this code a second time. This option is only valid for users who have confirmed their sign-up and are signing in for the first time within the authentication flow session duration of the session ID.

Definition at line 226 of file InitiateAuthRequest.h.

◆ SetAnalyticsMetadata()

template<typename AnalyticsMetadataT = AnalyticsMetadataType>
void Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::SetAnalyticsMetadata ( AnalyticsMetadataT &&  value)
inline

Information that supports analytics outcomes with Amazon Pinpoint, including the user's endpoint ID. The endpoint ID is a destination for Amazon Pinpoint push notifications, for example a device identifier, email address, or phone number.

Definition at line 191 of file InitiateAuthRequest.h.

◆ SetAuthFlow()

void Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::SetAuthFlow ( AuthFlowType  value)
inline

The authentication flow that you want to initiate. Each AuthFlow has linked AuthParameters that you must submit. The following are some example flows.

USER_AUTH

The entry point for choice-based authentication with passwords, one-time passwords, and WebAuthn authenticators. Request a preferred authentication type or review available authentication types. From the offered authentication types, select one in a challenge response and then authenticate with that method in an additional challenge response. To activate this setting, your user pool must be in the Essentials tier or higher.

USER_SRP_AUTH

Username-password authentication with the Secure Remote Password (SRP) protocol. For more information, see Use SRP password verification in custom authentication flow.

REFRESH_TOKEN_AUTH and REFRESH_TOKEN

Receive new ID and access tokens when you pass a REFRESH_TOKEN parameter with a valid refresh token as the value. For more information, see Using the refresh token.

CUSTOM_AUTH

Custom authentication with Lambda triggers. For more information, see Custom authentication challenge Lambda triggers.

USER_PASSWORD_AUTH

Client-side username-password authentication with the password sent directly in the request. For more information about client-side and server-side authentication, see SDK authorization models.

ADMIN_USER_PASSWORD_AUTH is a flow type of AdminInitiateAuth and isn't valid for InitiateAuth. ADMIN_NO_SRP_AUTH is a legacy server-side username-password flow and isn't valid for InitiateAuth.

Definition at line 81 of file InitiateAuthRequest.h.

◆ SetAuthParameters()

template<typename AuthParametersT = Aws::Map<Aws::String, Aws::String>>
void Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::SetAuthParameters ( AuthParametersT &&  value)
inline

The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking.

The following are some authentication flows and their parameters. Add a SECRET_HASH parameter if your app client has a client secret. Add DEVICE_KEY if you want to bypass multi-factor authentication with a remembered device.

USER_AUTH

  • USERNAME (required)

  • PREFERRED_CHALLENGE. If you don't provide a value for PREFERRED_CHALLENGE, Amazon Cognito responds with the AvailableChallenges parameter that specifies the available sign-in methods.

USER_SRP_AUTH

  • USERNAME (required)

  • SRP_A (required)

USER_PASSWORD_AUTH

  • USERNAME (required)

  • PASSWORD (required)

REFRESH_TOKEN_AUTH/REFRESH_TOKEN

  • REFRESH_TOKEN(required)

CUSTOM_AUTH

  • USERNAME (required)

  • ChallengeName: SRP_A (when doing SRP authentication before custom challenges)

  • SRP_A: (An SRP_A value) (when doing SRP authentication before custom challenges)

For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.

Definition at line 115 of file InitiateAuthRequest.h.

◆ SetClientId()

template<typename ClientIdT = Aws::String>
void Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::SetClientId ( ClientIdT &&  value)
inline

The ID of the app client that your user wants to sign in to.

Definition at line 176 of file InitiateAuthRequest.h.

◆ SetClientMetadata()

template<typename ClientMetadataT = Aws::Map<Aws::String, Aws::String>>
void Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::SetClientMetadata ( ClientMetadataT &&  value)
inline

A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.

You create custom workflows by assigning Lambda functions to user pool triggers. When you send an InitiateAuth request, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers.

  • Pre sign-up

  • Pre authentication

  • User migration

When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload as input to the function. This payload contains a validationData attribute with the data that you assigned to the ClientMetadata parameter in your InitiateAuth request. In your function, validationData can contribute to operations that require data that isn't in the default payload.

InitiateAuth requests invokes the following triggers without ClientMetadata as input.

  • Post authentication

  • Custom message

  • Pre token generation

  • Create auth challenge

  • Define auth challenge

  • Custom email sender

  • Custom SMS sender

For more information, see Using Lambda triggers in the Amazon Cognito Developer Guide.

When you use the ClientMetadata parameter, note that Amazon Cognito won't do the following:

  • Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.

  • Validate the ClientMetadata value.

  • Encrypt the ClientMetadata value. Don't send sensitive information in this parameter.

Definition at line 160 of file InitiateAuthRequest.h.

◆ SetSession()

template<typename SessionT = Aws::String>
void Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::SetSession ( SessionT &&  value)
inline

The optional session ID from a ConfirmSignUp API request. You can sign in a user directly from the sign-up process with the USER_AUTH authentication flow. When you pass the session ID to InitiateAuth, Amazon Cognito assumes the SMS or email message one-time verification password from ConfirmSignUp as the primary authentication factor. You're not required to submit this code a second time. This option is only valid for users who have confirmed their sign-up and are signing in for the first time within the authentication flow session duration of the session ID.

Definition at line 228 of file InitiateAuthRequest.h.

◆ SetUserContextData()

template<typename UserContextDataT = UserContextDataType>
void Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::SetUserContextData ( UserContextDataT &&  value)
inline

Contextual data about your user session like the device fingerprint, IP address, or location. Amazon Cognito threat protection evaluates the risk of an authentication event based on the context that your app generates and passes to Amazon Cognito when it makes API requests.

For more information, see Collecting data for threat protection in applications.

Definition at line 208 of file InitiateAuthRequest.h.

◆ UserContextDataHasBeenSet()

bool Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::UserContextDataHasBeenSet ( ) const
inline

Contextual data about your user session like the device fingerprint, IP address, or location. Amazon Cognito threat protection evaluates the risk of an authentication event based on the context that your app generates and passes to Amazon Cognito when it makes API requests.

For more information, see Collecting data for threat protection in applications.

Definition at line 206 of file InitiateAuthRequest.h.

◆ WithAnalyticsMetadata()

template<typename AnalyticsMetadataT = AnalyticsMetadataType>
InitiateAuthRequest & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::WithAnalyticsMetadata ( AnalyticsMetadataT &&  value)
inline

Information that supports analytics outcomes with Amazon Pinpoint, including the user's endpoint ID. The endpoint ID is a destination for Amazon Pinpoint push notifications, for example a device identifier, email address, or phone number.

Definition at line 193 of file InitiateAuthRequest.h.

◆ WithAuthFlow()

InitiateAuthRequest & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::WithAuthFlow ( AuthFlowType  value)
inline

The authentication flow that you want to initiate. Each AuthFlow has linked AuthParameters that you must submit. The following are some example flows.

USER_AUTH

The entry point for choice-based authentication with passwords, one-time passwords, and WebAuthn authenticators. Request a preferred authentication type or review available authentication types. From the offered authentication types, select one in a challenge response and then authenticate with that method in an additional challenge response. To activate this setting, your user pool must be in the Essentials tier or higher.

USER_SRP_AUTH

Username-password authentication with the Secure Remote Password (SRP) protocol. For more information, see Use SRP password verification in custom authentication flow.

REFRESH_TOKEN_AUTH and REFRESH_TOKEN

Receive new ID and access tokens when you pass a REFRESH_TOKEN parameter with a valid refresh token as the value. For more information, see Using the refresh token.

CUSTOM_AUTH

Custom authentication with Lambda triggers. For more information, see Custom authentication challenge Lambda triggers.

USER_PASSWORD_AUTH

Client-side username-password authentication with the password sent directly in the request. For more information about client-side and server-side authentication, see SDK authorization models.

ADMIN_USER_PASSWORD_AUTH is a flow type of AdminInitiateAuth and isn't valid for InitiateAuth. ADMIN_NO_SRP_AUTH is a legacy server-side username-password flow and isn't valid for InitiateAuth.

Definition at line 82 of file InitiateAuthRequest.h.

◆ WithAuthParameters()

template<typename AuthParametersT = Aws::Map<Aws::String, Aws::String>>
InitiateAuthRequest & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::WithAuthParameters ( AuthParametersT &&  value)
inline

The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking.

The following are some authentication flows and their parameters. Add a SECRET_HASH parameter if your app client has a client secret. Add DEVICE_KEY if you want to bypass multi-factor authentication with a remembered device.

USER_AUTH

  • USERNAME (required)

  • PREFERRED_CHALLENGE. If you don't provide a value for PREFERRED_CHALLENGE, Amazon Cognito responds with the AvailableChallenges parameter that specifies the available sign-in methods.

USER_SRP_AUTH

  • USERNAME (required)

  • SRP_A (required)

USER_PASSWORD_AUTH

  • USERNAME (required)

  • PASSWORD (required)

REFRESH_TOKEN_AUTH/REFRESH_TOKEN

  • REFRESH_TOKEN(required)

CUSTOM_AUTH

  • USERNAME (required)

  • ChallengeName: SRP_A (when doing SRP authentication before custom challenges)

  • SRP_A: (An SRP_A value) (when doing SRP authentication before custom challenges)

For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.

Definition at line 117 of file InitiateAuthRequest.h.

◆ WithClientId()

template<typename ClientIdT = Aws::String>
InitiateAuthRequest & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::WithClientId ( ClientIdT &&  value)
inline

The ID of the app client that your user wants to sign in to.

Definition at line 178 of file InitiateAuthRequest.h.

◆ WithClientMetadata()

template<typename ClientMetadataT = Aws::Map<Aws::String, Aws::String>>
InitiateAuthRequest & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::WithClientMetadata ( ClientMetadataT &&  value)
inline

A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.

You create custom workflows by assigning Lambda functions to user pool triggers. When you send an InitiateAuth request, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers.

  • Pre sign-up

  • Pre authentication

  • User migration

When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload as input to the function. This payload contains a validationData attribute with the data that you assigned to the ClientMetadata parameter in your InitiateAuth request. In your function, validationData can contribute to operations that require data that isn't in the default payload.

InitiateAuth requests invokes the following triggers without ClientMetadata as input.

  • Post authentication

  • Custom message

  • Pre token generation

  • Create auth challenge

  • Define auth challenge

  • Custom email sender

  • Custom SMS sender

For more information, see Using Lambda triggers in the Amazon Cognito Developer Guide.

When you use the ClientMetadata parameter, note that Amazon Cognito won't do the following:

  • Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.

  • Validate the ClientMetadata value.

  • Encrypt the ClientMetadata value. Don't send sensitive information in this parameter.

Definition at line 162 of file InitiateAuthRequest.h.

◆ WithSession()

template<typename SessionT = Aws::String>
InitiateAuthRequest & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::WithSession ( SessionT &&  value)
inline

The optional session ID from a ConfirmSignUp API request. You can sign in a user directly from the sign-up process with the USER_AUTH authentication flow. When you pass the session ID to InitiateAuth, Amazon Cognito assumes the SMS or email message one-time verification password from ConfirmSignUp as the primary authentication factor. You're not required to submit this code a second time. This option is only valid for users who have confirmed their sign-up and are signing in for the first time within the authentication flow session duration of the session ID.

Definition at line 230 of file InitiateAuthRequest.h.

◆ WithUserContextData()

template<typename UserContextDataT = UserContextDataType>
InitiateAuthRequest & Aws::CognitoIdentityProvider::Model::InitiateAuthRequest::WithUserContextData ( UserContextDataT &&  value)
inline

Contextual data about your user session like the device fingerprint, IP address, or location. Amazon Cognito threat protection evaluates the risk of an authentication event based on the context that your app generates and passes to Amazon Cognito when it makes API requests.

For more information, see Collecting data for threat protection in applications.

Definition at line 210 of file InitiateAuthRequest.h.

The documentation for this class was generated from the following file:
Generated by doxygen 1.9.8
Privacy | Site terms | Cookie preferences