[][src]Crate rusoto_cognito_identity

Amazon Cognito

Amazon Cognito is a web service that delivers scoped temporary credentials to mobile devices and other untrusted environments. Amazon Cognito uniquely identifies a device and supplies the user with a consistent identity over the lifetime of an application.

Using Amazon Cognito, you can enable authentication with one or more third-party identity providers (Facebook, Google, or Login with Amazon), and you can also choose to support unauthenticated access from your app. Cognito delivers a unique identifier for each user and acts as an OpenID token provider trusted by AWS Security Token Service (STS) to access temporary, limited-privilege AWS credentials.

To provide end-user credentials, first make an unsigned call to GetId. If the end user is authenticated with one of the supported identity providers, set the Logins map with the identity provider token. GetId returns a unique identifier for the user.

Next, make an unsigned call to GetCredentialsForIdentity. This call expects the same Logins map as the GetId call, as well as the IdentityID originally returned by GetId. Assuming your identity pool has been configured via the SetIdentityPoolRoles operation, GetCredentialsForIdentity will return AWS credentials for your use. If your pool has not been configured with SetIdentityPoolRoles, or if you want to follow legacy flow, make an unsigned call to GetOpenIdToken, which returns the OpenID token necessary to call STS and retrieve AWS credentials. This call expects the same Logins map as the GetId call, as well as the IdentityID originally returned by GetId. The token returned by GetOpenIdToken can be passed to the STS operation AssumeRoleWithWebIdentity to retrieve AWS credentials.

If you want to use Amazon Cognito in an Android, iOS, or Unity application, you will probably want to make API calls via the AWS Mobile SDK. To learn more, see the AWS Mobile SDK Developer Guide.

If you're using the service, you're probably looking for CognitoIdentityClient and CognitoIdentity.

Structs

CognitoIdentityClient

A client for the Amazon Cognito Identity API.

CognitoIdentityProvider

A provider representing an Amazon Cognito Identity User Pool and its client ID.

CreateIdentityPoolInput

Input to the CreateIdentityPool action.

Credentials

Credentials for the provided identity ID.

DeleteIdentitiesInput

Input to the DeleteIdentities action.

DeleteIdentitiesResponse

Returned in response to a successful DeleteIdentities operation.

DeleteIdentityPoolInput

Input to the DeleteIdentityPool action.

DescribeIdentityInput

Input to the DescribeIdentity action.

DescribeIdentityPoolInput

Input to the DescribeIdentityPool action.

GetCredentialsForIdentityInput

Input to the GetCredentialsForIdentity action.

GetCredentialsForIdentityResponse

Returned in response to a successful GetCredentialsForIdentity operation.

GetIdInput

Input to the GetId action.

GetIdResponse

Returned in response to a GetId request.

GetIdentityPoolRolesInput

Input to the GetIdentityPoolRoles action.

GetIdentityPoolRolesResponse

Returned in response to a successful GetIdentityPoolRoles operation.

GetOpenIdTokenForDeveloperIdentityInput

Input to the GetOpenIdTokenForDeveloperIdentity action.

GetOpenIdTokenForDeveloperIdentityResponse

Returned in response to a successful GetOpenIdTokenForDeveloperIdentity request.

GetOpenIdTokenInput

Input to the GetOpenIdToken action.

GetOpenIdTokenResponse

Returned in response to a successful GetOpenIdToken request.

IdentityDescription

A description of the identity.

IdentityPool

An object representing an Amazon Cognito identity pool.

IdentityPoolShortDescription

A description of the identity pool.

ListIdentitiesInput

Input to the ListIdentities action.

ListIdentitiesResponse

The response to a ListIdentities request.

ListIdentityPoolsInput

Input to the ListIdentityPools action.

ListIdentityPoolsResponse

The result of a successful ListIdentityPools action.

LookupDeveloperIdentityInput

Input to the LookupDeveloperIdentityInput action.

LookupDeveloperIdentityResponse

Returned in response to a successful LookupDeveloperIdentity action.

MappingRule

A rule that maps a claim name, a claim value, and a match type to a role ARN.

MergeDeveloperIdentitiesInput

Input to the MergeDeveloperIdentities action.

MergeDeveloperIdentitiesResponse

Returned in response to a successful MergeDeveloperIdentities action.

RoleMapping

A role mapping.

RulesConfigurationType

A container for rules.

SetIdentityPoolRolesInput

Input to the SetIdentityPoolRoles action.

UnlinkDeveloperIdentityInput

Input to the UnlinkDeveloperIdentity action.

UnlinkIdentityInput

Input to the UnlinkIdentity action.

UnprocessedIdentityId

An array of UnprocessedIdentityId objects, each of which contains an ErrorCode and IdentityId.

Enums

CreateIdentityPoolError

Errors returned by CreateIdentityPool

DeleteIdentitiesError

Errors returned by DeleteIdentities

DeleteIdentityPoolError

Errors returned by DeleteIdentityPool

DescribeIdentityError

Errors returned by DescribeIdentity

DescribeIdentityPoolError

Errors returned by DescribeIdentityPool

GetCredentialsForIdentityError

Errors returned by GetCredentialsForIdentity

GetIdError

Errors returned by GetId

GetIdentityPoolRolesError

Errors returned by GetIdentityPoolRoles

GetOpenIdTokenError

Errors returned by GetOpenIdToken

GetOpenIdTokenForDeveloperIdentityError

Errors returned by GetOpenIdTokenForDeveloperIdentity

ListIdentitiesError

Errors returned by ListIdentities

ListIdentityPoolsError

Errors returned by ListIdentityPools

LookupDeveloperIdentityError

Errors returned by LookupDeveloperIdentity

MergeDeveloperIdentitiesError

Errors returned by MergeDeveloperIdentities

SetIdentityPoolRolesError

Errors returned by SetIdentityPoolRoles

UnlinkDeveloperIdentityError

Errors returned by UnlinkDeveloperIdentity

UnlinkIdentityError

Errors returned by UnlinkIdentity

UpdateIdentityPoolError

Errors returned by UpdateIdentityPool

Traits

CognitoIdentity

Trait representing the capabilities of the Amazon Cognito Identity API. Amazon Cognito Identity clients implement this trait.