// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
impl super::Client {
    /// Constructs a fluent builder for the [`AdminLinkProviderForUser`](crate::operation::admin_link_provider_for_user::builders::AdminLinkProviderForUserFluentBuilder) operation.
    ///
    /// - The fluent builder is configurable:
    ///   - [`user_pool_id(impl Into<String>)`](crate::operation::admin_link_provider_for_user::builders::AdminLinkProviderForUserFluentBuilder::user_pool_id) / [`set_user_pool_id(Option<String>)`](crate::operation::admin_link_provider_for_user::builders::AdminLinkProviderForUserFluentBuilder::set_user_pool_id):<br>required: **true**<br><p>The user pool ID for the user pool.</p><br>
    ///   - [`destination_user(ProviderUserIdentifierType)`](crate::operation::admin_link_provider_for_user::builders::AdminLinkProviderForUserFluentBuilder::destination_user) / [`set_destination_user(Option<ProviderUserIdentifierType>)`](crate::operation::admin_link_provider_for_user::builders::AdminLinkProviderForUserFluentBuilder::set_destination_user):<br>required: **true**<br><p>The existing user in the user pool that you want to assign to the external IdP user account. This user can be a local (Username + Password) Amazon Cognito user pools user or a federated user (for example, a SAML or Facebook user). If the user doesn't exist, Amazon Cognito generates an exception. Amazon Cognito returns this user when the new user (with the linked IdP attribute) signs in.</p> <p>For a native username + password user, the <code>ProviderAttributeValue</code> for the <code>DestinationUser</code> should be the username in the user pool. For a federated user, it should be the provider-specific <code>user_id</code>.</p> <p>The <code>ProviderAttributeName</code> of the <code>DestinationUser</code> is ignored.</p> <p>The <code>ProviderName</code> should be set to <code>Cognito</code> for users in Cognito user pools.</p><important>  <p>All attributes in the DestinationUser profile must be mutable. If you have assigned the user any immutable custom attributes, the operation won't succeed.</p> </important><br>
    ///   - [`source_user(ProviderUserIdentifierType)`](crate::operation::admin_link_provider_for_user::builders::AdminLinkProviderForUserFluentBuilder::source_user) / [`set_source_user(Option<ProviderUserIdentifierType>)`](crate::operation::admin_link_provider_for_user::builders::AdminLinkProviderForUserFluentBuilder::set_source_user):<br>required: **true**<br><p>An external IdP account for a user who doesn't exist yet in the user pool. This user must be a federated user (for example, a SAML or Facebook user), not another native user.</p> <p>If the <code>SourceUser</code> is using a federated social IdP, such as Facebook, Google, or Login with Amazon, you must set the <code>ProviderAttributeName</code> to <code>Cognito_Subject</code>. For social IdPs, the <code>ProviderName</code> will be <code>Facebook</code>, <code>Google</code>, or <code>LoginWithAmazon</code>, and Amazon Cognito will automatically parse the Facebook, Google, and Login with Amazon tokens for <code>id</code>, <code>sub</code>, and <code>user_id</code>, respectively. The <code>ProviderAttributeValue</code> for the user must be the same value as the <code>id</code>, <code>sub</code>, or <code>user_id</code> value found in the social IdP token.</p> <p></p> <p>For OIDC, the <code>ProviderAttributeName</code> can be any value that matches a claim in the ID token, or that your app retrieves from the <code>userInfo</code> endpoint. You must map the claim to a user pool attribute in your IdP configuration, and set the user pool attribute name as the value of <code>ProviderAttributeName</code> in your <code>AdminLinkProviderForUser</code> request.</p> <p>For SAML, the <code>ProviderAttributeName</code> can be any value that matches a claim in the SAML assertion. To link SAML users based on the subject of the SAML assertion, map the subject to a claim through the SAML IdP and set that claim name as the value of <code>ProviderAttributeName</code> in your <code>AdminLinkProviderForUser</code> request.</p> <p>For both OIDC and SAML users, when you set <code>ProviderAttributeName</code> to <code>Cognito_Subject</code>, Amazon Cognito will automatically parse the default unique identifier found in the subject from the IdP token.</p><br>
    /// - On success, responds with [`AdminLinkProviderForUserOutput`](crate::operation::admin_link_provider_for_user::AdminLinkProviderForUserOutput)
    /// - On failure, responds with [`SdkError<AdminLinkProviderForUserError>`](crate::operation::admin_link_provider_for_user::AdminLinkProviderForUserError)
    pub fn admin_link_provider_for_user(&self) -> crate::operation::admin_link_provider_for_user::builders::AdminLinkProviderForUserFluentBuilder {
        crate::operation::admin_link_provider_for_user::builders::AdminLinkProviderForUserFluentBuilder::new(self.handle.clone())
    }
}