Interface CognitoIdentityProviderClient
- All Superinterfaces:
AutoCloseable
,AwsClient
,SdkAutoCloseable
,SdkClient
builder()
method.
With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To authenticate users from third-party identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the authentication and authorization of federated users at Adding user pool sign-in through a third party and in the User pool federation endpoints and hosted UI reference.
This API reference provides detailed information about API operations and object types in Amazon Cognito.
Along with resource management operations, the Amazon Cognito user pools API includes classes of operations and authorization models for client-side and server-side authentication of users. You can interact with operations in the Amazon Cognito user pools API as any of the following subjects.
-
An administrator who wants to configure user pools, app clients, users, groups, or other user pool functions.
-
A server-side app, like a web application, that wants to use its Amazon Web Services privileges to manage, authenticate, or authorize a user.
-
A client-side app, like a mobile app, that wants to make unauthenticated requests to manage, authenticate, or authorize a user.
For more information, see Using the Amazon Cognito user pools API and user pool endpoints in the Amazon Cognito Developer Guide.
With your Amazon Web Services SDK, you can build the logic to support operational flows in every use case for this
API. You can also make direct REST API requests to Amazon Cognito user pools service endpoints. The following links can get you started with the
CognitoIdentityProvider
client in other supported Amazon Web Services SDKs.
To get started with an Amazon Web Services SDK, see Tools to Build on Amazon Web Services. For example actions and scenarios, see Code examples for Amazon Cognito Identity Provider using Amazon Web Services SDKs.
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
Value for looking up the service's metadata from theServiceMetadataProvider
.static final String
-
Method Summary
Modifier and TypeMethodDescriptiondefault AddCustomAttributesResponse
addCustomAttributes
(Consumer<AddCustomAttributesRequest.Builder> addCustomAttributesRequest) Adds additional user attributes to the user pool schema.default AddCustomAttributesResponse
addCustomAttributes
(AddCustomAttributesRequest addCustomAttributesRequest) Adds additional user attributes to the user pool schema.default AdminAddUserToGroupResponse
adminAddUserToGroup
(Consumer<AdminAddUserToGroupRequest.Builder> adminAddUserToGroupRequest) Adds a user to a group.default AdminAddUserToGroupResponse
adminAddUserToGroup
(AdminAddUserToGroupRequest adminAddUserToGroupRequest) Adds a user to a group.default AdminConfirmSignUpResponse
adminConfirmSignUp
(Consumer<AdminConfirmSignUpRequest.Builder> adminConfirmSignUpRequest) This IAM-authenticated API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool.default AdminConfirmSignUpResponse
adminConfirmSignUp
(AdminConfirmSignUpRequest adminConfirmSignUpRequest) This IAM-authenticated API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool.default AdminCreateUserResponse
adminCreateUser
(Consumer<AdminCreateUserRequest.Builder> adminCreateUserRequest) Creates a new user in the specified user pool.default AdminCreateUserResponse
adminCreateUser
(AdminCreateUserRequest adminCreateUserRequest) Creates a new user in the specified user pool.default AdminDeleteUserResponse
adminDeleteUser
(Consumer<AdminDeleteUserRequest.Builder> adminDeleteUserRequest) Deletes a user as an administrator.default AdminDeleteUserResponse
adminDeleteUser
(AdminDeleteUserRequest adminDeleteUserRequest) Deletes a user as an administrator.adminDeleteUserAttributes
(Consumer<AdminDeleteUserAttributesRequest.Builder> adminDeleteUserAttributesRequest) Deletes the user attributes in a user pool as an administrator.adminDeleteUserAttributes
(AdminDeleteUserAttributesRequest adminDeleteUserAttributesRequest) Deletes the user attributes in a user pool as an administrator.adminDisableProviderForUser
(Consumer<AdminDisableProviderForUserRequest.Builder> adminDisableProviderForUserRequest) Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP).adminDisableProviderForUser
(AdminDisableProviderForUserRequest adminDisableProviderForUserRequest) Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP).default AdminDisableUserResponse
adminDisableUser
(Consumer<AdminDisableUserRequest.Builder> adminDisableUserRequest) Deactivates a user and revokes all access tokens for the user.default AdminDisableUserResponse
adminDisableUser
(AdminDisableUserRequest adminDisableUserRequest) Deactivates a user and revokes all access tokens for the user.default AdminEnableUserResponse
adminEnableUser
(Consumer<AdminEnableUserRequest.Builder> adminEnableUserRequest) Enables the specified user as an administrator.default AdminEnableUserResponse
adminEnableUser
(AdminEnableUserRequest adminEnableUserRequest) Enables the specified user as an administrator.default AdminForgetDeviceResponse
adminForgetDevice
(Consumer<AdminForgetDeviceRequest.Builder> adminForgetDeviceRequest) Forgets the device, as an administrator.default AdminForgetDeviceResponse
adminForgetDevice
(AdminForgetDeviceRequest adminForgetDeviceRequest) Forgets the device, as an administrator.default AdminGetDeviceResponse
adminGetDevice
(Consumer<AdminGetDeviceRequest.Builder> adminGetDeviceRequest) Gets the device, as an administrator.default AdminGetDeviceResponse
adminGetDevice
(AdminGetDeviceRequest adminGetDeviceRequest) Gets the device, as an administrator.default AdminGetUserResponse
adminGetUser
(Consumer<AdminGetUserRequest.Builder> adminGetUserRequest) Gets the specified user by user name in a user pool as an administrator.default AdminGetUserResponse
adminGetUser
(AdminGetUserRequest adminGetUserRequest) Gets the specified user by user name in a user pool as an administrator.default AdminInitiateAuthResponse
adminInitiateAuth
(Consumer<AdminInitiateAuthRequest.Builder> adminInitiateAuthRequest) Initiates the authentication flow, as an administrator.default AdminInitiateAuthResponse
adminInitiateAuth
(AdminInitiateAuthRequest adminInitiateAuthRequest) Initiates the authentication flow, as an administrator.default AdminLinkProviderForUserResponse
adminLinkProviderForUser
(Consumer<AdminLinkProviderForUserRequest.Builder> adminLinkProviderForUserRequest) Links an existing user account in a user pool (DestinationUser
) to an identity from an external IdP (SourceUser
) based on a specified attribute name and value from the external IdP.default AdminLinkProviderForUserResponse
adminLinkProviderForUser
(AdminLinkProviderForUserRequest adminLinkProviderForUserRequest) Links an existing user account in a user pool (DestinationUser
) to an identity from an external IdP (SourceUser
) based on a specified attribute name and value from the external IdP.default AdminListDevicesResponse
adminListDevices
(Consumer<AdminListDevicesRequest.Builder> adminListDevicesRequest) Lists devices, as an administrator.default AdminListDevicesResponse
adminListDevices
(AdminListDevicesRequest adminListDevicesRequest) Lists devices, as an administrator.default AdminListGroupsForUserResponse
adminListGroupsForUser
(Consumer<AdminListGroupsForUserRequest.Builder> adminListGroupsForUserRequest) Lists the groups that a user belongs to.default AdminListGroupsForUserResponse
adminListGroupsForUser
(AdminListGroupsForUserRequest adminListGroupsForUserRequest) Lists the groups that a user belongs to.default AdminListGroupsForUserIterable
adminListGroupsForUserPaginator
(Consumer<AdminListGroupsForUserRequest.Builder> adminListGroupsForUserRequest) This is a variant ofadminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest)
operation.default AdminListGroupsForUserIterable
adminListGroupsForUserPaginator
(AdminListGroupsForUserRequest adminListGroupsForUserRequest) This is a variant ofadminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest)
operation.default AdminListUserAuthEventsResponse
adminListUserAuthEvents
(Consumer<AdminListUserAuthEventsRequest.Builder> adminListUserAuthEventsRequest) A history of user activity and any risks detected as part of Amazon Cognito advanced security.default AdminListUserAuthEventsResponse
adminListUserAuthEvents
(AdminListUserAuthEventsRequest adminListUserAuthEventsRequest) A history of user activity and any risks detected as part of Amazon Cognito advanced security.default AdminListUserAuthEventsIterable
adminListUserAuthEventsPaginator
(Consumer<AdminListUserAuthEventsRequest.Builder> adminListUserAuthEventsRequest) This is a variant ofadminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest)
operation.default AdminListUserAuthEventsIterable
adminListUserAuthEventsPaginator
(AdminListUserAuthEventsRequest adminListUserAuthEventsRequest) This is a variant ofadminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest)
operation.default AdminRemoveUserFromGroupResponse
adminRemoveUserFromGroup
(Consumer<AdminRemoveUserFromGroupRequest.Builder> adminRemoveUserFromGroupRequest) Removes the specified user from the specified group.default AdminRemoveUserFromGroupResponse
adminRemoveUserFromGroup
(AdminRemoveUserFromGroupRequest adminRemoveUserFromGroupRequest) Removes the specified user from the specified group.default AdminResetUserPasswordResponse
adminResetUserPassword
(Consumer<AdminResetUserPasswordRequest.Builder> adminResetUserPasswordRequest) Resets the specified user's password in a user pool as an administrator.default AdminResetUserPasswordResponse
adminResetUserPassword
(AdminResetUserPasswordRequest adminResetUserPasswordRequest) Resets the specified user's password in a user pool as an administrator.adminRespondToAuthChallenge
(Consumer<AdminRespondToAuthChallengeRequest.Builder> adminRespondToAuthChallengeRequest) Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge.adminRespondToAuthChallenge
(AdminRespondToAuthChallengeRequest adminRespondToAuthChallengeRequest) Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge.adminSetUserMFAPreference
(Consumer<AdminSetUserMfaPreferenceRequest.Builder> adminSetUserMfaPreferenceRequest) The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred.adminSetUserMFAPreference
(AdminSetUserMfaPreferenceRequest adminSetUserMfaPreferenceRequest) The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred.default AdminSetUserPasswordResponse
adminSetUserPassword
(Consumer<AdminSetUserPasswordRequest.Builder> adminSetUserPasswordRequest) Sets the specified user's password in a user pool as an administrator.default AdminSetUserPasswordResponse
adminSetUserPassword
(AdminSetUserPasswordRequest adminSetUserPasswordRequest) Sets the specified user's password in a user pool as an administrator.default AdminSetUserSettingsResponse
adminSetUserSettings
(Consumer<AdminSetUserSettingsRequest.Builder> adminSetUserSettingsRequest) This action is no longer supported. You can use it to configure only SMS MFA.default AdminSetUserSettingsResponse
adminSetUserSettings
(AdminSetUserSettingsRequest adminSetUserSettingsRequest) This action is no longer supported. You can use it to configure only SMS MFA.adminUpdateAuthEventFeedback
(Consumer<AdminUpdateAuthEventFeedbackRequest.Builder> adminUpdateAuthEventFeedbackRequest) Provides feedback for an authentication event indicating if it was from a valid user.adminUpdateAuthEventFeedback
(AdminUpdateAuthEventFeedbackRequest adminUpdateAuthEventFeedbackRequest) Provides feedback for an authentication event indicating if it was from a valid user.default AdminUpdateDeviceStatusResponse
adminUpdateDeviceStatus
(Consumer<AdminUpdateDeviceStatusRequest.Builder> adminUpdateDeviceStatusRequest) Updates the device status as an administrator.default AdminUpdateDeviceStatusResponse
adminUpdateDeviceStatus
(AdminUpdateDeviceStatusRequest adminUpdateDeviceStatusRequest) Updates the device status as an administrator.adminUpdateUserAttributes
(Consumer<AdminUpdateUserAttributesRequest.Builder> adminUpdateUserAttributesRequest) adminUpdateUserAttributes
(AdminUpdateUserAttributesRequest adminUpdateUserAttributesRequest) default AdminUserGlobalSignOutResponse
adminUserGlobalSignOut
(Consumer<AdminUserGlobalSignOutRequest.Builder> adminUserGlobalSignOutRequest) Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user.default AdminUserGlobalSignOutResponse
adminUserGlobalSignOut
(AdminUserGlobalSignOutRequest adminUserGlobalSignOutRequest) Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user.default AssociateSoftwareTokenResponse
associateSoftwareToken
(Consumer<AssociateSoftwareTokenRequest.Builder> associateSoftwareTokenRequest) Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response.default AssociateSoftwareTokenResponse
associateSoftwareToken
(AssociateSoftwareTokenRequest associateSoftwareTokenRequest) Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response.builder()
Create a builder that can be used to configure and create aCognitoIdentityProviderClient
.default ChangePasswordResponse
changePassword
(Consumer<ChangePasswordRequest.Builder> changePasswordRequest) Changes the password for a specified user in a user pool.default ChangePasswordResponse
changePassword
(ChangePasswordRequest changePasswordRequest) Changes the password for a specified user in a user pool.default ConfirmDeviceResponse
confirmDevice
(Consumer<ConfirmDeviceRequest.Builder> confirmDeviceRequest) Confirms tracking of the device.default ConfirmDeviceResponse
confirmDevice
(ConfirmDeviceRequest confirmDeviceRequest) Confirms tracking of the device.default ConfirmForgotPasswordResponse
confirmForgotPassword
(Consumer<ConfirmForgotPasswordRequest.Builder> confirmForgotPasswordRequest) Allows a user to enter a confirmation code to reset a forgotten password.default ConfirmForgotPasswordResponse
confirmForgotPassword
(ConfirmForgotPasswordRequest confirmForgotPasswordRequest) Allows a user to enter a confirmation code to reset a forgotten password.default ConfirmSignUpResponse
confirmSignUp
(Consumer<ConfirmSignUpRequest.Builder> confirmSignUpRequest) This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation.default ConfirmSignUpResponse
confirmSignUp
(ConfirmSignUpRequest confirmSignUpRequest) This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation.create()
Create aCognitoIdentityProviderClient
with the region loaded from theDefaultAwsRegionProviderChain
and credentials loaded from theDefaultCredentialsProvider
.default CreateGroupResponse
createGroup
(Consumer<CreateGroupRequest.Builder> createGroupRequest) Creates a new group in the specified user pool.default CreateGroupResponse
createGroup
(CreateGroupRequest createGroupRequest) Creates a new group in the specified user pool.default CreateIdentityProviderResponse
createIdentityProvider
(Consumer<CreateIdentityProviderRequest.Builder> createIdentityProviderRequest) Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.default CreateIdentityProviderResponse
createIdentityProvider
(CreateIdentityProviderRequest createIdentityProviderRequest) Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.default CreateResourceServerResponse
createResourceServer
(Consumer<CreateResourceServerRequest.Builder> createResourceServerRequest) Creates a new OAuth2.0 resource server and defines custom scopes within it.default CreateResourceServerResponse
createResourceServer
(CreateResourceServerRequest createResourceServerRequest) Creates a new OAuth2.0 resource server and defines custom scopes within it.default CreateUserImportJobResponse
createUserImportJob
(Consumer<CreateUserImportJobRequest.Builder> createUserImportJobRequest) Creates a user import job.default CreateUserImportJobResponse
createUserImportJob
(CreateUserImportJobRequest createUserImportJobRequest) Creates a user import job.default CreateUserPoolResponse
createUserPool
(Consumer<CreateUserPoolRequest.Builder> createUserPoolRequest) default CreateUserPoolResponse
createUserPool
(CreateUserPoolRequest createUserPoolRequest) default CreateUserPoolClientResponse
createUserPoolClient
(Consumer<CreateUserPoolClientRequest.Builder> createUserPoolClientRequest) Creates the user pool client.default CreateUserPoolClientResponse
createUserPoolClient
(CreateUserPoolClientRequest createUserPoolClientRequest) Creates the user pool client.default CreateUserPoolDomainResponse
createUserPoolDomain
(Consumer<CreateUserPoolDomainRequest.Builder> createUserPoolDomainRequest) Creates a new domain for a user pool.default CreateUserPoolDomainResponse
createUserPoolDomain
(CreateUserPoolDomainRequest createUserPoolDomainRequest) Creates a new domain for a user pool.default DeleteGroupResponse
deleteGroup
(Consumer<DeleteGroupRequest.Builder> deleteGroupRequest) Deletes a group.default DeleteGroupResponse
deleteGroup
(DeleteGroupRequest deleteGroupRequest) Deletes a group.default DeleteIdentityProviderResponse
deleteIdentityProvider
(Consumer<DeleteIdentityProviderRequest.Builder> deleteIdentityProviderRequest) Deletes an IdP for a user pool.default DeleteIdentityProviderResponse
deleteIdentityProvider
(DeleteIdentityProviderRequest deleteIdentityProviderRequest) Deletes an IdP for a user pool.default DeleteResourceServerResponse
deleteResourceServer
(Consumer<DeleteResourceServerRequest.Builder> deleteResourceServerRequest) Deletes a resource server.default DeleteResourceServerResponse
deleteResourceServer
(DeleteResourceServerRequest deleteResourceServerRequest) Deletes a resource server.default DeleteUserResponse
deleteUser
(Consumer<DeleteUserRequest.Builder> deleteUserRequest) Allows a user to delete their own user profile.default DeleteUserResponse
deleteUser
(DeleteUserRequest deleteUserRequest) Allows a user to delete their own user profile.default DeleteUserAttributesResponse
deleteUserAttributes
(Consumer<DeleteUserAttributesRequest.Builder> deleteUserAttributesRequest) Deletes the attributes for a user.default DeleteUserAttributesResponse
deleteUserAttributes
(DeleteUserAttributesRequest deleteUserAttributesRequest) Deletes the attributes for a user.default DeleteUserPoolResponse
deleteUserPool
(Consumer<DeleteUserPoolRequest.Builder> deleteUserPoolRequest) Deletes the specified Amazon Cognito user pool.default DeleteUserPoolResponse
deleteUserPool
(DeleteUserPoolRequest deleteUserPoolRequest) Deletes the specified Amazon Cognito user pool.default DeleteUserPoolClientResponse
deleteUserPoolClient
(Consumer<DeleteUserPoolClientRequest.Builder> deleteUserPoolClientRequest) Allows the developer to delete the user pool client.default DeleteUserPoolClientResponse
deleteUserPoolClient
(DeleteUserPoolClientRequest deleteUserPoolClientRequest) Allows the developer to delete the user pool client.default DeleteUserPoolDomainResponse
deleteUserPoolDomain
(Consumer<DeleteUserPoolDomainRequest.Builder> deleteUserPoolDomainRequest) Deletes a domain for a user pool.default DeleteUserPoolDomainResponse
deleteUserPoolDomain
(DeleteUserPoolDomainRequest deleteUserPoolDomainRequest) Deletes a domain for a user pool.default DescribeIdentityProviderResponse
describeIdentityProvider
(Consumer<DescribeIdentityProviderRequest.Builder> describeIdentityProviderRequest) Gets information about a specific IdP.default DescribeIdentityProviderResponse
describeIdentityProvider
(DescribeIdentityProviderRequest describeIdentityProviderRequest) Gets information about a specific IdP.default DescribeResourceServerResponse
describeResourceServer
(Consumer<DescribeResourceServerRequest.Builder> describeResourceServerRequest) Describes a resource server.default DescribeResourceServerResponse
describeResourceServer
(DescribeResourceServerRequest describeResourceServerRequest) Describes a resource server.describeRiskConfiguration
(Consumer<DescribeRiskConfigurationRequest.Builder> describeRiskConfigurationRequest) Describes the risk configuration.describeRiskConfiguration
(DescribeRiskConfigurationRequest describeRiskConfigurationRequest) Describes the risk configuration.default DescribeUserImportJobResponse
describeUserImportJob
(Consumer<DescribeUserImportJobRequest.Builder> describeUserImportJobRequest) Describes the user import job.default DescribeUserImportJobResponse
describeUserImportJob
(DescribeUserImportJobRequest describeUserImportJobRequest) Describes the user import job.default DescribeUserPoolResponse
describeUserPool
(Consumer<DescribeUserPoolRequest.Builder> describeUserPoolRequest) Returns the configuration information and metadata of the specified user pool.default DescribeUserPoolResponse
describeUserPool
(DescribeUserPoolRequest describeUserPoolRequest) Returns the configuration information and metadata of the specified user pool.default DescribeUserPoolClientResponse
describeUserPoolClient
(Consumer<DescribeUserPoolClientRequest.Builder> describeUserPoolClientRequest) Client method for returning the configuration information and metadata of the specified user pool app client.default DescribeUserPoolClientResponse
describeUserPoolClient
(DescribeUserPoolClientRequest describeUserPoolClientRequest) Client method for returning the configuration information and metadata of the specified user pool app client.default DescribeUserPoolDomainResponse
describeUserPoolDomain
(Consumer<DescribeUserPoolDomainRequest.Builder> describeUserPoolDomainRequest) Gets information about a domain.default DescribeUserPoolDomainResponse
describeUserPoolDomain
(DescribeUserPoolDomainRequest describeUserPoolDomainRequest) Gets information about a domain.default ForgetDeviceResponse
forgetDevice
(Consumer<ForgetDeviceRequest.Builder> forgetDeviceRequest) Forgets the specified device.default ForgetDeviceResponse
forgetDevice
(ForgetDeviceRequest forgetDeviceRequest) Forgets the specified device.default ForgotPasswordResponse
forgotPassword
(Consumer<ForgotPasswordRequest.Builder> forgotPasswordRequest) Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password.default ForgotPasswordResponse
forgotPassword
(ForgotPasswordRequest forgotPasswordRequest) Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password.default GetCsvHeaderResponse
getCSVHeader
(Consumer<GetCsvHeaderRequest.Builder> getCsvHeaderRequest) Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.default GetCsvHeaderResponse
getCSVHeader
(GetCsvHeaderRequest getCsvHeaderRequest) Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.default GetDeviceResponse
getDevice
(Consumer<GetDeviceRequest.Builder> getDeviceRequest) Gets the device.default GetDeviceResponse
getDevice
(GetDeviceRequest getDeviceRequest) Gets the device.default GetGroupResponse
getGroup
(Consumer<GetGroupRequest.Builder> getGroupRequest) Gets a group.default GetGroupResponse
getGroup
(GetGroupRequest getGroupRequest) Gets a group.getIdentityProviderByIdentifier
(Consumer<GetIdentityProviderByIdentifierRequest.Builder> getIdentityProviderByIdentifierRequest) Gets the specified IdP.getIdentityProviderByIdentifier
(GetIdentityProviderByIdentifierRequest getIdentityProviderByIdentifierRequest) Gets the specified IdP.getLogDeliveryConfiguration
(Consumer<GetLogDeliveryConfigurationRequest.Builder> getLogDeliveryConfigurationRequest) Gets the detailed activity logging configuration for a user pool.getLogDeliveryConfiguration
(GetLogDeliveryConfigurationRequest getLogDeliveryConfigurationRequest) Gets the detailed activity logging configuration for a user pool.default GetSigningCertificateResponse
getSigningCertificate
(Consumer<GetSigningCertificateRequest.Builder> getSigningCertificateRequest) This method takes a user pool ID, and returns the signing certificate.default GetSigningCertificateResponse
getSigningCertificate
(GetSigningCertificateRequest getSigningCertificateRequest) This method takes a user pool ID, and returns the signing certificate.default GetUiCustomizationResponse
getUICustomization
(Consumer<GetUiCustomizationRequest.Builder> getUiCustomizationRequest) Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client.default GetUiCustomizationResponse
getUICustomization
(GetUiCustomizationRequest getUiCustomizationRequest) Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client.default GetUserResponse
getUser
(Consumer<GetUserRequest.Builder> getUserRequest) Gets the user attributes and metadata for a user.default GetUserResponse
getUser
(GetUserRequest getUserRequest) Gets the user attributes and metadata for a user.getUserAttributeVerificationCode
(Consumer<GetUserAttributeVerificationCodeRequest.Builder> getUserAttributeVerificationCodeRequest) Generates a user attribute verification code for the specified attribute name.getUserAttributeVerificationCode
(GetUserAttributeVerificationCodeRequest getUserAttributeVerificationCodeRequest) Generates a user attribute verification code for the specified attribute name.default GetUserPoolMfaConfigResponse
getUserPoolMfaConfig
(Consumer<GetUserPoolMfaConfigRequest.Builder> getUserPoolMfaConfigRequest) Gets the user pool multi-factor authentication (MFA) configuration.default GetUserPoolMfaConfigResponse
getUserPoolMfaConfig
(GetUserPoolMfaConfigRequest getUserPoolMfaConfigRequest) Gets the user pool multi-factor authentication (MFA) configuration.default GlobalSignOutResponse
globalSignOut
(Consumer<GlobalSignOutRequest.Builder> globalSignOutRequest) Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user.default GlobalSignOutResponse
globalSignOut
(GlobalSignOutRequest globalSignOutRequest) Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user.default InitiateAuthResponse
initiateAuth
(Consumer<InitiateAuthRequest.Builder> initiateAuthRequest) Initiates sign-in for a user in the Amazon Cognito user directory.default InitiateAuthResponse
initiateAuth
(InitiateAuthRequest initiateAuthRequest) Initiates sign-in for a user in the Amazon Cognito user directory.default ListDevicesResponse
listDevices
(Consumer<ListDevicesRequest.Builder> listDevicesRequest) Lists the sign-in devices that Amazon Cognito has registered to the current user.default ListDevicesResponse
listDevices
(ListDevicesRequest listDevicesRequest) Lists the sign-in devices that Amazon Cognito has registered to the current user.default ListGroupsResponse
listGroups
(Consumer<ListGroupsRequest.Builder> listGroupsRequest) Lists the groups associated with a user pool.default ListGroupsResponse
listGroups
(ListGroupsRequest listGroupsRequest) Lists the groups associated with a user pool.default ListGroupsIterable
listGroupsPaginator
(Consumer<ListGroupsRequest.Builder> listGroupsRequest) This is a variant oflistGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest)
operation.default ListGroupsIterable
listGroupsPaginator
(ListGroupsRequest listGroupsRequest) This is a variant oflistGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest)
operation.default ListIdentityProvidersResponse
listIdentityProviders
(Consumer<ListIdentityProvidersRequest.Builder> listIdentityProvidersRequest) Lists information about all IdPs for a user pool.default ListIdentityProvidersResponse
listIdentityProviders
(ListIdentityProvidersRequest listIdentityProvidersRequest) Lists information about all IdPs for a user pool.default ListIdentityProvidersIterable
listIdentityProvidersPaginator
(Consumer<ListIdentityProvidersRequest.Builder> listIdentityProvidersRequest) This is a variant oflistIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest)
operation.default ListIdentityProvidersIterable
listIdentityProvidersPaginator
(ListIdentityProvidersRequest listIdentityProvidersRequest) This is a variant oflistIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest)
operation.default ListResourceServersResponse
listResourceServers
(Consumer<ListResourceServersRequest.Builder> listResourceServersRequest) Lists the resource servers for a user pool.default ListResourceServersResponse
listResourceServers
(ListResourceServersRequest listResourceServersRequest) Lists the resource servers for a user pool.default ListResourceServersIterable
listResourceServersPaginator
(Consumer<ListResourceServersRequest.Builder> listResourceServersRequest) This is a variant oflistResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest)
operation.default ListResourceServersIterable
listResourceServersPaginator
(ListResourceServersRequest listResourceServersRequest) This is a variant oflistResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest)
operation.default ListTagsForResourceResponse
listTagsForResource
(Consumer<ListTagsForResourceRequest.Builder> listTagsForResourceRequest) Lists the tags that are assigned to an Amazon Cognito user pool.default ListTagsForResourceResponse
listTagsForResource
(ListTagsForResourceRequest listTagsForResourceRequest) Lists the tags that are assigned to an Amazon Cognito user pool.default ListUserImportJobsResponse
listUserImportJobs
(Consumer<ListUserImportJobsRequest.Builder> listUserImportJobsRequest) Lists user import jobs for a user pool.default ListUserImportJobsResponse
listUserImportJobs
(ListUserImportJobsRequest listUserImportJobsRequest) Lists user import jobs for a user pool.default ListUserPoolClientsResponse
listUserPoolClients
(Consumer<ListUserPoolClientsRequest.Builder> listUserPoolClientsRequest) Lists the clients that have been created for the specified user pool.default ListUserPoolClientsResponse
listUserPoolClients
(ListUserPoolClientsRequest listUserPoolClientsRequest) Lists the clients that have been created for the specified user pool.default ListUserPoolClientsIterable
listUserPoolClientsPaginator
(Consumer<ListUserPoolClientsRequest.Builder> listUserPoolClientsRequest) This is a variant oflistUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest)
operation.default ListUserPoolClientsIterable
listUserPoolClientsPaginator
(ListUserPoolClientsRequest listUserPoolClientsRequest) This is a variant oflistUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest)
operation.default ListUserPoolsResponse
listUserPools
(Consumer<ListUserPoolsRequest.Builder> listUserPoolsRequest) Lists the user pools associated with an Amazon Web Services account.default ListUserPoolsResponse
listUserPools
(ListUserPoolsRequest listUserPoolsRequest) Lists the user pools associated with an Amazon Web Services account.default ListUserPoolsIterable
listUserPoolsPaginator
(Consumer<ListUserPoolsRequest.Builder> listUserPoolsRequest) This is a variant oflistUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest)
operation.default ListUserPoolsIterable
listUserPoolsPaginator
(ListUserPoolsRequest listUserPoolsRequest) This is a variant oflistUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest)
operation.default ListUsersResponse
listUsers
(Consumer<ListUsersRequest.Builder> listUsersRequest) Lists users and their basic details in a user pool.default ListUsersResponse
listUsers
(ListUsersRequest listUsersRequest) Lists users and their basic details in a user pool.default ListUsersInGroupResponse
listUsersInGroup
(Consumer<ListUsersInGroupRequest.Builder> listUsersInGroupRequest) Lists the users in the specified group.default ListUsersInGroupResponse
listUsersInGroup
(ListUsersInGroupRequest listUsersInGroupRequest) Lists the users in the specified group.default ListUsersInGroupIterable
listUsersInGroupPaginator
(Consumer<ListUsersInGroupRequest.Builder> listUsersInGroupRequest) This is a variant oflistUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest)
operation.default ListUsersInGroupIterable
listUsersInGroupPaginator
(ListUsersInGroupRequest listUsersInGroupRequest) This is a variant oflistUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest)
operation.default ListUsersIterable
listUsersPaginator
(Consumer<ListUsersRequest.Builder> listUsersRequest) This is a variant oflistUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest)
operation.default ListUsersIterable
listUsersPaginator
(ListUsersRequest listUsersRequest) This is a variant oflistUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest)
operation.default ResendConfirmationCodeResponse
resendConfirmationCode
(Consumer<ResendConfirmationCodeRequest.Builder> resendConfirmationCodeRequest) Resends the confirmation (for confirmation of registration) to a specific user in the user pool.default ResendConfirmationCodeResponse
resendConfirmationCode
(ResendConfirmationCodeRequest resendConfirmationCodeRequest) Resends the confirmation (for confirmation of registration) to a specific user in the user pool.default RespondToAuthChallengeResponse
respondToAuthChallenge
(Consumer<RespondToAuthChallengeRequest.Builder> respondToAuthChallengeRequest) Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge.default RespondToAuthChallengeResponse
respondToAuthChallenge
(RespondToAuthChallengeRequest respondToAuthChallengeRequest) Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge.default RevokeTokenResponse
revokeToken
(Consumer<RevokeTokenRequest.Builder> revokeTokenRequest) Revokes all of the access tokens generated by, and at the same time as, the specified refresh token.default RevokeTokenResponse
revokeToken
(RevokeTokenRequest revokeTokenRequest) Revokes all of the access tokens generated by, and at the same time as, the specified refresh token.The SDK service client configuration exposes client settings to the user, e.g., ClientOverrideConfigurationstatic ServiceMetadata
setLogDeliveryConfiguration
(Consumer<SetLogDeliveryConfigurationRequest.Builder> setLogDeliveryConfigurationRequest) Sets up or modifies the detailed activity logging configuration of a user pool.setLogDeliveryConfiguration
(SetLogDeliveryConfigurationRequest setLogDeliveryConfigurationRequest) Sets up or modifies the detailed activity logging configuration of a user pool.default SetRiskConfigurationResponse
setRiskConfiguration
(Consumer<SetRiskConfigurationRequest.Builder> setRiskConfigurationRequest) Configures actions on detected risks.default SetRiskConfigurationResponse
setRiskConfiguration
(SetRiskConfigurationRequest setRiskConfigurationRequest) Configures actions on detected risks.default SetUiCustomizationResponse
setUICustomization
(Consumer<SetUiCustomizationRequest.Builder> setUiCustomizationRequest) Sets the user interface (UI) customization information for a user pool's built-in app UI.default SetUiCustomizationResponse
setUICustomization
(SetUiCustomizationRequest setUiCustomizationRequest) Sets the user interface (UI) customization information for a user pool's built-in app UI.default SetUserMfaPreferenceResponse
setUserMFAPreference
(Consumer<SetUserMfaPreferenceRequest.Builder> setUserMfaPreferenceRequest) Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred.default SetUserMfaPreferenceResponse
setUserMFAPreference
(SetUserMfaPreferenceRequest setUserMfaPreferenceRequest) Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred.default SetUserPoolMfaConfigResponse
setUserPoolMfaConfig
(Consumer<SetUserPoolMfaConfigRequest.Builder> setUserPoolMfaConfigRequest) Sets the user pool multi-factor authentication (MFA) configuration.default SetUserPoolMfaConfigResponse
setUserPoolMfaConfig
(SetUserPoolMfaConfigRequest setUserPoolMfaConfigRequest) Sets the user pool multi-factor authentication (MFA) configuration.default SetUserSettingsResponse
setUserSettings
(Consumer<SetUserSettingsRequest.Builder> setUserSettingsRequest) This action is no longer supported. You can use it to configure only SMS MFA.default SetUserSettingsResponse
setUserSettings
(SetUserSettingsRequest setUserSettingsRequest) This action is no longer supported. You can use it to configure only SMS MFA.default SignUpResponse
signUp
(Consumer<SignUpRequest.Builder> signUpRequest) Registers the user in the specified user pool and creates a user name, password, and user attributes.default SignUpResponse
signUp
(SignUpRequest signUpRequest) Registers the user in the specified user pool and creates a user name, password, and user attributes.default StartUserImportJobResponse
startUserImportJob
(Consumer<StartUserImportJobRequest.Builder> startUserImportJobRequest) Starts the user import.default StartUserImportJobResponse
startUserImportJob
(StartUserImportJobRequest startUserImportJobRequest) Starts the user import.default StopUserImportJobResponse
stopUserImportJob
(Consumer<StopUserImportJobRequest.Builder> stopUserImportJobRequest) Stops the user import job.default StopUserImportJobResponse
stopUserImportJob
(StopUserImportJobRequest stopUserImportJobRequest) Stops the user import job.default TagResourceResponse
tagResource
(Consumer<TagResourceRequest.Builder> tagResourceRequest) Assigns a set of tags to an Amazon Cognito user pool.default TagResourceResponse
tagResource
(TagResourceRequest tagResourceRequest) Assigns a set of tags to an Amazon Cognito user pool.default UntagResourceResponse
untagResource
(Consumer<UntagResourceRequest.Builder> untagResourceRequest) Removes the specified tags from an Amazon Cognito user pool.default UntagResourceResponse
untagResource
(UntagResourceRequest untagResourceRequest) Removes the specified tags from an Amazon Cognito user pool.default UpdateAuthEventFeedbackResponse
updateAuthEventFeedback
(Consumer<UpdateAuthEventFeedbackRequest.Builder> updateAuthEventFeedbackRequest) Provides the feedback for an authentication event, whether it was from a valid user or not.default UpdateAuthEventFeedbackResponse
updateAuthEventFeedback
(UpdateAuthEventFeedbackRequest updateAuthEventFeedbackRequest) Provides the feedback for an authentication event, whether it was from a valid user or not.default UpdateDeviceStatusResponse
updateDeviceStatus
(Consumer<UpdateDeviceStatusRequest.Builder> updateDeviceStatusRequest) Updates the device status.default UpdateDeviceStatusResponse
updateDeviceStatus
(UpdateDeviceStatusRequest updateDeviceStatusRequest) Updates the device status.default UpdateGroupResponse
updateGroup
(Consumer<UpdateGroupRequest.Builder> updateGroupRequest) Updates the specified group with the specified attributes.default UpdateGroupResponse
updateGroup
(UpdateGroupRequest updateGroupRequest) Updates the specified group with the specified attributes.default UpdateIdentityProviderResponse
updateIdentityProvider
(Consumer<UpdateIdentityProviderRequest.Builder> updateIdentityProviderRequest) Updates IdP information for a user pool.default UpdateIdentityProviderResponse
updateIdentityProvider
(UpdateIdentityProviderRequest updateIdentityProviderRequest) Updates IdP information for a user pool.default UpdateResourceServerResponse
updateResourceServer
(Consumer<UpdateResourceServerRequest.Builder> updateResourceServerRequest) Updates the name and scopes of resource server.default UpdateResourceServerResponse
updateResourceServer
(UpdateResourceServerRequest updateResourceServerRequest) Updates the name and scopes of resource server.default UpdateUserAttributesResponse
updateUserAttributes
(Consumer<UpdateUserAttributesRequest.Builder> updateUserAttributesRequest) With this operation, your users can update one or more of their attributes with their own credentials.default UpdateUserAttributesResponse
updateUserAttributes
(UpdateUserAttributesRequest updateUserAttributesRequest) With this operation, your users can update one or more of their attributes with their own credentials.default UpdateUserPoolResponse
updateUserPool
(Consumer<UpdateUserPoolRequest.Builder> updateUserPoolRequest) default UpdateUserPoolResponse
updateUserPool
(UpdateUserPoolRequest updateUserPoolRequest) default UpdateUserPoolClientResponse
updateUserPoolClient
(Consumer<UpdateUserPoolClientRequest.Builder> updateUserPoolClientRequest) Updates the specified user pool app client with the specified attributes.default UpdateUserPoolClientResponse
updateUserPoolClient
(UpdateUserPoolClientRequest updateUserPoolClientRequest) Updates the specified user pool app client with the specified attributes.default UpdateUserPoolDomainResponse
updateUserPoolDomain
(Consumer<UpdateUserPoolDomainRequest.Builder> updateUserPoolDomainRequest) Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.default UpdateUserPoolDomainResponse
updateUserPoolDomain
(UpdateUserPoolDomainRequest updateUserPoolDomainRequest) Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.default VerifySoftwareTokenResponse
verifySoftwareToken
(Consumer<VerifySoftwareTokenRequest.Builder> verifySoftwareTokenRequest) Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful.default VerifySoftwareTokenResponse
verifySoftwareToken
(VerifySoftwareTokenRequest verifySoftwareTokenRequest) Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful.default VerifyUserAttributeResponse
verifyUserAttribute
(Consumer<VerifyUserAttributeRequest.Builder> verifyUserAttributeRequest) Verifies the specified user attributes in the user pool.default VerifyUserAttributeResponse
verifyUserAttribute
(VerifyUserAttributeRequest verifyUserAttributeRequest) Verifies the specified user attributes in the user pool.Methods inherited from interface software.amazon.awssdk.utils.SdkAutoCloseable
close
Methods inherited from interface software.amazon.awssdk.core.SdkClient
serviceName
-
Field Details
-
SERVICE_NAME
- See Also:
-
SERVICE_METADATA_ID
Value for looking up the service's metadata from theServiceMetadataProvider
.- See Also:
-
-
Method Details
-
addCustomAttributes
default AddCustomAttributesResponse addCustomAttributes(AddCustomAttributesRequest addCustomAttributesRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserImportInProgressException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Adds additional user attributes to the user pool schema.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
addCustomAttributesRequest
- Represents the request to add custom attributes.- Returns:
- Result of the AddCustomAttributes operation returned by the service.
- See Also:
-
addCustomAttributes
default AddCustomAttributesResponse addCustomAttributes(Consumer<AddCustomAttributesRequest.Builder> addCustomAttributesRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserImportInProgressException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Adds additional user attributes to the user pool schema.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AddCustomAttributesRequest.Builder
avoiding the need to create one manually viaAddCustomAttributesRequest.builder()
- Parameters:
addCustomAttributesRequest
- AConsumer
that will call methods onAddCustomAttributesRequest.Builder
to create a request. Represents the request to add custom attributes.- Returns:
- Result of the AddCustomAttributes operation returned by the service.
- See Also:
-
adminAddUserToGroup
default AdminAddUserToGroupResponse adminAddUserToGroup(AdminAddUserToGroupRequest adminAddUserToGroupRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Adds a user to a group. A user who is in a group can present a preferred-role claim to an identity pool, and populates a
cognito:groups
claim to their access and identity tokens.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminAddUserToGroupRequest
-- Returns:
- Result of the AdminAddUserToGroup operation returned by the service.
- See Also:
-
adminAddUserToGroup
default AdminAddUserToGroupResponse adminAddUserToGroup(Consumer<AdminAddUserToGroupRequest.Builder> adminAddUserToGroupRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Adds a user to a group. A user who is in a group can present a preferred-role claim to an identity pool, and populates a
cognito:groups
claim to their access and identity tokens.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminAddUserToGroupRequest.Builder
avoiding the need to create one manually viaAdminAddUserToGroupRequest.builder()
- Parameters:
adminAddUserToGroupRequest
- AConsumer
that will call methods onAdminAddUserToGroupRequest.Builder
to create a request.- Returns:
- Result of the AdminAddUserToGroup operation returned by the service.
- See Also:
-
adminConfirmSignUp
default AdminConfirmSignUpResponse adminConfirmSignUp(AdminConfirmSignUpRequest adminConfirmSignUpRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, TooManyFailedAttemptsException, InvalidLambdaResponseException, TooManyRequestsException, LimitExceededException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This IAM-authenticated API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.
Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users confirm their accounts when they respond to their invitation email message and choose a password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminConfirmSignUpRequest
- Confirm a user's registration as a user pool administrator.- Returns:
- Result of the AdminConfirmSignUp operation returned by the service.
- See Also:
-
adminConfirmSignUp
default AdminConfirmSignUpResponse adminConfirmSignUp(Consumer<AdminConfirmSignUpRequest.Builder> adminConfirmSignUpRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, TooManyFailedAttemptsException, InvalidLambdaResponseException, TooManyRequestsException, LimitExceededException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This IAM-authenticated API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.
Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users confirm their accounts when they respond to their invitation email message and choose a password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminConfirmSignUpRequest.Builder
avoiding the need to create one manually viaAdminConfirmSignUpRequest.builder()
- Parameters:
adminConfirmSignUpRequest
- AConsumer
that will call methods onAdminConfirmSignUpRequest.Builder
to create a request. Confirm a user's registration as a user pool administrator.- Returns:
- Result of the AdminConfirmSignUp operation returned by the service.
- See Also:
-
adminCreateUser
default AdminCreateUserResponse adminCreateUser(AdminCreateUserRequest adminCreateUserRequest) throws ResourceNotFoundException, InvalidParameterException, UserNotFoundException, UsernameExistsException, InvalidPasswordException, CodeDeliveryFailureException, UnexpectedLambdaException, UserLambdaValidationException, InvalidLambdaResponseException, PreconditionNotMetException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, TooManyRequestsException, NotAuthorizedException, UnsupportedUserStateException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates a new user in the specified user pool.
If
MessageAction
isn't set, the default is to send a welcome message via email or phone (SMS).This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.
Alternatively, you can call
AdminCreateUser
withSUPPRESS
for theMessageAction
parameter, and Amazon Cognito won't send any email.In either case, the user will be in the
FORCE_CHANGE_PASSWORD
state until they sign in and change their password.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminCreateUserRequest
- Represents the request to create a user in the specified user pool.- Returns:
- Result of the AdminCreateUser operation returned by the service.
- See Also:
-
adminCreateUser
default AdminCreateUserResponse adminCreateUser(Consumer<AdminCreateUserRequest.Builder> adminCreateUserRequest) throws ResourceNotFoundException, InvalidParameterException, UserNotFoundException, UsernameExistsException, InvalidPasswordException, CodeDeliveryFailureException, UnexpectedLambdaException, UserLambdaValidationException, InvalidLambdaResponseException, PreconditionNotMetException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, TooManyRequestsException, NotAuthorizedException, UnsupportedUserStateException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates a new user in the specified user pool.
If
MessageAction
isn't set, the default is to send a welcome message via email or phone (SMS).This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.
Alternatively, you can call
AdminCreateUser
withSUPPRESS
for theMessageAction
parameter, and Amazon Cognito won't send any email.In either case, the user will be in the
FORCE_CHANGE_PASSWORD
state until they sign in and change their password.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminCreateUserRequest.Builder
avoiding the need to create one manually viaAdminCreateUserRequest.builder()
- Parameters:
adminCreateUserRequest
- AConsumer
that will call methods onAdminCreateUserRequest.Builder
to create a request. Represents the request to create a user in the specified user pool.- Returns:
- Result of the AdminCreateUser operation returned by the service.
- See Also:
-
adminDeleteUser
default AdminDeleteUserResponse adminDeleteUser(AdminDeleteUserRequest adminDeleteUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes a user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminDeleteUserRequest
- Represents the request to delete a user as an administrator.- Returns:
- Result of the AdminDeleteUser operation returned by the service.
- See Also:
-
adminDeleteUser
default AdminDeleteUserResponse adminDeleteUser(Consumer<AdminDeleteUserRequest.Builder> adminDeleteUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes a user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminDeleteUserRequest.Builder
avoiding the need to create one manually viaAdminDeleteUserRequest.builder()
- Parameters:
adminDeleteUserRequest
- AConsumer
that will call methods onAdminDeleteUserRequest.Builder
to create a request. Represents the request to delete a user as an administrator.- Returns:
- Result of the AdminDeleteUser operation returned by the service.
- See Also:
-
adminDeleteUserAttributes
default AdminDeleteUserAttributesResponse adminDeleteUserAttributes(AdminDeleteUserAttributesRequest adminDeleteUserAttributesRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes the user attributes in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminDeleteUserAttributesRequest
- Represents the request to delete user attributes as an administrator.- Returns:
- Result of the AdminDeleteUserAttributes operation returned by the service.
- See Also:
-
adminDeleteUserAttributes
default AdminDeleteUserAttributesResponse adminDeleteUserAttributes(Consumer<AdminDeleteUserAttributesRequest.Builder> adminDeleteUserAttributesRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes the user attributes in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminDeleteUserAttributesRequest.Builder
avoiding the need to create one manually viaAdminDeleteUserAttributesRequest.builder()
- Parameters:
adminDeleteUserAttributesRequest
- AConsumer
that will call methods onAdminDeleteUserAttributesRequest.Builder
to create a request. Represents the request to delete user attributes as an administrator.- Returns:
- Result of the AdminDeleteUserAttributes operation returned by the service.
- See Also:
-
adminDisableProviderForUser
default AdminDisableProviderForUserResponse adminDisableProviderForUser(AdminDisableProviderForUserRequest adminDisableProviderForUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, AliasExistsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can't use their password to sign in. If the user to deactivate is a linked external IdP user, any link between that user and an existing user is removed. When the external user signs in again, and the user is no longer attached to the previously linked
DestinationUser
, the user must create a new user account. See AdminLinkProviderForUser.The
ProviderName
must match the value specified when creating an IdP for the pool.To deactivate a native username + password user, the
ProviderName
value must beCognito
and theProviderAttributeName
must beCognito_Subject
. TheProviderAttributeValue
must be the name that is used in the user pool for the user.The
ProviderAttributeName
must always beCognito_Subject
for social IdPs. TheProviderAttributeValue
must always be the exact subject that was used when the user was originally linked as a source user.For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the
ProviderAttributeName
andProviderAttributeValue
must be the same values that were used for theSourceUser
when the identities were originally linked usingAdminLinkProviderForUser
call. (If the linking was done withProviderAttributeName
set toCognito_Subject
, the same applies here). However, if the user has already signed in, theProviderAttributeName
must beCognito_Subject
andProviderAttributeValue
must be the subject of the SAML assertion.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminDisableProviderForUserRequest
-- Returns:
- Result of the AdminDisableProviderForUser operation returned by the service.
- See Also:
-
adminDisableProviderForUser
default AdminDisableProviderForUserResponse adminDisableProviderForUser(Consumer<AdminDisableProviderForUserRequest.Builder> adminDisableProviderForUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, AliasExistsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can't use their password to sign in. If the user to deactivate is a linked external IdP user, any link between that user and an existing user is removed. When the external user signs in again, and the user is no longer attached to the previously linked
DestinationUser
, the user must create a new user account. See AdminLinkProviderForUser.The
ProviderName
must match the value specified when creating an IdP for the pool.To deactivate a native username + password user, the
ProviderName
value must beCognito
and theProviderAttributeName
must beCognito_Subject
. TheProviderAttributeValue
must be the name that is used in the user pool for the user.The
ProviderAttributeName
must always beCognito_Subject
for social IdPs. TheProviderAttributeValue
must always be the exact subject that was used when the user was originally linked as a source user.For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the
ProviderAttributeName
andProviderAttributeValue
must be the same values that were used for theSourceUser
when the identities were originally linked usingAdminLinkProviderForUser
call. (If the linking was done withProviderAttributeName
set toCognito_Subject
, the same applies here). However, if the user has already signed in, theProviderAttributeName
must beCognito_Subject
andProviderAttributeValue
must be the subject of the SAML assertion.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminDisableProviderForUserRequest.Builder
avoiding the need to create one manually viaAdminDisableProviderForUserRequest.builder()
- Parameters:
adminDisableProviderForUserRequest
- AConsumer
that will call methods onAdminDisableProviderForUserRequest.Builder
to create a request.- Returns:
- Result of the AdminDisableProviderForUser operation returned by the service.
- See Also:
-
adminDisableUser
default AdminDisableUserResponse adminDisableUser(AdminDisableUserRequest adminDisableUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deactivates a user and revokes all access tokens for the user. A deactivated user can't sign in, but still appears in the responses to
GetUser
andListUsers
API requests.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminDisableUserRequest
- Represents the request to disable the user as an administrator.- Returns:
- Result of the AdminDisableUser operation returned by the service.
- See Also:
-
adminDisableUser
default AdminDisableUserResponse adminDisableUser(Consumer<AdminDisableUserRequest.Builder> adminDisableUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deactivates a user and revokes all access tokens for the user. A deactivated user can't sign in, but still appears in the responses to
GetUser
andListUsers
API requests.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminDisableUserRequest.Builder
avoiding the need to create one manually viaAdminDisableUserRequest.builder()
- Parameters:
adminDisableUserRequest
- AConsumer
that will call methods onAdminDisableUserRequest.Builder
to create a request. Represents the request to disable the user as an administrator.- Returns:
- Result of the AdminDisableUser operation returned by the service.
- See Also:
-
adminEnableUser
default AdminEnableUserResponse adminEnableUser(AdminEnableUserRequest adminEnableUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Enables the specified user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminEnableUserRequest
- Represents the request that enables the user as an administrator.- Returns:
- Result of the AdminEnableUser operation returned by the service.
- See Also:
-
adminEnableUser
default AdminEnableUserResponse adminEnableUser(Consumer<AdminEnableUserRequest.Builder> adminEnableUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Enables the specified user as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminEnableUserRequest.Builder
avoiding the need to create one manually viaAdminEnableUserRequest.builder()
- Parameters:
adminEnableUserRequest
- AConsumer
that will call methods onAdminEnableUserRequest.Builder
to create a request. Represents the request that enables the user as an administrator.- Returns:
- Result of the AdminEnableUser operation returned by the service.
- See Also:
-
adminForgetDevice
default AdminForgetDeviceResponse adminForgetDevice(AdminForgetDeviceRequest adminForgetDeviceRequest) throws ResourceNotFoundException, InvalidParameterException, InvalidUserPoolConfigurationException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Forgets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminForgetDeviceRequest
- Sends the forgot device request, as an administrator.- Returns:
- Result of the AdminForgetDevice operation returned by the service.
- See Also:
-
adminForgetDevice
default AdminForgetDeviceResponse adminForgetDevice(Consumer<AdminForgetDeviceRequest.Builder> adminForgetDeviceRequest) throws ResourceNotFoundException, InvalidParameterException, InvalidUserPoolConfigurationException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Forgets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminForgetDeviceRequest.Builder
avoiding the need to create one manually viaAdminForgetDeviceRequest.builder()
- Parameters:
adminForgetDeviceRequest
- AConsumer
that will call methods onAdminForgetDeviceRequest.Builder
to create a request. Sends the forgot device request, as an administrator.- Returns:
- Result of the AdminForgetDevice operation returned by the service.
- See Also:
-
adminGetDevice
default AdminGetDeviceResponse adminGetDevice(AdminGetDeviceRequest adminGetDeviceRequest) throws ResourceNotFoundException, InvalidParameterException, InvalidUserPoolConfigurationException, TooManyRequestsException, InternalErrorException, NotAuthorizedException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminGetDeviceRequest
- Represents the request to get the device, as an administrator.- Returns:
- Result of the AdminGetDevice operation returned by the service.
- See Also:
-
adminGetDevice
default AdminGetDeviceResponse adminGetDevice(Consumer<AdminGetDeviceRequest.Builder> adminGetDeviceRequest) throws ResourceNotFoundException, InvalidParameterException, InvalidUserPoolConfigurationException, TooManyRequestsException, InternalErrorException, NotAuthorizedException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the device, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminGetDeviceRequest.Builder
avoiding the need to create one manually viaAdminGetDeviceRequest.builder()
- Parameters:
adminGetDeviceRequest
- AConsumer
that will call methods onAdminGetDeviceRequest.Builder
to create a request. Represents the request to get the device, as an administrator.- Returns:
- Result of the AdminGetDevice operation returned by the service.
- See Also:
-
adminGetUser
default AdminGetUserResponse adminGetUser(AdminGetUserRequest adminGetUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the specified user by user name in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminGetUserRequest
- Represents the request to get the specified user as an administrator.- Returns:
- Result of the AdminGetUser operation returned by the service.
- See Also:
-
adminGetUser
default AdminGetUserResponse adminGetUser(Consumer<AdminGetUserRequest.Builder> adminGetUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the specified user by user name in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminGetUserRequest.Builder
avoiding the need to create one manually viaAdminGetUserRequest.builder()
- Parameters:
adminGetUserRequest
- AConsumer
that will call methods onAdminGetUserRequest.Builder
to create a request. Represents the request to get the specified user as an administrator.- Returns:
- Result of the AdminGetUser operation returned by the service.
- See Also:
-
adminInitiateAuth
default AdminInitiateAuthResponse adminInitiateAuth(AdminInitiateAuthRequest adminInitiateAuthRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, UnexpectedLambdaException, InvalidUserPoolConfigurationException, UserLambdaValidationException, InvalidLambdaResponseException, MfaMethodNotFoundException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Initiates the authentication flow, as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminInitiateAuthRequest
- Initiates the authorization request, as an administrator.- Returns:
- Result of the AdminInitiateAuth operation returned by the service.
- See Also:
-
adminInitiateAuth
default AdminInitiateAuthResponse adminInitiateAuth(Consumer<AdminInitiateAuthRequest.Builder> adminInitiateAuthRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, UnexpectedLambdaException, InvalidUserPoolConfigurationException, UserLambdaValidationException, InvalidLambdaResponseException, MfaMethodNotFoundException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Initiates the authentication flow, as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminInitiateAuthRequest.Builder
avoiding the need to create one manually viaAdminInitiateAuthRequest.builder()
- Parameters:
adminInitiateAuthRequest
- AConsumer
that will call methods onAdminInitiateAuthRequest.Builder
to create a request. Initiates the authorization request, as an administrator.- Returns:
- Result of the AdminInitiateAuth operation returned by the service.
- See Also:
-
adminLinkProviderForUser
default AdminLinkProviderForUserResponse adminLinkProviderForUser(AdminLinkProviderForUserRequest adminLinkProviderForUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, AliasExistsException, LimitExceededException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Links an existing user account in a user pool (
DestinationUser
) to an identity from an external IdP (SourceUser
) based on a specified attribute name and value from the external IdP. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in. You can then use the federated user identity to sign in as the existing user account.For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account.
The maximum number of federated identities linked to a user is five.
Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminLinkProviderForUserRequest
-- Returns:
- Result of the AdminLinkProviderForUser operation returned by the service.
- See Also:
-
adminLinkProviderForUser
default AdminLinkProviderForUserResponse adminLinkProviderForUser(Consumer<AdminLinkProviderForUserRequest.Builder> adminLinkProviderForUserRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, AliasExistsException, LimitExceededException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Links an existing user account in a user pool (
DestinationUser
) to an identity from an external IdP (SourceUser
) based on a specified attribute name and value from the external IdP. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in. You can then use the federated user identity to sign in as the existing user account.For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account.
The maximum number of federated identities linked to a user is five.
Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminLinkProviderForUserRequest.Builder
avoiding the need to create one manually viaAdminLinkProviderForUserRequest.builder()
- Parameters:
adminLinkProviderForUserRequest
- AConsumer
that will call methods onAdminLinkProviderForUserRequest.Builder
to create a request.- Returns:
- Result of the AdminLinkProviderForUser operation returned by the service.
- See Also:
-
adminListDevices
default AdminListDevicesResponse adminListDevices(AdminListDevicesRequest adminListDevicesRequest) throws InvalidParameterException, ResourceNotFoundException, InvalidUserPoolConfigurationException, TooManyRequestsException, InternalErrorException, NotAuthorizedException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists devices, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminListDevicesRequest
- Represents the request to list devices, as an administrator.- Returns:
- Result of the AdminListDevices operation returned by the service.
- See Also:
-
adminListDevices
default AdminListDevicesResponse adminListDevices(Consumer<AdminListDevicesRequest.Builder> adminListDevicesRequest) throws InvalidParameterException, ResourceNotFoundException, InvalidUserPoolConfigurationException, TooManyRequestsException, InternalErrorException, NotAuthorizedException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists devices, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminListDevicesRequest.Builder
avoiding the need to create one manually viaAdminListDevicesRequest.builder()
- Parameters:
adminListDevicesRequest
- AConsumer
that will call methods onAdminListDevicesRequest.Builder
to create a request. Represents the request to list devices, as an administrator.- Returns:
- Result of the AdminListDevices operation returned by the service.
- See Also:
-
adminListGroupsForUser
default AdminListGroupsForUserResponse adminListGroupsForUser(AdminListGroupsForUserRequest adminListGroupsForUserRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the groups that a user belongs to.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminListGroupsForUserRequest
-- Returns:
- Result of the AdminListGroupsForUser operation returned by the service.
- See Also:
-
adminListGroupsForUser
default AdminListGroupsForUserResponse adminListGroupsForUser(Consumer<AdminListGroupsForUserRequest.Builder> adminListGroupsForUserRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the groups that a user belongs to.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminListGroupsForUserRequest.Builder
avoiding the need to create one manually viaAdminListGroupsForUserRequest.builder()
- Parameters:
adminListGroupsForUserRequest
- AConsumer
that will call methods onAdminListGroupsForUserRequest.Builder
to create a request.- Returns:
- Result of the AdminListGroupsForUser operation returned by the service.
- See Also:
-
adminListGroupsForUserPaginator
default AdminListGroupsForUserIterable adminListGroupsForUserPaginator(AdminListGroupsForUserRequest adminListGroupsForUserRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
adminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client.adminListGroupsForUserPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client .adminListGroupsForUserPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client.adminListGroupsForUserPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
adminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest)
operation.- Parameters:
adminListGroupsForUserRequest
-- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
adminListGroupsForUserPaginator
default AdminListGroupsForUserIterable adminListGroupsForUserPaginator(Consumer<AdminListGroupsForUserRequest.Builder> adminListGroupsForUserRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
adminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client.adminListGroupsForUserPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client .adminListGroupsForUserPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client.adminListGroupsForUserPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
adminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest)
operation.
This is a convenience which creates an instance of the
AdminListGroupsForUserRequest.Builder
avoiding the need to create one manually viaAdminListGroupsForUserRequest.builder()
- Parameters:
adminListGroupsForUserRequest
- AConsumer
that will call methods onAdminListGroupsForUserRequest.Builder
to create a request.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
adminListUserAuthEvents
default AdminListUserAuthEventsResponse adminListUserAuthEvents(AdminListUserAuthEventsRequest adminListUserAuthEventsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, UserPoolAddOnNotEnabledException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException A history of user activity and any risks detected as part of Amazon Cognito advanced security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminListUserAuthEventsRequest
-- Returns:
- Result of the AdminListUserAuthEvents operation returned by the service.
- See Also:
-
adminListUserAuthEvents
default AdminListUserAuthEventsResponse adminListUserAuthEvents(Consumer<AdminListUserAuthEventsRequest.Builder> adminListUserAuthEventsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, UserPoolAddOnNotEnabledException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException A history of user activity and any risks detected as part of Amazon Cognito advanced security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminListUserAuthEventsRequest.Builder
avoiding the need to create one manually viaAdminListUserAuthEventsRequest.builder()
- Parameters:
adminListUserAuthEventsRequest
- AConsumer
that will call methods onAdminListUserAuthEventsRequest.Builder
to create a request.- Returns:
- Result of the AdminListUserAuthEvents operation returned by the service.
- See Also:
-
adminListUserAuthEventsPaginator
default AdminListUserAuthEventsIterable adminListUserAuthEventsPaginator(AdminListUserAuthEventsRequest adminListUserAuthEventsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, UserPoolAddOnNotEnabledException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
adminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client.adminListUserAuthEventsPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client .adminListUserAuthEventsPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client.adminListUserAuthEventsPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
adminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest)
operation.- Parameters:
adminListUserAuthEventsRequest
-- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
adminListUserAuthEventsPaginator
default AdminListUserAuthEventsIterable adminListUserAuthEventsPaginator(Consumer<AdminListUserAuthEventsRequest.Builder> adminListUserAuthEventsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, UserPoolAddOnNotEnabledException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
adminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client.adminListUserAuthEventsPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client .adminListUserAuthEventsPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client.adminListUserAuthEventsPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
adminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest)
operation.
This is a convenience which creates an instance of the
AdminListUserAuthEventsRequest.Builder
avoiding the need to create one manually viaAdminListUserAuthEventsRequest.builder()
- Parameters:
adminListUserAuthEventsRequest
- AConsumer
that will call methods onAdminListUserAuthEventsRequest.Builder
to create a request.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
adminRemoveUserFromGroup
default AdminRemoveUserFromGroupResponse adminRemoveUserFromGroup(AdminRemoveUserFromGroupRequest adminRemoveUserFromGroupRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Removes the specified user from the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminRemoveUserFromGroupRequest
-- Returns:
- Result of the AdminRemoveUserFromGroup operation returned by the service.
- See Also:
-
adminRemoveUserFromGroup
default AdminRemoveUserFromGroupResponse adminRemoveUserFromGroup(Consumer<AdminRemoveUserFromGroupRequest.Builder> adminRemoveUserFromGroupRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Removes the specified user from the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminRemoveUserFromGroupRequest.Builder
avoiding the need to create one manually viaAdminRemoveUserFromGroupRequest.builder()
- Parameters:
adminRemoveUserFromGroupRequest
- AConsumer
that will call methods onAdminRemoveUserFromGroupRequest.Builder
to create a request.- Returns:
- Result of the AdminRemoveUserFromGroup operation returned by the service.
- See Also:
-
adminResetUserPassword
default AdminResetUserPasswordResponse adminResetUserPassword(AdminResetUserPasswordRequest adminResetUserPasswordRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, InvalidLambdaResponseException, TooManyRequestsException, LimitExceededException, UserNotFoundException, InvalidSmsRoleAccessPolicyException, InvalidEmailRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Resets the specified user's password in a user pool as an administrator. Works on any user.
To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Deactivates a user's password, requiring them to change it. If a user tries to sign in after the API is called, Amazon Cognito responds with a
PasswordResetRequiredException
error. Your app must then perform the actions that reset your user's password: the forgot-password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminResetUserPasswordRequest
- Represents the request to reset a user's password as an administrator.- Returns:
- Result of the AdminResetUserPassword operation returned by the service.
- See Also:
-
adminResetUserPassword
default AdminResetUserPasswordResponse adminResetUserPassword(Consumer<AdminResetUserPasswordRequest.Builder> adminResetUserPasswordRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, InvalidLambdaResponseException, TooManyRequestsException, LimitExceededException, UserNotFoundException, InvalidSmsRoleAccessPolicyException, InvalidEmailRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Resets the specified user's password in a user pool as an administrator. Works on any user.
To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Deactivates a user's password, requiring them to change it. If a user tries to sign in after the API is called, Amazon Cognito responds with a
PasswordResetRequiredException
error. Your app must then perform the actions that reset your user's password: the forgot-password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminResetUserPasswordRequest.Builder
avoiding the need to create one manually viaAdminResetUserPasswordRequest.builder()
- Parameters:
adminResetUserPasswordRequest
- AConsumer
that will call methods onAdminResetUserPasswordRequest.Builder
to create a request. Represents the request to reset a user's password as an administrator.- Returns:
- Result of the AdminResetUserPassword operation returned by the service.
- See Also:
-
adminRespondToAuthChallenge
default AdminRespondToAuthChallengeResponse adminRespondToAuthChallenge(AdminRespondToAuthChallengeRequest adminRespondToAuthChallengeRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, CodeMismatchException, ExpiredCodeException, UnexpectedLambdaException, InvalidPasswordException, UserLambdaValidationException, InvalidLambdaResponseException, TooManyRequestsException, InvalidUserPoolConfigurationException, InternalErrorException, MfaMethodNotFoundException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, AliasExistsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, SoftwareTokenMfaNotFoundException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. An
AdminRespondToAuthChallenge
API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminRespondToAuthChallengeRequest
- The request to respond to the authentication challenge, as an administrator.- Returns:
- Result of the AdminRespondToAuthChallenge operation returned by the service.
- See Also:
-
adminRespondToAuthChallenge
default AdminRespondToAuthChallengeResponse adminRespondToAuthChallenge(Consumer<AdminRespondToAuthChallengeRequest.Builder> adminRespondToAuthChallengeRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, CodeMismatchException, ExpiredCodeException, UnexpectedLambdaException, InvalidPasswordException, UserLambdaValidationException, InvalidLambdaResponseException, TooManyRequestsException, InvalidUserPoolConfigurationException, InternalErrorException, MfaMethodNotFoundException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, AliasExistsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, SoftwareTokenMfaNotFoundException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. An
AdminRespondToAuthChallenge
API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminRespondToAuthChallengeRequest.Builder
avoiding the need to create one manually viaAdminRespondToAuthChallengeRequest.builder()
- Parameters:
adminRespondToAuthChallengeRequest
- AConsumer
that will call methods onAdminRespondToAuthChallengeRequest.Builder
to create a request. The request to respond to the authentication challenge, as an administrator.- Returns:
- Result of the AdminRespondToAuthChallenge operation returned by the service.
- See Also:
-
adminSetUserMFAPreference
default AdminSetUserMfaPreferenceResponse adminSetUserMFAPreference(AdminSetUserMfaPreferenceRequest adminSetUserMfaPreferenceRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminSetUserMfaPreferenceRequest
-- Returns:
- Result of the AdminSetUserMFAPreference operation returned by the service.
- See Also:
-
adminSetUserMFAPreference
default AdminSetUserMfaPreferenceResponse adminSetUserMFAPreference(Consumer<AdminSetUserMfaPreferenceRequest.Builder> adminSetUserMfaPreferenceRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminSetUserMfaPreferenceRequest.Builder
avoiding the need to create one manually viaAdminSetUserMfaPreferenceRequest.builder()
- Parameters:
adminSetUserMfaPreferenceRequest
- AConsumer
that will call methods onAdminSetUserMfaPreferenceRequest.Builder
to create a request.- Returns:
- Result of the AdminSetUserMFAPreference operation returned by the service.
- See Also:
-
adminSetUserPassword
default AdminSetUserPasswordResponse adminSetUserPassword(AdminSetUserPasswordRequest adminSetUserPasswordRequest) throws ResourceNotFoundException, NotAuthorizedException, UserNotFoundException, InternalErrorException, TooManyRequestsException, InvalidParameterException, InvalidPasswordException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Sets the specified user's password in a user pool as an administrator. Works on any user.
The password can be temporary or permanent. If it is temporary, the user status enters the
FORCE_CHANGE_PASSWORD
state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth response will contain theNEW_PASSWORD_REQUIRED
challenge. If the user doesn't sign in before it expires, the user won't be able to sign in, and an administrator must reset their password.Once the user has set a new password, or the password is permanent, the user status is set to
Confirmed
.AdminSetUserPassword
can set a password for the user profile that Amazon Cognito creates for third-party federated users. When you set a password, the federated user's status changes fromEXTERNAL_PROVIDER
toCONFIRMED
. A user in this state can sign in as a federated user, and initiate authentication flows in the API like a linked native user. They can also modify their password and attributes in token-authenticated API requests likeChangePassword
andUpdateUserAttributes
. As a best security practice and to keep users in sync with your external IdP, don't set passwords on federated user profiles. To set up a federated user for native sign-in with a linked native user, refer to Linking federated users to an existing user profile.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminSetUserPasswordRequest
-- Returns:
- Result of the AdminSetUserPassword operation returned by the service.
- See Also:
-
adminSetUserPassword
default AdminSetUserPasswordResponse adminSetUserPassword(Consumer<AdminSetUserPasswordRequest.Builder> adminSetUserPasswordRequest) throws ResourceNotFoundException, NotAuthorizedException, UserNotFoundException, InternalErrorException, TooManyRequestsException, InvalidParameterException, InvalidPasswordException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Sets the specified user's password in a user pool as an administrator. Works on any user.
The password can be temporary or permanent. If it is temporary, the user status enters the
FORCE_CHANGE_PASSWORD
state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth response will contain theNEW_PASSWORD_REQUIRED
challenge. If the user doesn't sign in before it expires, the user won't be able to sign in, and an administrator must reset their password.Once the user has set a new password, or the password is permanent, the user status is set to
Confirmed
.AdminSetUserPassword
can set a password for the user profile that Amazon Cognito creates for third-party federated users. When you set a password, the federated user's status changes fromEXTERNAL_PROVIDER
toCONFIRMED
. A user in this state can sign in as a federated user, and initiate authentication flows in the API like a linked native user. They can also modify their password and attributes in token-authenticated API requests likeChangePassword
andUpdateUserAttributes
. As a best security practice and to keep users in sync with your external IdP, don't set passwords on federated user profiles. To set up a federated user for native sign-in with a linked native user, refer to Linking federated users to an existing user profile.Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminSetUserPasswordRequest.Builder
avoiding the need to create one manually viaAdminSetUserPasswordRequest.builder()
- Parameters:
adminSetUserPasswordRequest
- AConsumer
that will call methods onAdminSetUserPasswordRequest.Builder
to create a request.- Returns:
- Result of the AdminSetUserPassword operation returned by the service.
- See Also:
-
adminSetUserSettings
default AdminSetUserSettingsResponse adminSetUserSettings(AdminSetUserSettingsRequest adminSetUserSettingsRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminSetUserSettingsRequest
- You can use this parameter to set an MFA configuration that uses the SMS delivery medium.- Returns:
- Result of the AdminSetUserSettings operation returned by the service.
- See Also:
-
adminSetUserSettings
default AdminSetUserSettingsResponse adminSetUserSettings(Consumer<AdminSetUserSettingsRequest.Builder> adminSetUserSettingsRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminSetUserSettingsRequest.Builder
avoiding the need to create one manually viaAdminSetUserSettingsRequest.builder()
- Parameters:
adminSetUserSettingsRequest
- AConsumer
that will call methods onAdminSetUserSettingsRequest.Builder
to create a request. You can use this parameter to set an MFA configuration that uses the SMS delivery medium.- Returns:
- Result of the AdminSetUserSettings operation returned by the service.
- See Also:
-
adminUpdateAuthEventFeedback
default AdminUpdateAuthEventFeedbackResponse adminUpdateAuthEventFeedback(AdminUpdateAuthEventFeedbackRequest adminUpdateAuthEventFeedbackRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, UserPoolAddOnNotEnabledException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminUpdateAuthEventFeedbackRequest
-- Returns:
- Result of the AdminUpdateAuthEventFeedback operation returned by the service.
- See Also:
-
adminUpdateAuthEventFeedback
default AdminUpdateAuthEventFeedbackResponse adminUpdateAuthEventFeedback(Consumer<AdminUpdateAuthEventFeedbackRequest.Builder> adminUpdateAuthEventFeedbackRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, UserPoolAddOnNotEnabledException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminUpdateAuthEventFeedbackRequest.Builder
avoiding the need to create one manually viaAdminUpdateAuthEventFeedbackRequest.builder()
- Parameters:
adminUpdateAuthEventFeedbackRequest
- AConsumer
that will call methods onAdminUpdateAuthEventFeedbackRequest.Builder
to create a request.- Returns:
- Result of the AdminUpdateAuthEventFeedback operation returned by the service.
- See Also:
-
adminUpdateDeviceStatus
default AdminUpdateDeviceStatusResponse adminUpdateDeviceStatus(AdminUpdateDeviceStatusRequest adminUpdateDeviceStatusRequest) throws InvalidParameterException, ResourceNotFoundException, InvalidUserPoolConfigurationException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the device status as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminUpdateDeviceStatusRequest
- The request to update the device status, as an administrator.- Returns:
- Result of the AdminUpdateDeviceStatus operation returned by the service.
- See Also:
-
adminUpdateDeviceStatus
default AdminUpdateDeviceStatusResponse adminUpdateDeviceStatus(Consumer<AdminUpdateDeviceStatusRequest.Builder> adminUpdateDeviceStatusRequest) throws InvalidParameterException, ResourceNotFoundException, InvalidUserPoolConfigurationException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the device status as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminUpdateDeviceStatusRequest.Builder
avoiding the need to create one manually viaAdminUpdateDeviceStatusRequest.builder()
- Parameters:
adminUpdateDeviceStatusRequest
- AConsumer
that will call methods onAdminUpdateDeviceStatusRequest.Builder
to create a request. The request to update the device status, as an administrator.- Returns:
- Result of the AdminUpdateDeviceStatus operation returned by the service.
- See Also:
-
adminUpdateUserAttributes
default AdminUpdateUserAttributesResponse adminUpdateUserAttributes(AdminUpdateUserAttributesRequest adminUpdateUserAttributesRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, InvalidLambdaResponseException, AliasExistsException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, InvalidSmsRoleAccessPolicyException, InvalidEmailRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.
For custom attributes, you must prepend the
custom:
prefix to the attribute name.In addition to updating user attributes, this API can also be used to mark phone and email as verified.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminUpdateUserAttributesRequest
- Represents the request to update the user's attributes as an administrator.- Returns:
- Result of the AdminUpdateUserAttributes operation returned by the service.
- See Also:
-
adminUpdateUserAttributes
default AdminUpdateUserAttributesResponse adminUpdateUserAttributes(Consumer<AdminUpdateUserAttributesRequest.Builder> adminUpdateUserAttributesRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, InvalidLambdaResponseException, AliasExistsException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, InvalidSmsRoleAccessPolicyException, InvalidEmailRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.
For custom attributes, you must prepend the
custom:
prefix to the attribute name.In addition to updating user attributes, this API can also be used to mark phone and email as verified.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminUpdateUserAttributesRequest.Builder
avoiding the need to create one manually viaAdminUpdateUserAttributesRequest.builder()
- Parameters:
adminUpdateUserAttributesRequest
- AConsumer
that will call methods onAdminUpdateUserAttributesRequest.Builder
to create a request. Represents the request to update the user's attributes as an administrator.- Returns:
- Result of the AdminUpdateUserAttributes operation returned by the service.
- See Also:
-
adminUserGlobalSignOut
default AdminUserGlobalSignOutResponse adminUserGlobalSignOut(AdminUserGlobalSignOutRequest adminUserGlobalSignOutRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.
-
Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.
Amazon Cognito returns an
Access Token has been revoked
error when your app attempts to authorize a user pools API request with a revoked access token that contains the scopeaws.cognito.signin.user.admin
. -
Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with
ServerSideTokenCheck
enabled for its user pool IdP configuration in CognitoIdentityProvider. -
Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.
Other requests might be valid until your user's token expires.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
adminUserGlobalSignOutRequest
- The request to sign out of all devices, as an administrator.- Returns:
- Result of the AdminUserGlobalSignOut operation returned by the service.
- See Also:
-
-
adminUserGlobalSignOut
default AdminUserGlobalSignOutResponse adminUserGlobalSignOut(Consumer<AdminUserGlobalSignOutRequest.Builder> adminUserGlobalSignOutRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.
-
Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.
Amazon Cognito returns an
Access Token has been revoked
error when your app attempts to authorize a user pools API request with a revoked access token that contains the scopeaws.cognito.signin.user.admin
. -
Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with
ServerSideTokenCheck
enabled for its user pool IdP configuration in CognitoIdentityProvider. -
Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.
Other requests might be valid until your user's token expires.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
AdminUserGlobalSignOutRequest.Builder
avoiding the need to create one manually viaAdminUserGlobalSignOutRequest.builder()
- Parameters:
adminUserGlobalSignOutRequest
- AConsumer
that will call methods onAdminUserGlobalSignOutRequest.Builder
to create a request. The request to sign out of all devices, as an administrator.- Returns:
- Result of the AdminUserGlobalSignOut operation returned by the service.
- See Also:
-
-
associateSoftwareToken
default AssociateSoftwareTokenResponse associateSoftwareToken(AssociateSoftwareTokenRequest associateSoftwareTokenRequest) throws ConcurrentModificationException, InvalidParameterException, NotAuthorizedException, ResourceNotFoundException, InternalErrorException, SoftwareTokenMfaNotFoundException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an
AssociateSoftwareToken
request with either the user's access token, or a session string from a challenge response that you received from Amazon Cognito.Amazon Cognito disassociates an existing software token when you verify the new token in a VerifySoftwareToken API request. If you don't verify the software token and your user pool doesn't require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an
MFA_SETUP
orSOFTWARE_TOKEN_SETUP
challenge each time your user signs. Complete setup withAssociateSoftwareToken
andVerifySoftwareToken
.After you set up software token MFA for your user, Amazon Cognito generates a
SOFTWARE_TOKEN_MFA
challenge when they authenticate. Respond to this challenge with your user's TOTP.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
associateSoftwareTokenRequest
-- Returns:
- Result of the AssociateSoftwareToken operation returned by the service.
- See Also:
-
associateSoftwareToken
default AssociateSoftwareTokenResponse associateSoftwareToken(Consumer<AssociateSoftwareTokenRequest.Builder> associateSoftwareTokenRequest) throws ConcurrentModificationException, InvalidParameterException, NotAuthorizedException, ResourceNotFoundException, InternalErrorException, SoftwareTokenMfaNotFoundException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an
AssociateSoftwareToken
request with either the user's access token, or a session string from a challenge response that you received from Amazon Cognito.Amazon Cognito disassociates an existing software token when you verify the new token in a VerifySoftwareToken API request. If you don't verify the software token and your user pool doesn't require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an
MFA_SETUP
orSOFTWARE_TOKEN_SETUP
challenge each time your user signs. Complete setup withAssociateSoftwareToken
andVerifySoftwareToken
.After you set up software token MFA for your user, Amazon Cognito generates a
SOFTWARE_TOKEN_MFA
challenge when they authenticate. Respond to this challenge with your user's TOTP.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
AssociateSoftwareTokenRequest.Builder
avoiding the need to create one manually viaAssociateSoftwareTokenRequest.builder()
- Parameters:
associateSoftwareTokenRequest
- AConsumer
that will call methods onAssociateSoftwareTokenRequest.Builder
to create a request.- Returns:
- Result of the AssociateSoftwareToken operation returned by the service.
- See Also:
-
changePassword
default ChangePasswordResponse changePassword(ChangePasswordRequest changePasswordRequest) throws ResourceNotFoundException, InvalidParameterException, InvalidPasswordException, NotAuthorizedException, TooManyRequestsException, LimitExceededException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Changes the password for a specified user in a user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
changePasswordRequest
- Represents the request to change a user password.- Returns:
- Result of the ChangePassword operation returned by the service.
- See Also:
-
changePassword
default ChangePasswordResponse changePassword(Consumer<ChangePasswordRequest.Builder> changePasswordRequest) throws ResourceNotFoundException, InvalidParameterException, InvalidPasswordException, NotAuthorizedException, TooManyRequestsException, LimitExceededException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Changes the password for a specified user in a user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
ChangePasswordRequest.Builder
avoiding the need to create one manually viaChangePasswordRequest.builder()
- Parameters:
changePasswordRequest
- AConsumer
that will call methods onChangePasswordRequest.Builder
to create a request. Represents the request to change a user password.- Returns:
- Result of the ChangePassword operation returned by the service.
- See Also:
-
confirmDevice
default ConfirmDeviceResponse confirmDevice(ConfirmDeviceRequest confirmDeviceRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, InvalidPasswordException, InvalidLambdaResponseException, UsernameExistsException, InvalidUserPoolConfigurationException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
confirmDeviceRequest
- Confirms the device request.- Returns:
- Result of the ConfirmDevice operation returned by the service.
- See Also:
-
confirmDevice
default ConfirmDeviceResponse confirmDevice(Consumer<ConfirmDeviceRequest.Builder> confirmDeviceRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, InvalidPasswordException, InvalidLambdaResponseException, UsernameExistsException, InvalidUserPoolConfigurationException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
ConfirmDeviceRequest.Builder
avoiding the need to create one manually viaConfirmDeviceRequest.builder()
- Parameters:
confirmDeviceRequest
- AConsumer
that will call methods onConfirmDeviceRequest.Builder
to create a request. Confirms the device request.- Returns:
- Result of the ConfirmDevice operation returned by the service.
- See Also:
-
confirmForgotPassword
default ConfirmForgotPasswordResponse confirmForgotPassword(ConfirmForgotPasswordRequest confirmForgotPasswordRequest) throws ResourceNotFoundException, UnexpectedLambdaException, UserLambdaValidationException, InvalidParameterException, InvalidPasswordException, NotAuthorizedException, CodeMismatchException, ExpiredCodeException, TooManyFailedAttemptsException, InvalidLambdaResponseException, TooManyRequestsException, LimitExceededException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Allows a user to enter a confirmation code to reset a forgotten password.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
confirmForgotPasswordRequest
- The request representing the confirmation for a password reset.- Returns:
- Result of the ConfirmForgotPassword operation returned by the service.
- See Also:
-
confirmForgotPassword
default ConfirmForgotPasswordResponse confirmForgotPassword(Consumer<ConfirmForgotPasswordRequest.Builder> confirmForgotPasswordRequest) throws ResourceNotFoundException, UnexpectedLambdaException, UserLambdaValidationException, InvalidParameterException, InvalidPasswordException, NotAuthorizedException, CodeMismatchException, ExpiredCodeException, TooManyFailedAttemptsException, InvalidLambdaResponseException, TooManyRequestsException, LimitExceededException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Allows a user to enter a confirmation code to reset a forgotten password.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
ConfirmForgotPasswordRequest.Builder
avoiding the need to create one manually viaConfirmForgotPasswordRequest.builder()
- Parameters:
confirmForgotPasswordRequest
- AConsumer
that will call methods onConfirmForgotPasswordRequest.Builder
to create a request. The request representing the confirmation for a password reset.- Returns:
- Result of the ConfirmForgotPassword operation returned by the service.
- See Also:
-
confirmSignUp
default ConfirmSignUpResponse confirmSignUp(ConfirmSignUpRequest confirmSignUpRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, TooManyFailedAttemptsException, CodeMismatchException, ExpiredCodeException, InvalidLambdaResponseException, AliasExistsException, TooManyRequestsException, LimitExceededException, UserNotFoundException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.
Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
confirmSignUpRequest
- Represents the request to confirm registration of a user.- Returns:
- Result of the ConfirmSignUp operation returned by the service.
- See Also:
-
confirmSignUp
default ConfirmSignUpResponse confirmSignUp(Consumer<ConfirmSignUpRequest.Builder> confirmSignUpRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, TooManyFailedAttemptsException, CodeMismatchException, ExpiredCodeException, InvalidLambdaResponseException, AliasExistsException, TooManyRequestsException, LimitExceededException, UserNotFoundException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.
Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
ConfirmSignUpRequest.Builder
avoiding the need to create one manually viaConfirmSignUpRequest.builder()
- Parameters:
confirmSignUpRequest
- AConsumer
that will call methods onConfirmSignUpRequest.Builder
to create a request. Represents the request to confirm registration of a user.- Returns:
- Result of the ConfirmSignUp operation returned by the service.
- See Also:
-
createGroup
default CreateGroupResponse createGroup(CreateGroupRequest createGroupRequest) throws InvalidParameterException, GroupExistsException, ResourceNotFoundException, TooManyRequestsException, LimitExceededException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates a new group in the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
createGroupRequest
-- Returns:
- Result of the CreateGroup operation returned by the service.
- See Also:
-
createGroup
default CreateGroupResponse createGroup(Consumer<CreateGroupRequest.Builder> createGroupRequest) throws InvalidParameterException, GroupExistsException, ResourceNotFoundException, TooManyRequestsException, LimitExceededException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates a new group in the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
CreateGroupRequest.Builder
avoiding the need to create one manually viaCreateGroupRequest.builder()
- Parameters:
createGroupRequest
- AConsumer
that will call methods onCreateGroupRequest.Builder
to create a request.- Returns:
- Result of the CreateGroup operation returned by the service.
- See Also:
-
createIdentityProvider
default CreateIdentityProviderResponse createIdentityProvider(CreateIdentityProviderRequest createIdentityProviderRequest) throws InvalidParameterException, DuplicateProviderException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, LimitExceededException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
createIdentityProviderRequest
-- Returns:
- Result of the CreateIdentityProvider operation returned by the service.
- See Also:
-
createIdentityProvider
default CreateIdentityProviderResponse createIdentityProvider(Consumer<CreateIdentityProviderRequest.Builder> createIdentityProviderRequest) throws InvalidParameterException, DuplicateProviderException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, LimitExceededException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
CreateIdentityProviderRequest.Builder
avoiding the need to create one manually viaCreateIdentityProviderRequest.builder()
- Parameters:
createIdentityProviderRequest
- AConsumer
that will call methods onCreateIdentityProviderRequest.Builder
to create a request.- Returns:
- Result of the CreateIdentityProvider operation returned by the service.
- See Also:
-
createResourceServer
default CreateResourceServerResponse createResourceServer(CreateResourceServerRequest createResourceServerRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, LimitExceededException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates a new OAuth2.0 resource server and defines custom scopes within it.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
createResourceServerRequest
-- Returns:
- Result of the CreateResourceServer operation returned by the service.
- See Also:
-
createResourceServer
default CreateResourceServerResponse createResourceServer(Consumer<CreateResourceServerRequest.Builder> createResourceServerRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, LimitExceededException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates a new OAuth2.0 resource server and defines custom scopes within it.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
CreateResourceServerRequest.Builder
avoiding the need to create one manually viaCreateResourceServerRequest.builder()
- Parameters:
createResourceServerRequest
- AConsumer
that will call methods onCreateResourceServerRequest.Builder
to create a request.- Returns:
- Result of the CreateResourceServer operation returned by the service.
- See Also:
-
createUserImportJob
default CreateUserImportJobResponse createUserImportJob(CreateUserImportJobRequest createUserImportJobRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, PreconditionNotMetException, NotAuthorizedException, LimitExceededException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates a user import job.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
createUserImportJobRequest
- Represents the request to create the user import job.- Returns:
- Result of the CreateUserImportJob operation returned by the service.
- See Also:
-
createUserImportJob
default CreateUserImportJobResponse createUserImportJob(Consumer<CreateUserImportJobRequest.Builder> createUserImportJobRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, PreconditionNotMetException, NotAuthorizedException, LimitExceededException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates a user import job.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
CreateUserImportJobRequest.Builder
avoiding the need to create one manually viaCreateUserImportJobRequest.builder()
- Parameters:
createUserImportJobRequest
- AConsumer
that will call methods onCreateUserImportJobRequest.Builder
to create a request. Represents the request to create the user import job.- Returns:
- Result of the CreateUserImportJob operation returned by the service.
- See Also:
-
createUserPool
default CreateUserPoolResponse createUserPool(CreateUserPoolRequest createUserPoolRequest) throws InvalidParameterException, TooManyRequestsException, LimitExceededException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, NotAuthorizedException, UserPoolTaggingException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Creates a new Amazon Cognito user pool and sets the password policy for the pool.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
createUserPoolRequest
- Represents the request to create a user pool.- Returns:
- Result of the CreateUserPool operation returned by the service.
- See Also:
-
createUserPool
default CreateUserPoolResponse createUserPool(Consumer<CreateUserPoolRequest.Builder> createUserPoolRequest) throws InvalidParameterException, TooManyRequestsException, LimitExceededException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, NotAuthorizedException, UserPoolTaggingException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Creates a new Amazon Cognito user pool and sets the password policy for the pool.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
CreateUserPoolRequest.Builder
avoiding the need to create one manually viaCreateUserPoolRequest.builder()
- Parameters:
createUserPoolRequest
- AConsumer
that will call methods onCreateUserPoolRequest.Builder
to create a request. Represents the request to create a user pool.- Returns:
- Result of the CreateUserPool operation returned by the service.
- See Also:
-
createUserPoolClient
default CreateUserPoolClientResponse createUserPoolClient(CreateUserPoolClientRequest createUserPoolClientRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, LimitExceededException, NotAuthorizedException, ScopeDoesNotExistException, InvalidOAuthFlowException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates the user pool client.
When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, see RevokeToken.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
createUserPoolClientRequest
- Represents the request to create a user pool client.- Returns:
- Result of the CreateUserPoolClient operation returned by the service.
- See Also:
-
createUserPoolClient
default CreateUserPoolClientResponse createUserPoolClient(Consumer<CreateUserPoolClientRequest.Builder> createUserPoolClientRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, LimitExceededException, NotAuthorizedException, ScopeDoesNotExistException, InvalidOAuthFlowException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates the user pool client.
When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, see RevokeToken.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
CreateUserPoolClientRequest.Builder
avoiding the need to create one manually viaCreateUserPoolClientRequest.builder()
- Parameters:
createUserPoolClientRequest
- AConsumer
that will call methods onCreateUserPoolClientRequest.Builder
to create a request. Represents the request to create a user pool client.- Returns:
- Result of the CreateUserPoolClient operation returned by the service.
- See Also:
-
createUserPoolDomain
default CreateUserPoolDomainResponse createUserPoolDomain(CreateUserPoolDomainRequest createUserPoolDomainRequest) throws InvalidParameterException, NotAuthorizedException, ResourceNotFoundException, LimitExceededException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates a new domain for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
createUserPoolDomainRequest
-- Returns:
- Result of the CreateUserPoolDomain operation returned by the service.
- See Also:
-
createUserPoolDomain
default CreateUserPoolDomainResponse createUserPoolDomain(Consumer<CreateUserPoolDomainRequest.Builder> createUserPoolDomainRequest) throws InvalidParameterException, NotAuthorizedException, ResourceNotFoundException, LimitExceededException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Creates a new domain for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
CreateUserPoolDomainRequest.Builder
avoiding the need to create one manually viaCreateUserPoolDomainRequest.builder()
- Parameters:
createUserPoolDomainRequest
- AConsumer
that will call methods onCreateUserPoolDomainRequest.Builder
to create a request.- Returns:
- Result of the CreateUserPoolDomain operation returned by the service.
- See Also:
-
deleteGroup
default DeleteGroupResponse deleteGroup(DeleteGroupRequest deleteGroupRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes a group.
Calling this action requires developer credentials.
- Parameters:
deleteGroupRequest
-- Returns:
- Result of the DeleteGroup operation returned by the service.
- See Also:
-
deleteGroup
default DeleteGroupResponse deleteGroup(Consumer<DeleteGroupRequest.Builder> deleteGroupRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes a group.
Calling this action requires developer credentials.
This is a convenience which creates an instance of the
DeleteGroupRequest.Builder
avoiding the need to create one manually viaDeleteGroupRequest.builder()
- Parameters:
deleteGroupRequest
- AConsumer
that will call methods onDeleteGroupRequest.Builder
to create a request.- Returns:
- Result of the DeleteGroup operation returned by the service.
- See Also:
-
deleteIdentityProvider
default DeleteIdentityProviderResponse deleteIdentityProvider(DeleteIdentityProviderRequest deleteIdentityProviderRequest) throws InvalidParameterException, UnsupportedIdentityProviderException, ConcurrentModificationException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes an IdP for a user pool.
- Parameters:
deleteIdentityProviderRequest
-- Returns:
- Result of the DeleteIdentityProvider operation returned by the service.
- See Also:
-
deleteIdentityProvider
default DeleteIdentityProviderResponse deleteIdentityProvider(Consumer<DeleteIdentityProviderRequest.Builder> deleteIdentityProviderRequest) throws InvalidParameterException, UnsupportedIdentityProviderException, ConcurrentModificationException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes an IdP for a user pool.
This is a convenience which creates an instance of the
DeleteIdentityProviderRequest.Builder
avoiding the need to create one manually viaDeleteIdentityProviderRequest.builder()
- Parameters:
deleteIdentityProviderRequest
- AConsumer
that will call methods onDeleteIdentityProviderRequest.Builder
to create a request.- Returns:
- Result of the DeleteIdentityProvider operation returned by the service.
- See Also:
-
deleteResourceServer
default DeleteResourceServerResponse deleteResourceServer(DeleteResourceServerRequest deleteResourceServerRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes a resource server.
- Parameters:
deleteResourceServerRequest
-- Returns:
- Result of the DeleteResourceServer operation returned by the service.
- See Also:
-
deleteResourceServer
default DeleteResourceServerResponse deleteResourceServer(Consumer<DeleteResourceServerRequest.Builder> deleteResourceServerRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes a resource server.
This is a convenience which creates an instance of the
DeleteResourceServerRequest.Builder
avoiding the need to create one manually viaDeleteResourceServerRequest.builder()
- Parameters:
deleteResourceServerRequest
- AConsumer
that will call methods onDeleteResourceServerRequest.Builder
to create a request.- Returns:
- Result of the DeleteResourceServer operation returned by the service.
- See Also:
-
deleteUser
default DeleteUserResponse deleteUser(DeleteUserRequest deleteUserRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Allows a user to delete their own user profile.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
deleteUserRequest
- Represents the request to delete a user.- Returns:
- Result of the DeleteUser operation returned by the service.
- See Also:
-
deleteUser
default DeleteUserResponse deleteUser(Consumer<DeleteUserRequest.Builder> deleteUserRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Allows a user to delete their own user profile.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
DeleteUserRequest.Builder
avoiding the need to create one manually viaDeleteUserRequest.builder()
- Parameters:
deleteUserRequest
- AConsumer
that will call methods onDeleteUserRequest.Builder
to create a request. Represents the request to delete a user.- Returns:
- Result of the DeleteUser operation returned by the service.
- See Also:
-
deleteUserAttributes
default DeleteUserAttributesResponse deleteUserAttributes(DeleteUserAttributesRequest deleteUserAttributesRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes the attributes for a user.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
deleteUserAttributesRequest
- Represents the request to delete user attributes.- Returns:
- Result of the DeleteUserAttributes operation returned by the service.
- See Also:
-
deleteUserAttributes
default DeleteUserAttributesResponse deleteUserAttributes(Consumer<DeleteUserAttributesRequest.Builder> deleteUserAttributesRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes the attributes for a user.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
DeleteUserAttributesRequest.Builder
avoiding the need to create one manually viaDeleteUserAttributesRequest.builder()
- Parameters:
deleteUserAttributesRequest
- AConsumer
that will call methods onDeleteUserAttributesRequest.Builder
to create a request. Represents the request to delete user attributes.- Returns:
- Result of the DeleteUserAttributes operation returned by the service.
- See Also:
-
deleteUserPool
default DeleteUserPoolResponse deleteUserPool(DeleteUserPoolRequest deleteUserPoolRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserImportInProgressException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes the specified Amazon Cognito user pool.
- Parameters:
deleteUserPoolRequest
- Represents the request to delete a user pool.- Returns:
- Result of the DeleteUserPool operation returned by the service.
- See Also:
-
deleteUserPool
default DeleteUserPoolResponse deleteUserPool(Consumer<DeleteUserPoolRequest.Builder> deleteUserPoolRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserImportInProgressException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes the specified Amazon Cognito user pool.
This is a convenience which creates an instance of the
DeleteUserPoolRequest.Builder
avoiding the need to create one manually viaDeleteUserPoolRequest.builder()
- Parameters:
deleteUserPoolRequest
- AConsumer
that will call methods onDeleteUserPoolRequest.Builder
to create a request. Represents the request to delete a user pool.- Returns:
- Result of the DeleteUserPool operation returned by the service.
- See Also:
-
deleteUserPoolClient
default DeleteUserPoolClientResponse deleteUserPoolClient(DeleteUserPoolClientRequest deleteUserPoolClientRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, ConcurrentModificationException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Allows the developer to delete the user pool client.
- Parameters:
deleteUserPoolClientRequest
- Represents the request to delete a user pool client.- Returns:
- Result of the DeleteUserPoolClient operation returned by the service.
- See Also:
-
deleteUserPoolClient
default DeleteUserPoolClientResponse deleteUserPoolClient(Consumer<DeleteUserPoolClientRequest.Builder> deleteUserPoolClientRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, ConcurrentModificationException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Allows the developer to delete the user pool client.
This is a convenience which creates an instance of the
DeleteUserPoolClientRequest.Builder
avoiding the need to create one manually viaDeleteUserPoolClientRequest.builder()
- Parameters:
deleteUserPoolClientRequest
- AConsumer
that will call methods onDeleteUserPoolClientRequest.Builder
to create a request. Represents the request to delete a user pool client.- Returns:
- Result of the DeleteUserPoolClient operation returned by the service.
- See Also:
-
deleteUserPoolDomain
default DeleteUserPoolDomainResponse deleteUserPoolDomain(DeleteUserPoolDomainRequest deleteUserPoolDomainRequest) throws NotAuthorizedException, InvalidParameterException, ResourceNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes a domain for a user pool.
- Parameters:
deleteUserPoolDomainRequest
-- Returns:
- Result of the DeleteUserPoolDomain operation returned by the service.
- See Also:
-
deleteUserPoolDomain
default DeleteUserPoolDomainResponse deleteUserPoolDomain(Consumer<DeleteUserPoolDomainRequest.Builder> deleteUserPoolDomainRequest) throws NotAuthorizedException, InvalidParameterException, ResourceNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Deletes a domain for a user pool.
This is a convenience which creates an instance of the
DeleteUserPoolDomainRequest.Builder
avoiding the need to create one manually viaDeleteUserPoolDomainRequest.builder()
- Parameters:
deleteUserPoolDomainRequest
- AConsumer
that will call methods onDeleteUserPoolDomainRequest.Builder
to create a request.- Returns:
- Result of the DeleteUserPoolDomain operation returned by the service.
- See Also:
-
describeIdentityProvider
default DescribeIdentityProviderResponse describeIdentityProvider(DescribeIdentityProviderRequest describeIdentityProviderRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets information about a specific IdP.
- Parameters:
describeIdentityProviderRequest
-- Returns:
- Result of the DescribeIdentityProvider operation returned by the service.
- See Also:
-
describeIdentityProvider
default DescribeIdentityProviderResponse describeIdentityProvider(Consumer<DescribeIdentityProviderRequest.Builder> describeIdentityProviderRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets information about a specific IdP.
This is a convenience which creates an instance of the
DescribeIdentityProviderRequest.Builder
avoiding the need to create one manually viaDescribeIdentityProviderRequest.builder()
- Parameters:
describeIdentityProviderRequest
- AConsumer
that will call methods onDescribeIdentityProviderRequest.Builder
to create a request.- Returns:
- Result of the DescribeIdentityProvider operation returned by the service.
- See Also:
-
describeResourceServer
default DescribeResourceServerResponse describeResourceServer(DescribeResourceServerRequest describeResourceServerRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Describes a resource server.
- Parameters:
describeResourceServerRequest
-- Returns:
- Result of the DescribeResourceServer operation returned by the service.
- See Also:
-
describeResourceServer
default DescribeResourceServerResponse describeResourceServer(Consumer<DescribeResourceServerRequest.Builder> describeResourceServerRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Describes a resource server.
This is a convenience which creates an instance of the
DescribeResourceServerRequest.Builder
avoiding the need to create one manually viaDescribeResourceServerRequest.builder()
- Parameters:
describeResourceServerRequest
- AConsumer
that will call methods onDescribeResourceServerRequest.Builder
to create a request.- Returns:
- Result of the DescribeResourceServer operation returned by the service.
- See Also:
-
describeRiskConfiguration
default DescribeRiskConfigurationResponse describeRiskConfiguration(DescribeRiskConfigurationRequest describeRiskConfigurationRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserPoolAddOnNotEnabledException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Describes the risk configuration.
- Parameters:
describeRiskConfigurationRequest
-- Returns:
- Result of the DescribeRiskConfiguration operation returned by the service.
- See Also:
-
describeRiskConfiguration
default DescribeRiskConfigurationResponse describeRiskConfiguration(Consumer<DescribeRiskConfigurationRequest.Builder> describeRiskConfigurationRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserPoolAddOnNotEnabledException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Describes the risk configuration.
This is a convenience which creates an instance of the
DescribeRiskConfigurationRequest.Builder
avoiding the need to create one manually viaDescribeRiskConfigurationRequest.builder()
- Parameters:
describeRiskConfigurationRequest
- AConsumer
that will call methods onDescribeRiskConfigurationRequest.Builder
to create a request.- Returns:
- Result of the DescribeRiskConfiguration operation returned by the service.
- See Also:
-
describeUserImportJob
default DescribeUserImportJobResponse describeUserImportJob(DescribeUserImportJobRequest describeUserImportJobRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Describes the user import job.
- Parameters:
describeUserImportJobRequest
- Represents the request to describe the user import job.- Returns:
- Result of the DescribeUserImportJob operation returned by the service.
- See Also:
-
describeUserImportJob
default DescribeUserImportJobResponse describeUserImportJob(Consumer<DescribeUserImportJobRequest.Builder> describeUserImportJobRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Describes the user import job.
This is a convenience which creates an instance of the
DescribeUserImportJobRequest.Builder
avoiding the need to create one manually viaDescribeUserImportJobRequest.builder()
- Parameters:
describeUserImportJobRequest
- AConsumer
that will call methods onDescribeUserImportJobRequest.Builder
to create a request. Represents the request to describe the user import job.- Returns:
- Result of the DescribeUserImportJob operation returned by the service.
- See Also:
-
describeUserPool
default DescribeUserPoolResponse describeUserPool(DescribeUserPoolRequest describeUserPoolRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserPoolTaggingException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Returns the configuration information and metadata of the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
describeUserPoolRequest
- Represents the request to describe the user pool.- Returns:
- Result of the DescribeUserPool operation returned by the service.
- See Also:
-
describeUserPool
default DescribeUserPoolResponse describeUserPool(Consumer<DescribeUserPoolRequest.Builder> describeUserPoolRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserPoolTaggingException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Returns the configuration information and metadata of the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
DescribeUserPoolRequest.Builder
avoiding the need to create one manually viaDescribeUserPoolRequest.builder()
- Parameters:
describeUserPoolRequest
- AConsumer
that will call methods onDescribeUserPoolRequest.Builder
to create a request. Represents the request to describe the user pool.- Returns:
- Result of the DescribeUserPool operation returned by the service.
- See Also:
-
describeUserPoolClient
default DescribeUserPoolClientResponse describeUserPoolClient(DescribeUserPoolClientRequest describeUserPoolClientRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Client method for returning the configuration information and metadata of the specified user pool app client.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
describeUserPoolClientRequest
- Represents the request to describe a user pool client.- Returns:
- Result of the DescribeUserPoolClient operation returned by the service.
- See Also:
-
describeUserPoolClient
default DescribeUserPoolClientResponse describeUserPoolClient(Consumer<DescribeUserPoolClientRequest.Builder> describeUserPoolClientRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Client method for returning the configuration information and metadata of the specified user pool app client.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
DescribeUserPoolClientRequest.Builder
avoiding the need to create one manually viaDescribeUserPoolClientRequest.builder()
- Parameters:
describeUserPoolClientRequest
- AConsumer
that will call methods onDescribeUserPoolClientRequest.Builder
to create a request. Represents the request to describe a user pool client.- Returns:
- Result of the DescribeUserPoolClient operation returned by the service.
- See Also:
-
describeUserPoolDomain
default DescribeUserPoolDomainResponse describeUserPoolDomain(DescribeUserPoolDomainRequest describeUserPoolDomainRequest) throws NotAuthorizedException, InvalidParameterException, ResourceNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets information about a domain.
- Parameters:
describeUserPoolDomainRequest
-- Returns:
- Result of the DescribeUserPoolDomain operation returned by the service.
- See Also:
-
describeUserPoolDomain
default DescribeUserPoolDomainResponse describeUserPoolDomain(Consumer<DescribeUserPoolDomainRequest.Builder> describeUserPoolDomainRequest) throws NotAuthorizedException, InvalidParameterException, ResourceNotFoundException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets information about a domain.
This is a convenience which creates an instance of the
DescribeUserPoolDomainRequest.Builder
avoiding the need to create one manually viaDescribeUserPoolDomainRequest.builder()
- Parameters:
describeUserPoolDomainRequest
- AConsumer
that will call methods onDescribeUserPoolDomainRequest.Builder
to create a request.- Returns:
- Result of the DescribeUserPoolDomain operation returned by the service.
- See Also:
-
forgetDevice
default ForgetDeviceResponse forgetDevice(ForgetDeviceRequest forgetDeviceRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, InvalidUserPoolConfigurationException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
forgetDeviceRequest
- Represents the request to forget the device.- Returns:
- Result of the ForgetDevice operation returned by the service.
- See Also:
-
forgetDevice
default ForgetDeviceResponse forgetDevice(Consumer<ForgetDeviceRequest.Builder> forgetDeviceRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, InvalidUserPoolConfigurationException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
ForgetDeviceRequest.Builder
avoiding the need to create one manually viaForgetDeviceRequest.builder()
- Parameters:
forgetDeviceRequest
- AConsumer
that will call methods onForgetDeviceRequest.Builder
to create a request. Represents the request to forget the device.- Returns:
- Result of the ForgetDevice operation returned by the service.
- See Also:
-
forgotPassword
default ForgotPasswordResponse forgotPassword(ForgotPasswordRequest forgotPasswordRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, InvalidLambdaResponseException, TooManyRequestsException, LimitExceededException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, CodeDeliveryFailureException, UserNotFoundException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the
Username
parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the password, call ConfirmForgotPassword.If neither a verified phone number nor a verified email exists, this API returns
InvalidParameterException
. If your app client has a client secret and you don't provide aSECRET_HASH
parameter, this API returnsNotAuthorizedException
.To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
- Parameters:
forgotPasswordRequest
- Represents the request to reset a user's password.- Returns:
- Result of the ForgotPassword operation returned by the service.
- See Also:
-
forgotPassword
default ForgotPasswordResponse forgotPassword(Consumer<ForgotPasswordRequest.Builder> forgotPasswordRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, InvalidLambdaResponseException, TooManyRequestsException, LimitExceededException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, CodeDeliveryFailureException, UserNotFoundException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the
Username
parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the password, call ConfirmForgotPassword.If neither a verified phone number nor a verified email exists, this API returns
InvalidParameterException
. If your app client has a client secret and you don't provide aSECRET_HASH
parameter, this API returnsNotAuthorizedException
.To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This is a convenience which creates an instance of the
ForgotPasswordRequest.Builder
avoiding the need to create one manually viaForgotPasswordRequest.builder()
- Parameters:
forgotPasswordRequest
- AConsumer
that will call methods onForgotPasswordRequest.Builder
to create a request. Represents the request to reset a user's password.- Returns:
- Result of the ForgotPassword operation returned by the service.
- See Also:
-
getCSVHeader
default GetCsvHeaderResponse getCSVHeader(GetCsvHeaderRequest getCsvHeaderRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.
- Parameters:
getCsvHeaderRequest
- Represents the request to get the header information of the CSV file for the user import job.- Returns:
- Result of the GetCSVHeader operation returned by the service.
- See Also:
-
getCSVHeader
default GetCsvHeaderResponse getCSVHeader(Consumer<GetCsvHeaderRequest.Builder> getCsvHeaderRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.
This is a convenience which creates an instance of the
GetCsvHeaderRequest.Builder
avoiding the need to create one manually viaGetCsvHeaderRequest.builder()
- Parameters:
getCsvHeaderRequest
- AConsumer
that will call methods onGetCsvHeaderRequest.Builder
to create a request. Represents the request to get the header information of the CSV file for the user import job.- Returns:
- Result of the GetCSVHeader operation returned by the service.
- See Also:
-
getDevice
default GetDeviceResponse getDevice(GetDeviceRequest getDeviceRequest) throws ResourceNotFoundException, InvalidParameterException, InvalidUserPoolConfigurationException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
getDeviceRequest
- Represents the request to get the device.- Returns:
- Result of the GetDevice operation returned by the service.
- See Also:
-
getDevice
default GetDeviceResponse getDevice(Consumer<GetDeviceRequest.Builder> getDeviceRequest) throws ResourceNotFoundException, InvalidParameterException, InvalidUserPoolConfigurationException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the device. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
GetDeviceRequest.Builder
avoiding the need to create one manually viaGetDeviceRequest.builder()
- Parameters:
getDeviceRequest
- AConsumer
that will call methods onGetDeviceRequest.Builder
to create a request. Represents the request to get the device.- Returns:
- Result of the GetDevice operation returned by the service.
- See Also:
-
getGroup
default GetGroupResponse getGroup(GetGroupRequest getGroupRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets a group.
Calling this action requires developer credentials.
- Parameters:
getGroupRequest
-- Returns:
- Result of the GetGroup operation returned by the service.
- See Also:
-
getGroup
default GetGroupResponse getGroup(Consumer<GetGroupRequest.Builder> getGroupRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets a group.
Calling this action requires developer credentials.
This is a convenience which creates an instance of the
GetGroupRequest.Builder
avoiding the need to create one manually viaGetGroupRequest.builder()
- Parameters:
getGroupRequest
- AConsumer
that will call methods onGetGroupRequest.Builder
to create a request.- Returns:
- Result of the GetGroup operation returned by the service.
- See Also:
-
getIdentityProviderByIdentifier
default GetIdentityProviderByIdentifierResponse getIdentityProviderByIdentifier(GetIdentityProviderByIdentifierRequest getIdentityProviderByIdentifierRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the specified IdP.
- Parameters:
getIdentityProviderByIdentifierRequest
-- Returns:
- Result of the GetIdentityProviderByIdentifier operation returned by the service.
- See Also:
-
getIdentityProviderByIdentifier
default GetIdentityProviderByIdentifierResponse getIdentityProviderByIdentifier(Consumer<GetIdentityProviderByIdentifierRequest.Builder> getIdentityProviderByIdentifierRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the specified IdP.
This is a convenience which creates an instance of the
GetIdentityProviderByIdentifierRequest.Builder
avoiding the need to create one manually viaGetIdentityProviderByIdentifierRequest.builder()
- Parameters:
getIdentityProviderByIdentifierRequest
- AConsumer
that will call methods onGetIdentityProviderByIdentifierRequest.Builder
to create a request.- Returns:
- Result of the GetIdentityProviderByIdentifier operation returned by the service.
- See Also:
-
getLogDeliveryConfiguration
default GetLogDeliveryConfigurationResponse getLogDeliveryConfiguration(GetLogDeliveryConfigurationRequest getLogDeliveryConfigurationRequest) throws InvalidParameterException, InternalErrorException, TooManyRequestsException, NotAuthorizedException, ResourceNotFoundException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the detailed activity logging configuration for a user pool.
- Parameters:
getLogDeliveryConfigurationRequest
-- Returns:
- Result of the GetLogDeliveryConfiguration operation returned by the service.
- See Also:
-
getLogDeliveryConfiguration
default GetLogDeliveryConfigurationResponse getLogDeliveryConfiguration(Consumer<GetLogDeliveryConfigurationRequest.Builder> getLogDeliveryConfigurationRequest) throws InvalidParameterException, InternalErrorException, TooManyRequestsException, NotAuthorizedException, ResourceNotFoundException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the detailed activity logging configuration for a user pool.
This is a convenience which creates an instance of the
GetLogDeliveryConfigurationRequest.Builder
avoiding the need to create one manually viaGetLogDeliveryConfigurationRequest.builder()
- Parameters:
getLogDeliveryConfigurationRequest
- AConsumer
that will call methods onGetLogDeliveryConfigurationRequest.Builder
to create a request.- Returns:
- Result of the GetLogDeliveryConfiguration operation returned by the service.
- See Also:
-
getSigningCertificate
default GetSigningCertificateResponse getSigningCertificate(GetSigningCertificateRequest getSigningCertificateRequest) throws InternalErrorException, InvalidParameterException, ResourceNotFoundException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.
Amazon Cognito issues and assigns a new signing certificate annually. This process returns a new value in the response to
GetSigningCertificate
, but doesn't invalidate the original certificate.- Parameters:
getSigningCertificateRequest
- Request to get a signing certificate from Amazon Cognito.- Returns:
- Result of the GetSigningCertificate operation returned by the service.
- See Also:
-
getSigningCertificate
default GetSigningCertificateResponse getSigningCertificate(Consumer<GetSigningCertificateRequest.Builder> getSigningCertificateRequest) throws InternalErrorException, InvalidParameterException, ResourceNotFoundException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.
Amazon Cognito issues and assigns a new signing certificate annually. This process returns a new value in the response to
GetSigningCertificate
, but doesn't invalidate the original certificate.
This is a convenience which creates an instance of the
GetSigningCertificateRequest.Builder
avoiding the need to create one manually viaGetSigningCertificateRequest.builder()
- Parameters:
getSigningCertificateRequest
- AConsumer
that will call methods onGetSigningCertificateRequest.Builder
to create a request. Request to get a signing certificate from Amazon Cognito.- Returns:
- Result of the GetSigningCertificate operation returned by the service.
- See Also:
-
getUICustomization
default GetUiCustomizationResponse getUICustomization(GetUiCustomizationRequest getUiCustomizationRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client. If nothing is set for the particular client, but there is an existing pool level customization (the app
clientId
isALL
), then that information is returned. If nothing is present, then an empty shape is returned.- Parameters:
getUiCustomizationRequest
-- Returns:
- Result of the GetUICustomization operation returned by the service.
- See Also:
-
getUICustomization
default GetUiCustomizationResponse getUICustomization(Consumer<GetUiCustomizationRequest.Builder> getUiCustomizationRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client. If nothing is set for the particular client, but there is an existing pool level customization (the app
clientId
isALL
), then that information is returned. If nothing is present, then an empty shape is returned.
This is a convenience which creates an instance of the
GetUiCustomizationRequest.Builder
avoiding the need to create one manually viaGetUiCustomizationRequest.builder()
- Parameters:
getUiCustomizationRequest
- AConsumer
that will call methods onGetUiCustomizationRequest.Builder
to create a request.- Returns:
- Result of the GetUICustomization operation returned by the service.
- See Also:
-
getUser
default GetUserResponse getUser(GetUserRequest getUserRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the user attributes and metadata for a user.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
getUserRequest
- Represents the request to get information about the user.- Returns:
- Result of the GetUser operation returned by the service.
- See Also:
-
getUser
default GetUserResponse getUser(Consumer<GetUserRequest.Builder> getUserRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the user attributes and metadata for a user.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
GetUserRequest.Builder
avoiding the need to create one manually viaGetUserRequest.builder()
- Parameters:
getUserRequest
- AConsumer
that will call methods onGetUserRequest.Builder
to create a request. Represents the request to get information about the user.- Returns:
- Result of the GetUser operation returned by the service.
- See Also:
-
getUserAttributeVerificationCode
default GetUserAttributeVerificationCodeResponse getUserAttributeVerificationCode(GetUserAttributeVerificationCodeRequest getUserAttributeVerificationCodeRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UnexpectedLambdaException, UserLambdaValidationException, InvalidLambdaResponseException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, CodeDeliveryFailureException, LimitExceededException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
- Parameters:
getUserAttributeVerificationCodeRequest
- Represents the request to get user attribute verification.- Returns:
- Result of the GetUserAttributeVerificationCode operation returned by the service.
- See Also:
-
getUserAttributeVerificationCode
default GetUserAttributeVerificationCodeResponse getUserAttributeVerificationCode(Consumer<GetUserAttributeVerificationCodeRequest.Builder> getUserAttributeVerificationCodeRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UnexpectedLambdaException, UserLambdaValidationException, InvalidLambdaResponseException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, CodeDeliveryFailureException, LimitExceededException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This is a convenience which creates an instance of the
GetUserAttributeVerificationCodeRequest.Builder
avoiding the need to create one manually viaGetUserAttributeVerificationCodeRequest.builder()
- Parameters:
getUserAttributeVerificationCodeRequest
- AConsumer
that will call methods onGetUserAttributeVerificationCodeRequest.Builder
to create a request. Represents the request to get user attribute verification.- Returns:
- Result of the GetUserAttributeVerificationCode operation returned by the service.
- See Also:
-
getUserPoolMfaConfig
default GetUserPoolMfaConfigResponse getUserPoolMfaConfig(GetUserPoolMfaConfigRequest getUserPoolMfaConfigRequest) throws InvalidParameterException, TooManyRequestsException, ResourceNotFoundException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the user pool multi-factor authentication (MFA) configuration.
- Parameters:
getUserPoolMfaConfigRequest
-- Returns:
- Result of the GetUserPoolMfaConfig operation returned by the service.
- See Also:
-
getUserPoolMfaConfig
default GetUserPoolMfaConfigResponse getUserPoolMfaConfig(Consumer<GetUserPoolMfaConfigRequest.Builder> getUserPoolMfaConfigRequest) throws InvalidParameterException, TooManyRequestsException, ResourceNotFoundException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Gets the user pool multi-factor authentication (MFA) configuration.
This is a convenience which creates an instance of the
GetUserPoolMfaConfigRequest.Builder
avoiding the need to create one manually viaGetUserPoolMfaConfigRequest.builder()
- Parameters:
getUserPoolMfaConfigRequest
- AConsumer
that will call methods onGetUserPoolMfaConfigRequest.Builder
to create a request.- Returns:
- Result of the GetUserPoolMfaConfig operation returned by the service.
- See Also:
-
globalSignOut
default GlobalSignOutResponse globalSignOut(GlobalSignOutRequest globalSignOutRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.
-
Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.
Amazon Cognito returns an
Access Token has been revoked
error when your app attempts to authorize a user pools API request with a revoked access token that contains the scopeaws.cognito.signin.user.admin
. -
Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with
ServerSideTokenCheck
enabled for its user pool IdP configuration in CognitoIdentityProvider. -
Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.
Other requests might be valid until your user's token expires.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
globalSignOutRequest
- Represents the request to sign out all devices.- Returns:
- Result of the GlobalSignOut operation returned by the service.
- See Also:
-
-
globalSignOut
default GlobalSignOutResponse globalSignOut(Consumer<GlobalSignOutRequest.Builder> globalSignOutRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.
-
Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.
Amazon Cognito returns an
Access Token has been revoked
error when your app attempts to authorize a user pools API request with a revoked access token that contains the scopeaws.cognito.signin.user.admin
. -
Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with
ServerSideTokenCheck
enabled for its user pool IdP configuration in CognitoIdentityProvider. -
Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.
Other requests might be valid until your user's token expires.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
GlobalSignOutRequest.Builder
avoiding the need to create one manually viaGlobalSignOutRequest.builder()
- Parameters:
globalSignOutRequest
- AConsumer
that will call methods onGlobalSignOutRequest.Builder
to create a request. Represents the request to sign out all devices.- Returns:
- Result of the GlobalSignOut operation returned by the service.
- See Also:
-
-
initiateAuth
default InitiateAuthResponse initiateAuth(InitiateAuthRequest initiateAuthRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, UnexpectedLambdaException, InvalidUserPoolConfigurationException, UserLambdaValidationException, InvalidLambdaResponseException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with
InitiateAuth
. For more information, see Adding user pool sign-in through a third party.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
- Parameters:
initiateAuthRequest
- Initiates the authentication request.- Returns:
- Result of the InitiateAuth operation returned by the service.
- See Also:
-
initiateAuth
default InitiateAuthResponse initiateAuth(Consumer<InitiateAuthRequest.Builder> initiateAuthRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, TooManyRequestsException, UnexpectedLambdaException, InvalidUserPoolConfigurationException, UserLambdaValidationException, InvalidLambdaResponseException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with
InitiateAuth
. For more information, see Adding user pool sign-in through a third party.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This is a convenience which creates an instance of the
InitiateAuthRequest.Builder
avoiding the need to create one manually viaInitiateAuthRequest.builder()
- Parameters:
initiateAuthRequest
- AConsumer
that will call methods onInitiateAuthRequest.Builder
to create a request. Initiates the authentication request.- Returns:
- Result of the InitiateAuth operation returned by the service.
- See Also:
-
listDevices
default ListDevicesResponse listDevices(ListDevicesRequest listDevicesRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, InvalidUserPoolConfigurationException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
listDevicesRequest
- Represents the request to list the devices.- Returns:
- Result of the ListDevices operation returned by the service.
- See Also:
-
listDevices
default ListDevicesResponse listDevices(Consumer<ListDevicesRequest.Builder> listDevicesRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, InvalidUserPoolConfigurationException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
ListDevicesRequest.Builder
avoiding the need to create one manually viaListDevicesRequest.builder()
- Parameters:
listDevicesRequest
- AConsumer
that will call methods onListDevicesRequest.Builder
to create a request. Represents the request to list the devices.- Returns:
- Result of the ListDevices operation returned by the service.
- See Also:
-
listGroups
default ListGroupsResponse listGroups(ListGroupsRequest listGroupsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the groups associated with a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
listGroupsRequest
-- Returns:
- Result of the ListGroups operation returned by the service.
- See Also:
-
listGroups
default ListGroupsResponse listGroups(Consumer<ListGroupsRequest.Builder> listGroupsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the groups associated with a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
ListGroupsRequest.Builder
avoiding the need to create one manually viaListGroupsRequest.builder()
- Parameters:
listGroupsRequest
- AConsumer
that will call methods onListGroupsRequest.Builder
to create a request.- Returns:
- Result of the ListGroups operation returned by the service.
- See Also:
-
listGroupsPaginator
default ListGroupsIterable listGroupsPaginator(ListGroupsRequest listGroupsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client .listGroupsPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest)
operation.- Parameters:
listGroupsRequest
-- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listGroupsPaginator
default ListGroupsIterable listGroupsPaginator(Consumer<ListGroupsRequest.Builder> listGroupsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client .listGroupsPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest)
operation.
This is a convenience which creates an instance of the
ListGroupsRequest.Builder
avoiding the need to create one manually viaListGroupsRequest.builder()
- Parameters:
listGroupsRequest
- AConsumer
that will call methods onListGroupsRequest.Builder
to create a request.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listIdentityProviders
default ListIdentityProvidersResponse listIdentityProviders(ListIdentityProvidersRequest listIdentityProvidersRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists information about all IdPs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
listIdentityProvidersRequest
-- Returns:
- Result of the ListIdentityProviders operation returned by the service.
- See Also:
-
listIdentityProviders
default ListIdentityProvidersResponse listIdentityProviders(Consumer<ListIdentityProvidersRequest.Builder> listIdentityProvidersRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists information about all IdPs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
ListIdentityProvidersRequest.Builder
avoiding the need to create one manually viaListIdentityProvidersRequest.builder()
- Parameters:
listIdentityProvidersRequest
- AConsumer
that will call methods onListIdentityProvidersRequest.Builder
to create a request.- Returns:
- Result of the ListIdentityProviders operation returned by the service.
- See Also:
-
listIdentityProvidersPaginator
default ListIdentityProvidersIterable listIdentityProvidersPaginator(ListIdentityProvidersRequest listIdentityProvidersRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client.listIdentityProvidersPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client .listIdentityProvidersPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client.listIdentityProvidersPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest)
operation.- Parameters:
listIdentityProvidersRequest
-- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listIdentityProvidersPaginator
default ListIdentityProvidersIterable listIdentityProvidersPaginator(Consumer<ListIdentityProvidersRequest.Builder> listIdentityProvidersRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client.listIdentityProvidersPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client .listIdentityProvidersPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client.listIdentityProvidersPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest)
operation.
This is a convenience which creates an instance of the
ListIdentityProvidersRequest.Builder
avoiding the need to create one manually viaListIdentityProvidersRequest.builder()
- Parameters:
listIdentityProvidersRequest
- AConsumer
that will call methods onListIdentityProvidersRequest.Builder
to create a request.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listResourceServers
default ListResourceServersResponse listResourceServers(ListResourceServersRequest listResourceServersRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the resource servers for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
listResourceServersRequest
-- Returns:
- Result of the ListResourceServers operation returned by the service.
- See Also:
-
listResourceServers
default ListResourceServersResponse listResourceServers(Consumer<ListResourceServersRequest.Builder> listResourceServersRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the resource servers for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
ListResourceServersRequest.Builder
avoiding the need to create one manually viaListResourceServersRequest.builder()
- Parameters:
listResourceServersRequest
- AConsumer
that will call methods onListResourceServersRequest.Builder
to create a request.- Returns:
- Result of the ListResourceServers operation returned by the service.
- See Also:
-
listResourceServersPaginator
default ListResourceServersIterable listResourceServersPaginator(ListResourceServersRequest listResourceServersRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client.listResourceServersPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client .listResourceServersPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client.listResourceServersPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest)
operation.- Parameters:
listResourceServersRequest
-- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listResourceServersPaginator
default ListResourceServersIterable listResourceServersPaginator(Consumer<ListResourceServersRequest.Builder> listResourceServersRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client.listResourceServersPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client .listResourceServersPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client.listResourceServersPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest)
operation.
This is a convenience which creates an instance of the
ListResourceServersRequest.Builder
avoiding the need to create one manually viaListResourceServersRequest.builder()
- Parameters:
listResourceServersRequest
- AConsumer
that will call methods onListResourceServersRequest.Builder
to create a request.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listTagsForResource
default ListTagsForResourceResponse listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest) throws ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InvalidParameterException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the tags that are assigned to an Amazon Cognito user pool.
A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
You can use this action up to 10 times per second, per account.
- Parameters:
listTagsForResourceRequest
-- Returns:
- Result of the ListTagsForResource operation returned by the service.
- See Also:
-
listTagsForResource
default ListTagsForResourceResponse listTagsForResource(Consumer<ListTagsForResourceRequest.Builder> listTagsForResourceRequest) throws ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InvalidParameterException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the tags that are assigned to an Amazon Cognito user pool.
A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
You can use this action up to 10 times per second, per account.
This is a convenience which creates an instance of the
ListTagsForResourceRequest.Builder
avoiding the need to create one manually viaListTagsForResourceRequest.builder()
- Parameters:
listTagsForResourceRequest
- AConsumer
that will call methods onListTagsForResourceRequest.Builder
to create a request.- Returns:
- Result of the ListTagsForResource operation returned by the service.
- See Also:
-
listUserImportJobs
default ListUserImportJobsResponse listUserImportJobs(ListUserImportJobsRequest listUserImportJobsRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists user import jobs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
listUserImportJobsRequest
- Represents the request to list the user import jobs.- Returns:
- Result of the ListUserImportJobs operation returned by the service.
- See Also:
-
listUserImportJobs
default ListUserImportJobsResponse listUserImportJobs(Consumer<ListUserImportJobsRequest.Builder> listUserImportJobsRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists user import jobs for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
ListUserImportJobsRequest.Builder
avoiding the need to create one manually viaListUserImportJobsRequest.builder()
- Parameters:
listUserImportJobsRequest
- AConsumer
that will call methods onListUserImportJobsRequest.Builder
to create a request. Represents the request to list the user import jobs.- Returns:
- Result of the ListUserImportJobs operation returned by the service.
- See Also:
-
listUserPoolClients
default ListUserPoolClientsResponse listUserPoolClients(ListUserPoolClientsRequest listUserPoolClientsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the clients that have been created for the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
listUserPoolClientsRequest
- Represents the request to list the user pool clients.- Returns:
- Result of the ListUserPoolClients operation returned by the service.
- See Also:
-
listUserPoolClients
default ListUserPoolClientsResponse listUserPoolClients(Consumer<ListUserPoolClientsRequest.Builder> listUserPoolClientsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the clients that have been created for the specified user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
ListUserPoolClientsRequest.Builder
avoiding the need to create one manually viaListUserPoolClientsRequest.builder()
- Parameters:
listUserPoolClientsRequest
- AConsumer
that will call methods onListUserPoolClientsRequest.Builder
to create a request. Represents the request to list the user pool clients.- Returns:
- Result of the ListUserPoolClients operation returned by the service.
- See Also:
-
listUserPoolClientsPaginator
default ListUserPoolClientsIterable listUserPoolClientsPaginator(ListUserPoolClientsRequest listUserPoolClientsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client.listUserPoolClientsPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client .listUserPoolClientsPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client.listUserPoolClientsPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest)
operation.- Parameters:
listUserPoolClientsRequest
- Represents the request to list the user pool clients.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listUserPoolClientsPaginator
default ListUserPoolClientsIterable listUserPoolClientsPaginator(Consumer<ListUserPoolClientsRequest.Builder> listUserPoolClientsRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client.listUserPoolClientsPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client .listUserPoolClientsPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client.listUserPoolClientsPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest)
operation.
This is a convenience which creates an instance of the
ListUserPoolClientsRequest.Builder
avoiding the need to create one manually viaListUserPoolClientsRequest.builder()
- Parameters:
listUserPoolClientsRequest
- AConsumer
that will call methods onListUserPoolClientsRequest.Builder
to create a request. Represents the request to list the user pool clients.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listUserPools
default ListUserPoolsResponse listUserPools(ListUserPoolsRequest listUserPoolsRequest) throws InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the user pools associated with an Amazon Web Services account.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
listUserPoolsRequest
- Represents the request to list user pools.- Returns:
- Result of the ListUserPools operation returned by the service.
- See Also:
-
listUserPools
default ListUserPoolsResponse listUserPools(Consumer<ListUserPoolsRequest.Builder> listUserPoolsRequest) throws InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the user pools associated with an Amazon Web Services account.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
ListUserPoolsRequest.Builder
avoiding the need to create one manually viaListUserPoolsRequest.builder()
- Parameters:
listUserPoolsRequest
- AConsumer
that will call methods onListUserPoolsRequest.Builder
to create a request. Represents the request to list user pools.- Returns:
- Result of the ListUserPools operation returned by the service.
- See Also:
-
listUserPoolsPaginator
default ListUserPoolsIterable listUserPoolsPaginator(ListUserPoolsRequest listUserPoolsRequest) throws InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client.listUserPoolsPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client .listUserPoolsPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client.listUserPoolsPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest)
operation.- Parameters:
listUserPoolsRequest
- Represents the request to list user pools.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listUserPoolsPaginator
default ListUserPoolsIterable listUserPoolsPaginator(Consumer<ListUserPoolsRequest.Builder> listUserPoolsRequest) throws InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client.listUserPoolsPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client .listUserPoolsPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client.listUserPoolsPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest)
operation.
This is a convenience which creates an instance of the
ListUserPoolsRequest.Builder
avoiding the need to create one manually viaListUserPoolsRequest.builder()
- Parameters:
listUserPoolsRequest
- AConsumer
that will call methods onListUserPoolsRequest.Builder
to create a request. Represents the request to list user pools.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listUsers
default ListUsersResponse listUsers(ListUsersRequest listUsersRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists users and their basic details in a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
listUsersRequest
- Represents the request to list users.- Returns:
- Result of the ListUsers operation returned by the service.
- See Also:
-
listUsers
default ListUsersResponse listUsers(Consumer<ListUsersRequest.Builder> listUsersRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists users and their basic details in a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
ListUsersRequest.Builder
avoiding the need to create one manually viaListUsersRequest.builder()
- Parameters:
listUsersRequest
- AConsumer
that will call methods onListUsersRequest.Builder
to create a request. Represents the request to list users.- Returns:
- Result of the ListUsers operation returned by the service.
- See Also:
-
listUsersPaginator
default ListUsersIterable listUsersPaginator(ListUsersRequest listUsersRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client.listUsersPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client .listUsersPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client.listUsersPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest)
operation.- Parameters:
listUsersRequest
- Represents the request to list users.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listUsersPaginator
default ListUsersIterable listUsersPaginator(Consumer<ListUsersRequest.Builder> listUsersRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client.listUsersPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client .listUsersPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client.listUsersPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest)
operation.
This is a convenience which creates an instance of the
ListUsersRequest.Builder
avoiding the need to create one manually viaListUsersRequest.builder()
- Parameters:
listUsersRequest
- AConsumer
that will call methods onListUsersRequest.Builder
to create a request. Represents the request to list users.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listUsersInGroup
default ListUsersInGroupResponse listUsersInGroup(ListUsersInGroupRequest listUsersInGroupRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the users in the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
listUsersInGroupRequest
-- Returns:
- Result of the ListUsersInGroup operation returned by the service.
- See Also:
-
listUsersInGroup
default ListUsersInGroupResponse listUsersInGroup(Consumer<ListUsersInGroupRequest.Builder> listUsersInGroupRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Lists the users in the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
ListUsersInGroupRequest.Builder
avoiding the need to create one manually viaListUsersInGroupRequest.builder()
- Parameters:
listUsersInGroupRequest
- AConsumer
that will call methods onListUsersInGroupRequest.Builder
to create a request.- Returns:
- Result of the ListUsersInGroup operation returned by the service.
- See Also:
-
listUsersInGroupPaginator
default ListUsersInGroupIterable listUsersInGroupPaginator(ListUsersInGroupRequest listUsersInGroupRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client.listUsersInGroupPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client .listUsersInGroupPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client.listUsersInGroupPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest)
operation.- Parameters:
listUsersInGroupRequest
-- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
listUsersInGroupPaginator
default ListUsersInGroupIterable listUsersInGroupPaginator(Consumer<ListUsersInGroupRequest.Builder> listUsersInGroupRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This is a variant of
listUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest)
operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Streamsoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client.listUsersInGroupPaginator(request); responses.stream().forEach(....);
{ @code software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client .listUsersInGroupPaginator(request); for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupResponse response : responses) { // do something; } }
3) Use iterator directlysoftware.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client.listUsersInGroupPaginator(request); responses.iterator().forEachRemaining(....);
Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest)
operation.
This is a convenience which creates an instance of the
ListUsersInGroupRequest.Builder
avoiding the need to create one manually viaListUsersInGroupRequest.builder()
- Parameters:
listUsersInGroupRequest
- AConsumer
that will call methods onListUsersInGroupRequest.Builder
to create a request.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- See Also:
-
resendConfirmationCode
default ResendConfirmationCodeResponse resendConfirmationCode(ResendConfirmationCodeRequest resendConfirmationCodeRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, InvalidLambdaResponseException, TooManyRequestsException, LimitExceededException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, CodeDeliveryFailureException, UserNotFoundException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
- Parameters:
resendConfirmationCodeRequest
- Represents the request to resend the confirmation code.- Returns:
- Result of the ResendConfirmationCode operation returned by the service.
- See Also:
-
resendConfirmationCode
default ResendConfirmationCodeResponse resendConfirmationCode(Consumer<ResendConfirmationCodeRequest.Builder> resendConfirmationCodeRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, InvalidLambdaResponseException, TooManyRequestsException, LimitExceededException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, CodeDeliveryFailureException, UserNotFoundException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This is a convenience which creates an instance of the
ResendConfirmationCodeRequest.Builder
avoiding the need to create one manually viaResendConfirmationCodeRequest.builder()
- Parameters:
resendConfirmationCodeRequest
- AConsumer
that will call methods onResendConfirmationCodeRequest.Builder
to create a request. Represents the request to resend the confirmation code.- Returns:
- Result of the ResendConfirmationCode operation returned by the service.
- See Also:
-
respondToAuthChallenge
default RespondToAuthChallengeResponse respondToAuthChallenge(RespondToAuthChallengeRequest respondToAuthChallengeRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, CodeMismatchException, ExpiredCodeException, UnexpectedLambdaException, UserLambdaValidationException, InvalidPasswordException, InvalidLambdaResponseException, TooManyRequestsException, InvalidUserPoolConfigurationException, MfaMethodNotFoundException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, AliasExistsException, InternalErrorException, SoftwareTokenMfaNotFoundException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A
RespondToAuthChallenge
API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
- Parameters:
respondToAuthChallengeRequest
- The request to respond to an authentication challenge.- Returns:
- Result of the RespondToAuthChallenge operation returned by the service.
- See Also:
-
respondToAuthChallenge
default RespondToAuthChallengeResponse respondToAuthChallenge(Consumer<RespondToAuthChallengeRequest.Builder> respondToAuthChallengeRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, CodeMismatchException, ExpiredCodeException, UnexpectedLambdaException, UserLambdaValidationException, InvalidPasswordException, InvalidLambdaResponseException, TooManyRequestsException, InvalidUserPoolConfigurationException, MfaMethodNotFoundException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, AliasExistsException, InternalErrorException, SoftwareTokenMfaNotFoundException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A
RespondToAuthChallenge
API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This is a convenience which creates an instance of the
RespondToAuthChallengeRequest.Builder
avoiding the need to create one manually viaRespondToAuthChallengeRequest.builder()
- Parameters:
respondToAuthChallengeRequest
- AConsumer
that will call methods onRespondToAuthChallengeRequest.Builder
to create a request. The request to respond to an authentication challenge.- Returns:
- Result of the RespondToAuthChallenge operation returned by the service.
- See Also:
-
revokeToken
default RevokeTokenResponse revokeToken(RevokeTokenRequest revokeTokenRequest) throws TooManyRequestsException, InternalErrorException, UnauthorizedException, InvalidParameterException, UnsupportedOperationException, UnsupportedTokenTypeException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
revokeTokenRequest
-- Returns:
- Result of the RevokeToken operation returned by the service.
- See Also:
-
revokeToken
default RevokeTokenResponse revokeToken(Consumer<RevokeTokenRequest.Builder> revokeTokenRequest) throws TooManyRequestsException, InternalErrorException, UnauthorizedException, InvalidParameterException, UnsupportedOperationException, UnsupportedTokenTypeException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
RevokeTokenRequest.Builder
avoiding the need to create one manually viaRevokeTokenRequest.builder()
- Parameters:
revokeTokenRequest
- AConsumer
that will call methods onRevokeTokenRequest.Builder
to create a request.- Returns:
- Result of the RevokeToken operation returned by the service.
- See Also:
-
setLogDeliveryConfiguration
default SetLogDeliveryConfigurationResponse setLogDeliveryConfiguration(SetLogDeliveryConfigurationRequest setLogDeliveryConfigurationRequest) throws InvalidParameterException, InternalErrorException, TooManyRequestsException, NotAuthorizedException, ResourceNotFoundException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Sets up or modifies the detailed activity logging configuration of a user pool.
- Parameters:
setLogDeliveryConfigurationRequest
-- Returns:
- Result of the SetLogDeliveryConfiguration operation returned by the service.
- See Also:
-
setLogDeliveryConfiguration
default SetLogDeliveryConfigurationResponse setLogDeliveryConfiguration(Consumer<SetLogDeliveryConfigurationRequest.Builder> setLogDeliveryConfigurationRequest) throws InvalidParameterException, InternalErrorException, TooManyRequestsException, NotAuthorizedException, ResourceNotFoundException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Sets up or modifies the detailed activity logging configuration of a user pool.
This is a convenience which creates an instance of the
SetLogDeliveryConfigurationRequest.Builder
avoiding the need to create one manually viaSetLogDeliveryConfigurationRequest.builder()
- Parameters:
setLogDeliveryConfigurationRequest
- AConsumer
that will call methods onSetLogDeliveryConfigurationRequest.Builder
to create a request.- Returns:
- Result of the SetLogDeliveryConfiguration operation returned by the service.
- See Also:
-
setRiskConfiguration
default SetRiskConfigurationResponse setRiskConfiguration(SetRiskConfigurationRequest setRiskConfigurationRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserPoolAddOnNotEnabledException, CodeDeliveryFailureException, InvalidEmailRoleAccessPolicyException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Configures actions on detected risks. To delete the risk configuration for
UserPoolId
orClientId
, pass null values for all four configuration types.To activate Amazon Cognito advanced security features, update the user pool to include the
UserPoolAddOns
keyAdvancedSecurityMode
.- Parameters:
setRiskConfigurationRequest
-- Returns:
- Result of the SetRiskConfiguration operation returned by the service.
- See Also:
-
setRiskConfiguration
default SetRiskConfigurationResponse setRiskConfiguration(Consumer<SetRiskConfigurationRequest.Builder> setRiskConfigurationRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, UserPoolAddOnNotEnabledException, CodeDeliveryFailureException, InvalidEmailRoleAccessPolicyException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Configures actions on detected risks. To delete the risk configuration for
UserPoolId
orClientId
, pass null values for all four configuration types.To activate Amazon Cognito advanced security features, update the user pool to include the
UserPoolAddOns
keyAdvancedSecurityMode
.
This is a convenience which creates an instance of the
SetRiskConfigurationRequest.Builder
avoiding the need to create one manually viaSetRiskConfigurationRequest.builder()
- Parameters:
setRiskConfigurationRequest
- AConsumer
that will call methods onSetRiskConfigurationRequest.Builder
to create a request.- Returns:
- Result of the SetRiskConfiguration operation returned by the service.
- See Also:
-
setUICustomization
default SetUiCustomizationResponse setUICustomization(SetUiCustomizationRequest setUiCustomizationRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Sets the user interface (UI) customization information for a user pool's built-in app UI.
You can specify app UI customization settings for a single client (with a specific
clientId
) or for all clients (by setting theclientId
toALL
). If you specifyALL
, the default configuration is used for every client that has no previously set UI customization. If you specify UI customization settings for a particular client, it will no longer return to theALL
configuration.To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.
- Parameters:
setUiCustomizationRequest
-- Returns:
- Result of the SetUICustomization operation returned by the service.
- See Also:
-
setUICustomization
default SetUiCustomizationResponse setUICustomization(Consumer<SetUiCustomizationRequest.Builder> setUiCustomizationRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Sets the user interface (UI) customization information for a user pool's built-in app UI.
You can specify app UI customization settings for a single client (with a specific
clientId
) or for all clients (by setting theclientId
toALL
). If you specifyALL
, the default configuration is used for every client that has no previously set UI customization. If you specify UI customization settings for a particular client, it will no longer return to theALL
configuration.To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.
This is a convenience which creates an instance of the
SetUiCustomizationRequest.Builder
avoiding the need to create one manually viaSetUiCustomizationRequest.builder()
- Parameters:
setUiCustomizationRequest
- AConsumer
that will call methods onSetUiCustomizationRequest.Builder
to create a request.- Returns:
- Result of the SetUICustomization operation returned by the service.
- See Also:
-
setUserMFAPreference
default SetUserMfaPreferenceResponse setUserMFAPreference(SetUserMfaPreferenceRequest setUserMfaPreferenceRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
setUserMfaPreferenceRequest
-- Returns:
- Result of the SetUserMFAPreference operation returned by the service.
- See Also:
-
setUserMFAPreference
default SetUserMfaPreferenceResponse setUserMFAPreference(Consumer<SetUserMfaPreferenceRequest.Builder> setUserMfaPreferenceRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
SetUserMfaPreferenceRequest.Builder
avoiding the need to create one manually viaSetUserMfaPreferenceRequest.builder()
- Parameters:
setUserMfaPreferenceRequest
- AConsumer
that will call methods onSetUserMfaPreferenceRequest.Builder
to create a request.- Returns:
- Result of the SetUserMFAPreference operation returned by the service.
- See Also:
-
setUserPoolMfaConfig
default SetUserPoolMfaConfigResponse setUserPoolMfaConfig(SetUserPoolMfaConfigRequest setUserPoolMfaConfigRequest) throws InvalidParameterException, TooManyRequestsException, ConcurrentModificationException, ResourceNotFoundException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Sets the user pool multi-factor authentication (MFA) configuration.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
- Parameters:
setUserPoolMfaConfigRequest
-- Returns:
- Result of the SetUserPoolMfaConfig operation returned by the service.
- See Also:
-
setUserPoolMfaConfig
default SetUserPoolMfaConfigResponse setUserPoolMfaConfig(Consumer<SetUserPoolMfaConfigRequest.Builder> setUserPoolMfaConfigRequest) throws InvalidParameterException, TooManyRequestsException, ConcurrentModificationException, ResourceNotFoundException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Sets the user pool multi-factor authentication (MFA) configuration.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This is a convenience which creates an instance of the
SetUserPoolMfaConfigRequest.Builder
avoiding the need to create one manually viaSetUserPoolMfaConfigRequest.builder()
- Parameters:
setUserPoolMfaConfigRequest
- AConsumer
that will call methods onSetUserPoolMfaConfigRequest.Builder
to create a request.- Returns:
- Result of the SetUserPoolMfaConfig operation returned by the service.
- See Also:
-
setUserSettings
default SetUserSettingsResponse setUserSettings(SetUserSettingsRequest setUserSettingsRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
setUserSettingsRequest
- Represents the request to set user settings.- Returns:
- Result of the SetUserSettings operation returned by the service.
- See Also:
-
setUserSettings
default SetUserSettingsResponse setUserSettings(Consumer<SetUserSettingsRequest.Builder> setUserSettingsRequest) throws ResourceNotFoundException, InvalidParameterException, NotAuthorizedException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
SetUserSettingsRequest.Builder
avoiding the need to create one manually viaSetUserSettingsRequest.builder()
- Parameters:
setUserSettingsRequest
- AConsumer
that will call methods onSetUserSettingsRequest.Builder
to create a request. Represents the request to set user settings.- Returns:
- Result of the SetUserSettings operation returned by the service.
- See Also:
-
signUp
default SignUpResponse signUp(SignUpRequest signUpRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, InvalidPasswordException, InvalidLambdaResponseException, UsernameExistsException, TooManyRequestsException, InternalErrorException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, CodeDeliveryFailureException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Registers the user in the specified user pool and creates a user name, password, and user attributes.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
- Parameters:
signUpRequest
- Represents the request to register a user.- Returns:
- Result of the SignUp operation returned by the service.
- See Also:
-
signUp
default SignUpResponse signUp(Consumer<SignUpRequest.Builder> signUpRequest) throws ResourceNotFoundException, InvalidParameterException, UnexpectedLambdaException, UserLambdaValidationException, NotAuthorizedException, InvalidPasswordException, InvalidLambdaResponseException, UsernameExistsException, TooManyRequestsException, InternalErrorException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, CodeDeliveryFailureException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Registers the user in the specified user pool and creates a user name, password, and user attributes.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This is a convenience which creates an instance of the
SignUpRequest.Builder
avoiding the need to create one manually viaSignUpRequest.builder()
- Parameters:
signUpRequest
- AConsumer
that will call methods onSignUpRequest.Builder
to create a request. Represents the request to register a user.- Returns:
- Result of the SignUp operation returned by the service.
- See Also:
-
startUserImportJob
default StartUserImportJobResponse startUserImportJob(StartUserImportJobRequest startUserImportJobRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, InternalErrorException, PreconditionNotMetException, NotAuthorizedException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Starts the user import.
- Parameters:
startUserImportJobRequest
- Represents the request to start the user import job.- Returns:
- Result of the StartUserImportJob operation returned by the service.
- See Also:
-
startUserImportJob
default StartUserImportJobResponse startUserImportJob(Consumer<StartUserImportJobRequest.Builder> startUserImportJobRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, InternalErrorException, PreconditionNotMetException, NotAuthorizedException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Starts the user import.
This is a convenience which creates an instance of the
StartUserImportJobRequest.Builder
avoiding the need to create one manually viaStartUserImportJobRequest.builder()
- Parameters:
startUserImportJobRequest
- AConsumer
that will call methods onStartUserImportJobRequest.Builder
to create a request. Represents the request to start the user import job.- Returns:
- Result of the StartUserImportJob operation returned by the service.
- See Also:
-
stopUserImportJob
default StopUserImportJobResponse stopUserImportJob(StopUserImportJobRequest stopUserImportJobRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, InternalErrorException, PreconditionNotMetException, NotAuthorizedException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Stops the user import job.
- Parameters:
stopUserImportJobRequest
- Represents the request to stop the user import job.- Returns:
- Result of the StopUserImportJob operation returned by the service.
- See Also:
-
stopUserImportJob
default StopUserImportJobResponse stopUserImportJob(Consumer<StopUserImportJobRequest.Builder> stopUserImportJobRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, InternalErrorException, PreconditionNotMetException, NotAuthorizedException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Stops the user import job.
This is a convenience which creates an instance of the
StopUserImportJobRequest.Builder
avoiding the need to create one manually viaStopUserImportJobRequest.builder()
- Parameters:
stopUserImportJobRequest
- AConsumer
that will call methods onStopUserImportJobRequest.Builder
to create a request. Represents the request to stop the user import job.- Returns:
- Result of the StopUserImportJob operation returned by the service.
- See Also:
-
tagResource
default TagResourceResponse tagResource(TagResourceRequest tagResourceRequest) throws ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InvalidParameterException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool, one for testing and another for production, you might assign an
Environment
tag key to both user pools. The value of this key might beTest
for one user pool, andProduction
for the other.Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.
You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.
- Parameters:
tagResourceRequest
-- Returns:
- Result of the TagResource operation returned by the service.
- See Also:
-
tagResource
default TagResourceResponse tagResource(Consumer<TagResourceRequest.Builder> tagResourceRequest) throws ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InvalidParameterException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool, one for testing and another for production, you might assign an
Environment
tag key to both user pools. The value of this key might beTest
for one user pool, andProduction
for the other.Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.
You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.
This is a convenience which creates an instance of the
TagResourceRequest.Builder
avoiding the need to create one manually viaTagResourceRequest.builder()
- Parameters:
tagResourceRequest
- AConsumer
that will call methods onTagResourceRequest.Builder
to create a request.- Returns:
- Result of the TagResource operation returned by the service.
- See Also:
-
untagResource
default UntagResourceResponse untagResource(UntagResourceRequest untagResourceRequest) throws ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InvalidParameterException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.
- Parameters:
untagResourceRequest
-- Returns:
- Result of the UntagResource operation returned by the service.
- See Also:
-
untagResource
default UntagResourceResponse untagResource(Consumer<UntagResourceRequest.Builder> untagResourceRequest) throws ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InvalidParameterException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.
This is a convenience which creates an instance of the
UntagResourceRequest.Builder
avoiding the need to create one manually viaUntagResourceRequest.builder()
- Parameters:
untagResourceRequest
- AConsumer
that will call methods onUntagResourceRequest.Builder
to create a request.- Returns:
- Result of the UntagResource operation returned by the service.
- See Also:
-
updateAuthEventFeedback
default UpdateAuthEventFeedbackResponse updateAuthEventFeedback(UpdateAuthEventFeedbackRequest updateAuthEventFeedbackRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, UserPoolAddOnNotEnabledException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
updateAuthEventFeedbackRequest
-- Returns:
- Result of the UpdateAuthEventFeedback operation returned by the service.
- See Also:
-
updateAuthEventFeedback
default UpdateAuthEventFeedbackResponse updateAuthEventFeedback(Consumer<UpdateAuthEventFeedbackRequest.Builder> updateAuthEventFeedbackRequest) throws InvalidParameterException, ResourceNotFoundException, TooManyRequestsException, NotAuthorizedException, UserNotFoundException, UserPoolAddOnNotEnabledException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
UpdateAuthEventFeedbackRequest.Builder
avoiding the need to create one manually viaUpdateAuthEventFeedbackRequest.builder()
- Parameters:
updateAuthEventFeedbackRequest
- AConsumer
that will call methods onUpdateAuthEventFeedbackRequest.Builder
to create a request.- Returns:
- Result of the UpdateAuthEventFeedback operation returned by the service.
- See Also:
-
updateDeviceStatus
default UpdateDeviceStatusResponse updateDeviceStatus(UpdateDeviceStatusRequest updateDeviceStatusRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, InvalidUserPoolConfigurationException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the device status. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
updateDeviceStatusRequest
- Represents the request to update the device status.- Returns:
- Result of the UpdateDeviceStatus operation returned by the service.
- See Also:
-
updateDeviceStatus
default UpdateDeviceStatusResponse updateDeviceStatus(Consumer<UpdateDeviceStatusRequest.Builder> updateDeviceStatusRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, InvalidUserPoolConfigurationException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the device status. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
UpdateDeviceStatusRequest.Builder
avoiding the need to create one manually viaUpdateDeviceStatusRequest.builder()
- Parameters:
updateDeviceStatusRequest
- AConsumer
that will call methods onUpdateDeviceStatusRequest.Builder
to create a request. Represents the request to update the device status.- Returns:
- Result of the UpdateDeviceStatus operation returned by the service.
- See Also:
-
updateGroup
default UpdateGroupResponse updateGroup(UpdateGroupRequest updateGroupRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the specified group with the specified attributes.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
updateGroupRequest
-- Returns:
- Result of the UpdateGroup operation returned by the service.
- See Also:
-
updateGroup
default UpdateGroupResponse updateGroup(Consumer<UpdateGroupRequest.Builder> updateGroupRequest) throws ResourceNotFoundException, InvalidParameterException, TooManyRequestsException, NotAuthorizedException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the specified group with the specified attributes.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
UpdateGroupRequest.Builder
avoiding the need to create one manually viaUpdateGroupRequest.builder()
- Parameters:
updateGroupRequest
- AConsumer
that will call methods onUpdateGroupRequest.Builder
to create a request.- Returns:
- Result of the UpdateGroup operation returned by the service.
- See Also:
-
updateIdentityProvider
default UpdateIdentityProviderResponse updateIdentityProvider(UpdateIdentityProviderRequest updateIdentityProviderRequest) throws InvalidParameterException, UnsupportedIdentityProviderException, ResourceNotFoundException, ConcurrentModificationException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates IdP information for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
updateIdentityProviderRequest
-- Returns:
- Result of the UpdateIdentityProvider operation returned by the service.
- See Also:
-
updateIdentityProvider
default UpdateIdentityProviderResponse updateIdentityProvider(Consumer<UpdateIdentityProviderRequest.Builder> updateIdentityProviderRequest) throws InvalidParameterException, UnsupportedIdentityProviderException, ResourceNotFoundException, ConcurrentModificationException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates IdP information for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
UpdateIdentityProviderRequest.Builder
avoiding the need to create one manually viaUpdateIdentityProviderRequest.builder()
- Parameters:
updateIdentityProviderRequest
- AConsumer
that will call methods onUpdateIdentityProviderRequest.Builder
to create a request.- Returns:
- Result of the UpdateIdentityProvider operation returned by the service.
- See Also:
-
updateResourceServer
default UpdateResourceServerResponse updateResourceServer(UpdateResourceServerRequest updateResourceServerRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the name and scopes of resource server. All other fields are read-only.
If you don't provide a value for an attribute, it is set to the default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
updateResourceServerRequest
-- Returns:
- Result of the UpdateResourceServer operation returned by the service.
- See Also:
-
updateResourceServer
default UpdateResourceServerResponse updateResourceServer(Consumer<UpdateResourceServerRequest.Builder> updateResourceServerRequest) throws InvalidParameterException, ResourceNotFoundException, NotAuthorizedException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the name and scopes of resource server. All other fields are read-only.
If you don't provide a value for an attribute, it is set to the default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
UpdateResourceServerRequest.Builder
avoiding the need to create one manually viaUpdateResourceServerRequest.builder()
- Parameters:
updateResourceServerRequest
- AConsumer
that will call methods onUpdateResourceServerRequest.Builder
to create a request.- Returns:
- Result of the UpdateResourceServer operation returned by the service.
- See Also:
-
updateUserAttributes
default UpdateUserAttributesResponse updateUserAttributes(UpdateUserAttributesRequest updateUserAttributesRequest) throws ResourceNotFoundException, InvalidParameterException, CodeMismatchException, ExpiredCodeException, NotAuthorizedException, UnexpectedLambdaException, UserLambdaValidationException, InvalidLambdaResponseException, TooManyRequestsException, AliasExistsException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, CodeDeliveryFailureException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user's access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the
custom:
prefix.Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
- Parameters:
updateUserAttributesRequest
- Represents the request to update user attributes.- Returns:
- Result of the UpdateUserAttributes operation returned by the service.
- See Also:
-
updateUserAttributes
default UpdateUserAttributesResponse updateUserAttributes(Consumer<UpdateUserAttributesRequest.Builder> updateUserAttributesRequest) throws ResourceNotFoundException, InvalidParameterException, CodeMismatchException, ExpiredCodeException, NotAuthorizedException, UnexpectedLambdaException, UserLambdaValidationException, InvalidLambdaResponseException, TooManyRequestsException, AliasExistsException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidEmailRoleAccessPolicyException, CodeDeliveryFailureException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user's access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the
custom:
prefix.Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This is a convenience which creates an instance of the
UpdateUserAttributesRequest.Builder
avoiding the need to create one manually viaUpdateUserAttributesRequest.builder()
- Parameters:
updateUserAttributesRequest
- AConsumer
that will call methods onUpdateUserAttributesRequest.Builder
to create a request. Represents the request to update user attributes.- Returns:
- Result of the UpdateUserAttributes operation returned by the service.
- See Also:
-
updateUserPool
default UpdateUserPoolResponse updateUserPool(UpdateUserPoolRequest updateUserPoolRequest) throws ResourceNotFoundException, InvalidParameterException, ConcurrentModificationException, TooManyRequestsException, NotAuthorizedException, UserImportInProgressException, InternalErrorException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, UserPoolTaggingException, InvalidEmailRoleAccessPolicyException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
updateUserPoolRequest
- Represents the request to update the user pool.- Returns:
- Result of the UpdateUserPool operation returned by the service.
- See Also:
-
updateUserPool
default UpdateUserPoolResponse updateUserPool(Consumer<UpdateUserPoolRequest.Builder> updateUserPoolRequest) throws ResourceNotFoundException, InvalidParameterException, ConcurrentModificationException, TooManyRequestsException, NotAuthorizedException, UserImportInProgressException, InternalErrorException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, UserPoolTaggingException, InvalidEmailRoleAccessPolicyException, AwsServiceException, SdkClientException, CognitoIdentityProviderException This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
UpdateUserPoolRequest.Builder
avoiding the need to create one manually viaUpdateUserPoolRequest.builder()
- Parameters:
updateUserPoolRequest
- AConsumer
that will call methods onUpdateUserPoolRequest.Builder
to create a request. Represents the request to update the user pool.- Returns:
- Result of the UpdateUserPool operation returned by the service.
- See Also:
-
updateUserPoolClient
default UpdateUserPoolClientResponse updateUserPoolClient(UpdateUserPoolClientRequest updateUserPoolClientRequest) throws ResourceNotFoundException, InvalidParameterException, ConcurrentModificationException, TooManyRequestsException, NotAuthorizedException, ScopeDoesNotExistException, InvalidOAuthFlowException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, see RevokeToken.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
updateUserPoolClientRequest
- Represents the request to update the user pool client.- Returns:
- Result of the UpdateUserPoolClient operation returned by the service.
- See Also:
-
updateUserPoolClient
default UpdateUserPoolClientResponse updateUserPoolClient(Consumer<UpdateUserPoolClientRequest.Builder> updateUserPoolClientRequest) throws ResourceNotFoundException, InvalidParameterException, ConcurrentModificationException, TooManyRequestsException, NotAuthorizedException, ScopeDoesNotExistException, InvalidOAuthFlowException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, see RevokeToken.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
UpdateUserPoolClientRequest.Builder
avoiding the need to create one manually viaUpdateUserPoolClientRequest.builder()
- Parameters:
updateUserPoolClientRequest
- AConsumer
that will call methods onUpdateUserPoolClientRequest.Builder
to create a request. Represents the request to update the user pool client.- Returns:
- Result of the UpdateUserPoolClient operation returned by the service.
- See Also:
-
updateUserPoolDomain
default UpdateUserPoolDomainResponse updateUserPoolDomain(UpdateUserPoolDomainRequest updateUserPoolDomainRequest) throws InvalidParameterException, NotAuthorizedException, ResourceNotFoundException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.
You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can't use it to change the domain for a user pool.
A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.
Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically.
However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito.
When you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region.
After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.
For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
- Parameters:
updateUserPoolDomainRequest
- The UpdateUserPoolDomain request input.- Returns:
- Result of the UpdateUserPoolDomain operation returned by the service.
- See Also:
-
updateUserPoolDomain
default UpdateUserPoolDomainResponse updateUserPoolDomain(Consumer<UpdateUserPoolDomainRequest.Builder> updateUserPoolDomainRequest) throws InvalidParameterException, NotAuthorizedException, ResourceNotFoundException, TooManyRequestsException, InternalErrorException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.
You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can't use it to change the domain for a user pool.
A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.
Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically.
However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito.
When you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region.
After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.
For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This is a convenience which creates an instance of the
UpdateUserPoolDomainRequest.Builder
avoiding the need to create one manually viaUpdateUserPoolDomainRequest.builder()
- Parameters:
updateUserPoolDomainRequest
- AConsumer
that will call methods onUpdateUserPoolDomainRequest.Builder
to create a request. The UpdateUserPoolDomain request input.- Returns:
- Result of the UpdateUserPoolDomain operation returned by the service.
- See Also:
-
verifySoftwareToken
default VerifySoftwareTokenResponse verifySoftwareToken(VerifySoftwareTokenRequest verifySoftwareTokenRequest) throws InvalidParameterException, ResourceNotFoundException, InvalidUserPoolConfigurationException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, EnableSoftwareTokenMfaException, SoftwareTokenMfaNotFoundException, CodeMismatchException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful. The request takes an access token or a session string, but not both.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
verifySoftwareTokenRequest
-- Returns:
- Result of the VerifySoftwareToken operation returned by the service.
- See Also:
-
verifySoftwareToken
default VerifySoftwareTokenResponse verifySoftwareToken(Consumer<VerifySoftwareTokenRequest.Builder> verifySoftwareTokenRequest) throws InvalidParameterException, ResourceNotFoundException, InvalidUserPoolConfigurationException, NotAuthorizedException, TooManyRequestsException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, EnableSoftwareTokenMfaException, SoftwareTokenMfaNotFoundException, CodeMismatchException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful. The request takes an access token or a session string, but not both.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
VerifySoftwareTokenRequest.Builder
avoiding the need to create one manually viaVerifySoftwareTokenRequest.builder()
- Parameters:
verifySoftwareTokenRequest
- AConsumer
that will call methods onVerifySoftwareTokenRequest.Builder
to create a request.- Returns:
- Result of the VerifySoftwareToken operation returned by the service.
- See Also:
-
verifyUserAttribute
default VerifyUserAttributeResponse verifyUserAttribute(VerifyUserAttributeRequest verifyUserAttributeRequest) throws ResourceNotFoundException, InvalidParameterException, CodeMismatchException, ExpiredCodeException, NotAuthorizedException, TooManyRequestsException, LimitExceededException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, AliasExistsException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Verifies the specified user attributes in the user pool.
If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see UserAttributeUpdateSettingsType.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
- Parameters:
verifyUserAttributeRequest
- Represents the request to verify user attributes.- Returns:
- Result of the VerifyUserAttribute operation returned by the service.
- See Also:
-
verifyUserAttribute
default VerifyUserAttributeResponse verifyUserAttribute(Consumer<VerifyUserAttributeRequest.Builder> verifyUserAttributeRequest) throws ResourceNotFoundException, InvalidParameterException, CodeMismatchException, ExpiredCodeException, NotAuthorizedException, TooManyRequestsException, LimitExceededException, PasswordResetRequiredException, UserNotFoundException, UserNotConfirmedException, InternalErrorException, AliasExistsException, ForbiddenException, AwsServiceException, SdkClientException, CognitoIdentityProviderException Verifies the specified user attributes in the user pool.
If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see UserAttributeUpdateSettingsType.
Authorize this action with a signed-in user's access token. It must include the scope
aws.cognito.signin.user.admin
.Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This is a convenience which creates an instance of the
VerifyUserAttributeRequest.Builder
avoiding the need to create one manually viaVerifyUserAttributeRequest.builder()
- Parameters:
verifyUserAttributeRequest
- AConsumer
that will call methods onVerifyUserAttributeRequest.Builder
to create a request. Represents the request to verify user attributes.- Returns:
- Result of the VerifyUserAttribute operation returned by the service.
- See Also:
-
create
Create aCognitoIdentityProviderClient
with the region loaded from theDefaultAwsRegionProviderChain
and credentials loaded from theDefaultCredentialsProvider
. -
builder
Create a builder that can be used to configure and create aCognitoIdentityProviderClient
. -
serviceMetadata
-
serviceClientConfiguration
Description copied from interface:SdkClient
The SDK service client configuration exposes client settings to the user, e.g., ClientOverrideConfiguration- Specified by:
serviceClientConfiguration
in interfaceAwsClient
- Specified by:
serviceClientConfiguration
in interfaceSdkClient
- Returns:
- SdkServiceClientConfiguration
-