Struct Client

Source

pub struct Client { /* private fields */ }

Expand description

Client for Amazon Cognito Identity Provider

Client for invoking operations on Amazon Cognito Identity Provider. Each operation on Amazon Cognito Identity Provider is a method on this this struct. .send() MUST be invoked on the generated operations to dispatch the request to the service.

§Constructing a `Client`

A Config is required to construct a client. For most use cases, the aws-config crate should be used to automatically resolve this config using aws_config::load_from_env(), since this will resolve an SdkConfig which can be shared across multiple different AWS SDK clients. This config resolution process can be customized by calling aws_config::from_env() instead, which returns a ConfigLoader that uses the builder pattern to customize the default config.

In the simplest case, creating a client looks as follows:

let config = aws_config::load_from_env().await;
let client = aws_sdk_cognitoidentityprovider::Client::new(&config);

Occasionally, SDKs may have additional service-specific values that can be set on the Config that is absent from SdkConfig, or slightly different settings for a specific client may be desired. The Builder struct implements From<&SdkConfig>, so setting these specific settings can be done as follows:

let sdk_config = ::aws_config::load_from_env().await;
let config = aws_sdk_cognitoidentityprovider::config::Builder::from(&sdk_config)
    .some_service_specific_setting("value")
    .build();

See the aws-config docs and Config for more information on customizing configuration.

Note: Client construction is expensive due to connection thread pool initialization, and should be done once at application start-up.

§Using the `Client`

A client has a function for every operation that can be performed by the service. For example, the AddCustomAttributes operation has a Client::add_custom_attributes, function which returns a builder for that operation. The fluent builder ultimately has a send() function that returns an async future that returns a result, as illustrated below:

let result = client.add_custom_attributes()
    .user_pool_id("example")
    .send()
    .await;

Constructs a fluent builder for the ListUsers operation. This operation supports pagination; See into_paginator().

The fluent builder is configurable:
- user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
  required: true
  The ID of the user pool where you want to display or search for users.
- attributes_to_get(impl Into<String>) / set_attributes_to_get(Option<Vec::<String>>):
  required: false
  A JSON array of user attribute names, for example given_name, that you want Amazon Cognito to include in the response for each user. When you don’t provide an AttributesToGet parameter, Amazon Cognito returns all attributes for each user.
  
  Use AttributesToGet with required attributes in your user pool, or in conjunction with Filter. Amazon Cognito returns an error if not all users in the results have set a value for the attribute you request. Attributes that you can’t filter on, including custom attributes, must have a value set in every user profile before an AttributesToGet parameter returns results.
- limit(i32) / set_limit(Option<i32>):
  required: false
  The maximum number of users that you want Amazon Cognito to return in the response.
- pagination_token(impl Into<String>) / set_pagination_token(Option<String>):
  required: false
  This API operation returns a limited number of results. The pagination token is an identifier that you can present in an additional API request with the same parameters. When you include the pagination token, Amazon Cognito returns the next set of items after the current list. Subsequent requests return a new pagination token. By use of this token, you can paginate through the full list of items.
- filter(impl Into<String>) / set_filter(Option<String>):
  required: false
  A filter string of the form “AttributeName Filter-Type “AttributeValue”. Quotation marks within the filter string must be escaped using the backslash (</code>) character. For example, “family_name = "Reddy"”.
  AttributeName: The name of the attribute to search for. You can only search for one attribute at a time. Filter-Type: For an exact match, use =, for example, “given_name = "Jon"”. For a prefix (“starts with”) match, use ^=, for example, “given_name ^= "Jon"”. AttributeValue: The attribute value that must be matched for each user. If the filter string is empty, ListUsers returns all users in the user pool. You can only search for the following standard attributes: username (case-sensitive) email phone_number name given_name family_name preferred_username cognito:user_status (called Status in the Console) (case-insensitive) status (called Enabled in the Console) (case-sensitive) sub Custom attributes aren’t searchable. You can also list users with a client-side filter. The server-side filter matches no more than one attribute. For an advanced search, use a client-side filter with the –query parameter of the list-users action in the CLI. When you use a client-side filter, ListUsers returns a paginated list of zero or more users. You can receive multiple pages in a row with zero results. Repeat the query with each pagination token that is returned until you receive a null pagination token value, and then review the combined result. For more information about server-side and client-side filtering, see FilteringCLI output in the Command Line Interface User Guide. For more information, see Searching for Users Using the ListUsers API and Examples of Using the ListUsers API in the Amazon Cognito Developer Guide.


On success, responds with ListUsersOutput with field(s):

users(Option<Vec::<UserType>>): An array of user pool users who match your query, and their attributes.
pagination_token(Option<String>): The identifier that Amazon Cognito returned with the previous request to this operation. When you include a pagination token in your request, Amazon Cognito returns the next set of items in the list. By use of this token, you can paginate through the full list of items.


On failure, responds with SdkError<ListUsersError>

Source§impl Client

Sourcepub fn list_users_in_group(&self) -> ListUsersInGroupFluentBuilder

Constructs a fluent builder for the ListUsersInGroup operation. This operation supports pagination; See into_paginator().



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool where you want to view the membership of the requested group.


group_name(impl Into<String>) / set_group_name(Option<String>):
required: true
The name of the group that you want to query for user membership.


limit(i32) / set_limit(Option<i32>):
required: false
The maximum number of groups that you want Amazon Cognito to return in the response.


next_token(impl Into<String>) / set_next_token(Option<String>):
required: false
This API operation returns a limited number of results. The pagination token is an identifier that you can present in an additional API request with the same parameters. When you include the pagination token, Amazon Cognito returns the next set of items after the current list. Subsequent requests return a new pagination token. By use of this token, you can paginate through the full list of items.




On success, responds with ListUsersInGroupOutput with field(s):

users(Option<Vec::<UserType>>): An array of users who are members in the group, and their attributes.
next_token(Option<String>): The identifier that Amazon Cognito returned with the previous request to this operation. When you include a pagination token in your request, Amazon Cognito returns the next set of items in the list. By use of this token, you can paginate through the full list of items.


On failure, responds with SdkError<ListUsersInGroupError>

Source§impl Client

Sourcepub fn list_web_authn_credentials(&self) -> ListWebAuthnCredentialsFluentBuilder

Constructs a fluent builder for the ListWebAuthnCredentials operation.



The fluent builder is configurable:

access_token(impl Into<String>) / set_access_token(Option<String>):
required: true
A valid access token that Amazon Cognito issued to the currently signed-in user. Must include a scope claim for aws.cognito.signin.user.admin.


next_token(impl Into<String>) / set_next_token(Option<String>):
required: false
This API operation returns a limited number of results. The pagination token is an identifier that you can present in an additional API request with the same parameters. When you include the pagination token, Amazon Cognito returns the next set of items after the current list. Subsequent requests return a new pagination token. By use of this token, you can paginate through the full list of items.


max_results(i32) / set_max_results(Option<i32>):
required: false
The maximum number of the user’s passkey credentials that you want to return.




On success, responds with ListWebAuthnCredentialsOutput with field(s):

credentials(Vec::<WebAuthnCredentialDescription>): A list of registered passkeys for a user.
next_token(Option<String>): The identifier that Amazon Cognito returned with the previous request to this operation. When you include a pagination token in your request, Amazon Cognito returns the next set of items in the list. By use of this token, you can paginate through the full list of items.


On failure, responds with SdkError<ListWebAuthnCredentialsError>

Source§impl Client

Sourcepub fn resend_confirmation_code(&self) -> ResendConfirmationCodeFluentBuilder

Constructs a fluent builder for the ResendConfirmationCode operation.



The fluent builder is configurable:

client_id(impl Into<String>) / set_client_id(Option<String>):
required: true
The ID of the user pool app client where the user signed up.


secret_hash(impl Into<String>) / set_secret_hash(Option<String>):
required: false
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message. For more information about SecretHash, see Computing secret hash values.


user_context_data(UserContextDataType) / set_user_context_data(Option<UserContextDataType>):
required: false
Contextual data about your user session like the device fingerprint, IP address, or location. Amazon Cognito threat protection evaluates the risk of an authentication event based on the context that your app generates and passes to Amazon Cognito when it makes API requests.
 For more information, see Collecting data for threat protection in applications.


username(impl Into<String>) / set_username(Option<String>):
required: true
The name of the user that you want to query or modify. The value of this parameter is typically your user’s username, but it can be any of their alias attributes. If username isn’t an alias attribute in your user pool, this value must be the sub of a local user or the username of a user from a third-party IdP.


analytics_metadata(AnalyticsMetadataType) / set_analytics_metadata(Option<AnalyticsMetadataType>):
required: false
Information that supports analytics outcomes with Amazon Pinpoint, including the user’s endpoint ID. The endpoint ID is a destination for Amazon Pinpoint push notifications, for example a device identifier, email address, or phone number.


client_metadata(impl Into<String>, impl Into<String>) / set_client_metadata(Option<HashMap::<String, String>>):
required: false
A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
 You create custom workflows by assigning Lambda functions to user pool triggers. When you use the ResendConfirmationCode API action, Amazon Cognito invokes the function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the ClientMetadata parameter in your ResendConfirmationCode request. In your function code in Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs.
 For more information, see  Using Lambda triggers in the Amazon Cognito Developer Guide.
  When you use the ClientMetadata parameter, note that Amazon Cognito won’t do the following:
         Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn’t include triggers, the ClientMetadata parameter serves no purpose.
       Validate the ClientMetadata value.
       Encrypt the ClientMetadata value. Don’t send sensitive information in this parameter.
  
 



On success, responds with ResendConfirmationCodeOutput with field(s):

code_delivery_details(Option<CodeDeliveryDetailsType>): Information about the phone number or email address that Amazon Cognito sent the confirmation code to.


On failure, responds with SdkError<ResendConfirmationCodeError>

Source§impl Client

Sourcepub fn respond_to_auth_challenge(&self) -> RespondToAuthChallengeFluentBuilder

Constructs a fluent builder for the RespondToAuthChallenge operation.



The fluent builder is configurable:

client_id(impl Into<String>) / set_client_id(Option<String>):
required: true
The ID of the app client where the user is signing in.


challenge_name(ChallengeNameType) / set_challenge_name(Option<ChallengeNameType>):
required: true
The name of the challenge that you are responding to.
  You can’t respond to an ADMIN_NO_SRP_AUTH challenge with this operation.
  Possible challenges include the following:
  All of the following challenges require USERNAME and, when the app client has a client secret, SECRET_HASH in the parameters.
       WEB_AUTHN: Respond to the challenge with the results of a successful authentication with a WebAuthn authenticator, or passkey. Examples of WebAuthn authenticators include biometric devices and security keys.
     PASSWORD: Respond with USER_PASSWORD_AUTH parameters: USERNAME (required), PASSWORD (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
     PASSWORD_SRP: Respond with USER_SRP_AUTH parameters: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
     SELECT_CHALLENGE: Respond to the challenge with USERNAME and an ANSWER that matches one of the challenge types in the AvailableChallenges response parameter.
     SMS_MFA: Respond with an SMS_MFA_CODE that your user pool delivered in an SMS message.
     EMAIL_OTP: Respond with an EMAIL_OTP_CODE that your user pool delivered in an email message.
     PASSWORD_VERIFIER: Respond with PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after client-side SRP calculations.
     CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user should pass another challenge before tokens are issued. The parameters of the challenge are determined by your Lambda function.
     DEVICE_SRP_AUTH: Respond with the initial parameters of device SRP authentication. For more information, see Signing in with a device.
     DEVICE_PASSWORD_VERIFIER: Respond with PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after client-side SRP calculations. For more information, see Signing in with a device.
     NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login. Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned in the requiredAttributes parameter. You can also set values for attributes that aren’t required by your user pool and that your app client can write.
   Amazon Cognito only returns this challenge for users who have temporary passwords. When you create passwordless users, you must provide values for all required attributes.
    In a NEW_PASSWORD_REQUIRED challenge response, you can’t modify a required attribute that already has a value. In AdminRespondToAuthChallenge or RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the AdminUpdateUserAttributes or UpdateUserAttributes API operation to modify the value of any additional attributes.
   
     MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
   To set up time-based one-time password (TOTP) MFA, use the session returned in this challenge from InitiateAuth or AdminInitiateAuth as an input to AssociateSoftwareToken. Then, use the session returned by VerifySoftwareToken as an input to RespondToAuthChallenge or AdminRespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in.
   To set up SMS or email MFA, collect a phone_number or email attribute for the user. Then restart the authentication flow with an InitiateAuth or AdminInitiateAuth request.
 


session(impl Into<String>) / set_session(Option<String>):
required: false
The session identifier that maintains the state of authentication requests and challenge responses. If an AdminInitiateAuth or AdminRespondToAuthChallenge API request results in a determination that your application must pass another challenge, Amazon Cognito returns a session with other challenge parameters. Send this session identifier, unmodified, to the next AdminRespondToAuthChallenge request.


challenge_responses(impl Into<String>, impl Into<String>) / set_challenge_responses(Option<HashMap::<String, String>>):
required: false
The responses to the challenge that you received in the previous request. Each challenge has its own required response parameters. The following examples are partial JSON request bodies that highlight challenge-response parameters.
  You must provide a SECRET_HASH parameter in all challenge responses to an app client that has a client secret. Include a DEVICE_KEY for device authentication.
       SELECT_CHALLENGE  
     “ChallengeName”: “SELECT_CHALLENGE”, “ChallengeResponses”: { “USERNAME”: “[username]”, “ANSWER”: “[Challenge name]”}
   Available challenges are PASSWORD, PASSWORD_SRP, EMAIL_OTP, SMS_OTP, and WEB_AUTHN.
   Complete authentication in the SELECT_CHALLENGE response for PASSWORD, PASSWORD_SRP, and WEB_AUTHN:
            “ChallengeName”: “SELECT_CHALLENGE”, “ChallengeResponses”: { “ANSWER”: “WEB_AUTHN”, “USERNAME”: “[username]”, “CREDENTIAL”: “[AuthenticationResponseJSON]”}
     See  AuthenticationResponseJSON.
         “ChallengeName”: “SELECT_CHALLENGE”, “ChallengeResponses”: { “ANSWER”: “PASSWORD”, “USERNAME”: “[username]”, “PASSWORD”: “[password]”}
         “ChallengeName”: “SELECT_CHALLENGE”, “ChallengeResponses”: { “ANSWER”: “PASSWORD_SRP”, “USERNAME”: “[username]”, “SRP_A”: “[SRP_A]”}
   
   For SMS_OTP and EMAIL_OTP, respond with the username and answer. Your user pool will send a code for the user to submit in the next challenge response.
            “ChallengeName”: “SELECT_CHALLENGE”, “ChallengeResponses”: { “ANSWER”: “SMS_OTP”, “USERNAME”: “[username]”}
         “ChallengeName”: “SELECT_CHALLENGE”, “ChallengeResponses”: { “ANSWER”: “EMAIL_OTP”, “USERNAME”: “[username]”}
   
  
     SMS_OTP  
     “ChallengeName”: “SMS_OTP”, “ChallengeResponses”: {“SMS_OTP_CODE”: “[code]”, “USERNAME”: “[username]”}
  
     EMAIL_OTP  
     “ChallengeName”: “EMAIL_OTP”, “ChallengeResponses”: {“EMAIL_OTP_CODE”: “[code]”, “USERNAME”: “[username]”}
  
     SMS_MFA  
     “ChallengeName”: “SMS_MFA”, “ChallengeResponses”: {“SMS_MFA_CODE”: “[code]”, “USERNAME”: “[username]”}
  
     PASSWORD_VERIFIER  
     This challenge response is part of the SRP flow. Amazon Cognito requires that your application respond to this challenge within a few seconds. When the response time exceeds this period, your user pool returns a NotAuthorizedException error.
   “ChallengeName”: “PASSWORD_VERIFIER”, “ChallengeResponses”: {“PASSWORD_CLAIM_SIGNATURE”: “[claim_signature]”, “PASSWORD_CLAIM_SECRET_BLOCK”: “[secret_block]”, “TIMESTAMP”: [timestamp], “USERNAME”: “[username]”}
   Add “DEVICE_KEY” when you sign in with a remembered device.
  
     CUSTOM_CHALLENGE  
     “ChallengeName”: “CUSTOM_CHALLENGE”, “ChallengeResponses”: {“USERNAME”: “[username]”, “ANSWER”: “[challenge_answer]”}
   Add “DEVICE_KEY” when you sign in with a remembered device.
  
     NEW_PASSWORD_REQUIRED  
     “ChallengeName”: “NEW_PASSWORD_REQUIRED”, “ChallengeResponses”: {“NEW_PASSWORD”: “[new_password]”, “USERNAME”: “[username]”}
   To set any required attributes that InitiateAuth returned in an requiredAttributes parameter, add “userAttributes.[attribute_name]”: “[attribute_value]”. This parameter can also set values for writable attributes that aren’t required by your user pool.
    In a NEW_PASSWORD_REQUIRED challenge response, you can’t modify a required attribute that already has a value. In AdminRespondToAuthChallenge or RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the AdminUpdateUserAttributes or UpdateUserAttributes API operation to modify the value of any additional attributes.
     
     SOFTWARE_TOKEN_MFA  
     “ChallengeName”: “SOFTWARE_TOKEN_MFA”, “ChallengeResponses”: {“USERNAME”: “[username]”, “SOFTWARE_TOKEN_MFA_CODE”: [authenticator_code]}
  
     DEVICE_SRP_AUTH  
     “ChallengeName”: “DEVICE_SRP_AUTH”, “ChallengeResponses”: {“USERNAME”: “[username]”, “DEVICE_KEY”: “[device_key]”, “SRP_A”: “[srp_a]”}
  
     DEVICE_PASSWORD_VERIFIER  
     “ChallengeName”: “DEVICE_PASSWORD_VERIFIER”, “ChallengeResponses”: {“DEVICE_KEY”: “[device_key]”, “PASSWORD_CLAIM_SIGNATURE”: “[claim_signature]”, “PASSWORD_CLAIM_SECRET_BLOCK”: “[secret_block]”, “TIMESTAMP”: [timestamp], “USERNAME”: “[username]”}
  
     MFA_SETUP  
     “ChallengeName”: “MFA_SETUP”, “ChallengeResponses”: {“USERNAME”: “[username]”}, “SESSION”: “[Session ID from VerifySoftwareToken]”
  
     SELECT_MFA_TYPE  
     “ChallengeName”: “SELECT_MFA_TYPE”, “ChallengeResponses”: {“USERNAME”: “[username]”, “ANSWER”: “[SMS_MFA or SOFTWARE_TOKEN_MFA]”}
  
 
 For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.


analytics_metadata(AnalyticsMetadataType) / set_analytics_metadata(Option<AnalyticsMetadataType>):
required: false
Information that supports analytics outcomes with Amazon Pinpoint, including the user’s endpoint ID. The endpoint ID is a destination for Amazon Pinpoint push notifications, for example a device identifier, email address, or phone number.


user_context_data(UserContextDataType) / set_user_context_data(Option<UserContextDataType>):
required: false
Contextual data about your user session like the device fingerprint, IP address, or location. Amazon Cognito threat protection evaluates the risk of an authentication event based on the context that your app generates and passes to Amazon Cognito when it makes API requests.
 For more information, see Collecting data for threat protection in applications.


client_metadata(impl Into<String>, impl Into<String>) / set_client_metadata(Option<HashMap::<String, String>>):
required: false
A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
 You create custom workflows by assigning Lambda functions to user pool triggers. When you use the RespondToAuthChallenge API action, Amazon Cognito invokes any functions that are assigned to the following triggers: post authentication, pre token generation, define auth challenge, create auth challenge, and verify auth challenge. When Amazon Cognito invokes any of these functions, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the ClientMetadata parameter in your RespondToAuthChallenge request. In your function code in Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs.
 For more information, see  Using Lambda triggers in the Amazon Cognito Developer Guide.
  When you use the ClientMetadata parameter, note that Amazon Cognito won’t do the following:
         Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn’t include triggers, the ClientMetadata parameter serves no purpose.
       Validate the ClientMetadata value.
       Encrypt the ClientMetadata value. Don’t send sensitive information in this parameter.
  
 



On success, responds with RespondToAuthChallengeOutput with field(s):

challenge_name(Option<ChallengeNameType>): The name of the next challenge that you must respond to.
 Possible challenges include the following:
  All of the following challenges require USERNAME and, when the app client has a client secret, SECRET_HASH in the parameters.
       WEB_AUTHN: Respond to the challenge with the results of a successful authentication with a WebAuthn authenticator, or passkey. Examples of WebAuthn authenticators include biometric devices and security keys.
     PASSWORD: Respond with USER_PASSWORD_AUTH parameters: USERNAME (required), PASSWORD (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
     PASSWORD_SRP: Respond with USER_SRP_AUTH parameters: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
     SELECT_CHALLENGE: Respond to the challenge with USERNAME and an ANSWER that matches one of the challenge types in the AvailableChallenges response parameter.
     SMS_MFA: Respond with an SMS_MFA_CODE that your user pool delivered in an SMS message.
     EMAIL_OTP: Respond with an EMAIL_OTP_CODE that your user pool delivered in an email message.
     PASSWORD_VERIFIER: Respond with PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after client-side SRP calculations.
     CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user should pass another challenge before tokens are issued. The parameters of the challenge are determined by your Lambda function.
     DEVICE_SRP_AUTH: Respond with the initial parameters of device SRP authentication. For more information, see Signing in with a device.
     DEVICE_PASSWORD_VERIFIER: Respond with PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after client-side SRP calculations. For more information, see Signing in with a device.
     NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login. Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned in the requiredAttributes parameter. You can also set values for attributes that aren’t required by your user pool and that your app client can write.
   Amazon Cognito only returns this challenge for users who have temporary passwords. When you create passwordless users, you must provide values for all required attributes.
    In a NEW_PASSWORD_REQUIRED challenge response, you can’t modify a required attribute that already has a value. In AdminRespondToAuthChallenge or RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the AdminUpdateUserAttributes or UpdateUserAttributes API operation to modify the value of any additional attributes.
   
     MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
   To set up time-based one-time password (TOTP) MFA, use the session returned in this challenge from InitiateAuth or AdminInitiateAuth as an input to AssociateSoftwareToken. Then, use the session returned by VerifySoftwareToken as an input to RespondToAuthChallenge or AdminRespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in.
   To set up SMS or email MFA, collect a phone_number or email attribute for the user. Then restart the authentication flow with an InitiateAuth or AdminInitiateAuth request.
 
session(Option<String>): The session identifier that maintains the state of authentication requests and challenge responses. If an InitiateAuth or RespondToAuthChallenge API request results in a determination that your application must pass another challenge, Amazon Cognito returns a session with other challenge parameters. Send this session identifier, unmodified, to the next RespondToAuthChallenge request.
challenge_parameters(Option<HashMap::<String, String>>): The parameters that define your response to the next challenge.
authentication_result(Option<AuthenticationResultType>): The outcome of a successful authentication process. After your application has passed all challenges, Amazon Cognito returns an AuthenticationResult with the JSON web tokens (JWTs) that indicate successful sign-in.


On failure, responds with SdkError<RespondToAuthChallengeError>

Source§impl Client

Sourcepub fn revoke_token(&self) -> RevokeTokenFluentBuilder

Constructs a fluent builder for the RevokeToken operation.



The fluent builder is configurable:

token(impl Into<String>) / set_token(Option<String>):
required: true
The refresh token that you want to revoke.


client_id(impl Into<String>) / set_client_id(Option<String>):
required: true
The ID of the app client where the token that you want to revoke was issued.


client_secret(impl Into<String>) / set_client_secret(Option<String>):
required: false
The client secret of the requested app client, if the client has a secret.




On success, responds with RevokeTokenOutput
On failure, responds with SdkError<RevokeTokenError>

Source§impl Client

Sourcepub fn set_log_delivery_configuration(
    &self,
) -> SetLogDeliveryConfigurationFluentBuilder

Constructs a fluent builder for the SetLogDeliveryConfiguration operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool where you want to configure logging.


log_configurations(LogConfigurationType) / set_log_configurations(Option<Vec::<LogConfigurationType>>):
required: true
A collection of the logging configurations for a user pool.




On success, responds with SetLogDeliveryConfigurationOutput with field(s):

log_delivery_configuration(Option<LogDeliveryConfigurationType>): The logging configuration that you applied to the requested user pool.


On failure, responds with SdkError<SetLogDeliveryConfigurationError>

Source§impl Client

Sourcepub fn set_risk_configuration(&self) -> SetRiskConfigurationFluentBuilder

Constructs a fluent builder for the SetRiskConfiguration operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool where you want to set a risk configuration. If you include UserPoolId in your request, don’t include ClientId. When the client ID is null, the same risk configuration is applied to all the clients in the userPool. When you include both ClientId and UserPoolId, Amazon Cognito maps the configuration to the app client only.


client_id(impl Into<String>) / set_client_id(Option<String>):
required: false
The ID of the app client where you want to set a risk configuration. If ClientId is null, then the risk configuration is mapped to UserPoolId. When the client ID is null, the same risk configuration is applied to all the clients in the userPool.
 When you include a ClientId parameter, Amazon Cognito maps the configuration to the app client. When you include both ClientId and UserPoolId, Amazon Cognito maps the configuration to the app client only.


compromised_credentials_risk_configuration(CompromisedCredentialsRiskConfigurationType) / set_compromised_credentials_risk_configuration(Option<CompromisedCredentialsRiskConfigurationType>):
required: false
The configuration of automated reactions to detected compromised credentials. Includes settings for blocking future sign-in requests and for the types of password-submission events you want to monitor.


account_takeover_risk_configuration(AccountTakeoverRiskConfigurationType) / set_account_takeover_risk_configuration(Option<AccountTakeoverRiskConfigurationType>):
required: false
The settings for automated responses and notification templates for adaptive authentication with threat protection.


risk_exception_configuration(RiskExceptionConfigurationType) / set_risk_exception_configuration(Option<RiskExceptionConfigurationType>):
required: false
A set of IP-address overrides to threat protection. You can set up IP-address always-block and always-allow lists.




On success, responds with SetRiskConfigurationOutput with field(s):

risk_configuration(Option<RiskConfigurationType>): The API response that contains the risk configuration that you set and the timestamp of the most recent change.


On failure, responds with SdkError<SetRiskConfigurationError>

Source§impl Client

Sourcepub fn set_ui_customization(&self) -> SetUICustomizationFluentBuilder

Constructs a fluent builder for the SetUICustomization operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool where you want to apply branding to the classic hosted UI.


client_id(impl Into<String>) / set_client_id(Option<String>):
required: false
The ID of the app client that you want to customize. To apply a default style to all app clients not configured with client-level branding, set this parameter value to ALL.


css(impl Into<String>) / set_css(Option<String>):
required: false
A plaintext CSS file that contains the custom fields that you want to apply to your user pool or app client. To download a template, go to the Amazon Cognito console. Navigate to your user pool App clients tab, select Login pages, edit Hosted UI (classic) style, and select the link to CSS template.css.


image_file(Blob) / set_image_file(Option<Blob>):
required: false
The image that you want to set as your login in the classic hosted UI, as a Base64-formatted binary object.




On success, responds with SetUiCustomizationOutput with field(s):

ui_customization(Option<UiCustomizationType>): Information about the hosted UI branding that you applied.


On failure, responds with SdkError<SetUICustomizationError>

Source§impl Client

Sourcepub fn set_user_mfa_preference(&self) -> SetUserMFAPreferenceFluentBuilder

Constructs a fluent builder for the SetUserMFAPreference operation.



The fluent builder is configurable:

sms_mfa_settings(SmsMfaSettingsType) / set_sms_mfa_settings(Option<SmsMfaSettingsType>):
required: false
User preferences for SMS message MFA. Activates or deactivates SMS MFA and sets it as the preferred MFA method when multiple methods are available.


software_token_mfa_settings(SoftwareTokenMfaSettingsType) / set_software_token_mfa_settings(Option<SoftwareTokenMfaSettingsType>):
required: false
User preferences for time-based one-time password (TOTP) MFA. Activates or deactivates TOTP MFA and sets it as the preferred MFA method when multiple methods are available. Users must register a TOTP authenticator before they set this as their preferred MFA method.


email_mfa_settings(EmailMfaSettingsType) / set_email_mfa_settings(Option<EmailMfaSettingsType>):
required: false
User preferences for email message MFA. Activates or deactivates email MFA and sets it as the preferred MFA method when multiple methods are available. To activate this setting, your user pool must be in the  Essentials tier or higher.


access_token(impl Into<String>) / set_access_token(Option<String>):
required: true
A valid access token that Amazon Cognito issued to the currently signed-in user. Must include a scope claim for aws.cognito.signin.user.admin.




On success, responds with SetUserMfaPreferenceOutput
On failure, responds with SdkError<SetUserMFAPreferenceError>

Source§impl Client

Sourcepub fn set_user_pool_mfa_config(&self) -> SetUserPoolMfaConfigFluentBuilder

Constructs a fluent builder for the SetUserPoolMfaConfig operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The user pool ID.


sms_mfa_configuration(SmsMfaConfigType) / set_sms_mfa_configuration(Option<SmsMfaConfigType>):
required: false
Configures user pool SMS messages for MFA. Sets the message template and the SMS message sending configuration for Amazon SNS.


software_token_mfa_configuration(SoftwareTokenMfaConfigType) / set_software_token_mfa_configuration(Option<SoftwareTokenMfaConfigType>):
required: false
Configures a user pool for time-based one-time password (TOTP) MFA. Enables or disables TOTP.


email_mfa_configuration(EmailMfaConfigType) / set_email_mfa_configuration(Option<EmailMfaConfigType>):
required: false
Sets configuration for user pool email message MFA and sign-in with one-time passwords (OTPs). Includes the subject and body of the email message template for sign-in and MFA messages. To activate this setting, your user pool must be in the  Essentials tier or higher.


mfa_configuration(UserPoolMfaType) / set_mfa_configuration(Option<UserPoolMfaType>):
required: false
Sets multi-factor authentication (MFA) to be on, off, or optional. When ON, all users must set up MFA before they can sign in. When OPTIONAL, your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose OPTIONAL.
 When MfaConfiguration is OPTIONAL, managed login doesn’t automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.


web_authn_configuration(WebAuthnConfigurationType) / set_web_authn_configuration(Option<WebAuthnConfigurationType>):
required: false
The configuration of your user pool for passkey, or WebAuthn, authentication and registration. You can set this configuration independent of the MFA configuration options in this operation.




On success, responds with SetUserPoolMfaConfigOutput with field(s):

sms_mfa_configuration(Option<SmsMfaConfigType>): Shows user pool SMS message configuration for MFA and sign-in with SMS-message OTPs. Includes the message template and the SMS message sending configuration for Amazon SNS.
software_token_mfa_configuration(Option<SoftwareTokenMfaConfigType>): Shows user pool configuration for time-based one-time password (TOTP) MFA. Includes TOTP enabled or disabled state.
email_mfa_configuration(Option<EmailMfaConfigType>): Shows configuration for user pool email message MFA and sign-in with one-time passwords (OTPs). Includes the subject and body of the email message template for sign-in and MFA messages. To activate this setting, your user pool must be in the  Essentials tier or higher.
mfa_configuration(Option<UserPoolMfaType>): Displays multi-factor authentication (MFA) as on, off, or optional. When ON, all users must set up MFA before they can sign in. When OPTIONAL, your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose OPTIONAL.
 When MfaConfiguration is OPTIONAL, managed login doesn’t automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.
web_authn_configuration(Option<WebAuthnConfigurationType>): The configuration of your user pool for passkey, or WebAuthn, sign-in with authenticators like biometric and security-key devices. Includes relying-party configuration and settings for user-verification requirements.


On failure, responds with SdkError<SetUserPoolMfaConfigError>

Source§impl Client

Sourcepub fn set_user_settings(&self) -> SetUserSettingsFluentBuilder

Constructs a fluent builder for the SetUserSettings operation.



The fluent builder is configurable:

access_token(impl Into<String>) / set_access_token(Option<String>):
required: true
A valid access token that Amazon Cognito issued to the currently signed-in user. Must include a scope claim for aws.cognito.signin.user.admin.


mfa_options(MfaOptionType) / set_mfa_options(Option<Vec::<MfaOptionType>>):
required: true
You can use this parameter only to set an SMS configuration that uses SMS for delivery.




On success, responds with SetUserSettingsOutput
On failure, responds with SdkError<SetUserSettingsError>

Source§impl Client

Sourcepub fn sign_up(&self) -> SignUpFluentBuilder

Constructs a fluent builder for the SignUp operation.



The fluent builder is configurable:

client_id(impl Into<String>) / set_client_id(Option<String>):
required: true
The ID of the app client where the user wants to sign up.


secret_hash(impl Into<String>) / set_secret_hash(Option<String>):
required: false
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message. For more information about SecretHash, see Computing secret hash values.


username(impl Into<String>) / set_username(Option<String>):
required: true
The username of the user that you want to sign up. The value of this parameter is typically a username, but can be any alias attribute in your user pool.


password(impl Into<String>) / set_password(Option<String>):
required: false
The user’s proposed password. The password must comply with the password requirements of your user pool.
 Users can sign up without a password when your user pool supports passwordless sign-in with email or SMS OTPs. To create a user with no password, omit this parameter or submit a blank value. You can only create a passwordless user when passwordless sign-in is available.


user_attributes(AttributeType) / set_user_attributes(Option<Vec::<AttributeType>>):
required: false
An array of name-value pairs representing user attributes.
 For custom attributes, include a custom: prefix in the attribute name, for example custom:department.


validation_data(AttributeType) / set_validation_data(Option<Vec::<AttributeType>>):
required: false
Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don’t need to retain.
 Your Lambda function can analyze this additional data and act on it. Your function can automatically confirm and verify select users or perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs.
 For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger.


analytics_metadata(AnalyticsMetadataType) / set_analytics_metadata(Option<AnalyticsMetadataType>):
required: false
Information that supports analytics outcomes with Amazon Pinpoint, including the user’s endpoint ID. The endpoint ID is a destination for Amazon Pinpoint push notifications, for example a device identifier, email address, or phone number.


user_context_data(UserContextDataType) / set_user_context_data(Option<UserContextDataType>):
required: false
Contextual data about your user session like the device fingerprint, IP address, or location. Amazon Cognito threat protection evaluates the risk of an authentication event based on the context that your app generates and passes to Amazon Cognito when it makes API requests.
 For more information, see Collecting data for threat protection in applications.


client_metadata(impl Into<String>, impl Into<String>) / set_client_metadata(Option<HashMap::<String, String>>):
required: false
A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
 You create custom workflows by assigning Lambda functions to user pool triggers. When you use the SignUp API action, Amazon Cognito invokes any functions that are assigned to the following triggers: pre sign-up, custom message, and post confirmation. When Amazon Cognito invokes any of these functions, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the ClientMetadata parameter in your SignUp request. In your function code in Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs.
 For more information, see  Using Lambda triggers in the Amazon Cognito Developer Guide.
  When you use the ClientMetadata parameter, note that Amazon Cognito won’t do the following:
         Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn’t include triggers, the ClientMetadata parameter serves no purpose.
       Validate the ClientMetadata value.
       Encrypt the ClientMetadata value. Don’t send sensitive information in this parameter.
  
 



On success, responds with SignUpOutput with field(s):

user_confirmed(bool): Indicates whether the user was automatically confirmed. You can auto-confirm users with a pre sign-up Lambda trigger.
code_delivery_details(Option<CodeDeliveryDetailsType>): In user pools that automatically verify and confirm new users, Amazon Cognito sends users a message with a code or link that confirms ownership of the phone number or email address that they entered. The CodeDeliveryDetails object is information about the delivery destination for that link or code.
user_sub(String): The unique identifier of the new user, for example a1b2c3d4-5678-90ab-cdef-EXAMPLE11111.
session(Option<String>): A session Id that you can pass to ConfirmSignUp when you want to immediately sign in your user with the USER_AUTH flow after they complete sign-up.


On failure, responds with SdkError<SignUpError>

Source§impl Client

Sourcepub fn start_user_import_job(&self) -> StartUserImportJobFluentBuilder

Constructs a fluent builder for the StartUserImportJob operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool that you want to start importing users into.


job_id(impl Into<String>) / set_job_id(Option<String>):
required: true
The ID of a user import job that you previously created.




On success, responds with StartUserImportJobOutput with field(s):

user_import_job(Option<UserImportJobType>): The details of the user import job. Includes logging destination, status, and the Amazon S3 pre-signed URL for CSV upload.


On failure, responds with SdkError<StartUserImportJobError>

Source§impl Client

Sourcepub fn start_web_authn_registration(
    &self,
) -> StartWebAuthnRegistrationFluentBuilder

Constructs a fluent builder for the StartWebAuthnRegistration operation.



The fluent builder is configurable:

access_token(impl Into<String>) / set_access_token(Option<String>):
required: true
A valid access token that Amazon Cognito issued to the currently signed-in user. Must include a scope claim for aws.cognito.signin.user.admin.




On success, responds with StartWebAuthnRegistrationOutput with field(s):

credential_creation_options(Document): The information that a user can provide in their request to register with their passkey provider.


On failure, responds with SdkError<StartWebAuthnRegistrationError>

Source§impl Client

Sourcepub fn stop_user_import_job(&self) -> StopUserImportJobFluentBuilder

Constructs a fluent builder for the StopUserImportJob operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool that you want to stop.


job_id(impl Into<String>) / set_job_id(Option<String>):
required: true
The ID of a running user import job.




On success, responds with StopUserImportJobOutput with field(s):

user_import_job(Option<UserImportJobType>): The details of the user import job. Includes logging destination, status, and the Amazon S3 pre-signed URL for CSV upload.


On failure, responds with SdkError<StopUserImportJobError>

Source§impl Client

Sourcepub fn tag_resource(&self) -> TagResourceFluentBuilder

Constructs a fluent builder for the TagResource operation.



The fluent builder is configurable:

resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
required: true
The Amazon Resource Name (ARN) of the user pool to assign the tags to.


tags(impl Into<String>, impl Into<String>) / set_tags(Option<HashMap::<String, String>>):
required: true
An array of tag keys and values that you want to assign to the user pool.




On success, responds with TagResourceOutput
On failure, responds with SdkError<TagResourceError>

Source§impl Client

Sourcepub fn untag_resource(&self) -> UntagResourceFluentBuilder

Constructs a fluent builder for the UntagResource operation.



The fluent builder is configurable:

resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
required: true
The Amazon Resource Name (ARN) of the user pool that the tags are assigned to.


tag_keys(impl Into<String>) / set_tag_keys(Option<Vec::<String>>):
required: true
An array of tag keys that you want to remove from the user pool.




On success, responds with UntagResourceOutput
On failure, responds with SdkError<UntagResourceError>

Source§impl Client

Sourcepub fn update_auth_event_feedback(&self) -> UpdateAuthEventFeedbackFluentBuilder

Constructs a fluent builder for the UpdateAuthEventFeedback operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool where you want to update auth event feedback.


username(impl Into<String>) / set_username(Option<String>):
required: true
The name of the user that you want to query or modify. The value of this parameter is typically your user’s username, but it can be any of their alias attributes. If username isn’t an alias attribute in your user pool, this value must be the sub of a local user or the username of a user from a third-party IdP.


event_id(impl Into<String>) / set_event_id(Option<String>):
required: true
The ID of the authentication event that you want to submit feedback for.


feedback_token(impl Into<String>) / set_feedback_token(Option<String>):
required: true
The feedback token, an encrypted object generated by Amazon Cognito and passed to your user in the notification email message from the event.


feedback_value(FeedbackValueType) / set_feedback_value(Option<FeedbackValueType>):
required: true
Your feedback to the authentication event. When you provide a FeedbackValue value of valid, you tell Amazon Cognito that you trust a user session where Amazon Cognito has evaluated some level of risk. When you provide a FeedbackValue value of invalid, you tell Amazon Cognito that you don’t trust a user session, or you don’t believe that Amazon Cognito evaluated a high-enough risk level.




On success, responds with UpdateAuthEventFeedbackOutput
On failure, responds with SdkError<UpdateAuthEventFeedbackError>

Source§impl Client

Sourcepub fn update_device_status(&self) -> UpdateDeviceStatusFluentBuilder

Constructs a fluent builder for the UpdateDeviceStatus operation.



The fluent builder is configurable:

access_token(impl Into<String>) / set_access_token(Option<String>):
required: true
A valid access token that Amazon Cognito issued to the currently signed-in user. Must include a scope claim for aws.cognito.signin.user.admin.


device_key(impl Into<String>) / set_device_key(Option<String>):
required: true
The device key of the device you want to update, for example us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111.


device_remembered_status(DeviceRememberedStatusType) / set_device_remembered_status(Option<DeviceRememberedStatusType>):
required: false
To enable device authentication with the specified device, set to remembered.To disable, set to not_remembered.




On success, responds with UpdateDeviceStatusOutput
On failure, responds with SdkError<UpdateDeviceStatusError>

Source§impl Client

Sourcepub fn update_group(&self) -> UpdateGroupFluentBuilder

Constructs a fluent builder for the UpdateGroup operation.



The fluent builder is configurable:

group_name(impl Into<String>) / set_group_name(Option<String>):
required: true
The name of the group that you want to update.


user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool that contains the group you want to update.


description(impl Into<String>) / set_description(Option<String>):
required: false
A new description of the existing group.


role_arn(impl Into<String>) / set_role_arn(Option<String>):
required: false
The Amazon Resource Name (ARN) of an IAM role that you want to associate with the group. The role assignment contributes to the cognito:roles and cognito:preferred_role claims in group members’ tokens.


precedence(i32) / set_precedence(Option<i32>):
required: false
A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher or null Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user’s tokens for the cognito:roles and cognito:preferred_role claims.
 Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn’t set in users’ tokens.
 The default Precedence value is null. The maximum Precedence value is 2^31-1.




On success, responds with UpdateGroupOutput with field(s):

group(Option<GroupType>): Contains the updated details of the group, including precedence, IAM role, and description.


On failure, responds with SdkError<UpdateGroupError>

Source§impl Client

Sourcepub fn update_identity_provider(&self) -> UpdateIdentityProviderFluentBuilder

Constructs a fluent builder for the UpdateIdentityProvider operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The Id of the user pool where you want to update your IdP.


provider_name(impl Into<String>) / set_provider_name(Option<String>):
required: true
The name of the IdP that you want to update. You can pass the identity provider name in the identity_provider query parameter of requests to the Authorize endpoint to silently redirect to sign-in with the associated IdP.


provider_details(impl Into<String>, impl Into<String>) / set_provider_details(Option<HashMap::<String, String>>):
required: false
The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP authorize_scopes values must match the values listed here.
      OpenID Connect (OIDC)  
     Amazon Cognito accepts the following elements when it can’t discover endpoint URLs from oidc_issuer: attributes_url, authorize_url, jwks_uri, token_url.
   Create or update request: “ProviderDetails”: { “attributes_request_method”: “GET”, “attributes_url”: “https://auth.example.com/userInfo”, “authorize_scopes”: “openid profile email”, “authorize_url”: “https://auth.example.com/authorize”, “client_id”: “1example23456789”, “client_secret”: “provider-app-client-secret”, “jwks_uri”: “https://auth.example.com/.well-known/jwks.json”, “oidc_issuer”: “https://auth.example.com”, “token_url”: “https://example.com/token” }
   Describe response: “ProviderDetails”: { “attributes_request_method”: “GET”, “attributes_url”: “https://auth.example.com/userInfo”, “attributes_url_add_attributes”: “false”, “authorize_scopes”: “openid profile email”, “authorize_url”: “https://auth.example.com/authorize”, “client_id”: “1example23456789”, “client_secret”: “provider-app-client-secret”, “jwks_uri”: “https://auth.example.com/.well-known/jwks.json”, “oidc_issuer”: “https://auth.example.com”, “token_url”: “https://example.com/token” }
  
     SAML  
     Create or update request with Metadata URL: “ProviderDetails”: { “IDPInit”: “true”, “IDPSignout”: “true”, “EncryptedResponses” : “true”, “MetadataURL”: “https://auth.example.com/sso/saml/metadata”, “RequestSigningAlgorithm”: “rsa-sha256” }
   Create or update request with Metadata file: “ProviderDetails”: { “IDPInit”: “true”, “IDPSignout”: “true”, “EncryptedResponses” : “true”, “MetadataFile”: “[metadata XML]”, “RequestSigningAlgorithm”: “rsa-sha256” }
   The value of MetadataFile must be the plaintext metadata document with all quote (“) characters escaped by backslashes.
   Describe response: “ProviderDetails”: { “IDPInit”: “true”, “IDPSignout”: “true”, “EncryptedResponses” : “true”, “ActiveEncryptionCertificate”: “[certificate]”, “MetadataURL”: “https://auth.example.com/sso/saml/metadata”, “RequestSigningAlgorithm”: “rsa-sha256”, “SLORedirectBindingURI”: “https://auth.example.com/slo/saml”, “SSORedirectBindingURI”: “https://auth.example.com/sso/saml” }
  
     LoginWithAmazon  
     Create or update request: “ProviderDetails”: { “authorize_scopes”: “profile postal_code”, “client_id”: “amzn1.application-oa2-client.1example23456789”, “client_secret”: “provider-app-client-secret”
   Describe response: “ProviderDetails”: { “attributes_url”: “https://api.amazon.com/user/profile”, “attributes_url_add_attributes”: “false”, “authorize_scopes”: “profile postal_code”, “authorize_url”: “https://www.amazon.com/ap/oa”, “client_id”: “amzn1.application-oa2-client.1example23456789”, “client_secret”: “provider-app-client-secret”, “token_request_method”: “POST”, “token_url”: “https://api.amazon.com/auth/o2/token” }
  
     Google  
     Create or update request: “ProviderDetails”: { “authorize_scopes”: “email profile openid”, “client_id”: “1example23456789.apps.googleusercontent.com”, “client_secret”: “provider-app-client-secret” }
   Describe response: “ProviderDetails”: { “attributes_url”: “https://people.googleapis.com/v1/people/me?personFields=”, “attributes_url_add_attributes”: “true”, “authorize_scopes”: “email profile openid”, “authorize_url”: “https://accounts.google.com/o/oauth2/v2/auth”, “client_id”: “1example23456789.apps.googleusercontent.com”, “client_secret”: “provider-app-client-secret”, “oidc_issuer”: “https://accounts.google.com”, “token_request_method”: “POST”, “token_url”: “https://www.googleapis.com/oauth2/v4/token” }
  
     SignInWithApple  
     Create or update request: “ProviderDetails”: { “authorize_scopes”: “email name”, “client_id”: “com.example.cognito”, “private_key”: “1EXAMPLE”, “key_id”: “2EXAMPLE”, “team_id”: “3EXAMPLE” }
   Describe response: “ProviderDetails”: { “attributes_url_add_attributes”: “false”, “authorize_scopes”: “email name”, “authorize_url”: “https://appleid.apple.com/auth/authorize”, “client_id”: “com.example.cognito”, “key_id”: “1EXAMPLE”, “oidc_issuer”: “https://appleid.apple.com”, “team_id”: “2EXAMPLE”, “token_request_method”: “POST”, “token_url”: “https://appleid.apple.com/auth/token” }
  
     Facebook  
     Create or update request: “ProviderDetails”: { “api_version”: “v17.0”, “authorize_scopes”: “public_profile, email”, “client_id”: “1example23456789”, “client_secret”: “provider-app-client-secret” }
   Describe response: “ProviderDetails”: { “api_version”: “v17.0”, “attributes_url”: “https://graph.facebook.com/v17.0/me?fields=”, “attributes_url_add_attributes”: “true”, “authorize_scopes”: “public_profile, email”, “authorize_url”: “https://www.facebook.com/v17.0/dialog/oauth”, “client_id”: “1example23456789”, “client_secret”: “provider-app-client-secret”, “token_request_method”: “GET”, “token_url”: “https://graph.facebook.com/v17.0/oauth/access_token” }
  
 


attribute_mapping(impl Into<String>, impl Into<String>) / set_attribute_mapping(Option<HashMap::<String, String>>):
required: false
A mapping of IdP attributes to standard and custom user pool attributes. Specify a user pool attribute as the key of the key-value pair, and the IdP attribute claim name as the value.


idp_identifiers(impl Into<String>) / set_idp_identifiers(Option<Vec::<String>>):
required: false
An array of IdP identifiers, for example “IdPIdentifiers”: [ “MyIdP”, “MyIdP2” ]. Identifiers are friendly names that you can pass in the idp_identifier query parameter of requests to the Authorize endpoint to silently redirect to sign-in with the associated IdP. Identifiers in a domain format also enable the use of email-address matching with SAML providers.




On success, responds with UpdateIdentityProviderOutput with field(s):

identity_provider(Option<IdentityProviderType>): The identity provider details.


On failure, responds with SdkError<UpdateIdentityProviderError>

Source§impl Client

Sourcepub fn update_managed_login_branding(
    &self,
) -> UpdateManagedLoginBrandingFluentBuilder

Constructs a fluent builder for the UpdateManagedLoginBranding operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: false
The ID of the user pool that contains the managed login branding style that you want to update.


managed_login_branding_id(impl Into<String>) / set_managed_login_branding_id(Option<String>):
required: false
The ID of the managed login branding style that you want to update.


use_cognito_provided_values(bool) / set_use_cognito_provided_values(Option<bool>):
required: false
When true, applies the default branding style options. This option reverts to default style options that are managed by Amazon Cognito. You can modify them later in the branding designer.
 When you specify true for this option, you must also omit values for Settings and Assets in the request.


settings(Document) / set_settings(Option<Document>):
required: false
A JSON file, encoded as a Document type, with the the settings that you want to apply to your style.


assets(AssetType) / set_assets(Option<Vec::<AssetType>>):
required: false
An array of image files that you want to apply to roles like backgrounds, logos, and icons. Each object must also indicate whether it is for dark mode, light mode, or browser-adaptive mode.




On success, responds with UpdateManagedLoginBrandingOutput with field(s):

managed_login_branding(Option<ManagedLoginBrandingType>): The details of the branding style that you updated.


On failure, responds with SdkError<UpdateManagedLoginBrandingError>

Source§impl Client

Sourcepub fn update_resource_server(&self) -> UpdateResourceServerFluentBuilder

Constructs a fluent builder for the UpdateResourceServer operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool that contains the resource server that you want to update.


identifier(impl Into<String>) / set_identifier(Option<String>):
required: true
A unique resource server identifier for the resource server. The identifier can be an API friendly name like solar-system-data. You can also set an API URL like https://solar-system-data-api.example.com as your identifier.
 Amazon Cognito represents scopes in the access token in the format $resource-server-identifier/$scope. Longer scope-identifier strings increase the size of your access tokens.


name(impl Into<String>) / set_name(Option<String>):
required: true
The updated name of the resource server.


scopes(ResourceServerScopeType) / set_scopes(Option<Vec::<ResourceServerScopeType>>):
required: false
An array of updated custom scope names and descriptions that you want to associate with your resource server.




On success, responds with UpdateResourceServerOutput with field(s):

resource_server(Option<ResourceServerType>): The updated details of the requested resource server.


On failure, responds with SdkError<UpdateResourceServerError>

Source§impl Client

Sourcepub fn update_user_attributes(&self) -> UpdateUserAttributesFluentBuilder

Constructs a fluent builder for the UpdateUserAttributes operation.



The fluent builder is configurable:

user_attributes(AttributeType) / set_user_attributes(Option<Vec::<AttributeType>>):
required: true
An array of name-value pairs representing user attributes.
 For custom attributes, you must add a custom: prefix to the attribute name.
 If you have set an attribute to require verification before Amazon Cognito updates its value, this request doesn’t immediately update the value of that attribute. After your user receives and responds to a verification message to verify the new value, Amazon Cognito updates the attribute value. Your user can sign in and receive messages with the original attribute value until they verify the new value.


access_token(impl Into<String>) / set_access_token(Option<String>):
required: true
A valid access token that Amazon Cognito issued to the currently signed-in user. Must include a scope claim for aws.cognito.signin.user.admin.


client_metadata(impl Into<String>, impl Into<String>) / set_client_metadata(Option<HashMap::<String, String>>):
required: false
A map of custom key-value pairs that you can provide as input for any custom workflows that this action initiates.
 You create custom workflows by assigning Lambda functions to user pool triggers. When you use the UpdateUserAttributes API action, Amazon Cognito invokes the function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the ClientMetadata parameter in your UpdateUserAttributes request. In your function code in Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs.
 For more information, see  Using Lambda triggers in the Amazon Cognito Developer Guide.
  When you use the ClientMetadata parameter, note that Amazon Cognito won’t do the following:
         Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn’t include triggers, the ClientMetadata parameter serves no purpose.
       Validate the ClientMetadata value.
       Encrypt the ClientMetadata value. Don’t send sensitive information in this parameter.
  
 



On success, responds with UpdateUserAttributesOutput with field(s):

code_delivery_details_list(Option<Vec::<CodeDeliveryDetailsType>>): When the attribute-update request includes an email address or phone number attribute, Amazon Cognito sends a message to users with a code that confirms ownership of the new value that they entered. The CodeDeliveryDetails object is information about the delivery destination for that link or code. This behavior happens in user pools configured to automatically verify changes to those attributes. For more information, see Verifying when users change their email or phone number.


On failure, responds with SdkError<UpdateUserAttributesError>

Source§impl Client

Sourcepub fn update_user_pool(&self) -> UpdateUserPoolFluentBuilder

Constructs a fluent builder for the UpdateUserPool operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool you want to update.


policies(UserPoolPolicyType) / set_policies(Option<UserPoolPolicyType>):
required: false
The password policy and sign-in policy in the user pool. The password policy sets options like password complexity requirements and password history. The sign-in policy sets the options available to applications in choice-based authentication.


deletion_protection(DeletionProtectionType) / set_deletion_protection(Option<DeletionProtectionType>):
required: false
When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.
 When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.


lambda_config(LambdaConfigType) / set_lambda_config(Option<LambdaConfigType>):
required: false
A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.


auto_verified_attributes(VerifiedAttributeType) / set_auto_verified_attributes(Option<Vec::<VerifiedAttributeType>>):
required: false
The attributes that you want your user pool to automatically verify. Possible values: email, phone_number. For more information see Verifying contact information at sign-up.


sms_verification_message(impl Into<String>) / set_sms_verification_message(Option<String>):
required: false
This parameter is no longer used.


email_verification_message(impl Into<String>) / set_email_verification_message(Option<String>):
required: false
This parameter is no longer used.


email_verification_subject(impl Into<String>) / set_email_verification_subject(Option<String>):
required: false
This parameter is no longer used.


verification_message_template(VerificationMessageTemplateType) / set_verification_message_template(Option<VerificationMessageTemplateType>):
required: false
The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.
 Set the email message type that corresponds to your DefaultEmailOption selection. For CONFIRM_WITH_LINK, specify an EmailMessageByLink and leave EmailMessage blank. For CONFIRM_WITH_CODE, specify an EmailMessage and leave EmailMessageByLink blank. When you supply both parameters with either choice, Amazon Cognito returns an error.


sms_authentication_message(impl Into<String>) / set_sms_authentication_message(Option<String>):
required: false
The contents of the SMS message that your user pool sends to users in SMS authentication.


user_attribute_update_settings(UserAttributeUpdateSettingsType) / set_user_attribute_update_settings(Option<UserAttributeUpdateSettingsType>):
required: false
The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users’ email address and phone number attributes. For more information, see  Verifying updates to email addresses and phone numbers.


mfa_configuration(UserPoolMfaType) / set_mfa_configuration(Option<UserPoolMfaType>):
required: false
Sets multi-factor authentication (MFA) to be on, off, or optional. When ON, all users must set up MFA before they can sign in. When OPTIONAL, your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose OPTIONAL.
 When MfaConfiguration is OPTIONAL, managed login doesn’t automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.


device_configuration(DeviceConfigurationType) / set_device_configuration(Option<DeviceConfigurationType>):
required: false
The device-remembering configuration for a user pool. Device remembering or device tracking is a “Remember me on this device” option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see Working with user devices in your user pool. A null value indicates that you have deactivated device remembering in your user pool.
  When you provide a value for any DeviceConfiguration field, you activate the Amazon Cognito device-remembering feature. For more information, see Working with devices.
 

email_configuration(EmailConfigurationType) / set_email_configuration(Option<EmailConfigurationType>):
required: false
The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for email invitation and verification messages from your user pool.


sms_configuration(SmsConfigurationType) / set_sms_configuration(Option<SmsConfigurationType>):
required: false
The SMS configuration with the settings for your Amazon Cognito user pool to send SMS message with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account. For more information see SMS message settings.


user_pool_tags(impl Into<String>, impl Into<String>) / set_user_pool_tags(Option<HashMap::<String, String>>):
required: false
The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.


admin_create_user_config(AdminCreateUserConfigType) / set_admin_create_user_config(Option<AdminCreateUserConfigType>):
required: false
The configuration for administrative creation of users. Includes the template for the invitation message for new users, the duration of temporary passwords, and permitting self-service sign-up.


user_pool_add_ons(UserPoolAddOnsType) / set_user_pool_add_ons(Option<UserPoolAddOnsType>):
required: false
Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to AUDIT. To configure automatic security responses to potentially unwanted traffic to your user pool, set to ENFORCED.
 For more information, see Adding advanced security to a user pool. To activate this setting, your user pool must be on the  Plus tier.


account_recovery_setting(AccountRecoverySettingType) / set_account_recovery_setting(Option<AccountRecoverySettingType>):
required: false
The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn’t qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.


pool_name(impl Into<String>) / set_pool_name(Option<String>):
required: false
The updated name of your user pool.


user_pool_tier(UserPoolTierType) / set_user_pool_tier(Option<UserPoolTierType>):
required: false
The user pool feature plan, or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to ESSENTIALS.




On success, responds with UpdateUserPoolOutput
On failure, responds with SdkError<UpdateUserPoolError>

Source§impl Client

Sourcepub fn update_user_pool_client(&self) -> UpdateUserPoolClientFluentBuilder

Constructs a fluent builder for the UpdateUserPoolClient operation.



The fluent builder is configurable:

user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool where you want to update the app client.


client_id(impl Into<String>) / set_client_id(Option<String>):
required: true
The ID of the app client that you want to update.


client_name(impl Into<String>) / set_client_name(Option<String>):
required: false
A friendly name for the app client.


refresh_token_validity(i32) / set_refresh_token_validity(Option<i32>):
required: false
The refresh token time limit. After this limit expires, your user can’t use their refresh token. To specify the time unit for RefreshTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.
 For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits as days, your user can refresh their session and retrieve new access and ID tokens for 10 days.
 The default time unit for RefreshTokenValidity in an API request is days. You can’t set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. Valid range is displayed below in seconds.
 If you don’t specify otherwise in the configuration of your app client, your refresh tokens are valid for 30 days.


access_token_validity(i32) / set_access_token_validity(Option<i32>):
required: false
The access token time limit. After this limit expires, your user can’t use their access token. To specify the time unit for AccessTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.
 For example, when you set AccessTokenValidity to 10 and TokenValidityUnits to hours, your user can authorize access with their access token for 10 hours.
 The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.
 If you don’t specify otherwise in the configuration of your app client, your access tokens are valid for one hour.


id_token_validity(i32) / set_id_token_validity(Option<i32>):
required: false
The ID token time limit. After this limit expires, your user can’t use their ID token. To specify the time unit for IdTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.
 For example, when you set IdTokenValidity as 10 and TokenValidityUnits as hours, your user can authenticate their session with their ID token for 10 hours.
 The default time unit for IdTokenValidity in an API request is hours. Valid range is displayed below in seconds.
 If you don’t specify otherwise in the configuration of your app client, your ID tokens are valid for one hour.


token_validity_units(TokenValidityUnitsType) / set_token_validity_units(Option<TokenValidityUnitsType>):
required: false
The units that validity times are represented in. The default unit for refresh tokens is days, and the default for ID and access tokens are hours.


read_attributes(impl Into<String>) / set_read_attributes(Option<Vec::<String>>):
required: false
The list of user attributes that you want your app client to have read access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list.
 When you don’t specify the ReadAttributes for your app client, your app can read the values of email_verified, phone_number_verified, and the standard attributes of your user pool. When your user pool app client has read access to these default attributes, ReadAttributes doesn’t return any information. Amazon Cognito only populates ReadAttributes in the API response if you have specified your own custom set of read attributes.


write_attributes(impl Into<String>) / set_write_attributes(Option<Vec::<String>>):
required: false
The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list.
 When you don’t specify the WriteAttributes for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, WriteAttributes doesn’t return any information. Amazon Cognito only populates WriteAttributes in the API response if you have specified your own custom set of write attributes.
 If your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see Specifying IdP Attribute Mappings for Your user pool.


explicit_auth_flows(ExplicitAuthFlowsType) / set_explicit_auth_flows(Option<Vec::<ExplicitAuthFlowsType>>):
required: false
The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.
  If you don’t specify a value for ExplicitAuthFlows, your app client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
  The values for authentication flow options include the following.
      ALLOW_USER_AUTH: Enable selection-based sign-in with USER_AUTH. This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other ExplicitAuthFlows permitting them. For example users can complete an SRP challenge through USER_AUTH without the flow USER_SRP_AUTH being active for the app client. This flow doesn’t include CUSTOM_AUTH.
   To activate this setting, your user pool must be in the  Essentials tier or higher.
     ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
     ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
     ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
     ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
     ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
 
 In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can’t assign these legacy ExplicitAuthFlows values to user pool clients at the same time as values that begin with ALLOW_, like ALLOW_USER_SRP_AUTH.


supported_identity_providers(impl Into<String>) / set_supported_identity_providers(Option<Vec::<String>>):
required: false
A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: COGNITO, Facebook, Google, SignInWithApple, and LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or MyOIDCIdP.
 This parameter sets the IdPs that managed login will display on the login page for your app client. The removal of COGNITO from this list doesn’t prevent authentication operations for local users with the user pools API in an Amazon Web Services SDK. The only way to prevent SDK-based authentication is to block access with a WAF rule.


callback_urls(impl Into<String>) / set_callback_urls(Option<Vec::<String>>):
required: false
A list of allowed redirect, or callback, URLs for managed login authentication. These URLs are the paths where you want to send your users’ browsers after they complete authentication with managed login or a third-party IdP. Typically, callback URLs are the home of an application that uses OAuth or OIDC libraries to process authentication outcomes.
 A redirect URI must meet the following requirements:
      Be an absolute URI.
     Be registered with the authorization server. Amazon Cognito doesn’t accept authorization requests with redirect_uri values that aren’t in the list of CallbackURLs that you provide in this parameter.
     Not include a fragment component.
 
 See OAuth 2.0 - Redirection Endpoint.
 Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
 App callback URLs such as myapp://example are also supported.


logout_urls(impl Into<String>) / set_logout_urls(Option<Vec::<String>>):
required: false
A list of allowed logout URLs for managed login authentication. When you pass logout_uri and client_id parameters to /logout, Amazon Cognito signs out your user and redirects them to the logout URL. This parameter describes the URLs that you want to be the permitted targets of logout_uri. A typical use of these URLs is when a user selects “Sign out” and you redirect them to your public homepage. For more information, see Logout endpoint.


default_redirect_uri(impl Into<String>) / set_default_redirect_uri(Option<String>):
required: false
The default redirect URI. In app clients with one assigned IdP, replaces redirect_uri in authentication requests. Must be in the CallbackURLs list.


allowed_o_auth_flows(OAuthFlowType) / set_allowed_o_auth_flows(Option<Vec::<OAuthFlowType>>):
required: false
The OAuth grant types that you want your app client to generate. To create an app client that generates client credentials grants, you must add client_credentials as the only allowed OAuth flow.
      code  
     Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the /oauth2/token endpoint.
  
     implicit  
     Issue the access token (and, optionally, ID token, based on scopes) directly to your user.
  
     client_credentials  
     Issue the access token from the /oauth2/token endpoint directly to a non-person user using a combination of the client ID and client secret.
  
 


allowed_o_auth_scopes(impl Into<String>) / set_allowed_o_auth_scopes(Option<Vec::<String>>):
required: false
The OAuth, OpenID Connect (OIDC), and custom scopes that you want to permit your app client to authorize access with. Scopes govern access control to user pool self-service API operations, user data from the userInfo endpoint, and third-party APIs. Scope values include phone, email, openid, and profile. The aws.cognito.signin.user.admin scope authorizes user self-service operations. Custom scopes with resource servers authorize access to external APIs.


allowed_o_auth_flows_user_pool_client(bool) / set_allowed_o_auth_flows_user_pool_client(Option<bool>):
required: false
Set to true to use OAuth 2.0 authorization server features in your app client.
 This parameter must have a value of true before you can configure the following features in your app client.
      CallBackURLs: Callback URLs.
     LogoutURLs: Sign-out redirect URLs.
     AllowedOAuthScopes: OAuth 2.0 scopes.
     AllowedOAuthFlows: Support for authorization code, implicit, and client credentials OAuth 2.0 grants.
 
 To use authorization server features, configure one of these features in the Amazon Cognito console or set AllowedOAuthFlowsUserPoolClient to true in a CreateUserPoolClient or UpdateUserPoolClient API request. If you don’t set a value for AllowedOAuthFlowsUserPoolClient in a request with the CLI or SDKs, it defaults to false. When false, only SDK-based API sign-in is permitted.


analytics_configuration(AnalyticsConfigurationType) / set_analytics_configuration(Option<AnalyticsConfigurationType>):
required: false
The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.
 In Amazon Web Services Regions where Amazon Pinpoint isn’t available, user pools might not have access to analytics or might be configurable with campaigns in the US East (N. Virginia) Region. For more information, see Using Amazon Pinpoint analytics.


prevent_user_existence_errors(PreventUserExistenceErrorTypes) / set_prevent_user_existence_errors(Option<PreventUserExistenceErrorTypes>):
required: false
When ENABLED, suppresses messages that might indicate a valid user exists when someone attempts sign-in. This parameters sets your preference for the errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn’t exist in the user pool. When set to ENABLED and the user doesn’t exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs return a UserNotFoundException exception if the user doesn’t exist in the user pool.
 Defaults to LEGACY.


enable_token_revocation(bool) / set_enable_token_revocation(Option<bool>):
required: false
Activates or deactivates token revocation in the target app client.


enable_propagate_additional_user_context_data(bool) / set_enable_propagate_additional_user_context_data(Option<bool>):
required: false
When true, your application can include additional UserContextData in authentication requests. This data includes the IP address, and contributes to analysis by threat protection features. For more information about propagation of user context data, see Adding session data to API requests. If you don’t include this parameter, you can’t send the source IP address to Amazon Cognito threat protection features. You can only activate EnablePropagateAdditionalUserContextData in an app client that has a client secret.


auth_session_validity(i32) / set_auth_session_validity(Option<i32>):
required: false
Amazon Cognito creates a session token for each API request in an authentication flow. AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.


refresh_token_rotation(RefreshTokenRotationType) / set_refresh_token_rotation(Option<RefreshTokenRotationType>):
required: false
The configuration of your app client for refresh token rotation. When enabled, your app client issues new ID, access, and refresh tokens when users renew their sessions with refresh tokens. When disabled, token refresh issues only ID and access tokens.




On success, responds with UpdateUserPoolClientOutput with field(s):

user_pool_client(Option<UserPoolClientType>): The updated details of your app client.


On failure, responds with SdkError<UpdateUserPoolClientError>

Source§impl Client

Sourcepub fn update_user_pool_domain(&self) -> UpdateUserPoolDomainFluentBuilder

Constructs a fluent builder for the UpdateUserPoolDomain operation.



The fluent builder is configurable:

domain(impl Into<String>) / set_domain(Option<String>):
required: true
The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example auth.example.com. For prefix domains, this is the prefix alone, such as myprefix.


user_pool_id(impl Into<String>) / set_user_pool_id(Option<String>):
required: true
The ID of the user pool that is associated with the domain you’re updating.


managed_login_version(i32) / set_managed_login_version(Option<i32>):
required: false
A version number that indicates the state of managed login for your domain. Version 1 is hosted UI (classic). Version 2 is the newer managed login with the branding designer. For more information, see Managed login.


custom_domain_config(CustomDomainConfigType) / set_custom_domain_config(Option<CustomDomainConfigType>):
required: false
The configuration for a custom domain that hosts managed login for your application. In an UpdateUserPoolDomain request, this parameter specifies an SSL certificate for the managed login hosted webserver. The certificate must be an ACM ARN in us-east-1.
 When you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain.




On success, responds with UpdateUserPoolDomainOutput with field(s):

managed_login_version(Option<i32>): A version number that indicates the state of managed login for your domain. Version 1 is hosted UI (classic). Version 2 is the newer managed login with the branding designer. For more information, see Managed login.
cloud_front_domain(Option<String>): The fully-qualified domain name (FQDN) of the Amazon CloudFront distribution that hosts your managed login or classic hosted UI pages. You domain-name authority must have an alias record that points requests for your custom domain to this FQDN. Amazon Cognito returns this value if you set a custom domain with CustomDomainConfig. If you set an Amazon Cognito prefix domain, this operation returns a blank response.


On failure, responds with SdkError<UpdateUserPoolDomainError>

Source§impl Client

Sourcepub fn verify_software_token(&self) -> VerifySoftwareTokenFluentBuilder

Constructs a fluent builder for the VerifySoftwareToken operation.



The fluent builder is configurable:

access_token(impl Into<String>) / set_access_token(Option<String>):
required: false
A valid access token that Amazon Cognito issued to the currently signed-in user. Must include a scope claim for aws.cognito.signin.user.admin.


session(impl Into<String>) / set_session(Option<String>):
required: false
The session ID from an AssociateSoftwareToken request.


user_code(impl Into<String>) / set_user_code(Option<String>):
required: true
A TOTP that the user generated in their configured authenticator app.


friendly_device_name(impl Into<String>) / set_friendly_device_name(Option<String>):
required: false
A friendly name for the device that’s running the TOTP authenticator.




On success, responds with VerifySoftwareTokenOutput with field(s):

status(Option<VerifySoftwareTokenResponseType>): Amazon Cognito can accept or reject the code that you provide. This response parameter indicates the success of TOTP verification. Some reasons that this operation might return an error are clock skew on the user’s device and excessive retries.
session(Option<String>): This session ID satisfies an MFA_SETUP challenge. Supply the session ID in your challenge response.


On failure, responds with SdkError<VerifySoftwareTokenError>

Source§impl Client

Sourcepub fn verify_user_attribute(&self) -> VerifyUserAttributeFluentBuilder

Constructs a fluent builder for the VerifyUserAttribute operation.



The fluent builder is configurable:

access_token(impl Into<String>) / set_access_token(Option<String>):
required: true
A valid access token that Amazon Cognito issued to the currently signed-in user. Must include a scope claim for aws.cognito.signin.user.admin.


attribute_name(impl Into<String>) / set_attribute_name(Option<String>):
required: true
The name of the attribute that you want to verify.


code(impl Into<String>) / set_code(Option<String>):
required: true
The verification code that your user pool sent to the added or changed attribute, for example the user’s email address.




On success, responds with VerifyUserAttributeOutput
On failure, responds with SdkError<VerifyUserAttributeError>

Source§impl Client

Sourcepub fn from_conf(conf: Config) -> Self

Creates a new client from the service Config.


§Panics
This method will panic in the following cases:

Retries or timeouts are enabled without a sleep_impl configured.
Identity caching is enabled without a sleep_impl and time_source configured.
No behavior_version is provided.

The panic message for each of these will have instructions on how to resolve them.

Sourcepub fn config(&self) -> &Config

Returns the client’s configuration.

Source§impl Client

Sourcepub fn new(sdk_config: &SdkConfig) -> Self

Creates a new client from an SDK Config.


§Panics

This method will panic if the sdk_config is missing an async sleep implementation. If you experience this panic, set
the sleep_impl on the Config passed into this function to fix it.
This method will panic if the sdk_config is missing an HTTP connector. If you experience this panic, set the
http_connector on the Config passed into this function to fix it.
This method will panic if no BehaviorVersion is provided. If you experience this panic, set behavior_version on the Config or enable the behavior-version-latest Cargo feature.

`Trait Implementations§`

Source§impl Clone for Client

Source§fn clone(&self) -> Client

Returns a duplicate of the value. Read more

1.0.0 · Source§const fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Source§impl Debug for Client

Source§fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

`Auto Trait Implementations§`

§impl Freeze for Client

§impl !RefUnwindSafe for Client

§impl Send for Client

§impl Sync for Client

§impl Unpin for Client

§impl !UnwindSafe for Client

`Blanket Implementations§`

Source§impl<T> Any for Twhere
    T: 'static + ?Sized,

Source§fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

Source§impl<T> Borrow<T> for Twhere
    T: ?Sized,

Source§fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

Source§impl<T> BorrowMut<T> for Twhere
    T: ?Sized,

Source§fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

Source§impl<T> CloneToUninit for Twhere
    T: Clone,

Source§unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)Performs copy-assignment from self to dest. Read more

Source§impl<T> From<T> for T

Source§fn from(t: T) -> T

Returns the argument unchanged.

Source§impl<T> Instrument for T

Source§fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an
Instrumented wrapper. Read more

Source§fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an
Instrumented wrapper. Read more

Source§impl<T, U> Into<U> for Twhere
    U: From<T>,

Source§fn into(self) -> U

Calls U::from(self).


That is, this conversion is whatever the implementation of
From<T> for U chooses to do.

Source§impl<T> IntoEither for T

Source§fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more

Source§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>where
    F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more

Source§impl<Unshared, Shared> IntoShared<Shared> for Unsharedwhere
    Shared: FromUnshared<Unshared>,

Source§fn into_shared(self) -> Shared

Creates a shared type from an unshared type.

Source§impl<T> Paint for Twhere
    T: ?Sized,

Source§fn fg(&self, value: Color) -> Painted<&T>

Returns a styled value derived from self with the foreground set to value.


This method should be used rarely. Instead, prefer to use color-specific
builder methods like red() and
green(), which have the same functionality but are
pithier.
§Example
Set foreground color to white using fg():

use yansi::{Paint, Color};

painted.fg(Color::White);
Set foreground color to white using white().

use yansi::Paint;

painted.white();

Source§fn primary(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: Primary].


§Example
println!("{}", value.primary());

Source§fn fixed(&self, color: u8) -> Painted<&T>

Returns self with the fg() set to [Color :: Fixed].


§Example
println!("{}", value.fixed(color));

Source§fn rgb(&self, r: u8, g: u8, b: u8) -> Painted<&T>

Returns self with the fg() set to [Color :: Rgb].


§Example
println!("{}", value.rgb(r, g, b));

Source§fn black(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: Black].


§Example
println!("{}", value.black());

Source§fn red(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: Red].


§Example
println!("{}", value.red());

Source§fn green(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: Green].


§Example
println!("{}", value.green());

Source§fn yellow(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: Yellow].


§Example
println!("{}", value.yellow());

Source§fn blue(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: Blue].


§Example
println!("{}", value.blue());

Source§fn magenta(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: Magenta].


§Example
println!("{}", value.magenta());

Source§fn cyan(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: Cyan].


§Example
println!("{}", value.cyan());

Source§fn white(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: White].


§Example
println!("{}", value.white());

Source§fn bright_black(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: BrightBlack].


§Example
println!("{}", value.bright_black());

Source§fn bright_red(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: BrightRed].


§Example
println!("{}", value.bright_red());

Source§fn bright_green(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: BrightGreen].


§Example
println!("{}", value.bright_green());

Source§fn bright_yellow(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: BrightYellow].


§Example
println!("{}", value.bright_yellow());

Source§fn bright_blue(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: BrightBlue].


§Example
println!("{}", value.bright_blue());

Source§fn bright_magenta(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: BrightMagenta].


§Example
println!("{}", value.bright_magenta());

Source§fn bright_cyan(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: BrightCyan].


§Example
println!("{}", value.bright_cyan());

Source§fn bright_white(&self) -> Painted<&T>

Returns self with the fg() set to [Color :: BrightWhite].


§Example
println!("{}", value.bright_white());

Source§fn bg(&self, value: Color) -> Painted<&T>

Returns a styled value derived from self with the background set to value.


This method should be used rarely. Instead, prefer to use color-specific
builder methods like on_red() and
on_green(), which have the same functionality but
are pithier.
§Example
Set background color to red using fg():

use yansi::{Paint, Color};

painted.bg(Color::Red);
Set background color to red using on_red().

use yansi::Paint;

painted.on_red();

Source§fn on_primary(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: Primary].


§Example
println!("{}", value.on_primary());

Source§fn on_fixed(&self, color: u8) -> Painted<&T>

Returns self with the bg() set to [Color :: Fixed].


§Example
println!("{}", value.on_fixed(color));

Source§fn on_rgb(&self, r: u8, g: u8, b: u8) -> Painted<&T>

Returns self with the bg() set to [Color :: Rgb].


§Example
println!("{}", value.on_rgb(r, g, b));

Source§fn on_black(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: Black].


§Example
println!("{}", value.on_black());

Source§fn on_red(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: Red].


§Example
println!("{}", value.on_red());

Source§fn on_green(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: Green].


§Example
println!("{}", value.on_green());

Source§fn on_yellow(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: Yellow].


§Example
println!("{}", value.on_yellow());

Source§fn on_blue(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: Blue].


§Example
println!("{}", value.on_blue());

Source§fn on_magenta(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: Magenta].


§Example
println!("{}", value.on_magenta());

Source§fn on_cyan(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: Cyan].


§Example
println!("{}", value.on_cyan());

Source§fn on_white(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: White].


§Example
println!("{}", value.on_white());

Source§fn on_bright_black(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: BrightBlack].


§Example
println!("{}", value.on_bright_black());

Source§fn on_bright_red(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: BrightRed].


§Example
println!("{}", value.on_bright_red());

Source§fn on_bright_green(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: BrightGreen].


§Example
println!("{}", value.on_bright_green());

Source§fn on_bright_yellow(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: BrightYellow].


§Example
println!("{}", value.on_bright_yellow());

Source§fn on_bright_blue(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: BrightBlue].


§Example
println!("{}", value.on_bright_blue());

Source§fn on_bright_magenta(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: BrightMagenta].


§Example
println!("{}", value.on_bright_magenta());

Source§fn on_bright_cyan(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: BrightCyan].


§Example
println!("{}", value.on_bright_cyan());

Source§fn on_bright_white(&self) -> Painted<&T>

Returns self with the bg() set to [Color :: BrightWhite].


§Example
println!("{}", value.on_bright_white());

Source§fn attr(&self, value: Attribute) -> Painted<&T>

Enables the styling Attribute value.


This method should be used rarely. Instead, prefer to use
attribute-specific builder methods like bold() and
underline(), which have the same functionality
but are pithier.
§Example
Make text bold using attr():

use yansi::{Paint, Attribute};

painted.attr(Attribute::Bold);
Make text bold using using bold().

use yansi::Paint;

painted.bold();

Source§fn bold(&self) -> Painted<&T>

Returns self with the attr() set to [Attribute :: Bold].


§Example
println!("{}", value.bold());

Source§fn dim(&self) -> Painted<&T>

Returns self with the attr() set to [Attribute :: Dim].


§Example
println!("{}", value.dim());

Source§fn italic(&self) -> Painted<&T>

Returns self with the attr() set to [Attribute :: Italic].


§Example
println!("{}", value.italic());

Source§fn underline(&self) -> Painted<&T>

Returns self with the attr() set to [Attribute :: Underline].


§Example
println!("{}", value.underline());

Source§fn blink(&self) -> Painted<&T>

Returns self with the attr() set to [Attribute :: Blink].


§Example
println!("{}", value.blink());

Source§fn rapid_blink(&self) -> Painted<&T>

Returns self with the attr() set to [Attribute :: RapidBlink].


§Example
println!("{}", value.rapid_blink());

Source§fn invert(&self) -> Painted<&T>

Returns self with the attr() set to [Attribute :: Invert].


§Example
println!("{}", value.invert());

Source§fn conceal(&self) -> Painted<&T>

Returns self with the attr() set to [Attribute :: Conceal].


§Example
println!("{}", value.conceal());

Source§fn strike(&self) -> Painted<&T>

Returns self with the attr() set to [Attribute :: Strike].


§Example
println!("{}", value.strike());

Source§fn quirk(&self, value: Quirk) -> Painted<&T>

Enables the yansi Quirk value.


This method should be used rarely. Instead, prefer to use quirk-specific
builder methods like mask() and
wrap(), which have the same functionality but are
pithier.
§Example
Enable wrapping using .quirk():

use yansi::{Paint, Quirk};

painted.quirk(Quirk::Wrap);
Enable wrapping using wrap().

use yansi::Paint;

painted.wrap();

Source§fn mask(&self) -> Painted<&T>

Returns self with the quirk() set to [Quirk :: Mask].


§Example
println!("{}", value.mask());

Source§fn wrap(&self) -> Painted<&T>

Returns self with the quirk() set to [Quirk :: Wrap].


§Example
println!("{}", value.wrap());

Source§fn linger(&self) -> Painted<&T>

Returns self with the quirk() set to [Quirk :: Linger].


§Example
println!("{}", value.linger());

Source§fn clear(&self) -> Painted<&T>

👎Deprecated since 1.0.1: renamed to resetting() due to conflicts with Vec::clear().
The clear() method will be removed in a future release.

Returns self with the quirk() set to [Quirk :: Clear].


§Example
println!("{}", value.clear());

Source§fn resetting(&self) -> Painted<&T>

Returns self with the quirk() set to [Quirk :: Resetting].


§Example
println!("{}", value.resetting());

Source§fn bright(&self) -> Painted<&T>

Returns self with the quirk() set to [Quirk :: Bright].


§Example
println!("{}", value.bright());

Source§fn on_bright(&self) -> Painted<&T>

Returns self with the quirk() set to [Quirk :: OnBright].


§Example
println!("{}", value.on_bright());

Source§fn whenever(&self, value: Condition) -> Painted<&T>

Conditionally enable styling based on whether the Condition value applies. Replaces any previous condition.


See the crate level docs for more details.
§Example
Enable styling painted only when both stdout and stderr are TTYs:

use yansi::{Paint, Condition};

painted.red().on_yellow().whenever(Condition::STDOUTERR_ARE_TTY);

Source§fn new(self) -> Painted<Self>where
    Self: Sized,

Create a new Painted with a default Style. Read more

Source§fn paint<S>(&self, style: S) -> Painted<&Self>where
    S: Into<Style>,

Apply a style wholesale to self. Any previous style is replaced. Read more

Source§impl<T> Same for T

Source§type Output = T

Should always be Self

Source§impl<T> ToOwned for Twhere
    T: Clone,

Source§type Owned = T

The resulting type after obtaining ownership.

Source§fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

Source§fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

Source§impl<T, U> TryFrom<U> for Twhere
    U: Into<T>,

Source§type Error = Infallible

The type returned in the event of a conversion error.

Source§fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

Source§impl<T, U> TryInto<U> for Twhere
    U: TryFrom<T>,

Source§type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

Source§fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

Source§impl<T> WithSubscriber for T

Source§fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where
    S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a
WithDispatch wrapper. Read more

Source§fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a
WithDispatch wrapper. Read more

Source§impl<T> ErasedDestructor for Twhere
    T: 'static,

Struct ClientCopy item path

§Constructing a Client

§Using the Client

Implementations§

impl Client

pub fn add_custom_attributes(&self) -> AddCustomAttributesFluentBuilder

impl Client

pub fn admin_add_user_to_group(&self) -> AdminAddUserToGroupFluentBuilder

impl Client

pub fn admin_confirm_sign_up(&self) -> AdminConfirmSignUpFluentBuilder

impl Client

pub fn admin_create_user(&self) -> AdminCreateUserFluentBuilder

impl Client

pub fn admin_delete_user(&self) -> AdminDeleteUserFluentBuilder

impl Client

pub fn admin_delete_user_attributes( &self, ) -> AdminDeleteUserAttributesFluentBuilder

impl Client

pub fn admin_disable_provider_for_user( &self, ) -> AdminDisableProviderForUserFluentBuilder

impl Client

pub fn admin_disable_user(&self) -> AdminDisableUserFluentBuilder

impl Client

pub fn admin_enable_user(&self) -> AdminEnableUserFluentBuilder

impl Client

pub fn admin_forget_device(&self) -> AdminForgetDeviceFluentBuilder

impl Client

pub fn admin_get_device(&self) -> AdminGetDeviceFluentBuilder

impl Client

pub fn admin_get_user(&self) -> AdminGetUserFluentBuilder

impl Client

pub fn admin_initiate_auth(&self) -> AdminInitiateAuthFluentBuilder

impl Client

pub fn admin_link_provider_for_user( &self, ) -> AdminLinkProviderForUserFluentBuilder

impl Client

pub fn admin_list_devices(&self) -> AdminListDevicesFluentBuilder

impl Client

pub fn admin_list_groups_for_user(&self) -> AdminListGroupsForUserFluentBuilder

impl Client

pub fn admin_list_user_auth_events( &self, ) -> AdminListUserAuthEventsFluentBuilder

impl Client

pub fn admin_remove_user_from_group( &self, ) -> AdminRemoveUserFromGroupFluentBuilder

impl Client

pub fn admin_reset_user_password(&self) -> AdminResetUserPasswordFluentBuilder

impl Client

pub fn admin_respond_to_auth_challenge( &self, ) -> AdminRespondToAuthChallengeFluentBuilder

impl Client

pub fn admin_set_user_mfa_preference( &self, ) -> AdminSetUserMFAPreferenceFluentBuilder

impl Client

pub fn admin_set_user_password(&self) -> AdminSetUserPasswordFluentBuilder

impl Client

pub fn admin_set_user_settings(&self) -> AdminSetUserSettingsFluentBuilder

impl Client

pub fn admin_update_auth_event_feedback( &self, ) -> AdminUpdateAuthEventFeedbackFluentBuilder

impl Client

pub fn admin_update_device_status(&self) -> AdminUpdateDeviceStatusFluentBuilder

impl Client

pub fn admin_update_user_attributes( &self, ) -> AdminUpdateUserAttributesFluentBuilder

impl Client

pub fn admin_user_global_sign_out(&self) -> AdminUserGlobalSignOutFluentBuilder

impl Client

pub fn associate_software_token(&self) -> AssociateSoftwareTokenFluentBuilder

impl Client

pub fn change_password(&self) -> ChangePasswordFluentBuilder

impl Client

pub fn complete_web_authn_registration( &self, ) -> CompleteWebAuthnRegistrationFluentBuilder

impl Client

pub fn confirm_device(&self) -> ConfirmDeviceFluentBuilder

impl Client

pub fn confirm_forgot_password(&self) -> ConfirmForgotPasswordFluentBuilder

impl Client

pub fn confirm_sign_up(&self) -> ConfirmSignUpFluentBuilder

impl Client

pub fn create_group(&self) -> CreateGroupFluentBuilder

impl Client

pub fn create_identity_provider(&self) -> CreateIdentityProviderFluentBuilder

impl Client

pub fn create_managed_login_branding( &self, ) -> CreateManagedLoginBrandingFluentBuilder

impl Client

pub fn create_resource_server(&self) -> CreateResourceServerFluentBuilder

impl Client

pub fn create_user_import_job(&self) -> CreateUserImportJobFluentBuilder

Struct Client

§Constructing a `Client`

§Using the `Client`