"documentation":"<p>Confirms user registration as an admin without using a confirmation code. Works on any user.</p> <p>Requires developer credentials.</p>"
"documentation":"<p>Creates a new user in the specified user pool and sends a welcome message via email or phone (SMS). This message is based on a template that you configured in your call to CreateUserPool or UpdateUserPool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.</p> <p>Requires developer credentials.</p>"
"documentation":"<p>Gets the specified user by user name in a user pool as an administrator. Works on any user.</p> <p>Requires developer credentials.</p>"
"documentation":"<p>Resets the specified user's password in a user pool as an administrator. Works on any user.</p> <p>When a developer calls this API, the current password is invalidated, so it must be changed. If a user tries to sign in after the API is called, the app will get a PasswordResetRequiredException exception back and should direct the user down the flow to reset the password, which is the same as the forgot password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.</p> <p>Requires developer credentials.</p>"
"documentation":"<p>Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user.</p> <p>Requires developer credentials.</p>"
"documentation":"<p>Responds to the authentication challenge.</p>"
},
"SetUserSettings":{
"name":"SetUserSettings",
"http":{
"method":"POST",
"requestUri":"/"
},
"input":{"shape":"SetUserSettingsRequest"},
"output":{"shape":"SetUserSettingsResponse"},
"errors":[
{"shape":"ResourceNotFoundException"},
{"shape":"InvalidParameterException"},
{"shape":"NotAuthorizedException"},
{"shape":"PasswordResetRequiredException"},
{"shape":"UserNotFoundException"},
{"shape":"UserNotConfirmedException"},
{"shape":"InternalErrorException"}
],
"documentation":"<p>Sets the user settings like multi-factor authentication (MFA). If MFA is to be removed for a particular attribute pass the attribute with code delivery as null. If null list is passed, all MFA options are removed.</p>",
"documentation":"<p>The user pool ID for which you want to confirm user registration.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name for which you want to confirm user registration.</p>"
}
},
"documentation":"<p>Represents the request to confirm user registration.</p>"
},
"AdminConfirmSignUpResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>Represents the response from the server for the request to confirm registration.</p>"
},
"AdminCreateUserConfigType":{
"type":"structure",
"members":{
"AllowAdminCreateUserOnly":{
"shape":"BooleanType",
"documentation":"<p>Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app.</p>"
"documentation":"<p>The user account expiration limit, in days, after which the account is no longer usable. To reset the account after that time limit, you must call AdminCreateUser again, specifying \"RESEND\" for the MessageAction parameter. The default value for this paameter is 7.</p>"
"documentation":"<p>The message template to be used for the welcome message to new users.</p>"
}
},
"documentation":"<p>The type of configuration for creating a new user profile.</p>"
},
"AdminCreateUserRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool where the user will be created.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The username for the user. Must be unique within the user pool. Must be a UTF-8 string between 1 and 128 characters. After the user is created, the username cannot be changed.</p>"
},
"UserAttributes":{
"shape":"AttributeListType",
"documentation":"<p>An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than Username. However, any attributes that you specify as required (in CreateUserPool or in the <b>Attributes</b> tab of the console) must be supplied either by you (in your call to AdminCreateUser) or by the user (when he or she signs up in response to your welcome message).</p> <p>To send a message inviting the user to sign up, you must specify the user's email address or phone number. This can be done in your call to AdminCreateUser or in the <b>Users</b> tab of the Amazon Cognito console for managing your user pools.</p> <p>In your call to AdminCreateUser, you can set the email_verified attribute to True, and you can set the phone_number_verified attribute to True. (You cannot do this by calling other operations such as AdminUpdateUserAttributes.)</p> <ul> <li> <p> <b>email</b>: The email address of the user to whom the message that contains the code and username will be sent. Required if the email_verified attribute is set to True, or if \"EMAIL\" is specified in the DesiredDeliveryMediums parameter.</p> </li> <li> <p> <b>phone_number</b>: The phone number of the user to whom the message that contains the code and username will be sent. Required if the phone_number_verified attribute is set to True, or if \"SMS\" is specified in the DesiredDeliveryMediums parameter.</p> </li> </ul>"
},
"ValidationData":{
"shape":"AttributeListType",
"documentation":"<p>The user's validation data. This is an array of name-value pairs that contain user attributes and attribute values that you can use for custom validation, such as restricting the types of user accounts that can be registered. For example, you might choose to allow or disallow user sign-up based on the user's domain.</p> <p>To configure custom validation, you must create a Pre Sign-up Lambda trigger for the user pool as described in the Amazon Cognito Developer Guide. The Lambda trigger receives the validation data and uses it in the validation process.</p> <p>The user's validation data is not persisted.</p>"
},
"TemporaryPassword":{
"shape":"PasswordType",
"documentation":"<p>The user's temporary password. This password must conform to the password policy that you specified when you created the user pool.</p> <p>The temporary password is valid only once. To complete the Admin Create User flow, the user must enter the temporary password in the sign-in page along with a new password to be used in all future sign-ins.</p> <p>This parameter is not required. If you do not specify a value, Amazon Cognito generates one for you.</p> <p>The temporary password can only be used until the user account expiration limit that you specified when you created the user pool. To reset the account after that time limit, you must call AdminCreateUser again, specifying \"RESEND\" for the MessageAction parameter.</p>"
},
"ForceAliasCreation":{
"shape":"ForceAliasCreation",
"documentation":"<p>This parameter is only used if the phone_number_verified or email_verified attribute is set to True. Otherwise, it is ignored.</p> <p>If this parameter is set to True and the phone number or email address specified in the UserAttributes parameter already exists as an alias with a different user, the API call will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias.</p> <p>If this parameter is set to False, the API throws an AliasExistsException error if the alias already exists. The default value is False.</p>"
},
"MessageAction":{
"shape":"MessageActionType",
"documentation":"<p>Set to \"RESEND\" to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to \"SUPPRESS\" to suppress sending the message. Only one value can be specified.</p>"
},
"DesiredDeliveryMediums":{
"shape":"DeliveryMediumListType",
"documentation":"<p>Specify \"EMAIL\" if email will be used to send the welcome message. Specify \"SMS\" if the phone number will be used. The default value is \"SMS\". More than one value can be specified.</p>"
}
},
"documentation":"<p>Represents the request to create a user in the specified user pool.</p>"
},
"AdminCreateUserResponse":{
"type":"structure",
"members":{
"User":{
"shape":"UserType",
"documentation":"<p>The user returned in the request to create a new user.</p>"
}
},
"documentation":"<p>Represents the response from the server to the request to create the user.</p>"
},
"AdminCreateUserUnusedAccountValidityDaysType":{
"type":"integer",
"max":90,
"min":0
},
"AdminDeleteUserAttributesRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username",
"UserAttributeNames"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool where you want to delete user attributes.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user from which you would like to delete attributes.</p>"
},
"UserAttributeNames":{
"shape":"AttributeNameListType",
"documentation":"<p>An array of strings representing the user attribute names you wish to delete.</p>"
}
},
"documentation":"<p>Represents the request to delete user attributes as an administrator.</p>"
},
"AdminDeleteUserAttributesResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>Represents the response received from the server for a request to delete user attributes.</p>"
},
"AdminDeleteUserRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool where you want to delete the user.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user you wish to delete.</p>"
}
},
"documentation":"<p>Represents the request to delete a user as an administrator.</p>"
},
"AdminDisableUserRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool where you want to disable the user.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user you wish to disable.</p>"
}
},
"documentation":"<p>Represents the request to disable any user as an administrator.</p>"
},
"AdminDisableUserResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>Represents the response received from the server to disable the user as an administrator.</p>"
},
"AdminEnableUserRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool where you want to enable the user.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user you wish to ebable.</p>"
}
},
"documentation":"<p>Represents the request that enables the user as an administrator.</p>"
},
"AdminEnableUserResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>Represents the response from the server for the request to enable a user as an administrator.</p>"
},
"AdminForgetDeviceRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username",
"DeviceKey"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name.</p>"
},
"DeviceKey":{
"shape":"DeviceKeyType",
"documentation":"<p>The device key.</p>"
}
},
"documentation":"<p>Sends the forgot device request, as an administrator.</p>"
},
"AdminGetDeviceRequest":{
"type":"structure",
"required":[
"DeviceKey",
"UserPoolId",
"Username"
],
"members":{
"DeviceKey":{
"shape":"DeviceKeyType",
"documentation":"<p>The device key.</p>"
},
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name.</p>"
}
},
"documentation":"<p>Represents the request to get the device, as an administrator.</p>"
},
"AdminGetDeviceResponse":{
"type":"structure",
"required":["Device"],
"members":{
"Device":{
"shape":"DeviceType",
"documentation":"<p>The device.</p>"
}
},
"documentation":"<p>Gets the device response, as an administrator.</p>"
},
"AdminGetUserRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool where you want to get information about the user.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user you wish to retrieve.</p>"
}
},
"documentation":"<p>Represents the request to get the specified user as an administrator.</p>"
},
"AdminGetUserResponse":{
"type":"structure",
"required":["Username"],
"members":{
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user about whom you are receiving information.</p>"
},
"UserAttributes":{
"shape":"AttributeListType",
"documentation":"<p>An array of name-value pairs representing user attributes.</p>"
},
"UserCreateDate":{
"shape":"DateType",
"documentation":"<p>The date the user was created.</p>"
},
"UserLastModifiedDate":{
"shape":"DateType",
"documentation":"<p>The date the user was last modified.</p>"
},
"Enabled":{
"shape":"BooleanType",
"documentation":"<p>Indicates that the status is enabled.</p>"
},
"UserStatus":{
"shape":"UserStatusType",
"documentation":"<p>The user status. Can be one of the following:</p> <ul> <li> <p>UNCONFIRMED - User has been created but not confirmed.</p> </li> <li> <p>CONFIRMED - User has been confirmed.</p> </li> <li> <p>ARCHIVED - User is no longer active.</p> </li> <li> <p>COMPROMISED - User is disabled due to a potential security threat.</p> </li> <li> <p>UNKNOWN - User status is not known.</p> </li> </ul>"
},
"MFAOptions":{
"shape":"MFAOptionListType",
"documentation":"<p>Specifies the options for MFA (e.g., email or phone number).</p>"
}
},
"documentation":"<p>Represents the response from the server from the request to get the specified user as an administrator.</p>"
},
"AdminInitiateAuthRequest":{
"type":"structure",
"required":[
"UserPoolId",
"ClientId",
"AuthFlow"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The ID of the Amazon Cognito user pool.</p>"
"documentation":"<p>The username for the user.</p>"
},
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool.</p>"
},
"Limit":{
"shape":"QueryLimitType",
"documentation":"<p>The limit of the request to list groups.</p>"
},
"NextToken":{
"shape":"PaginationKey",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
}
}
},
"AdminListGroupsForUserResponse":{
"type":"structure",
"members":{
"Groups":{
"shape":"GroupListType",
"documentation":"<p>The groups that the user belongs to.</p>"
},
"NextToken":{
"shape":"PaginationKey",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
}
}
},
"AdminRemoveUserFromGroupRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username",
"GroupName"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The username for the user.</p>"
"documentation":"<p>Responds to the authentication challenge, as an administrator.</p>"
},
"AdminSetUserSettingsRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username",
"MFAOptions"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool where you want to set the user's settings, such as MFA options.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user for whom you wish to set user settings.</p>"
},
"MFAOptions":{
"shape":"MFAOptionListType",
"documentation":"<p>Specifies the options for MFA (e.g., email or phone number).</p>"
}
},
"documentation":"<p>Represents the request to set user settings as an administrator.</p>"
},
"AdminSetUserSettingsResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>Represents the response from the server to set user settings as an administrator.</p>"
},
"AdminUpdateDeviceStatusRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username",
"DeviceKey"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID></p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name.</p>"
},
"DeviceKey":{
"shape":"DeviceKeyType",
"documentation":"<p>The device key.</p>"
},
"DeviceRememberedStatus":{
"shape":"DeviceRememberedStatusType",
"documentation":"<p>The status indicating whether a device has been remembered or not.</p>"
}
},
"documentation":"<p>The request to update the device status, as an administrator.</p>"
},
"AdminUpdateDeviceStatusResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>The status response from the request to update the device, as an administrator.</p>"
},
"AdminUpdateUserAttributesRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username",
"UserAttributes"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool where you want to update user attributes.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user for whom you want to update user attributes.</p>"
},
"UserAttributes":{
"shape":"AttributeListType",
"documentation":"<p>An array of name-value pairs representing user attributes.</p>"
}
},
"documentation":"<p>Represents the request to update the user's attributes as an administrator.</p>"
},
"AdminUpdateUserAttributesResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>Represents the response from the server for the request to update user attributes as an administrator.</p>"
},
"AdminUserGlobalSignOutRequest":{
"type":"structure",
"required":[
"UserPoolId",
"Username"
],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name.</p>"
}
},
"documentation":"<p>The request to sign out of all devices, as an administrator.</p>"
},
"AdminUserGlobalSignOutResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>The global sign-out response, as an administrator.</p>"
},
"AliasAttributeType":{
"type":"string",
"enum":[
"phone_number",
"email",
"preferred_username"
]
},
"AliasAttributesListType":{
"type":"list",
"member":{"shape":"AliasAttributeType"}
},
"AliasExistsException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message sent to the user when an alias exists.</p>"
}
},
"documentation":"<p>This exception is thrown when a user tries to confirm the account with an email or phone number that has already been supplied as an alias from a different account. This exception tells user that an account with this email or phone already exists.</p>",
"documentation":"<p>The name of the attribute.</p>"
},
"Value":{
"shape":"AttributeValueType",
"documentation":"<p>The value of the attribute.</p>"
}
},
"documentation":"<p>Specifies whether the attribute is standard or custom.</p>"
},
"AttributeValueType":{
"type":"string",
"max":2048,
"sensitive":true
},
"AuthFlowType":{
"type":"string",
"enum":[
"USER_SRP_AUTH",
"REFRESH_TOKEN_AUTH",
"REFRESH_TOKEN",
"CUSTOM_AUTH",
"ADMIN_NO_SRP_AUTH"
]
},
"AuthParametersType":{
"type":"map",
"key":{"shape":"StringType"},
"value":{"shape":"StringType"}
},
"AuthenticationResultType":{
"type":"structure",
"members":{
"AccessToken":{
"shape":"TokenModelType",
"documentation":"<p>The access token of the authentication result.</p>"
},
"ExpiresIn":{
"shape":"IntegerType",
"documentation":"<p>The expiration period of the authentication result.</p>"
},
"TokenType":{
"shape":"StringType",
"documentation":"<p>The token type of the authentication result.</p>"
},
"RefreshToken":{
"shape":"TokenModelType",
"documentation":"<p>The refresh token of the authentication result.</p>"
},
"IdToken":{
"shape":"TokenModelType",
"documentation":"<p>The ID token of the authentication result.</p>"
},
"NewDeviceMetadata":{
"shape":"NewDeviceMetadataType",
"documentation":"<p>The new device metadata from an authentication result.</p>"
}
},
"documentation":"<p>The result type of the authentication result.</p>"
},
"BooleanType":{"type":"boolean"},
"ChallengeNameType":{
"type":"string",
"enum":[
"SMS_MFA",
"PASSWORD_VERIFIER",
"CUSTOM_CHALLENGE",
"DEVICE_SRP_AUTH",
"DEVICE_PASSWORD_VERIFIER",
"ADMIN_NO_SRP_AUTH",
"NEW_PASSWORD_REQUIRED"
]
},
"ChallengeParametersType":{
"type":"map",
"key":{"shape":"StringType"},
"value":{"shape":"StringType"}
},
"ChallengeResponsesType":{
"type":"map",
"key":{"shape":"StringType"},
"value":{"shape":"StringType"}
},
"ChangePasswordRequest":{
"type":"structure",
"required":[
"PreviousPassword",
"ProposedPassword"
],
"members":{
"PreviousPassword":{
"shape":"PasswordType",
"documentation":"<p>The old password in the change password request.</p>"
},
"ProposedPassword":{
"shape":"PasswordType",
"documentation":"<p>The new password in the change password request.</p>"
},
"AccessToken":{
"shape":"TokenModelType",
"documentation":"<p>The access token in the change password request.</p>"
}
},
"documentation":"<p>Represents the request to change a user password.</p>"
},
"ChangePasswordResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>The response from the server to the change password request.</p>"
},
"ClientIdType":{
"type":"string",
"max":128,
"min":1,
"pattern":"[\\w+]+",
"sensitive":true
},
"ClientMetadataType":{
"type":"map",
"key":{"shape":"StringType"},
"value":{"shape":"StringType"}
},
"ClientNameType":{
"type":"string",
"max":128,
"min":1,
"pattern":"[\\w\\s+=,.@-]+"
},
"ClientPermissionListType":{
"type":"list",
"member":{"shape":"ClientPermissionType"}
},
"ClientPermissionType":{
"type":"string",
"max":2048,
"min":1
},
"ClientSecretType":{
"type":"string",
"max":64,
"min":1,
"pattern":"[\\w+]+",
"sensitive":true
},
"CodeDeliveryDetailsListType":{
"type":"list",
"member":{"shape":"CodeDeliveryDetailsType"}
},
"CodeDeliveryDetailsType":{
"type":"structure",
"members":{
"Destination":{
"shape":"StringType",
"documentation":"<p>The destination for the code delivery details.</p>"
},
"DeliveryMedium":{
"shape":"DeliveryMediumType",
"documentation":"<p>The delivery medium (email message or phone number).</p>"
},
"AttributeName":{
"shape":"AttributeNameType",
"documentation":"<p>The name of the attribute in the code delivery details type.</p>"
}
},
"documentation":"<p>The type of code delivery details being returned from the server.</p>"
},
"CodeDeliveryFailureException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message sent when a verification code fails to deliver successfully.</p>"
}
},
"documentation":"<p>This exception is thrown when a verification code fails to deliver successfully.</p>",
"exception":true
},
"CodeMismatchException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message provided when the code mismatch exception is thrown.</p>"
}
},
"documentation":"<p>This exception is thrown if the provided code does not match what the server was expecting.</p>",
"exception":true
},
"CompletionMessageType":{
"type":"string",
"max":128,
"min":1,
"pattern":"[\\w]+"
},
"ConcurrentModificationException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message provided when the concurrent exception is thrown.</p>"
}
},
"documentation":"<p>This exception is thrown if two or more modifications are happening concurrently.</p>",
"exception":true
},
"ConfirmDeviceRequest":{
"type":"structure",
"required":[
"AccessToken",
"DeviceKey"
],
"members":{
"AccessToken":{
"shape":"TokenModelType",
"documentation":"<p>The access token.</p>"
},
"DeviceKey":{
"shape":"DeviceKeyType",
"documentation":"<p>The device key.</p>"
},
"DeviceSecretVerifierConfig":{
"shape":"DeviceSecretVerifierConfigType",
"documentation":"<p>The configuration of the device secret verifier.</p>"
},
"DeviceName":{
"shape":"DeviceNameType",
"documentation":"<p>The device name.</p>"
}
},
"documentation":"<p>Confirms the device request.</p>"
},
"ConfirmDeviceResponse":{
"type":"structure",
"members":{
"UserConfirmationNecessary":{
"shape":"BooleanType",
"documentation":"<p>Indicates whether the user confirmation is necessary to confirm the device response.</p>"
}
},
"documentation":"<p>Confirms the device response.</p>"
},
"ConfirmForgotPasswordRequest":{
"type":"structure",
"required":[
"ClientId",
"Username",
"ConfirmationCode",
"Password"
],
"members":{
"ClientId":{
"shape":"ClientIdType",
"documentation":"<p>The ID of the client associated with the user pool.</p>"
},
"SecretHash":{
"shape":"SecretHashType",
"documentation":"<p>A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user for whom you want to enter a code to retrieve a forgotten password.</p>"
},
"ConfirmationCode":{
"shape":"ConfirmationCodeType",
"documentation":"<p>The confirmation code sent by a user's request to retrieve a forgotten password.</p>"
},
"Password":{
"shape":"PasswordType",
"documentation":"<p>The password sent by sent by a user's request to retrieve a forgotten password.</p>"
}
},
"documentation":"<p>The request representing the confirmation for a password reset.</p>"
},
"ConfirmForgotPasswordResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>The response from the server that results from a user's request to retrieve a forgotten password.</p>"
},
"ConfirmSignUpRequest":{
"type":"structure",
"required":[
"ClientId",
"Username",
"ConfirmationCode"
],
"members":{
"ClientId":{
"shape":"ClientIdType",
"documentation":"<p>The ID of the client associated with the user pool.</p>"
},
"SecretHash":{
"shape":"SecretHashType",
"documentation":"<p>A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user whose registration you wish to confirm.</p>"
},
"ConfirmationCode":{
"shape":"ConfirmationCodeType",
"documentation":"<p>The confirmation code sent by a user's request to confirm registration.</p>"
},
"ForceAliasCreation":{
"shape":"ForceAliasCreation",
"documentation":"<p>Boolean to be specified to force user confirmation irrespective of existing alias. By default set to False. If this parameter is set to True and the phone number/email used for sign up confirmation already exists as an alias with a different user, the API call will migrate the alias from the previous user to the newly created user being confirmed. If set to False, the API will throw an <b>AliasExistsException</b> error.</p>"
}
},
"documentation":"<p>Represents the request to confirm registration of a user.</p>"
},
"ConfirmSignUpResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>Represents the response from the server for the registration confirmation.</p>"
"documentation":"<p>The name of the group. Must be unique.</p>"
},
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool.</p>"
},
"Description":{
"shape":"DescriptionType",
"documentation":"<p>A string containing the description of the group.</p>"
},
"RoleArn":{
"shape":"ArnType",
"documentation":"<p>The role ARN for the group.</p>"
},
"Precedence":{
"shape":"PrecedenceType",
"documentation":"<p>A nonnegative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower <code>Precedence</code> values take precedence over groups with higher or null <code>Precedence</code> values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN will be used in the <code>cognito:roles</code> and <code>cognito:preferred_role</code> claims in the user's tokens.</p> <p>Two groups can have the same <code>Precedence</code> value. If this happens, neither group takes precedence over the other. If two groups with the same <code>Precedence</code> have the same role ARN, that role is used in the <code>cognito:preferred_role</code> claim in tokens for users in each group. If the two groups have different role ARNs, the <code>cognito:preferred_role</code> claim is not set in users' tokens.</p> <p>The default <code>Precedence</code> value is null.</p>"
}
}
},
"CreateGroupResponse":{
"type":"structure",
"members":{
"Group":{
"shape":"GroupType",
"documentation":"<p>The group object for the group.</p>"
"documentation":"<p>Represents the request to create a user pool client.</p>"
},
"CreateUserPoolClientResponse":{
"type":"structure",
"members":{
"UserPoolClient":{
"shape":"UserPoolClientType",
"documentation":"<p>The user pool client that was just created.</p>"
}
},
"documentation":"<p>Represents the response from the server to create a user pool client.</p>"
},
"CreateUserPoolRequest":{
"type":"structure",
"required":["PoolName"],
"members":{
"PoolName":{
"shape":"UserPoolNameType",
"documentation":"<p>A string used to name the user pool.</p>"
},
"Policies":{
"shape":"UserPoolPolicyType",
"documentation":"<p>The policies associated with the new user pool.</p>"
},
"LambdaConfig":{
"shape":"LambdaConfigType",
"documentation":"<p>The Lambda trigger configuration information for the new user pool.</p>"
},
"AutoVerifiedAttributes":{
"shape":"VerifiedAttributesListType",
"documentation":"<p>The attributes to be auto-verified. Possible values: <b>email</b>, <b>phone_number</b>.</p>"
},
"AliasAttributes":{
"shape":"AliasAttributesListType",
"documentation":"<p>Attributes supported as an alias for this user pool. Possible values: <b>phone_number</b>, <b>email</b>, or <b>preferred_username</b>.</p>"
},
"SmsVerificationMessage":{
"shape":"SmsVerificationMessageType",
"documentation":"<p>A string representing the SMS verification message.</p>"
},
"EmailVerificationMessage":{
"shape":"EmailVerificationMessageType",
"documentation":"<p>A string representing the email verification message.</p>"
},
"EmailVerificationSubject":{
"shape":"EmailVerificationSubjectType",
"documentation":"<p>A string representing the email verification subject.</p>"
},
"SmsAuthenticationMessage":{
"shape":"SmsVerificationMessageType",
"documentation":"<p>A string representing the SMS authentication message.</p>"
"documentation":"<p>The cost allocation tags for the user pool. For more information, see <a href=\"http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-cost-allocation-tagging.html\">Adding Cost Allocation Tags to Your User Pool</a> </p>"
"documentation":"<p>The message returned when the expired code exception is thrown.</p>"
}
},
"documentation":"<p>This exception is thrown if a code has expired.</p>",
"exception":true
},
"ExplicitAuthFlowsListType":{
"type":"list",
"member":{"shape":"ExplicitAuthFlowsType"}
},
"ExplicitAuthFlowsType":{
"type":"string",
"enum":[
"ADMIN_NO_SRP_AUTH",
"CUSTOM_AUTH_FLOW_ONLY"
]
},
"ForceAliasCreation":{"type":"boolean"},
"ForgetDeviceRequest":{
"type":"structure",
"required":["DeviceKey"],
"members":{
"AccessToken":{
"shape":"TokenModelType",
"documentation":"<p>The access token for the forgotten device request.</p>"
},
"DeviceKey":{
"shape":"DeviceKeyType",
"documentation":"<p>The device key.</p>"
}
},
"documentation":"<p>Represents the request to forget the device.</p>"
},
"ForgotPasswordRequest":{
"type":"structure",
"required":[
"ClientId",
"Username"
],
"members":{
"ClientId":{
"shape":"ClientIdType",
"documentation":"<p>The ID of the client associated with the user pool.</p>"
},
"SecretHash":{
"shape":"SecretHashType",
"documentation":"<p>A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.</p>"
"documentation":"<p>Respresents the response from the server regarding the request to reset a password.</p>"
},
"GenerateSecret":{"type":"boolean"},
"GetCSVHeaderRequest":{
"type":"structure",
"required":["UserPoolId"],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool that the users are to be imported into.</p>"
}
},
"documentation":"<p>Represents the request to get the header information for the .csv file for the user import job.</p>"
},
"GetCSVHeaderResponse":{
"type":"structure",
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool that the users are to be imported into.</p>"
},
"CSVHeader":{
"shape":"ListOfStringTypes",
"documentation":"<p>The header information for the .csv file for the user import job.</p>"
}
},
"documentation":"<p>Represents the response from the server to the request to get the header information for the .csv file for the user import job.</p>"
},
"GetDeviceRequest":{
"type":"structure",
"required":["DeviceKey"],
"members":{
"DeviceKey":{
"shape":"DeviceKeyType",
"documentation":"<p>The device key.</p>"
},
"AccessToken":{
"shape":"TokenModelType",
"documentation":"<p>The access token.</p>"
}
},
"documentation":"<p>Represents the request to get the device.</p>"
},
"GetDeviceResponse":{
"type":"structure",
"required":["Device"],
"members":{
"Device":{
"shape":"DeviceType",
"documentation":"<p>The device.</p>"
}
},
"documentation":"<p>Gets the device response.</p>"
"documentation":"<p>This exception is thrown when Amazon Cognito encounters a group that already exists in the user pool.</p>",
"exception":true
},
"GroupListType":{
"type":"list",
"member":{"shape":"GroupType"}
},
"GroupNameType":{
"type":"string",
"max":128,
"min":1,
"pattern":"[\\p{L}\\p{M}\\p{S}\\p{N}\\p{P}]+"
},
"GroupType":{
"type":"structure",
"members":{
"GroupName":{
"shape":"GroupNameType",
"documentation":"<p>The name of the group.</p>"
},
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool.</p>"
},
"Description":{
"shape":"DescriptionType",
"documentation":"<p>A string containing the description of the group.</p>"
},
"RoleArn":{
"shape":"ArnType",
"documentation":"<p>The role ARN for the group.</p>"
},
"Precedence":{
"shape":"PrecedenceType",
"documentation":"<p>A nonnegative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. If a user belongs to two or more groups, it is the group with the highest precedence whose role ARN will be used in the <code>cognito:roles</code> and <code>cognito:preferred_role</code> claims in the user's tokens. Groups with higher <code>Precedence</code> values take precedence over groups with lower <code>Precedence</code> values or with null <code>Precedence</code> values.</p> <p>Two groups can have the same <code>Precedence</code> value. If this happens, neither group takes precedence over the other. If two groups with the same <code>Precedence</code> have the same role ARN, that role is used in the <code>cognito:preferred_role</code> claim in tokens for users in each group. If the two groups have different role ARNs, the <code>cognito:preferred_role</code> claim is not set in users' tokens.</p> <p>The default <code>Precedence</code> value is null.</p>"
},
"LastModifiedDate":{
"shape":"DateType",
"documentation":"<p>The date the group was last modified.</p>"
},
"CreationDate":{
"shape":"DateType",
"documentation":"<p>The date the group was created.</p>"
"documentation":"<p>Initiates the authentication response.</p>"
},
"IntegerType":{"type":"integer"},
"InternalErrorException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when Amazon Cognito throws an internal error exception.</p>"
}
},
"documentation":"<p>This exception is thrown when Amazon Cognito encounters an internal error.</p>",
"exception":true,
"fault":true
},
"InvalidEmailRoleAccessPolicyException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when you have an unverified email address or the identity policy is not set on an email address that Amazon Cognito can access.</p>"
}
},
"documentation":"<p>This exception is thrown when Amazon Cognito is not allowed to use your email identity. HTTP status code: 400.</p>",
"exception":true
},
"InvalidLambdaResponseException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when the Amazon Cognito service throws an invalid AWS Lambda response exception.</p>"
}
},
"documentation":"<p>This exception is thrown when the Amazon Cognito service encounters an invalid AWS Lambda response.</p>",
"exception":true
},
"InvalidParameterException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when the Amazon Cognito service throws an invalid parameter exception.</p>"
}
},
"documentation":"<p>This exception is thrown when the Amazon Cognito service encounters an invalid parameter.</p>",
"exception":true
},
"InvalidPasswordException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when the Amazon Cognito service throws an invalid user password exception.</p>"
}
},
"documentation":"<p>This exception is thrown when the Amazon Cognito service encounters an invalid password.</p>",
"exception":true
},
"InvalidSmsRoleAccessPolicyException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message retuned when the invalid SMS role access policy exception is thrown.</p>"
}
},
"documentation":"<p>This exception is returned when the role provided for SMS configuration does not have permission to publish using Amazon SNS.</p>",
"exception":true
},
"InvalidSmsRoleTrustRelationshipException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when the role trust relationship for the SMS message is invalid.</p>"
}
},
"documentation":"<p>This exception is thrown when the trust relationship is invalid for the role provided for SMS configuration. This can happen if you do not trust <b>cognito-idp.amazonaws.com</b> or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.</p>",
"exception":true
},
"InvalidUserPoolConfigurationException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when the user pool configuration is invalid.</p>"
}
},
"documentation":"<p>This exception is thrown when the user pool configuration is invalid.</p>",
"documentation":"<p>The user pool ID for the user pool.</p>"
},
"Limit":{
"shape":"QueryLimitType",
"documentation":"<p>The limit of the request to list groups.</p>"
},
"NextToken":{
"shape":"PaginationKey",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
}
}
},
"ListGroupsResponse":{
"type":"structure",
"members":{
"Groups":{
"shape":"GroupListType",
"documentation":"<p>The group objects for the groups.</p>"
},
"NextToken":{
"shape":"PaginationKey",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
"documentation":"<p>The user pool ID for the user pool that the users are being imported into.</p>"
},
"MaxResults":{
"shape":"PoolQueryLimitType",
"documentation":"<p>The maximum number of import jobs you want the request to return.</p>"
},
"PaginationToken":{
"shape":"PaginationKeyType",
"documentation":"<p>An identifier that was returned from the previous call to ListUserImportJobs, which can be used to return the next set of import jobs in the list.</p>"
}
},
"documentation":"<p>Represents the request to list the user import jobs.</p>"
},
"ListUserImportJobsResponse":{
"type":"structure",
"members":{
"UserImportJobs":{
"shape":"UserImportJobsListType",
"documentation":"<p>The user import jobs.</p>"
},
"PaginationToken":{
"shape":"PaginationKeyType",
"documentation":"<p>An identifier that can be used to return the next set of user import jobs in the list.</p>"
}
},
"documentation":"<p>Represents the response from the server to the request to list the user import jobs.</p>"
},
"ListUserPoolClientsRequest":{
"type":"structure",
"required":["UserPoolId"],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool where you want to list user pool clients.</p>"
},
"MaxResults":{
"shape":"QueryLimit",
"documentation":"<p>The maximum number of results you want the request to return when listing the user pool clients.</p>"
},
"NextToken":{
"shape":"PaginationKey",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
}
},
"documentation":"<p>Represents the request to list the user pool clients.</p>"
},
"ListUserPoolClientsResponse":{
"type":"structure",
"members":{
"UserPoolClients":{
"shape":"UserPoolClientListType",
"documentation":"<p>The user pool clients in the response that lists user pool clients.</p>"
},
"NextToken":{
"shape":"PaginationKey",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
}
},
"documentation":"<p>Represents the response from the server that lists user pool clients.</p>"
},
"ListUserPoolsRequest":{
"type":"structure",
"required":["MaxResults"],
"members":{
"NextToken":{
"shape":"PaginationKeyType",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
},
"MaxResults":{
"shape":"PoolQueryLimitType",
"documentation":"<p>The maximum number of results you want the request to return when listing the user pools.</p>"
}
},
"documentation":"<p>Represents the request to list user pools.</p>"
},
"ListUserPoolsResponse":{
"type":"structure",
"members":{
"UserPools":{
"shape":"UserPoolListType",
"documentation":"<p>The user pools from the response to list users.</p>"
},
"NextToken":{
"shape":"PaginationKeyType",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
}
},
"documentation":"<p>Represents the response to list user pools.</p>"
"documentation":"<p>The user pool ID for the user pool.</p>"
},
"GroupName":{
"shape":"GroupNameType",
"documentation":"<p>The name of the group.</p>"
},
"Limit":{
"shape":"QueryLimitType",
"documentation":"<p>The limit of the request to list users.</p>"
},
"NextToken":{
"shape":"PaginationKey",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
}
}
},
"ListUsersInGroupResponse":{
"type":"structure",
"members":{
"Users":{
"shape":"UsersListType",
"documentation":"<p>The users returned in the request to list users.</p>"
},
"NextToken":{
"shape":"PaginationKey",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
"documentation":"<p>The user pool ID for which you want to list users.</p>"
},
"AttributesToGet":{
"shape":"SearchedAttributeNamesListType",
"documentation":"<p>The attributes to get from the request to list users.</p>"
},
"Limit":{
"shape":"QueryLimitType",
"documentation":"<p>The limit of the request to list users.</p>"
},
"PaginationToken":{
"shape":"SearchPaginationTokenType",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
},
"Filter":{
"shape":"UserFilterType",
"documentation":"<p>The filter for the list users request.</p>"
}
},
"documentation":"<p>Represents the request to list users.</p>"
},
"ListUsersResponse":{
"type":"structure",
"members":{
"Users":{
"shape":"UsersListType",
"documentation":"<p>The users returned in the request to list users.</p>"
},
"PaginationToken":{
"shape":"SearchPaginationTokenType",
"documentation":"<p>An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.</p>"
}
},
"documentation":"<p>The response from the request to list users.</p>"
},
"LongType":{"type":"long"},
"MFAMethodNotFoundException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when Amazon Cognito throws an MFA method not found exception.</p>"
}
},
"documentation":"<p>This exception is thrown when Amazon Cognito cannot find a multi-factor authentication (MFA) method.</p>",
"exception":true
},
"MFAOptionListType":{
"type":"list",
"member":{"shape":"MFAOptionType"}
},
"MFAOptionType":{
"type":"structure",
"members":{
"DeliveryMedium":{
"shape":"DeliveryMediumType",
"documentation":"<p>The delivery medium (email message or SMS message) to send the MFA code.</p>"
},
"AttributeName":{
"shape":"AttributeNameType",
"documentation":"<p>The attribute name of the MFA option type.</p>"
}
},
"documentation":"<p>Specifies the different settings for multi-factor authentication (MFA).</p>"
},
"MessageActionType":{
"type":"string",
"enum":[
"RESEND",
"SUPPRESS"
]
},
"MessageTemplateType":{
"type":"structure",
"members":{
"SMSMessage":{
"shape":"SmsVerificationMessageType",
"documentation":"<p>The message template for SMS messages.</p>"
},
"EmailMessage":{
"shape":"EmailVerificationMessageType",
"documentation":"<p>The message template for email messages.</p>"
},
"EmailSubject":{
"shape":"EmailVerificationSubjectType",
"documentation":"<p>The subject line for email messages.</p>"
"documentation":"<p>The new device metadata type.</p>"
},
"NotAuthorizedException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when the Amazon Cognito service returns a not authorized exception.</p>"
}
},
"documentation":"<p>This exception gets thrown when a user is not authorized.</p>",
"exception":true
},
"NumberAttributeConstraintsType":{
"type":"structure",
"members":{
"MinValue":{
"shape":"StringType",
"documentation":"<p>The minimum value of an attribute that is of the number data type.</p>"
},
"MaxValue":{
"shape":"StringType",
"documentation":"<p>The maximum value of an attribute that is of the number data type.</p>"
}
},
"documentation":"<p>The minimum and maximum value of an attribute that is of the number data type.</p>"
},
"PaginationKey":{
"type":"string",
"min":1,
"pattern":"[\\S]+"
},
"PaginationKeyType":{
"type":"string",
"min":1,
"pattern":"[\\S]+"
},
"PasswordPolicyMinLengthType":{
"type":"integer",
"max":99,
"min":6
},
"PasswordPolicyType":{
"type":"structure",
"members":{
"MinimumLength":{
"shape":"PasswordPolicyMinLengthType",
"documentation":"<p>The minimum length of the password policy that you have set. Cannot be less than 6.</p>"
},
"RequireUppercase":{
"shape":"BooleanType",
"documentation":"<p>In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.</p>"
},
"RequireLowercase":{
"shape":"BooleanType",
"documentation":"<p>In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.</p>"
},
"RequireNumbers":{
"shape":"BooleanType",
"documentation":"<p>In the password policy that you have set, refers to whether you have required users to use at least one number in their password.</p>"
},
"RequireSymbols":{
"shape":"BooleanType",
"documentation":"<p>In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.</p>"
"documentation":"<p>The message returned when a precondition is not met.</p>"
}
},
"documentation":"<p>This exception is thrown when a precondition is not met.</p>",
"exception":true
},
"QueryLimit":{
"type":"integer",
"max":60,
"min":1
},
"QueryLimitType":{
"type":"integer",
"max":60,
"min":0
},
"RefreshTokenValidityType":{
"type":"integer",
"max":3650,
"min":0
},
"ResendConfirmationCodeRequest":{
"type":"structure",
"required":[
"ClientId",
"Username"
],
"members":{
"ClientId":{
"shape":"ClientIdType",
"documentation":"<p>The ID of the client associated with the user pool.</p>"
},
"SecretHash":{
"shape":"SecretHashType",
"documentation":"<p>A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user to whom you wish to resend a confirmation code.</p>"
}
},
"documentation":"<p>Represents the request to resend the confirmation code.</p>"
"documentation":"<p>Specifies whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail.</p>",
"documentation":"<p>Specifies the constraints for an attribute of the number type.</p>"
},
"StringAttributeConstraints":{
"shape":"StringAttributeConstraintsType",
"documentation":"<p>Specifies the constraints for an attribute of the string type.</p>"
}
},
"documentation":"<p>Contains information about the schema attribute.</p>"
},
"SchemaAttributesListType":{
"type":"list",
"member":{"shape":"SchemaAttributeType"},
"max":50,
"min":1
},
"SearchPaginationTokenType":{
"type":"string",
"min":1,
"pattern":"[\\S]+"
},
"SearchedAttributeNamesListType":{
"type":"list",
"member":{"shape":"AttributeNameType"}
},
"SecretHashType":{
"type":"string",
"max":128,
"min":1,
"pattern":"[\\w+=/]+",
"sensitive":true
},
"SessionType":{
"type":"string",
"max":2048,
"min":20
},
"SetUserSettingsRequest":{
"type":"structure",
"required":[
"AccessToken",
"MFAOptions"
],
"members":{
"AccessToken":{
"shape":"TokenModelType",
"documentation":"<p>The access token for the set user settings request.</p>"
},
"MFAOptions":{
"shape":"MFAOptionListType",
"documentation":"<p>Specifies the options for MFA (e.g., email or phone number).</p>"
}
},
"documentation":"<p>Represents the request to set user settings.</p>"
},
"SetUserSettingsResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>The response from the server for a set user settings request.</p>"
},
"SignUpRequest":{
"type":"structure",
"required":[
"ClientId",
"Username",
"Password"
],
"members":{
"ClientId":{
"shape":"ClientIdType",
"documentation":"<p>The ID of the client associated with the user pool.</p>"
},
"SecretHash":{
"shape":"SecretHashType",
"documentation":"<p>A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.</p>"
},
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user you wish to register.</p>"
},
"Password":{
"shape":"PasswordType",
"documentation":"<p>The password of the user you wish to register.</p>"
},
"UserAttributes":{
"shape":"AttributeListType",
"documentation":"<p>An array of name-value pairs representing user attributes.</p>"
},
"ValidationData":{
"shape":"AttributeListType",
"documentation":"<p>The validation data in the request to register a user.</p>"
}
},
"documentation":"<p>Represents the request to register a user.</p>"
},
"SignUpResponse":{
"type":"structure",
"members":{
"UserConfirmed":{
"shape":"BooleanType",
"documentation":"<p>A response from the server indicating that a user registration has been confirmed.</p>"
"documentation":"<p>The user pool ID for the user pool.</p>"
},
"Description":{
"shape":"DescriptionType",
"documentation":"<p>A string containing the new description of the group.</p>"
},
"RoleArn":{
"shape":"ArnType",
"documentation":"<p>The new role ARN for the group. This is used for setting the <code>cognito:roles</code> and <code>cognito:preferred_role</code> claims in the token.</p>"
},
"Precedence":{
"shape":"PrecedenceType",
"documentation":"<p>The new precedence value for the group. For more information about this parameter, see <a href=\"API_CreateGroupRequeste.html\">CreateGroupRequest</a>.</p>"
}
}
},
"UpdateGroupResponse":{
"type":"structure",
"members":{
"Group":{
"shape":"GroupType",
"documentation":"<p>The group object for the group.</p>"
"documentation":"<p>Represents the request to update the user pool client.</p>"
},
"UpdateUserPoolClientResponse":{
"type":"structure",
"members":{
"UserPoolClient":{
"shape":"UserPoolClientType",
"documentation":"<p>The user pool client value from the response from the server when an update user pool client request is made.</p>"
}
},
"documentation":"<p>Represents the response from the server to the request to update the user pool client.</p>"
},
"UpdateUserPoolRequest":{
"type":"structure",
"required":["UserPoolId"],
"members":{
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool you want to update.</p>"
},
"Policies":{
"shape":"UserPoolPolicyType",
"documentation":"<p>A container with the policies you wish to update in a user pool.</p>"
},
"LambdaConfig":{
"shape":"LambdaConfigType",
"documentation":"<p>The AWS Lambda configuration information from the request to update the user pool.</p>"
},
"AutoVerifiedAttributes":{
"shape":"VerifiedAttributesListType",
"documentation":"<p>The attributes that are automatically verified when the Amazon Cognito service makes a request to update user pools.</p>"
},
"SmsVerificationMessage":{
"shape":"SmsVerificationMessageType",
"documentation":"<p>A container with information about the SMS verification message.</p>"
},
"EmailVerificationMessage":{
"shape":"EmailVerificationMessageType",
"documentation":"<p>The contents of the email verification message.</p>"
},
"EmailVerificationSubject":{
"shape":"EmailVerificationSubjectType",
"documentation":"<p>The subject of the email verfication message.</p>"
},
"SmsAuthenticationMessage":{
"shape":"SmsVerificationMessageType",
"documentation":"<p>The contents of the SMS authentication message.</p>"
},
"MfaConfiguration":{
"shape":"UserPoolMfaType",
"documentation":"<p>Can be one of the following values:</p> <ul> <li> <p> <code>OFF</code> - MFA tokens are not required and cannot be specified during user registration.</p> </li> <li> <p> <code>ON</code> - MFA tokens are required for all user registrations. You can only specify required when you are initially creating a user pool.</p> </li> <li> <p> <code>OPTIONAL</code> - Users have the option when registering to create an MFA token.</p> </li> </ul>"
"documentation":"<p>The cost allocation tags for the user pool. For more information, see <a href=\"http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-cost-allocation-tagging.html\">Adding Cost Allocation Tags to Your User Pool</a> </p>"
"documentation":"<p>The configuration for AdminCreateUser requests.</p>"
}
},
"documentation":"<p>Represents the request to update the user pool.</p>"
},
"UpdateUserPoolResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>Represents the response from the server when you make a request to update the user pool.</p>"
},
"UserFilterType":{
"type":"string",
"max":256
},
"UserImportInProgressException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when the user pool has an import job running.</p>"
}
},
"documentation":"<p>This exception is thrown when you are trying to modify a user pool while a user import job is in progress for that pool.</p>",
"exception":true
},
"UserImportJobIdType":{
"type":"string",
"max":55,
"min":1,
"pattern":"import-[0-9a-zA-Z-]+"
},
"UserImportJobNameType":{
"type":"string",
"max":128,
"min":1,
"pattern":"[\\w\\s+=,.@-]+"
},
"UserImportJobStatusType":{
"type":"string",
"enum":[
"Created",
"Pending",
"InProgress",
"Stopping",
"Expired",
"Stopped",
"Failed",
"Succeeded"
]
},
"UserImportJobType":{
"type":"structure",
"members":{
"JobName":{
"shape":"UserImportJobNameType",
"documentation":"<p>The job name for the user import job.</p>"
},
"JobId":{
"shape":"UserImportJobIdType",
"documentation":"<p>The job ID for the user import job.</p>"
},
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool that the users are being imported into.</p>"
},
"PreSignedUrl":{
"shape":"PreSignedUrlType",
"documentation":"<p>The pre-signed URL to be used to upload the .csv file.</p>"
},
"CreationDate":{
"shape":"DateType",
"documentation":"<p>The date when the user import job was created.</p>"
},
"StartDate":{
"shape":"DateType",
"documentation":"<p>The date when the user import job was started.</p>"
},
"CompletionDate":{
"shape":"DateType",
"documentation":"<p>The date when the user imoprt job was completed.</p>"
},
"Status":{
"shape":"UserImportJobStatusType",
"documentation":"<p>The status of the user import job. One of the following:</p> <ul> <li> <p>Created - The job was created but not started.</p> </li> <li> <p>Pending - A transition state. You have started the job, but it has not begun importing users yet.</p> </li> <li> <p>InProgress - The job has started, and users are being imported.</p> </li> <li> <p>Stopping - You have stopped the job, but the job has not stopped importing users yet.</p> </li> <li> <p>Stopped - You have stopped the job, and the job has stopped importing users.</p> </li> <li> <p>Succeeded - The job has completed successfully.</p> </li> <li> <p>Failed - The job has stopped due to an error.</p> </li> <li> <p>Expired - You created a job, but did not start the job within 24-48 hours. All data associated with the job was deleted, and the job cannot be started.</p> </li> </ul>"
},
"CloudWatchLogsRoleArn":{
"shape":"ArnType",
"documentation":"<p>The role ARN for the Amazon CloudWatch Logging role for the user import job. For more information, see \"Creating the CloudWatch Logs IAM Role\" in the Amazon Cognito Developer Guide.</p>"
},
"ImportedUsers":{
"shape":"LongType",
"documentation":"<p>The number of users that were successfully imported.</p>"
},
"SkippedUsers":{
"shape":"LongType",
"documentation":"<p>The number of users that were skipped.</p>"
},
"FailedUsers":{
"shape":"LongType",
"documentation":"<p>The number of users that could not be imported.</p>"
},
"CompletionMessage":{
"shape":"CompletionMessageType",
"documentation":"<p>The message returned when the user import job is completed.</p>"
}
},
"documentation":"<p>The user import job type.</p>"
},
"UserImportJobsListType":{
"type":"list",
"member":{"shape":"UserImportJobType"},
"max":50,
"min":1
},
"UserLambdaValidationException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when the Amazon Cognito service returns a user validation exception with the AWS Lambda service.</p>"
}
},
"documentation":"<p>This exception gets thrown when the Amazon Cognito service encounters a user validation exception with the AWS Lambda service.</p>",
"exception":true
},
"UserNotConfirmedException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when a user is not confirmed successfully.</p>"
}
},
"documentation":"<p>This exception is thrown when a user is not confirmed successfully.</p>",
"exception":true
},
"UserNotFoundException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when a user is not found.</p>"
}
},
"documentation":"<p>This exception is thrown when a user is not found.</p>",
"exception":true
},
"UserPoolClientDescription":{
"type":"structure",
"members":{
"ClientId":{
"shape":"ClientIdType",
"documentation":"<p>The ID of the client associated with the user pool.</p>"
},
"UserPoolId":{
"shape":"UserPoolIdType",
"documentation":"<p>The user pool ID for the user pool where you want to describe the user pool client.</p>"
},
"ClientName":{
"shape":"ClientNameType",
"documentation":"<p>The client name from the user pool client description.</p>"
"documentation":"<p>The name of the user pool.</p>"
},
"Policies":{
"shape":"UserPoolPolicyType",
"documentation":"<p>A container describing the policies associated with a user pool.</p>"
},
"LambdaConfig":{
"shape":"LambdaConfigType",
"documentation":"<p>A container describing the AWS Lambda triggers associated with a user pool.</p>"
},
"Status":{
"shape":"StatusType",
"documentation":"<p>The status of a user pool.</p>"
},
"LastModifiedDate":{
"shape":"DateType",
"documentation":"<p>The last modified date of a user pool.</p>"
},
"CreationDate":{
"shape":"DateType",
"documentation":"<p>The creation date of a user pool.</p>"
},
"SchemaAttributes":{
"shape":"SchemaAttributesListType",
"documentation":"<p>A container with the schema attributes of a user pool.</p>"
},
"AutoVerifiedAttributes":{
"shape":"VerifiedAttributesListType",
"documentation":"<p>Specifies the attributes that are auto-verified in a user pool.</p>"
},
"AliasAttributes":{
"shape":"AliasAttributesListType",
"documentation":"<p>Specifies the attributes that are aliased in a user pool.</p>"
},
"SmsVerificationMessage":{
"shape":"SmsVerificationMessageType",
"documentation":"<p>The contents of the SMS verification message.</p>"
},
"EmailVerificationMessage":{
"shape":"EmailVerificationMessageType",
"documentation":"<p>The contents of the email verification message.</p>"
},
"EmailVerificationSubject":{
"shape":"EmailVerificationSubjectType",
"documentation":"<p>The subject of the email verification message.</p>"
},
"SmsAuthenticationMessage":{
"shape":"SmsVerificationMessageType",
"documentation":"<p>The contents of the SMS authentication message.</p>"
},
"MfaConfiguration":{
"shape":"UserPoolMfaType",
"documentation":"<p>Can be one of the following values:</p> <ul> <li> <p> <code>OFF</code> - MFA tokens are not required and cannot be specified during user registration.</p> </li> <li> <p> <code>ON</code> - MFA tokens are required for all user registrations. You can only specify required when you are initially creating a user pool.</p> </li> <li> <p> <code>OPTIONAL</code> - Users have the option when registering to create an MFA token.</p> </li> </ul>"
"documentation":"<p>The cost allocation tags for the user pool. For more information, see <a href=\"http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-cost-allocation-tagging.html\">Adding Cost Allocation Tags to Your User Pool</a> </p>"
"documentation":"<p>The reason why the SMS configuration cannot send the message(s) to your users.</p>"
},
"EmailConfigurationFailure":{
"shape":"StringType",
"documentation":"<p>The reason why the email configuration cannot send the messages to your users.</p>"
},
"AdminCreateUserConfig":{
"shape":"AdminCreateUserConfigType",
"documentation":"<p>The configuration for AdminCreateUser requests.</p>"
}
},
"documentation":"<p>A container with information about the user pool type.</p>"
},
"UserStatusType":{
"type":"string",
"enum":[
"UNCONFIRMED",
"CONFIRMED",
"ARCHIVED",
"COMPROMISED",
"UNKNOWN",
"RESET_REQUIRED",
"FORCE_CHANGE_PASSWORD"
]
},
"UserType":{
"type":"structure",
"members":{
"Username":{
"shape":"UsernameType",
"documentation":"<p>The user name of the user you wish to describe.</p>"
},
"Attributes":{
"shape":"AttributeListType",
"documentation":"<p>A container with information about the user type attributes.</p>"
},
"UserCreateDate":{
"shape":"DateType",
"documentation":"<p>The creation date of the user.</p>"
},
"UserLastModifiedDate":{
"shape":"DateType",
"documentation":"<p>The last modified date of the user.</p>"
},
"Enabled":{
"shape":"BooleanType",
"documentation":"<p>Specifies whether the user is enabled.</p>"
},
"UserStatus":{
"shape":"UserStatusType",
"documentation":"<p>The user status. Can be one of the following:</p> <ul> <li> <p>UNCONFIRMED - User has been created but not confirmed.</p> </li> <li> <p>CONFIRMED - User has been confirmed.</p> </li> <li> <p>ARCHIVED - User is no longer active.</p> </li> <li> <p>COMPROMISED - User is disabled due to a potential security threat.</p> </li> <li> <p>UNKNOWN - User status is not known.</p> </li> </ul>"
},
"MFAOptions":{
"shape":"MFAOptionListType",
"documentation":"<p>The MFA options for the user.</p>"
}
},
"documentation":"<p>The user type.</p>"
},
"UsernameExistsException":{
"type":"structure",
"members":{
"message":{
"shape":"MessageType",
"documentation":"<p>The message returned when Amazon Cognito throws a user name exists exception.</p>"
}
},
"documentation":"<p>This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.</p>",
"exception":true
},
"UsernameType":{
"type":"string",
"max":128,
"min":1,
"pattern":"[\\p{L}\\p{M}\\p{S}\\p{N}\\p{P}]+",
"sensitive":true
},
"UsersListType":{
"type":"list",
"member":{"shape":"UserType"}
},
"VerifiedAttributeType":{
"type":"string",
"enum":[
"phone_number",
"email"
]
},
"VerifiedAttributesListType":{
"type":"list",
"member":{"shape":"VerifiedAttributeType"}
},
"VerifyUserAttributeRequest":{
"type":"structure",
"required":[
"AttributeName",
"Code"
],
"members":{
"AccessToken":{
"shape":"TokenModelType",
"documentation":"<p>Represents the access token of the request to verify user attributes.</p>"
},
"AttributeName":{
"shape":"AttributeNameType",
"documentation":"<p>The attribute name in the request to verify user attributes.</p>"
},
"Code":{
"shape":"ConfirmationCodeType",
"documentation":"<p>The verification code in the request to verify user attributes.</p>"
}
},
"documentation":"<p>Represents the request to verify user attributes.</p>"
},
"VerifyUserAttributeResponse":{
"type":"structure",
"members":{
},
"documentation":"<p>A container representing the response from the server from the request to verify user attributes.</p>"
}
},
"documentation":"<p>Using the Amazon Cognito Your User Pools API, you can create a user pool to manage directories and users. You can authenticate a user to obtain tokens related to user identity and access policies.</p> <p>This API reference provides information about user pools in Amazon Cognito Your User Pools.</p> <p>For more information, see the Amazon Cognito Documentation.</p>"