Amazon Cognito Identity Provider

{'AuthEvents': {'EventRisk': {'CompromisedCredentialsDetected': 'boolean'}}}

Lists a history of user activity and any risks detected as part of Amazon Cognito advanced security.

See also: AWS API Documentation

Request Syntax

client.admin_list_user_auth_events(
    UserPoolId='string',
    Username='string',
    MaxResults=123,
    NextToken='string'
)

type UserPoolId

string

param UserPoolId

[REQUIRED]

The user pool ID.

type Username

string

param Username

[REQUIRED]

The user pool username or an alias.

type MaxResults

integer

param MaxResults

The maximum number of authentication events to return.

type NextToken

string

param NextToken

A pagination token.

rtype

dict

returns

Response Syntax

{
    'AuthEvents': [
        {
            'EventId': 'string',
            'EventType': 'SignIn'|'SignUp'|'ForgotPassword',
            'CreationDate': datetime(2015, 1, 1),
            'EventResponse': 'Success'|'Failure',
            'EventRisk': {
                'RiskDecision': 'NoRisk'|'AccountTakeover'|'Block',
                'RiskLevel': 'Low'|'Medium'|'High',
                'CompromisedCredentialsDetected': True|False
            },
            'ChallengeResponses': [
                {
                    'ChallengeName': 'Password'|'Mfa',
                    'ChallengeResponse': 'Success'|'Failure'
                },
            ],
            'EventContextData': {
                'IpAddress': 'string',
                'DeviceName': 'string',
                'Timezone': 'string',
                'City': 'string',
                'Country': 'string'
            },
            'EventFeedback': {
                'FeedbackValue': 'Valid'|'Invalid',
                'Provider': 'string',
                'FeedbackDate': datetime(2015, 1, 1)
            }
        },
    ],
    'NextToken': 'string'
}

Response Structure

• (dict) --

  • AuthEvents (list) --

    The response object. It includes the EventID , EventType , CreationDate , EventRisk , and EventResponse .

    • (dict) --

      The authentication event type.

      • EventId (string) --

        The event ID.

      • EventType (string) --

        The event type.

      • CreationDate (datetime) --

        The creation date

      • EventResponse (string) --

        The event response.

      • EventRisk (dict) --

        The event risk.

        • RiskDecision (string) --

          The risk decision.

        • RiskLevel (string) --

          The risk level.

        • CompromisedCredentialsDetected (boolean) --

          Indicates whether compromised credentials were detected during an authentication event.

      • ChallengeResponses (list) --

        The challenge responses.

        • (dict) --

          The challenge response type.

          • ChallengeName (string) --

            The challenge name

          • ChallengeResponse (string) --

            The challenge response.

      • EventContextData (dict) --

        The user context data captured at the time of an event request. It provides additional information about the client from which event the request is received.

        • IpAddress (string) --

          The user's IP address.

        • DeviceName (string) --

          The user's device name.

        • Timezone (string) --

          The user's time zone.

        • City (string) --

          The user's city.

        • Country (string) --

          The user's country.

      • EventFeedback (dict) --

        A flag specifying the user feedback captured at the time of an event request is good or bad.

        • FeedbackValue (string) --

          The event feedback value.

        • Provider (string) --

          The provider.

        • FeedbackDate (datetime) --

          The event feedback date.

  • NextToken (string) --

    A pagination token.