AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Implementation for accessing CognitoIdentityProvider
With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To authenticate users from third-party identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the authentication and authorization of federated users at Adding user pool sign-in through a third party and in the User pool federation endpoints and hosted UI reference.This API reference provides detailed information about API operations and object types in Amazon Cognito.
Along with resource management operations, the Amazon Cognito user pools API includes classes of operations and authorization models for client-side and server-side authentication of users. You can interact with operations in the Amazon Cognito user pools API as any of the following subjects.
An administrator who wants to configure user pools, app clients, users, groups, or other user pool functions.
A server-side app, like a web application, that wants to use its Amazon Web Services privileges to manage, authenticate, or authorize a user.
A client-side app, like a mobile app, that wants to make unauthenticated requests to manage, authenticate, or authorize a user.
For more information, see Using the Amazon Cognito user pools API and user pool endpoints in the Amazon Cognito Developer Guide.
With your Amazon Web Services SDK, you can build the logic to support operational
flows in every use case for this API. You can also make direct REST API requests to
Amazon
Cognito user pools service endpoints. The following links can get you started
with the CognitoIdentityProvider
client in other supported Amazon Web Services
SDKs.
To get started with an Amazon Web Services SDK, see Tools to Build on Amazon Web Services. For example actions and scenarios, see Code examples for Amazon Cognito Identity Provider using Amazon Web Services SDKs.
Namespace: Amazon.CognitoIdentityProvider
Assembly: AWSSDK.CognitoIdentityProvider.dll
Version: 3.x.y.z
public class AmazonCognitoIdentityProviderClient : AmazonServiceClient IAmazonCognitoIdentityProvider, IAmazonService, IDisposable
The AmazonCognitoIdentityProviderClient type exposes the following members
Name | Description | |
---|---|---|
AmazonCognitoIdentityProviderClient() |
Constructs AmazonCognitoIdentityProviderClient with the credentials loaded from the application's default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance. Example App.config with credentials set. <?xml version="1.0" encoding="utf-8" ?> <configuration> <appSettings> <add key="AWSProfileName" value="AWS Default"/> </appSettings> </configuration> |
|
AmazonCognitoIdentityProviderClient(RegionEndpoint) |
Constructs AmazonCognitoIdentityProviderClient with the credentials loaded from the application's default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance. Example App.config with credentials set. <?xml version="1.0" encoding="utf-8" ?> <configuration> <appSettings> <add key="AWSProfileName" value="AWS Default"/> </appSettings> </configuration> |
|
AmazonCognitoIdentityProviderClient(AmazonCognitoIdentityProviderConfig) |
Constructs AmazonCognitoIdentityProviderClient with the credentials loaded from the application's default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance. Example App.config with credentials set. <?xml version="1.0" encoding="utf-8" ?> <configuration> <appSettings> <add key="AWSProfileName" value="AWS Default"/> </appSettings> </configuration> |
|
AmazonCognitoIdentityProviderClient(AWSCredentials) |
Constructs AmazonCognitoIdentityProviderClient with AWS Credentials |
|
AmazonCognitoIdentityProviderClient(AWSCredentials, RegionEndpoint) |
Constructs AmazonCognitoIdentityProviderClient with AWS Credentials |
|
AmazonCognitoIdentityProviderClient(AWSCredentials, AmazonCognitoIdentityProviderConfig) |
Constructs AmazonCognitoIdentityProviderClient with AWS Credentials and an AmazonCognitoIdentityProviderClient Configuration object. |
|
AmazonCognitoIdentityProviderClient(string, string) |
Constructs AmazonCognitoIdentityProviderClient with AWS Access Key ID and AWS Secret Key |
|
AmazonCognitoIdentityProviderClient(string, string, RegionEndpoint) |
Constructs AmazonCognitoIdentityProviderClient with AWS Access Key ID and AWS Secret Key |
|
AmazonCognitoIdentityProviderClient(string, string, AmazonCognitoIdentityProviderConfig) |
Constructs AmazonCognitoIdentityProviderClient with AWS Access Key ID, AWS Secret Key and an AmazonCognitoIdentityProviderClient Configuration object. |
|
AmazonCognitoIdentityProviderClient(string, string, string) |
Constructs AmazonCognitoIdentityProviderClient with AWS Access Key ID and AWS Secret Key |
|
AmazonCognitoIdentityProviderClient(string, string, string, RegionEndpoint) |
Constructs AmazonCognitoIdentityProviderClient with AWS Access Key ID and AWS Secret Key |
|
AmazonCognitoIdentityProviderClient(string, string, string, AmazonCognitoIdentityProviderConfig) |
Constructs AmazonCognitoIdentityProviderClient with AWS Access Key ID, AWS Secret Key and an AmazonCognitoIdentityProviderClient Configuration object. |
Name | Type | Description | |
---|---|---|---|
Config | Amazon.Runtime.IClientConfig | Inherited from Amazon.Runtime.AmazonServiceClient. | |
Paginators | Amazon.CognitoIdentityProvider.Model.ICognitoIdentityProviderPaginatorFactory |
Paginators for the service |
Name | Description | |
---|---|---|
AddCustomAttributes(AddCustomAttributesRequest) |
Adds additional user attributes to the user pool schema.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AddCustomAttributesAsync(AddCustomAttributesRequest, CancellationToken) |
Adds additional user attributes to the user pool schema.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminAddUserToGroup(AdminAddUserToGroupRequest) |
Adds a user to a group. A user who is in a group can present a preferred-role claim
to an identity pool, and populates a
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminAddUserToGroupAsync(AdminAddUserToGroupRequest, CancellationToken) |
Adds a user to a group. A user who is in a group can present a preferred-role claim
to an identity pool, and populates a
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminConfirmSignUp(AdminConfirmSignUpRequest) |
This IAM-authenticated API operation confirms user sign-up as an administrator. Unlike ConfirmSignUp, your IAM credentials authorize user account confirmation. No confirmation code is required. This request sets a user account active in a user pool that requires confirmation of new user accounts before they can sign in. You can configure your user pool to not send confirmation codes to new users and instead confirm them with this API operation on the back end. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminConfirmSignUpAsync(AdminConfirmSignUpRequest, CancellationToken) |
This IAM-authenticated API operation confirms user sign-up as an administrator. Unlike ConfirmSignUp, your IAM credentials authorize user account confirmation. No confirmation code is required. This request sets a user account active in a user pool that requires confirmation of new user accounts before they can sign in. You can configure your user pool to not send confirmation codes to new users and instead confirm them with this API operation on the back end. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminCreateUser(AdminCreateUserRequest) |
Creates a new user in the specified user pool.
If This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.
Alternatively, you can call
In either case, the user will be in the Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminCreateUserAsync(AdminCreateUserRequest, CancellationToken) |
Creates a new user in the specified user pool.
If This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.
Alternatively, you can call
In either case, the user will be in the Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminDeleteUser(AdminDeleteUserRequest) |
Deletes a user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminDeleteUserAsync(AdminDeleteUserRequest, CancellationToken) |
Deletes a user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminDeleteUserAttributes(AdminDeleteUserAttributesRequest) |
Deletes the user attributes in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminDeleteUserAttributesAsync(AdminDeleteUserAttributesRequest, CancellationToken) |
Deletes the user attributes in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminDisableProviderForUser(AdminDisableProviderForUserRequest) |
Prevents the user from signing in with the specified external (SAML or social) identity
provider (IdP). If the user that you want to deactivate is a Amazon Cognito user pools
native username + password user, they can't use their password to sign in. If the
user to deactivate is a linked external IdP user, any link between that user and an
existing user is removed. When the external user signs in again, and the user is no
longer attached to the previously linked
The
To deactivate a native username + password user, the
The
For de-linking a SAML identity, there are two scenarios. If the linked identity has
not yet been used to sign in, the Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminDisableProviderForUserAsync(AdminDisableProviderForUserRequest, CancellationToken) |
Prevents the user from signing in with the specified external (SAML or social) identity
provider (IdP). If the user that you want to deactivate is a Amazon Cognito user pools
native username + password user, they can't use their password to sign in. If the
user to deactivate is a linked external IdP user, any link between that user and an
existing user is removed. When the external user signs in again, and the user is no
longer attached to the previously linked
The
To deactivate a native username + password user, the
The
For de-linking a SAML identity, there are two scenarios. If the linked identity has
not yet been used to sign in, the Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminDisableUser(AdminDisableUserRequest) |
Deactivates a user and revokes all access tokens for the user. A deactivated user
can't sign in, but still appears in the responses to
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminDisableUserAsync(AdminDisableUserRequest, CancellationToken) |
Deactivates a user and revokes all access tokens for the user. A deactivated user
can't sign in, but still appears in the responses to
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminEnableUser(AdminEnableUserRequest) |
Enables the specified user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminEnableUserAsync(AdminEnableUserRequest, CancellationToken) |
Enables the specified user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminForgetDevice(AdminForgetDeviceRequest) |
Forgets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminForgetDeviceAsync(AdminForgetDeviceRequest, CancellationToken) |
Forgets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminGetDevice(AdminGetDeviceRequest) |
Gets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminGetDeviceAsync(AdminGetDeviceRequest, CancellationToken) |
Gets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminGetUser(AdminGetUserRequest) |
Gets the specified user by user name in a user pool as an administrator. Works on
any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminGetUserAsync(AdminGetUserRequest, CancellationToken) |
Gets the specified user by user name in a user pool as an administrator. Works on
any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminInitiateAuth(AdminInitiateAuthRequest) |
Initiates the authentication flow, as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminInitiateAuthAsync(AdminInitiateAuthRequest, CancellationToken) |
Initiates the authentication flow, as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminLinkProviderForUser(AdminLinkProviderForUserRequest) |
Links an existing user account in a user pool ( For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account. The maximum number of federated identities linked to a user is five. Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminLinkProviderForUserAsync(AdminLinkProviderForUserRequest, CancellationToken) |
Links an existing user account in a user pool ( For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account. The maximum number of federated identities linked to a user is five. Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminListDevices(AdminListDevicesRequest) |
Lists devices, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminListDevicesAsync(AdminListDevicesRequest, CancellationToken) |
Lists devices, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminListGroupsForUser(AdminListGroupsForUserRequest) |
Lists the groups that a user belongs to.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminListGroupsForUserAsync(AdminListGroupsForUserRequest, CancellationToken) |
Lists the groups that a user belongs to.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminListUserAuthEvents(AdminListUserAuthEventsRequest) |
A history of user activity and any risks detected as part of Amazon Cognito advanced
security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminListUserAuthEventsAsync(AdminListUserAuthEventsRequest, CancellationToken) |
A history of user activity and any risks detected as part of Amazon Cognito advanced
security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminRemoveUserFromGroup(AdminRemoveUserFromGroupRequest) |
Removes the specified user from the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminRemoveUserFromGroupAsync(AdminRemoveUserFromGroupRequest, CancellationToken) |
Removes the specified user from the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminResetUserPassword(AdminResetUserPasswordRequest) |
Resets the specified user's password in a user pool as an administrator. Works on any user. To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Deactivates a user's password, requiring them to change it. If a user tries to sign
in after the API is called, Amazon Cognito responds with a Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminResetUserPasswordAsync(AdminResetUserPasswordRequest, CancellationToken) |
Resets the specified user's password in a user pool as an administrator. Works on any user. To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Deactivates a user's password, requiring them to change it. If a user tries to sign
in after the API is called, Amazon Cognito responds with a Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminRespondToAuthChallenge(AdminRespondToAuthChallengeRequest) |
Some API operations in a user pool generate a challenge, like a prompt for an MFA
code, for device authentication that bypasses MFA, or for a custom authentication
challenge. An For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminRespondToAuthChallengeAsync(AdminRespondToAuthChallengeRequest, CancellationToken) |
Some API operations in a user pool generate a challenge, like a prompt for an MFA
code, for device authentication that bypasses MFA, or for a custom authentication
challenge. An For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminSetUserMFAPreference(AdminSetUserMFAPreferenceRequest) |
Sets the user's multi-factor authentication (MFA) preference, including which MFA
options are activated, and if any are preferred. Only one factor can be set as preferred.
The preferred MFA factor will be used to authenticate a user if multiple factors are
activated. If multiple options are activated and no preference is set, a challenge
to choose an MFA option will be returned during sign-in.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminSetUserMFAPreferenceAsync(AdminSetUserMFAPreferenceRequest, CancellationToken) |
Sets the user's multi-factor authentication (MFA) preference, including which MFA
options are activated, and if any are preferred. Only one factor can be set as preferred.
The preferred MFA factor will be used to authenticate a user if multiple factors are
activated. If multiple options are activated and no preference is set, a challenge
to choose an MFA option will be returned during sign-in.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminSetUserPassword(AdminSetUserPasswordRequest) |
Sets the specified user's password in a user pool as an administrator. Works on any user.
The password can be temporary or permanent. If it is temporary, the user status enters
the
Once the user has set a new password, or the password is permanent, the user status
is set to
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminSetUserPasswordAsync(AdminSetUserPasswordRequest, CancellationToken) |
Sets the specified user's password in a user pool as an administrator. Works on any user.
The password can be temporary or permanent. If it is temporary, the user status enters
the
Once the user has set a new password, or the password is permanent, the user status
is set to
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminSetUserSettings(AdminSetUserSettingsRequest) |
This action is no longer supported. You can use it to configure only SMS MFA.
You can't use it to configure time-based one-time password (TOTP) software token MFA.
To configure either type of MFA, use AdminSetUserMFAPreference
instead.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminSetUserSettingsAsync(AdminSetUserSettingsRequest, CancellationToken) |
This action is no longer supported. You can use it to configure only SMS MFA.
You can't use it to configure time-based one-time password (TOTP) software token MFA.
To configure either type of MFA, use AdminSetUserMFAPreference
instead.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminUpdateAuthEventFeedback(AdminUpdateAuthEventFeedbackRequest) |
Provides feedback for an authentication event indicating if it was from a valid user.
This feedback is used for improving the risk evaluation decision for the user pool
as part of Amazon Cognito advanced security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminUpdateAuthEventFeedbackAsync(AdminUpdateAuthEventFeedbackRequest, CancellationToken) |
Provides feedback for an authentication event indicating if it was from a valid user.
This feedback is used for improving the risk evaluation decision for the user pool
as part of Amazon Cognito advanced security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminUpdateDeviceStatus(AdminUpdateDeviceStatusRequest) |
Updates the device status as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminUpdateDeviceStatusAsync(AdminUpdateDeviceStatusRequest, CancellationToken) |
Updates the device status as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
AdminUpdateUserAttributes(AdminUpdateUserAttributesRequest) |
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.
For custom attributes, you must prepend the In addition to updating user attributes, this API can also be used to mark phone and email as verified. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminUpdateUserAttributesAsync(AdminUpdateUserAttributesRequest, CancellationToken) |
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.
For custom attributes, you must prepend the In addition to updating user attributes, this API can also be used to mark phone and email as verified. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminUserGlobalSignOut(AdminUserGlobalSignOutRequest) |
Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.
Other requests might be valid until your user's token expires. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AdminUserGlobalSignOutAsync(AdminUserGlobalSignOutRequest, CancellationToken) |
Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.
Other requests might be valid until your user's token expires. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
AssociateSoftwareToken(AssociateSoftwareTokenRequest) |
Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA)
for a user, with a unique private key that Amazon Cognito generates and returns in
the API response. You can authorize an
Amazon Cognito disassociates an existing software token when you verify the new token
in a
VerifySoftwareToken API request. If you don't verify the software token and your
user pool doesn't require MFA, the user can then authenticate with user name and password
credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an
After you set up software token MFA for your user, Amazon Cognito generates a
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
|
|
AssociateSoftwareTokenAsync(AssociateSoftwareTokenRequest, CancellationToken) |
Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA)
for a user, with a unique private key that Amazon Cognito generates and returns in
the API response. You can authorize an
Amazon Cognito disassociates an existing software token when you verify the new token
in a
VerifySoftwareToken API request. If you don't verify the software token and your
user pool doesn't require MFA, the user can then authenticate with user name and password
credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an
After you set up software token MFA for your user, Amazon Cognito generates a
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
|
|
ChangePassword(ChangePasswordRequest) |
Changes the password for a specified user in a user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
ChangePasswordAsync(ChangePasswordRequest, CancellationToken) |
Changes the password for a specified user in a user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
ConfirmDevice(ConfirmDeviceRequest) |
Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
ConfirmDeviceAsync(ConfirmDeviceRequest, CancellationToken) |
Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
ConfirmForgotPassword(ConfirmForgotPasswordRequest) |
Allows a user to enter a confirmation code to reset a forgotten password.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
|
|
ConfirmForgotPasswordAsync(ConfirmForgotPasswordRequest, CancellationToken) |
Allows a user to enter a confirmation code to reset a forgotten password.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
|
|
ConfirmSignUp(ConfirmSignUpRequest) |
This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message. Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password. Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
ConfirmSignUpAsync(ConfirmSignUpRequest, CancellationToken) |
This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message. Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password. Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
CreateGroup(CreateGroupRequest) |
Creates a new group in the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
CreateGroupAsync(CreateGroupRequest, CancellationToken) |
Creates a new group in the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
CreateIdentityProvider(CreateIdentityProviderRequest) |
Adds a configuration and trust relationship between a third-party identity provider
(IdP) and a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
CreateIdentityProviderAsync(CreateIdentityProviderRequest, CancellationToken) |
Adds a configuration and trust relationship between a third-party identity provider
(IdP) and a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
CreateResourceServer(CreateResourceServerRequest) |
Creates a new OAuth2.0 resource server and defines custom scopes within it.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
CreateResourceServerAsync(CreateResourceServerRequest, CancellationToken) |
Creates a new OAuth2.0 resource server and defines custom scopes within it.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
CreateUserImportJob(CreateUserImportJobRequest) |
Creates a user import job.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
CreateUserImportJobAsync(CreateUserImportJobRequest, CancellationToken) |
Creates a user import job.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
CreateUserPool(CreateUserPoolRequest) |
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
Creates a new Amazon Cognito user pool and sets the password policy for the pool. If you don't provide a value for an attribute, Amazon Cognito sets it to its default value. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
CreateUserPoolAsync(CreateUserPoolRequest, CancellationToken) |
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
Creates a new Amazon Cognito user pool and sets the password policy for the pool. If you don't provide a value for an attribute, Amazon Cognito sets it to its default value. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
CreateUserPoolClient(CreateUserPoolClientRequest) |
Creates the user pool client. When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, see RevokeToken. If you don't provide a value for an attribute, Amazon Cognito sets it to its default value. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
CreateUserPoolClientAsync(CreateUserPoolClientRequest, CancellationToken) |
Creates the user pool client. When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, see RevokeToken. If you don't provide a value for an attribute, Amazon Cognito sets it to its default value. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
CreateUserPoolDomain(CreateUserPoolDomainRequest) |
Creates a new domain for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
CreateUserPoolDomainAsync(CreateUserPoolDomainRequest, CancellationToken) |
Creates a new domain for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
DeleteGroup(DeleteGroupRequest) |
Deletes a group. Calling this action requires developer credentials. |
|
DeleteGroupAsync(DeleteGroupRequest, CancellationToken) |
Deletes a group. Calling this action requires developer credentials. |
|
DeleteIdentityProvider(DeleteIdentityProviderRequest) |
Deletes an IdP for a user pool. |
|
DeleteIdentityProviderAsync(DeleteIdentityProviderRequest, CancellationToken) |
Deletes an IdP for a user pool. |
|
DeleteResourceServer(DeleteResourceServerRequest) |
Deletes a resource server. |
|
DeleteResourceServerAsync(DeleteResourceServerRequest, CancellationToken) |
Deletes a resource server. |
|
DeleteUser(DeleteUserRequest) |
Allows a user to delete their own user profile.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
DeleteUserAsync(DeleteUserRequest, CancellationToken) |
Allows a user to delete their own user profile.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
DeleteUserAttributes(DeleteUserAttributesRequest) |
Deletes the attributes for a user.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
DeleteUserAttributesAsync(DeleteUserAttributesRequest, CancellationToken) |
Deletes the attributes for a user.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
DeleteUserPool(DeleteUserPoolRequest) |
Deletes the specified Amazon Cognito user pool. |
|
DeleteUserPoolAsync(DeleteUserPoolRequest, CancellationToken) |
Deletes the specified Amazon Cognito user pool. |
|
DeleteUserPoolClient(DeleteUserPoolClientRequest) |
Allows the developer to delete the user pool client. |
|
DeleteUserPoolClientAsync(DeleteUserPoolClientRequest, CancellationToken) |
Allows the developer to delete the user pool client. |
|
DeleteUserPoolDomain(DeleteUserPoolDomainRequest) |
Deletes a domain for a user pool. |
|
DeleteUserPoolDomainAsync(DeleteUserPoolDomainRequest, CancellationToken) |
Deletes a domain for a user pool. |
|
DescribeIdentityProvider(DescribeIdentityProviderRequest) |
Gets information about a specific IdP. |
|
DescribeIdentityProviderAsync(DescribeIdentityProviderRequest, CancellationToken) |
Gets information about a specific IdP. |
|
DescribeResourceServer(DescribeResourceServerRequest) |
Describes a resource server. |
|
DescribeResourceServerAsync(DescribeResourceServerRequest, CancellationToken) |
Describes a resource server. |
|
DescribeRiskConfiguration(DescribeRiskConfigurationRequest) |
Describes the risk configuration. |
|
DescribeRiskConfigurationAsync(DescribeRiskConfigurationRequest, CancellationToken) |
Describes the risk configuration. |
|
DescribeUserImportJob(DescribeUserImportJobRequest) |
Describes the user import job. |
|
DescribeUserImportJobAsync(DescribeUserImportJobRequest, CancellationToken) |
Describes the user import job. |
|
DescribeUserPool(DescribeUserPoolRequest) |
Returns the configuration information and metadata of the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
DescribeUserPoolAsync(DescribeUserPoolRequest, CancellationToken) |
Returns the configuration information and metadata of the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
DescribeUserPoolClient(DescribeUserPoolClientRequest) |
Client method for returning the configuration information and metadata of the specified
user pool app client.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
DescribeUserPoolClientAsync(DescribeUserPoolClientRequest, CancellationToken) |
Client method for returning the configuration information and metadata of the specified
user pool app client.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
DescribeUserPoolDomain(DescribeUserPoolDomainRequest) |
Gets information about a domain. |
|
DescribeUserPoolDomainAsync(DescribeUserPoolDomainRequest, CancellationToken) |
Gets information about a domain. |
|
DetermineServiceOperationEndpoint(AmazonWebServiceRequest) |
Returns the endpoint that will be used for a particular request. |
|
Dispose() | Inherited from Amazon.Runtime.AmazonServiceClient. | |
ForgetDevice(ForgetDeviceRequest) |
Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
ForgetDeviceAsync(ForgetDeviceRequest, CancellationToken) |
Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
ForgotPassword(ForgotPasswordRequest) |
Calling this API causes a message to be sent to the end user with a confirmation code
that is required to change the user's password. For the
If neither a verified phone number nor a verified email exists, this API returns To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator. Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. |
|
ForgotPasswordAsync(ForgotPasswordRequest, CancellationToken) |
Calling this API causes a message to be sent to the end user with a confirmation code
that is required to change the user's password. For the
If neither a verified phone number nor a verified email exists, this API returns To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator. Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. |
|
GetCSVHeader(GetCSVHeaderRequest) |
Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job. |
|
GetCSVHeaderAsync(GetCSVHeaderRequest, CancellationToken) |
Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job. |
|
GetDevice(GetDeviceRequest) |
Gets the device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
GetDeviceAsync(GetDeviceRequest, CancellationToken) |
Gets the device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
GetGroup(GetGroupRequest) |
Gets a group. Calling this action requires developer credentials. |
|
GetGroupAsync(GetGroupRequest, CancellationToken) |
Gets a group. Calling this action requires developer credentials. |
|
GetIdentityProviderByIdentifier(GetIdentityProviderByIdentifierRequest) |
Gets the specified IdP. |
|
GetIdentityProviderByIdentifierAsync(GetIdentityProviderByIdentifierRequest, CancellationToken) |
Gets the specified IdP. |
|
GetLogDeliveryConfiguration(GetLogDeliveryConfigurationRequest) |
Gets the logging configuration of a user pool. |
|
GetLogDeliveryConfigurationAsync(GetLogDeliveryConfigurationRequest, CancellationToken) |
Gets the logging configuration of a user pool. |
|
GetSigningCertificate(GetSigningCertificateRequest) |
This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.
Amazon Cognito issues and assigns a new signing certificate annually. This process
returns a new value in the response to |
|
GetSigningCertificateAsync(GetSigningCertificateRequest, CancellationToken) |
This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.
Amazon Cognito issues and assigns a new signing certificate annually. This process
returns a new value in the response to |
|
GetUICustomization(GetUICustomizationRequest) |
Gets the user interface (UI) Customization information for a particular app client's
app UI, if any such information exists for the client. If nothing is set for the particular
client, but there is an existing pool level customization (the app |
|
GetUICustomizationAsync(GetUICustomizationRequest, CancellationToken) |
Gets the user interface (UI) Customization information for a particular app client's
app UI, if any such information exists for the client. If nothing is set for the particular
client, but there is an existing pool level customization (the app |
|
GetUser(GetUserRequest) |
Gets the user attributes and metadata for a user.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
GetUserAsync(GetUserRequest, CancellationToken) |
Gets the user attributes and metadata for a user.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
GetUserAttributeVerificationCode(GetUserAttributeVerificationCodeRequest) |
Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. |
|
GetUserAttributeVerificationCodeAsync(GetUserAttributeVerificationCodeRequest, CancellationToken) |
Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. |
|
GetUserPoolMfaConfig(GetUserPoolMfaConfigRequest) |
Gets the user pool multi-factor authentication (MFA) configuration. |
|
GetUserPoolMfaConfigAsync(GetUserPoolMfaConfigRequest, CancellationToken) |
Gets the user pool multi-factor authentication (MFA) configuration. |
|
GlobalSignOut(GlobalSignOutRequest) |
Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.
Other requests might be valid until your user's token expires.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
GlobalSignOutAsync(GlobalSignOutRequest, CancellationToken) |
Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.
Other requests might be valid until your user's token expires.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
InitiateAuth(InitiateAuthRequest) |
Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign
in a user with a federated IdP with
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
|
|
InitiateAuthAsync(InitiateAuthRequest, CancellationToken) |
Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign
in a user with a federated IdP with
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
|
|
ListDevices(ListDevicesRequest) |
Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
ListDevicesAsync(ListDevicesRequest, CancellationToken) |
Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
ListGroups(ListGroupsRequest) |
Lists the groups associated with a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListGroupsAsync(ListGroupsRequest, CancellationToken) |
Lists the groups associated with a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListIdentityProviders(ListIdentityProvidersRequest) |
Lists information about all IdPs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListIdentityProvidersAsync(ListIdentityProvidersRequest, CancellationToken) |
Lists information about all IdPs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListResourceServers(ListResourceServersRequest) |
Lists the resource servers for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListResourceServersAsync(ListResourceServersRequest, CancellationToken) |
Lists the resource servers for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListTagsForResource(ListTagsForResourceRequest) |
Lists the tags that are assigned to an Amazon Cognito user pool. A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria. You can use this action up to 10 times per second, per account. |
|
ListTagsForResourceAsync(ListTagsForResourceRequest, CancellationToken) |
Lists the tags that are assigned to an Amazon Cognito user pool. A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria. You can use this action up to 10 times per second, per account. |
|
ListUserImportJobs(ListUserImportJobsRequest) |
Lists user import jobs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListUserImportJobsAsync(ListUserImportJobsRequest, CancellationToken) |
Lists user import jobs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListUserPoolClients(ListUserPoolClientsRequest) |
Lists the clients that have been created for the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListUserPoolClientsAsync(ListUserPoolClientsRequest, CancellationToken) |
Lists the clients that have been created for the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListUserPools(ListUserPoolsRequest) |
Lists the user pools associated with an Amazon Web Services account.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListUserPoolsAsync(ListUserPoolsRequest, CancellationToken) |
Lists the user pools associated with an Amazon Web Services account.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListUsers(ListUsersRequest) |
Lists users and their basic details in a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListUsersAsync(ListUsersRequest, CancellationToken) |
Lists users and their basic details in a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListUsersInGroup(ListUsersInGroupRequest) |
Lists the users in the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ListUsersInGroupAsync(ListUsersInGroupRequest, CancellationToken) |
Lists the users in the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
ResendConfirmationCode(ResendConfirmationCodeRequest) |
Resends the confirmation (for confirmation of registration) to a specific user in
the user pool.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
|
|
ResendConfirmationCodeAsync(ResendConfirmationCodeRequest, CancellationToken) |
Resends the confirmation (for confirmation of registration) to a specific user in
the user pool.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
|
|
RespondToAuthChallenge(RespondToAuthChallengeRequest) |
Some API operations in a user pool generate a challenge, like a prompt for an MFA
code, for device authentication that bypasses MFA, or for a custom authentication
challenge. A For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers. Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. |
|
RespondToAuthChallengeAsync(RespondToAuthChallengeRequest, CancellationToken) |
Some API operations in a user pool generate a challenge, like a prompt for an MFA
code, for device authentication that bypasses MFA, or for a custom authentication
challenge. A For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers. Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. |
|
RevokeToken(RevokeTokenRequest) |
Revokes all of the access tokens generated by, and at the same time as, the specified
refresh token. After a token is revoked, you can't use the revoked token to access
Amazon Cognito user APIs, or to authorize access to your resource server.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
|
|
RevokeTokenAsync(RevokeTokenRequest, CancellationToken) |
Revokes all of the access tokens generated by, and at the same time as, the specified
refresh token. After a token is revoked, you can't use the revoked token to access
Amazon Cognito user APIs, or to authorize access to your resource server.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
|
|
SetLogDeliveryConfiguration(SetLogDeliveryConfigurationRequest) |
Sets up or modifies the logging configuration of a user pool. User pools can export user notification logs and advanced security features user activity logs. |
|
SetLogDeliveryConfigurationAsync(SetLogDeliveryConfigurationRequest, CancellationToken) |
Sets up or modifies the logging configuration of a user pool. User pools can export user notification logs and advanced security features user activity logs. |
|
SetRiskConfiguration(SetRiskConfigurationRequest) |
Configures actions on detected risks. To delete the risk configuration for
To activate Amazon Cognito advanced security features, update the user pool to include
the |
|
SetRiskConfigurationAsync(SetRiskConfigurationRequest, CancellationToken) |
Configures actions on detected risks. To delete the risk configuration for
To activate Amazon Cognito advanced security features, update the user pool to include
the |
|
SetUICustomization(SetUICustomizationRequest) |
Sets the user interface (UI) customization information for a user pool's built-in app UI.
You can specify app UI customization settings for a single client (with a specific
To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error. |
|
SetUICustomizationAsync(SetUICustomizationRequest, CancellationToken) |
Sets the user interface (UI) customization information for a user pool's built-in app UI.
You can specify app UI customization settings for a single client (with a specific
To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error. |
|
SetUserMFAPreference(SetUserMFAPreferenceRequest) |
Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
SetUserMFAPreferenceAsync(SetUserMFAPreferenceRequest, CancellationToken) |
Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
SetUserPoolMfaConfig(SetUserPoolMfaConfigRequest) |
Sets the user pool multi-factor authentication (MFA) configuration.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
|
|
SetUserPoolMfaConfigAsync(SetUserPoolMfaConfigRequest, CancellationToken) |
Sets the user pool multi-factor authentication (MFA) configuration.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
|
|
SetUserSettings(SetUserSettingsRequest) |
This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
SetUserSettingsAsync(SetUserSettingsRequest, CancellationToken) |
This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
SignUp(SignUpRequest) |
Registers the user in the specified user pool and creates a user name, password, and
user attributes.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
|
|
SignUpAsync(SignUpRequest, CancellationToken) |
Registers the user in the specified user pool and creates a user name, password, and
user attributes.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
|
|
StartUserImportJob(StartUserImportJobRequest) |
Starts the user import. |
|
StartUserImportJobAsync(StartUserImportJobRequest, CancellationToken) |
Starts the user import. |
|
StopUserImportJob(StopUserImportJobRequest) |
Stops the user import job. |
|
StopUserImportJobAsync(StopUserImportJobRequest, CancellationToken) |
Stops the user import job. |
|
TagResource(TagResourceRequest) |
Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
Each tag consists of a key and value, both of which you define. A key is a general
category for more specific values. For example, if you have two versions of a user
pool, one for testing and another for production, you might assign an Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values. You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags. |
|
TagResourceAsync(TagResourceRequest, CancellationToken) |
Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
Each tag consists of a key and value, both of which you define. A key is a general
category for more specific values. For example, if you have two versions of a user
pool, one for testing and another for production, you might assign an Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values. You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags. |
|
UntagResource(UntagResourceRequest) |
Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account. |
|
UntagResourceAsync(UntagResourceRequest, CancellationToken) |
Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account. |
|
UpdateAuthEventFeedback(UpdateAuthEventFeedbackRequest) |
Provides the feedback for an authentication event, whether it was from a valid user
or not. This feedback is used for improving the risk evaluation decision for the user
pool as part of Amazon Cognito advanced security.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
|
|
UpdateAuthEventFeedbackAsync(UpdateAuthEventFeedbackRequest, CancellationToken) |
Provides the feedback for an authentication event, whether it was from a valid user
or not. This feedback is used for improving the risk evaluation decision for the user
pool as part of Amazon Cognito advanced security.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
|
|
UpdateDeviceStatus(UpdateDeviceStatusRequest) |
Updates the device status. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
UpdateDeviceStatusAsync(UpdateDeviceStatusRequest, CancellationToken) |
Updates the device status. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
UpdateGroup(UpdateGroupRequest) |
Updates the specified group with the specified attributes.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
UpdateGroupAsync(UpdateGroupRequest, CancellationToken) |
Updates the specified group with the specified attributes.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
UpdateIdentityProvider(UpdateIdentityProviderRequest) |
Updates IdP information for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
UpdateIdentityProviderAsync(UpdateIdentityProviderRequest, CancellationToken) |
Updates IdP information for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
UpdateResourceServer(UpdateResourceServerRequest) |
Updates the name and scopes of resource server. All other fields are read-only.
If you don't provide a value for an attribute, it is set to the default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
UpdateResourceServerAsync(UpdateResourceServerRequest, CancellationToken) |
Updates the name and scopes of resource server. All other fields are read-only.
If you don't provide a value for an attribute, it is set to the default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more |
|
UpdateUserAttributes(UpdateUserAttributesRequest) |
With this operation, your users can update one or more of their attributes with their
own credentials. You authorize this API request with the user's access token. To delete
an attribute from your user, submit the attribute in your API request with a blank
value. Custom attribute values in this request must include the
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. |
|
UpdateUserAttributesAsync(UpdateUserAttributesRequest, CancellationToken) |
With this operation, your users can update one or more of their attributes with their
own credentials. You authorize this API request with the user's access token. To delete
an attribute from your user, submit the attribute in your API request with a blank
value. Custom attribute values in this request must include the
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in. If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide. |
|
UpdateUserPool(UpdateUserPoolRequest) |
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool. If you don't provide a value for an attribute, Amazon Cognito sets it to its default value. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
UpdateUserPoolAsync(UpdateUserPoolRequest, CancellationToken) |
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool. If you don't provide a value for an attribute, Amazon Cognito sets it to its default value. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
UpdateUserPoolClient(UpdateUserPoolClientRequest) |
Updates the specified user pool app client with the specified attributes. You can
get a list of the current user pool app client settings using DescribeUserPoolClient.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default
value.
You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, see RevokeToken. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
UpdateUserPoolClientAsync(UpdateUserPoolClientRequest, CancellationToken) |
Updates the specified user pool app client with the specified attributes. You can
get a list of the current user pool app client settings using DescribeUserPoolClient.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default
value.
You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, see RevokeToken. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
UpdateUserPoolDomain(UpdateUserPoolDomainRequest) |
Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool. You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can't use it to change the domain for a user pool. A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain. Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically. However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito. When you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region. After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain. For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
UpdateUserPoolDomainAsync(UpdateUserPoolDomainRequest, CancellationToken) |
Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool. You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can't use it to change the domain for a user pool. A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain. Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically. However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito. When you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region. After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain. For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI. Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy. Learn more |
|
VerifySoftwareToken(VerifySoftwareTokenRequest) |
Use this API to register a user's entered time-based one-time password (TOTP) code
and mark the user's software token MFA status as "verified" if successful. The request
takes an access token or a session string, but not both.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
|
|
VerifySoftwareTokenAsync(VerifySoftwareTokenRequest, CancellationToken) |
Use this API to register a user's entered time-based one-time password (TOTP) code
and mark the user's software token MFA status as "verified" if successful. The request
takes an access token or a session string, but not both.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
|
|
VerifyUserAttribute(VerifyUserAttributeRequest) |
Verifies the specified user attributes in the user pool. If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see UserAttributeUpdateSettingsType.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
|
VerifyUserAttributeAsync(VerifyUserAttributeRequest, CancellationToken) |
Verifies the specified user attributes in the user pool. If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see UserAttributeUpdateSettingsType.
Authorize this action with a signed-in user's access token. It must include the scope
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints. |
Name | Description | |
---|---|---|
AfterResponseEvent | Inherited from Amazon.Runtime.AmazonServiceClient. | |
BeforeRequestEvent | Inherited from Amazon.Runtime.AmazonServiceClient. | |
ExceptionEvent | Inherited from Amazon.Runtime.AmazonServiceClient. |
.NET:
Supported in: 8.0 and newer, Core 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.5 and newer, 3.5