AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Container for the parameters to the InitiateAuth operation.
Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign
in a user with a federated IdP with
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests
for this API operation. For this operation, you can't use IAM credentials to authorize
requests, and you can't grant IAM permissions in policies. For more information about
authorization models in Amazon Cognito, see Using
the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom
carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with Amazon
Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
Servicesservice, Amazon Simple Notification Service might place your account in the
SMS sandbox. In sandbox
mode, you can send messages only to verified phone numbers. After you test
your app while in the sandbox environment, you can move out of the sandbox and into
production. For more information, see
SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
Guide.
InitiateAuth
. For more information, see
Adding user pool sign-in through a third party.
Namespace: Amazon.CognitoIdentityProvider.Model
Assembly: AWSSDK.CognitoIdentityProvider.dll
Version: 3.x.y.z
public class InitiateAuthRequest : AmazonCognitoIdentityProviderRequest IAmazonWebServiceRequest
The InitiateAuthRequest type exposes the following members
Name | Description | |
---|---|---|
InitiateAuthRequest() |
Name | Type | Description | |
---|---|---|---|
AnalyticsMetadata | Amazon.CognitoIdentityProvider.Model.AnalyticsMetadataType |
Gets and sets the property AnalyticsMetadata.
The Amazon Pinpoint analytics metadata that contributes to your metrics for |
|
AuthFlow | Amazon.CognitoIdentityProvider.AuthFlowType |
Gets and sets the property AuthFlow. The authentication flow for this call to run. The API action will depend on this value. For example:
Valid values include:
|
|
AuthParameters | System.Collections.Generic.Dictionary<System.String, System.String> |
Gets and sets the property AuthParameters.
The authentication parameters. These are inputs corresponding to the
For more information about |
|
ClientId | System.String |
Gets and sets the property ClientId. The app client ID. |
|
ClientMetadata | System.Collections.Generic.Dictionary<System.String, System.String> |
Gets and sets the property ClientMetadata. A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers. You create custom workflows by assigning Lambda functions to user pool triggers. When you use the InitiateAuth API action, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers:
When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload,
which the function receives as input. This payload contains a When you use the InitiateAuth API action, Amazon Cognito also invokes the functions for the following triggers, but it doesn't provide the ClientMetadata value as input:
For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide. When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
|
|
UserContextData | Amazon.CognitoIdentityProvider.Model.UserContextDataType |
Gets and sets the property UserContextData. Contextual data about your user session, such as the device fingerprint, IP address, or location. Amazon Cognito advanced security evaluates the risk of an authentication event based on the context that your app generates and passes to Amazon Cognito when it makes API requests. |
The following example signs in the user mytestuser with analytics data, client metadata, and user context data for advanced security.
var client = new AmazonCognitoIdentityProviderClient(); var response = client.InitiateAuth(new InitiateAuthRequest { AnalyticsMetadata = new AnalyticsMetadataType { AnalyticsEndpointId = "d70b2ba36a8c4dc5a04a0451a31a1e12" }, AuthFlow = "USER_PASSWORD_AUTH", AuthParameters = new Dictionary<string, string> { { "PASSWORD", "This-is-my-test-99!" }, { "SECRET_HASH", "oT5ZkS8ctnrhYeeGsGTvOzPhoc/Jd1cO5fueBWFVmp8=" }, { "USERNAME", "mytestuser" } }, ClientId = "1example23456789", ClientMetadata = new Dictionary<string, string> { { "MyTestKey", "MyTestValue" } }, UserContextData = new UserContextDataType { EncodedData = "AmazonCognitoAdvancedSecurityData_object", IpAddress = "192.0.2.1" } }); string challengeName = response.ChallengeName; Dictionary<string, string> challengeParameters = response.ChallengeParameters; string session = response.Session;
.NET:
Supported in: 8.0 and newer, Core 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.5 and newer, 3.5