- * With the Amazon Cognito user pools API, you can set up user pools and app - * clients, and authenticate users. To authenticate users from third-party - * identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the - * authentication and authorization of federated users in the Adding user pool sign-in through a third party and in the Using the Amazon Cognito user pools API and user pool endpoints. + * >User pool federation endpoints and hosted UI reference. *
** This API reference provides detailed information about API operations and - * object types in Amazon Cognito. At the bottom of the page for each API - * operation and object, under See Also, you can learn how to use it in - * an Amazon Web Services SDK in the language of your choice. + * object types in Amazon Cognito. *
*
* Along with resource management operations, the Amazon Cognito user pools API
* includes classes of operations and authorization models for client-side and
- * server-side user operations. For more information, see
+ *
+ * An administrator who wants to configure user pools, app clients, users,
+ * groups, or other user pool functions.
+ *
+ * A server-side app, like a web application, that wants to use its Amazon Web
+ * Services privileges to manage, authenticate, or authorize a user.
+ *
+ * A client-side app, like a mobile app, that wants to make unauthenticated
+ * requests to manage, authenticate, or authorize a user.
+ *
+ * For more information, see Using the Amazon Cognito native and OIDC APIs in the Amazon Cognito
- * Developer Guide.
+ * >Using the Amazon Cognito user pools API and user pool endpoints
+ *
+ *
- * You can also start reading about the CognitoIdentityProvider
- * client in the following SDK guides.
+ * With your Amazon Web Services SDK, you can build the logic to support
+ * operational flows in every use case for this API. You can also make direct
+ * REST API requests to Amazon Cognito user pools service endpoints. The following links can get
+ * you started with the CognitoIdentityProvider client in other
+ * supported Amazon Web Services SDKs.
*
- * Adds the specified user to the specified group.
+ * Adds a user to a group. A user who is in a group can present a
+ * preferred-role claim to an identity pool, and populates a
+ * cognito:groups claim to their access and identity tokens.
*
@@ -292,8 +323,19 @@ void adminAddUserToGroup(AdminAddUserToGroupRequest adminAddUserToGroupRequest) /** *
- * Confirms user registration as an admin without using a confirmation code. - * Works on any user. + * This IAM-authenticated API operation provides a code that Amazon Cognito + * sent to your user when they signed up in your user pool. After your user + * enters their code, they confirm ownership of the email address or phone + * number that they provided, and their user account becomes active. + * Depending on your user pool configuration, your users will receive their + * confirmation code in an email or SMS message. + *
+ *+ * Local users who signed up in your user pool are the only type of user who + * can confirm sign-up with a code. Users who federate through an external + * identity provider (IdP) have already been confirmed by their IdP. + * Administrator-created users confirm their accounts when they respond to + * their invitation email message and choose a password. *
*@@ -1160,7 +1202,7 @@ AdminListDevicesResult adminListDevices(AdminListDevicesRequest adminListDevices /** *
- * Lists the groups that the user belongs to. + * Lists the groups that a user belongs to. *
*@@ -1323,6 +1365,12 @@ void adminRemoveUserFromGroup(AdminRemoveUserFromGroupRequest adminRemoveUserFro * Resets the specified user's password in a user pool as an administrator. * Works on any user. *
+ *+ * To use this API operation, your user pool must have self-service account + * recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator. + *
** This action might generate an SMS text message. Starting June 1, 2021, US @@ -1421,7 +1469,18 @@ AdminResetUserPasswordResult adminResetUserPassword( /** *
- * Responds to an authentication challenge, as an administrator.
+ * Some API operations in a user pool generate a challenge, like a prompt
+ * for an MFA code, for device authentication that bypasses MFA, or for a
+ * custom authentication challenge. An
+ * AdminRespondToAuthChallenge API request provides the answer
+ * to that challenge, like a code or a secure remote password (SRP). The
+ * parameters of a response to an authentication challenge vary with the
+ * type of challenge.
+ *
+ * For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers. *
*@@ -1859,7 +1918,8 @@ AdminUpdateDeviceStatusResult adminUpdateDeviceStatus( *
* Updates the specified user's attributes, including developer attributes, - * as an administrator. Works on any user. + * as an administrator. Works on any user. To delete an attribute from your + * user, submit the attribute in your API request with a blank value. *
*
* For custom attributes, you must prepend the custom: prefix
@@ -1931,16 +1991,48 @@ AdminUpdateUserAttributesResult adminUpdateUserAttributes(
/**
*
- * Signs out a user from all devices. AdminUserGlobalSignOut
- * invalidates all identity, access and refresh tokens that Amazon Cognito
- * has issued to a user. A user can still use a hosted UI cookie to retrieve
- * new tokens for the duration of the 1-hour cookie validity period.
+ * Invalidates the identity, access, and refresh tokens that Amazon Cognito
+ * issued to a user. Call this operation with your administrative
+ * credentials when your user signs out of your app. This results in the
+ * following behavior.
+ *
+ * Amazon Cognito no longer accepts token-authorized user operations + * that you authorize with a signed-out user's access tokens. For more + * information, see Using the Amazon Cognito user pools API and user pool endpoints. + *
+ *
+ * Amazon Cognito returns an Access Token has been revoked
+ * error when your app attempts to authorize a user pools API request with a
+ * revoked access token that contains the scope
+ * aws.cognito.signin.user.admin.
+ *
+ * Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with
+ * ServerSideTokenCheck enabled for its user pool IdP
+ * configuration in CognitoIdentityProvider.
+ *
+ * Amazon Cognito no longer accepts a signed-out user's refresh tokens in + * refresh requests. *
+ *
- * Your app isn't aware that a user's access token is revoked unless it
- * attempts to authorize a user pools API request with an access token that
- * contains the scope aws.cognito.signin.user.admin. Your app
- * might otherwise accept access tokens until they expire.
+ * Other requests might be valid until your user's token expires.
*
@@ -2029,7 +2121,7 @@ AdminUserGlobalSignOutResult adminUserGlobalSignOut( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
** Changes the password for a specified user in a user pool. *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -2068,7 +2164,7 @@ AssociateSoftwareTokenResult associateSoftwareToken( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
** Confirms tracking of the device. This API call is the call that begins - * device tracking. + * device tracking. For more information about device authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -2112,7 +2215,7 @@ ChangePasswordResult changePassword(ChangePasswordRequest changePasswordRequest) * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*- * Confirms registration of a new user. + * This public API operation provides a code that Amazon Cognito sent to + * your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they + * confirm ownership of the email address or phone number that they + * provided, and their user account becomes active. Depending on your user + * pool configuration, your users will receive their confirmation code in an + * email or SMS message. + *
+ *+ * Local users who signed up in your user pool are the only type of user who + * can confirm sign-up with a code. Users who federate through an external + * identity provider (IdP) have already been confirmed by their IdP. + * Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they + * respond to their invitation email message and choose a password. They do + * not receive a confirmation code. Instead, they receive a temporary + * password. *
*@@ -2208,7 +2329,7 @@ ConfirmForgotPasswordResult confirmForgotPassword( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*- * Creates an IdP for a user pool. + * Adds a configuration and trust relationship between a third-party + * identity provider (IdP) and a user pool. *
*@@ -2748,6 +2870,10 @@ void deleteResourceServer(DeleteResourceServerRequest deleteResourceServerReques *
* Allows a user to delete their own user profile. *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -2756,7 +2882,7 @@ void deleteResourceServer(DeleteResourceServerRequest deleteResourceServerReques * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
** Deletes the attributes for a user. *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -2795,7 +2925,7 @@ void deleteUser(DeleteUserRequest deleteUserRequest) throws AmazonClientExceptio * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*- * Forgets the specified device. + * Forgets the specified device. For more information about device + * authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -3156,7 +3293,7 @@ DescribeUserPoolDomainResult describeUserPoolDomain( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*SECRET_HASH parameter,
* this API returns NotAuthorizedException.
*
+ * + * To use this API operation, your user pool must have self-service account + * recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator. + *
** Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -3212,7 +3355,7 @@ void forgetDevice(ForgetDeviceRequest forgetDeviceRequest) throws AmazonClientEx * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -3301,7 +3444,14 @@ GetCSVHeaderResult getCSVHeader(GetCSVHeaderRequest getCSVHeaderRequest) /** *
- * Gets the device. + * Gets the device. For more information about device authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -3311,7 +3461,7 @@ GetCSVHeaderResult getCSVHeader(GetCSVHeaderRequest getCSVHeaderRequest) * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
** Gets the user attributes and metadata for a user. *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -3494,7 +3648,7 @@ GetUICustomizationResult getUICustomization(GetUICustomizationRequest getUICusto * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -3537,7 +3695,7 @@ GetUserResult getUser(GetUserRequest getUserRequest) throws AmazonClientExceptio * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -3628,16 +3786,51 @@ GetUserPoolMfaConfigResult getUserPoolMfaConfig( /** *
- * Signs out a user from all devices. GlobalSignOut invalidates
- * all identity, access and refresh tokens that Amazon Cognito has issued to
- * a user. A user can still use a hosted UI cookie to retrieve new tokens
- * for the duration of the 1-hour cookie validity period.
+ * Invalidates the identity, access, and refresh tokens that Amazon Cognito
+ * issued to a user. Call this operation when your user signs out of your
+ * app. This results in the following behavior.
+ *
+ * Amazon Cognito no longer accepts token-authorized user operations + * that you authorize with a signed-out user's access tokens. For more + * information, see Using the Amazon Cognito user pools API and user pool endpoints. + *
+ *
+ * Amazon Cognito returns an Access Token has been revoked
+ * error when your app attempts to authorize a user pools API request with a
+ * revoked access token that contains the scope
+ * aws.cognito.signin.user.admin.
+ *
+ * Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with
+ * ServerSideTokenCheck enabled for its user pool IdP
+ * configuration in CognitoIdentityProvider.
+ *
+ * Amazon Cognito no longer accepts a signed-out user's refresh tokens in + * refresh requests. + *
+ *+ * Other requests might be valid until your user's token expires. *
*
- * Your app isn't aware that a user's access token is revoked unless it
- * attempts to authorize a user pools API request with an access token that
- * contains the scope aws.cognito.signin.user.admin. Your app
- * might otherwise accept access tokens until they expire.
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -3647,7 +3840,7 @@ GetUserPoolMfaConfigResult getUserPoolMfaConfig( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -3753,7 +3946,14 @@ InitiateAuthResult initiateAuth(InitiateAuthRequest initiateAuthRequest) /** *
* Lists the sign-in devices that Amazon Cognito has registered to the - * current user. + * current user. For more information about device authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -3763,7 +3963,7 @@ InitiateAuthResult initiateAuth(InitiateAuthRequest initiateAuthRequest) * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -4324,7 +4524,17 @@ ResendConfirmationCodeResult resendConfirmationCode( /** *
- * Responds to the authentication challenge.
+ * Some API operations in a user pool generate a challenge, like a prompt
+ * for an MFA code, for device authentication that bypasses MFA, or for a
+ * custom authentication challenge. A RespondToAuthChallenge
+ * API request provides the answer to that challenge, like a code or a
+ * secure remote password (SRP). The parameters of a response to an
+ * authentication challenge vary with the type of challenge.
+ *
+ * For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers. *
*@@ -4334,7 +4544,7 @@ ResendConfirmationCodeResult resendConfirmationCode( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -4416,7 +4626,7 @@ RespondToAuthChallengeResult respondToAuthChallenge( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -4567,7 +4781,7 @@ SetUICustomizationResult setUICustomization(SetUICustomizationRequest setUICusto * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -4664,7 +4883,7 @@ SetUserPoolMfaConfigResult setUserPoolMfaConfig( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -4748,6 +4967,7 @@ SetUserSettingsResult setUserSettings(SetUserSettingsRequest setUserSettingsRequ * @throws UsernameExistsException * @throws TooManyRequestsException * @throws InternalErrorException + * @throws LimitExceededException * @throws InvalidSmsRoleAccessPolicyException * @throws InvalidSmsRoleTrustRelationshipException * @throws InvalidEmailRoleAccessPolicyException @@ -4903,7 +5123,7 @@ UntagResourceResult untagResource(UntagResourceRequest untagResourceRequest) * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*- * Updates the device status. + * Updates the device status. For more information about device + * authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -4942,7 +5169,7 @@ UpdateAuthEventFeedbackResult updateAuthEventFeedback( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
- * Allows a user to update a specific attribute (one at a time).
+ * With this operation, your users can update one or more of their
+ * attributes with their own credentials. You authorize this API request
+ * with the user's access token. To delete an attribute from your user,
+ * submit the attribute in your API request with a blank value. Custom
+ * attribute values in this request must include the custom:
+ * prefix.
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -5149,7 +5385,7 @@ UpdateResourceServerResult updateResourceServer( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -5488,7 +5724,7 @@ UpdateUserPoolDomainResult updateUserPoolDomain( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -5541,7 +5781,7 @@ VerifySoftwareTokenResult verifySoftwareToken( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
**
- * With the Amazon Cognito user pools API, you can set up user pools and app - * clients, and authenticate users. To authenticate users from third-party - * identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the - * authentication and authorization of federated users in the Adding user pool sign-in through a third party and in the Using the Amazon Cognito user pools API and user pool endpoints. + * >User pool federation endpoints and hosted UI reference. *
** This API reference provides detailed information about API operations and - * object types in Amazon Cognito. At the bottom of the page for each API - * operation and object, under See Also, you can learn how to use it in - * an Amazon Web Services SDK in the language of your choice. + * object types in Amazon Cognito. *
*
* Along with resource management operations, the Amazon Cognito user pools API
* includes classes of operations and authorization models for client-side and
- * server-side user operations. For more information, see
+ *
+ * An administrator who wants to configure user pools, app clients, users,
+ * groups, or other user pool functions.
+ *
+ * A server-side app, like a web application, that wants to use its Amazon Web
+ * Services privileges to manage, authenticate, or authorize a user.
+ *
+ * A client-side app, like a mobile app, that wants to make unauthenticated
+ * requests to manage, authenticate, or authorize a user.
+ *
+ * For more information, see Using the Amazon Cognito native and OIDC APIs in the Amazon Cognito
- * Developer Guide.
+ * >Using the Amazon Cognito user pools API and user pool endpoints
+ *
+ *
- * You can also start reading about the CognitoIdentityProvider
- * client in the following SDK guides.
+ * With your Amazon Web Services SDK, you can build the logic to support
+ * operational flows in every use case for this API. You can also make direct
+ * REST API requests to Amazon Cognito user pools service endpoints. The following links can get
+ * you started with the CognitoIdentityProvider client in other
+ * supported Amazon Web Services SDKs.
*
- * Adds the specified user to the specified group.
+ * Adds a user to a group. A user who is in a group can present a
+ * preferred-role claim to an identity pool, and populates a
+ * cognito:groups claim to their access and identity tokens.
*
@@ -649,8 +680,19 @@ public void adminAddUserToGroup(AdminAddUserToGroupRequest adminAddUserToGroupRe /** *
- * Confirms user registration as an admin without using a confirmation code. - * Works on any user. + * This IAM-authenticated API operation provides a code that Amazon Cognito + * sent to your user when they signed up in your user pool. After your user + * enters their code, they confirm ownership of the email address or phone + * number that they provided, and their user account becomes active. + * Depending on your user pool configuration, your users will receive their + * confirmation code in an email or SMS message. + *
+ *+ * Local users who signed up in your user pool are the only type of user who + * can confirm sign-up with a code. Users who federate through an external + * identity provider (IdP) have already been confirmed by their IdP. + * Administrator-created users confirm their accounts when they respond to + * their invitation email message and choose a password. *
*@@ -1853,7 +1895,7 @@ public AdminListDevicesResult adminListDevices(AdminListDevicesRequest adminList /** *
- * Lists the groups that the user belongs to. + * Lists the groups that a user belongs to. *
*@@ -2093,6 +2135,12 @@ public void adminRemoveUserFromGroup( * Resets the specified user's password in a user pool as an administrator. * Works on any user. *
+ *+ * To use this API operation, your user pool must have self-service account + * recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator. + *
** This action might generate an SMS text message. Starting June 1, 2021, US @@ -2218,7 +2266,18 @@ public AdminResetUserPasswordResult adminResetUserPassword( /** *
- * Responds to an authentication challenge, as an administrator.
+ * Some API operations in a user pool generate a challenge, like a prompt
+ * for an MFA code, for device authentication that bypasses MFA, or for a
+ * custom authentication challenge. An
+ * AdminRespondToAuthChallenge API request provides the answer
+ * to that challenge, like a code or a secure remote password (SRP). The
+ * parameters of a response to an authentication challenge vary with the
+ * type of challenge.
+ *
+ * For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers. *
*@@ -2818,7 +2877,8 @@ public AdminUpdateDeviceStatusResult adminUpdateDeviceStatus( *
* Updates the specified user's attributes, including developer attributes, - * as an administrator. Works on any user. + * as an administrator. Works on any user. To delete an attribute from your + * user, submit the attribute in your API request with a blank value. *
*
* For custom attributes, you must prepend the custom: prefix
@@ -2917,16 +2977,48 @@ public AdminUpdateUserAttributesResult adminUpdateUserAttributes(
/**
*
- * Signs out a user from all devices. AdminUserGlobalSignOut
- * invalidates all identity, access and refresh tokens that Amazon Cognito
- * has issued to a user. A user can still use a hosted UI cookie to retrieve
- * new tokens for the duration of the 1-hour cookie validity period.
+ * Invalidates the identity, access, and refresh tokens that Amazon Cognito
+ * issued to a user. Call this operation with your administrative
+ * credentials when your user signs out of your app. This results in the
+ * following behavior.
+ *
+ * Amazon Cognito no longer accepts token-authorized user operations + * that you authorize with a signed-out user's access tokens. For more + * information, see Using the Amazon Cognito user pools API and user pool endpoints. + *
+ *
+ * Amazon Cognito returns an Access Token has been revoked
+ * error when your app attempts to authorize a user pools API request with a
+ * revoked access token that contains the scope
+ * aws.cognito.signin.user.admin.
+ *
+ * Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with
+ * ServerSideTokenCheck enabled for its user pool IdP
+ * configuration in CognitoIdentityProvider.
+ *
+ * Amazon Cognito no longer accepts a signed-out user's refresh tokens in + * refresh requests. *
+ *
- * Your app isn't aware that a user's access token is revoked unless it
- * attempts to authorize a user pools API request with an access token that
- * contains the scope aws.cognito.signin.user.admin. Your app
- * might otherwise accept access tokens until they expire.
+ * Other requests might be valid until your user's token expires.
*
@@ -3042,7 +3134,7 @@ public AdminUserGlobalSignOutResult adminUserGlobalSignOut( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
** Changes the password for a specified user in a user pool. *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -3108,7 +3204,7 @@ public AssociateSoftwareTokenResult associateSoftwareToken( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
** Confirms tracking of the device. This API call is the call that begins - * device tracking. + * device tracking. For more information about device authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -3178,7 +3281,7 @@ public ChangePasswordResult changePassword(ChangePasswordRequest changePasswordR * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*- * Confirms registration of a new user. + * This public API operation provides a code that Amazon Cognito sent to + * your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they + * confirm ownership of the email address or phone number that they + * provided, and their user account becomes active. Depending on your user + * pool configuration, your users will receive their confirmation code in an + * email or SMS message. + *
+ *+ * Local users who signed up in your user pool are the only type of user who + * can confirm sign-up with a code. Users who federate through an external + * identity provider (IdP) have already been confirmed by their IdP. + * Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they + * respond to their invitation email message and choose a password. They do + * not receive a confirmation code. Instead, they receive a temporary + * password. *
*@@ -3327,7 +3448,7 @@ public ConfirmForgotPasswordResult confirmForgotPassword( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*- * Creates an IdP for a user pool. + * Adds a configuration and trust relationship between a third-party + * identity provider (IdP) and a user pool. *
*@@ -4145,6 +4267,10 @@ public void deleteResourceServer(DeleteResourceServerRequest deleteResourceServe *
* Allows a user to delete their own user profile. *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -4153,7 +4279,7 @@ public void deleteResourceServer(DeleteResourceServerRequest deleteResourceServe * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
** Deletes the attributes for a user. *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -4213,7 +4343,7 @@ public void deleteUser(DeleteUserRequest deleteUserRequest) * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*- * Forgets the specified device. + * Forgets the specified device. For more information about device + * authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -4859,7 +4996,7 @@ public DescribeUserPoolDomainResult describeUserPoolDomain( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*SECRET_HASH parameter,
* this API returns NotAuthorizedException.
*
+ * + * To use this API operation, your user pool must have self-service account + * recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator. + *
** Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -4936,7 +5079,7 @@ public void forgetDevice(ForgetDeviceRequest forgetDeviceRequest) * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -5077,7 +5220,14 @@ public GetCSVHeaderResult getCSVHeader(GetCSVHeaderRequest getCSVHeaderRequest) /** *
- * Gets the device. + * Gets the device. For more information about device authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -5087,7 +5237,7 @@ public GetCSVHeaderResult getCSVHeader(GetCSVHeaderRequest getCSVHeaderRequest) * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
** Gets the user attributes and metadata for a user. *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -5431,7 +5585,7 @@ public GetUICustomizationResult getUICustomization( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -5500,7 +5658,7 @@ public GetUserResult getUser(GetUserRequest getUserRequest) * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -5645,16 +5803,51 @@ public GetUserPoolMfaConfigResult getUserPoolMfaConfig( /** *
- * Signs out a user from all devices. GlobalSignOut invalidates
- * all identity, access and refresh tokens that Amazon Cognito has issued to
- * a user. A user can still use a hosted UI cookie to retrieve new tokens
- * for the duration of the 1-hour cookie validity period.
+ * Invalidates the identity, access, and refresh tokens that Amazon Cognito
+ * issued to a user. Call this operation when your user signs out of your
+ * app. This results in the following behavior.
+ *
+ * Amazon Cognito no longer accepts token-authorized user operations + * that you authorize with a signed-out user's access tokens. For more + * information, see Using the Amazon Cognito user pools API and user pool endpoints. + *
+ *
+ * Amazon Cognito returns an Access Token has been revoked
+ * error when your app attempts to authorize a user pools API request with a
+ * revoked access token that contains the scope
+ * aws.cognito.signin.user.admin.
+ *
+ * Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with
+ * ServerSideTokenCheck enabled for its user pool IdP
+ * configuration in CognitoIdentityProvider.
+ *
+ * Amazon Cognito no longer accepts a signed-out user's refresh tokens in + * refresh requests. + *
+ *+ * Other requests might be valid until your user's token expires. *
*
- * Your app isn't aware that a user's access token is revoked unless it
- * attempts to authorize a user pools API request with an access token that
- * contains the scope aws.cognito.signin.user.admin. Your app
- * might otherwise accept access tokens until they expire.
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -5664,7 +5857,7 @@ public GetUserPoolMfaConfigResult getUserPoolMfaConfig( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -5822,7 +6015,14 @@ public InitiateAuthResult initiateAuth(InitiateAuthRequest initiateAuthRequest) /** *
* Lists the sign-in devices that Amazon Cognito has registered to the - * current user. + * current user. For more information about device authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -5832,7 +6032,7 @@ public InitiateAuthResult initiateAuth(InitiateAuthRequest initiateAuthRequest) * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -6686,7 +6886,17 @@ public ResendConfirmationCodeResult resendConfirmationCode( /** *
- * Responds to the authentication challenge.
+ * Some API operations in a user pool generate a challenge, like a prompt
+ * for an MFA code, for device authentication that bypasses MFA, or for a
+ * custom authentication challenge. A RespondToAuthChallenge
+ * API request provides the answer to that challenge, like a code or a
+ * secure remote password (SRP). The parameters of a response to an
+ * authentication challenge vary with the type of challenge.
+ *
+ * For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers. *
*@@ -6696,7 +6906,7 @@ public ResendConfirmationCodeResult resendConfirmationCode( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -6805,7 +7015,7 @@ public RespondToAuthChallengeResult respondToAuthChallenge( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -7064,7 +7278,7 @@ public SetUICustomizationResult setUICustomization( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -7215,7 +7434,7 @@ public SetUserPoolMfaConfigResult setUserPoolMfaConfig( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -7325,6 +7544,7 @@ public SetUserSettingsResult setUserSettings(SetUserSettingsRequest setUserSetti * @throws UsernameExistsException * @throws TooManyRequestsException * @throws InternalErrorException + * @throws LimitExceededException * @throws InvalidSmsRoleAccessPolicyException * @throws InvalidSmsRoleTrustRelationshipException * @throws InvalidEmailRoleAccessPolicyException @@ -7614,7 +7834,7 @@ public UntagResourceResult untagResource(UntagResourceRequest untagResourceReque * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*- * Updates the device status. + * Updates the device status. For more information about device + * authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -7680,7 +7907,7 @@ public UpdateAuthEventFeedbackResult updateAuthEventFeedback( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
- * Allows a user to update a specific attribute (one at a time).
+ * With this operation, your users can update one or more of their
+ * attributes with their own credentials. You authorize this API request
+ * with the user's access token. To delete an attribute from your user,
+ * submit the attribute in your API request with a blank value. Custom
+ * attribute values in this request must include the custom:
+ * prefix.
+ *
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
*
@@ -7995,7 +8231,7 @@ public UpdateResourceServerResult updateResourceServer( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -8441,7 +8677,7 @@ public UpdateUserPoolDomainResult updateUserPoolDomain( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
+ * Authorize this action with a signed-in user's access token. It must
+ * include the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) @@ -8521,7 +8761,7 @@ public VerifySoftwareTokenResult verifySoftwareToken( * permissions in policies. For more information about authorization models * in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
- * Adds the specified user to the specified group.
+ * Adds a user to a group. A user who is in a group can present a preferred-role
+ * claim to an identity pool, and populates a cognito:groups claim
+ * to their access and identity tokens.
*
@@ -65,7 +67,11 @@ public class AdminAddUserToGroupRequest extends AmazonWebServiceRequest implemen /** *
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -76,7 +82,7 @@ public class AdminAddUserToGroupRequest extends AmazonWebServiceRequest implemen
/**
*
- * The group name. + * The name of the group that you want to add your user to. *
*
* Constraints:
@@ -144,7 +150,11 @@ public AdminAddUserToGroupRequest withUserPoolId(String userPoolId) {
/**
*
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -152,7 +162,12 @@ public AdminAddUserToGroupRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The username for the user.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -169,7 +188,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The username for the user.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -189,7 +217,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The username for the user.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The group name. + * The name of the group that you want to add your user to. *
*
* Constraints:
@@ -209,7 +242,7 @@ public AdminAddUserToGroupRequest withUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The group name. + * The name of the group that you want to add your user to. *
*/ public String getGroupName() { @@ -218,7 +251,7 @@ public String getGroupName() { /** *- * The group name. + * The name of the group that you want to add your user to. *
*
* Constraints:
@@ -226,7 +259,7 @@ public String getGroupName() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param groupName
- * The group name. + * The name of the group that you want to add your user to. *
*/ public void setGroupName(String groupName) { @@ -235,7 +268,7 @@ public void setGroupName(String groupName) { /** *- * The group name. + * The name of the group that you want to add your user to. *
*
* Returns a reference to this object so that method calls can be chained
@@ -246,7 +279,7 @@ public void setGroupName(String groupName) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param groupName
- * The group name. + * The name of the group that you want to add your user to. *
* @return A reference to this updated object so that method calls can be * chained together. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminConfirmSignUpRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminConfirmSignUpRequest.java index abf93e9380..6a8656ac02 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminConfirmSignUpRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminConfirmSignUpRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -21,8 +21,19 @@ /** *- * Confirms user registration as an admin without using a confirmation code. - * Works on any user. + * This IAM-authenticated API operation provides a code that Amazon Cognito sent + * to your user when they signed up in your user pool. After your user enters + * their code, they confirm ownership of the email address or phone number that + * they provided, and their user account becomes active. Depending on your user + * pool configuration, your users will receive their confirmation code in an + * email or SMS message. + *
+ *+ * Local users who signed up in your user pool are the only type of user who can + * confirm sign-up with a code. Users who federate through an external identity + * provider (IdP) have already been confirmed by their IdP. + * Administrator-created users confirm their accounts when they respond to their + * invitation email message and choose a password. *
*@@ -66,7 +77,11 @@ public class AdminConfirmSignUpRequest extends AmazonWebServiceRequest implement /** *
- * The user name for which you want to confirm user registration.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -187,7 +202,11 @@ public AdminConfirmSignUpRequest withUserPoolId(String userPoolId) {
/**
*
- * The user name for which you want to confirm user registration.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -195,7 +214,12 @@ public AdminConfirmSignUpRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name for which you want to confirm user registration.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name for which you want to confirm user registration.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -212,7 +240,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name for which you want to confirm user registration.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name for which you want to confirm user registration.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -232,7 +269,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name for which you want to confirm user registration.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The username for the user. Must be unique within the user pool. Must be a - * UTF-8 string between 1 and 128 characters. After the user is created, the - * username can't be changed. + * The value that you want to set as the username sign-in attribute. The + * following conditions apply to the username parameter. *
+ *+ * The username can't be a duplicate of another username in the same user + * pool. + *
+ *+ * You can't change the value of a username after you create it. + *
+ *+ * You can only provide a value if usernames are a valid sign-in attribute + * for your user pool. If your user pool only supports phone numbers or + * email addresses as sign-in attributes, Amazon Cognito automatically + * generates a username value. For more information, see Customizing sign-in attributes. + *
+ *
* Constraints:
* Length: 1 - 128
@@ -171,20 +193,23 @@ public class AdminCreateUserRequest extends AmazonWebServiceRequest implements S
/**
*
- * The user's validation data. This is an array of name-value pairs that - * contain user attributes and attribute values that you can use for custom - * validation, such as restricting the types of user accounts that can be - * registered. For example, you might choose to allow or disallow user - * sign-up based on the user's domain. + * Temporary user attributes that contribute to the outcomes of your pre + * sign-up Lambda trigger. This set of key-value pairs are for custom + * validation of information that you collect from your users but don't need + * to retain. *
*- * To configure custom validation, you must create a Pre Sign-up Lambda - * trigger for the user pool as described in the Amazon Cognito Developer - * Guide. The Lambda trigger receives the validation data and uses it in the - * validation process. + * Your Lambda function can analyze this additional data and act on it. Your + * function might perform external API operations like logging user + * attributes and validation data to Amazon CloudWatch Logs. Validation data + * might also affect the response that your function returns to Amazon + * Cognito, like automatically confirming the user if they sign up from + * within your network. *
*- * The user's validation data isn't persisted. + * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
*/ private java.util.List- * The username for the user. Must be unique within the user pool. Must be a - * UTF-8 string between 1 and 128 characters. After the user is created, the - * username can't be changed. + * The value that you want to set as the username sign-in attribute. The + * following conditions apply to the username parameter. + *
+ *+ * The username can't be a duplicate of another username in the same user + * pool. + *
+ *+ * You can't change the value of a username after you create it. + *
+ *+ * You can only provide a value if usernames are a valid sign-in attribute + * for your user pool. If your user pool only supports phone numbers or + * email addresses as sign-in attributes, Amazon Cognito automatically + * generates a username value. For more information, see Customizing sign-in attributes. *
+ *
* Constraints:
* Length: 1 - 128
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The username for the user. Must be unique within the user pool. - * Must be a UTF-8 string between 1 and 128 characters. After the - * user is created, the username can't be changed. + * The value that you want to set as the username sign-in attribute. + * The following conditions apply to the username parameter. + *
+ *+ * The username can't be a duplicate of another username in the same + * user pool. *
+ *+ * You can't change the value of a username after you create it. + *
+ *+ * You can only provide a value if usernames are a valid sign-in + * attribute for your user pool. If your user pool only supports + * phone numbers or email addresses as sign-in attributes, Amazon + * Cognito automatically generates a username value. For more + * information, see Customizing sign-in attributes. + *
+ *- * The username for the user. Must be unique within the user pool. Must be a - * UTF-8 string between 1 and 128 characters. After the user is created, the - * username can't be changed. + * The value that you want to set as the username sign-in attribute. The + * following conditions apply to the username parameter. + *
+ *+ * The username can't be a duplicate of another username in the same user + * pool. + *
+ *+ * You can't change the value of a username after you create it. *
+ *+ * You can only provide a value if usernames are a valid sign-in attribute + * for your user pool. If your user pool only supports phone numbers or + * email addresses as sign-in attributes, Amazon Cognito automatically + * generates a username value. For more information, see Customizing sign-in attributes. + *
+ *
* Constraints:
* Length: 1 - 128
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The username for the user. Must be unique within the user - * pool. Must be a UTF-8 string between 1 and 128 characters. - * After the user is created, the username can't be changed. + * The value that you want to set as the username sign-in + * attribute. The following conditions apply to the username + * parameter. *
+ *+ * The username can't be a duplicate of another username in the + * same user pool. + *
+ *+ * You can't change the value of a username after you create it. + *
+ *+ * You can only provide a value if usernames are a valid sign-in + * attribute for your user pool. If your user pool only supports + * phone numbers or email addresses as sign-in attributes, Amazon + * Cognito automatically generates a username value. For more + * information, see Customizing sign-in attributes. + *
+ *- * The username for the user. Must be unique within the user pool. Must be a - * UTF-8 string between 1 and 128 characters. After the user is created, the - * username can't be changed. + * The value that you want to set as the username sign-in attribute. The + * following conditions apply to the username parameter. + *
+ *+ * The username can't be a duplicate of another username in the same user + * pool. *
+ *+ * You can't change the value of a username after you create it. + *
+ *+ * You can only provide a value if usernames are a valid sign-in attribute + * for your user pool. If your user pool only supports phone numbers or + * email addresses as sign-in attributes, Amazon Cognito automatically + * generates a username value. For more information, see Customizing sign-in attributes. + *
+ *
* Returns a reference to this object so that method calls can be chained
* together.
@@ -429,10 +567,34 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The username for the user. Must be unique within the user - * pool. Must be a UTF-8 string between 1 and 128 characters. - * After the user is created, the username can't be changed. + * The value that you want to set as the username sign-in + * attribute. The following conditions apply to the username + * parameter. *
+ *+ * The username can't be a duplicate of another username in the + * same user pool. + *
+ *+ * You can't change the value of a username after you create it. + *
+ *+ * You can only provide a value if usernames are a valid sign-in + * attribute for your user pool. If your user pool only supports + * phone numbers or email addresses as sign-in attributes, Amazon + * Cognito automatically generates a username value. For more + * information, see Customizing sign-in attributes. + *
+ *- * The user's validation data. This is an array of name-value pairs that - * contain user attributes and attribute values that you can use for custom - * validation, such as restricting the types of user accounts that can be - * registered. For example, you might choose to allow or disallow user - * sign-up based on the user's domain. + * Temporary user attributes that contribute to the outcomes of your pre + * sign-up Lambda trigger. This set of key-value pairs are for custom + * validation of information that you collect from your users but don't need + * to retain. *
*- * To configure custom validation, you must create a Pre Sign-up Lambda - * trigger for the user pool as described in the Amazon Cognito Developer - * Guide. The Lambda trigger receives the validation data and uses it in the - * validation process. + * Your Lambda function can analyze this additional data and act on it. Your + * function might perform external API operations like logging user + * attributes and validation data to Amazon CloudWatch Logs. Validation data + * might also affect the response that your function returns to Amazon + * Cognito, like automatically confirming the user if they sign up from + * within your network. *
*- * The user's validation data isn't persisted. + * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
* * @return- * The user's validation data. This is an array of name-value pairs - * that contain user attributes and attribute values that you can - * use for custom validation, such as restricting the types of user - * accounts that can be registered. For example, you might choose to - * allow or disallow user sign-up based on the user's domain. + * Temporary user attributes that contribute to the outcomes of your + * pre sign-up Lambda trigger. This set of key-value pairs are for + * custom validation of information that you collect from your users + * but don't need to retain. *
*- * To configure custom validation, you must create a Pre Sign-up - * Lambda trigger for the user pool as described in the Amazon - * Cognito Developer Guide. The Lambda trigger receives the - * validation data and uses it in the validation process. + * Your Lambda function can analyze this additional data and act on + * it. Your function might perform external API operations like + * logging user attributes and validation data to Amazon CloudWatch + * Logs. Validation data might also affect the response that your + * function returns to Amazon Cognito, like automatically confirming + * the user if they sign up from within your network. *
*- * The user's validation data isn't persisted. + * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
*/ public java.util.List- * The user's validation data. This is an array of name-value pairs that - * contain user attributes and attribute values that you can use for custom - * validation, such as restricting the types of user accounts that can be - * registered. For example, you might choose to allow or disallow user - * sign-up based on the user's domain. + * Temporary user attributes that contribute to the outcomes of your pre + * sign-up Lambda trigger. This set of key-value pairs are for custom + * validation of information that you collect from your users but don't need + * to retain. *
*- * To configure custom validation, you must create a Pre Sign-up Lambda - * trigger for the user pool as described in the Amazon Cognito Developer - * Guide. The Lambda trigger receives the validation data and uses it in the - * validation process. + * Your Lambda function can analyze this additional data and act on it. Your + * function might perform external API operations like logging user + * attributes and validation data to Amazon CloudWatch Logs. Validation data + * might also affect the response that your function returns to Amazon + * Cognito, like automatically confirming the user if they sign up from + * within your network. *
*- * The user's validation data isn't persisted. + * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
* * @param validationData- * The user's validation data. This is an array of name-value - * pairs that contain user attributes and attribute values that - * you can use for custom validation, such as restricting the - * types of user accounts that can be registered. For example, - * you might choose to allow or disallow user sign-up based on - * the user's domain. + * Temporary user attributes that contribute to the outcomes of + * your pre sign-up Lambda trigger. This set of key-value pairs + * are for custom validation of information that you collect from + * your users but don't need to retain. *
*- * To configure custom validation, you must create a Pre Sign-up - * Lambda trigger for the user pool as described in the Amazon - * Cognito Developer Guide. The Lambda trigger receives the - * validation data and uses it in the validation process. + * Your Lambda function can analyze this additional data and act + * on it. Your function might perform external API operations + * like logging user attributes and validation data to Amazon + * CloudWatch Logs. Validation data might also affect the + * response that your function returns to Amazon Cognito, like + * automatically confirming the user if they sign up from within + * your network. *
*- * The user's validation data isn't persisted. + * For more information about the pre sign-up Lambda trigger, see + * Pre sign-up Lambda trigger. *
*/ public void setValidationData(java.util.Collection- * The user's validation data. This is an array of name-value pairs that - * contain user attributes and attribute values that you can use for custom - * validation, such as restricting the types of user accounts that can be - * registered. For example, you might choose to allow or disallow user - * sign-up based on the user's domain. + * Temporary user attributes that contribute to the outcomes of your pre + * sign-up Lambda trigger. This set of key-value pairs are for custom + * validation of information that you collect from your users but don't need + * to retain. *
*- * To configure custom validation, you must create a Pre Sign-up Lambda - * trigger for the user pool as described in the Amazon Cognito Developer - * Guide. The Lambda trigger receives the validation data and uses it in the - * validation process. + * Your Lambda function can analyze this additional data and act on it. Your + * function might perform external API operations like logging user + * attributes and validation data to Amazon CloudWatch Logs. Validation data + * might also affect the response that your function returns to Amazon + * Cognito, like automatically confirming the user if they sign up from + * within your network. *
*- * The user's validation data isn't persisted. + * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
** Returns a reference to this object so that method calls can be chained * together. * * @param validationData
- * The user's validation data. This is an array of name-value - * pairs that contain user attributes and attribute values that - * you can use for custom validation, such as restricting the - * types of user accounts that can be registered. For example, - * you might choose to allow or disallow user sign-up based on - * the user's domain. + * Temporary user attributes that contribute to the outcomes of + * your pre sign-up Lambda trigger. This set of key-value pairs + * are for custom validation of information that you collect from + * your users but don't need to retain. *
*- * To configure custom validation, you must create a Pre Sign-up - * Lambda trigger for the user pool as described in the Amazon - * Cognito Developer Guide. The Lambda trigger receives the - * validation data and uses it in the validation process. + * Your Lambda function can analyze this additional data and act + * on it. Your function might perform external API operations + * like logging user attributes and validation data to Amazon + * CloudWatch Logs. Validation data might also affect the + * response that your function returns to Amazon Cognito, like + * automatically confirming the user if they sign up from within + * your network. *
*- * The user's validation data isn't persisted. + * For more information about the pre sign-up Lambda trigger, see + * Pre sign-up Lambda trigger. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -1021,41 +1204,48 @@ public AdminCreateUserRequest withValidationData(AttributeType... validationData /** *- * The user's validation data. This is an array of name-value pairs that - * contain user attributes and attribute values that you can use for custom - * validation, such as restricting the types of user accounts that can be - * registered. For example, you might choose to allow or disallow user - * sign-up based on the user's domain. + * Temporary user attributes that contribute to the outcomes of your pre + * sign-up Lambda trigger. This set of key-value pairs are for custom + * validation of information that you collect from your users but don't need + * to retain. *
*- * To configure custom validation, you must create a Pre Sign-up Lambda - * trigger for the user pool as described in the Amazon Cognito Developer - * Guide. The Lambda trigger receives the validation data and uses it in the - * validation process. + * Your Lambda function can analyze this additional data and act on it. Your + * function might perform external API operations like logging user + * attributes and validation data to Amazon CloudWatch Logs. Validation data + * might also affect the response that your function returns to Amazon + * Cognito, like automatically confirming the user if they sign up from + * within your network. *
*- * The user's validation data isn't persisted. + * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
** Returns a reference to this object so that method calls can be chained * together. * * @param validationData
- * The user's validation data. This is an array of name-value - * pairs that contain user attributes and attribute values that - * you can use for custom validation, such as restricting the - * types of user accounts that can be registered. For example, - * you might choose to allow or disallow user sign-up based on - * the user's domain. + * Temporary user attributes that contribute to the outcomes of + * your pre sign-up Lambda trigger. This set of key-value pairs + * are for custom validation of information that you collect from + * your users but don't need to retain. *
*- * To configure custom validation, you must create a Pre Sign-up - * Lambda trigger for the user pool as described in the Amazon - * Cognito Developer Guide. The Lambda trigger receives the - * validation data and uses it in the validation process. + * Your Lambda function can analyze this additional data and act + * on it. Your function might perform external API operations + * like logging user attributes and validation data to Amazon + * CloudWatch Logs. Validation data might also affect the + * response that your function returns to Amazon Cognito, like + * automatically confirming the user if they sign up from within + * your network. *
*- * The user's validation data isn't persisted. + * For more information about the pre sign-up Lambda trigger, see + * Pre sign-up Lambda trigger. *
* @return A reference to this updated object so that method calls can be * chained together. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminCreateUserResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminCreateUserResult.java index daa14ee34f..8306a52c89 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminCreateUserResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminCreateUserResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminDeleteUserAttributesRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminDeleteUserAttributesRequest.java index 78f5bd40bc..4cfa2ac185 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminDeleteUserAttributesRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminDeleteUserAttributesRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -68,7 +68,11 @@ public class AdminDeleteUserAttributesRequest extends AmazonWebServiceRequest im /** *
- * The user name of the user from which you would like to delete attributes.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -154,7 +158,11 @@ public AdminDeleteUserAttributesRequest withUserPoolId(String userPoolId) {
/**
*
- * The user name of the user from which you would like to delete attributes.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -162,8 +170,12 @@ public AdminDeleteUserAttributesRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name of the user from which you would like to delete
- * attributes.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name of the user from which you would like to delete attributes.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -180,8 +196,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user from which you would like to delete
- * attributes.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user from which you would like to delete attributes.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -201,8 +225,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user from which you would like to delete
- * attributes.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user you want to delete.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -136,7 +140,11 @@ public AdminDeleteUserRequest withUserPoolId(String userPoolId) {
/**
*
- * The user name of the user you want to delete.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -144,7 +152,12 @@ public AdminDeleteUserRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name of the user you want to delete.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name of the user you want to delete.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -161,7 +178,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user you want to delete.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user you want to delete.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -181,7 +207,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user you want to delete.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user you want to disable.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -138,7 +142,11 @@ public AdminDisableUserRequest withUserPoolId(String userPoolId) {
/**
*
- * The user name of the user you want to disable.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -146,7 +154,12 @@ public AdminDisableUserRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name of the user you want to disable.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name of the user you want to disable.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -163,7 +180,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user you want to disable.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user you want to disable.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -183,7 +209,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user you want to disable.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user you want to enable.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -136,7 +140,11 @@ public AdminEnableUserRequest withUserPoolId(String userPoolId) {
/**
*
- * The user name of the user you want to enable.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -144,7 +152,12 @@ public AdminEnableUserRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name of the user you want to enable.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name of the user you want to enable.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -161,7 +178,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user you want to enable.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user you want to enable.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -181,7 +207,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user you want to enable.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -144,7 +148,11 @@ public AdminForgetDeviceRequest withUserPoolId(String userPoolId) {
/**
*
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -152,7 +160,12 @@ public AdminForgetDeviceRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -169,7 +186,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -189,7 +215,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -201,7 +205,11 @@ public AdminGetDeviceRequest withUserPoolId(String userPoolId) {
/**
*
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -209,7 +217,12 @@ public AdminGetDeviceRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -226,7 +243,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -246,7 +272,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user you want to retrieve.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -141,7 +145,11 @@ public AdminGetUserRequest withUserPoolId(String userPoolId) {
/**
*
- * The user name of the user you want to retrieve.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -149,7 +157,12 @@ public AdminGetUserRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name of the user you want to retrieve.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name of the user you want to retrieve.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -166,7 +183,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user you want to retrieve.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user you want to retrieve.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -186,7 +212,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user you want to retrieve.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*/
private String userStatus;
@@ -313,15 +313,16 @@ public AdminGetUserResult withUserCreateDate(java.util.Date userCreateDate) {
/**
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param userLastModifiedDate
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*
* @return
* The user status. Can be one of the following: @@ -542,7 +545,7 @@ public String getUserStatus() { *
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*
* @param userStatus
* The user status. Can be one of the following: @@ -624,7 +627,7 @@ public void setUserStatus(String userStatus) { *
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*
* @param userStatus
* The user status. Can be one of the following: @@ -706,7 +709,7 @@ public AdminGetUserResult withUserStatus(String userStatus) { *
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*
* @param userStatus
* The user status. Can be one of the following: @@ -788,7 +791,7 @@ public void setUserStatus(UserStatusType userStatus) { *
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*
* @param userStatus
* The user status. Can be one of the following: diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminInitiateAuthRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminInitiateAuthRequest.java index 7a94c4f302..caa53221f6 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminInitiateAuthRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminInitiateAuthRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -289,11 +289,6 @@ public class AdminInitiateAuthRequest extends AmazonWebServiceRequest implements * Define auth challenge *
*- * Verify auth challenge - *
- ** For more information, see *
- * Verify auth challenge - *
- *
* For more information, see
*
- *
- * Verify auth challenge
- *
* For more information, see getClientMetadata() {
* Define auth challenge
*
- * Verify auth challenge
- *
* For more information, see getClientMetadata() {
* Define auth challenge
*
- * Verify auth challenge
- *
* For more information, see clientMetadata) {
* Define auth challenge
*
- * Verify auth challenge
- *
* For more information, see clientMetadata) {
* Define auth challenge
*
- * Verify auth challenge
- *
* For more information, see
* Define auth challenge
*
- * Verify auth challenge
- *
@@ -272,7 +272,7 @@ public class AdminInitiateAuthResult implements Serializable {
*
*
@@ -386,7 +386,7 @@ public class AdminInitiateAuthResult implements Serializable {
*
* To set up software token MFA, use the session returned here from
@@ -496,7 +496,7 @@ public String getChallengeName() {
*
*
@@ -611,7 +611,7 @@ public String getChallengeName() {
*
* To set up software token MFA, use the session returned here
@@ -721,7 +721,7 @@ public void setChallengeName(String challengeName) {
*
*
@@ -839,7 +839,7 @@ public void setChallengeName(String challengeName) {
*
* To set up software token MFA, use the session returned here
@@ -952,7 +952,7 @@ public AdminInitiateAuthResult withChallengeName(String challengeName) {
*
*
@@ -1067,7 +1067,7 @@ public AdminInitiateAuthResult withChallengeName(String challengeName) {
*
* To set up software token MFA, use the session returned here
@@ -1177,7 +1177,7 @@ public void setChallengeName(ChallengeNameType challengeName) {
*
*
@@ -1295,7 +1295,7 @@ public void setChallengeName(ChallengeNameType challengeName) {
*
* To set up software token MFA, use the session returned here
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminLinkProviderForUserRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminLinkProviderForUserRequest.java
index f27da334a9..e4537b14b1 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminLinkProviderForUserRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminLinkProviderForUserRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminLinkProviderForUserResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminLinkProviderForUserResult.java
index 47398ffe6a..59237ca2fc 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminLinkProviderForUserResult.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminLinkProviderForUserResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListDevicesRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListDevicesRequest.java
index fb5931f1df..dbdfbf012c 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListDevicesRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListDevicesRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -65,7 +65,11 @@ public class AdminListDevicesRequest extends AmazonWebServiceRequest implements
/**
*
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The pagination token.
+ * This API operation returns a limited number of results. The pagination
+ * token is an identifier that you can present in an additional API request
+ * with the same parameters. When you include the pagination token, Amazon
+ * Cognito returns the next set of items after the current list. Subsequent
+ * requests return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
* Constraints:
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -199,7 +230,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The pagination token.
+ * This API operation returns a limited number of results. The pagination
+ * token is an identifier that you can present in an additional API request
+ * with the same parameters. When you include the pagination token, Amazon
+ * Cognito returns the next set of items after the current list. Subsequent
+ * requests return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
* Constraints:
- * The pagination token.
+ * This API operation returns a limited number of results. The
+ * pagination token is an identifier that you can present in an
+ * additional API request with the same parameters. When you include
+ * the pagination token, Amazon Cognito returns the next set of
+ * items after the current list. Subsequent requests return a new
+ * pagination token. By use of this token, you can paginate through
+ * the full list of items.
*
- * The pagination token.
+ * This API operation returns a limited number of results. The pagination
+ * token is an identifier that you can present in an additional API request
+ * with the same parameters. When you include the pagination token, Amazon
+ * Cognito returns the next set of items after the current list. Subsequent
+ * requests return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
* Constraints:
- * The pagination token.
+ * This API operation returns a limited number of results. The
+ * pagination token is an identifier that you can present in an
+ * additional API request with the same parameters. When you
+ * include the pagination token, Amazon Cognito returns the next
+ * set of items after the current list. Subsequent requests
+ * return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
- * The pagination token.
+ * This API operation returns a limited number of results. The pagination
+ * token is an identifier that you can present in an additional API request
+ * with the same parameters. When you include the pagination token, Amazon
+ * Cognito returns the next set of items after the current list. Subsequent
+ * requests return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
* Returns a reference to this object so that method calls can be chained
@@ -310,7 +373,13 @@ public void setPaginationToken(String paginationToken) {
* Pattern: [\S]+
- * The pagination token.
+ * This API operation returns a limited number of results. The
+ * pagination token is an identifier that you can present in an
+ * additional API request with the same parameters. When you
+ * include the pagination token, Amazon Cognito returns the next
+ * set of items after the current list. Subsequent requests
+ * return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
- * The pagination token.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Constraints:
- * The pagination token.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Constraints:
- * The pagination token.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token in
+ * your request, Amazon Cognito returns the next set of items in the
+ * list. By use of this token, you can paginate through the full
+ * list of items.
*
- * The pagination token.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Constraints:
- * The pagination token.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token
+ * in your request, Amazon Cognito returns the next set of items
+ * in the list. By use of this token, you can paginate through
+ * the full list of items.
*
- * The pagination token.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Returns a reference to this object so that method calls can be chained
@@ -162,7 +182,11 @@ public void setPaginationToken(String paginationToken) {
* Pattern: [\S]+
- * The pagination token.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token
+ * in your request, Amazon Cognito returns the next set of items
+ * in the list. By use of this token, you can paginate through
+ * the full list of items.
*
- * Lists the groups that the user belongs to.
+ * Lists the groups that a user belongs to.
*
@@ -54,7 +54,11 @@
public class AdminListGroupsForUserRequest extends AmazonWebServiceRequest implements Serializable {
/**
*
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
* Constraints:
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The username for the user.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The username for the user.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -143,7 +169,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The username for the user.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
* Constraints:
@@ -291,7 +322,7 @@ public String getNextToken() {
*
* Constraints:
@@ -314,7 +345,7 @@ public void setNextToken(String nextToken) {
* together.
*
* Constraints:
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListGroupsForUserResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListGroupsForUserResult.java
index cde9a4bafe..a46689948c 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListGroupsForUserResult.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListGroupsForUserResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -32,7 +32,7 @@ public class AdminListGroupsForUserResult implements Serializable {
*
* Constraints:
* Constraints:
@@ -138,7 +138,7 @@ public String getNextToken() {
*
* Constraints:
@@ -161,7 +161,7 @@ public void setNextToken(String nextToken) {
* together.
*
* Constraints:
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListUserAuthEventsRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListUserAuthEventsRequest.java
index 74e3632fbd..82f4d195e1 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListUserAuthEventsRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListUserAuthEventsRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -66,7 +66,11 @@ public class AdminListUserAuthEventsRequest extends AmazonWebServiceRequest impl
/**
*
- * The user pool username or an alias.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
* Constraints:
- * The user pool username or an alias.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user pool username or an alias.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The user pool username or an alias.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user pool username or an alias.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user pool username or an alias.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -202,7 +228,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The user pool username or an alias.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
* Constraints:
@@ -301,7 +332,7 @@ public String getNextToken() {
*
* Constraints:
@@ -321,7 +352,7 @@ public void setNextToken(String nextToken) {
* together.
*
* Constraints:
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListUserAuthEventsResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListUserAuthEventsResult.java
index c781795284..97e441bb93 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListUserAuthEventsResult.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminListUserAuthEventsResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -33,7 +33,7 @@ public class AdminListUserAuthEventsResult implements Serializable {
*
* Constraints:
* Constraints:
@@ -152,7 +152,7 @@ public String getNextToken() {
*
* Constraints:
@@ -172,7 +172,7 @@ public void setNextToken(String nextToken) {
* together.
*
* Constraints:
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminRemoveUserFromGroupRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminRemoveUserFromGroupRequest.java
index edda6ede13..6afdbfaf72 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminRemoveUserFromGroupRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/AdminRemoveUserFromGroupRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -66,7 +66,11 @@ public class AdminRemoveUserFromGroupRequest extends AmazonWebServiceRequest imp
/**
*
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The username for the user.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The username for the user.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The username for the user.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -190,7 +216,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The username for the user.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * MFA_SETUP: For users who are required to set up an MFA
* factor before they can sign in. The MFA types activated for the user pool
- * will be listed in the challenge parameters MFA_CAN_SETUP
+ * will be listed in the challenge parameters MFAS_CAN_SETUP
* value.
* MFA_SETUP: For users who are required to set up an
* MFA factor before they can sign in. The MFA types activated for
* the user pool will be listed in the challenge parameters
- * MFA_CAN_SETUP value.
+ * MFAS_CAN_SETUP value.
* MFA_SETUP: For users who are required to set up an MFA
* factor before they can sign in. The MFA types activated for the user pool
- * will be listed in the challenge parameters MFA_CAN_SETUP
+ * will be listed in the challenge parameters MFAS_CAN_SETUP
* value.
* MFA_SETUP: For users who are required to set up
* an MFA factor before they can sign in. The MFA types activated
* for the user pool will be listed in the challenge parameters
- * MFA_CAN_SETUP value.
+ * MFAS_CAN_SETUP value.
* MFA_SETUP: For users who are required to set up an MFA
* factor before they can sign in. The MFA types activated for the user pool
- * will be listed in the challenge parameters MFA_CAN_SETUP
+ * will be listed in the challenge parameters MFAS_CAN_SETUP
* value.
* MFA_SETUP: For users who are required to set up
* an MFA factor before they can sign in. The MFA types activated
* for the user pool will be listed in the challenge parameters
- * MFA_CAN_SETUP value.
+ * MFAS_CAN_SETUP value.
* MFA_SETUP: For users who are required to set up an MFA
* factor before they can sign in. The MFA types activated for the user pool
- * will be listed in the challenge parameters MFA_CAN_SETUP
+ * will be listed in the challenge parameters MFAS_CAN_SETUP
* value.
* MFA_SETUP: For users who are required to set up
* an MFA factor before they can sign in. The MFA types activated
* for the user pool will be listed in the challenge parameters
- * MFA_CAN_SETUP value.
+ * MFAS_CAN_SETUP value.
* MFA_SETUP: For users who are required to set up an MFA
* factor before they can sign in. The MFA types activated for the user pool
- * will be listed in the challenge parameters MFA_CAN_SETUP
+ * will be listed in the challenge parameters MFAS_CAN_SETUP
* value.
* MFA_SETUP: For users who are required to set up
* an MFA factor before they can sign in. The MFA types activated
* for the user pool will be listed in the challenge parameters
- * MFA_CAN_SETUP value.
+ * MFAS_CAN_SETUP value.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -86,7 +90,12 @@ public class AdminListDevicesRequest extends AmazonWebServiceRequest implements
/**
*
@@ -154,7 +163,11 @@ public AdminListDevicesRequest withUserPoolId(String userPoolId) {
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -162,7 +175,12 @@ public AdminListDevicesRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -179,7 +201,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
@@ -273,7 +314,13 @@ public AdminListDevicesRequest withLimit(Integer limit) {
* Pattern: [\S]+
*
* @return
@@ -290,7 +342,13 @@ public String getPaginationToken() {
* Pattern: [\S]+
*
* @param paginationToken
*
* @param paginationToken
@@ -117,7 +120,10 @@ public AdminListDevicesResult withDevices(java.util.Collection
@@ -125,7 +131,11 @@ public AdminListDevicesResult withDevices(java.util.Collection
*
* @return
@@ -142,7 +155,11 @@ public String getPaginationToken() {
* Pattern: [\S]+
*
* @param paginationToken
*
* @param paginationToken username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -91,14 +95,18 @@ public class AdminListGroupsForUserRequest extends AmazonWebServiceRequest imple
*
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*/
private String nextToken;
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -106,7 +114,12 @@ public class AdminListGroupsForUserRequest extends AmazonWebServiceRequest imple
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -123,7 +140,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @return
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*/
private String nextToken;
@@ -118,7 +118,7 @@ public AdminListGroupsForUserResult withGroups(java.util.Collection
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @return
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -93,7 +97,7 @@ public class AdminListUserAuthEventsRequest extends AmazonWebServiceRequest impl
*
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*/
private String nextToken;
@@ -157,7 +161,11 @@ public AdminListUserAuthEventsRequest withUserPoolId(String userPoolId) {
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -165,7 +173,12 @@ public AdminListUserAuthEventsRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -182,7 +199,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @return
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*/
private String nextToken;
@@ -135,7 +135,7 @@ public AdminListUserAuthEventsResult withAuthEvents(
*
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @return
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -145,7 +149,11 @@ public AdminRemoveUserFromGroupRequest withUserPoolId(String userPoolId) {
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -153,7 +161,12 @@ public AdminRemoveUserFromGroupRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -170,7 +187,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
+ * To use this API operation, your user pool must have self-service account + * recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator. + *
** This action might generate an SMS text message. Starting June 1, 2021, US @@ -101,7 +107,11 @@ public class AdminResetUserPasswordRequest extends AmazonWebServiceRequest imple /** *
- * The user name of the user whose password you want to reset.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -228,7 +238,11 @@ public AdminResetUserPasswordRequest withUserPoolId(String userPoolId) {
/**
*
- * The user name of the user whose password you want to reset.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -236,7 +250,12 @@ public AdminResetUserPasswordRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name of the user whose password you want to reset.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name of the user whose password you want to reset.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -253,7 +276,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user whose password you want to reset.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user whose password you want to reset.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -273,7 +305,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user whose password you want to reset.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * Responds to an authentication challenge, as an administrator.
+ * Some API operations in a user pool generate a challenge, like a prompt for an
+ * MFA code, for device authentication that bypasses MFA, or for a custom
+ * authentication challenge. An AdminRespondToAuthChallenge API
+ * request provides the answer to that challenge, like a code or a secure remote
+ * password (SRP). The parameters of a response to an authentication challenge
+ * vary with the type of challenge.
+ *
+ * For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers. *
*@@ -114,45 +124,51 @@ public class AdminRespondToAuthChallengeRequest extends AmazonWebServiceRequest /** *
- * The challenge responses. These are inputs corresponding to the value of
- * ChallengeName, for example:
+ * The responses to the challenge that you received in the previous request.
+ * Each challenge has its own required response parameters. The following
+ * examples are partial JSON request bodies that highlight
+ * challenge-response parameters.
*
- * SMS_MFA: SMS_MFA_CODE, USERNAME,
- * SECRET_HASH (if app client is configured with client
- * secret).
+ * You must provide a SECRET_HASH parameter in all challenge responses to an
+ * app client that has a client secret.
*
- * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
*
- * PASSWORD_VERIFIER requires DEVICE_KEY when
- * signing in with a remembered device.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * ADMIN_NO_SRP_AUTH: PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
+ *
+ * "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
*
- * NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret). To set any required attributes that
- * Amazon Cognito returned as requiredAttributes in the
- * AdminInitiateAuth response, add a
- * userAttributes.attributename parameter. This
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
+ *
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
+ *
+ * To set any required attributes that InitiateAuth returned in
+ * an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]". This
* parameter can also set values for writable attributes that aren't
* required by your user pool.
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't
* modify a required attribute that already has a value. In
- * AdminRespondToAuthChallenge, set a value for any keys that
- * Amazon Cognito returned in the requiredAttributes parameter,
- * then use the AdminUpdateUserAttributes API operation to
- * modify the value of any additional attributes.
+ * RespondToAuthChallenge, set a value for any keys that Amazon
+ * Cognito returned in the requiredAttributes parameter, then
+ * use the UpdateUserAttributes API operation to modify the
+ * value of any additional attributes.
*
- * MFA_SETUP requires USERNAME, plus you must use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
*
+ * "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
+ *
- * The value of the USERNAME attribute must be the user's
- * actual username, not an alias (such as an email address or phone number).
- * To make this simpler, the AdminInitiateAuth response
- * includes the actual username value in the
- * USERNAMEUSER_ID_FOR_SRP attribute. This happens even if you
- * specified an alias in your call to AdminInitiateAuth.
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
+ *
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
+ *
* For more information about SECRET_HASH, see
- * The challenge responses. These are inputs corresponding to the value of
- * ChallengeName, for example:
+ * The responses to the challenge that you received in the previous request.
+ * Each challenge has its own required response parameters. The following
+ * examples are partial JSON request bodies that highlight
+ * challenge-response parameters.
*
- * SMS_MFA: SMS_MFA_CODE, USERNAME,
- * SECRET_HASH (if app client is configured with client
- * secret).
+ * You must provide a SECRET_HASH parameter in all challenge responses to an
+ * app client that has a client secret.
*
- * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
*
- * PASSWORD_VERIFIER requires DEVICE_KEY when
- * signing in with a remembered device.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * ADMIN_NO_SRP_AUTH: PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
*
- * NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret). To set any required attributes that
- * Amazon Cognito returned as requiredAttributes in the
- * AdminInitiateAuth response, add a
- * userAttributes.attributename parameter. This
+ * "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
+ *
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
+ *
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
+ *
+ * To set any required attributes that InitiateAuth returned in
+ * an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]". This
* parameter can also set values for writable attributes that aren't
* required by your user pool.
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't
* modify a required attribute that already has a value. In
- * AdminRespondToAuthChallenge, set a value for any keys that
- * Amazon Cognito returned in the requiredAttributes parameter,
- * then use the AdminUpdateUserAttributes API operation to
- * modify the value of any additional attributes.
+ * RespondToAuthChallenge, set a value for any keys that Amazon
+ * Cognito returned in the requiredAttributes parameter, then
+ * use the UpdateUserAttributes API operation to modify the
+ * value of any additional attributes.
*
- * MFA_SETUP requires USERNAME, plus you must use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
*
- * The value of the USERNAME attribute must be the user's
- * actual username, not an alias (such as an email address or phone number).
- * To make this simpler, the AdminInitiateAuth response
- * includes the actual username value in the
- * USERNAMEUSER_ID_FOR_SRP attribute. This happens even if you
- * specified an alias in your call to AdminInitiateAuth.
+ * "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
*
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
+ *
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
+ *
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
+ *
* For more information about
- * The challenge responses. These are inputs corresponding to the
- * value of
- *
- *
- *
- *
- *
+ * Add
+ *
+ * To set any required attributes that
* In a
- *
+ *
+ *
+ *
- * The value of the
* For more information about
- * The challenge responses. These are inputs corresponding to the value of
- *
- *
- *
- *
- *
- *
+ * Add
+ *
+ * To set any required attributes that
* In a
- *
+ *
+ *
+ *
- * The value of the
* For more information about
- * The challenge responses. These are inputs corresponding to the
- * value of
- *
- *
- *
- *
+ *
+ * Add
+ *
- *
* In a
- *
+ *
+ *
+ *
- * The value of the
* For more information about
- * The challenge responses. These are inputs corresponding to the value of
- *
- *
- *
- *
- *
+ *
+ * Add
- *
+ * To set any required attributes that
* In a
- *
+ *
+ *
+ *
- * The value of the
* For more information about
- * The challenge responses. These are inputs corresponding to the
- * value of
- *
- *
- *
- *
+ *
+ * Add
- *
+ * To set any required attributes that
* In a
- *
+ *
+ *
+ *
- * The value of the
* For more information about
- *
- *
- *
- *
+ *
+ * Add
- *
+ * To set any required attributes that
* In a
- *
+ *
+ *
+ *
- * The value of the
* For more information about
* Constraints:
- * The user pool username or alias.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user pool username or alias.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The user pool username or alias.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user pool username or alias.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user pool username or alias.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -232,7 +258,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The user pool username or alias.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user name of the user whose password you want to set.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user whose password you want to set.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user whose password you want to set.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The user name of the user whose password you want to set.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user whose password you want to set.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user name of the user whose password you want to set.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -232,7 +258,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The user name of the user whose password you want to set.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user name of the user whose options you're setting.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user whose options you're setting.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user whose options you're setting.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The user name of the user whose options you're setting.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user whose options you're setting.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user name of the user whose options you're setting.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -197,7 +223,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The user name of the user whose options you're setting.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user pool username.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user pool username.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user pool username.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The user pool username.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user pool username.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user pool username.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -208,7 +234,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The user pool username.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -199,7 +225,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
* Updates the specified user's attributes, including developer attributes, as
- * an administrator. Works on any user.
+ * an administrator. Works on any user. To delete an attribute from your user,
+ * submit the attribute in your API request with a blank value.
*
* For custom attributes, you must prepend the
- * The user name of the user for whom you want to update user attributes.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user for whom you want to update user attributes.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user for whom you want to update user
- * attributes.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The user name of the user for whom you want to update user attributes.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user for whom you want to update user
- * attributes.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user name of the user for whom you want to update user attributes.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -304,8 +329,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The user name of the user for whom you want to update user
- * attributes.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * Signs out a user from all devices.
+ * Amazon Cognito no longer accepts token-authorized user operations that
+ * you authorize with a signed-out user's access tokens. For more information,
+ * see Using the Amazon Cognito user pools API and user pool endpoints.
+ *
+ * Amazon Cognito returns an
+ * Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with
+ *
+ * Amazon Cognito no longer accepts a signed-out user's refresh tokens in
+ * refresh requests.
+ *
- * Your app isn't aware that a user's access token is revoked unless it attempts
- * to authorize a user pools API request with an access token that contains the
- * scope
@@ -74,7 +104,11 @@ public class AdminUserGlobalSignOutRequest extends AmazonWebServiceRequest imple
/**
*
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user name.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -187,7 +243,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The user name.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param creationDate
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
* Changes the password for a specified user in a user pool.
*
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
@@ -31,7 +35,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints
+ * To send logs to log groups with a resource policy of a size greater than
+ * 5120 characters, configure a log group with a path that starts with
+ *
* Constraints:
+ * To send logs to log groups with a resource policy of a size greater than
+ * 5120 characters, configure a log group with a path that starts with
+ *
* Constraints:
+ * To send logs to log groups with a resource policy of a size
+ * greater than 5120 characters, configure a log group with a path
+ * that starts with SECRET_HASH, see
*
* @return ChallengeName, for example:
+ * The responses to the challenge that you received in the previous
+ * request. Each challenge has its own required response parameters.
+ * The following examples are partial JSON request bodies that
+ * highlight challenge-response parameters.
*
- *
+ *
+ * SMS_MFA: SMS_MFA_CODE,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * You must provide a SECRET_HASH parameter in all challenge
+ * responses to an app client that has a client secret.
*
+ *
PASSWORD_VERIFIER:
- * PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
* PASSWORD_VERIFIER requires DEVICE_KEY
- * when signing in with a remembered device.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
* ADMIN_NO_SRP_AUTH: PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * Add "DEVICE_KEY" when you sign in with a remembered
+ * device.
* NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret). To set any required attributes
- * that Amazon Cognito returned as requiredAttributes
- * in the AdminInitiateAuth response, add a
- * userAttributes.attributename parameter. This
- * parameter can also set values for writable attributes that aren't
- * required by your user pool.
+ * "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
+ * "DEVICE_KEY" when you sign in with a remembered
+ * device.
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
+ * InitiateAuth
+ * returned in an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]"
+ * . This parameter can also set values for writable attributes that
+ * aren't required by your user pool.
* NEW_PASSWORD_REQUIRED challenge response, you
* can't modify a required attribute that already has a value. In
- * AdminRespondToAuthChallenge, set a value for any
- * keys that Amazon Cognito returned in the
+ * RespondToAuthChallenge, set a value for any keys
+ * that Amazon Cognito returned in the
* requiredAttributes parameter, then use the
- * AdminUpdateUserAttributes API operation to modify
- * the value of any additional attributes.
+ * UpdateUserAttributes API operation to modify the
+ * value of any additional attributes.
* MFA_SETUP requires USERNAME, plus you
- * must use the session value returned by
- * VerifySoftwareToken in the Session
- * parameter.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
* "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
+ * USERNAME attribute must be the
- * user's actual username, not an alias (such as an email address or
- * phone number). To make this simpler, the
- * AdminInitiateAuth response includes the actual
- * username value in the USERNAMEUSER_ID_FOR_SRP
- * attribute. This happens even if you specified an alias in your
- * call to AdminInitiateAuth.
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
* SECRET_HASH, see getChallengeResponses() {
/**
* ChallengeName, for example:
+ * The responses to the challenge that you received in the previous request.
+ * Each challenge has its own required response parameters. The following
+ * examples are partial JSON request bodies that highlight
+ * challenge-response parameters.
*
- *
+ *
+ * SMS_MFA: SMS_MFA_CODE, USERNAME,
- * SECRET_HASH (if app client is configured with client
- * secret).
+ * You must provide a SECRET_HASH parameter in all challenge responses to an
+ * app client that has a client secret.
*
+ *
PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
* PASSWORD_VERIFIER requires DEVICE_KEY when
- * signing in with a remembered device.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
* ADMIN_NO_SRP_AUTH: PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
* NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret). To set any required attributes that
- * Amazon Cognito returned as requiredAttributes in the
- * AdminInitiateAuth response, add a
- * userAttributes.attributename parameter. This
+ * "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
+ * "DEVICE_KEY" when you sign in with a remembered device.
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
+ * InitiateAuth returned in
+ * an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]". This
* parameter can also set values for writable attributes that aren't
* required by your user pool.
* NEW_PASSWORD_REQUIRED challenge response, you can't
* modify a required attribute that already has a value. In
- * AdminRespondToAuthChallenge, set a value for any keys that
- * Amazon Cognito returned in the requiredAttributes parameter,
- * then use the AdminUpdateUserAttributes API operation to
- * modify the value of any additional attributes.
+ * RespondToAuthChallenge, set a value for any keys that Amazon
+ * Cognito returned in the requiredAttributes parameter, then
+ * use the UpdateUserAttributes API operation to modify the
+ * value of any additional attributes.
* MFA_SETUP requires USERNAME, plus you must use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
* "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
+ * USERNAME attribute must be the user's
- * actual username, not an alias (such as an email address or phone number).
- * To make this simpler, the AdminInitiateAuth response
- * includes the actual username value in the
- * USERNAMEUSER_ID_FOR_SRP attribute. This happens even if you
- * specified an alias in your call to AdminInitiateAuth.
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
* SECRET_HASH, see getChallengeResponses() {
* ChallengeName, for example:
+ * The responses to the challenge that you received in the
+ * previous request. Each challenge has its own required response
+ * parameters. The following examples are partial JSON request
+ * bodies that highlight challenge-response parameters.
*
- *
+ *
+ * SMS_MFA: SMS_MFA_CODE,
- * USERNAME, SECRET_HASH (if app client
- * is configured with client secret).
+ * You must provide a SECRET_HASH parameter in all challenge
+ * responses to an app client that has a client secret.
*
+ *
PASSWORD_VERIFIER:
- * PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK,
- * TIMESTAMP, USERNAME,
- * SECRET_HASH (if app client is configured with
- * client secret).
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
* PASSWORD_VERIFIER requires
- * DEVICE_KEY when signing in with a remembered
- * device.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
* ADMIN_NO_SRP_AUTH: PASSWORD,
- * USERNAME, SECRET_HASH (if app client
- * is configured with client secret).
+ * Add "DEVICE_KEY" when you sign in with a
+ * remembered device.
+ * "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
+ * "DEVICE_KEY" when you sign in with a
+ * remembered device.
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
* NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client
- * is configured with client secret). To set any required
- * attributes that Amazon Cognito returned as
- * requiredAttributes in the
- * AdminInitiateAuth response, add a
- * userAttributes.attributename parameter.
- * This parameter can also set values for writable attributes
+ * To set any required attributes that InitiateAuth
+ * returned in an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]"
+ * . This parameter can also set values for writable attributes
* that aren't required by your user pool.
* NEW_PASSWORD_REQUIRED challenge response,
* you can't modify a required attribute that already has a
- * value. In AdminRespondToAuthChallenge, set a
- * value for any keys that Amazon Cognito returned in the
+ * value. In RespondToAuthChallenge, set a value for
+ * any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the
- * AdminUpdateUserAttributes API operation to modify
- * the value of any additional attributes.
+ * UpdateUserAttributes API operation to modify the
+ * value of any additional attributes.
* MFA_SETUP requires USERNAME, plus
- * you must use the session value returned by
- * VerifySoftwareToken in the Session
- * parameter.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
* "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
+ * USERNAME attribute must be the
- * user's actual username, not an alias (such as an email address
- * or phone number). To make this simpler, the
- * AdminInitiateAuth response includes the actual
- * username value in the USERNAMEUSER_ID_FOR_SRP
- * attribute. This happens even if you specified an alias in your
- * call to AdminInitiateAuth.
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
* SECRET_HASH, see challengeRespons
/**
* ChallengeName, for example:
+ * The responses to the challenge that you received in the previous request.
+ * Each challenge has its own required response parameters. The following
+ * examples are partial JSON request bodies that highlight
+ * challenge-response parameters.
*
- *
+ *
+ * SMS_MFA: SMS_MFA_CODE, USERNAME,
- * SECRET_HASH (if app client is configured with client
- * secret).
+ * You must provide a SECRET_HASH parameter in all challenge responses to an
+ * app client that has a client secret.
*
+ *
PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
* PASSWORD_VERIFIER requires DEVICE_KEY when
- * signing in with a remembered device.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
* ADMIN_NO_SRP_AUTH: PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
* "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
+ * "DEVICE_KEY" when you sign in with a remembered device.
+ * NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret). To set any required attributes that
- * Amazon Cognito returned as requiredAttributes in the
- * AdminInitiateAuth response, add a
- * userAttributes.attributename parameter. This
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
+ * InitiateAuth returned in
+ * an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]". This
* parameter can also set values for writable attributes that aren't
* required by your user pool.
* NEW_PASSWORD_REQUIRED challenge response, you can't
* modify a required attribute that already has a value. In
- * AdminRespondToAuthChallenge, set a value for any keys that
- * Amazon Cognito returned in the requiredAttributes parameter,
- * then use the AdminUpdateUserAttributes API operation to
- * modify the value of any additional attributes.
+ * RespondToAuthChallenge, set a value for any keys that Amazon
+ * Cognito returned in the requiredAttributes parameter, then
+ * use the UpdateUserAttributes API operation to modify the
+ * value of any additional attributes.
* MFA_SETUP requires USERNAME, plus you must use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
* "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
+ * USERNAME attribute must be the user's
- * actual username, not an alias (such as an email address or phone number).
- * To make this simpler, the AdminInitiateAuth response
- * includes the actual username value in the
- * USERNAMEUSER_ID_FOR_SRP attribute. This happens even if you
- * specified an alias in your call to AdminInitiateAuth.
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
* SECRET_HASH, see challengeRespons
* together.
*
* @param challengeResponses ChallengeName, for example:
+ * The responses to the challenge that you received in the
+ * previous request. Each challenge has its own required response
+ * parameters. The following examples are partial JSON request
+ * bodies that highlight challenge-response parameters.
*
- *
+ *
+ * SMS_MFA: SMS_MFA_CODE,
- * USERNAME, SECRET_HASH (if app client
- * is configured with client secret).
+ * You must provide a SECRET_HASH parameter in all challenge
+ * responses to an app client that has a client secret.
*
+ *
PASSWORD_VERIFIER:
- * PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK,
- * TIMESTAMP, USERNAME,
- * SECRET_HASH (if app client is configured with
- * client secret).
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
* PASSWORD_VERIFIER requires
- * DEVICE_KEY when signing in with a remembered
- * device.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
* ADMIN_NO_SRP_AUTH: PASSWORD,
- * USERNAME, SECRET_HASH (if app client
- * is configured with client secret).
+ * Add "DEVICE_KEY" when you sign in with a
+ * remembered device.
* "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
+ * "DEVICE_KEY" when you sign in with a
+ * remembered device.
+ * NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client
- * is configured with client secret). To set any required
- * attributes that Amazon Cognito returned as
- * requiredAttributes in the
- * AdminInitiateAuth response, add a
- * userAttributes.attributename parameter.
- * This parameter can also set values for writable attributes
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
+ * InitiateAuth
+ * returned in an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]"
+ * . This parameter can also set values for writable attributes
* that aren't required by your user pool.
* NEW_PASSWORD_REQUIRED challenge response,
* you can't modify a required attribute that already has a
- * value. In AdminRespondToAuthChallenge, set a
- * value for any keys that Amazon Cognito returned in the
+ * value. In RespondToAuthChallenge, set a value for
+ * any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the
- * AdminUpdateUserAttributes API operation to modify
- * the value of any additional attributes.
+ * UpdateUserAttributes API operation to modify the
+ * value of any additional attributes.
* MFA_SETUP requires USERNAME, plus
- * you must use the session value returned by
- * VerifySoftwareToken in the Session
- * parameter.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
* "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
+ * USERNAME attribute must be the
- * user's actual username, not an alias (such as an email address
- * or phone number). To make this simpler, the
- * AdminInitiateAuth response includes the actual
- * username value in the USERNAMEUSER_ID_FOR_SRP
- * attribute. This happens even if you specified an alias in your
- * call to AdminInitiateAuth.
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
* SECRET_HASH, see
- * The challenge responses. These are inputs corresponding to the value of
- * ChallengeName, for example:
+ * The responses to the challenge that you received in the previous request.
+ * Each challenge has its own required response parameters. The following
+ * examples are partial JSON request bodies that highlight
+ * challenge-response parameters.
*
- *
+ *
+ * SMS_MFA: SMS_MFA_CODE, USERNAME,
- * SECRET_HASH (if app client is configured with client
- * secret).
+ * You must provide a SECRET_HASH parameter in all challenge responses to an
+ * app client that has a client secret.
*
+ *
PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
* PASSWORD_VERIFIER requires DEVICE_KEY when
- * signing in with a remembered device.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
* ADMIN_NO_SRP_AUTH: PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret).
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
* "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
+ * "DEVICE_KEY" when you sign in with a remembered device.
+ * NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret). To set any required attributes that
- * Amazon Cognito returned as requiredAttributes in the
- * AdminInitiateAuth response, add a
- * userAttributes.attributename parameter. This
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
+ * InitiateAuth returned in
+ * an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]". This
* parameter can also set values for writable attributes that aren't
* required by your user pool.
* NEW_PASSWORD_REQUIRED challenge response, you can't
* modify a required attribute that already has a value. In
- * AdminRespondToAuthChallenge, set a value for any keys that
- * Amazon Cognito returned in the requiredAttributes parameter,
- * then use the AdminUpdateUserAttributes API operation to
- * modify the value of any additional attributes.
+ * RespondToAuthChallenge, set a value for any keys that Amazon
+ * Cognito returned in the requiredAttributes parameter, then
+ * use the UpdateUserAttributes API operation to modify the
+ * value of any additional attributes.
* MFA_SETUP requires USERNAME, plus you must use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
* "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
+ * USERNAME attribute must be the user's
- * actual username, not an alias (such as an email address or phone number).
- * To make this simpler, the AdminInitiateAuth response
- * includes the actual username value in the
- * USERNAMEUSER_ID_FOR_SRP attribute. This happens even if you
- * specified an alias in your call to AdminInitiateAuth.
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
* SECRET_HASH, see
- * The user pool username or alias.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -187,7 +191,11 @@ public AdminSetUserMFAPreferenceRequest withSoftwareTokenMfaSettings(
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -195,7 +203,12 @@ public AdminSetUserMFAPreferenceRequest withSoftwareTokenMfaSettings(
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -212,7 +229,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -187,7 +191,11 @@ public AdminSetUserPasswordRequest withUserPoolId(String userPoolId) {
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -195,7 +203,12 @@ public AdminSetUserPasswordRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -212,7 +229,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -152,7 +156,11 @@ public AdminSetUserSettingsRequest withUserPoolId(String userPoolId) {
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -160,7 +168,12 @@ public AdminSetUserSettingsRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -177,7 +194,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -163,7 +167,11 @@ public AdminUpdateAuthEventFeedbackRequest withUserPoolId(String userPoolId) {
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -171,7 +179,12 @@ public AdminUpdateAuthEventFeedbackRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -188,7 +205,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -154,7 +158,11 @@ public AdminUpdateDeviceStatusRequest withUserPoolId(String userPoolId) {
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -162,7 +170,12 @@ public AdminUpdateDeviceStatusRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -179,7 +196,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* custom: prefix to
@@ -100,7 +101,11 @@ public class AdminUpdateUserAttributesRequest extends AmazonWebServiceRequest im
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -257,7 +262,11 @@ public AdminUpdateUserAttributesRequest withUserPoolId(String userPoolId) {
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -265,8 +274,12 @@ public AdminUpdateUserAttributesRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -283,8 +300,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* AdminUserGlobalSignOut
- * invalidates all identity, access and refresh tokens that Amazon Cognito has
- * issued to a user. A user can still use a hosted UI cookie to retrieve new
- * tokens for the duration of the 1-hour cookie validity period.
+ * Invalidates the identity, access, and refresh tokens that Amazon Cognito
+ * issued to a user. Call this operation with your administrative credentials
+ * when your user signs out of your app. This results in the following behavior.
*
+ *
* Access Token has been revoked error
+ * when your app attempts to authorize a user pools API request with a revoked
+ * access token that contains the scope
+ * aws.cognito.signin.user.admin.
+ * ServerSideTokenCheck enabled for its user pool IdP configuration
+ * in CognitoIdentityProvider.
+ * aws.cognito.signin.user.admin. Your app might otherwise
- * accept access tokens until they expire.
+ * Other requests might be valid until your user's token expires.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -142,7 +176,11 @@ public AdminUserGlobalSignOutRequest withUserPoolId(String userPoolId) {
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -150,7 +188,12 @@ public AdminUserGlobalSignOutRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -167,7 +214,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* aws.cognito.signin.user.admin.
+ * /aws/vendedlogs. For more information, see Enabling logging from certain Amazon Web Services services.
+ *
* Length: 20 - 2048
* Pattern:
@@ -48,6 +55,13 @@ public class CloudWatchLogsConfigurationType implements Serializable {
* your user pool.
* /aws/vendedlogs. For more information, see Enabling logging from certain Amazon Web Services services.
+ *
* Length: 20 - 2048
* Pattern:
@@ -60,6 +74,14 @@ public class CloudWatchLogsConfigurationType implements Serializable {
* encrypted with Key Management Service and must be in the same
* Amazon Web Services account as your user pool.
* /aws/vendedlogs. For more
+ * information, see Enabling logging from certain Amazon Web Services services.
+ *
+ * To send logs to log groups with a resource policy of a size greater than
+ * 5120 characters, configure a log group with a path that starts with
+ * /aws/vendedlogs. For more information, see Enabling logging from certain Amazon Web Services services.
+ *
* Constraints:
* Length: 20 - 2048
* Pattern:
@@ -85,6 +114,15 @@ public String getLogGroupArn() {
* encrypted with Key Management Service and must be in the same
* Amazon Web Services account as your user pool.
*
+ * To send logs to log groups with a resource policy of a size
+ * greater than 5120 characters, configure a log group with a
+ * path that starts with /aws/vendedlogs. For more
+ * information, see Enabling logging from certain Amazon Web Services
+ * services.
+ *
+ * To send logs to log groups with a resource policy of a size greater than
+ * 5120 characters, configure a log group with a path that starts with
+ * /aws/vendedlogs. For more information, see Enabling logging from certain Amazon Web Services services.
+ *
* Returns a reference to this object so that method calls can be chained * together. *
@@ -113,6 +158,15 @@ public void setLogGroupArn(String logGroupArn) { * encrypted with Key Management Service and must be in the same * Amazon Web Services account as your user pool. *
+ *
+ * To send logs to log groups with a resource policy of a size
+ * greater than 5120 characters, configure a log group with a
+ * path that starts with /aws/vendedlogs. For more
+ * information, see Enabling logging from certain Amazon Web Services
+ * services.
+ *
* Confirms tracking of the device. This API call is the call that begins device - * tracking. + * tracking. For more information about device authentication, see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope aws.cognito.signin.user.admin.
*
@@ -32,7 +38,7 @@ * policies. For more information about authorization models in Amazon Cognito, * see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
- * The user name of the user for whom you want to enter a code to retrieve a
- * forgotten password.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -313,8 +316,11 @@ public ConfirmForgotPasswordRequest withSecretHash(String secretHash) {
/**
*
- * The user name of the user for whom you want to enter a code to retrieve a
- * forgotten password.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -322,8 +328,12 @@ public ConfirmForgotPasswordRequest withSecretHash(String secretHash) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name of the user for whom you want to enter a code to
- * retrieve a forgotten password.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name of the user for whom you want to enter a code to retrieve a
- * forgotten password.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -341,8 +354,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user for whom you want to enter a code to
- * retrieve a forgotten password.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user for whom you want to enter a code to retrieve a
- * forgotten password.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -363,8 +383,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user for whom you want to enter a code to
- * retrieve a forgotten password.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * Confirms registration of a new user. + * This public API operation provides a code that Amazon Cognito sent to your + * user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm + * ownership of the email address or phone number that they provided, and their + * user account becomes active. Depending on your user pool configuration, your + * users will receive their confirmation code in an email or SMS message. + *
+ *+ * Local users who signed up in your user pool are the only type of user who can + * confirm sign-up with a code. Users who federate through an external identity + * provider (IdP) have already been confirmed by their IdP. + * Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond + * to their invitation email message and choose a password. They do not receive + * a confirmation code. Instead, they receive a temporary password. *
*@@ -31,7 +47,7 @@ * policies. For more information about authorization models in Amazon Cognito, * see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
- * The user name of the user whose registration you want to confirm.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -294,7 +314,11 @@ public ConfirmSignUpRequest withSecretHash(String secretHash) {
/**
*
- * The user name of the user whose registration you want to confirm.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -302,7 +326,12 @@ public ConfirmSignUpRequest withSecretHash(String secretHash) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name of the user whose registration you want to confirm.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user name of the user whose registration you want to confirm.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -319,8 +352,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user whose registration you want to
- * confirm.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user name of the user whose registration you want to confirm.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -340,8 +381,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user whose registration you want to
- * confirm.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * Creates an IdP for a user pool. + * Adds a configuration and trust relationship between a third-party identity + * provider (IdP) and a user pool. *
*@@ -69,8 +70,8 @@ public class CreateIdentityProviderRequest extends AmazonWebServiceRequest imple *
*
* Constraints:
- * Length: 3 - 32
- * Pattern: [^_][\p{L}\p{M}\p{S}\p{N}\p{P}][^_]+
+ * Length: 1 - 32
+ * Pattern: [^_\p{Z}][\p{L}\p{M}\p{S}\p{N}\p{P}][^_\p{Z}]+
*/
private String providerName;
@@ -87,182 +88,93 @@ public class CreateIdentityProviderRequest extends AmazonWebServiceRequest imple
/**
*
- * The IdP details. The following list describes the provider detail keys
- * for each IdP type.
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
- * For Google and Login with Amazon:
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
*
- * client_id
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * authorize_scopes
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * For Facebook:
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * client_id
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * authorize_scopes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * api_version
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * For Sign in with Apple:
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * client_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * team_id
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * key_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * private_key
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * authorize_scopes
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * For OpenID Connect (OIDC) providers: - *
- *- * client_id - *
- *- * client_secret - *
- *- * attributes_request_method - *
- *- * oidc_issuer - *
- *- * authorize_scopes - *
- *
- * The following keys are only present if Amazon Cognito didn't discover
- * them at the oidc_issuer URL.
- *
- * authorize_url - *
- *- * token_url - *
- *- * attributes_url - *
- *- * jwks_uri - *
- *- * Amazon Cognito sets the value of the following keys automatically. They - * are read-only. - *
- *- * attributes_url_add_attributes - *
- *- * For SAML providers: - *
- *- * MetadataFile or MetadataURL - *
- *- * IDPSignout optional - *
- *
* Constraints:
- * Length: 3 - 32
- * Pattern: [^_][\p{L}\p{M}\p{S}\p{N}\p{P}][^_]+
+ * Length: 1 - 32
+ * Pattern: [^_\p{Z}][\p{L}\p{M}\p{S}\p{N}\p{P}][^_\p{Z}]+
*
* @return
* The IdP name. @@ -360,8 +272,8 @@ public String getProviderName() { *
*
* Constraints:
- * Length: 3 - 32
- * Pattern: [^_][\p{L}\p{M}\p{S}\p{N}\p{P}][^_]+
+ * Length: 1 - 32
+ * Pattern: [^_\p{Z}][\p{L}\p{M}\p{S}\p{N}\p{P}][^_\p{Z}]+
*
* @param providerName
* The IdP name. @@ -380,8 +292,8 @@ public void setProviderName(String providerName) { * together. *
* Constraints:
- * Length: 3 - 32
- * Pattern: [^_][\p{L}\p{M}\p{S}\p{N}\p{P}][^_]+
+ * Length: 1 - 32
+ * Pattern: [^_\p{Z}][\p{L}\p{M}\p{S}\p{N}\p{P}][^_\p{Z}]+
*
* @param providerName
* The IdP name. @@ -498,360 +410,184 @@ public CreateIdentityProviderRequest withProviderType(IdentityProviderTypeType p /** *
- * The IdP details. The following list describes the provider detail keys
- * for each IdP type.
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
- * For Google and Login with Amazon:
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
*
- * client_id
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * authorize_scopes
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * For Facebook:
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * client_id
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * authorize_scopes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * api_version
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * For Sign in with Apple:
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * client_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * team_id
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * key_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * private_key
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * authorize_scopes
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * For OpenID Connect (OIDC) providers: - *
- *- * client_id - *
- *- * client_secret - *
- *- * attributes_request_method - *
- *- * oidc_issuer - *
- *- * authorize_scopes - *
- *
- * The following keys are only present if Amazon Cognito didn't discover
- * them at the oidc_issuer URL.
- *
- * authorize_url - *
- *- * token_url - *
- *- * attributes_url - *
- *- * jwks_uri - *
- *- * Amazon Cognito sets the value of the following keys automatically. They - * are read-only. - *
- *- * attributes_url_add_attributes - *
- *- * For SAML providers: - *
- *- * MetadataFile or MetadataURL - *
- *- * IDPSignout optional - *
- *
- * The IdP details. The following list describes the provider detail
- * keys for each IdP type.
+ * The scopes, URLs, and identifiers for your external identity
+ * provider. The following examples describe the provider detail
+ * keys for each IdP type. These values and their schema are subject
+ * to change. Social IdP authorize_scopes values must
+ * match the values listed here.
*
- * For Google and Login with Amazon:
+ * Amazon Cognito accepts the following elements when it can't
+ * discover endpoint URLs from oidc_issuer:
+ * attributes_url, authorize_url,
+ * jwks_uri, token_url.
*
- * client_id
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * authorize_scopes
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * For Facebook:
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * client_id
+ * The value of MetadataFile must be the plaintext
+ * metadata document with all quote (") characters escaped by
+ * backslashes.
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * authorize_scopes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * api_version
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * For Sign in with Apple:
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * client_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * team_id
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * key_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * private_key
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * authorize_scopes
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * For OpenID Connect (OIDC) providers: - *
- *- * client_id - *
- *- * client_secret - *
- *- * attributes_request_method - *
- *- * oidc_issuer - *
- *- * authorize_scopes - *
- *
- * The following keys are only present if Amazon Cognito didn't
- * discover them at the oidc_issuer URL.
- *
- * authorize_url - *
- *- * token_url - *
- *- * attributes_url - *
- *- * jwks_uri - *
- *- * Amazon Cognito sets the value of the following keys - * automatically. They are read-only. - *
- *- * attributes_url_add_attributes - *
- *- * For SAML providers: - *
- *- * MetadataFile or MetadataURL - *
- *- * IDPSignout optional - *
- *- * The IdP details. The following list describes the provider detail keys - * for each IdP type. - *
- *- * For Google and Login with Amazon: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * For Facebook: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * api_version - *
- *- * For Sign in with Apple: - *
- *- * client_id - *
- *- * team_id - *
- *- * key_id - *
- *- * private_key - *
- *- * authorize_scopes - *
- *
- * For OpenID Connect (OIDC) providers:
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
- * client_id
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
*
- * client_secret
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * attributes_request_method
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * oidc_issuer
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * authorize_scopes
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * The following keys are only present if Amazon Cognito didn't discover
- * them at the oidc_issuer URL.
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
*
- * authorize_url
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * token_url
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * attributes_url
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * jwks_uri
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * Amazon Cognito sets the value of the following keys automatically. They
- * are read-only.
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * attributes_url_add_attributes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * For SAML providers:
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * MetadataFile or MetadataURL
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * IDPSignout optional
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * The IdP details. The following list describes the provider - * detail keys for each IdP type. - *
- *authorize_scopes
+ * values must match the values listed here.
+ *
+ *
- * For Google and Login with Amazon:
+ * Amazon Cognito accepts the following elements when it can't
+ * discover endpoint URLs from oidc_issuer:
+ * attributes_url, authorize_url,
+ * jwks_uri, token_url.
*
- * client_id
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * authorize_scopes
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * For Facebook:
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * client_id
+ * The value of MetadataFile must be the plaintext
+ * metadata document with all quote (") characters escaped by
+ * backslashes.
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * authorize_scopes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * api_version
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * For Sign in with Apple:
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * client_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * team_id
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * key_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * private_key
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * authorize_scopes
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * For OpenID Connect (OIDC) providers: - *
- *- * client_id - *
- *- * client_secret - *
- *- * attributes_request_method - *
- *- * oidc_issuer - *
- *- * authorize_scopes - *
- *
- * The following keys are only present if Amazon Cognito didn't
- * discover them at the oidc_issuer URL.
- *
- * authorize_url - *
- *- * token_url - *
- *- * attributes_url - *
- *- * jwks_uri - *
- *- * Amazon Cognito sets the value of the following keys - * automatically. They are read-only. - *
- *- * attributes_url_add_attributes - *
- *- * For SAML providers: - *
- *- * MetadataFile or MetadataURL - *
- *- * IDPSignout optional - *
- *
- * The IdP details. The following list describes the provider detail keys
- * for each IdP type.
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
- * For Google and Login with Amazon:
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
*
- * client_id
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * authorize_scopes
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * For Facebook:
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * client_id
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * authorize_scopes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * api_version
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * For Sign in with Apple:
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * client_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * team_id
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * key_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * private_key
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * authorize_scopes
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * For OpenID Connect (OIDC) providers: - *
- *- * client_id - *
- *- * client_secret - *
- *- * attributes_request_method - *
- *- * oidc_issuer - *
- *- * authorize_scopes - *
- *
- * The following keys are only present if Amazon Cognito didn't discover
- * them at the oidc_issuer URL.
- *
- * authorize_url - *
- *- * token_url - *
- *- * attributes_url - *
- *- * jwks_uri - *
- *- * Amazon Cognito sets the value of the following keys automatically. They - * are read-only. - *
- *- * attributes_url_add_attributes - *
- *- * For SAML providers: - *
- *- * MetadataFile or MetadataURL - *
- *- * IDPSignout optional - *
- ** Returns a reference to this object so that method calls can be chained * together. * * @param providerDetails
- * The IdP details. The following list describes the provider - * detail keys for each IdP type. - *
- *authorize_scopes
+ * values must match the values listed here.
+ *
+ *
- * For Google and Login with Amazon:
+ * Amazon Cognito accepts the following elements when it can't
+ * discover endpoint URLs from oidc_issuer:
+ * attributes_url, authorize_url,
+ * jwks_uri, token_url.
*
- * client_id
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * authorize_scopes
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * For Facebook:
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * client_id
+ * The value of MetadataFile must be the plaintext
+ * metadata document with all quote (") characters escaped by
+ * backslashes.
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * authorize_scopes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * api_version
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * For Sign in with Apple:
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * client_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * team_id
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * key_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * private_key
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * authorize_scopes
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * For OpenID Connect (OIDC) providers: - *
- *- * client_id - *
- *- * client_secret - *
- *- * attributes_request_method - *
- *- * oidc_issuer - *
- *- * authorize_scopes - *
- *
- * The following keys are only present if Amazon Cognito didn't
- * discover them at the oidc_issuer URL.
- *
- * authorize_url - *
- *- * token_url - *
- *- * attributes_url - *
- *- * jwks_uri - *
- *- * Amazon Cognito sets the value of the following keys - * automatically. They are read-only. - *
- *- * attributes_url_add_attributes - *
- *- * For SAML providers: - *
- *- * MetadataFile or MetadataURL - *
- *- * IDPSignout optional - *
- *- * The IdP details. The following list describes the provider detail keys - * for each IdP type. - *
- *- * For Google and Login with Amazon: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * For Facebook: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * api_version - *
- *- * For Sign in with Apple: - *
- *- * client_id - *
- *- * team_id - *
- *- * key_id - *
- *- * private_key - *
- *- * authorize_scopes - *
- *
- * For OpenID Connect (OIDC) providers:
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
- * client_id
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
*
- * client_secret
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * attributes_request_method
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * oidc_issuer
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * authorize_scopes
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * The following keys are only present if Amazon Cognito didn't discover
- * them at the oidc_issuer URL.
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
*
- * authorize_url
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * token_url
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * attributes_url
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * jwks_uri
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * Amazon Cognito sets the value of the following keys automatically. They
- * are read-only.
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * attributes_url_add_attributes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * For SAML providers:
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * MetadataFile or MetadataURL
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * IDPSignout optional
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
* The method adds a new key-value pair into ProviderDetails parameter, and * returns a reference to this object so that method calls can be chained diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/CreateIdentityProviderResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/CreateIdentityProviderResult.java index 1fae42e8b0..18a829fbac 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/CreateIdentityProviderResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/CreateIdentityProviderResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/CreateResourceServerRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/CreateResourceServerRequest.java index 8fc1c2f16e..ffd48f0ea4 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/CreateResourceServerRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/CreateResourceServerRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -65,9 +65,16 @@ public class CreateResourceServerRequest extends AmazonWebServiceRequest impleme /** *
- * A unique resource server identifier for the resource server. This could
- * be an HTTPS endpoint where the resource server is located, such as
- * https://my-weather-api.example.com.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
* Constraints:
@@ -154,9 +161,16 @@ public CreateResourceServerRequest withUserPoolId(String userPoolId) {
/**
*
- * A unique resource server identifier for the resource server. This could
- * be an HTTPS endpoint where the resource server is located, such as
- * https://my-weather-api.example.com.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
* Constraints:
@@ -164,9 +178,16 @@ public CreateResourceServerRequest withUserPoolId(String userPoolId) {
* Pattern: [\x21\x23-\x5B\x5D-\x7E]+
*
* @return
- * A unique resource server identifier for the resource server. This
- * could be an HTTPS endpoint where the resource server is located,
- * such as https://my-weather-api.example.com.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access tokens.
*
- * A unique resource server identifier for the resource server. This could
- * be an HTTPS endpoint where the resource server is located, such as
- * https://my-weather-api.example.com.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
* Constraints:
@@ -186,9 +214,16 @@ public String getIdentifier() {
*
* @param identifier
* A unique resource server identifier for the resource server.
- * This could be an HTTPS endpoint where the resource server is
- * located, such as
- * https://my-weather-api.example.com.
+ * The identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL
+ * like https://solar-system-data-api.example.com as
+ * your identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access
+ * tokens.
*
- * A unique resource server identifier for the resource server. This could
- * be an HTTPS endpoint where the resource server is located, such as
- * https://my-weather-api.example.com.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
* Returns a reference to this object so that method calls can be chained @@ -211,9 +253,16 @@ public void setIdentifier(String identifier) { * * @param identifier
* A unique resource server identifier for the resource server.
- * This could be an HTTPS endpoint where the resource server is
- * located, such as
- * https://my-weather-api.example.com.
+ * The identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL
+ * like https://solar-system-data-api.example.com as
+ * your identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access
+ * tokens.
*
- * The read attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
- * The user pool attributes that the app client can write to.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
*
* If your app client allows users to sign in through an IdP, this array @@ -334,7 +367,9 @@ public class CreateUserPoolClientRequest extends AmazonWebServiceRequest impleme /** *
- * The default redirect URI. Must be in the CallbackURLs list.
+ * The default redirect URI. In app clients with one assigned IdP, replaces
+ * redirect_uri in authentication requests. Must be in the
+ * CallbackURLs list.
*
* A redirect URI must: @@ -357,8 +392,9 @@ public class CreateUserPoolClientRequest extends AmazonWebServiceRequest impleme * * *
- * See OAuth 2.0 - * - Redirection Endpoint. + * For more information, see Default redirect URI. *
** Amazon Cognito requires HTTPS over HTTP except for http://localhost for @@ -376,7 +412,9 @@ public class CreateUserPoolClientRequest extends AmazonWebServiceRequest impleme /** *
- * The allowed OAuth flows.
+ * The OAuth grant types that you want your app client to generate. To
+ * create an app client that generates client credentials grants, you must
+ * add client_credentials as the only allowed OAuth flow.
*
- * The read attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
- * The read attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, + * their access token authorizes them to read their own attribute + * value for any attribute in this list. An example of this kind of + * activity is when your user selects a link to view their profile + * information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for your
+ * app client, your app can read the values of
+ * email_verified, phone_number_verified,
+ * and the Standard attributes of your user pool. When your user
+ * pool has read access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the
+ * API response if you have specified your own custom set of read
+ * attributes.
*
- * The read attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
- * The read attributes. + * The list of user attributes that you want your app client to + * have read-only access to. After your user authenticates in + * your app, their access token authorizes them to read their own + * attribute value for any attribute in this list. An example of + * this kind of activity is when your user selects a link to view + * their profile information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for
+ * your app client, your app can read the values of
+ * email_verified,
+ * phone_number_verified, and the Standard
+ * attributes of your user pool. When your user pool has read
+ * access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in
+ * the API response if you have specified your own custom set of
+ * read attributes.
*
- * The read attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param readAttributes
- * The read attributes. + * The list of user attributes that you want your app client to + * have read-only access to. After your user authenticates in + * your app, their access token authorizes them to read their own + * attribute value for any attribute in this list. An example of + * this kind of activity is when your user selects a link to view + * their profile information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for
+ * your app client, your app can read the values of
+ * email_verified,
+ * phone_number_verified, and the Standard
+ * attributes of your user pool. When your user pool has read
+ * access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in
+ * the API response if you have specified your own custom set of
+ * read attributes.
*
- * The read attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param readAttributes
- * The read attributes. + * The list of user attributes that you want your app client to + * have read-only access to. After your user authenticates in + * your app, their access token authorizes them to read their own + * attribute value for any attribute in this list. An example of + * this kind of activity is when your user selects a link to view + * their profile information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for
+ * your app client, your app can read the values of
+ * email_verified,
+ * phone_number_verified, and the Standard
+ * attributes of your user pool. When your user pool has read
+ * access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in
+ * the API response if you have specified your own custom set of
+ * read attributes.
*
- * The user pool attributes that the app client can write to.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
*
* If your app client allows users to sign in through an IdP, this array @@ -1394,7 +1595,25 @@ public CreateUserPoolClientRequest withReadAttributes( *
* * @return
- * The user pool attributes that the app client can write to.
+ * The list of user attributes that you want your app client to have
+ * write access to. After your user authenticates in your app, their
+ * access token authorizes them to set or modify their own attribute
+ * value for any attribute in this list. An example of this kind of
+ * activity is when you present your user with a form to update
+ * their profile information and they change their last name. Your
+ * app then makes an UpdateUserAttributes API request and sets
+ * family_name to the new value.
+ *
+ * When you don't specify the WriteAttributes for your
+ * app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes, WriteAttributes
+ * doesn't return any information. Amazon Cognito only populates
+ * WriteAttributes in the API response if you have
+ * specified your own custom set of write attributes.
*
* If your app client allows users to sign in through an IdP, this
@@ -1414,7 +1633,23 @@ public java.util.List
- * The user pool attributes that the app client can write to.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets
+ * When you don't specify the
* If your app client allows users to sign in through an IdP, this array
@@ -1428,7 +1663,26 @@ public java.util.List
- * The user pool attributes that the app client can write to.
+ * The list of user attributes that you want your app client to
+ * have write access to. After your user authenticates in your
+ * app, their access token authorizes them to set or modify their
+ * own attribute value for any attribute in this list. An example
+ * of this kind of activity is when you present your user with a
+ * form to update their profile information and they change their
+ * last name. Your app then makes an UpdateUserAttributes API request and sets
+ *
+ * When you don't specify the
* If your app client allows users to sign in through an IdP,
@@ -1453,7 +1707,23 @@ public void setWriteAttributes(java.util.Collection
- * The user pool attributes that the app client can write to.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets
+ * When you don't specify the
* If your app client allows users to sign in through an IdP, this array
@@ -1470,7 +1740,26 @@ public void setWriteAttributes(java.util.Collection
- * The user pool attributes that the app client can write to.
+ * The list of user attributes that you want your app client to
+ * have write access to. After your user authenticates in your
+ * app, their access token authorizes them to set or modify their
+ * own attribute value for any attribute in this list. An example
+ * of this kind of activity is when you present your user with a
+ * form to update their profile information and they change their
+ * last name. Your app then makes an UpdateUserAttributes API request and sets
+ *
+ * When you don't specify the
* If your app client allows users to sign in through an IdP,
@@ -1498,7 +1787,23 @@ public CreateUserPoolClientRequest withWriteAttributes(String... writeAttributes
/**
*
- * The user pool attributes that the app client can write to.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets
+ * When you don't specify the
* If your app client allows users to sign in through an IdP, this array
@@ -1515,7 +1820,26 @@ public CreateUserPoolClientRequest withWriteAttributes(String... writeAttributes
* together.
*
* @param writeAttributes
- * The user pool attributes that the app client can write to.
+ * The list of user attributes that you want your app client to
+ * have write access to. After your user authenticates in your
+ * app, their access token authorizes them to set or modify their
+ * own attribute value for any attribute in this list. An example
+ * of this kind of activity is when you present your user with a
+ * form to update their profile information and they change their
+ * last name. Your app then makes an UpdateUserAttributes API request and sets
+ *
+ * When you don't specify the
* If your app client allows users to sign in through an IdP,
@@ -2634,7 +2958,9 @@ public CreateUserPoolClientRequest withLogoutURLs(java.util.Collection
- * The default redirect URI. Must be in the
* A redirect URI must:
@@ -2657,8 +2983,9 @@ public CreateUserPoolClientRequest withLogoutURLs(java.util.Collection
- * See OAuth 2.0
- * - Redirection Endpoint.
+ * For more information, see Default redirect URI.
*
* Amazon Cognito requires HTTPS over HTTP except for http://localhost for
@@ -2673,8 +3000,9 @@ public CreateUserPoolClientRequest withLogoutURLs(java.util.Collection
- * The default redirect URI. Must be in the
- *
* A redirect URI must:
@@ -2697,9 +3025,9 @@ public CreateUserPoolClientRequest withLogoutURLs(java.util.Collection
- * See OAuth
- * 2.0 - Redirection Endpoint.
+ * For more information, see Default redirect URI.
*
* Amazon Cognito requires HTTPS over HTTP except for
@@ -2715,7 +3043,9 @@ public String getDefaultRedirectURI() {
/**
*
- * The default redirect URI. Must be in the
* A redirect URI must:
@@ -2738,8 +3068,9 @@ public String getDefaultRedirectURI() {
*
*
*
- * See OAuth 2.0
- * - Redirection Endpoint.
+ * For more information, see Default redirect URI.
*
* Amazon Cognito requires HTTPS over HTTP except for http://localhost for
@@ -2754,8 +3085,9 @@ public String getDefaultRedirectURI() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The default redirect URI. Must be in the
- *
* A redirect URI must:
@@ -2778,9 +3110,9 @@ public String getDefaultRedirectURI() {
*
*
*
- * See OAuth
- * 2.0 - Redirection Endpoint.
+ * For more information, see Default redirect URI.
*
* Amazon Cognito requires HTTPS over HTTP except for
@@ -2796,7 +3128,9 @@ public void setDefaultRedirectURI(String defaultRedirectURI) {
/**
*
- * The default redirect URI. Must be in the
* A redirect URI must:
@@ -2819,8 +3153,9 @@ public void setDefaultRedirectURI(String defaultRedirectURI) {
*
*
*
- * See OAuth 2.0
- * - Redirection Endpoint.
+ * For more information, see Default redirect URI.
*
* Amazon Cognito requires HTTPS over HTTP except for http://localhost for
@@ -2838,8 +3173,9 @@ public void setDefaultRedirectURI(String defaultRedirectURI) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The default redirect URI. Must be in the
- *
* A redirect URI must:
@@ -2862,9 +3198,9 @@ public void setDefaultRedirectURI(String defaultRedirectURI) {
*
*
*
- * See OAuth
- * 2.0 - Redirection Endpoint.
+ * For more information, see Default redirect URI.
*
* Amazon Cognito requires HTTPS over HTTP except for
@@ -2883,7 +3219,9 @@ public CreateUserPoolClientRequest withDefaultRedirectURI(String defaultRedirect
/**
*
- * The allowed OAuth flows.
+ * The OAuth grant types that you want your app client to generate. To
+ * create an app client that generates client credentials grants, you must
+ * add
- * The allowed OAuth flows.
+ * The OAuth grant types that you want your app client to generate.
+ * To create an app client that generates client credentials grants,
+ * you must add
- * The allowed OAuth flows.
+ * The OAuth grant types that you want your app client to generate. To
+ * create an app client that generates client credentials grants, you must
+ * add
- * The allowed OAuth flows.
+ * The OAuth grant types that you want your app client to
+ * generate. To create an app client that generates client
+ * credentials grants, you must add
+ *
- * The allowed OAuth flows.
+ * The OAuth grant types that you want your app client to generate. To
+ * create an app client that generates client credentials grants, you must
+ * add
- * The allowed OAuth flows.
+ * The OAuth grant types that you want your app client to
+ * generate. To create an app client that generates client
+ * credentials grants, you must add
+ *
- * The allowed OAuth flows.
+ * The OAuth grant types that you want your app client to generate. To
+ * create an app client that generates client credentials grants, you must
+ * add
- * The allowed OAuth flows.
+ * The OAuth grant types that you want your app client to
+ * generate. To create an app client that generates client
+ * credentials grants, you must add
+ *
* The Amazon CloudFront endpoint that you use as the target of the alias
- * that you set up with your Domain Name Service (DNS) provider.
+ * that you set up with your Domain Name Service (DNS) provider. Amazon
+ * Cognito returns this value if you set a custom domain with
+ *
* Constraints:
* The Amazon CloudFront endpoint that you use as the target of the alias
- * that you set up with your Domain Name Service (DNS) provider.
+ * that you set up with your Domain Name Service (DNS) provider. Amazon
+ * Cognito returns this value if you set a custom domain with
+ *
* Constraints:
* The Amazon CloudFront endpoint that you use as the target of the
* alias that you set up with your Domain Name Service (DNS)
- * provider.
+ * provider. Amazon Cognito returns this value if you set a custom
+ * domain with
* The Amazon CloudFront endpoint that you use as the target of the alias
- * that you set up with your Domain Name Service (DNS) provider.
+ * that you set up with your Domain Name Service (DNS) provider. Amazon
+ * Cognito returns this value if you set a custom domain with
+ *
* Constraints:
* The Amazon CloudFront endpoint that you use as the target of
* the alias that you set up with your Domain Name Service (DNS)
- * provider.
+ * provider. Amazon Cognito returns this value if you set a
+ * custom domain with
* The Amazon CloudFront endpoint that you use as the target of the alias
- * that you set up with your Domain Name Service (DNS) provider.
+ * that you set up with your Domain Name Service (DNS) provider. Amazon
+ * Cognito returns this value if you set a custom domain with
+ *
* Returns a reference to this object so that method calls can be chained
@@ -86,7 +103,10 @@ public void setCloudFrontDomain(String cloudFrontDomain) {
* @param cloudFrontDomain
* The Amazon CloudFront endpoint that you use as the target of
* the alias that you set up with your Domain Name Service (DNS)
- * provider.
+ * provider. Amazon Cognito returns this value if you set a
+ * custom domain with
- * A custom email sender Lambda configuration type.
+ * The properties of a custom email sender Lambda trigger.
*
- * Signature of the "request" attribute in the "event" information Amazon
- * Cognito passes to your custom email Lambda function. The only supported
- * value is
+ * You must use a
* Constraints:
- * The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito
- * activates to send email notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
*
* Constraints:
- * Signature of the "request" attribute in the "event" information Amazon
- * Cognito passes to your custom email Lambda function. The only supported
- * value is
+ * You must use a
* Constraints:
- * Signature of the "request" attribute in the "event" information
- * Amazon Cognito passes to your custom email Lambda function. The
- * only supported value is
+ * You must use a
- * Signature of the "request" attribute in the "event" information Amazon
- * Cognito passes to your custom email Lambda function. The only supported
- * value is
+ * You must use a
* Constraints:
- * Signature of the "request" attribute in the "event"
- * information Amazon Cognito passes to your custom email Lambda
- * function. The only supported value is
+ * You must use a
- * Signature of the "request" attribute in the "event" information Amazon
- * Cognito passes to your custom email Lambda function. The only supported
- * value is
+ * You must use a
* Returns a reference to this object so that method calls can be chained
@@ -105,9 +129,13 @@ public void setLambdaVersion(String lambdaVersion) {
* Allowed Values: V1_0
*
* @param lambdaVersion
- * Signature of the "request" attribute in the "event"
- * information Amazon Cognito passes to your custom email Lambda
- * function. The only supported value is
+ * You must use a
- * Signature of the "request" attribute in the "event" information Amazon
- * Cognito passes to your custom email Lambda function. The only supported
- * value is
+ * You must use a
* Constraints:
- * Signature of the "request" attribute in the "event"
- * information Amazon Cognito passes to your custom email Lambda
- * function. The only supported value is
+ * You must use a
- * Signature of the "request" attribute in the "event" information Amazon
- * Cognito passes to your custom email Lambda function. The only supported
- * value is
+ * You must use a
* Returns a reference to this object so that method calls can be chained
@@ -153,9 +193,13 @@ public void setLambdaVersion(CustomEmailSenderLambdaVersionType lambdaVersion) {
* Allowed Values: V1_0
*
* @param lambdaVersion
- * Signature of the "request" attribute in the "event"
- * information Amazon Cognito passes to your custom email Lambda
- * function. The only supported value is
+ * You must use a
- * The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito
- * activates to send email notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
*
* Constraints:
- * The Amazon Resource Name (ARN) of the Lambda function that Amazon
- * Cognito activates to send email notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want to
+ * assign to your Lambda trigger.
*
- * The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito
- * activates to send email notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
*
* Constraints:
- * The Amazon Resource Name (ARN) of the Lambda function that
- * Amazon Cognito activates to send email notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want
+ * to assign to your Lambda trigger.
*
- * The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito
- * activates to send email notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
*
* Returns a reference to this object so that method calls can be chained
@@ -225,8 +269,8 @@ public void setLambdaArn(String lambdaArn) {
* /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
- * The Amazon Resource Name (ARN) of the Lambda function that
- * Amazon Cognito activates to send email notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want
+ * to assign to your Lambda trigger.
*
- * A custom SMS sender Lambda configuration type.
+ * The properties of a custom SMS sender Lambda trigger.
*
- * Signature of the "request" attribute in the "event" information that
- * Amazon Cognito passes to your custom SMS Lambda function. The only
- * supported value is
+ * You must use a
* Constraints:
- * The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito
- * activates to send SMS notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
*
* Constraints:
- * Signature of the "request" attribute in the "event" information that
- * Amazon Cognito passes to your custom SMS Lambda function. The only
- * supported value is
+ * You must use a
* Constraints:
- * Signature of the "request" attribute in the "event" information
- * that Amazon Cognito passes to your custom SMS Lambda function.
- * The only supported value is
+ * You must use a
- * Signature of the "request" attribute in the "event" information that
- * Amazon Cognito passes to your custom SMS Lambda function. The only
- * supported value is
+ * You must use a
* Constraints:
- * Signature of the "request" attribute in the "event"
- * information that Amazon Cognito passes to your custom SMS
- * Lambda function. The only supported value is
+ * You must use a
- * Signature of the "request" attribute in the "event" information that
- * Amazon Cognito passes to your custom SMS Lambda function. The only
- * supported value is
+ * You must use a
* Returns a reference to this object so that method calls can be chained
@@ -106,10 +129,13 @@ public void setLambdaVersion(String lambdaVersion) {
* Allowed Values: V1_0
*
* @param lambdaVersion
- * Signature of the "request" attribute in the "event"
- * information that Amazon Cognito passes to your custom SMS
- * Lambda function. The only supported value is
+ * You must use a
- * Signature of the "request" attribute in the "event" information that
- * Amazon Cognito passes to your custom SMS Lambda function. The only
- * supported value is
+ * You must use a
* Constraints:
- * Signature of the "request" attribute in the "event"
- * information that Amazon Cognito passes to your custom SMS
- * Lambda function. The only supported value is
+ * You must use a
- * Signature of the "request" attribute in the "event" information that
- * Amazon Cognito passes to your custom SMS Lambda function. The only
- * supported value is
+ * You must use a
* Returns a reference to this object so that method calls can be chained
@@ -156,10 +193,13 @@ public void setLambdaVersion(CustomSMSSenderLambdaVersionType lambdaVersion) {
* Allowed Values: V1_0
*
* @param lambdaVersion
- * Signature of the "request" attribute in the "event"
- * information that Amazon Cognito passes to your custom SMS
- * Lambda function. The only supported value is
+ * You must use a
- * The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito
- * activates to send SMS notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
*
* Constraints:
- * The Amazon Resource Name (ARN) of the Lambda function that Amazon
- * Cognito activates to send SMS notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want to
+ * assign to your Lambda trigger.
*
- * The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito
- * activates to send SMS notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
*
* Constraints:
- * The Amazon Resource Name (ARN) of the Lambda function that
- * Amazon Cognito activates to send SMS notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want
+ * to assign to your Lambda trigger.
*
- * The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito
- * activates to send SMS notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
*
* Returns a reference to this object so that method calls can be chained
@@ -229,8 +269,8 @@ public void setLambdaArn(String lambdaArn) {
* /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
- * The Amazon Resource Name (ARN) of the Lambda function that
- * Amazon Cognito activates to send SMS notifications to users.
+ * The Amazon Resource Name (ARN) of the function that you want
+ * to assign to your Lambda trigger.
*
* Constraints:
* Constraints:
* The IdP name.
@@ -128,7 +128,7 @@ public String getProviderName() {
*
* Constraints:
* The IdP name.
@@ -148,7 +148,7 @@ public void setProviderName(String providerName) {
*
* Constraints:
* The IdP name.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DeleteResourceServerRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DeleteResourceServerRequest.java
index e176a49009..3b63286652 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DeleteResourceServerRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DeleteResourceServerRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DeleteUserAttributesRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DeleteUserAttributesRequest.java
index 640c90cc53..8839d7d49c 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DeleteUserAttributesRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DeleteUserAttributesRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -23,6 +23,10 @@
*
* Deletes the attributes for a user.
*
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
@@ -31,7 +35,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
* Allows a user to delete their own user profile.
*
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
@@ -31,7 +35,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
* Constraints:
* Constraints:
* The IdP name.
@@ -129,7 +129,7 @@ public String getProviderName() {
*
* Constraints:
* The IdP name.
@@ -149,7 +149,7 @@ public void setProviderName(String providerName) {
*
* Constraints:
* The IdP name.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DescribeIdentityProviderResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DescribeIdentityProviderResult.java
index 62cd5dd4a7..97aca36214 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DescribeIdentityProviderResult.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DescribeIdentityProviderResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DescribeResourceServerRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DescribeResourceServerRequest.java
index 2398e63a8b..c9b5916d04 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DescribeResourceServerRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/DescribeResourceServerRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -38,7 +38,16 @@ public class DescribeResourceServerRequest extends AmazonWebServiceRequest imple
/**
*
- * The identifier for the resource server
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ *
* Constraints:
- * The identifier for the resource server
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ *
* Constraints:
- * The identifier for the resource server
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format
- * The identifier for the resource server
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ *
* Constraints:
- * The identifier for the resource server
+ * A unique resource server identifier for the resource server.
+ * The identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format
- * The identifier for the resource server
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ *
* Returns a reference to this object so that method calls can be chained
@@ -154,7 +209,17 @@ public void setIdentifier(String identifier) {
* Pattern: [\x21\x23-\x5B\x5D-\x7E]+
- * The identifier for the resource server
+ * A unique resource server identifier for the resource server.
+ * The identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param deviceLastModifiedDate
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
- * Forgets the specified device.
+ * Forgets the specified device. For more information about device
+ * authentication, see Working with user devices in your user pool.
+ *
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope
@@ -31,7 +38,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
+ * To use this API operation, your user pool must have self-service account
+ * recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
@@ -46,7 +52,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
@@ -110,8 +116,11 @@ public class ForgotPasswordRequest extends AmazonWebServiceRequest implements Se
/**
*
- * The user name of the user for whom you want to enter a code to reset a
- * forgotten password.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user for whom you want to enter a code to reset a
- * forgotten password.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user for whom you want to enter a code to
- * reset a forgotten password.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If
- * The user name of the user for whom you want to enter a code to reset a
- * forgotten password.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Constraints:
- * The user name of the user for whom you want to enter a code to
- * reset a forgotten password.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * The user name of the user for whom you want to enter a code to reset a
- * forgotten password.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If
* Returns a reference to this object so that method calls can be chained
@@ -426,8 +452,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The user name of the user for whom you want to enter a code to
- * reset a forgotten password.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ *
- * Gets the device.
+ * Gets the device. For more information about device authentication, see Working with user devices in your user pool.
+ *
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope
@@ -31,7 +38,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
@@ -33,7 +37,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserAttributeVerificationCodeResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserAttributeVerificationCodeResult.java
index 8f7876383e..4d4c558f15 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserAttributeVerificationCodeResult.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserAttributeVerificationCodeResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserPoolMfaConfigRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserPoolMfaConfigRequest.java
index 00ab3888d0..c4d23bd01e 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserPoolMfaConfigRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserPoolMfaConfigRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserPoolMfaConfigResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserPoolMfaConfigResult.java
index dfbfa31fdf..12b643e861 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserPoolMfaConfigResult.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserPoolMfaConfigResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserRequest.java
index 46690ab998..b51f692e40 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/GetUserRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -23,6 +23,10 @@
*
* Gets the user attributes and metadata for a user.
*
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
@@ -31,7 +35,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
- * Signs out a user from all devices.
- * Your app isn't aware that a user's access token is revoked unless it attempts
- * to authorize a user pools API request with an access token that contains the
- * scope
+ * Amazon Cognito returns an
+ * Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with
+ *
+ * Amazon Cognito no longer accepts a signed-out user's refresh tokens in
+ * refresh requests.
+ *
+ * Other requests might be valid until your user's token expires.
+ *
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope
@@ -40,7 +74,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param lastModifiedDate
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param creationDate
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
* Constraints:
- * The IdP details. The following list describes the provider detail keys
- * for each IdP type.
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ *
- * For Google and Login with Amazon:
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from
- * client_id
+ * Create or update request:
+ *
- * client_secret
+ * Describe response:
+ *
- * authorize_scopes
+ * Create or update request with Metadata URL:
+ *
- * For Facebook:
+ * Create or update request with Metadata file:
+ *
- * client_id
+ * The value of
- * client_secret
+ * Describe response:
+ *
- * authorize_scopes
+ * Create or update request:
+ *
- * api_version
+ * Describe response:
+ *
- * For Sign in with Apple:
+ * Create or update request:
+ *
- * client_id
+ * Describe response:
+ *
- * team_id
+ * Create or update request:
+ *
- * key_id
+ * Describe response:
+ *
- * private_key
+ * Create or update request:
+ *
- * You can submit a private_key when you add or update an IdP. Describe
- * operations don't return the private key.
+ * Describe response:
+ *
- * authorize_scopes
- *
- * For OIDC providers:
- *
- * client_id
- *
- * client_secret
- *
- * attributes_request_method
- *
- * oidc_issuer
- *
- * authorize_scopes
- *
- * The following keys are only present if Amazon Cognito didn't discover
- * them at the
- * authorize_url
- *
- * token_url
- *
- * attributes_url
- *
- * jwks_uri
- *
- * Amazon Cognito sets the value of the following keys automatically. They
- * are read-only.
- *
- * attributes_url_add_attributes
- *
- * For SAML providers:
- *
- * MetadataFile or MetadataURL
- *
- * IDPSignout optional
- * family_name
+ * to the new value.
+ * WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
* family_name to the new value.
+ * WriteAttributes for
+ * your app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes,
+ * WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in
+ * the API response if you have specified your own custom set of
+ * write attributes.
* family_name
+ * to the new value.
+ * WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
* family_name to the new value.
+ * WriteAttributes for
+ * your app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes,
+ * WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in
+ * the API response if you have specified your own custom set of
+ * write attributes.
* family_name
+ * to the new value.
+ * WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
* family_name to the new value.
+ * WriteAttributes for
+ * your app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes,
+ * WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in
+ * the API response if you have specified your own custom set of
+ * write attributes.
* CallbackURLs list.
+ * The default redirect URI. In app clients with one assigned IdP, replaces
+ * redirect_uri in authentication requests. Must be in the
+ * CallbackURLs list.
*
*
* @return CallbackURLs list.
+ * The default redirect URI. In app clients with one assigned IdP,
+ * replaces redirect_uri in authentication requests.
+ * Must be in the CallbackURLs list.
* CallbackURLs list.
+ * The default redirect URI. In app clients with one assigned IdP, replaces
+ * redirect_uri in authentication requests. Must be in the
+ * CallbackURLs list.
*
*
* @param defaultRedirectURI CallbackURLs list.
+ * The default redirect URI. In app clients with one assigned
+ * IdP, replaces redirect_uri in authentication
+ * requests. Must be in the CallbackURLs list.
* CallbackURLs list.
+ * The default redirect URI. In app clients with one assigned IdP, replaces
+ * redirect_uri in authentication requests. Must be in the
+ * CallbackURLs list.
*
*
* @param defaultRedirectURI CallbackURLs list.
+ * The default redirect URI. In app clients with one assigned
+ * IdP, replaces redirect_uri in authentication
+ * requests. Must be in the CallbackURLs list.
* client_credentials as the only allowed OAuth flow.
*
*
*
* @return client_credentials as the only allowed
+ * OAuth flow.
*
*
client_credentials as the only allowed OAuth flow.
*
*
*
* @param allowedOAuthFlows client_credentials as the only allowed OAuth
+ * flow.
*
*
client_credentials as the only allowed OAuth flow.
*
*
client_credentials as the only allowed OAuth
+ * flow.
*
*
client_credentials as the only allowed OAuth flow.
*
*
client_credentials as the only allowed OAuth
+ * flow.
*
*
CustomDomainConfig. If you set an Amazon Cognito prefix
+ * domain, this operation returns a blank response.
*
@@ -33,7 +36,10 @@ public class CreateUserPoolDomainResult implements Serializable {
/**
* CustomDomainConfig. If you set an Amazon Cognito prefix
+ * domain, this operation returns a blank response.
*
@@ -43,7 +49,9 @@ public class CreateUserPoolDomainResult implements Serializable {
* @return CustomDomainConfig. If you set an Amazon
+ * Cognito prefix domain, this operation returns a blank response.
* CustomDomainConfig. If you set an Amazon Cognito prefix
+ * domain, this operation returns a blank response.
*
@@ -63,7 +74,10 @@ public String getCloudFrontDomain() {
* @param cloudFrontDomain CustomDomainConfig. If you set
+ * an Amazon Cognito prefix domain, this operation returns a
+ * blank response.
* CustomDomainConfig. If you set an Amazon Cognito prefix
+ * domain, this operation returns a blank response.
* CustomDomainConfig. If you set
+ * an Amazon Cognito prefix domain, this operation returns a
+ * blank response.
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
*
@@ -37,8 +41,8 @@ public class CustomEmailLambdaVersionConfigType implements Serializable {
/**
*
@@ -51,18 +55,26 @@ public class CustomEmailLambdaVersionConfigType implements Serializable {
/**
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
*
* Allowed Values: V1_0
*
* @return V1_0.
+ * The user pool trigger version of the request that Amazon Cognito
+ * sends to your Lambda function. Higher-numbered versions add
+ * fields that support new features.
+ * LambdaVersion of V1_0
+ * with a custom sender function.
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
*
* Allowed Values: V1_0
*
* @param lambdaVersion V1_0.
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ * LambdaVersion of V1_0
+ * with a custom sender function.
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
* V1_0.
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ * LambdaVersion of V1_0
+ * with a custom sender function.
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
*
* Allowed Values: V1_0
*
* @param lambdaVersion V1_0.
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ * LambdaVersion of V1_0
+ * with a custom sender function.
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
* V1_0.
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ * LambdaVersion of V1_0
+ * with a custom sender function.
*
@@ -180,8 +224,8 @@ public CustomEmailLambdaVersionConfigType withLambdaVersion(
* /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
*
* @return
@@ -201,8 +245,8 @@ public String getLambdaArn() {
* /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
*
* @param lambdaArn
*
* @param lambdaArn V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
*
@@ -37,8 +41,8 @@ public class CustomSMSLambdaVersionConfigType implements Serializable {
/**
*
@@ -51,18 +55,26 @@ public class CustomSMSLambdaVersionConfigType implements Serializable {
/**
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
*
* Allowed Values: V1_0
*
* @return V1_0.
+ * The user pool trigger version of the request that Amazon Cognito
+ * sends to your Lambda function. Higher-numbered versions add
+ * fields that support new features.
+ * LambdaVersion of V1_0
+ * with a custom sender function.
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
*
* Allowed Values: V1_0
*
* @param lambdaVersion V1_0
- * .
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ * LambdaVersion of V1_0
+ * with a custom sender function.
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
* V1_0
- * .
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ * LambdaVersion of V1_0
+ * with a custom sender function.
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
*
* Allowed Values: V1_0
*
* @param lambdaVersion V1_0
- * .
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ * LambdaVersion of V1_0
+ * with a custom sender function.
* V1_0.
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ * LambdaVersion of V1_0 with a
+ * custom sender function.
* V1_0
- * .
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ * LambdaVersion of V1_0
+ * with a custom sender function.
*
@@ -184,8 +224,8 @@ public CustomSMSLambdaVersionConfigType withLambdaVersion(
* /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
*
* @return
@@ -205,8 +245,8 @@ public String getLambdaArn() {
* /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
*
* @param lambdaArn
*
* @param lambdaArn
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*/
private String providerName;
@@ -111,7 +111,7 @@ public DeleteIdentityProviderRequest withUserPoolId(String userPoolId) {
*
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @return
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName aws.cognito.signin.user.admin.
+ * aws.cognito.signin.user.admin.
+ *
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*/
private String providerName;
@@ -112,7 +112,7 @@ public DescribeIdentityProviderRequest withUserPoolId(String userPoolId) {
*
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @return
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
@@ -109,7 +118,16 @@ public DescribeResourceServerRequest withUserPoolId(String userPoolId) {
/**
* solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
@@ -117,7 +135,16 @@ public DescribeResourceServerRequest withUserPoolId(String userPoolId) {
* Pattern: [\x21\x23-\x5B\x5D-\x7E]+
*
* @return solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ * $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access tokens.
* solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
@@ -134,7 +170,17 @@ public String getIdentifier() {
* Pattern: [\x21\x23-\x5B\x5D-\x7E]+
*
* @param identifier solar-system-data. You can also set an API URL
+ * like https://solar-system-data-api.example.com as
+ * your identifier.
+ * $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access
+ * tokens.
* solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
*
* @param identifier solar-system-data. You can also set an API URL
+ * like https://solar-system-data-api.example.com as
+ * your identifier.
+ * $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access
+ * tokens.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* aws.cognito.signin.user.admin.
* SECRET_HASH parameter,
* this API returns NotAuthorizedException.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -376,8 +385,11 @@ public ForgotPasswordRequest withUserContextData(UserContextDataType userContext
/**
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -385,8 +397,12 @@ public ForgotPasswordRequest withUserContextData(UserContextDataType userContext
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -404,8 +423,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* aws.cognito.signin.user.admin.
* aws.cognito.signin.user.admin.
+ * aws.cognito.signin.user.admin.
+ * GlobalSignOut invalidates all
- * identity, access and refresh tokens that Amazon Cognito has issued to a user.
- * A user can still use a hosted UI cookie to retrieve new tokens for the
- * duration of the 1-hour cookie validity period.
+ * Invalidates the identity, access, and refresh tokens that Amazon Cognito
+ * issued to a user. Call this operation when your user signs out of your app.
+ * This results in the following behavior.
*
+ *
+ * aws.cognito.signin.user.admin. Your app might otherwise
- * accept access tokens until they expire.
+ * Amazon Cognito no longer accepts token-authorized user operations that
+ * you authorize with a signed-out user's access tokens. For more information,
+ * see Using the Amazon Cognito user pools API and user pool endpoints.
+ * Access Token has been revoked error
+ * when your app attempts to authorize a user pools API request with a revoked
+ * access token that contains the scope
+ * aws.cognito.signin.user.admin.
+ * ServerSideTokenCheck enabled for its user pool IdP configuration
+ * in CognitoIdentityProvider.
+ * aws.cognito.signin.user.admin.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
*
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*/
private String providerName;
@@ -58,186 +58,93 @@ public class IdentityProviderType implements Serializable {
/**
* authorize_scopes values must match the values listed here.
*
- *
- *
- *
+ *
oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
*
- *
"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
* "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- *
- * MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
* "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
* "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
* "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
* "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- *
"ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
* "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
* "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
* "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
* "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- *
- * oidc_issuer URL.
- *
- *
- *
- *
- *
- *
- *
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Constraints:
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @return
* The IdP name. @@ -354,7 +261,7 @@ public String getProviderName() { *
* Constraints:
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName
* The IdP name. @@ -374,7 +281,7 @@ public void setProviderName(String providerName) { *
* Constraints:
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName
* The IdP name. @@ -491,368 +398,184 @@ public IdentityProviderType withProviderType(IdentityProviderTypeType providerTy /** *
- * The IdP details. The following list describes the provider detail keys - * for each IdP type. - *
- *- * For Google and Login with Amazon: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * For Facebook: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * api_version - *
- *- * For Sign in with Apple: - *
- *- * client_id - *
- *- * team_id - *
- *- * key_id - *
- *- * private_key - *
- *- * You can submit a private_key when you add or update an IdP. Describe - * operations don't return the private key. - *
- *- * authorize_scopes - *
- *
- * For OIDC providers:
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
- * client_id
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
*
- * client_secret
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * attributes_request_method
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * oidc_issuer
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * authorize_scopes
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * The following keys are only present if Amazon Cognito didn't discover
- * them at the oidc_issuer URL.
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
*
- * authorize_url
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * token_url
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * attributes_url
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * jwks_uri
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * Amazon Cognito sets the value of the following keys automatically. They
- * are read-only.
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * attributes_url_add_attributes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * For SAML providers:
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * MetadataFile or MetadataURL
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * IDPSignout optional
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * The IdP details. The following list describes the provider detail
- * keys for each IdP type.
+ * The scopes, URLs, and identifiers for your external identity
+ * provider. The following examples describe the provider detail
+ * keys for each IdP type. These values and their schema are subject
+ * to change. Social IdP authorize_scopes values must
+ * match the values listed here.
*
- * For Google and Login with Amazon:
+ * Amazon Cognito accepts the following elements when it can't
+ * discover endpoint URLs from oidc_issuer:
+ * attributes_url, authorize_url,
+ * jwks_uri, token_url.
*
- * client_id
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * authorize_scopes
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * For Facebook:
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * client_id
+ * The value of MetadataFile must be the plaintext
+ * metadata document with all quote (") characters escaped by
+ * backslashes.
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * authorize_scopes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * api_version
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * For Sign in with Apple:
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * client_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * team_id
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * key_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * private_key
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * You can submit a private_key when you add or update an IdP.
- * Describe operations don't return the private key.
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * authorize_scopes - *
- *- * For OIDC providers: - *
- *- * client_id - *
- *- * client_secret - *
- *- * attributes_request_method - *
- *- * oidc_issuer - *
- *- * authorize_scopes - *
- *
- * The following keys are only present if Amazon Cognito didn't
- * discover them at the oidc_issuer URL.
- *
- * authorize_url - *
- *- * token_url - *
- *- * attributes_url - *
- *- * jwks_uri - *
- *- * Amazon Cognito sets the value of the following keys - * automatically. They are read-only. - *
- *- * attributes_url_add_attributes - *
- *- * For SAML providers: - *
- *- * MetadataFile or MetadataURL - *
- *- * IDPSignout optional - *
- *- * The IdP details. The following list describes the provider detail keys - * for each IdP type. - *
- *- * For Google and Login with Amazon: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * For Facebook: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * api_version - *
- *- * For Sign in with Apple: - *
- *- * client_id - *
- *- * team_id - *
- *- * key_id - *
- *- * private_key - *
- *- * You can submit a private_key when you add or update an IdP. Describe - * operations don't return the private key. - *
- *- * authorize_scopes - *
- *
- * For OIDC providers:
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
- * client_id
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
*
- * client_secret
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * attributes_request_method
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * oidc_issuer
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * authorize_scopes
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * The following keys are only present if Amazon Cognito didn't discover
- * them at the oidc_issuer URL.
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
*
- * authorize_url
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * token_url
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * attributes_url
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * jwks_uri
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * Amazon Cognito sets the value of the following keys automatically. They
- * are read-only.
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * attributes_url_add_attributes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * For SAML providers:
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * MetadataFile or MetadataURL
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * IDPSignout optional
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * The IdP details. The following list describes the provider
- * detail keys for each IdP type.
+ * The scopes, URLs, and identifiers for your external identity
+ * provider. The following examples describe the provider detail
+ * keys for each IdP type. These values and their schema are
+ * subject to change. Social IdP authorize_scopes
+ * values must match the values listed here.
*
- * For Google and Login with Amazon:
+ * Amazon Cognito accepts the following elements when it can't
+ * discover endpoint URLs from oidc_issuer:
+ * attributes_url, authorize_url,
+ * jwks_uri, token_url.
*
- * client_id
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * authorize_scopes
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * For Facebook:
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * client_id
+ * The value of MetadataFile must be the plaintext
+ * metadata document with all quote (") characters escaped by
+ * backslashes.
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * authorize_scopes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * api_version
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * For Sign in with Apple:
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * client_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * team_id
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * key_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * private_key
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * You can submit a private_key when you add or update an IdP.
- * Describe operations don't return the private key.
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * authorize_scopes - *
- *- * For OIDC providers: - *
- *- * client_id - *
- *- * client_secret - *
- *- * attributes_request_method - *
- *- * oidc_issuer - *
- *- * authorize_scopes - *
- *
- * The following keys are only present if Amazon Cognito didn't
- * discover them at the oidc_issuer URL.
- *
- * authorize_url - *
- *- * token_url - *
- *- * attributes_url - *
- *- * jwks_uri - *
- *- * Amazon Cognito sets the value of the following keys - * automatically. They are read-only. - *
- *- * attributes_url_add_attributes - *
- *- * For SAML providers: - *
- *- * MetadataFile or MetadataURL - *
- *- * IDPSignout optional - *
- *- * The IdP details. The following list describes the provider detail keys - * for each IdP type. - *
- *- * For Google and Login with Amazon: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * For Facebook: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * api_version - *
- *- * For Sign in with Apple: - *
- *- * client_id - *
- *- * team_id - *
- *- * key_id - *
- *- * private_key - *
- *- * You can submit a private_key when you add or update an IdP. Describe - * operations don't return the private key. - *
- *- * authorize_scopes - *
- *
- * For OIDC providers:
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
- * client_id
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
*
- * client_secret
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * attributes_request_method
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * oidc_issuer
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * authorize_scopes
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * The following keys are only present if Amazon Cognito didn't discover
- * them at the oidc_issuer URL.
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
*
- * authorize_url
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * token_url
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * attributes_url
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * jwks_uri
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * Amazon Cognito sets the value of the following keys automatically. They
- * are read-only.
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * attributes_url_add_attributes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * For SAML providers:
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * MetadataFile or MetadataURL
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * IDPSignout optional
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
* Returns a reference to this object so that method calls can be chained * together. * * @param providerDetails
- * The IdP details. The following list describes the provider
- * detail keys for each IdP type.
+ * The scopes, URLs, and identifiers for your external identity
+ * provider. The following examples describe the provider detail
+ * keys for each IdP type. These values and their schema are
+ * subject to change. Social IdP authorize_scopes
+ * values must match the values listed here.
*
- * For Google and Login with Amazon:
+ * Amazon Cognito accepts the following elements when it can't
+ * discover endpoint URLs from oidc_issuer:
+ * attributes_url, authorize_url,
+ * jwks_uri, token_url.
*
- * client_id
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * authorize_scopes
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * For Facebook:
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * client_id
+ * The value of MetadataFile must be the plaintext
+ * metadata document with all quote (") characters escaped by
+ * backslashes.
*
- * client_secret
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * authorize_scopes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * api_version
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * For Sign in with Apple:
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * client_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * team_id
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * key_id
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * private_key
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * You can submit a private_key when you add or update an IdP.
- * Describe operations don't return the private key.
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
- * authorize_scopes - *
- *- * For OIDC providers: - *
- *- * client_id - *
- *- * client_secret - *
- *- * attributes_request_method - *
- *- * oidc_issuer - *
- *- * authorize_scopes - *
- *
- * The following keys are only present if Amazon Cognito didn't
- * discover them at the oidc_issuer URL.
- *
- * authorize_url - *
- *- * token_url - *
- *- * attributes_url - *
- *- * jwks_uri - *
- *- * Amazon Cognito sets the value of the following keys - * automatically. They are read-only. - *
- *- * attributes_url_add_attributes - *
- *- * For SAML providers: - *
- *- * MetadataFile or MetadataURL - *
- *- * IDPSignout optional - *
- *- * The IdP details. The following list describes the provider detail keys - * for each IdP type. - *
- *- * For Google and Login with Amazon: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * For Facebook: - *
- *- * client_id - *
- *- * client_secret - *
- *- * authorize_scopes - *
- *- * api_version - *
- *- * For Sign in with Apple: - *
- *- * client_id - *
- *- * team_id - *
- *- * key_id - *
- *- * private_key - *
- *- * You can submit a private_key when you add or update an IdP. Describe - * operations don't return the private key. - *
- *- * authorize_scopes - *
- *
- * For OIDC providers:
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
- * client_id
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
*
- * client_secret
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * attributes_request_method
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
*
- * oidc_issuer
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * authorize_scopes
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
*
- * The following keys are only present if Amazon Cognito didn't discover
- * them at the oidc_issuer URL.
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
*
- * authorize_url
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
*
- * token_url
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
*
- * attributes_url
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
- * jwks_uri
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
- * Amazon Cognito sets the value of the following keys automatically. They
- * are read-only.
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
*
- * attributes_url_add_attributes
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
*
- * For SAML providers:
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
- * MetadataFile or MetadataURL
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
- * IDPSignout optional
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
* The method adds a new key-value pair into ProviderDetails parameter, and
* returns a reference to this object so that method calls can be chained
@@ -1978,15 +1240,16 @@ public IdentityProviderType withIdpIdentifiers(java.util.Collection
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param lastModifiedDate
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param creationDate
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
*
@@ -251,11 +251,6 @@ public class InitiateAuthRequest extends AmazonWebServiceRequest implements Seri * Define auth challenge *
* - *- * Verify auth challenge - *
- *
* For more information, see
*
- *
- * Verify auth challenge
- *
* For more information, see
*
- *
- * Verify auth challenge
- *
* For more information, see getClientMetadata() {
* Define auth challenge
*
- * Verify auth challenge
- *
* For more information, see getClientMetadata() {
* Define auth challenge
*
- * Verify auth challenge
- *
* For more information, see clientMetadata) {
* Define auth challenge
*
- * Verify auth challenge
- *
* For more information, see clientMetadata) {
* Define auth challenge
*
- * Verify auth challenge
- *
* For more information, see clie
* Define auth challenge
*
- * Verify auth challenge
- *
* Valid values include the following:
@@ -101,7 +101,7 @@ public class InitiateAuthResult implements Serializable {
*
*
* To set up software token MFA, use the session returned here from
@@ -165,8 +165,8 @@ public class InitiateAuthResult implements Serializable {
/**
*
* The name of the challenge that you're responding to with this call. This
- * name is returned in the
* Valid values include the following:
@@ -240,7 +240,7 @@ public class InitiateAuthResult implements Serializable {
*
*
* To set up software token MFA, use the session returned here from
@@ -263,7 +263,7 @@ public class InitiateAuthResult implements Serializable {
*
* @return
* The name of the challenge that you're responding to with this
- * call. This name is returned in the
@@ -342,7 +342,7 @@ public class InitiateAuthResult implements Serializable {
*
* To set up software token MFA, use the session returned here from
@@ -366,8 +366,8 @@ public String getChallengeName() {
/**
*
* The name of the challenge that you're responding to with this call. This
- * name is returned in the
* Valid values include the following:
@@ -441,7 +441,7 @@ public String getChallengeName() {
*
*
* To set up software token MFA, use the session returned here from
@@ -464,9 +464,8 @@ public String getChallengeName() {
*
* @param challengeName
* The name of the challenge that you're responding to with this
- * call. This name is returned in the
- *
* Valid values include the following:
@@ -545,7 +544,7 @@ public String getChallengeName() {
*
* To set up software token MFA, use the session returned here
@@ -569,8 +568,8 @@ public void setChallengeName(String challengeName) {
/**
*
* The name of the challenge that you're responding to with this call. This
- * name is returned in the
* Valid values include the following:
@@ -644,7 +643,7 @@ public void setChallengeName(String challengeName) {
*
*
* To set up software token MFA, use the session returned here from
@@ -670,9 +669,8 @@ public void setChallengeName(String challengeName) {
*
* @param challengeName
* The name of the challenge that you're responding to with this
- * call. This name is returned in the
- *
* Valid values include the following:
@@ -751,7 +749,7 @@ public void setChallengeName(String challengeName) {
*
* To set up software token MFA, use the session returned here
@@ -778,8 +776,8 @@ public InitiateAuthResult withChallengeName(String challengeName) {
/**
*
* The name of the challenge that you're responding to with this call. This
- * name is returned in the
* Valid values include the following:
@@ -853,7 +851,7 @@ public InitiateAuthResult withChallengeName(String challengeName) {
*
*
* To set up software token MFA, use the session returned here from
@@ -876,9 +874,8 @@ public InitiateAuthResult withChallengeName(String challengeName) {
*
* @param challengeName
* The name of the challenge that you're responding to with this
- * call. This name is returned in the
- *
* Valid values include the following:
@@ -957,7 +954,7 @@ public InitiateAuthResult withChallengeName(String challengeName) {
*
* To set up software token MFA, use the session returned here
@@ -981,8 +978,8 @@ public void setChallengeName(ChallengeNameType challengeName) {
/**
*
* The name of the challenge that you're responding to with this call. This
- * name is returned in the
* Valid values include the following:
@@ -1056,7 +1053,7 @@ public void setChallengeName(ChallengeNameType challengeName) {
*
*
* To set up software token MFA, use the session returned here from
@@ -1082,9 +1079,8 @@ public void setChallengeName(ChallengeNameType challengeName) {
*
* @param challengeName
* The name of the challenge that you're responding to with this
- * call. This name is returned in the
- *
* Valid values include the following:
@@ -1163,7 +1159,7 @@ public void setChallengeName(ChallengeNameType challengeName) {
*
* To set up software token MFA, use the session returned here
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InternalErrorException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InternalErrorException.java
index e698f38f6c..9d135f7812 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InternalErrorException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InternalErrorException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidEmailRoleAccessPolicyException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidEmailRoleAccessPolicyException.java
index ade3ebd7bf..b73e3d4f62 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidEmailRoleAccessPolicyException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidEmailRoleAccessPolicyException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidLambdaResponseException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidLambdaResponseException.java
index 4e1159651f..7d7a5adf8b 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidLambdaResponseException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidLambdaResponseException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidOAuthFlowException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidOAuthFlowException.java
index 3c0cde360e..029533a701 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidOAuthFlowException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidOAuthFlowException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidParameterException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidParameterException.java
index 6819aec1b7..8493b65468 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidParameterException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidParameterException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidPasswordException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidPasswordException.java
index 8be8af4c69..fa5ec036e1 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidPasswordException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidPasswordException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidSmsRoleAccessPolicyException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidSmsRoleAccessPolicyException.java
index 7f6c7a1eda..00c35d4350 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidSmsRoleAccessPolicyException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidSmsRoleAccessPolicyException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidSmsRoleTrustRelationshipException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidSmsRoleTrustRelationshipException.java
index c400e4c834..97cef468fb 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidSmsRoleTrustRelationshipException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidSmsRoleTrustRelationshipException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidUserPoolConfigurationException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidUserPoolConfigurationException.java
index b6e7b23a85..4436e82ec0 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidUserPoolConfigurationException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/InvalidUserPoolConfigurationException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/LambdaConfigType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/LambdaConfigType.java
index ab2af8d60d..1b23363b46 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/LambdaConfigType.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/LambdaConfigType.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -129,7 +129,18 @@ public class LambdaConfigType implements Serializable {
/**
*
- * A Lambda trigger that is invoked before token generation.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
+ *
+ * Set this parameter for legacy purposes. If you also set an ARN in
+ *
+ * You can set
* Constraints:
+ * The detailed configuration of a pre token generation trigger. If you also
+ * set an ARN in
* A custom SMS sender Lambda trigger.
@@ -689,7 +709,18 @@ public LambdaConfigType withVerifyAuthChallengeResponse(String verifyAuthChallen
/**
*
- * A Lambda trigger that is invoked before token generation.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
+ *
+ * Set this parameter for legacy purposes. If you also set an ARN in
+ *
+ * You can set
* Constraints:
- * A Lambda trigger that is invoked before token generation.
+ * The Amazon Resource Name (ARN) of the function that you want to
+ * assign to your Lambda trigger.
+ *
+ * Set this parameter for legacy purposes. If you also set an ARN in
+ *
+ * You can set
- * A Lambda trigger that is invoked before token generation.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
+ *
+ * Set this parameter for legacy purposes. If you also set an ARN in
+ *
+ * You can set
* Constraints:
- * A Lambda trigger that is invoked before token generation.
+ * The Amazon Resource Name (ARN) of the function that you want
+ * to assign to your Lambda trigger.
+ *
+ * Set this parameter for legacy purposes. If you also set an ARN
+ * in
+ * You can set
- * A Lambda trigger that is invoked before token generation.
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
+ *
+ * Set this parameter for legacy purposes. If you also set an ARN in
+ *
+ * You can set
* Returns a reference to this object so that method calls can be chained
@@ -740,7 +816,19 @@ public void setPreTokenGeneration(String preTokenGeneration) {
* /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
- * A Lambda trigger that is invoked before token generation.
+ * The Amazon Resource Name (ARN) of the function that you want
+ * to assign to your Lambda trigger.
+ *
+ * Set this parameter for legacy purposes. If you also set an ARN
+ * in
+ * You can set
+ * The detailed configuration of a pre token generation trigger. If you also
+ * set an ARN in
+ * The detailed configuration of a pre token generation trigger. If
+ * you also set an ARN in
+ * The detailed configuration of a pre token generation trigger. If you also
+ * set an ARN in
+ * The detailed configuration of a pre token generation trigger.
+ * If you also set an ARN in
+ * The detailed configuration of a pre token generation trigger. If you also
+ * set an ARN in
+ * Returns a reference to this object so that method calls can be chained
+ * together.
+ *
+ * @param preTokenGenerationConfig
+ * The detailed configuration of a pre token generation trigger.
+ * If you also set an ARN in
* A custom SMS sender Lambda trigger.
@@ -1019,6 +1168,8 @@ public String toString() {
sb.append("PreTokenGeneration: " + getPreTokenGeneration() + ",");
if (getUserMigration() != null)
sb.append("UserMigration: " + getUserMigration() + ",");
+ if (getPreTokenGenerationConfig() != null)
+ sb.append("PreTokenGenerationConfig: " + getPreTokenGenerationConfig() + ",");
if (getCustomSMSSender() != null)
sb.append("CustomSMSSender: " + getCustomSMSSender() + ",");
if (getCustomEmailSender() != null)
@@ -1055,6 +1206,10 @@ public int hashCode() {
+ ((getPreTokenGeneration() == null) ? 0 : getPreTokenGeneration().hashCode());
hashCode = prime * hashCode
+ ((getUserMigration() == null) ? 0 : getUserMigration().hashCode());
+ hashCode = prime
+ * hashCode
+ + ((getPreTokenGenerationConfig() == null) ? 0 : getPreTokenGenerationConfig()
+ .hashCode());
hashCode = prime * hashCode
+ ((getCustomSMSSender() == null) ? 0 : getCustomSMSSender().hashCode());
hashCode = prime * hashCode
@@ -1126,6 +1281,12 @@ public boolean equals(Object obj) {
if (other.getUserMigration() != null
&& other.getUserMigration().equals(this.getUserMigration()) == false)
return false;
+ if (other.getPreTokenGenerationConfig() == null
+ ^ this.getPreTokenGenerationConfig() == null)
+ return false;
+ if (other.getPreTokenGenerationConfig() != null
+ && other.getPreTokenGenerationConfig().equals(this.getPreTokenGenerationConfig()) == false)
+ return false;
if (other.getCustomSMSSender() == null ^ this.getCustomSMSSender() == null)
return false;
if (other.getCustomSMSSender() != null
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/LimitExceededException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/LimitExceededException.java
index b353a1c3fe..a351c7c27b 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/LimitExceededException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/LimitExceededException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListDevicesRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListDevicesRequest.java
index 98c7e34e93..276c9bd22e 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListDevicesRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListDevicesRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -22,7 +22,13 @@
/**
*
* Lists the sign-in devices that Amazon Cognito has registered to the current
- * user.
+ * user. For more information about device authentication, see Working with user devices in your user pool.
+ *
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope
@@ -32,7 +38,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpointsMFA_SETUP: For users who are required to setup an MFA factor
* before they can sign in. The MFA types activated for the user pool will
- * be listed in the challenge parameters MFA_CAN_SETUP value.
+ * be listed in the challenge parameters MFAS_CAN_SETUP value.
* AdminInitiateAuth response if you
- * must pass another challenge.
+ * name is returned in the InitiateAuth response if you must
+ * pass another challenge.
* MFA_SETUP: For users who are required to setup an MFA factor
* before they can sign in. The MFA types activated for the user pool will
- * be listed in the challenge parameters MFA_CAN_SETUP value.
+ * be listed in the challenge parameters MFAS_CAN_SETUP value.
* AdminInitiateAuth
+ * call. This name is returned in the InitiateAuth
* response if you must pass another challenge.
* MFA_SETUP: For users who are required to setup an
* MFA factor before they can sign in. The MFA types activated for
* the user pool will be listed in the challenge parameters
- * MFA_CAN_SETUP value.
+ * MFAS_CAN_SETUP value.
* AdminInitiateAuth response if you
- * must pass another challenge.
+ * name is returned in the InitiateAuth response if you must
+ * pass another challenge.
* MFA_SETUP: For users who are required to setup an MFA factor
* before they can sign in. The MFA types activated for the user pool will
- * be listed in the challenge parameters MFA_CAN_SETUP value.
+ * be listed in the challenge parameters MFAS_CAN_SETUP value.
* AdminInitiateAuth response if you must pass
- * another challenge.
+ * call. This name is returned in the InitiateAuth
+ * response if you must pass another challenge.
* MFA_SETUP: For users who are required to setup an
* MFA factor before they can sign in. The MFA types activated
* for the user pool will be listed in the challenge parameters
- * MFA_CAN_SETUP value.
+ * MFAS_CAN_SETUP value.
* AdminInitiateAuth response if you
- * must pass another challenge.
+ * name is returned in the InitiateAuth response if you must
+ * pass another challenge.
* MFA_SETUP: For users who are required to setup an MFA factor
* before they can sign in. The MFA types activated for the user pool will
- * be listed in the challenge parameters MFA_CAN_SETUP value.
+ * be listed in the challenge parameters MFAS_CAN_SETUP value.
* AdminInitiateAuth response if you must pass
- * another challenge.
+ * call. This name is returned in the InitiateAuth
+ * response if you must pass another challenge.
* MFA_SETUP: For users who are required to setup an
* MFA factor before they can sign in. The MFA types activated
* for the user pool will be listed in the challenge parameters
- * MFA_CAN_SETUP value.
+ * MFAS_CAN_SETUP value.
* AdminInitiateAuth response if you
- * must pass another challenge.
+ * name is returned in the InitiateAuth response if you must
+ * pass another challenge.
* MFA_SETUP: For users who are required to setup an MFA factor
* before they can sign in. The MFA types activated for the user pool will
- * be listed in the challenge parameters MFA_CAN_SETUP value.
+ * be listed in the challenge parameters MFAS_CAN_SETUP value.
* AdminInitiateAuth response if you must pass
- * another challenge.
+ * call. This name is returned in the InitiateAuth
+ * response if you must pass another challenge.
* MFA_SETUP: For users who are required to setup an
* MFA factor before they can sign in. The MFA types activated
* for the user pool will be listed in the challenge parameters
- * MFA_CAN_SETUP value.
+ * MFAS_CAN_SETUP value.
* AdminInitiateAuth response if you
- * must pass another challenge.
+ * name is returned in the InitiateAuth response if you must
+ * pass another challenge.
* MFA_SETUP: For users who are required to setup an MFA factor
* before they can sign in. The MFA types activated for the user pool will
- * be listed in the challenge parameters MFA_CAN_SETUP value.
+ * be listed in the challenge parameters MFAS_CAN_SETUP value.
* AdminInitiateAuth response if you must pass
- * another challenge.
+ * call. This name is returned in the InitiateAuth
+ * response if you must pass another challenge.
* MFA_SETUP: For users who are required to setup an
* MFA factor before they can sign in. The MFA types activated
* for the user pool will be listed in the challenge parameters
- * MFA_CAN_SETUP value.
+ * MFAS_CAN_SETUP value.
* PreTokenGenerationConfig, its value must be identical to
+ * PreTokenGeneration. For new instances of pre token
+ * generation triggers, set the LambdaArn of
+ * PreTokenGenerationConfig.
+ *
*
@@ -153,6 +164,15 @@ public class LambdaConfigType implements Serializable {
*/
private String userMigration;
+ /**
+ * PreTokenGeneration, its value must be
+ * identical to PreTokenGenerationConfig.
+ * PreTokenGenerationConfig, its value must be identical to
+ * PreTokenGeneration. For new instances of pre token
+ * generation triggers, set the LambdaArn of
+ * PreTokenGenerationConfig.
+ *
*
@@ -699,7 +730,18 @@ public LambdaConfigType withVerifyAuthChallengeResponse(String verifyAuthChallen
* /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
*
* @return PreTokenGenerationConfig, its value must be
+ * identical to PreTokenGeneration. For new instances
+ * of pre token generation triggers, set the LambdaArn
+ * of PreTokenGenerationConfig.
+ *
* PreTokenGenerationConfig, its value must be identical to
+ * PreTokenGeneration. For new instances of pre token
+ * generation triggers, set the LambdaArn of
+ * PreTokenGenerationConfig.
+ *
*
@@ -718,7 +771,19 @@ public String getPreTokenGeneration() {
* /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
*
* @param preTokenGeneration PreTokenGenerationConfig, its value must be
+ * identical to PreTokenGeneration. For new
+ * instances of pre token generation triggers, set the
+ * LambdaArn of
+ * PreTokenGenerationConfig.
+ *
* PreTokenGenerationConfig, its value must be identical to
+ * PreTokenGeneration. For new instances of pre token
+ * generation triggers, set the LambdaArn of
+ * PreTokenGenerationConfig.
+ *
*
*
* @param preTokenGeneration PreTokenGenerationConfig, its value must be
+ * identical to PreTokenGeneration. For new
+ * instances of pre token generation triggers, set the
+ * LambdaArn of
+ * PreTokenGenerationConfig.
+ *
* PreTokenGeneration, its value must be
+ * identical to PreTokenGenerationConfig.
+ * PreTokenGeneration, its value
+ * must be identical to PreTokenGenerationConfig.
+ * PreTokenGeneration, its value must be
+ * identical to PreTokenGenerationConfig.
+ * PreTokenGeneration, its
+ * value must be identical to
+ * PreTokenGenerationConfig.
+ * PreTokenGeneration, its value must be
+ * identical to PreTokenGenerationConfig.
+ * PreTokenGeneration, its
+ * value must be identical to
+ * PreTokenGenerationConfig.
+ * aws.cognito.signin.user.admin.
*
- * The pagination token for the list request. + * This API operation returns a limited number of results. The pagination + * token is an identifier that you can present in an additional API request + * with the same parameters. When you include the pagination token, Amazon + * Cognito returns the next set of items after the current list. Subsequent + * requests return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
*
* Constraints:
@@ -185,7 +196,12 @@ public ListDevicesRequest withLimit(Integer limit) {
/**
*
- * The pagination token for the list request. + * This API operation returns a limited number of results. The pagination + * token is an identifier that you can present in an additional API request + * with the same parameters. When you include the pagination token, Amazon + * Cognito returns the next set of items after the current list. Subsequent + * requests return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
*
* Constraints:
@@ -193,7 +209,13 @@ public ListDevicesRequest withLimit(Integer limit) {
* Pattern: [\S]+
*
* @return
- * The pagination token for the list request. + * This API operation returns a limited number of results. The + * pagination token is an identifier that you can present in an + * additional API request with the same parameters. When you include + * the pagination token, Amazon Cognito returns the next set of + * items after the current list. Subsequent requests return a new + * pagination token. By use of this token, you can paginate through + * the full list of items. *
*/ public String getPaginationToken() { @@ -202,7 +224,12 @@ public String getPaginationToken() { /** *- * The pagination token for the list request. + * This API operation returns a limited number of results. The pagination + * token is an identifier that you can present in an additional API request + * with the same parameters. When you include the pagination token, Amazon + * Cognito returns the next set of items after the current list. Subsequent + * requests return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
*
* Constraints:
@@ -210,7 +237,13 @@ public String getPaginationToken() {
* Pattern: [\S]+
*
* @param paginationToken
- * The pagination token for the list request. + * This API operation returns a limited number of results. The + * pagination token is an identifier that you can present in an + * additional API request with the same parameters. When you + * include the pagination token, Amazon Cognito returns the next + * set of items after the current list. Subsequent requests + * return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
*/ public void setPaginationToken(String paginationToken) { @@ -219,7 +252,12 @@ public void setPaginationToken(String paginationToken) { /** *- * The pagination token for the list request. + * This API operation returns a limited number of results. The pagination + * token is an identifier that you can present in an additional API request + * with the same parameters. When you include the pagination token, Amazon + * Cognito returns the next set of items after the current list. Subsequent + * requests return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
*
* Returns a reference to this object so that method calls can be chained
@@ -230,7 +268,13 @@ public void setPaginationToken(String paginationToken) {
* Pattern: [\S]+
*
* @param paginationToken
- * The pagination token for the list request. + * This API operation returns a limited number of results. The + * pagination token is an identifier that you can present in an + * additional API request with the same parameters. When you + * include the pagination token, Amazon Cognito returns the next + * set of items after the current list. Subsequent requests + * return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
* @return A reference to this updated object so that method calls can be * chained together. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListDevicesResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListDevicesResult.java index 911a78a507..e3c1ceb844 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListDevicesResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListDevicesResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -32,7 +32,10 @@ public class ListDevicesResult implements Serializable { /** *- * The pagination token for the list device response. + * The identifier that Amazon Cognito returned with the previous request to + * this operation. When you include a pagination token in your request, + * Amazon Cognito returns the next set of items in the list. By use of this + * token, you can paginate through the full list of items. *
*
* Constraints:
- * The pagination token for the list device response.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Constraints:
- * The pagination token for the list device response.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token in
+ * your request, Amazon Cognito returns the next set of items in the
+ * list. By use of this token, you can paginate through the full
+ * list of items.
*
- * The pagination token for the list device response.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Constraints:
- * The pagination token for the list device response.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token
+ * in your request, Amazon Cognito returns the next set of items
+ * in the list. By use of this token, you can paginate through
+ * the full list of items.
*
- * The pagination token for the list device response.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Returns a reference to this object so that method calls can be chained
@@ -162,7 +182,11 @@ public void setPaginationToken(String paginationToken) {
* Pattern: [\S]+
- * The pagination token for the list device response.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token
+ * in your request, Amazon Cognito returns the next set of items
+ * in the list. By use of this token, you can paginate through
+ * the full list of items.
*
* Constraints:
* Constraints:
@@ -223,7 +223,7 @@ public String getNextToken() {
*
* Constraints:
@@ -246,7 +246,7 @@ public void setNextToken(String nextToken) {
* together.
*
* Constraints:
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListGroupsResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListGroupsResult.java
index 63d107213c..15a556832d 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListGroupsResult.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListGroupsResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -32,7 +32,7 @@ public class ListGroupsResult implements Serializable {
*
* Constraints:
* Constraints:
@@ -138,7 +138,7 @@ public String getNextToken() {
*
* Constraints:
@@ -161,7 +161,7 @@ public void setNextToken(String nextToken) {
* together.
*
* Constraints:
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListIdentityProvidersRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListIdentityProvidersRequest.java
index 38ef81b19e..d77f367066 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListIdentityProvidersRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListIdentityProvidersRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListIdentityProvidersResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListIdentityProvidersResult.java
index aa1ec943cf..0decc96554 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListIdentityProvidersResult.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListIdentityProvidersResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListResourceServersRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListResourceServersRequest.java
index 84a0f54ab0..f9d48a3614 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListResourceServersRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListResourceServersRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListResourceServersResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListResourceServersResult.java
index 345af5aec9..0636f18e2f 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListResourceServersResult.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListResourceServersResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListTagsForResourceRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListTagsForResourceRequest.java
index f4940836c3..f385675baa 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListTagsForResourceRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListTagsForResourceRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListTagsForResourceResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListTagsForResourceResult.java
index 3b2f873e75..66b9191392 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListTagsForResourceResult.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListTagsForResourceResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserImportJobsRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserImportJobsRequest.java
index f80905eb74..191300ecf2 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserImportJobsRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserImportJobsRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -76,9 +76,12 @@ public class ListUserImportJobsRequest extends AmazonWebServiceRequest implement
/**
*
- * An identifier that was returned from the previous call to
- *
* Constraints:
- * An identifier that was returned from the previous call to
- *
* Constraints:
- * An identifier that was returned from the previous call to
- *
- * An identifier that was returned from the previous call to
- *
* Constraints:
- * An identifier that was returned from the previous call to
- *
- * An identifier that was returned from the previous call to
- *
* Returns a reference to this object so that method calls can be chained
@@ -263,9 +283,13 @@ public void setPaginationToken(String paginationToken) {
* Pattern: [\S]+
- * An identifier that was returned from the previous call to
- *
- * An identifier that can be used to return the next set of user import jobs
- * in the list.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Constraints:
- * An identifier that can be used to return the next set of user import jobs
- * in the list.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Constraints:
- * An identifier that can be used to return the next set of user
- * import jobs in the list.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token in
+ * your request, Amazon Cognito returns the next set of items in the
+ * list. By use of this token, you can paginate through the full
+ * list of items.
*
- * An identifier that can be used to return the next set of user import jobs
- * in the list.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Constraints:
- * An identifier that can be used to return the next set of user
- * import jobs in the list.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token
+ * in your request, Amazon Cognito returns the next set of items
+ * in the list. By use of this token, you can paginate through
+ * the full list of items.
*
- * An identifier that can be used to return the next set of user import jobs
- * in the list.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Returns a reference to this object so that method calls can be chained
@@ -170,8 +184,11 @@ public void setPaginationToken(String paginationToken) {
* Pattern: [\S]+
- * An identifier that can be used to return the next set of user
- * import jobs in the list.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token
+ * in your request, Amazon Cognito returns the next set of items
+ * in the list. By use of this token, you can paginate through
+ * the full list of items.
*
@@ -117,7 +120,10 @@ public ListDevicesResult withDevices(java.util.Collection
@@ -125,7 +131,11 @@ public ListDevicesResult withDevices(java.util.Collection
*
* @return
@@ -142,7 +155,11 @@ public String getPaginationToken() {
* Pattern: [\S]+
*
* @param paginationToken
*
* @param paginationToken
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*/
private String nextToken;
@@ -203,7 +203,7 @@ public ListGroupsRequest withLimit(Integer limit) {
*
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @return
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*/
private String nextToken;
@@ -118,7 +118,7 @@ public ListGroupsResult withGroups(java.util.Collection
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @return
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken ListUserImportJobs, which can be used to return the next set
- * of import jobs in the list.
+ * This API operation returns a limited number of results. The pagination
+ * token is an identifier that you can present in an additional API request
+ * with the same parameters. When you include the pagination token, Amazon
+ * Cognito returns the next set of items after the current list. Subsequent
+ * requests return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
@@ -208,9 +211,12 @@ public ListUserImportJobsRequest withMaxResults(Integer maxResults) {
/**
* ListUserImportJobs, which can be used to return the next set
- * of import jobs in the list.
+ * This API operation returns a limited number of results. The pagination
+ * token is an identifier that you can present in an additional API request
+ * with the same parameters. When you include the pagination token, Amazon
+ * Cognito returns the next set of items after the current list. Subsequent
+ * requests return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
@@ -218,9 +224,13 @@ public ListUserImportJobsRequest withMaxResults(Integer maxResults) {
* Pattern: [\S]+
*
* @return ListUserImportJobs, which can be used to return the
- * next set of import jobs in the list.
+ * This API operation returns a limited number of results. The
+ * pagination token is an identifier that you can present in an
+ * additional API request with the same parameters. When you include
+ * the pagination token, Amazon Cognito returns the next set of
+ * items after the current list. Subsequent requests return a new
+ * pagination token. By use of this token, you can paginate through
+ * the full list of items.
* ListUserImportJobs, which can be used to return the next set
- * of import jobs in the list.
+ * This API operation returns a limited number of results. The pagination
+ * token is an identifier that you can present in an additional API request
+ * with the same parameters. When you include the pagination token, Amazon
+ * Cognito returns the next set of items after the current list. Subsequent
+ * requests return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
@@ -239,9 +252,13 @@ public String getPaginationToken() {
* Pattern: [\S]+
*
* @param paginationToken ListUserImportJobs, which can be used to return
- * the next set of import jobs in the list.
+ * This API operation returns a limited number of results. The
+ * pagination token is an identifier that you can present in an
+ * additional API request with the same parameters. When you
+ * include the pagination token, Amazon Cognito returns the next
+ * set of items after the current list. Subsequent requests
+ * return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
* ListUserImportJobs, which can be used to return the next set
- * of import jobs in the list.
+ * This API operation returns a limited number of results. The pagination
+ * token is an identifier that you can present in an additional API request
+ * with the same parameters. When you include the pagination token, Amazon
+ * Cognito returns the next set of items after the current list. Subsequent
+ * requests return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
*
* @param paginationToken ListUserImportJobs, which can be used to return
- * the next set of import jobs in the list.
+ * This API operation returns a limited number of results. The
+ * pagination token is an identifier that you can present in an
+ * additional API request with the same parameters. When you
+ * include the pagination token, Amazon Cognito returns the next
+ * set of items after the current list. Subsequent requests
+ * return a new pagination token. By use of this token, you can
+ * paginate through the full list of items.
*
@@ -120,8 +122,10 @@ public ListUserImportJobsResult withUserImportJobs(
/**
*
@@ -129,8 +133,11 @@ public ListUserImportJobsResult withUserImportJobs(
* Pattern: [\S]+
*
* @return
@@ -148,8 +157,11 @@ public String getPaginationToken() {
* Pattern: [\S]+
*
* @param paginationToken
*
* @param paginationToken
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*/
private String nextToken;
@@ -217,7 +217,7 @@ public ListUserPoolClientsRequest withMaxResults(Integer maxResults) {
*
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @return
@@ -237,7 +237,7 @@ public String getNextToken() { *
*
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
@@ -260,7 +260,7 @@ public void setNextToken(String nextToken) { * together. *
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolClientsResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolClientsResult.java index 072a18ab4c..baf3c2b6ef 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolClientsResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolClientsResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -37,7 +37,7 @@ public class ListUserPoolClientsResult implements Serializable { *
*
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*/
private String nextToken;
@@ -130,7 +130,7 @@ public ListUserPoolClientsResult withUserPoolClients(
*
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @return
@@ -150,7 +150,7 @@ public String getNextToken() { *
*
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
@@ -173,7 +173,7 @@ public void setNextToken(String nextToken) { * together. *
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolsRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolsRequest.java index f85783b17c..7a6f837ee4 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolsRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolsRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolsResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolsResult.java index b14e3c513b..aa7dfc7895 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolsResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUserPoolsResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersInGroupRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersInGroupRequest.java index a70d6df028..c782f7532c 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersInGroupRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersInGroupRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -76,7 +76,7 @@ public class ListUsersInGroupRequest extends AmazonWebServiceRequest implements /** *
- * The limit of the request to list users. + * The maximum number of users that you want to retrieve before pagination. *
*
* Constraints:
@@ -91,7 +91,7 @@ public class ListUsersInGroupRequest extends AmazonWebServiceRequest implements
*
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*/
private String nextToken;
@@ -212,14 +212,15 @@ public ListUsersInGroupRequest withGroupName(String groupName) {
/**
*
- * The limit of the request to list users. + * The maximum number of users that you want to retrieve before pagination. *
*
* Constraints:
* Range: 0 - 60
*
* @return
- * The limit of the request to list users. + * The maximum number of users that you want to retrieve before + * pagination. *
*/ public Integer getLimit() { @@ -228,14 +229,15 @@ public Integer getLimit() { /** *- * The limit of the request to list users. + * The maximum number of users that you want to retrieve before pagination. *
*
* Constraints:
* Range: 0 - 60
*
* @param limit
- * The limit of the request to list users. + * The maximum number of users that you want to retrieve before + * pagination. *
*/ public void setLimit(Integer limit) { @@ -244,7 +246,7 @@ public void setLimit(Integer limit) { /** *- * The limit of the request to list users. + * The maximum number of users that you want to retrieve before pagination. *
*
* Returns a reference to this object so that method calls can be chained
@@ -254,7 +256,8 @@ public void setLimit(Integer limit) {
* Range: 0 - 60
*
* @param limit
- * The limit of the request to list users. + * The maximum number of users that you want to retrieve before + * pagination. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -271,7 +274,7 @@ public ListUsersInGroupRequest withLimit(Integer limit) { * *
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @return
@@ -291,7 +294,7 @@ public String getNextToken() { *
*
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
@@ -314,7 +317,7 @@ public void setNextToken(String nextToken) { * together. *
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersInGroupResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersInGroupResult.java index 4dc238ecd8..cc3cfbc837 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersInGroupResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersInGroupResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ public class ListUsersInGroupResult implements Serializable { /** *
- * The users returned in the request to list users. + * A list of users in the group, and their attributes. *
*/ private java.util.List
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*/
private String nextToken;
/**
*
- * The users returned in the request to list users. + * A list of users in the group, and their attributes. *
* * @return- * The users returned in the request to list users. + * A list of users in the group, and their attributes. *
*/ public java.util.List- * The users returned in the request to list users. + * A list of users in the group, and their attributes. *
* * @param users- * The users returned in the request to list users. + * A list of users in the group, and their attributes. *
*/ public void setUsers(java.util.Collection- * The users returned in the request to list users. + * A list of users in the group, and their attributes. *
** Returns a reference to this object so that method calls can be chained * together. * * @param users
- * The users returned in the request to list users. + * A list of users in the group, and their attributes. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -94,14 +94,14 @@ public ListUsersInGroupResult withUsers(UserType... users) { /** *- * The users returned in the request to list users. + * A list of users in the group, and their attributes. *
** Returns a reference to this object so that method calls can be chained * together. * * @param users
- * The users returned in the request to list users. + * A list of users in the group, and their attributes. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -118,7 +118,7 @@ public ListUsersInGroupResult withUsers(java.util.Collection
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @return
@@ -137,7 +137,7 @@ public String getNextToken() { *
*
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
@@ -159,7 +159,7 @@ public void setNextToken(String nextToken) { * together. *
* Constraints:
- * Length: 1 -
+ * Length: 1 - 131072
* Pattern: [\S]+
*
* @param nextToken
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersRequest.java
index 55d7a0108a..02a8c5ea97 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ListUsersRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -71,6 +71,14 @@ public class ListUsersRequest extends AmazonWebServiceRequest implements Seriali
* When you don't provide an AttributesToGet parameter, Amazon
* Cognito returns all attributes for each user.
*
+ * Use AttributesToGet with required attributes in your user
+ * pool, or in conjunction with Filter. Amazon Cognito returns
+ * an error if not all users in the results have set a value for the
+ * attribute you request. Attributes that you can't filter on, including
+ * custom attributes, must have a value set in every user profile before an
+ * AttributesToGet parameter returns results.
+ *
- * An identifier that was returned from the previous call to this operation, - * which can be used to return the next set of items in the list. + * This API operation returns a limited number of results. The pagination + * token is an identifier that you can present in an additional API request + * with the same parameters. When you include the pagination token, Amazon + * Cognito returns the next set of items after the current list. Subsequent + * requests return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
*
* Constraints:
@@ -101,8 +113,8 @@ public class ListUsersRequest extends AmazonWebServiceRequest implements Seriali
* A filter string of the form
* "AttributeName Filter-Type "AttributeValue"".
* Quotation marks within the filter string must be escaped using the
- * backslash (\) character. For example, "family_name =
- * \"Reddy\"".
+ * backslash (\) character. For example,
+ * "family_name = \"Reddy\"".
*
- * Filter-Type: For an exact match, use =, for example, "
- * given_name = \"Jon\"". For a prefix ("starts with") match,
- * use ^=, for example, "given_name ^= \"Jon\"".
+ * Filter-Type: For an exact match, use =, for example,
+ * "given_name = \"Jon\"". For a prefix ("starts with") match,
+ * use ^=, for example, "given_name ^= \"Jon\"".
*
AttributesToGet parameter, Amazon
* Cognito returns all attributes for each user.
*
+ *
+ * Use AttributesToGet with required attributes in your user
+ * pool, or in conjunction with Filter. Amazon Cognito returns
+ * an error if not all users in the results have set a value for the
+ * attribute you request. Attributes that you can't filter on, including
+ * custom attributes, must have a value set in every user profile before an
+ * AttributesToGet parameter returns results.
+ *
* A JSON array of user attribute names, for example
@@ -300,6 +320,15 @@ public ListUsersRequest withUserPoolId(String userPoolId) {
* AttributesToGet parameter, Amazon Cognito returns
* all attributes for each user.
*
+ * Use AttributesToGet with required attributes in your
+ * user pool, or in conjunction with Filter. Amazon
+ * Cognito returns an error if not all users in the results have set
+ * a value for the attribute you request. Attributes that you can't
+ * filter on, including custom attributes, must have a value set in
+ * every user profile before an AttributesToGet
+ * parameter returns results.
+ *
AttributesToGet parameter, Amazon
* Cognito returns all attributes for each user.
*
+ *
+ * Use AttributesToGet with required attributes in your user
+ * pool, or in conjunction with Filter. Amazon Cognito returns
+ * an error if not all users in the results have set a value for the
+ * attribute you request. Attributes that you can't filter on, including
+ * custom attributes, must have a value set in every user profile before an
+ * AttributesToGet parameter returns results.
+ *
* A JSON array of user attribute names, for example
@@ -320,6 +357,15 @@ public java.util.ListAttributesToGet parameter, Amazon Cognito
* returns all attributes for each user.
*
+ * Use AttributesToGet with required attributes in
+ * your user pool, or in conjunction with Filter.
+ * Amazon Cognito returns an error if not all users in the
+ * results have set a value for the attribute you request.
+ * Attributes that you can't filter on, including custom
+ * attributes, must have a value set in every user profile before
+ * an AttributesToGet parameter returns results.
+ *
+ * Use AttributesToGet with required attributes in your user
+ * pool, or in conjunction with Filter. Amazon Cognito returns
+ * an error if not all users in the results have set a value for the
+ * attribute you request. Attributes that you can't filter on, including
+ * custom attributes, must have a value set in every user profile before an
+ * AttributesToGet parameter returns results.
+ *
* Returns a reference to this object so that method calls can be chained
* together.
*
@@ -348,6 +402,15 @@ public void setAttributesToGet(java.util.CollectionAttributesToGet parameter, Amazon Cognito
* returns all attributes for each user.
*
+ * Use AttributesToGet with required attributes in
+ * your user pool, or in conjunction with Filter.
+ * Amazon Cognito returns an error if not all users in the
+ * results have set a value for the attribute you request.
+ * Attributes that you can't filter on, including custom
+ * attributes, must have a value set in every user profile before
+ * an AttributesToGet parameter returns results.
+ *
+ * Use AttributesToGet with required attributes in your user
+ * pool, or in conjunction with Filter. Amazon Cognito returns
+ * an error if not all users in the results have set a value for the
+ * attribute you request. Attributes that you can't filter on, including
+ * custom attributes, must have a value set in every user profile before an
+ * AttributesToGet parameter returns results.
+ *
* Returns a reference to this object so that method calls can be chained
* together.
*
@@ -379,6 +450,15 @@ public ListUsersRequest withAttributesToGet(String... attributesToGet) {
* an AttributesToGet parameter, Amazon Cognito
* returns all attributes for each user.
*
+ * Use AttributesToGet with required attributes in
+ * your user pool, or in conjunction with Filter.
+ * Amazon Cognito returns an error if not all users in the
+ * results have set a value for the attribute you request.
+ * Attributes that you can't filter on, including custom
+ * attributes, must have a value set in every user profile before
+ * an AttributesToGet parameter returns results.
+ *
- * An identifier that was returned from the previous call to this operation, - * which can be used to return the next set of items in the list. + * This API operation returns a limited number of results. The pagination + * token is an identifier that you can present in an additional API request + * with the same parameters. When you include the pagination token, Amazon + * Cognito returns the next set of items after the current list. Subsequent + * requests return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
*
* Constraints:
@@ -452,9 +536,13 @@ public ListUsersRequest withLimit(Integer limit) {
* Pattern: [\S]+
*
* @return
- * An identifier that was returned from the previous call to this - * operation, which can be used to return the next set of items in - * the list. + * This API operation returns a limited number of results. The + * pagination token is an identifier that you can present in an + * additional API request with the same parameters. When you include + * the pagination token, Amazon Cognito returns the next set of + * items after the current list. Subsequent requests return a new + * pagination token. By use of this token, you can paginate through + * the full list of items. *
*/ public String getPaginationToken() { @@ -463,8 +551,12 @@ public String getPaginationToken() { /** *- * An identifier that was returned from the previous call to this operation, - * which can be used to return the next set of items in the list. + * This API operation returns a limited number of results. The pagination + * token is an identifier that you can present in an additional API request + * with the same parameters. When you include the pagination token, Amazon + * Cognito returns the next set of items after the current list. Subsequent + * requests return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
*
* Constraints:
@@ -472,9 +564,13 @@ public String getPaginationToken() {
* Pattern: [\S]+
*
* @param paginationToken
- * An identifier that was returned from the previous call to this - * operation, which can be used to return the next set of items - * in the list. + * This API operation returns a limited number of results. The + * pagination token is an identifier that you can present in an + * additional API request with the same parameters. When you + * include the pagination token, Amazon Cognito returns the next + * set of items after the current list. Subsequent requests + * return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
*/ public void setPaginationToken(String paginationToken) { @@ -483,8 +579,12 @@ public void setPaginationToken(String paginationToken) { /** *- * An identifier that was returned from the previous call to this operation, - * which can be used to return the next set of items in the list. + * This API operation returns a limited number of results. The pagination + * token is an identifier that you can present in an additional API request + * with the same parameters. When you include the pagination token, Amazon + * Cognito returns the next set of items after the current list. Subsequent + * requests return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
*
* Returns a reference to this object so that method calls can be chained
@@ -495,9 +595,13 @@ public void setPaginationToken(String paginationToken) {
* Pattern: [\S]+
*
* @param paginationToken
- * An identifier that was returned from the previous call to this - * operation, which can be used to return the next set of items - * in the list. + * This API operation returns a limited number of results. The + * pagination token is an identifier that you can present in an + * additional API request with the same parameters. When you + * include the pagination token, Amazon Cognito returns the next + * set of items after the current list. Subsequent requests + * return a new pagination token. By use of this token, you can + * paginate through the full list of items. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -512,8 +616,8 @@ public ListUsersRequest withPaginationToken(String paginationToken) { * A filter string of the form * "AttributeName Filter-Type "AttributeValue"". * Quotation marks within the filter string must be escaped using the - * backslash (\) character. For example, "family_name =
- * \"Reddy\"".
+ * backslash (\) character. For example,
+ * "family_name = \"Reddy\"".
*
*
- * Filter-Type: For an exact match, use =, for example, "
- * given_name = \"Jon\"". For a prefix ("starts with") match,
- * use ^=, for example, "given_name ^= \"Jon\"".
+ * Filter-Type: For an exact match, use =, for example,
+ * "given_name = \"Jon\"". For a prefix ("starts with") match,
+ * use ^=, for example, "given_name ^= \"Jon\"".
*
family_name = \"Reddy\"".
+ * must be escaped using the backslash (\) character.
+ * For example, "family_name = \"Reddy\"".
*
*
- * Filter-Type: For an exact match, use =, for example, "
- * given_name = \"Jon\"". For a prefix ("starts with")
- * match, use ^=, for example, "given_name ^= \"Jon\"".
+ * Filter-Type: For an exact match, use =, for
+ * example, "given_name = \"Jon\"
+ * ". For a prefix ("starts with") match, use ^=, for
+ * example, "given_name ^= \"Jon\"".
*
family_name =
- * \"Reddy\"".
+ * backslash (\) character. For example,
+ * "family_name = \"Reddy\"".
*
*
- * Filter-Type: For an exact match, use =, for example, "
- * given_name = \"Jon\"". For a prefix ("starts with") match,
- * use ^=, for example, "given_name ^= \"Jon\"".
+ * Filter-Type: For an exact match, use =, for example,
+ * "given_name = \"Jon\"". For a prefix ("starts with") match,
+ * use ^=, for example, "given_name ^= \"Jon\"".
*
family_name = \"Reddy\"".
+ * string must be escaped using the backslash (\)
+ * character. For example, "family_name = \"Reddy\""
+ * .
*
*
- * Filter-Type: For an exact match, use =, for example, "
- * given_name = \"Jon\"". For a prefix
- * ("starts with") match, use ^=, for example, "
- * given_name ^= \"Jon\"".
+ * Filter-Type: For an exact match, use =,
+ * for example, "given_name = \"Jon\"
+ * ". For a prefix ("starts with") match, use ^=,
+ * for example, "given_name ^= \"Jon\"".
*
family_name =
- * \"Reddy\"".
+ * backslash (\) character. For example,
+ * "family_name = \"Reddy\"".
*
*
- * Filter-Type: For an exact match, use =, for example, "
- * given_name = \"Jon\"". For a prefix ("starts with") match,
- * use ^=, for example, "given_name ^= \"Jon\"".
+ * Filter-Type: For an exact match, use =, for example,
+ * "given_name = \"Jon\"". For a prefix ("starts with") match,
+ * use ^=, for example, "given_name ^= \"Jon\"".
*
family_name = \"Reddy\"".
+ * string must be escaped using the backslash (\)
+ * character. For example, "family_name = \"Reddy\""
+ * .
*
*
- * Filter-Type: For an exact match, use =, for example, "
- * given_name = \"Jon\"". For a prefix
- * ("starts with") match, use ^=, for example, "
- * given_name ^= \"Jon\"".
+ * Filter-Type: For an exact match, use =,
+ * for example, "given_name = \"Jon\"
+ * ". For a prefix ("starts with") match, use ^=,
+ * for example, "given_name ^= \"Jon\"".
*
- * An identifier that was returned from the previous call to this operation, - * which can be used to return the next set of items in the list. + * The identifier that Amazon Cognito returned with the previous request to + * this operation. When you include a pagination token in your request, + * Amazon Cognito returns the next set of items in the list. By use of this + * token, you can paginate through the full list of items. *
*
* Constraints:
- * An identifier that was returned from the previous call to this operation,
- * which can be used to return the next set of items in the list.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Constraints:
- * An identifier that was returned from the previous call to this
- * operation, which can be used to return the next set of items in
- * the list.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token in
+ * your request, Amazon Cognito returns the next set of items in the
+ * list. By use of this token, you can paginate through the full
+ * list of items.
*
- * An identifier that was returned from the previous call to this operation,
- * which can be used to return the next set of items in the list.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Constraints:
- * An identifier that was returned from the previous call to this
- * operation, which can be used to return the next set of items
- * in the list.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token
+ * in your request, Amazon Cognito returns the next set of items
+ * in the list. By use of this token, you can paginate through
+ * the full list of items.
*
- * An identifier that was returned from the previous call to this operation,
- * which can be used to return the next set of items in the list.
+ * The identifier that Amazon Cognito returned with the previous request to
+ * this operation. When you include a pagination token in your request,
+ * Amazon Cognito returns the next set of items in the list. By use of this
+ * token, you can paginate through the full list of items.
*
* Returns a reference to this object so that method calls can be chained
@@ -300,9 +312,11 @@ public void setPaginationToken(String paginationToken) {
* Pattern: [\S]+
- * An identifier that was returned from the previous call to this
- * operation, which can be used to return the next set of items
- * in the list.
+ * The identifier that Amazon Cognito returned with the previous
+ * request to this operation. When you include a pagination token
+ * in your request, Amazon Cognito returns the next set of items
+ * in the list. By use of this token, you can paginate through
+ * the full list of items.
*
- * The maximum value of an attribute that is of the number data type.
+ * The maximum length of a number attribute value. Must be a number less
+ * than or equal to
* Constraints:
- * The maximum value of an attribute that is of the number data type.
+ * The maximum length of a number attribute value. Must be a number less
+ * than or equal to
* Constraints:
- * The maximum value of an attribute that is of the number data
- * type.
+ * The maximum length of a number attribute value. Must be a number
+ * less than or equal to
- * The maximum value of an attribute that is of the number data type.
+ * The maximum length of a number attribute value. Must be a number less
+ * than or equal to
* Constraints:
- * The maximum value of an attribute that is of the number data
- * type.
+ * The maximum length of a number attribute value. Must be a
+ * number less than or equal to
- * The maximum value of an attribute that is of the number data type.
+ * The maximum length of a number attribute value. Must be a number less
+ * than or equal to
* Returns a reference to this object so that method calls can be chained
@@ -147,8 +157,9 @@ public void setMaxValue(String maxValue) {
* Length: 0 - 131072
- * The maximum value of an attribute that is of the number data
- * type.
+ * The maximum length of a number attribute value. Must be a
+ * number less than or equal to
* The number of days a temporary password is valid in the password policy.
* If the user doesn't sign in during this time, an administrator must reset
- * their password.
+ * their password. Defaults to
@@ -425,7 +427,9 @@ public PasswordPolicyType withRequireSymbols(Boolean requireSymbols) {
*
* The number of days a temporary password is valid in the password policy.
* If the user doesn't sign in during this time, an administrator must reset
- * their password.
+ * their password. Defaults to
@@ -441,7 +445,10 @@ public PasswordPolicyType withRequireSymbols(Boolean requireSymbols) {
* @return
* The number of days a temporary password is valid in the password
* policy. If the user doesn't sign in during this time, an
- * administrator must reset their password.
+ * administrator must reset their password. Defaults to
+ *
@@ -460,7 +467,9 @@ public Integer getTemporaryPasswordValidityDays() {
*
* The number of days a temporary password is valid in the password policy.
* If the user doesn't sign in during this time, an administrator must reset
- * their password.
+ * their password. Defaults to
@@ -476,7 +485,11 @@ public Integer getTemporaryPasswordValidityDays() {
* @param temporaryPasswordValidityDays
* The number of days a temporary password is valid in the
* password policy. If the user doesn't sign in during this time,
- * an administrator must reset their password.
+ * an administrator must reset their password. Defaults to
+ *
@@ -495,7 +508,9 @@ public void setTemporaryPasswordValidityDays(Integer temporaryPasswordValidityDa
*
* The number of days a temporary password is valid in the password policy.
* If the user doesn't sign in during this time, an administrator must reset
- * their password.
+ * their password. Defaults to
@@ -514,7 +529,11 @@ public void setTemporaryPasswordValidityDays(Integer temporaryPasswordValidityDa
* @param temporaryPasswordValidityDays
* The number of days a temporary password is valid in the
* password policy. If the user doesn't sign in during this time,
- * an administrator must reset their password.
+ * an administrator must reset their password. Defaults to
+ *
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/PasswordResetRequiredException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/PasswordResetRequiredException.java
index 528010c08c..742102faa7 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/PasswordResetRequiredException.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/PasswordResetRequiredException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/PreTokenGenerationLambdaVersionType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/PreTokenGenerationLambdaVersionType.java
new file mode 100644
index 0000000000..44c842c860
--- /dev/null
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/PreTokenGenerationLambdaVersionType.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ * http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+package com.amazonaws.services.cognitoidentityprovider.model;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Pre Token Generation Lambda Version Type
+ */
+public enum PreTokenGenerationLambdaVersionType {
+
+ V1_0("V1_0"),
+ V2_0("V2_0");
+
+ private String value;
+
+ private PreTokenGenerationLambdaVersionType(String value) {
+ this.value = value;
+ }
+
+ @Override
+ public String toString() {
+ return value;
+ }
+
+ private static final Map
+ * The properties of a pre token generation Lambda trigger.
+ *
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ *
+ * Constraints:
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
+ *
+ * This parameter and the
+ * Constraints:
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ *
+ * Constraints:
+ * The user pool trigger version of the request that Amazon Cognito
+ * sends to your Lambda function. Higher-numbered versions add
+ * fields that support new features.
+ *
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ *
+ * Constraints:
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ *
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ *
+ * Returns a reference to this object so that method calls can be chained
+ * together.
+ *
+ * Constraints:
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ *
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ *
+ * Constraints:
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ *
+ * The user pool trigger version of the request that Amazon Cognito sends to
+ * your Lambda function. Higher-numbered versions add fields that support
+ * new features.
+ *
+ * Returns a reference to this object so that method calls can be chained
+ * together.
+ *
+ * Constraints:
+ * The user pool trigger version of the request that Amazon
+ * Cognito sends to your Lambda function. Higher-numbered
+ * versions add fields that support new features.
+ *
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
+ *
+ * This parameter and the
+ * Constraints:
+ * The Amazon Resource Name (ARN) of the function that you want to
+ * assign to your Lambda trigger.
+ *
+ * This parameter and the
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
+ *
+ * This parameter and the
+ * Constraints:
+ * The Amazon Resource Name (ARN) of the function that you want
+ * to assign to your Lambda trigger.
+ *
+ * This parameter and the
+ * The Amazon Resource Name (ARN) of the function that you want to assign to
+ * your Lambda trigger.
+ *
+ * This parameter and the
+ * Returns a reference to this object so that method calls can be chained
+ * together.
+ *
+ * Constraints:
+ * The Amazon Resource Name (ARN) of the function that you want
+ * to assign to your Lambda trigger.
+ *
+ * This parameter and the
* Constraints:
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
* Constraints:
* The IdP name.
@@ -85,7 +85,7 @@ public String getProviderName() {
*
* Constraints:
* The IdP name.
@@ -105,7 +105,7 @@ public void setProviderName(String providerName) {
*
* Constraints:
* The IdP name.
@@ -267,15 +267,16 @@ public ProviderDescription withLastModifiedDate(java.util.Date lastModifiedDate)
/**
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java
* Returns a reference to this object so that method calls can be chained
* together.
*
* @param creationDate
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java
* Constraints:
* Constraints:
* The name of the provider, such as Facebook, Google, or Login with
@@ -81,7 +81,7 @@ public String getProviderName() {
*
* Constraints:
* The name of the provider, such as Facebook, Google, or Login
@@ -102,7 +102,7 @@ public void setProviderName(String providerName) {
*
* Constraints:
* The name of the provider, such as Facebook, Google, or Login
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/RecoveryOptionNameType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/RecoveryOptionNameType.java
index e4340bc955..69c1967666 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/RecoveryOptionNameType.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/RecoveryOptionNameType.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/RecoveryOptionType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/RecoveryOptionType.java
index 91d31b7924..b27a1149c3 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/RecoveryOptionType.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/RecoveryOptionType.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ResendConfirmationCodeRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ResendConfirmationCodeRequest.java
index b86a73b6fc..ad0caeb0df 100644
--- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ResendConfirmationCodeRequest.java
+++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/ResendConfirmationCodeRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -32,7 +32,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
@@ -96,8 +96,11 @@ public class ResendConfirmationCodeRequest extends AmazonWebServiceRequest imple
/**
*
- * The
* Constraints:
- * The
* Constraints:
- * The
- * The
* Constraints:
- * The
- * The
* Returns a reference to this object so that method calls can be chained
@@ -411,8 +431,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
- * The
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ *
* Constraints:
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ *
* Constraints:
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ *
* Constraints:
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server.
+ * The identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ *
* Returns a reference to this object so that method calls can be chained
@@ -170,7 +225,17 @@ public void setIdentifier(String identifier) {
* Pattern: [\x21\x23-\x5B\x5D-\x7E]+
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server.
+ * The identifier can be an API friendly name like
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format
- * Responds to the authentication challenge.
+ * Some API operations in a user pool generate a challenge, like a prompt for an
+ * MFA code, for device authentication that bypasses MFA, or for a custom
+ * authentication challenge. A
+ * For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
*
@@ -31,7 +41,7 @@
* policies. For more information about authorization models in Amazon Cognito,
* see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
@@ -104,42 +114,51 @@ public class RespondToAuthChallengeRequest extends AmazonWebServiceRequest imple
/**
*
- * The challenge responses. These are inputs corresponding to the value of
- *
- *
- *
- *
- *
+ *
+ * Add
+ *
@@ -248,8 +250,10 @@ public ListUsersResult withUsers(java.util.Collection
@@ -257,9 +261,11 @@ public ListUsersResult withUsers(java.util.Collection
*
* @return
@@ -277,9 +285,11 @@ public String getPaginationToken() {
* Pattern: [\S]+
*
* @param paginationToken
*
* @param paginationToken 2^1023, represented as a string with a
+ * length of 131072 characters or fewer.
*
@@ -103,15 +105,18 @@ public NumberAttributeConstraintsType withMinValue(String minValue) {
/**
* 2^1023, represented as a string with a
+ * length of 131072 characters or fewer.
*
* Length: 0 - 131072
*
* @return 2^1023, represented as a
+ * string with a length of 131072 characters or fewer.
* 2^1023, represented as a string with a
+ * length of 131072 characters or fewer.
*
* Length: 0 - 131072
*
* @param maxValue 2^1023, represented
+ * as a string with a length of 131072 characters or fewer.
* 2^1023, represented as a string with a
+ * length of 131072 characters or fewer.
*
*
* @param maxValue 2^1023, represented
+ * as a string with a length of 131072 characters or fewer.
* 7. If you submit a value of
+ * 0, Amazon Cognito treats it as a null value and sets
+ * TemporaryPasswordValidityDays to its default value.
* 7. If you submit a value of
+ * 0, Amazon Cognito treats it as a null value and sets
+ * TemporaryPasswordValidityDays to its default value.
* 7. If you submit a value of 0, Amazon
+ * Cognito treats it as a null value and sets
+ * TemporaryPasswordValidityDays to its default value.
* 7. If you submit a value of
+ * 0, Amazon Cognito treats it as a null value and sets
+ * TemporaryPasswordValidityDays to its default value.
* 7. If you submit a value of 0,
+ * Amazon Cognito treats it as a null value and sets
+ * TemporaryPasswordValidityDays to its default
+ * value.
* 7. If you submit a value of
+ * 0, Amazon Cognito treats it as a null value and sets
+ * TemporaryPasswordValidityDays to its default value.
* 7. If you submit a value of 0,
+ * Amazon Cognito treats it as a null value and sets
+ * TemporaryPasswordValidityDays to its default
+ * value.
*
+ * Allowed Values: V1_0, V2_0
+ */
+ private String lambdaVersion;
+
+ /**
+ * PreTokenGeneration property of
+ * LambdaConfig have the same value. For new instances of pre
+ * token generation triggers, set LambdaArn.
+ *
+ * Length: 20 - 2048
+ * Pattern:
+ * arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=
+ * /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
+ */
+ private String lambdaArn;
+
+ /**
+ *
+ * Allowed Values: V1_0, V2_0
+ *
+ * @return
+ * Allowed Values: V1_0, V2_0
+ *
+ * @param lambdaVersion
+ * Allowed Values: V1_0, V2_0
+ *
+ * @param lambdaVersion
+ * Allowed Values: V1_0, V2_0
+ *
+ * @param lambdaVersion
+ * Allowed Values: V1_0, V2_0
+ *
+ * @param lambdaVersion PreTokenGeneration property of
+ * LambdaConfig have the same value. For new instances of pre
+ * token generation triggers, set LambdaArn.
+ *
+ * Length: 20 - 2048
+ * Pattern:
+ * arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=
+ * /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
+ *
+ * @return PreTokenGeneration property
+ * of LambdaConfig have the same value. For new
+ * instances of pre token generation triggers, set
+ * LambdaArn.
+ * PreTokenGeneration property of
+ * LambdaConfig have the same value. For new instances of pre
+ * token generation triggers, set LambdaArn.
+ *
+ * Length: 20 - 2048
+ * Pattern:
+ * arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=
+ * /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
+ *
+ * @param lambdaArn PreTokenGeneration
+ * property of LambdaConfig have the same value. For
+ * new instances of pre token generation triggers, set
+ * LambdaArn.
+ * PreTokenGeneration property of
+ * LambdaConfig have the same value. For new instances of pre
+ * token generation triggers, set LambdaArn.
+ *
+ * Length: 20 - 2048
+ * Pattern:
+ * arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=
+ * /,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?
+ *
+ * @param lambdaArn PreTokenGeneration
+ * property of LambdaConfig have the same value. For
+ * new instances of pre token generation triggers, set
+ * LambdaArn.
+ *
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*/
private String providerName;
@@ -54,9 +54,9 @@ public class ProviderDescription implements Serializable {
/**
* Date object.
*
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @return
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName Date object.
* Date object.
* Date object.
* Date object.
* Date object.
* Date object.
*
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*/
private String providerName;
@@ -63,7 +63,7 @@ public class ProviderUserIdentifierType implements Serializable {
*
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @return
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName username attribute of the user to whom you want to
- * resend a confirmation code.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -361,8 +364,11 @@ public ResendConfirmationCodeRequest withUserContextData(UserContextDataType use
/**
* username attribute of the user to whom you want to
- * resend a confirmation code.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -370,8 +376,12 @@ public ResendConfirmationCodeRequest withUserContextData(UserContextDataType use
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return username attribute of the user to whom you want
- * to resend a confirmation code.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
* username attribute of the user to whom you want to
- * resend a confirmation code.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
@@ -389,8 +402,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username username attribute of the user to whom you
- * want to resend a confirmation code.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* username attribute of the user to whom you want to
- * resend a confirmation code.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
*
* @param username username attribute of the user to whom you
- * want to resend a confirmation code.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
* solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
@@ -125,7 +134,16 @@ public ResourceServerType withUserPoolId(String userPoolId) {
/**
* solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
@@ -133,7 +151,16 @@ public ResourceServerType withUserPoolId(String userPoolId) {
* Pattern: [\x21\x23-\x5B\x5D-\x7E]+
*
* @return solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ * $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access tokens.
* solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
@@ -150,7 +186,17 @@ public String getIdentifier() {
* Pattern: [\x21\x23-\x5B\x5D-\x7E]+
*
* @param identifier solar-system-data. You can also set an API URL
+ * like https://solar-system-data-api.example.com as
+ * your identifier.
+ * $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access
+ * tokens.
* solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
*
* @param identifier solar-system-data. You can also set an API URL
+ * like https://solar-system-data-api.example.com as
+ * your identifier.
+ * $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access
+ * tokens.
* RespondToAuthChallenge API request
+ * provides the answer to that challenge, like a code or a secure remote
+ * password (SRP). The parameters of a response to an authentication challenge
+ * vary with the type of challenge.
+ * ChallengeName, for example:
+ * The responses to the challenge that you received in the previous request.
+ * Each challenge has its own required response parameters. The following
+ * examples are partial JSON request bodies that highlight
+ * challenge-response parameters.
* SECRET_HASH (if app client is configured with client secret)
- * applies to all of the inputs that follow (including
- * SOFTWARE_TOKEN_MFA).
+ * You must provide a SECRET_HASH parameter in all challenge responses to an
+ * app client that has a client secret.
*
- *
+ *
SMS_MFA: SMS_MFA_CODE, USERNAME.
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
* PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
* PASSWORD_VERIFIER requires DEVICE_KEY when you
- * sign in with a remembered device.
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
+ * "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
+ * "DEVICE_KEY" when you sign in with a remembered device.
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
*
- * NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret). To set any required attributes that
- * Amazon Cognito returned as requiredAttributes in the
- * InitiateAuth response, add a
- * userAttributes.attributename parameter. This
+ * To set any required attributes that InitiateAuth returned in
+ * an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]". This
* parameter can also set values for writable attributes that aren't
* required by your user pool.
*
UpdateUserAttributes API operation to modify the
* value of any additional attributes.
*
- *
- * SOFTWARE_TOKEN_MFA: USERNAME and
- * SOFTWARE_TOKEN_MFA_CODE are required attributes.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
*
- * DEVICE_SRP_AUTH requires USERNAME,
- * DEVICE_KEY, SRP_A (and SECRET_HASH
- * ).
+ * "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
*
- * DEVICE_PASSWORD_VERIFIER requires everything that
- * PASSWORD_VERIFIER requires, plus DEVICE_KEY.
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * MFA_SETUP requires USERNAME, plus you must use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
*
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
+ *
* For more information about SECRET_HASH, see
- * The challenge responses. These are inputs corresponding to the value of
- * ChallengeName, for example:
+ * The responses to the challenge that you received in the previous request.
+ * Each challenge has its own required response parameters. The following
+ * examples are partial JSON request bodies that highlight
+ * challenge-response parameters.
*
- * SECRET_HASH (if app client is configured with client secret)
- * applies to all of the inputs that follow (including
- * SOFTWARE_TOKEN_MFA).
+ * You must provide a SECRET_HASH parameter in all challenge responses to an
+ * app client that has a client secret.
*
- * SMS_MFA: SMS_MFA_CODE, USERNAME.
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
*
- * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * PASSWORD_VERIFIER requires DEVICE_KEY when you
- * sign in with a remembered device.
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
*
+ * "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
+ *
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
+ *
- * NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret). To set any required attributes that
- * Amazon Cognito returned as requiredAttributes in the
- * InitiateAuth response, add a
- * userAttributes.attributename parameter. This
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
+ *
+ * To set any required attributes that InitiateAuth returned in
+ * an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]". This
* parameter can also set values for writable attributes that aren't
* required by your user pool.
*
UpdateUserAttributes API operation to modify the
* value of any additional attributes.
*
- *
- * SOFTWARE_TOKEN_MFA: USERNAME and
- * SOFTWARE_TOKEN_MFA_CODE are required attributes.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
*
- * DEVICE_SRP_AUTH requires USERNAME,
- * DEVICE_KEY, SRP_A (and SECRET_HASH
- * ).
+ * "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
*
- * DEVICE_PASSWORD_VERIFIER requires everything that
- * PASSWORD_VERIFIER requires, plus DEVICE_KEY.
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * MFA_SETUP requires USERNAME, plus you must use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
*
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
+ *
- * SOFTWARE_TOKEN_MFA: USERNAME and
- * SOFTWARE_TOKEN_MFA_CODE are required attributes.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
*
- * DEVICE_SRP_AUTH requires USERNAME,
- * DEVICE_KEY, SRP_A (and SECRET_HASH
- * ).
+ * "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
*
- * DEVICE_PASSWORD_VERIFIER requires everything that
- * PASSWORD_VERIFIER requires, plus DEVICE_KEY.
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * MFA_SETUP requires USERNAME, plus you must use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
*
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
+ *
* For more information about SECRET_HASH, see getChallengeResponses() {
*
- * The challenge responses. These are inputs corresponding to the
- * value of ChallengeName, for example:
+ * The responses to the challenge that you received in the
+ * previous request. Each challenge has its own required response
+ * parameters. The following examples are partial JSON request
+ * bodies that highlight challenge-response parameters.
*
- * SECRET_HASH (if app client is configured with
- * client secret) applies to all of the inputs that follow
- * (including SOFTWARE_TOKEN_MFA).
+ * You must provide a SECRET_HASH parameter in all challenge
+ * responses to an app client that has a client secret.
*
- * SMS_MFA: SMS_MFA_CODE,
- * USERNAME.
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
*
- * PASSWORD_VERIFIER:
- * PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK,
- * TIMESTAMP, USERNAME.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * PASSWORD_VERIFIER requires
- * DEVICE_KEY when you sign in with a remembered
- * device.
+ * Add "DEVICE_KEY" when you sign in with a
+ * remembered device.
*
+ * "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
+ *
+ * Add "DEVICE_KEY" when you sign in with a
+ * remembered device.
+ *
- * NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client
- * is configured with client secret). To set any required
- * attributes that Amazon Cognito returned as
- * requiredAttributes in the
- * InitiateAuth response, add a
- * userAttributes.attributename parameter.
- * This parameter can also set values for writable attributes
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
+ *
+ * To set any required attributes that InitiateAuth
+ * returned in an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]"
+ * . This parameter can also set values for writable attributes
* that aren't required by your user pool.
*
UpdateUserAttributes API operation to modify the
* value of any additional attributes.
*
- *
- * SOFTWARE_TOKEN_MFA: USERNAME and
- * SOFTWARE_TOKEN_MFA_CODE are required attributes.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
*
- * DEVICE_SRP_AUTH requires USERNAME,
- * DEVICE_KEY, SRP_A (and
- * SECRET_HASH).
+ * "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
*
- * DEVICE_PASSWORD_VERIFIER requires everything that
- * PASSWORD_VERIFIER requires, plus
- * DEVICE_KEY.
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * MFA_SETUP requires USERNAME, plus
- * you must use the session value returned by
- * VerifySoftwareToken in the Session
- * parameter.
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
*
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
+ *
- * SOFTWARE_TOKEN_MFA: USERNAME and
- * SOFTWARE_TOKEN_MFA_CODE are required attributes.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
*
- * DEVICE_SRP_AUTH requires USERNAME,
- * DEVICE_KEY, SRP_A (and SECRET_HASH
- * ).
+ * "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
*
- * DEVICE_PASSWORD_VERIFIER requires everything that
- * PASSWORD_VERIFIER requires, plus DEVICE_KEY.
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * MFA_SETUP requires USERNAME, plus you must use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
*
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
+ *
- * SOFTWARE_TOKEN_MFA: USERNAME and
- * SOFTWARE_TOKEN_MFA_CODE are required attributes.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
*
- * DEVICE_SRP_AUTH requires USERNAME,
- * DEVICE_KEY, SRP_A (and
- * SECRET_HASH).
+ * "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
*
- * DEVICE_PASSWORD_VERIFIER requires everything that
- * PASSWORD_VERIFIER requires, plus
- * DEVICE_KEY.
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * MFA_SETUP requires USERNAME, plus
- * you must use the session value returned by
- * VerifySoftwareToken in the Session
- * parameter.
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
*
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
+ *
* For more information about SECRET_HASH, see
- * The challenge responses. These are inputs corresponding to the value of
- * ChallengeName, for example:
+ * The responses to the challenge that you received in the previous request.
+ * Each challenge has its own required response parameters. The following
+ * examples are partial JSON request bodies that highlight
+ * challenge-response parameters.
*
- * SECRET_HASH (if app client is configured with client secret)
- * applies to all of the inputs that follow (including
- * SOFTWARE_TOKEN_MFA).
+ * You must provide a SECRET_HASH parameter in all challenge responses to an
+ * app client that has a client secret.
*
- * SMS_MFA: SMS_MFA_CODE, USERNAME.
+ * "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}
*
- * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME.
+ * "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * PASSWORD_VERIFIER requires DEVICE_KEY when you
- * sign in with a remembered device.
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
+ *
+ * "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[challenge_answer]"}
*
- * NEW_PASSWORD_REQUIRED: NEW_PASSWORD,
- * USERNAME, SECRET_HASH (if app client is
- * configured with client secret). To set any required attributes that
- * Amazon Cognito returned as requiredAttributes in the
- * InitiateAuth response, add a
- * userAttributes.attributename parameter. This
+ * Add "DEVICE_KEY" when you sign in with a remembered device.
+ *
+ * "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD": "[new_password]", "USERNAME": "[username]"}
+ *
+ * To set any required attributes that InitiateAuth returned in
+ * an requiredAttributes parameter, add
+ * "userAttributes.[attribute_name]": "[attribute_value]". This
* parameter can also set values for writable attributes that aren't
* required by your user pool.
*
UpdateUserAttributes API operation to modify the
* value of any additional attributes.
*
- *
- * SOFTWARE_TOKEN_MFA: USERNAME and
- * SOFTWARE_TOKEN_MFA_CODE are required attributes.
+ * "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME": "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
*
- * DEVICE_SRP_AUTH requires USERNAME,
- * DEVICE_KEY, SRP_A (and SECRET_HASH
- * ).
+ * "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]", "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
*
- * DEVICE_PASSWORD_VERIFIER requires everything that
- * PASSWORD_VERIFIER requires, plus DEVICE_KEY.
+ * "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY": "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
*
- * MFA_SETUP requires USERNAME, plus you must use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"}, "SESSION": "[Session ID from VerifySoftwareToken]"
*
+ * "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
+ *
* For more information about SECRET_HASH, see Using the Amazon Cognito native and OIDC APIs.
+ * >Using the Amazon Cognito user pools API and user pool endpoints.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param lastModifiedDate
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The name of your user pool attribute, for example username
- * or custom:costcenter.
+ * The name of your user pool attribute. When you create or update a user
+ * pool, adding a schema attribute creates a custom or developer-only
+ * attribute. When you add an attribute with a Name value of
+ * MyAttribute, Amazon Cognito creates the custom attribute
+ * custom:MyAttribute. When DeveloperOnlyAttribute
+ * is true, Amazon Cognito creates your attribute as
+ * dev:MyAttribute. In an operation that describes a user pool,
+ * Amazon Cognito returns this value as value for standard
+ * attributes, custom:value for custom attributes, and
+ * dev:value for developer-only attributes..
*
* Constraints:
@@ -48,7 +56,11 @@ public class SchemaAttributeType implements Serializable {
/**
*
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you choose an
+ * AttributeDataType, Amazon Cognito validates the input
+ * against the data type. A custom attribute value in your user's ID token
+ * is always a string, for example "custom:isMember" : "true"
+ * or "custom:YearsAsMember" : "12".
*
* Constraints:
@@ -118,8 +130,16 @@ public class SchemaAttributeType implements Serializable {
/**
*
- * The name of your user pool attribute, for example username
- * or custom:costcenter.
+ * The name of your user pool attribute. When you create or update a user
+ * pool, adding a schema attribute creates a custom or developer-only
+ * attribute. When you add an attribute with a Name value of
+ * MyAttribute, Amazon Cognito creates the custom attribute
+ * custom:MyAttribute. When DeveloperOnlyAttribute
+ * is true, Amazon Cognito creates your attribute as
+ * dev:MyAttribute. In an operation that describes a user pool,
+ * Amazon Cognito returns this value as value for standard
+ * attributes, custom:value for custom attributes, and
+ * dev:value for developer-only attributes..
*
* Constraints:
@@ -127,8 +147,18 @@ public class SchemaAttributeType implements Serializable {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The name of your user pool attribute, for example
- * username or custom:costcenter.
+ * The name of your user pool attribute. When you create or update a
+ * user pool, adding a schema attribute creates a custom or
+ * developer-only attribute. When you add an attribute with a
+ * Name value of MyAttribute, Amazon
+ * Cognito creates the custom attribute
+ * custom:MyAttribute. When
+ * DeveloperOnlyAttribute is true, Amazon
+ * Cognito creates your attribute as dev:MyAttribute.
+ * In an operation that describes a user pool, Amazon Cognito
+ * returns this value as value for standard attributes,
+ * custom:value for custom attributes, and
+ * dev:value for developer-only attributes..
*
- * The name of your user pool attribute, for example username
- * or custom:costcenter.
+ * The name of your user pool attribute. When you create or update a user
+ * pool, adding a schema attribute creates a custom or developer-only
+ * attribute. When you add an attribute with a Name value of
+ * MyAttribute, Amazon Cognito creates the custom attribute
+ * custom:MyAttribute. When DeveloperOnlyAttribute
+ * is true, Amazon Cognito creates your attribute as
+ * dev:MyAttribute. In an operation that describes a user pool,
+ * Amazon Cognito returns this value as value for standard
+ * attributes, custom:value for custom attributes, and
+ * dev:value for developer-only attributes..
*
* Constraints:
@@ -146,8 +184,19 @@ public String getName() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param name
- * The name of your user pool attribute, for example
- * username or custom:costcenter.
+ * The name of your user pool attribute. When you create or
+ * update a user pool, adding a schema attribute creates a custom
+ * or developer-only attribute. When you add an attribute with a
+ * Name value of MyAttribute, Amazon
+ * Cognito creates the custom attribute
+ * custom:MyAttribute. When
+ * DeveloperOnlyAttribute is true,
+ * Amazon Cognito creates your attribute as
+ * dev:MyAttribute. In an operation that describes a
+ * user pool, Amazon Cognito returns this value as
+ * value for standard attributes,
+ * custom:value for custom attributes, and
+ * dev:value for developer-only attributes..
*
- * The name of your user pool attribute, for example username
- * or custom:costcenter.
+ * The name of your user pool attribute. When you create or update a user
+ * pool, adding a schema attribute creates a custom or developer-only
+ * attribute. When you add an attribute with a Name value of
+ * MyAttribute, Amazon Cognito creates the custom attribute
+ * custom:MyAttribute. When DeveloperOnlyAttribute
+ * is true, Amazon Cognito creates your attribute as
+ * dev:MyAttribute. In an operation that describes a user pool,
+ * Amazon Cognito returns this value as value for standard
+ * attributes, custom:value for custom attributes, and
+ * dev:value for developer-only attributes..
*
* Returns a reference to this object so that method calls can be chained
@@ -168,8 +225,19 @@ public void setName(String name) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param name
- * The name of your user pool attribute, for example
- * username or custom:costcenter.
+ * The name of your user pool attribute. When you create or
+ * update a user pool, adding a schema attribute creates a custom
+ * or developer-only attribute. When you add an attribute with a
+ * Name value of MyAttribute, Amazon
+ * Cognito creates the custom attribute
+ * custom:MyAttribute. When
+ * DeveloperOnlyAttribute is true,
+ * Amazon Cognito creates your attribute as
+ * dev:MyAttribute. In an operation that describes a
+ * user pool, Amazon Cognito returns this value as
+ * value for standard attributes,
+ * custom:value for custom attributes, and
+ * dev:value for developer-only attributes..
*
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you choose an
+ * AttributeDataType, Amazon Cognito validates the input
+ * against the data type. A custom attribute value in your user's ID token
+ * is always a string, for example "custom:isMember" : "true"
+ * or "custom:YearsAsMember" : "12".
*
* Constraints:
* Allowed Values: String, Number, DateTime, Boolean
*
* @return
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you choose
+ * an AttributeDataType, Amazon Cognito validates the
+ * input against the data type. A custom attribute value in your
+ * user's ID token is always a string, for example
+ * "custom:isMember" : "true" or
+ * "custom:YearsAsMember" : "12".
*
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you choose an
+ * AttributeDataType, Amazon Cognito validates the input
+ * against the data type. A custom attribute value in your user's ID token
+ * is always a string, for example "custom:isMember" : "true"
+ * or "custom:YearsAsMember" : "12".
*
* Constraints:
* Allowed Values: String, Number, DateTime, Boolean
*
* @param attributeDataType
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you
+ * choose an AttributeDataType, Amazon Cognito
+ * validates the input against the data type. A custom attribute
+ * value in your user's ID token is always a string, for example
+ * "custom:isMember" : "true" or
+ * "custom:YearsAsMember" : "12".
*
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you choose an
+ * AttributeDataType, Amazon Cognito validates the input
+ * against the data type. A custom attribute value in your user's ID token
+ * is always a string, for example "custom:isMember" : "true"
+ * or "custom:YearsAsMember" : "12".
*
* Returns a reference to this object so that method calls can be chained @@ -225,7 +315,12 @@ public void setAttributeDataType(String attributeDataType) { * Allowed Values: String, Number, DateTime, Boolean * * @param attributeDataType
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you
+ * choose an AttributeDataType, Amazon Cognito
+ * validates the input against the data type. A custom attribute
+ * value in your user's ID token is always a string, for example
+ * "custom:isMember" : "true" or
+ * "custom:YearsAsMember" : "12".
*
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you choose an
+ * AttributeDataType, Amazon Cognito validates the input
+ * against the data type. A custom attribute value in your user's ID token
+ * is always a string, for example "custom:isMember" : "true"
+ * or "custom:YearsAsMember" : "12".
*
* Constraints:
* Allowed Values: String, Number, DateTime, Boolean
*
* @param attributeDataType
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you
+ * choose an AttributeDataType, Amazon Cognito
+ * validates the input against the data type. A custom attribute
+ * value in your user's ID token is always a string, for example
+ * "custom:isMember" : "true" or
+ * "custom:YearsAsMember" : "12".
*
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you choose an
+ * AttributeDataType, Amazon Cognito validates the input
+ * against the data type. A custom attribute value in your user's ID token
+ * is always a string, for example "custom:isMember" : "true"
+ * or "custom:YearsAsMember" : "12".
*
* Returns a reference to this object so that method calls can be chained @@ -265,7 +373,12 @@ public void setAttributeDataType(AttributeDataType attributeDataType) { * Allowed Values: String, Number, DateTime, Boolean * * @param attributeDataType
- * The data format of the values for your attribute.
+ * The data format of the values for your attribute. When you
+ * choose an AttributeDataType, Amazon Cognito
+ * validates the input against the data type. A custom attribute
+ * value in your user's ID token is always a string, for example
+ * "custom:isMember" : "true" or
+ * "custom:YearsAsMember" : "12".
*
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies @@ -40,7 +44,7 @@ * policies. For more information about authorization models in Amazon Cognito, * see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies @@ -35,7 +39,7 @@ * policies. For more information about authorization models in Amazon Cognito, * see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*@@ -86,7 +86,9 @@ public class SignUpRequest extends AmazonWebServiceRequest implements Serializab /** *
- * The user name of the user you want to register. + * The username of the user that you want to sign up. The value of this + * parameter is typically a username, but can be any alias attribute in your + * user pool. *
*
* Constraints:
@@ -119,7 +121,23 @@ public class SignUpRequest extends AmazonWebServiceRequest implements Serializab
/**
*
- * The validation data in the request to register a user. + * Temporary user attributes that contribute to the outcomes of your pre + * sign-up Lambda trigger. This set of key-value pairs are for custom + * validation of information that you collect from your users but don't need + * to retain. + *
+ *+ * Your Lambda function can analyze this additional data and act on it. Your + * function might perform external API operations like logging user + * attributes and validation data to Amazon CloudWatch Logs. Validation data + * might also affect the response that your function returns to Amazon + * Cognito, like automatically confirming the user if they sign up from + * within your network. + *
+ *+ * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
*/ private java.util.List- * The user name of the user you want to register. + * The username of the user that you want to sign up. The value of this + * parameter is typically a username, but can be any alias attribute in your + * user pool. *
*
* Constraints:
@@ -331,7 +351,9 @@ public SignUpRequest withSecretHash(String secretHash) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user name of the user you want to register. + * The username of the user that you want to sign up. The value of + * this parameter is typically a username, but can be any alias + * attribute in your user pool. *
*/ public String getUsername() { @@ -340,7 +362,9 @@ public String getUsername() { /** *- * The user name of the user you want to register. + * The username of the user that you want to sign up. The value of this + * parameter is typically a username, but can be any alias attribute in your + * user pool. *
*
* Constraints:
@@ -348,7 +372,9 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user you want to register. + * The username of the user that you want to sign up. The value + * of this parameter is typically a username, but can be any + * alias attribute in your user pool. *
*/ public void setUsername(String username) { @@ -357,7 +383,9 @@ public void setUsername(String username) { /** *- * The user name of the user you want to register. + * The username of the user that you want to sign up. The value of this + * parameter is typically a username, but can be any alias attribute in your + * user pool. *
*
* Returns a reference to this object so that method calls can be chained
@@ -368,7 +396,9 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user name of the user you want to register. + * The username of the user that you want to sign up. The value + * of this parameter is typically a username, but can be any + * alias attribute in your user pool. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -543,11 +573,44 @@ public SignUpRequest withUserAttributes(java.util.Collection- * The validation data in the request to register a user. + * Temporary user attributes that contribute to the outcomes of your pre + * sign-up Lambda trigger. This set of key-value pairs are for custom + * validation of information that you collect from your users but don't need + * to retain. + *
+ *+ * Your Lambda function can analyze this additional data and act on it. Your + * function might perform external API operations like logging user + * attributes and validation data to Amazon CloudWatch Logs. Validation data + * might also affect the response that your function returns to Amazon + * Cognito, like automatically confirming the user if they sign up from + * within your network. + *
+ *+ * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
* * @return- * The validation data in the request to register a user. + * Temporary user attributes that contribute to the outcomes of your + * pre sign-up Lambda trigger. This set of key-value pairs are for + * custom validation of information that you collect from your users + * but don't need to retain. + *
+ *+ * Your Lambda function can analyze this additional data and act on + * it. Your function might perform external API operations like + * logging user attributes and validation data to Amazon CloudWatch + * Logs. Validation data might also affect the response that your + * function returns to Amazon Cognito, like automatically confirming + * the user if they sign up from within your network. + *
+ *+ * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
*/ public java.util.List- * The validation data in the request to register a user. + * Temporary user attributes that contribute to the outcomes of your pre + * sign-up Lambda trigger. This set of key-value pairs are for custom + * validation of information that you collect from your users but don't need + * to retain. + *
+ *+ * Your Lambda function can analyze this additional data and act on it. Your + * function might perform external API operations like logging user + * attributes and validation data to Amazon CloudWatch Logs. Validation data + * might also affect the response that your function returns to Amazon + * Cognito, like automatically confirming the user if they sign up from + * within your network. + *
+ *+ * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
* * @param validationData- * The validation data in the request to register a user. + * Temporary user attributes that contribute to the outcomes of + * your pre sign-up Lambda trigger. This set of key-value pairs + * are for custom validation of information that you collect from + * your users but don't need to retain. + *
+ *+ * Your Lambda function can analyze this additional data and act + * on it. Your function might perform external API operations + * like logging user attributes and validation data to Amazon + * CloudWatch Logs. Validation data might also affect the + * response that your function returns to Amazon Cognito, like + * automatically confirming the user if they sign up from within + * your network. + *
+ *+ * For more information about the pre sign-up Lambda trigger, see + * Pre sign-up Lambda trigger. *
*/ public void setValidationData(java.util.Collection- * The validation data in the request to register a user. + * Temporary user attributes that contribute to the outcomes of your pre + * sign-up Lambda trigger. This set of key-value pairs are for custom + * validation of information that you collect from your users but don't need + * to retain. + *
+ *+ * Your Lambda function can analyze this additional data and act on it. Your + * function might perform external API operations like logging user + * attributes and validation data to Amazon CloudWatch Logs. Validation data + * might also affect the response that your function returns to Amazon + * Cognito, like automatically confirming the user if they sign up from + * within your network. + *
+ *+ * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
** Returns a reference to this object so that method calls can be chained * together. * * @param validationData
- * The validation data in the request to register a user. + * Temporary user attributes that contribute to the outcomes of + * your pre sign-up Lambda trigger. This set of key-value pairs + * are for custom validation of information that you collect from + * your users but don't need to retain. + *
+ *+ * Your Lambda function can analyze this additional data and act + * on it. Your function might perform external API operations + * like logging user attributes and validation data to Amazon + * CloudWatch Logs. Validation data might also affect the + * response that your function returns to Amazon Cognito, like + * automatically confirming the user if they sign up from within + * your network. + *
+ *+ * For more information about the pre sign-up Lambda trigger, see + * Pre sign-up Lambda trigger. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -598,14 +729,48 @@ public SignUpRequest withValidationData(AttributeType... validationData) { /** *- * The validation data in the request to register a user. + * Temporary user attributes that contribute to the outcomes of your pre + * sign-up Lambda trigger. This set of key-value pairs are for custom + * validation of information that you collect from your users but don't need + * to retain. + *
+ *+ * Your Lambda function can analyze this additional data and act on it. Your + * function might perform external API operations like logging user + * attributes and validation data to Amazon CloudWatch Logs. Validation data + * might also affect the response that your function returns to Amazon + * Cognito, like automatically confirming the user if they sign up from + * within your network. + *
+ *+ * For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. *
** Returns a reference to this object so that method calls can be chained * together. * * @param validationData
- * The validation data in the request to register a user. + * Temporary user attributes that contribute to the outcomes of + * your pre sign-up Lambda trigger. This set of key-value pairs + * are for custom validation of information that you collect from + * your users but don't need to retain. + *
+ *+ * Your Lambda function can analyze this additional data and act + * on it. Your function might perform external API operations + * like logging user attributes and validation data to Amazon + * CloudWatch Logs. Validation data might also affect the + * response that your function returns to Amazon Cognito, like + * automatically confirming the user if they sign up from within + * your network. + *
+ *+ * For more information about the pre sign-up Lambda trigger, see + * Pre sign-up Lambda trigger. *
* @return A reference to this updated object so that method calls can be * chained together. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SignUpResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SignUpResult.java index 37bb14fe29..7b3ab939b0 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SignUpResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SignUpResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SmsConfigurationType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SmsConfigurationType.java index 5c2d5c4db0..0bf2fe343d 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SmsConfigurationType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SmsConfigurationType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SmsMfaConfigType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SmsMfaConfigType.java index 8f16698e6d..6674ff27e5 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SmsMfaConfigType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SmsMfaConfigType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMFANotFoundException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMFANotFoundException.java index 1cbf0a91bc..a380e84e76 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMFANotFoundException.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMFANotFoundException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMfaConfigType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMfaConfigType.java index 1f4ab690a0..671d494c48 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMfaConfigType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMfaConfigType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMfaSettingsType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMfaSettingsType.java index 1ca193bb7b..324d640485 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMfaSettingsType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/SoftwareTokenMfaSettingsType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StartUserImportJobRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StartUserImportJobRequest.java index dfbfc25867..fe0697ad23 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StartUserImportJobRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StartUserImportJobRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StartUserImportJobResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StartUserImportJobResult.java index b46c604530..315f65454e 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StartUserImportJobResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StartUserImportJobResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StatusType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StatusType.java index 81c3efa30d..4c45c7684a 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StatusType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StatusType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StopUserImportJobRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StopUserImportJobRequest.java index 2f0b913b28..bb286660f3 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StopUserImportJobRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StopUserImportJobRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StopUserImportJobResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StopUserImportJobResult.java index 7556bd17b9..50b2040d28 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StopUserImportJobResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StopUserImportJobResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StringAttributeConstraintsType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StringAttributeConstraintsType.java index 499428ad52..a6ef0b8f02 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StringAttributeConstraintsType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/StringAttributeConstraintsType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -35,7 +35,9 @@ public class StringAttributeConstraintsType implements Serializable { /** *
- * The maximum length.
+ * The maximum length of a string attribute value. Must be a number less
+ * than or equal to 2^1023, represented as a string with a
+ * length of 131072 characters or fewer.
*
* Constraints:
@@ -99,14 +101,18 @@ public StringAttributeConstraintsType withMinLength(String minLength) {
/**
*
- * The maximum length.
+ * The maximum length of a string attribute value. Must be a number less
+ * than or equal to 2^1023, represented as a string with a
+ * length of 131072 characters or fewer.
*
* Constraints:
* Length: 0 - 131072
*
* @return
- * The maximum length.
+ * The maximum length of a string attribute value. Must be a number
+ * less than or equal to 2^1023, represented as a
+ * string with a length of 131072 characters or fewer.
*
- * The maximum length.
+ * The maximum length of a string attribute value. Must be a number less
+ * than or equal to 2^1023, represented as a string with a
+ * length of 131072 characters or fewer.
*
* Constraints:
* Length: 0 - 131072
*
* @param maxLength
- * The maximum length.
+ * The maximum length of a string attribute value. Must be a
+ * number less than or equal to 2^1023, represented
+ * as a string with a length of 131072 characters or fewer.
*
- * The maximum length.
+ * The maximum length of a string attribute value. Must be a number less
+ * than or equal to 2^1023, represented as a string with a
+ * length of 131072 characters or fewer.
*
* Returns a reference to this object so that method calls can be chained
@@ -141,7 +153,9 @@ public void setMaxLength(String maxLength) {
* Length: 0 - 131072
*
* @param maxLength
- * The maximum length.
+ * The maximum length of a string attribute value. Must be a
+ * number less than or equal to 2^1023, represented
+ * as a string with a length of 131072 characters or fewer.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param lastModifiedDate
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param creationDate
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The user pool username.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -156,7 +160,11 @@ public UpdateAuthEventFeedbackRequest withUserPoolId(String userPoolId) {
/**
*
- * The user pool username.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -164,7 +172,12 @@ public UpdateAuthEventFeedbackRequest withUserPoolId(String userPoolId) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @return
- * The user pool username.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but it
+ * can be any of their alias attributes. If username
+ * isn't an alias attribute in your user pool, this value must be
+ * the sub of a local user or the username of a user
+ * from a third-party IdP.
*
- * The user pool username.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Constraints:
@@ -181,7 +198,12 @@ public String getUsername() {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user pool username.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * The user pool username.
+ * The username of the user that you want to query or modify. The value of
+ * this parameter is typically your user's username, but it can be any of
+ * their alias attributes. If username isn't an alias attribute
+ * in your user pool, this value must be the sub of a local
+ * user or the username of a user from a third-party IdP.
*
* Returns a reference to this object so that method calls can be chained
@@ -201,7 +227,12 @@ public void setUsername(String username) {
* Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
*
* @param username
- * The user pool username.
+ * The username of the user that you want to query or modify. The
+ * value of this parameter is typically your user's username, but
+ * it can be any of their alias attributes. If
+ * username isn't an alias attribute in your user
+ * pool, this value must be the sub of a local user
+ * or the username of a user from a third-party IdP.
*
- * Updates the device status. + * Updates the device status. For more information about device authentication, + * see Working with user devices in your user pool. + *
+ *
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope aws.cognito.signin.user.admin.
*
@@ -31,7 +38,7 @@ * policies. For more information about authorization models in Amazon Cognito, * see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
* Constraints:
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*/
private String providerName;
/**
*
- * The IdP details to be updated, such as MetadataURL and
- * MetadataFile.
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
+ *
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
+ *
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
+ *
* Constraints:
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @return
* The IdP name. @@ -177,7 +261,7 @@ public String getProviderName() { *
* Constraints:
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName
* The IdP name. @@ -197,7 +281,7 @@ public void setProviderName(String providerName) { *
* Constraints:
* Length: 1 - 32
- * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+
+ * Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}\p{Z}]+
*
* @param providerName
* The IdP name. @@ -212,14 +296,184 @@ public UpdateIdentityProviderRequest withProviderName(String providerName) { /** *
- * The IdP details to be updated, such as MetadataURL and
- * MetadataFile.
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
+ *
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
+ *
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
+ *
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
*
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
+ *
- * The IdP details to be updated, such as MetadataURL
- * and MetadataFile.
+ * The scopes, URLs, and identifiers for your external identity
+ * provider. The following examples describe the provider detail
+ * keys for each IdP type. These values and their schema are subject
+ * to change. Social IdP authorize_scopes values must
+ * match the values listed here.
+ *
+ * Amazon Cognito accepts the following elements when it can't
+ * discover endpoint URLs from oidc_issuer:
+ * attributes_url, authorize_url,
+ * jwks_uri, token_url.
+ *
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * The value of MetadataFile must be the plaintext
+ * metadata document with all quote (") characters escaped by
+ * backslashes.
+ *
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
*
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
+ *
- * The IdP details to be updated, such as MetadataURL and
- * MetadataFile.
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
+ *
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
+ *
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
+ *
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
*
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
+ *
- * The IdP details to be updated, such as
- * MetadataURL and MetadataFile.
+ * The scopes, URLs, and identifiers for your external identity
+ * provider. The following examples describe the provider detail
+ * keys for each IdP type. These values and their schema are
+ * subject to change. Social IdP authorize_scopes
+ * values must match the values listed here.
+ *
+ * Amazon Cognito accepts the following elements when it can't
+ * discover endpoint URLs from oidc_issuer:
+ * attributes_url, authorize_url,
+ * jwks_uri, token_url.
+ *
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * The value of MetadataFile must be the plaintext
+ * metadata document with all quote (") characters escaped by
+ * backslashes.
*
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
+ *
- * The IdP details to be updated, such as MetadataURL and
- * MetadataFile.
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
*
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
+ *
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
+ *
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
+ *
* Returns a reference to this object so that method calls can be chained * together. * * @param providerDetails
- * The IdP details to be updated, such as
- * MetadataURL and MetadataFile.
+ * The scopes, URLs, and identifiers for your external identity
+ * provider. The following examples describe the provider detail
+ * keys for each IdP type. These values and their schema are
+ * subject to change. Social IdP authorize_scopes
+ * values must match the values listed here.
+ *
+ * Amazon Cognito accepts the following elements when it can't
+ * discover endpoint URLs from oidc_issuer:
+ * attributes_url, authorize_url,
+ * jwks_uri, token_url.
+ *
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * The value of MetadataFile must be the plaintext
+ * metadata document with all quote (") characters escaped by
+ * backslashes.
+ *
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
*
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
+ *
- * The IdP details to be updated, such as MetadataURL and
- * MetadataFile.
+ * The scopes, URLs, and identifiers for your external identity provider.
+ * The following examples describe the provider detail keys for each IdP
+ * type. These values and their schema are subject to change. Social IdP
+ * authorize_scopes values must match the values listed here.
+ *
+ * Amazon Cognito accepts the following elements when it can't discover
+ * endpoint URLs from oidc_issuer: attributes_url,
+ * authorize_url, jwks_uri, token_url
+ * .
+ *
+ * Create or update request:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }
+ *
+ * Create or update request with Metadata URL:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * Create or update request with Metadata file:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
+ *
+ * The value of MetadataFile must be the plaintext metadata
+ * document with all quote (") characters escaped by backslashes.
+ *
+ * Describe response:
+ * "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }
+ *
+ * Create or update request:
+ * "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }
+ *
+ * Describe response:
+ * "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }
*
* The method adds a new key-value pair into ProviderDetails parameter, and * returns a reference to this object so that method calls can be chained diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateIdentityProviderResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateIdentityProviderResult.java index 515b1db471..c501cc5bfe 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateIdentityProviderResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateIdentityProviderResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateResourceServerRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateResourceServerRequest.java index 0ee342c2a5..880d66c551 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateResourceServerRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateResourceServerRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -71,7 +71,16 @@ public class UpdateResourceServerRequest extends AmazonWebServiceRequest impleme /** *
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
* Constraints:
@@ -157,7 +166,16 @@ public UpdateResourceServerRequest withUserPoolId(String userPoolId) {
/**
*
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
* Constraints:
@@ -165,7 +183,16 @@ public UpdateResourceServerRequest withUserPoolId(String userPoolId) {
* Pattern: [\x21\x23-\x5B\x5D-\x7E]+
*
* @return
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access tokens.
*
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
* Constraints:
@@ -182,7 +218,17 @@ public String getIdentifier() {
* Pattern: [\x21\x23-\x5B\x5D-\x7E]+
*
* @param identifier
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server.
+ * The identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL
+ * like https://solar-system-data-api.example.com as
+ * your identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access
+ * tokens.
*
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server. The
+ * identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL like
+ * https://solar-system-data-api.example.com as your
+ * identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the format
+ * $resource-server-identifier/$scope. Longer scope-identifier
+ * strings increase the size of your access tokens.
*
* Returns a reference to this object so that method calls can be chained
@@ -202,7 +257,17 @@ public void setIdentifier(String identifier) {
* Pattern: [\x21\x23-\x5B\x5D-\x7E]+
*
* @param identifier
- * The identifier for the resource server.
+ * A unique resource server identifier for the resource server.
+ * The identifier can be an API friendly name like
+ * solar-system-data. You can also set an API URL
+ * like https://solar-system-data-api.example.com as
+ * your identifier.
+ *
+ * Amazon Cognito represents scopes in the access token in the
+ * format $resource-server-identifier/$scope. Longer
+ * scope-identifier strings increase the size of your access
+ * tokens.
*
- * Allows a user to update a specific attribute (one at a time).
+ * With this operation, your users can update one or more of their attributes
+ * with their own credentials. You authorize this API request with the user's
+ * access token. To delete an attribute from your user, submit the attribute in
+ * your API request with a blank value. Custom attribute values in this request
+ * must include the custom: prefix.
+ *
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope aws.cognito.signin.user.admin.
*
@@ -31,7 +39,7 @@ * policies. For more information about authorization models in Amazon Cognito, * see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserAttributesResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserAttributesResult.java index a8bd5a2a69..cbd60270d5 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserAttributesResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserAttributesResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolClientRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolClientRequest.java index 5876dd8d6f..11040a0ca8 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolClientRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolClientRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -196,14 +196,57 @@ public class UpdateUserPoolClientRequest extends AmazonWebServiceRequest impleme /** *
- * The read-only attributes of the user pool. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
- * The writeable attributes of the user pool.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this array + * must include all attributes that you have mapped to IdP attributes. + * Amazon Cognito updates mapped attributes when users sign in to your + * application through an IdP. If your app client does not have write access + * to a mapped attribute, Amazon Cognito throws an error when it tries to + * update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
*/ private java.util.List- * The read-only attributes of the user pool. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
- * The read-only attributes of the user pool. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, + * their access token authorizes them to read their own attribute + * value for any attribute in this list. An example of this kind of + * activity is when your user selects a link to view their profile + * information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for your
+ * app client, your app can read the values of
+ * email_verified, phone_number_verified,
+ * and the Standard attributes of your user pool. When your user
+ * pool has read access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the
+ * API response if you have specified your own custom set of read
+ * attributes.
*
- * The read-only attributes of the user pool. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
- * The read-only attributes of the user pool. + * The list of user attributes that you want your app client to + * have read-only access to. After your user authenticates in + * your app, their access token authorizes them to read their own + * attribute value for any attribute in this list. An example of + * this kind of activity is when your user selects a link to view + * their profile information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for
+ * your app client, your app can read the values of
+ * email_verified,
+ * phone_number_verified, and the Standard
+ * attributes of your user pool. When your user pool has read
+ * access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in
+ * the API response if you have specified your own custom set of
+ * read attributes.
*
- * The read-only attributes of the user pool. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param readAttributes
- * The read-only attributes of the user pool. + * The list of user attributes that you want your app client to + * have read-only access to. After your user authenticates in + * your app, their access token authorizes them to read their own + * attribute value for any attribute in this list. An example of + * this kind of activity is when your user selects a link to view + * their profile information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for
+ * your app client, your app can read the values of
+ * email_verified,
+ * phone_number_verified, and the Standard
+ * attributes of your user pool. When your user pool has read
+ * access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in
+ * the API response if you have specified your own custom set of
+ * read attributes.
*
- * The read-only attributes of the user pool. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param readAttributes
- * The read-only attributes of the user pool. + * The list of user attributes that you want your app client to + * have read-only access to. After your user authenticates in + * your app, their access token authorizes them to read their own + * attribute value for any attribute in this list. An example of + * this kind of activity is when your user selects a link to view + * their profile information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for
+ * your app client, your app can read the values of
+ * email_verified,
+ * phone_number_verified, and the Standard
+ * attributes of your user pool. When your user pool has read
+ * access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in
+ * the API response if you have specified your own custom set of
+ * read attributes.
*
- * The writeable attributes of the user pool.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this array + * must include all attributes that you have mapped to IdP attributes. + * Amazon Cognito updates mapped attributes when users sign in to your + * application through an IdP. If your app client does not have write access + * to a mapped attribute, Amazon Cognito throws an error when it tries to + * update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
* * @return
- * The writeable attributes of the user pool.
+ * The list of user attributes that you want your app client to have
+ * write access to. After your user authenticates in your app, their
+ * access token authorizes them to set or modify their own attribute
+ * value for any attribute in this list. An example of this kind of
+ * activity is when you present your user with a form to update
+ * their profile information and they change their last name. Your
+ * app then makes an UpdateUserAttributes API request and sets
+ * family_name to the new value.
+ *
+ * When you don't specify the WriteAttributes for your
+ * app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes, WriteAttributes
+ * doesn't return any information. Amazon Cognito only populates
+ * WriteAttributes in the API response if you have
+ * specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this + * array must include all attributes that you have mapped to IdP + * attributes. Amazon Cognito updates mapped attributes when users + * sign in to your application through an IdP. If your app client + * does not have write access to a mapped attribute, Amazon Cognito + * throws an error when it tries to update the attribute. For more + * information, see Specifying IdP Attribute Mappings for Your user pool. *
*/ public java.util.List
- * The writeable attributes of the user pool.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this array + * must include all attributes that you have mapped to IdP attributes. + * Amazon Cognito updates mapped attributes when users sign in to your + * application through an IdP. If your app client does not have write access + * to a mapped attribute, Amazon Cognito throws an error when it tries to + * update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
* * @param writeAttributes
- * The writeable attributes of the user pool.
+ * The list of user attributes that you want your app client to
+ * have write access to. After your user authenticates in your
+ * app, their access token authorizes them to set or modify their
+ * own attribute value for any attribute in this list. An example
+ * of this kind of activity is when you present your user with a
+ * form to update their profile information and they change their
+ * last name. Your app then makes an UpdateUserAttributes API request and sets
+ * family_name to the new value.
+ *
+ * When you don't specify the WriteAttributes for
+ * your app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes,
+ * WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in
+ * the API response if you have specified your own custom set of
+ * write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, + * this array must include all attributes that you have mapped to + * IdP attributes. Amazon Cognito updates mapped attributes when + * users sign in to your application through an IdP. If your app + * client does not have write access to a mapped attribute, + * Amazon Cognito throws an error when it tries to update the + * attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
*/ public void setWriteAttributes(java.util.Collection
- * The writeable attributes of the user pool.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this array + * must include all attributes that you have mapped to IdP attributes. + * Amazon Cognito updates mapped attributes when users sign in to your + * application through an IdP. If your app client does not have write access + * to a mapped attribute, Amazon Cognito throws an error when it tries to + * update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
** Returns a reference to this object so that method calls can be chained * together. * * @param writeAttributes
- * The writeable attributes of the user pool.
+ * The list of user attributes that you want your app client to
+ * have write access to. After your user authenticates in your
+ * app, their access token authorizes them to set or modify their
+ * own attribute value for any attribute in this list. An example
+ * of this kind of activity is when you present your user with a
+ * form to update their profile information and they change their
+ * last name. Your app then makes an UpdateUserAttributes API request and sets
+ * family_name to the new value.
+ *
+ * When you don't specify the WriteAttributes for
+ * your app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes,
+ * WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in
+ * the API response if you have specified your own custom set of
+ * write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, + * this array must include all attributes that you have mapped to + * IdP attributes. Amazon Cognito updates mapped attributes when + * users sign in to your application through an IdP. If your app + * client does not have write access to a mapped attribute, + * Amazon Cognito throws an error when it tries to update the + * attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -1420,14 +1777,70 @@ public UpdateUserPoolClientRequest withWriteAttributes(String... writeAttributes /** *
- * The writeable attributes of the user pool.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this array + * must include all attributes that you have mapped to IdP attributes. + * Amazon Cognito updates mapped attributes when users sign in to your + * application through an IdP. If your app client does not have write access + * to a mapped attribute, Amazon Cognito throws an error when it tries to + * update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
** Returns a reference to this object so that method calls can be chained * together. * * @param writeAttributes
- * The writeable attributes of the user pool.
+ * The list of user attributes that you want your app client to
+ * have write access to. After your user authenticates in your
+ * app, their access token authorizes them to set or modify their
+ * own attribute value for any attribute in this list. An example
+ * of this kind of activity is when you present your user with a
+ * form to update their profile information and they change their
+ * last name. Your app then makes an UpdateUserAttributes API request and sets
+ * family_name to the new value.
+ *
+ * When you don't specify the WriteAttributes for
+ * your app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes,
+ * WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in
+ * the API response if you have specified your own custom set of
+ * write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, + * this array must include all attributes that you have mapped to + * IdP attributes. Amazon Cognito updates mapped attributes when + * users sign in to your application through an IdP. If your app + * client does not have write access to a mapped attribute, + * Amazon Cognito throws an error when it tries to update the + * attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
* @return A reference to this updated object so that method calls can be * chained together. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolClientResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolClientResult.java index 1f823da9f6..9fe955fa4e 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolClientResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolClientResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolDomainRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolDomainRequest.java index bfc54b400d..1641721a6f 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolDomainRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolDomainRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolDomainResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolDomainResult.java index a1de330d13..8bac99f03d 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolDomainResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolDomainResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolRequest.java index c5a0b451e2..d6d5b9388b 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolResult.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolResult.java index 3d93774207..51afc79fb4 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolResult.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UpdateUserPoolResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserAttributeUpdateSettingsType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserAttributeUpdateSettingsType.java index bfbcd174d7..a196056e48 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserAttributeUpdateSettingsType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserAttributeUpdateSettingsType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserContextDataType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserContextDataType.java index 3294c60e37..6a856f62c4 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserContextDataType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserContextDataType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportInProgressException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportInProgressException.java index 646c9abb8c..32c62674dd 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportInProgressException.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportInProgressException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportJobStatusType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportJobStatusType.java index a506f99f6d..3694906d1c 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportJobStatusType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportJobStatusType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportJobType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportJobType.java index 6a6e4aa60a..1021ab7dad 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportJobType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserImportJobType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -69,9 +69,9 @@ public class UserImportJobType implements Serializable { /** *
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param creationDate
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The Read-only attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
- * The writeable attributes.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this array + * must include all attributes that you have mapped to IdP attributes. + * Amazon Cognito updates mapped attributes when users sign in to your + * application through an IdP. If your app client does not have write access + * to a mapped attribute, Amazon Cognito throws an error when it tries to + * update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
*/ private java.util.List
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param lastModifiedDate
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param creationDate
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The Read-only attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
- * The Read-only attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, + * their access token authorizes them to read their own attribute + * value for any attribute in this list. An example of this kind of + * activity is when your user selects a link to view their profile + * information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for your
+ * app client, your app can read the values of
+ * email_verified, phone_number_verified,
+ * and the Standard attributes of your user pool. When your user
+ * pool has read access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the
+ * API response if you have specified your own custom set of read
+ * attributes.
*
- * The Read-only attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
- * The Read-only attributes. + * The list of user attributes that you want your app client to + * have read-only access to. After your user authenticates in + * your app, their access token authorizes them to read their own + * attribute value for any attribute in this list. An example of + * this kind of activity is when your user selects a link to view + * their profile information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for
+ * your app client, your app can read the values of
+ * email_verified,
+ * phone_number_verified, and the Standard
+ * attributes of your user pool. When your user pool has read
+ * access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in
+ * the API response if you have specified your own custom set of
+ * read attributes.
*
- * The Read-only attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param readAttributes
- * The Read-only attributes. + * The list of user attributes that you want your app client to + * have read-only access to. After your user authenticates in + * your app, their access token authorizes them to read their own + * attribute value for any attribute in this list. An example of + * this kind of activity is when your user selects a link to view + * their profile information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for
+ * your app client, your app can read the values of
+ * email_verified,
+ * phone_number_verified, and the Standard
+ * attributes of your user pool. When your user pool has read
+ * access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in
+ * the API response if you have specified your own custom set of
+ * read attributes.
*
- * The Read-only attributes. + * The list of user attributes that you want your app client to have + * read-only access to. After your user authenticates in your app, their + * access token authorizes them to read their own attribute value for any + * attribute in this list. An example of this kind of activity is when your + * user selects a link to view their profile information. Your app makes a + * GetUser API request to retrieve and display your user's profile + * data. + *
+ *
+ * When you don't specify the ReadAttributes for your app
+ * client, your app can read the values of email_verified,
+ * phone_number_verified, and the Standard attributes of your
+ * user pool. When your user pool has read access to these default
+ * attributes, ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in the API
+ * response if you have specified your own custom set of read attributes.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param readAttributes
- * The Read-only attributes. + * The list of user attributes that you want your app client to + * have read-only access to. After your user authenticates in + * your app, their access token authorizes them to read their own + * attribute value for any attribute in this list. An example of + * this kind of activity is when your user selects a link to view + * their profile information. Your app makes a GetUser API request to retrieve and display your user's + * profile data. + *
+ *
+ * When you don't specify the ReadAttributes for
+ * your app client, your app can read the values of
+ * email_verified,
+ * phone_number_verified, and the Standard
+ * attributes of your user pool. When your user pool has read
+ * access to these default attributes,
+ * ReadAttributes doesn't return any information.
+ * Amazon Cognito only populates ReadAttributes in
+ * the API response if you have specified your own custom set of
+ * read attributes.
*
- * The writeable attributes.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this array + * must include all attributes that you have mapped to IdP attributes. + * Amazon Cognito updates mapped attributes when users sign in to your + * application through an IdP. If your app client does not have write access + * to a mapped attribute, Amazon Cognito throws an error when it tries to + * update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
* * @return
- * The writeable attributes.
+ * The list of user attributes that you want your app client to have
+ * write access to. After your user authenticates in your app, their
+ * access token authorizes them to set or modify their own attribute
+ * value for any attribute in this list. An example of this kind of
+ * activity is when you present your user with a form to update
+ * their profile information and they change their last name. Your
+ * app then makes an UpdateUserAttributes API request and sets
+ * family_name to the new value.
+ *
+ * When you don't specify the WriteAttributes for your
+ * app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes, WriteAttributes
+ * doesn't return any information. Amazon Cognito only populates
+ * WriteAttributes in the API response if you have
+ * specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this + * array must include all attributes that you have mapped to IdP + * attributes. Amazon Cognito updates mapped attributes when users + * sign in to your application through an IdP. If your app client + * does not have write access to a mapped attribute, Amazon Cognito + * throws an error when it tries to update the attribute. For more + * information, see Specifying IdP Attribute Mappings for Your user pool. *
*/ public java.util.List
- * The writeable attributes.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this array + * must include all attributes that you have mapped to IdP attributes. + * Amazon Cognito updates mapped attributes when users sign in to your + * application through an IdP. If your app client does not have write access + * to a mapped attribute, Amazon Cognito throws an error when it tries to + * update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
* * @param writeAttributes
- * The writeable attributes.
+ * The list of user attributes that you want your app client to
+ * have write access to. After your user authenticates in your
+ * app, their access token authorizes them to set or modify their
+ * own attribute value for any attribute in this list. An example
+ * of this kind of activity is when you present your user with a
+ * form to update their profile information and they change their
+ * last name. Your app then makes an UpdateUserAttributes API request and sets
+ * family_name to the new value.
+ *
+ * When you don't specify the WriteAttributes for
+ * your app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes,
+ * WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in
+ * the API response if you have specified your own custom set of
+ * write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, + * this array must include all attributes that you have mapped to + * IdP attributes. Amazon Cognito updates mapped attributes when + * users sign in to your application through an IdP. If your app + * client does not have write access to a mapped attribute, + * Amazon Cognito throws an error when it tries to update the + * attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
*/ public void setWriteAttributes(java.util.Collection
- * The writeable attributes.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this array + * must include all attributes that you have mapped to IdP attributes. + * Amazon Cognito updates mapped attributes when users sign in to your + * application through an IdP. If your app client does not have write access + * to a mapped attribute, Amazon Cognito throws an error when it tries to + * update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
** Returns a reference to this object so that method calls can be chained * together. * * @param writeAttributes
- * The writeable attributes.
+ * The list of user attributes that you want your app client to
+ * have write access to. After your user authenticates in your
+ * app, their access token authorizes them to set or modify their
+ * own attribute value for any attribute in this list. An example
+ * of this kind of activity is when you present your user with a
+ * form to update their profile information and they change their
+ * last name. Your app then makes an UpdateUserAttributes API request and sets
+ * family_name to the new value.
+ *
+ * When you don't specify the WriteAttributes for
+ * your app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes,
+ * WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in
+ * the API response if you have specified your own custom set of
+ * write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, + * this array must include all attributes that you have mapped to + * IdP attributes. Amazon Cognito updates mapped attributes when + * users sign in to your application through an IdP. If your app + * client does not have write access to a mapped attribute, + * Amazon Cognito throws an error when it tries to update the + * attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -1577,14 +1940,70 @@ public UserPoolClientType withWriteAttributes(String... writeAttributes) { /** *
- * The writeable attributes.
+ * The list of user attributes that you want your app client to have write
+ * access to. After your user authenticates in your app, their access token
+ * authorizes them to set or modify their own attribute value for any
+ * attribute in this list. An example of this kind of activity is when you
+ * present your user with a form to update their profile information and
+ * they change their last name. Your app then makes an UpdateUserAttributes API request and sets family_name
+ * to the new value.
+ *
+ * When you don't specify the WriteAttributes for your app
+ * client, your app can write the values of the Standard attributes of your
+ * user pool. When your user pool has write access to these default
+ * attributes, WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in the API
+ * response if you have specified your own custom set of write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, this array + * must include all attributes that you have mapped to IdP attributes. + * Amazon Cognito updates mapped attributes when users sign in to your + * application through an IdP. If your app client does not have write access + * to a mapped attribute, Amazon Cognito throws an error when it tries to + * update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
** Returns a reference to this object so that method calls can be chained * together. * * @param writeAttributes
- * The writeable attributes.
+ * The list of user attributes that you want your app client to
+ * have write access to. After your user authenticates in your
+ * app, their access token authorizes them to set or modify their
+ * own attribute value for any attribute in this list. An example
+ * of this kind of activity is when you present your user with a
+ * form to update their profile information and they change their
+ * last name. Your app then makes an UpdateUserAttributes API request and sets
+ * family_name to the new value.
+ *
+ * When you don't specify the WriteAttributes for
+ * your app client, your app can write the values of the Standard
+ * attributes of your user pool. When your user pool has write
+ * access to these default attributes,
+ * WriteAttributes doesn't return any information.
+ * Amazon Cognito only populates WriteAttributes in
+ * the API response if you have specified your own custom set of
+ * write attributes.
+ *
+ * If your app client allows users to sign in through an IdP, + * this array must include all attributes that you have mapped to + * IdP attributes. Amazon Cognito updates mapped attributes when + * users sign in to your application through an IdP. If your app + * client does not have write access to a mapped attribute, + * Amazon Cognito throws an error when it tries to update the + * attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool. *
* @return A reference to this updated object so that method calls can be * chained together. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserPoolDescriptionType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserPoolDescriptionType.java index 027421d676..092d0af5a1 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserPoolDescriptionType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UserPoolDescriptionType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -64,18 +64,18 @@ public class UserPoolDescriptionType implements Serializable { /** *
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param lastModifiedDate
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param creationDate
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The status of a user pool. + * This parameter is no longer used. *
*
* Constraints:
@@ -90,18 +90,18 @@ public class UserPoolType implements Serializable {
/**
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The status of a user pool. + * This parameter is no longer used. *
*
* Constraints:
* Allowed Values: Enabled, Disabled
*
* @return
- * The status of a user pool. + * This parameter is no longer used. *
* @see StatusType */ @@ -866,14 +866,14 @@ public String getStatus() { /** *- * The status of a user pool. + * This parameter is no longer used. *
*
* Constraints:
* Allowed Values: Enabled, Disabled
*
* @param status
- * The status of a user pool. + * This parameter is no longer used. *
* @see StatusType */ @@ -883,7 +883,7 @@ public void setStatus(String status) { /** *- * The status of a user pool. + * This parameter is no longer used. *
** Returns a reference to this object so that method calls can be chained @@ -893,7 +893,7 @@ public void setStatus(String status) { * Allowed Values: Enabled, Disabled * * @param status
- * The status of a user pool. + * This parameter is no longer used. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -906,14 +906,14 @@ public UserPoolType withStatus(String status) { /** *- * The status of a user pool. + * This parameter is no longer used. *
*
* Constraints:
* Allowed Values: Enabled, Disabled
*
* @param status
- * The status of a user pool. + * This parameter is no longer used. *
* @see StatusType */ @@ -923,7 +923,7 @@ public void setStatus(StatusType status) { /** *- * The status of a user pool. + * This parameter is no longer used. *
** Returns a reference to this object so that method calls can be chained @@ -933,7 +933,7 @@ public void setStatus(StatusType status) { * Allowed Values: Enabled, Disabled * * @param status
- * The status of a user pool. + * This parameter is no longer used. *
* @return A reference to this updated object so that method calls can be * chained together. @@ -946,15 +946,16 @@ public UserPoolType withStatus(StatusType status) { /** *
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param lastModifiedDate
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param creationDate
- * The date and time, in ISO
- * 8601 format, when the item was created.
+ * The date and time when the item was created. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*/
private String userStatus;
@@ -295,15 +295,16 @@ public UserType withUserCreateDate(java.util.Date userCreateDate) {
/**
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK might
+ * render the output in a human-readable format like ISO 8601 or a
+ * Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito returns this
+ * timestamp in UNIX epoch time format. Your SDK might render the output in
+ * a human-readable format like ISO 8601 or a Java Date object.
*
* Returns a reference to this object so that method calls can be chained * together. * * @param userLastModifiedDate
- * The date and time, in ISO
- * 8601 format, when the item was modified.
+ * The date and time when the item was modified. Amazon Cognito
+ * returns this timestamp in UNIX epoch time format. Your SDK
+ * might render the output in a human-readable format like ISO
+ * 8601 or a Java Date object.
*
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*
* @return
* The user status. This can be one of the following: @@ -539,7 +542,7 @@ public String getUserStatus() { *
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*
* @param userStatus
* The user status. This can be one of the following: @@ -631,7 +634,7 @@ public void setUserStatus(String userStatus) { *
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*
* @param userStatus
* The user status. This can be one of the following: @@ -723,7 +726,7 @@ public UserType withUserStatus(String userStatus) { *
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*
* @param userStatus
* The user status. This can be one of the following: @@ -815,7 +818,7 @@ public void setUserStatus(UserStatusType userStatus) { *
* Constraints:
* Allowed Values: UNCONFIRMED, CONFIRMED, ARCHIVED, COMPROMISED,
- * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD
+ * UNKNOWN, RESET_REQUIRED, FORCE_CHANGE_PASSWORD, EXTERNAL_PROVIDER
*
* @param userStatus
* The user status. This can be one of the following: diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameAttributeType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameAttributeType.java index 44e4c898a3..b1e4889dd2 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameAttributeType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameAttributeType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameConfigurationType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameConfigurationType.java index ed3024c4e1..7636933f76 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameConfigurationType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameConfigurationType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameExistsException.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameExistsException.java index dda166b90a..ecfda48fdc 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameExistsException.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/UsernameExistsException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerificationMessageTemplateType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerificationMessageTemplateType.java index 7fa26307e3..b87923ef09 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerificationMessageTemplateType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerificationMessageTemplateType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerifiedAttributeType.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerifiedAttributeType.java index f6b2f1a3af..e0976459cf 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerifiedAttributeType.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerifiedAttributeType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerifySoftwareTokenRequest.java b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerifySoftwareTokenRequest.java index 49ec6bf852..40ee2b8188 100644 --- a/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerifySoftwareTokenRequest.java +++ b/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/services/cognitoidentityprovider/model/VerifySoftwareTokenRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -34,7 +34,7 @@ * policies. For more information about authorization models in Amazon Cognito, * see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*
+ * Authorize this action with a signed-in user's access token. It must include
+ * the scope aws.cognito.signin.user.admin.
+ *
* Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies @@ -38,7 +42,7 @@ * policies. For more information about authorization models in Amazon Cognito, * see Using the Amazon Cognito native and OIDC APIs. + * >Using the Amazon Cognito user pools API and user pool endpoints. *
*With the Amazon Cognito user pools API, you can set up user pools and app clients, and authenticate users. To authenticate users from third-party identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the authentication and authorization of federated users in the Using the Amazon Cognito user pools API and user pool endpoints.
This API reference provides detailed information about API operations and object types in Amazon Cognito. At the bottom of the page for each API operation and object, under See Also, you can learn how to use it in an Amazon Web Services SDK in the language of your choice.
Along with resource management operations, the Amazon Cognito user pools API includes classes of operations and authorization models for client-side and server-side user operations. For more information, see Using the Amazon Cognito native and OIDC APIs in the Amazon Cognito Developer Guide.
You can also start reading about the CognitoIdentityProvider client in the following SDK guides.
To get started with an Amazon Web Services SDK, see Tools to Build on Amazon Web Services. For example actions and scenarios, see Code examples for Amazon Cognito Identity Provider using Amazon Web Services SDKs.
+ *With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To authenticate users from third-party identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the authentication and authorization of federated users at Adding user pool sign-in through a third party and in the User pool federation endpoints and hosted UI reference.
This API reference provides detailed information about API operations and object types in Amazon Cognito.
Along with resource management operations, the Amazon Cognito user pools API includes classes of operations and authorization models for client-side and server-side authentication of users. You can interact with operations in the Amazon Cognito user pools API as any of the following subjects.
An administrator who wants to configure user pools, app clients, users, groups, or other user pool functions.
A server-side app, like a web application, that wants to use its Amazon Web Services privileges to manage, authenticate, or authorize a user.
A client-side app, like a mobile app, that wants to make unauthenticated requests to manage, authenticate, or authorize a user.
For more information, see Using the Amazon Cognito user pools API and user pool endpoints in the Amazon Cognito Developer Guide.
With your Amazon Web Services SDK, you can build the logic to support operational flows in every use case for this API. You can also make direct REST API requests to Amazon Cognito user pools service endpoints. The following links can get you started with the CognitoIdentityProvider client in other supported Amazon Web Services SDKs.
To get started with an Amazon Web Services SDK, see Tools to Build on Amazon Web Services. For example actions and scenarios, see Code examples for Amazon Cognito Identity Provider using Amazon Web Services SDKs.
*/ package com.amazonaws.services.cognitoidentityprovider;