Class UserPoolType

java.lang.Object
software.amazon.awssdk.services.cognitoidentityprovider.model.UserPoolType
All Implemented Interfaces:
Serializable, SdkPojo, ToCopyableBuilder<UserPoolType.Builder,UserPoolType>
@Generated("software.amazon.awssdk:codegen") public final class UserPoolType extends Object implements SdkPojo, Serializable, ToCopyableBuilder<UserPoolType.Builder,UserPoolType>

The configuration of a user pool.

See Also:

  • Method Details

    • id

      public final String id()

      The ID of the user pool.

      Returns:
      The ID of the user pool.

    • name

      public final String name()

      The name of the user pool.

      Returns:
      The name of the user pool.

    • policies

      public final UserPoolPolicyType policies()

      A list of user pool policies. Contains the policy that sets password-complexity requirements.

      Returns:
      A list of user pool policies. Contains the policy that sets password-complexity requirements.

    • deletionProtection

      public final DeletionProtectionType deletionProtection()

      When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.

      When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.

      If the service returns an enum value that is not available in the current SDK version, deletionProtection will return DeletionProtectionType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from deletionProtectionAsString().

      Returns:
      When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.

      When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.

      See Also:

    • deletionProtectionAsString

      public final String deletionProtectionAsString()

      When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.

      When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.

      If the service returns an enum value that is not available in the current SDK version, deletionProtection will return DeletionProtectionType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from deletionProtectionAsString().

      Returns:
      When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.

      When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.

      See Also:

    • lambdaConfig

      public final LambdaConfigType lambdaConfig()

      A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of user pool operations. Triggers can modify the outcome of the operations that invoked them.

      Returns:
      A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of user pool operations. Triggers can modify the outcome of the operations that invoked them.

    • status

      @Deprecated public final StatusType status()
      Deprecated.
      This property is no longer available.

      This parameter is no longer used.

      If the service returns an enum value that is not available in the current SDK version, status will return StatusType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from statusAsString().

      Returns:
      This parameter is no longer used.
      See Also:

    • statusAsString

      @Deprecated public final String statusAsString()
      Deprecated.
      This property is no longer available.

      This parameter is no longer used.

      If the service returns an enum value that is not available in the current SDK version, status will return StatusType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from statusAsString().

      Returns:
      This parameter is no longer used.
      See Also:

    • lastModifiedDate

      public final Instant lastModifiedDate()

      The date and time when the item was modified. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.

      Returns:
      The date and time when the item was modified. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.

    • creationDate

      public final Instant creationDate()

      The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.

      Returns:
      The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.

    • hasSchemaAttributes

      public final boolean hasSchemaAttributes()
      For responses, this returns true if the service returned a value for the SchemaAttributes property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • schemaAttributes

      public final List<SchemaAttributeType> schemaAttributes()

      A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a custom: prefix, and developer attributes with a dev: prefix. For more information, see User pool attributes.

      Developer-only attributes are a legacy feature of user pools, and are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasSchemaAttributes() method.

      Returns:
      A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a custom: prefix, and developer attributes with a dev: prefix. For more information, see User pool attributes.

      Developer-only attributes are a legacy feature of user pools, and are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.

    • autoVerifiedAttributes

      public final List<VerifiedAttributeType> autoVerifiedAttributes()

      The attributes that are auto-verified in a user pool.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasAutoVerifiedAttributes() method.

      Returns:
      The attributes that are auto-verified in a user pool.

    • hasAutoVerifiedAttributes

      public final boolean hasAutoVerifiedAttributes()
      For responses, this returns true if the service returned a value for the AutoVerifiedAttributes property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • autoVerifiedAttributesAsStrings

      public final List<String> autoVerifiedAttributesAsStrings()

      The attributes that are auto-verified in a user pool.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasAutoVerifiedAttributes() method.

      Returns:
      The attributes that are auto-verified in a user pool.

    • aliasAttributes

      public final List<AliasAttributeType> aliasAttributes()

      Attributes supported as an alias for this user pool. An alias is an attribute that users can enter as an alternative username. Possible values: phone_number, email, or preferred_username.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasAliasAttributes() method.

      Returns:
      Attributes supported as an alias for this user pool. An alias is an attribute that users can enter as an alternative username. Possible values: phone_number, email, or preferred_username.

    • hasAliasAttributes

      public final boolean hasAliasAttributes()
      For responses, this returns true if the service returned a value for the AliasAttributes property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • aliasAttributesAsStrings

      public final List<String> aliasAttributesAsStrings()

      Attributes supported as an alias for this user pool. An alias is an attribute that users can enter as an alternative username. Possible values: phone_number, email, or preferred_username.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasAliasAttributes() method.

      Returns:
      Attributes supported as an alias for this user pool. An alias is an attribute that users can enter as an alternative username. Possible values: phone_number, email, or preferred_username.

    • usernameAttributes

      public final List<UsernameAttributeType> usernameAttributes()

      Specifies whether a user can use an email address or phone number as a username when they sign up.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasUsernameAttributes() method.

      Returns:
      Specifies whether a user can use an email address or phone number as a username when they sign up.

    • hasUsernameAttributes

      public final boolean hasUsernameAttributes()
      For responses, this returns true if the service returned a value for the UsernameAttributes property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • usernameAttributesAsStrings

      public final List<String> usernameAttributesAsStrings()

      Specifies whether a user can use an email address or phone number as a username when they sign up.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasUsernameAttributes() method.

      Returns:
      Specifies whether a user can use an email address or phone number as a username when they sign up.

    • smsVerificationMessage

      public final String smsVerificationMessage()

      This parameter is no longer used.

      Returns:
      This parameter is no longer used.

    • emailVerificationMessage

      public final String emailVerificationMessage()

      This parameter is no longer used.

      Returns:
      This parameter is no longer used.

    • emailVerificationSubject

      public final String emailVerificationSubject()

      This parameter is no longer used.

      Returns:
      This parameter is no longer used.

    • verificationMessageTemplate

      public final VerificationMessageTemplateType verificationMessageTemplate()

      The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.

      Returns:
      The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.

    • smsAuthenticationMessage

      public final String smsAuthenticationMessage()

      The contents of the SMS authentication message.

      Returns:
      The contents of the SMS authentication message.

    • userAttributeUpdateSettings

      public final UserAttributeUpdateSettingsType userAttributeUpdateSettings()

      The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For more information, see Verifying updates to email addresses and phone numbers.

      Returns:
      The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For more information, see Verifying updates to email addresses and phone numbers.

    • mfaConfiguration

      public final UserPoolMfaType mfaConfiguration()

      Can be one of the following values:

      • OFF - MFA tokens aren't required and can't be specified during user registration.

      • ON - MFA tokens are required for all user registrations. You can only specify required when you're initially creating a user pool.

      • OPTIONAL - Users have the option when registering to create an MFA token.

      If the service returns an enum value that is not available in the current SDK version, mfaConfiguration will return UserPoolMfaType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from mfaConfigurationAsString().

      Returns:
      Can be one of the following values:

      • OFF - MFA tokens aren't required and can't be specified during user registration.

      • ON - MFA tokens are required for all user registrations. You can only specify required when you're initially creating a user pool.

      • OPTIONAL - Users have the option when registering to create an MFA token.

      See Also:

    • mfaConfigurationAsString

      public final String mfaConfigurationAsString()

      Can be one of the following values:

      • OFF - MFA tokens aren't required and can't be specified during user registration.

      • ON - MFA tokens are required for all user registrations. You can only specify required when you're initially creating a user pool.

      • OPTIONAL - Users have the option when registering to create an MFA token.

      If the service returns an enum value that is not available in the current SDK version, mfaConfiguration will return UserPoolMfaType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from mfaConfigurationAsString().

      Returns:
      Can be one of the following values:

      • OFF - MFA tokens aren't required and can't be specified during user registration.

      • ON - MFA tokens are required for all user registrations. You can only specify required when you're initially creating a user pool.

      • OPTIONAL - Users have the option when registering to create an MFA token.

      See Also:

    • deviceConfiguration

      public final DeviceConfigurationType deviceConfiguration()

      The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.

      When you provide a value for any DeviceConfiguration field, you activate the Amazon Cognito device-remembering feature.

      Returns:
      The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.

      When you provide a value for any DeviceConfiguration field, you activate the Amazon Cognito device-remembering feature.

    • estimatedNumberOfUsers

      public final Integer estimatedNumberOfUsers()

      A number estimating the size of the user pool.

      Returns:
      A number estimating the size of the user pool.

    • emailConfiguration

      public final EmailConfigurationType emailConfiguration()

      The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool.

      Returns:
      The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool.

    • smsConfiguration

      public final SmsConfigurationType smsConfiguration()

      User pool configuration for delivery of SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.

      Returns:
      User pool configuration for delivery of SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.

    • hasUserPoolTags

      public final boolean hasUserPoolTags()
      For responses, this returns true if the service returned a value for the UserPoolTags property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • userPoolTags

      public final Map<String,String> userPoolTags()

      The tags that are assigned to the user pool. A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasUserPoolTags() method.

      Returns:
      The tags that are assigned to the user pool. A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

    • smsConfigurationFailure

      public final String smsConfigurationFailure()

      The reason why the SMS configuration can't send the messages to your users.

      This message might include comma-separated values to describe why your SMS configuration can't send messages to user pool end users.

      InvalidSmsRoleAccessPolicyException

      The Identity and Access Management role that Amazon Cognito uses to send SMS messages isn't properly configured. For more information, see SmsConfigurationType.

      SNSSandbox

      The Amazon Web Services account is in the SNS SMS Sandbox and messages will only reach verified end users. This parameter won’t get populated with SNSSandbox if the user creating the user pool doesn’t have SNS permissions. To learn how to move your Amazon Web Services account out of the sandbox, see Moving out of the SMS sandbox.

      Returns:
      The reason why the SMS configuration can't send the messages to your users.

      This message might include comma-separated values to describe why your SMS configuration can't send messages to user pool end users.

      InvalidSmsRoleAccessPolicyException

      The Identity and Access Management role that Amazon Cognito uses to send SMS messages isn't properly configured. For more information, see SmsConfigurationType.

      SNSSandbox

      The Amazon Web Services account is in the SNS SMS Sandbox and messages will only reach verified end users. This parameter won’t get populated with SNSSandbox if the user creating the user pool doesn’t have SNS permissions. To learn how to move your Amazon Web Services account out of the sandbox, see Moving out of the SMS sandbox.

    • emailConfigurationFailure

      public final String emailConfigurationFailure()

      Deprecated. Review error codes from API requests with EventSource:cognito-idp.amazonaws.com in CloudTrail for information about problems with user pool email configuration.

      Returns:
      Deprecated. Review error codes from API requests with EventSource:cognito-idp.amazonaws.com in CloudTrail for information about problems with user pool email configuration.

    • domain

      public final String domain()

      The domain prefix, if the user pool has a domain associated with it.

      Returns:
      The domain prefix, if the user pool has a domain associated with it.

    • customDomain

      public final String customDomain()

      A custom domain name that you provide to Amazon Cognito. This parameter applies only if you use a custom domain to host the sign-up and sign-in pages for your application. An example of a custom domain name might be auth.example.com.

      For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.

      Returns:
      A custom domain name that you provide to Amazon Cognito. This parameter applies only if you use a custom domain to host the sign-up and sign-in pages for your application. An example of a custom domain name might be auth.example.com.

      For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.

    • adminCreateUserConfig

      public final AdminCreateUserConfigType adminCreateUserConfig()

      The configuration for AdminCreateUser requests.

      Returns:
      The configuration for AdminCreateUser requests.

    • userPoolAddOns

      public final UserPoolAddOnsType userPoolAddOns()

      Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to AUDIT. To configure automatic security responses to potentially unwanted traffic to your user pool, set to ENFORCED.

      For more information, see Adding advanced security to a user pool. To activate this setting, your user pool must be on the Plus tier.

      Returns:
      Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to AUDIT. To configure automatic security responses to potentially unwanted traffic to your user pool, set to ENFORCED.

      For more information, see Adding advanced security to a user pool. To activate this setting, your user pool must be on the Plus tier.

    • usernameConfiguration

      public final UsernameConfigurationType usernameConfiguration()

      Case sensitivity of the username input for the selected sign-in option. When case sensitivity is set to False (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, username, USERNAME, or UserName, or for email, email@example.com or EMaiL@eXamplE.Com. For most use cases, set case sensitivity to False (case insensitive) as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.

      Returns:
      Case sensitivity of the username input for the selected sign-in option. When case sensitivity is set to False (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, username, USERNAME, or UserName, or for email, email@example.com or EMaiL@eXamplE.Com. For most use cases, set case sensitivity to False (case insensitive) as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.

    • arn

      public final String arn()

      The Amazon Resource Name (ARN) of the user pool.

      Returns:
      The Amazon Resource Name (ARN) of the user pool.

    • accountRecoverySetting

      public final AccountRecoverySettingType accountRecoverySetting()

      The available verified method a user can use to recover their password when they call ForgotPassword . You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.

      Returns:
      The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.

    • userPoolTier

      public final UserPoolTierType userPoolTier()

      The user pool feature plan, or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to ESSENTIALS.

      If the service returns an enum value that is not available in the current SDK version, userPoolTier will return UserPoolTierType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from userPoolTierAsString().

      Returns:
      The user pool feature plan, or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to ESSENTIALS.
      See Also:

    • userPoolTierAsString

      public final String userPoolTierAsString()

      The user pool feature plan, or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to ESSENTIALS.

      If the service returns an enum value that is not available in the current SDK version, userPoolTier will return UserPoolTierType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from userPoolTierAsString().

      Returns:
      The user pool feature plan, or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to ESSENTIALS.
      See Also:

    • toBuilder

      public UserPoolType.Builder toBuilder()
      Description copied from interface: ToCopyableBuilder
      Take this object and create a builder that contains all of the current property values of this object.
      Specified by:
      toBuilder in interface ToCopyableBuilder<UserPoolType.Builder,UserPoolType>
      Returns:
      a builder for type T

    • builder

      public static UserPoolType.Builder builder()

    • serializableBuilderClass

      public static Class<? extends UserPoolType.Builder> serializableBuilderClass()

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class Object

    • equalsBySdkFields

      public final boolean equalsBySdkFields(Object obj)
      Description copied from interface: SdkPojo
      Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

      If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

      Specified by:
      equalsBySdkFields in interface SdkPojo
      Parameters:
      obj - the object to be compared with
      Returns:
      true if the other object equals to this object by sdk fields, false otherwise.

    • toString

      public final String toString()
      Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
      Overrides:
      toString in class Object

    • getValueForField

      public final <T> Optional<T> getValueForField(String fieldName, Class<T> clazz)

    • sdkFields

      public final List<SdkField<?>> sdkFields()
      Specified by:
      sdkFields in interface SdkPojo
      Returns:
      List of SdkField in this POJO. May be empty list but should never be null.

    • sdkFieldNameToField

      public final Map<String,SdkField<?>> sdkFieldNameToField()
      Specified by:
      sdkFieldNameToField in interface SdkPojo
      Returns:
      The mapping between the field name and its corresponding field.