Expand description
Using the Amazon Cognito User Pools API, you can create a user pool to manage directories and users. You can authenticate a user to obtain tokens related to user identity and access policies.
This API reference provides information about user pools in Amazon Cognito User Pools.
For more information, see the Amazon Cognito Documentation.
If you’re using the service, you’re probably looking for CognitoIdentityProviderClient and CognitoIdentityProvider.
Structs§
- Account
Recovery Setting Type The data type for
AccountRecoverySetting.- Account
Takeover Action Type Account takeover action type.
- Account
Takeover Actions Type Account takeover actions type.
- Account
Takeover Risk Configuration Type Configuration for mitigation actions and notification for different levels of risk detected for a potential account takeover.
- AddCustom
Attributes Request Represents the request to add custom attributes.
- AddCustom
Attributes Response Represents the response from the server for the request to add custom attributes.
- Admin
AddUser ToGroup Request - Admin
Confirm Sign UpRequest Represents the request to confirm user registration.
- Admin
Confirm Sign UpResponse Represents the response from the server for the request to confirm registration.
- Admin
Create User Config Type The configuration for creating a new user profile.
- Admin
Create User Request Represents the request to create a user in the specified user pool.
- Admin
Create User Response Represents the response from the server to the request to create the user.
- Admin
Delete User Attributes Request Represents the request to delete user attributes as an administrator.
- Admin
Delete User Attributes Response Represents the response received from the server for a request to delete user attributes.
- Admin
Delete User Request Represents the request to delete a user as an administrator.
- Admin
Disable Provider ForUser Request - Admin
Disable Provider ForUser Response - Admin
Disable User Request Represents the request to disable any user as an administrator.
- Admin
Disable User Response Represents the response received from the server to disable the user as an administrator.
- Admin
Enable User Request Represents the request that enables the user as an administrator.
- Admin
Enable User Response Represents the response from the server for the request to enable a user as an administrator.
- Admin
Forget Device Request Sends the forgot device request, as an administrator.
- Admin
GetDevice Request Represents the request to get the device, as an administrator.
- Admin
GetDevice Response Gets the device response, as an administrator.
- Admin
GetUser Request Represents the request to get the specified user as an administrator.
- Admin
GetUser Response Represents the response from the server from the request to get the specified user as an administrator.
- Admin
Initiate Auth Request Initiates the authorization request, as an administrator.
- Admin
Initiate Auth Response Initiates the authentication response, as an administrator.
- Admin
Link Provider ForUser Request - Admin
Link Provider ForUser Response - Admin
List Devices Request Represents the request to list devices, as an administrator.
- Admin
List Devices Response Lists the device's response, as an administrator.
- Admin
List Groups ForUser Request - Admin
List Groups ForUser Response - Admin
List User Auth Events Request - Admin
List User Auth Events Response - Admin
Remove User From Group Request - Admin
Reset User Password Request Represents the request to reset a user's password as an administrator.
- Admin
Reset User Password Response Represents the response from the server to reset a user password as an administrator.
- Admin
Respond ToAuth Challenge Request The request to respond to the authentication challenge, as an administrator.
- Admin
Respond ToAuth Challenge Response Responds to the authentication challenge, as an administrator.
- Admin
SetUserMFA Preference Request - Admin
SetUserMFA Preference Response - Admin
SetUser Password Request - Admin
SetUser Password Response - Admin
SetUser Settings Request You can use this parameter to set an MFA configuration that uses the SMS delivery medium.
- Admin
SetUser Settings Response Represents the response from the server to set user settings as an administrator.
- Admin
Update Auth Event Feedback Request - Admin
Update Auth Event Feedback Response - Admin
Update Device Status Request The request to update the device status, as an administrator.
- Admin
Update Device Status Response The status response from the request to update the device, as an administrator.
- Admin
Update User Attributes Request Represents the request to update the user's attributes as an administrator.
- Admin
Update User Attributes Response Represents the response from the server for the request to update user attributes as an administrator.
- Admin
User Global Sign OutRequest The request to sign out of all devices, as an administrator.
- Admin
User Global Sign OutResponse The global sign-out response, as an administrator.
- Analytics
Configuration Type The Amazon Pinpoint analytics configuration for collecting metrics for a user pool.
Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the region in which the user pool resides.
- Analytics
Metadata Type An Amazon Pinpoint analytics endpoint.
An endpoint uniquely identifies a mobile device, email address, or phone number that can receive messages from Amazon Pinpoint analytics.
Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the region in which the user pool resides.
- Associate
Software Token Request - Associate
Software Token Response - Attribute
Type Specifies whether the attribute is standard or custom.
- Auth
Event Type The authentication event type.
- Authentication
Result Type The authentication result.
- Challenge
Response Type The challenge response type.
- Change
Password Request Represents the request to change a user password.
- Change
Password Response The response from the server to the change password request.
- Code
Delivery Details Type The code delivery details being returned from the server.
- Cognito
Identity Provider Client - A client for the Amazon Cognito Identity Provider API.
- Compromised
Credentials Actions Type The compromised credentials actions type
- Compromised
Credentials Risk Configuration Type The compromised credentials risk configuration type.
- Confirm
Device Request Confirms the device request.
- Confirm
Device Response Confirms the device response.
- Confirm
Forgot Password Request The request representing the confirmation for a password reset.
- Confirm
Forgot Password Response The response from the server that results from a user's request to retrieve a forgotten password.
- Confirm
Sign UpRequest Represents the request to confirm registration of a user.
- Confirm
Sign UpResponse Represents the response from the server for the registration confirmation.
- Context
Data Type Contextual user data type used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
- Create
Group Request - Create
Group Response - Create
Identity Provider Request - Create
Identity Provider Response - Create
Resource Server Request - Create
Resource Server Response - Create
User Import JobRequest Represents the request to create the user import job.
- Create
User Import JobResponse Represents the response from the server to the request to create the user import job.
- Create
User Pool Client Request Represents the request to create a user pool client.
- Create
User Pool Client Response Represents the response from the server to create a user pool client.
- Create
User Pool Domain Request - Create
User Pool Domain Response - Create
User Pool Request Represents the request to create a user pool.
- Create
User Pool Response Represents the response from the server for the request to create a user pool.
- Custom
Domain Config Type The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.
- Delete
Group Request - Delete
Identity Provider Request - Delete
Resource Server Request - Delete
User Attributes Request Represents the request to delete user attributes.
- Delete
User Attributes Response Represents the response from the server to delete user attributes.
- Delete
User Pool Client Request Represents the request to delete a user pool client.
- Delete
User Pool Domain Request - Delete
User Pool Domain Response - Delete
User Pool Request Represents the request to delete a user pool.
- Delete
User Request Represents the request to delete a user.
- Describe
Identity Provider Request - Describe
Identity Provider Response - Describe
Resource Server Request - Describe
Resource Server Response - Describe
Risk Configuration Request - Describe
Risk Configuration Response - Describe
User Import JobRequest Represents the request to describe the user import job.
- Describe
User Import JobResponse Represents the response from the server to the request to describe the user import job.
- Describe
User Pool Client Request Represents the request to describe a user pool client.
- Describe
User Pool Client Response Represents the response from the server from a request to describe the user pool client.
- Describe
User Pool Domain Request - Describe
User Pool Domain Response - Describe
User Pool Request Represents the request to describe the user pool.
- Describe
User Pool Response Represents the response to describe the user pool.
- Device
Configuration Type The configuration for the user pool's device tracking.
- Device
Secret Verifier Config Type The device verifier against which it will be authenticated.
- Device
Type The device type.
- Domain
Description Type A container for information about a domain.
- Email
Configuration Type The email configuration type.
- Event
Context Data Type Specifies the user context data captured at the time of an event request.
- Event
Feedback Type Specifies the event feedback type.
- Event
Risk Type The event risk type.
- Forget
Device Request Represents the request to forget the device.
- Forgot
Password Request Represents the request to reset a user's password.
- Forgot
Password Response Respresents the response from the server regarding the request to reset a password.
- GetCSV
Header Request Represents the request to get the header information for the .csv file for the user import job.
- GetCSV
Header Response Represents the response from the server to the request to get the header information for the .csv file for the user import job.
- GetDevice
Request Represents the request to get the device.
- GetDevice
Response Gets the device response.
- GetGroup
Request - GetGroup
Response - GetIdentity
Provider ByIdentifier Request - GetIdentity
Provider ByIdentifier Response - GetSigning
Certificate Request Request to get a signing certificate from Cognito.
- GetSigning
Certificate Response Response from Cognito for a signing certificate request.
- GetUI
Customization Request - GetUI
Customization Response - GetUser
Attribute Verification Code Request Represents the request to get user attribute verification.
- GetUser
Attribute Verification Code Response The verification code response returned by the server response to get the user attribute verification code.
- GetUser
Pool MfaConfig Request - GetUser
Pool MfaConfig Response - GetUser
Request Represents the request to get information about the user.
- GetUser
Response Represents the response from the server from the request to get information about the user.
- Global
Sign OutRequest Represents the request to sign out all devices.
- Global
Sign OutResponse The response to the request to sign out all devices.
- Group
Type The group type.
- Http
Header The HTTP header.
- Identity
Provider Type A container for information about an identity provider.
- Initiate
Auth Request Initiates the authentication request.
- Initiate
Auth Response Initiates the authentication response.
- Lambda
Config Type Specifies the configuration for AWS Lambda triggers.
- List
Devices Request Represents the request to list the devices.
- List
Devices Response Represents the response to list devices.
- List
Groups Request - List
Groups Response - List
Identity Providers Request - List
Identity Providers Response - List
Resource Servers Request - List
Resource Servers Response - List
Tags ForResource Request - List
Tags ForResource Response - List
User Import Jobs Request Represents the request to list the user import jobs.
- List
User Import Jobs Response Represents the response from the server to the request to list the user import jobs.
- List
User Pool Clients Request Represents the request to list the user pool clients.
- List
User Pool Clients Response Represents the response from the server that lists user pool clients.
- List
User Pools Request Represents the request to list user pools.
- List
User Pools Response Represents the response to list user pools.
- List
Users InGroup Request - List
Users InGroup Response - List
Users Request Represents the request to list users.
- List
Users Response The response from the request to list users.
- MFAOption
Type This data type is no longer supported. You can use it only for SMS MFA configurations. You can't use it for TOTP software token MFA configurations.
To set either type of MFA configuration, use the AdminSetUserMFAPreference or SetUserMFAPreference actions.
To look up information about either type of MFA configuration, use the AdminGetUserResponse$UserMFASettingList or GetUserResponse$UserMFASettingList responses.
- Message
Template Type The message template structure.
- NewDevice
Metadata Type The new device metadata type.
- Notify
Configuration Type The notify configuration type.
- Notify
Email Type The notify email type.
- Number
Attribute Constraints Type The minimum and maximum value of an attribute that is of the number data type.
- Password
Policy Type The password policy type.
- Provider
Description A container for identity provider details.
- Provider
User Identifier Type A container for information about an identity provider for a user pool.
- Recovery
Option Type A map containing a priority as a key, and recovery method name as a value.
- Resend
Confirmation Code Request Represents the request to resend the confirmation code.
- Resend
Confirmation Code Response The response from the server when the Amazon Cognito Your User Pools service makes the request to resend a confirmation code.
- Resource
Server Scope Type A resource server scope.
- Resource
Server Type A container for information about a resource server for a user pool.
- Respond
ToAuth Challenge Request The request to respond to an authentication challenge.
- Respond
ToAuth Challenge Response The response to respond to the authentication challenge.
- Risk
Configuration Type The risk configuration type.
- Risk
Exception Configuration Type The type of the configuration to override the risk decision.
- SMSMfa
Settings Type The type used for enabling SMS MFA at the user level.
- Schema
Attribute Type Contains information about the schema attribute.
- SetRisk
Configuration Request - SetRisk
Configuration Response - SetUI
Customization Request - SetUI
Customization Response - SetUserMFA
Preference Request - SetUserMFA
Preference Response - SetUser
Pool MfaConfig Request - SetUser
Pool MfaConfig Response - SetUser
Settings Request Represents the request to set user settings.
- SetUser
Settings Response The response from the server for a set user settings request.
- Sign
UpRequest Represents the request to register a user.
- Sign
UpResponse The response from the server for a registration request.
- SmsConfiguration
Type The SMS configuration type that includes the settings the Cognito User Pool needs to call for the Amazon SNS service to send an SMS message from your AWS account. The Cognito User Pool makes the request to the Amazon SNS Service by using an AWS IAM role that you provide for your AWS account.
- SmsMfa
Config Type The SMS text message multi-factor authentication (MFA) configuration type.
- Software
Token MfaConfig Type The type used for enabling software token MFA at the user pool level.
- Software
Token MfaSettings Type The type used for enabling software token MFA at the user level.
- Start
User Import JobRequest Represents the request to start the user import job.
- Start
User Import JobResponse Represents the response from the server to the request to start the user import job.
- Stop
User Import JobRequest Represents the request to stop the user import job.
- Stop
User Import JobResponse Represents the response from the server to the request to stop the user import job.
- String
Attribute Constraints Type The constraints associated with a string attribute.
- TagResource
Request - TagResource
Response - UICustomization
Type A container for the UI customization information for a user pool's built-in app UI.
- Untag
Resource Request - Untag
Resource Response - Update
Auth Event Feedback Request - Update
Auth Event Feedback Response - Update
Device Status Request Represents the request to update the device status.
- Update
Device Status Response The response to the request to update the device status.
- Update
Group Request - Update
Group Response - Update
Identity Provider Request - Update
Identity Provider Response - Update
Resource Server Request - Update
Resource Server Response - Update
User Attributes Request Represents the request to update user attributes.
- Update
User Attributes Response Represents the response from the server for the request to update user attributes.
- Update
User Pool Client Request Represents the request to update the user pool client.
- Update
User Pool Client Response Represents the response from the server to the request to update the user pool client.
- Update
User Pool Domain Request The UpdateUserPoolDomain request input.
- Update
User Pool Domain Response The UpdateUserPoolDomain response output.
- Update
User Pool Request Represents the request to update the user pool.
- Update
User Pool Response Represents the response from the server when you make a request to update the user pool.
- User
Context Data Type Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
- User
Import JobType The user import job type.
- User
Pool AddOns Type The user pool add-ons type.
- User
Pool Client Description The description of the user pool client.
- User
Pool Client Type Contains information about a user pool client.
- User
Pool Description Type A user pool description.
- User
Pool Policy Type The policy associated with a user pool.
- User
Pool Type A container for information about the user pool.
- User
Type The user type.
- Username
Configuration Type The username configuration type.
- Verification
Message Template Type The template for verification messages.
- Verify
Software Token Request - Verify
Software Token Response - Verify
User Attribute Request Represents the request to verify user attributes.
- Verify
User Attribute Response A container representing the response from the server from the request to verify user attributes.
Enums§
- AddCustom
Attributes Error - Errors returned by AddCustomAttributes
- Admin
AddUser ToGroup Error - Errors returned by AdminAddUserToGroup
- Admin
Confirm Sign UpError - Errors returned by AdminConfirmSignUp
- Admin
Create User Error - Errors returned by AdminCreateUser
- Admin
Delete User Attributes Error - Errors returned by AdminDeleteUserAttributes
- Admin
Delete User Error - Errors returned by AdminDeleteUser
- Admin
Disable Provider ForUser Error - Errors returned by AdminDisableProviderForUser
- Admin
Disable User Error - Errors returned by AdminDisableUser
- Admin
Enable User Error - Errors returned by AdminEnableUser
- Admin
Forget Device Error - Errors returned by AdminForgetDevice
- Admin
GetDevice Error - Errors returned by AdminGetDevice
- Admin
GetUser Error - Errors returned by AdminGetUser
- Admin
Initiate Auth Error - Errors returned by AdminInitiateAuth
- Admin
Link Provider ForUser Error - Errors returned by AdminLinkProviderForUser
- Admin
List Devices Error - Errors returned by AdminListDevices
- Admin
List Groups ForUser Error - Errors returned by AdminListGroupsForUser
- Admin
List User Auth Events Error - Errors returned by AdminListUserAuthEvents
- Admin
Remove User From Group Error - Errors returned by AdminRemoveUserFromGroup
- Admin
Reset User Password Error - Errors returned by AdminResetUserPassword
- Admin
Respond ToAuth Challenge Error - Errors returned by AdminRespondToAuthChallenge
- Admin
SetUserMFA Preference Error - Errors returned by AdminSetUserMFAPreference
- Admin
SetUser Password Error - Errors returned by AdminSetUserPassword
- Admin
SetUser Settings Error - Errors returned by AdminSetUserSettings
- Admin
Update Auth Event Feedback Error - Errors returned by AdminUpdateAuthEventFeedback
- Admin
Update Device Status Error - Errors returned by AdminUpdateDeviceStatus
- Admin
Update User Attributes Error - Errors returned by AdminUpdateUserAttributes
- Admin
User Global Sign OutError - Errors returned by AdminUserGlobalSignOut
- Associate
Software Token Error - Errors returned by AssociateSoftwareToken
- Change
Password Error - Errors returned by ChangePassword
- Confirm
Device Error - Errors returned by ConfirmDevice
- Confirm
Forgot Password Error - Errors returned by ConfirmForgotPassword
- Confirm
Sign UpError - Errors returned by ConfirmSignUp
- Create
Group Error - Errors returned by CreateGroup
- Create
Identity Provider Error - Errors returned by CreateIdentityProvider
- Create
Resource Server Error - Errors returned by CreateResourceServer
- Create
User Import JobError - Errors returned by CreateUserImportJob
- Create
User Pool Client Error - Errors returned by CreateUserPoolClient
- Create
User Pool Domain Error - Errors returned by CreateUserPoolDomain
- Create
User Pool Error - Errors returned by CreateUserPool
- Delete
Group Error - Errors returned by DeleteGroup
- Delete
Identity Provider Error - Errors returned by DeleteIdentityProvider
- Delete
Resource Server Error - Errors returned by DeleteResourceServer
- Delete
User Attributes Error - Errors returned by DeleteUserAttributes
- Delete
User Error - Errors returned by DeleteUser
- Delete
User Pool Client Error - Errors returned by DeleteUserPoolClient
- Delete
User Pool Domain Error - Errors returned by DeleteUserPoolDomain
- Delete
User Pool Error - Errors returned by DeleteUserPool
- Describe
Identity Provider Error - Errors returned by DescribeIdentityProvider
- Describe
Resource Server Error - Errors returned by DescribeResourceServer
- Describe
Risk Configuration Error - Errors returned by DescribeRiskConfiguration
- Describe
User Import JobError - Errors returned by DescribeUserImportJob
- Describe
User Pool Client Error - Errors returned by DescribeUserPoolClient
- Describe
User Pool Domain Error - Errors returned by DescribeUserPoolDomain
- Describe
User Pool Error - Errors returned by DescribeUserPool
- Forget
Device Error - Errors returned by ForgetDevice
- Forgot
Password Error - Errors returned by ForgotPassword
- GetCSV
Header Error - Errors returned by GetCSVHeader
- GetDevice
Error - Errors returned by GetDevice
- GetGroup
Error - Errors returned by GetGroup
- GetIdentity
Provider ByIdentifier Error - Errors returned by GetIdentityProviderByIdentifier
- GetSigning
Certificate Error - Errors returned by GetSigningCertificate
- GetUI
Customization Error - Errors returned by GetUICustomization
- GetUser
Attribute Verification Code Error - Errors returned by GetUserAttributeVerificationCode
- GetUser
Error - Errors returned by GetUser
- GetUser
Pool MfaConfig Error - Errors returned by GetUserPoolMfaConfig
- Global
Sign OutError - Errors returned by GlobalSignOut
- Initiate
Auth Error - Errors returned by InitiateAuth
- List
Devices Error - Errors returned by ListDevices
- List
Groups Error - Errors returned by ListGroups
- List
Identity Providers Error - Errors returned by ListIdentityProviders
- List
Resource Servers Error - Errors returned by ListResourceServers
- List
Tags ForResource Error - Errors returned by ListTagsForResource
- List
User Import Jobs Error - Errors returned by ListUserImportJobs
- List
User Pool Clients Error - Errors returned by ListUserPoolClients
- List
User Pools Error - Errors returned by ListUserPools
- List
Users Error - Errors returned by ListUsers
- List
Users InGroup Error - Errors returned by ListUsersInGroup
- Resend
Confirmation Code Error - Errors returned by ResendConfirmationCode
- Respond
ToAuth Challenge Error - Errors returned by RespondToAuthChallenge
- SetRisk
Configuration Error - Errors returned by SetRiskConfiguration
- SetUI
Customization Error - Errors returned by SetUICustomization
- SetUserMFA
Preference Error - Errors returned by SetUserMFAPreference
- SetUser
Pool MfaConfig Error - Errors returned by SetUserPoolMfaConfig
- SetUser
Settings Error - Errors returned by SetUserSettings
- Sign
UpError - Errors returned by SignUp
- Start
User Import JobError - Errors returned by StartUserImportJob
- Stop
User Import JobError - Errors returned by StopUserImportJob
- TagResource
Error - Errors returned by TagResource
- Untag
Resource Error - Errors returned by UntagResource
- Update
Auth Event Feedback Error - Errors returned by UpdateAuthEventFeedback
- Update
Device Status Error - Errors returned by UpdateDeviceStatus
- Update
Group Error - Errors returned by UpdateGroup
- Update
Identity Provider Error - Errors returned by UpdateIdentityProvider
- Update
Resource Server Error - Errors returned by UpdateResourceServer
- Update
User Attributes Error - Errors returned by UpdateUserAttributes
- Update
User Pool Client Error - Errors returned by UpdateUserPoolClient
- Update
User Pool Domain Error - Errors returned by UpdateUserPoolDomain
- Update
User Pool Error - Errors returned by UpdateUserPool
- Verify
Software Token Error - Errors returned by VerifySoftwareToken
- Verify
User Attribute Error - Errors returned by VerifyUserAttribute
Traits§
- Cognito
Identity Provider - Trait representing the capabilities of the Amazon Cognito Identity Provider API. Amazon Cognito Identity Provider clients implement this trait.