2016/04/19 - Amazon Cognito Identity Provider - 36 new api methods
Lists the users in the Amazon Cognito user pool.
Request Syntax
client.list_users(
UserPoolId='string',
AttributesToGet=[
'string',
],
Limit=123,
PaginationToken='string',
UserStatus='UNCONFIRMED'|'CONFIRMED'|'ARCHIVED'|'COMPROMISED'|'UNKNOWN'
)
string
[REQUIRED]
The user pool ID for which you want to list users.
list
The attributes to get from the request to list users.
(string) --
integer
The limit of the request to list users.
string
An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
string
The user status. Can be one of the following:
UNCONFIRMED - User has been created but not confirmed.
CONFIRMED - User has been confirmed.
ARCHIVED - User is no longer active.
COMPROMISED - User is disabled due to a potential security threat.
UNKNOWN - User status is not known.
dict
Response Syntax
{
'Users': [
{
'Username': 'string',
'Attributes': [
{
'Name': 'string',
'Value': 'string'
},
],
'UserCreateDate': datetime(2015, 1, 1),
'UserLastModifiedDate': datetime(2015, 1, 1),
'Enabled': True|False,
'UserStatus': 'UNCONFIRMED'|'CONFIRMED'|'ARCHIVED'|'COMPROMISED'|'UNKNOWN'
},
],
'PaginationToken': 'string'
}
Response Structure
(dict) --
The response from the request to list users.
Users (list) --
The users returned in the request to list users.
(dict) --
The user type.
Username (string) --
The user name of the user you wish to describe.
Attributes (list) --
A container with information about the user type attributes.
(dict) --
Specifies whether the attribute is standard or custom.
Name (string) --
The name of the attribute.
Value (string) --
The value of the attribute.
UserCreateDate (datetime) --
The creation date of the user.
UserLastModifiedDate (datetime) --
The last modified date of the user.
Enabled (boolean) --
Specifies whether the user is enabled.
UserStatus (string) --
The user status. Can be one of the following:
UNCONFIRMED - User has been created but not confirmed.
CONFIRMED - User has been confirmed.
ARCHIVED - User is no longer active.
COMPROMISED - User is disabled due to a potential security threat.
UNKNOWN - User status is not known.
PaginationToken (string) --
An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
Confirms registration of a user and handles the existing alias from a previous user.
Request Syntax
client.confirm_sign_up(
ClientId='string',
SecretHash='string',
Username='string',
ConfirmationCode='string',
ForceAliasCreation=True|False
)
string
[REQUIRED]
The ID of the client associated with the user pool.
string
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
string
[REQUIRED]
The user name of the user whose registration you wish to confirm.
string
[REQUIRED]
The confirmation code sent by a user's request to confirm registration.
boolean
Boolean to be specified to force user confirmation irrespective of existing alias. By default set to False. If this parameter is set to True and the phone number/email used for sign up confirmation already exists as an alias with a different user, the API call will migrate the alias from the previous user to the newly created user being confirmed. If set to False, the API will throw an AliasExistsException error.
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response from the server for the registration confirmation.
Resets the specified user's password in a user pool as an administrator. Works on any user.
Request Syntax
client.admin_reset_user_password(
UserPoolId='string',
Username='string'
)
string
[REQUIRED]
The user pool ID for the user pool where you want to reset the user's password.
string
[REQUIRED]
The user name of the user whose password you wish to reset.
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response from the server to reset a user password as an administrator.
Creates a new Amazon Cognito user pool and sets the password policy for the pool.
Request Syntax
client.create_user_pool(
PoolName='string',
Policies={
'PasswordPolicy': {
'MinimumLength': 123,
'RequireUppercase': True|False,
'RequireLowercase': True|False,
'RequireNumbers': True|False,
'RequireSymbols': True|False
}
},
LambdaConfig={
'PreSignUp': 'string',
'CustomMessage': 'string',
'PostConfirmation': 'string',
'PreAuthentication': 'string',
'PostAuthentication': 'string'
},
AutoVerifiedAttributes=[
'phone_number'|'email',
],
AliasAttributes=[
'phone_number'|'email'|'preferred_username',
],
SmsVerificationMessage='string',
EmailVerificationMessage='string',
EmailVerificationSubject='string',
SmsAuthenticationMessage='string',
MfaConfiguration='OFF'|'ON'|'OPTIONAL'
)
string
[REQUIRED]
A string used to name the user pool.
dict
The policies associated with the new user pool.
PasswordPolicy (dict) --
A container with information about the user pool password policy.
MinimumLength (integer) --
The minimum length of the password policy that you have set. Cannot be less than 6.
RequireUppercase (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.
RequireLowercase (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.
RequireNumbers (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one number in their password.
RequireSymbols (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.
dict
The Lambda trigger configuration information for the new user pool.
PreSignUp (string) --
A pre-registration AWS Lambda trigger.
CustomMessage (string) --
A custom Message AWS Lambda trigger.
PostConfirmation (string) --
A post-confirmation AWS Lambda trigger.
PreAuthentication (string) --
A pre-authentication AWS Lambda trigger.
PostAuthentication (string) --
A post-authentication AWS Lambda trigger.
list
The attributes to be auto-verified. Possible values: email, phone_number.
(string) --
list
Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username.
(string) --
string
A string representing the SMS verification message.
string
A string representing the email verification message.
string
A string representing the email verification subject.
string
A string representing the SMS authentication message.
string
Specifies MFA configuration details.
dict
Response Syntax
{
'UserPool': {
'Id': 'string',
'Name': 'string',
'Policies': {
'PasswordPolicy': {
'MinimumLength': 123,
'RequireUppercase': True|False,
'RequireLowercase': True|False,
'RequireNumbers': True|False,
'RequireSymbols': True|False
}
},
'LambdaConfig': {
'PreSignUp': 'string',
'CustomMessage': 'string',
'PostConfirmation': 'string',
'PreAuthentication': 'string',
'PostAuthentication': 'string'
},
'Status': 'Enabled'|'Disabled',
'LastModifiedDate': datetime(2015, 1, 1),
'CreationDate': datetime(2015, 1, 1),
'SchemaAttributes': [
{
'Name': 'string',
'AttributeDataType': 'String'|'Number'|'DateTime'|'Boolean',
'DeveloperOnlyAttribute': True|False,
'Mutable': True|False,
'Required': True|False,
'NumberAttributeConstraints': {
'MinValue': 'string',
'MaxValue': 'string'
},
'StringAttributeConstraints': {
'MinLength': 'string',
'MaxLength': 'string'
}
},
],
'AutoVerifiedAttributes': [
'phone_number'|'email',
],
'AliasAttributes': [
'phone_number'|'email'|'preferred_username',
],
'SmsVerificationMessage': 'string',
'EmailVerificationMessage': 'string',
'EmailVerificationSubject': 'string',
'SmsAuthenticationMessage': 'string',
'MfaConfiguration': 'OFF'|'ON'|'OPTIONAL',
'EstimatedNumberOfUsers': 123
}
}
Response Structure
(dict) --
Represents the response from the server for the request to create a user pool.
UserPool (dict) --
A container for the user pool details.
Id (string) --
The ID of the user pool.
Name (string) --
The name of the user pool.
Policies (dict) --
A container describing the policies associated with a user pool.
PasswordPolicy (dict) --
A container with information about the user pool password policy.
MinimumLength (integer) --
The minimum length of the password policy that you have set. Cannot be less than 6.
RequireUppercase (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.
RequireLowercase (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.
RequireNumbers (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one number in their password.
RequireSymbols (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.
LambdaConfig (dict) --
A container describing the AWS Lambda triggers associated with a user pool.
PreSignUp (string) --
A pre-registration AWS Lambda trigger.
CustomMessage (string) --
A custom Message AWS Lambda trigger.
PostConfirmation (string) --
A post-confirmation AWS Lambda trigger.
PreAuthentication (string) --
A pre-authentication AWS Lambda trigger.
PostAuthentication (string) --
A post-authentication AWS Lambda trigger.
Status (string) --
The status of a user pool.
LastModifiedDate (datetime) --
The last modified date of a user pool.
CreationDate (datetime) --
The creation date of a user pool.
SchemaAttributes (list) --
A container with the schema attributes of a user pool.
(dict) --
Contains information about the schema attribute.
Name (string) --
A schema attribute of the name type.
AttributeDataType (string) --
The attribute data type.
DeveloperOnlyAttribute (boolean) --
Specifies whether the attribute type is developer only.
Mutable (boolean) --
Specifies whether the attribute can be changed once it has been created.
Required (boolean) --
Specifies whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail.
NumberAttributeConstraints (dict) --
Specifies the constraints for an attribute of the number type.
MinValue (string) --
The minimum value of an attribute that is of the number data type.
MaxValue (string) --
The maximum value of an attribute that is of the number data type.
StringAttributeConstraints (dict) --
Specifies the constraints for an attribute of the string type.
MinLength (string) --
The minimum length of an attribute value of the string type.
MaxLength (string) --
The maximum length of an attribute value of the string type.
AutoVerifiedAttributes (list) --
Specifies the attributes that are auto-verified in a user pool.
(string) --
AliasAttributes (list) --
Specifies the attributes that are aliased in a user pool.
(string) --
SmsVerificationMessage (string) --
The contents of the SMS verification message.
EmailVerificationMessage (string) --
The contents of the email verification message.
EmailVerificationSubject (string) --
The subject of the email verification message.
SmsAuthenticationMessage (string) --
The contents of the SMS authentication message.
MfaConfiguration (string) --
Can be one of the following values:
OFF - MFA tokens are not required and cannot be specified during user registration.
ON - MFA tokens are required for all user registrations. You can only specify required when you are initially creating a user pool.
OPTIONAL - Users have the option when registering to create an MFA token.
EstimatedNumberOfUsers (integer) --
A number estimating the size of the user pool.
Deletes a user as an administrator. Works on any user.
Request Syntax
client.admin_delete_user(
UserPoolId='string',
Username='string'
)
string
[REQUIRED]
The user pool ID for the user pool where you want to delete the user.
string
[REQUIRED]
The user name of the user you wish to delete.
None
Sets the user settings like multi-factor authentication (MFA). If MFA is to be removed for a particular attribute pass the attribute with code delivery as null. If null list is passed, all MFA options are removed.
Request Syntax
client.set_user_settings(
AccessToken='string',
MFAOptions=[
{
'DeliveryMedium': 'SMS'|'EMAIL',
'AttributeName': 'string'
},
]
)
string
[REQUIRED]
The access token for the set user settings request.
list
[REQUIRED]
Specifies the options for MFA (e.g., email or phone number).
(dict) --
Specifies the different settings for multi-factor authentication (MFA).
DeliveryMedium (string) --
The delivery medium (email message or SMS message) to send the MFA code.
AttributeName (string) --
The attribute name of the MFA option type.
dict
Response Syntax
{}
Response Structure
(dict) --
The response from the server for a set user settings request.
Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
Request Syntax
client.resend_confirmation_code(
ClientId='string',
SecretHash='string',
Username='string'
)
string
[REQUIRED]
The ID of the client associated with the user pool.
string
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
string
[REQUIRED]
The user name of the user to whom you wish to resend a confirmation code.
dict
Response Syntax
{
'CodeDeliveryDetails': {
'Destination': 'string',
'DeliveryMedium': 'SMS'|'EMAIL',
'AttributeName': 'string'
}
}
Response Structure
(dict) --
The response from the server when the Amazon Cognito service makes the request to resend a confirmation code.
CodeDeliveryDetails (dict) --
The type of code delivery details being returned from the server.
Destination (string) --
The destination for the code delivery details.
DeliveryMedium (string) --
The delivery medium (email message or phone number).
AttributeName (string) --
The name of the attribute in the code delivery details type.
Gets the JSON Web keys for the specified user pool.
Request Syntax
client.get_jwks(
UserPoolId='string'
)
string
[REQUIRED]
The user pool ID for the user pool where you want to get JSON Web keys.
dict
Response Syntax
{
'keys': [
{
'kty': 'string',
'alg': 'string',
'use': 'string',
'kid': 'string',
'n': 'string',
'e': 'string'
},
]
}
Response Structure
(dict) --
Represents the response from the server to get JSON Web keys.
keys (list) --
The keys in a get JSON Web keys response.
(dict) --
A JSON Web Key key type in JSON Web Key (JWK) Format.
kty (string) --
A "kty" key type parameter. For more information, see `JSON Web Key (JWK) Format.
alg (string) --
A "kty" (Key Type) parameter. For more information, see "kty" (Key Type) Parameter.
use (string) --
A "use" (Public Key Use) parameter. For more information, see "use" (Public Key Use) Parameter.
kid (string) --
A "kid" (Key ID) parameter. For more information, see "kid" (Key ID) Parameter.
n (string) --
An "n" parameter.
e (string) --
An "e" parameter.
Registers the user in the specified user pool and creates a user name, password, and user attributes.
Request Syntax
client.sign_up(
ClientId='string',
SecretHash='string',
Username='string',
Password='string',
UserAttributes=[
{
'Name': 'string',
'Value': 'string'
},
],
ValidationData=[
{
'Name': 'string',
'Value': 'string'
},
]
)
string
[REQUIRED]
The ID of the client associated with the user pool.
string
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
string
[REQUIRED]
The user name of the user you wish to register.
string
[REQUIRED]
The password of the user you wish to register.
list
An array of name-value pairs representing user attributes.
(dict) --
Specifies whether the attribute is standard or custom.
Name (string) -- [REQUIRED]
The name of the attribute.
Value (string) --
The value of the attribute.
list
The validation data in the request to register a user.
(dict) --
Specifies whether the attribute is standard or custom.
Name (string) -- [REQUIRED]
The name of the attribute.
Value (string) --
The value of the attribute.
dict
Response Syntax
{
'UserConfirmed': True|False,
'CodeDeliveryDetails': {
'Destination': 'string',
'DeliveryMedium': 'SMS'|'EMAIL',
'AttributeName': 'string'
}
}
Response Structure
(dict) --
The response from the server for a registration request.
UserConfirmed (boolean) --
A response from the server indicating that a user registration has been confirmed.
CodeDeliveryDetails (dict) --
The type of code delivery details being returned from the server.
Destination (string) --
The destination for the code delivery details.
DeliveryMedium (string) --
The delivery medium (email message or phone number).
AttributeName (string) --
The name of the attribute in the code delivery details type.
Allows a user to update a specific attribute (one at a time).
Request Syntax
client.update_user_attributes(
UserAttributes=[
{
'Name': 'string',
'Value': 'string'
},
],
AccessToken='string'
)
list
[REQUIRED]
An array of name-value pairs representing user attributes.
(dict) --
Specifies whether the attribute is standard or custom.
Name (string) -- [REQUIRED]
The name of the attribute.
Value (string) --
The value of the attribute.
string
The access token for the request to update user attributes.
dict
Response Syntax
{
'CodeDeliveryDetailsList': [
{
'Destination': 'string',
'DeliveryMedium': 'SMS'|'EMAIL',
'AttributeName': 'string'
},
]
}
Response Structure
(dict) --
Represents the response from the server for the request to update user attributes.
CodeDeliveryDetailsList (list) --
The code delivery details list from the server for the request to update user attributes.
(dict) --
The type of code delivery details being returned from the server.
Destination (string) --
The destination for the code delivery details.
DeliveryMedium (string) --
The delivery medium (email message or phone number).
AttributeName (string) --
The name of the attribute in the code delivery details type.
Enables the specified user as an administrator. Works on any user.
Request Syntax
client.admin_enable_user(
UserPoolId='string',
Username='string'
)
string
[REQUIRED]
The user pool ID for the user pool where you want to enable the user.
string
[REQUIRED]
The user name of the user you wish to ebable.
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response from the server for the request to enable a user as an administrator.
Gets the user attribute verification code for the specified attribute name.
Request Syntax
client.get_user_attribute_verification_code(
AccessToken='string',
AttributeName='string'
)
string
The access token returned by the server response to get the user attribute verification code.
string
[REQUIRED]
The attribute name returned by the server response to get the user attribute verification code.
dict
Response Syntax
{
'CodeDeliveryDetails': {
'Destination': 'string',
'DeliveryMedium': 'SMS'|'EMAIL',
'AttributeName': 'string'
}
}
Response Structure
(dict) --
The verification code response returned by the server response to get the user attribute verification code.
CodeDeliveryDetails (dict) --
The code delivery details returned by the server response to get the user attribute verification code.
Destination (string) --
The destination for the code delivery details.
DeliveryMedium (string) --
The delivery medium (email message or phone number).
AttributeName (string) --
The name of the attribute in the code delivery details type.
Lists the clients that have been created for the specified user pool.
Request Syntax
client.list_user_pool_clients(
UserPoolId='string',
MaxResults=123,
NextToken='string'
)
string
[REQUIRED]
The user pool ID for the user pool where you want to list user pool clients.
integer
The maximum number of results you want the request to return when listing the user pool clients.
string
An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
dict
Response Syntax
{
'UserPoolClients': [
{
'ClientId': 'string',
'UserPoolId': 'string',
'ClientName': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Represents the response from the server that lists user pool clients.
UserPoolClients (list) --
The user pool clients in the response that lists user pool clients.
(dict) --
The description of the user poool client.
ClientId (string) --
The ID of the client associated with the user pool.
UserPoolId (string) --
The user pool ID for the user pool where you want to describe the user pool client.
ClientName (string) --
The client name from the user pool client description.
NextToken (string) --
An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
Sets all the user settings for a specified user name. Works on any user.
Request Syntax
client.admin_set_user_settings(
UserPoolId='string',
Username='string',
MFAOptions=[
{
'DeliveryMedium': 'SMS'|'EMAIL',
'AttributeName': 'string'
},
]
)
string
[REQUIRED]
The user pool ID for the user pool where you want to set the user's settings, such as MFA options.
string
[REQUIRED]
The user name of the user for whom you wish to set user settings.
list
[REQUIRED]
Specifies the options for MFA (e.g., email or phone number).
(dict) --
Specifies the different settings for multi-factor authentication (MFA).
DeliveryMedium (string) --
The delivery medium (email message or SMS message) to send the MFA code.
AttributeName (string) --
The attribute name of the MFA option type.
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response from the server to set user settings as an administrator.
Allows a user to delete one's self.
Request Syntax
client.delete_user(
AccessToken='string'
)
string
The access token from a request to delete a user.
None
Lists the user pools associated with an AWS account.
Request Syntax
client.list_user_pools(
NextToken='string',
MaxResults=123
)
string
An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
integer
[REQUIRED]
The maximum number of results you want the request to return when listing the user pools.
dict
Response Syntax
{
'UserPools': [
{
'Id': 'string',
'Name': 'string',
'LambdaConfig': {
'PreSignUp': 'string',
'CustomMessage': 'string',
'PostConfirmation': 'string',
'PreAuthentication': 'string',
'PostAuthentication': 'string'
},
'Status': 'Enabled'|'Disabled',
'LastModifiedDate': datetime(2015, 1, 1),
'CreationDate': datetime(2015, 1, 1)
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Represents the response to list user pools.
UserPools (list) --
The user pools from the response to list users.
(dict) --
A user pool description.
Id (string) --
The ID in a user pool description.
Name (string) --
The name in a user pool description.
LambdaConfig (dict) --
The AWS Lambda configuration information in a user pool description.
PreSignUp (string) --
A pre-registration AWS Lambda trigger.
CustomMessage (string) --
A custom Message AWS Lambda trigger.
PostConfirmation (string) --
A post-confirmation AWS Lambda trigger.
PreAuthentication (string) --
A pre-authentication AWS Lambda trigger.
PostAuthentication (string) --
A post-authentication AWS Lambda trigger.
Status (string) --
The user pool status in a user pool description.
LastModifiedDate (datetime) --
The last modified date in a user pool description.
CreationDate (datetime) --
The creation date in a user pool description.
NextToken (string) --
An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
Allows the developer to delete the user pool client.
Request Syntax
client.delete_user_pool_client(
UserPoolId='string',
ClientId='string'
)
string
[REQUIRED]
The user pool ID for the user pool where you want to delete the client.
string
[REQUIRED]
The ID of the client associated with the user pool.
None
Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user.
Request Syntax
client.admin_update_user_attributes(
UserPoolId='string',
Username='string',
UserAttributes=[
{
'Name': 'string',
'Value': 'string'
},
]
)
string
[REQUIRED]
The user pool ID for the user pool where you want to update user attributes.
string
[REQUIRED]
The user name of the user for whom you want to update user attributes.
list
[REQUIRED]
An array of name-value pairs representing user attributes.
(dict) --
Specifies whether the attribute is standard or custom.
Name (string) -- [REQUIRED]
The name of the attribute.
Value (string) --
The value of the attribute.
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response from the server for the request to update user attributes as an administrator.
Verifies the specified user attributes in the user pool.
Request Syntax
client.verify_user_attribute(
AccessToken='string',
AttributeName='string',
Code='string'
)
string
Represents the access token of the request to verify user attributes.
string
[REQUIRED]
The attribute name in the request to verify user attributes.
string
[REQUIRED]
The verification code in the request to verify user attributes.
dict
Response Syntax
{}
Response Structure
(dict) --
A container representing the response from the server from the request to verify user attributes.
Allows the developer to update the specified user pool client and password policy.
Request Syntax
client.update_user_pool_client(
UserPoolId='string',
ClientId='string',
ClientName='string'
)
string
[REQUIRED]
The user pool ID for the user pool where you want to update the user pool client.
string
[REQUIRED]
The ID of the client associated with the user pool.
string
The client name from the update user pool client request.
dict
Response Syntax
{
'UserPoolClient': {
'UserPoolId': 'string',
'ClientName': 'string',
'ClientId': 'string',
'ClientSecret': 'string',
'LastModifiedDate': datetime(2015, 1, 1),
'CreationDate': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
Represents the response from the server to the request to update the user pool client.
UserPoolClient (dict) --
The user pool client value from the response from the server when an update user pool client request is made.
UserPoolId (string) --
The user pool ID for the user pool client.
ClientName (string) --
The client name from the user pool request of the client type.
ClientId (string) --
The ID of the client associated with the user pool.
ClientSecret (string) --
The client secret from the user pool request of the client type.
LastModifiedDate (datetime) --
The last modified date from the user pool request of the client type.
CreationDate (datetime) --
The creation date from the user pool request of the client type.
Deletes the specified Amazon Cognito user pool.
Request Syntax
client.delete_user_pool(
UserPoolId='string'
)
string
[REQUIRED]
The user pool ID for the user pool you want to delete.
None
Deletes the attributes for a user.
Request Syntax
client.delete_user_attributes(
UserAttributeNames=[
'string',
],
AccessToken='string'
)
list
[REQUIRED]
An array of strings representing the user attribute names you wish to delete.
(string) --
string
The access token used in the request to delete user attributes.
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response from the server to delete user attributes.
Retrieves the password for the specified client ID or username.
Request Syntax
client.forgot_password(
ClientId='string',
SecretHash='string',
Username='string'
)
string
[REQUIRED]
The ID of the client associated with the user pool.
string
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
string
[REQUIRED]
The user name of the user for whom you want to enter a code to retrieve a forgotten password.
dict
Response Syntax
{
'CodeDeliveryDetails': {
'Destination': 'string',
'DeliveryMedium': 'SMS'|'EMAIL',
'AttributeName': 'string'
}
}
Response Structure
(dict) --
Respresents the response from the server regarding the request to reset a password.
CodeDeliveryDetails (dict) --
The type of code delivery details being returned from the server.
Destination (string) --
The destination for the code delivery details.
DeliveryMedium (string) --
The delivery medium (email message or phone number).
AttributeName (string) --
The name of the attribute in the code delivery details type.
Creates the user pool client.
Request Syntax
client.create_user_pool_client(
UserPoolId='string',
ClientName='string',
GenerateSecret=True|False
)
string
[REQUIRED]
The user pool ID for the user pool where you want to create a user pool client.
string
[REQUIRED]
The client name for the user pool client you would like to create.
boolean
Boolean to specify whether you want to generate a secret for the user pool client being created.
dict
Response Syntax
{
'UserPoolClient': {
'UserPoolId': 'string',
'ClientName': 'string',
'ClientId': 'string',
'ClientSecret': 'string',
'LastModifiedDate': datetime(2015, 1, 1),
'CreationDate': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
Represents the response from the server to create a user pool client.
UserPoolClient (dict) --
The user pool client that was just created.
UserPoolId (string) --
The user pool ID for the user pool client.
ClientName (string) --
The client name from the user pool request of the client type.
ClientId (string) --
The ID of the client associated with the user pool.
ClientSecret (string) --
The client secret from the user pool request of the client type.
LastModifiedDate (datetime) --
The last modified date from the user pool request of the client type.
CreationDate (datetime) --
The creation date from the user pool request of the client type.
Updates the specified user pool with the specified attributes.
Request Syntax
client.update_user_pool(
UserPoolId='string',
Policies={
'PasswordPolicy': {
'MinimumLength': 123,
'RequireUppercase': True|False,
'RequireLowercase': True|False,
'RequireNumbers': True|False,
'RequireSymbols': True|False
}
},
LambdaConfig={
'PreSignUp': 'string',
'CustomMessage': 'string',
'PostConfirmation': 'string',
'PreAuthentication': 'string',
'PostAuthentication': 'string'
},
AutoVerifiedAttributes=[
'phone_number'|'email',
],
SmsVerificationMessage='string',
EmailVerificationMessage='string',
EmailVerificationSubject='string',
SmsAuthenticationMessage='string',
MfaConfiguration='OFF'|'ON'|'OPTIONAL'
)
string
[REQUIRED]
The user pool ID for the user pool you want to update.
dict
A container with the policies you wish to update in a user pool.
PasswordPolicy (dict) --
A container with information about the user pool password policy.
MinimumLength (integer) --
The minimum length of the password policy that you have set. Cannot be less than 6.
RequireUppercase (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.
RequireLowercase (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.
RequireNumbers (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one number in their password.
RequireSymbols (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.
dict
The AWS Lambda configuration information from the request to update the user pool.
PreSignUp (string) --
A pre-registration AWS Lambda trigger.
CustomMessage (string) --
A custom Message AWS Lambda trigger.
PostConfirmation (string) --
A post-confirmation AWS Lambda trigger.
PreAuthentication (string) --
A pre-authentication AWS Lambda trigger.
PostAuthentication (string) --
A post-authentication AWS Lambda trigger.
list
The attributes that are automatically verified when the Amazon Cognito service makes a request to update user pools.
(string) --
string
A container with information about the SMS verification message.
string
The contents of the email verification message.
string
The subject of the email verfication message
string
The contents of the SMS authentication message.
string
Can be one of the following values:
OFF - MFA tokens are not required and cannot be specified during user registration.
ON - MFA tokens are required for all user registrations. You can only specify required when you are initially creating a user pool.
OPTIONAL - Users have the option when registering to create an MFA token.
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response from the server when you make a request to update the user pool.
Gets the specified user by user name in a user pool as an administrator. Works on any user.
Request Syntax
client.admin_get_user(
UserPoolId='string',
Username='string'
)
string
[REQUIRED]
The user pool ID for the user pool where you want to get information about the user.
string
[REQUIRED]
The user name of the user you wish to retrieve.
dict
Response Syntax
{
'Username': 'string',
'UserAttributes': [
{
'Name': 'string',
'Value': 'string'
},
],
'UserCreateDate': datetime(2015, 1, 1),
'UserLastModifiedDate': datetime(2015, 1, 1),
'Enabled': True|False,
'UserStatus': 'UNCONFIRMED'|'CONFIRMED'|'ARCHIVED'|'COMPROMISED'|'UNKNOWN',
'MFAOptions': [
{
'DeliveryMedium': 'SMS'|'EMAIL',
'AttributeName': 'string'
},
]
}
Response Structure
(dict) --
Represents the response from the server from the request to get the specified user as an administrator.
Username (string) --
The user name of the user about whom you are receiving information.
UserAttributes (list) --
An array of name-value pairs representing user attributes.
(dict) --
Specifies whether the attribute is standard or custom.
Name (string) --
The name of the attribute.
Value (string) --
The value of the attribute.
UserCreateDate (datetime) --
The date the user was created.
UserLastModifiedDate (datetime) --
The date the user was last modified.
Enabled (boolean) --
Indicates that the status is enabled.
UserStatus (string) --
The user status. Can be one of the following:
UNCONFIRMED - User has been created but not confirmed.
CONFIRMED - User has been confirmed.
ARCHIVED - User is no longer active.
COMPROMISED - User is disabled due to a potential security threat.
UNKNOWN - User status is not known.
MFAOptions (list) --
Specifies the options for MFA (e.g., email or phone number).
(dict) --
Specifies the different settings for multi-factor authentication (MFA).
DeliveryMedium (string) --
The delivery medium (email message or SMS message) to send the MFA code.
AttributeName (string) --
The attribute name of the MFA option type.
Returns the configuration information and metadata of the specified user pool.
Request Syntax
client.describe_user_pool(
UserPoolId='string'
)
string
[REQUIRED]
The user pool ID for the user pool you want to describe.
dict
Response Syntax
{
'UserPool': {
'Id': 'string',
'Name': 'string',
'Policies': {
'PasswordPolicy': {
'MinimumLength': 123,
'RequireUppercase': True|False,
'RequireLowercase': True|False,
'RequireNumbers': True|False,
'RequireSymbols': True|False
}
},
'LambdaConfig': {
'PreSignUp': 'string',
'CustomMessage': 'string',
'PostConfirmation': 'string',
'PreAuthentication': 'string',
'PostAuthentication': 'string'
},
'Status': 'Enabled'|'Disabled',
'LastModifiedDate': datetime(2015, 1, 1),
'CreationDate': datetime(2015, 1, 1),
'SchemaAttributes': [
{
'Name': 'string',
'AttributeDataType': 'String'|'Number'|'DateTime'|'Boolean',
'DeveloperOnlyAttribute': True|False,
'Mutable': True|False,
'Required': True|False,
'NumberAttributeConstraints': {
'MinValue': 'string',
'MaxValue': 'string'
},
'StringAttributeConstraints': {
'MinLength': 'string',
'MaxLength': 'string'
}
},
],
'AutoVerifiedAttributes': [
'phone_number'|'email',
],
'AliasAttributes': [
'phone_number'|'email'|'preferred_username',
],
'SmsVerificationMessage': 'string',
'EmailVerificationMessage': 'string',
'EmailVerificationSubject': 'string',
'SmsAuthenticationMessage': 'string',
'MfaConfiguration': 'OFF'|'ON'|'OPTIONAL',
'EstimatedNumberOfUsers': 123
}
}
Response Structure
(dict) --
Represents the response to describe the user pool.
UserPool (dict) --
The container of metadata returned by the server to describe the pool.
Id (string) --
The ID of the user pool.
Name (string) --
The name of the user pool.
Policies (dict) --
A container describing the policies associated with a user pool.
PasswordPolicy (dict) --
A container with information about the user pool password policy.
MinimumLength (integer) --
The minimum length of the password policy that you have set. Cannot be less than 6.
RequireUppercase (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.
RequireLowercase (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.
RequireNumbers (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one number in their password.
RequireSymbols (boolean) --
In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.
LambdaConfig (dict) --
A container describing the AWS Lambda triggers associated with a user pool.
PreSignUp (string) --
A pre-registration AWS Lambda trigger.
CustomMessage (string) --
A custom Message AWS Lambda trigger.
PostConfirmation (string) --
A post-confirmation AWS Lambda trigger.
PreAuthentication (string) --
A pre-authentication AWS Lambda trigger.
PostAuthentication (string) --
A post-authentication AWS Lambda trigger.
Status (string) --
The status of a user pool.
LastModifiedDate (datetime) --
The last modified date of a user pool.
CreationDate (datetime) --
The creation date of a user pool.
SchemaAttributes (list) --
A container with the schema attributes of a user pool.
(dict) --
Contains information about the schema attribute.
Name (string) --
A schema attribute of the name type.
AttributeDataType (string) --
The attribute data type.
DeveloperOnlyAttribute (boolean) --
Specifies whether the attribute type is developer only.
Mutable (boolean) --
Specifies whether the attribute can be changed once it has been created.
Required (boolean) --
Specifies whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail.
NumberAttributeConstraints (dict) --
Specifies the constraints for an attribute of the number type.
MinValue (string) --
The minimum value of an attribute that is of the number data type.
MaxValue (string) --
The maximum value of an attribute that is of the number data type.
StringAttributeConstraints (dict) --
Specifies the constraints for an attribute of the string type.
MinLength (string) --
The minimum length of an attribute value of the string type.
MaxLength (string) --
The maximum length of an attribute value of the string type.
AutoVerifiedAttributes (list) --
Specifies the attributes that are auto-verified in a user pool.
(string) --
AliasAttributes (list) --
Specifies the attributes that are aliased in a user pool.
(string) --
SmsVerificationMessage (string) --
The contents of the SMS verification message.
EmailVerificationMessage (string) --
The contents of the email verification message.
EmailVerificationSubject (string) --
The subject of the email verification message.
SmsAuthenticationMessage (string) --
The contents of the SMS authentication message.
MfaConfiguration (string) --
Can be one of the following values:
OFF - MFA tokens are not required and cannot be specified during user registration.
ON - MFA tokens are required for all user registrations. You can only specify required when you are initially creating a user pool.
OPTIONAL - Users have the option when registering to create an MFA token.
EstimatedNumberOfUsers (integer) --
A number estimating the size of the user pool.
Adds additional user attributes to the user pool schema.
Request Syntax
client.add_custom_attributes(
UserPoolId='string',
CustomAttributes=[
{
'Name': 'string',
'AttributeDataType': 'String'|'Number'|'DateTime'|'Boolean',
'DeveloperOnlyAttribute': True|False,
'Mutable': True|False,
'Required': True|False,
'NumberAttributeConstraints': {
'MinValue': 'string',
'MaxValue': 'string'
},
'StringAttributeConstraints': {
'MinLength': 'string',
'MaxLength': 'string'
}
},
]
)
string
[REQUIRED]
The user pool ID for the user pool where you want to add custom attributes.
list
[REQUIRED]
An array of custom attributes, such as Mutable and Name.
(dict) --
Contains information about the schema attribute.
Name (string) --
A schema attribute of the name type.
AttributeDataType (string) --
The attribute data type.
DeveloperOnlyAttribute (boolean) --
Specifies whether the attribute type is developer only.
Mutable (boolean) --
Specifies whether the attribute can be changed once it has been created.
Required (boolean) --
Specifies whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail.
NumberAttributeConstraints (dict) --
Specifies the constraints for an attribute of the number type.
MinValue (string) --
The minimum value of an attribute that is of the number data type.
MaxValue (string) --
The maximum value of an attribute that is of the number data type.
StringAttributeConstraints (dict) --
Specifies the constraints for an attribute of the string type.
MinLength (string) --
The minimum length of an attribute value of the string type.
MaxLength (string) --
The maximum length of an attribute value of the string type.
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response from the server for the request to add custom attributes.
Allows a user to enter a code provided when they reset their password to update their password.
Request Syntax
client.confirm_forgot_password(
ClientId='string',
SecretHash='string',
Username='string',
ConfirmationCode='string',
Password='string'
)
string
[REQUIRED]
The ID of the client associated with the user pool.
string
A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
string
[REQUIRED]
The user name of the user for whom you want to enter a code to retrieve a forgotten password.
string
[REQUIRED]
The confirmation code sent by a user's request to retrieve a forgotten password.
string
[REQUIRED]
The password sent by sent by a user's request to retrieve a forgotten password.
dict
Response Syntax
{}
Response Structure
(dict) --
The response from the server that results from a user's request to retrieve a forgotten password.
Deletes the user attributes in a user pool as an administrator. Works on any user.
Request Syntax
client.admin_delete_user_attributes(
UserPoolId='string',
Username='string',
UserAttributeNames=[
'string',
]
)
string
[REQUIRED]
The user pool ID for the user pool where you want to delete user attributes.
string
[REQUIRED]
The user name of the user from which you would like to delete attributes.
list
[REQUIRED]
An array of strings representing the user attribute names you wish to delete.
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response received from the server for a request to delete user attributes.
Gets the OpenId configuration information for the specified user pool.
Request Syntax
client.get_open_id_configuration(
UserPoolId='string'
)
string
[REQUIRED]
The user pool ID for the user pool where you want to get Open ID configuration information.
dict
Response Syntax
{
'issuer': 'string',
'jwks_uri': 'string',
'authorization_endpoint': 'string',
'subject_types_supported': [
'string',
],
'response_types_supported': [
'string',
],
'id_token_signing_alg_values_supported': [
'string',
]
}
Response Structure
(dict) --
Represents the response from the server to get the Open ID configuration information.
issuer (string) --
The issuer of the Open ID configuration response.
jwks_uri (string) --
The URI of the JSON Web keys in the server response to get Open ID configuration information.
authorization_endpoint (string) --
The authorization endpoint returned by the server response to get the Open ID configuration information.
subject_types_supported (list) --
The subject types supported returned by the server response to get the Open ID configuration information.
(string) --
response_types_supported (list) --
The response types supported returned by the server response to get the Open ID configuration information.
(string) --
id_token_signing_alg_values_supported (list) --
The token-signing algorithm values supported returned by the server response to get the Open ID configuration information.
(string) --
Changes the password for a specified user in a user pool.
Request Syntax
client.change_password(
PreviousPassword='string',
ProposedPassword='string',
AccessToken='string'
)
string
[REQUIRED]
The old password in the change password request.
string
[REQUIRED]
The new password in the change password request.
string
The access token in the change password request.
dict
Response Syntax
{}
Response Structure
(dict) --
The response from the server to the change password request.
Gets the user attributes and metadata for a user.
Request Syntax
client.get_user(
AccessToken='string'
)
string
The access token returned by the server response to get information about the user.
dict
Response Syntax
{
'Username': 'string',
'UserAttributes': [
{
'Name': 'string',
'Value': 'string'
},
],
'MFAOptions': [
{
'DeliveryMedium': 'SMS'|'EMAIL',
'AttributeName': 'string'
},
]
}
Response Structure
(dict) --
Represents the response from the server from the request to get information about the user.
Username (string) --
The user name of the user you wish to retrieve from the get user request.
UserAttributes (list) --
An array of name-value pairs representing user attributes.
(dict) --
Specifies whether the attribute is standard or custom.
Name (string) --
The name of the attribute.
Value (string) --
The value of the attribute.
MFAOptions (list) --
Specifies the options for MFA (e.g., email or phone number).
(dict) --
Specifies the different settings for multi-factor authentication (MFA).
DeliveryMedium (string) --
The delivery medium (email message or SMS message) to send the MFA code.
AttributeName (string) --
The attribute name of the MFA option type.
Disables the specified user as an administrator. Works on any user.
Request Syntax
client.admin_disable_user(
UserPoolId='string',
Username='string'
)
string
[REQUIRED]
The user pool ID for the user pool where you want to disable the user.
string
[REQUIRED]
The user name of the user you wish to disable.
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response received from the server to disable the user as an administrator.
Confirms user registration as an admin without using a confirmation code. Works on any user.
Request Syntax
client.admin_confirm_sign_up(
UserPoolId='string',
Username='string'
)
string
[REQUIRED]
The user pool ID for which you want to confirm user registration.
string
[REQUIRED]
The user name for which you want to confirm user registration.
dict
Response Syntax
{}
Response Structure
(dict) --
Represents the response from the server for the request to confirm registration.
Client method for returning the configuration information and metadata of the specified user pool client.
Request Syntax
client.describe_user_pool_client(
UserPoolId='string',
ClientId='string'
)
string
[REQUIRED]
The user pool ID for the user pool you want to describe.
string
[REQUIRED]
The ID of the client associated with the user pool.
dict
Response Syntax
{
'UserPoolClient': {
'UserPoolId': 'string',
'ClientName': 'string',
'ClientId': 'string',
'ClientSecret': 'string',
'LastModifiedDate': datetime(2015, 1, 1),
'CreationDate': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
Represents the response from the server from a request to describe the user pool client.
UserPoolClient (dict) --
The user pool client from a server response to describe the user pool client.
UserPoolId (string) --
The user pool ID for the user pool client.
ClientName (string) --
The client name from the user pool request of the client type.
ClientId (string) --
The ID of the client associated with the user pool.
ClientSecret (string) --
The client secret from the user pool request of the client type.
LastModifiedDate (datetime) --
The last modified date from the user pool request of the client type.
CreationDate (datetime) --
The creation date from the user pool request of the client type.