cognitoidentityprovider

package
v1.55.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 30, 2024 License: Apache-2.0 Imports: 11 Imported by: 356

Documentation

Overview

Package cognitoidentityprovider provides the client and types for making API requests to Amazon Cognito Identity Provider.

With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To authenticate users from third-party identity providers (IdPs) in this API, you can link IdP users to native user profiles (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html). Learn more about the authentication and authorization of federated users at Adding user pool sign-in through a third party (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html) and in the User pool federation endpoints and hosted UI reference (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-userpools-server-contract-reference.html).

This API reference provides detailed information about API operations and object types in Amazon Cognito.

Along with resource management operations, the Amazon Cognito user pools API includes classes of operations and authorization models for client-side and server-side authentication of users. You can interact with operations in the Amazon Cognito user pools API as any of the following subjects.

An administrator who wants to configure user pools, app clients, users, groups, or other user pool functions.

A server-side app, like a web application, that wants to use its Amazon Web Services privileges to manage, authenticate, or authorize a user.

A client-side app, like a mobile app, that wants to make unauthenticated requests to manage, authenticate, or authorize a user.

For more information, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html) in the Amazon Cognito Developer Guide.

With your Amazon Web Services SDK, you can build the logic to support operational flows in every use case for this API. You can also make direct REST API requests to Amazon Cognito user pools service endpoints (https://docs.aws.amazon.com/general/latest/gr/cognito_identity.html#cognito_identity_your_user_pools_region). The following links can get you started with the CognitoIdentityProvider client in other supported Amazon Web Services SDKs.

To get started with an Amazon Web Services SDK, see Tools to Build on Amazon Web Services (http://aws.amazon.com/developer/tools/). For example actions and scenarios, see Code examples for Amazon Cognito Identity Provider using Amazon Web Services SDKs (https://docs.aws.amazon.com/cognito/latest/developerguide/service_code_examples_cognito-identity-provider.html).

See https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18 for more information on this service.

See cognitoidentityprovider package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/cognitoidentityprovider/

Using the Client

To contact Amazon Cognito Identity Provider with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the Amazon Cognito Identity Provider client CognitoIdentityProvider for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/cognitoidentityprovider/#New

Index

Examples

Constants

View Source
const (
	// AccountTakeoverEventActionTypeBlock is a AccountTakeoverEventActionType enum value
	AccountTakeoverEventActionTypeBlock = "BLOCK"

	// AccountTakeoverEventActionTypeMfaIfConfigured is a AccountTakeoverEventActionType enum value
	AccountTakeoverEventActionTypeMfaIfConfigured = "MFA_IF_CONFIGURED"

	// AccountTakeoverEventActionTypeMfaRequired is a AccountTakeoverEventActionType enum value
	AccountTakeoverEventActionTypeMfaRequired = "MFA_REQUIRED"

	// AccountTakeoverEventActionTypeNoAction is a AccountTakeoverEventActionType enum value
	AccountTakeoverEventActionTypeNoAction = "NO_ACTION"
)
View Source
const (
	// AdvancedSecurityModeTypeOff is a AdvancedSecurityModeType enum value
	AdvancedSecurityModeTypeOff = "OFF"

	// AdvancedSecurityModeTypeAudit is a AdvancedSecurityModeType enum value
	AdvancedSecurityModeTypeAudit = "AUDIT"

	// AdvancedSecurityModeTypeEnforced is a AdvancedSecurityModeType enum value
	AdvancedSecurityModeTypeEnforced = "ENFORCED"
)
View Source
const (
	// AliasAttributeTypePhoneNumber is a AliasAttributeType enum value
	AliasAttributeTypePhoneNumber = "phone_number"

	// AliasAttributeTypeEmail is a AliasAttributeType enum value
	AliasAttributeTypeEmail = "email"

	// AliasAttributeTypePreferredUsername is a AliasAttributeType enum value
	AliasAttributeTypePreferredUsername = "preferred_username"
)
View Source
const (
	// AttributeDataTypeString is a AttributeDataType enum value
	AttributeDataTypeString = "String"

	// AttributeDataTypeNumber is a AttributeDataType enum value
	AttributeDataTypeNumber = "Number"

	// AttributeDataTypeDateTime is a AttributeDataType enum value
	AttributeDataTypeDateTime = "DateTime"

	// AttributeDataTypeBoolean is a AttributeDataType enum value
	AttributeDataTypeBoolean = "Boolean"
)
View Source
const (
	// AuthFlowTypeUserSrpAuth is a AuthFlowType enum value
	AuthFlowTypeUserSrpAuth = "USER_SRP_AUTH"

	// AuthFlowTypeRefreshTokenAuth is a AuthFlowType enum value
	AuthFlowTypeRefreshTokenAuth = "REFRESH_TOKEN_AUTH"

	// AuthFlowTypeRefreshToken is a AuthFlowType enum value
	AuthFlowTypeRefreshToken = "REFRESH_TOKEN"

	// AuthFlowTypeCustomAuth is a AuthFlowType enum value
	AuthFlowTypeCustomAuth = "CUSTOM_AUTH"

	// AuthFlowTypeAdminNoSrpAuth is a AuthFlowType enum value
	AuthFlowTypeAdminNoSrpAuth = "ADMIN_NO_SRP_AUTH"

	// AuthFlowTypeUserPasswordAuth is a AuthFlowType enum value
	AuthFlowTypeUserPasswordAuth = "USER_PASSWORD_AUTH"

	// AuthFlowTypeAdminUserPasswordAuth is a AuthFlowType enum value
	AuthFlowTypeAdminUserPasswordAuth = "ADMIN_USER_PASSWORD_AUTH"
)
View Source
const (
	// ChallengeNamePassword is a ChallengeName enum value
	ChallengeNamePassword = "Password"

	// ChallengeNameMfa is a ChallengeName enum value
	ChallengeNameMfa = "Mfa"
)
View Source
const (
	// ChallengeNameTypeSmsMfa is a ChallengeNameType enum value
	ChallengeNameTypeSmsMfa = "SMS_MFA"

	// ChallengeNameTypeSoftwareTokenMfa is a ChallengeNameType enum value
	ChallengeNameTypeSoftwareTokenMfa = "SOFTWARE_TOKEN_MFA"

	// ChallengeNameTypeSelectMfaType is a ChallengeNameType enum value
	ChallengeNameTypeSelectMfaType = "SELECT_MFA_TYPE"

	// ChallengeNameTypeMfaSetup is a ChallengeNameType enum value
	ChallengeNameTypeMfaSetup = "MFA_SETUP"

	// ChallengeNameTypePasswordVerifier is a ChallengeNameType enum value
	ChallengeNameTypePasswordVerifier = "PASSWORD_VERIFIER"

	// ChallengeNameTypeCustomChallenge is a ChallengeNameType enum value
	ChallengeNameTypeCustomChallenge = "CUSTOM_CHALLENGE"

	// ChallengeNameTypeDeviceSrpAuth is a ChallengeNameType enum value
	ChallengeNameTypeDeviceSrpAuth = "DEVICE_SRP_AUTH"

	// ChallengeNameTypeDevicePasswordVerifier is a ChallengeNameType enum value
	ChallengeNameTypeDevicePasswordVerifier = "DEVICE_PASSWORD_VERIFIER"

	// ChallengeNameTypeAdminNoSrpAuth is a ChallengeNameType enum value
	ChallengeNameTypeAdminNoSrpAuth = "ADMIN_NO_SRP_AUTH"

	// ChallengeNameTypeNewPasswordRequired is a ChallengeNameType enum value
	ChallengeNameTypeNewPasswordRequired = "NEW_PASSWORD_REQUIRED"
)
View Source
const (
	// ChallengeResponseSuccess is a ChallengeResponse enum value
	ChallengeResponseSuccess = "Success"

	// ChallengeResponseFailure is a ChallengeResponse enum value
	ChallengeResponseFailure = "Failure"
)
View Source
const (
	// CompromisedCredentialsEventActionTypeBlock is a CompromisedCredentialsEventActionType enum value
	CompromisedCredentialsEventActionTypeBlock = "BLOCK"

	// CompromisedCredentialsEventActionTypeNoAction is a CompromisedCredentialsEventActionType enum value
	CompromisedCredentialsEventActionTypeNoAction = "NO_ACTION"
)
View Source
const (
	// DefaultEmailOptionTypeConfirmWithLink is a DefaultEmailOptionType enum value
	DefaultEmailOptionTypeConfirmWithLink = "CONFIRM_WITH_LINK"

	// DefaultEmailOptionTypeConfirmWithCode is a DefaultEmailOptionType enum value
	DefaultEmailOptionTypeConfirmWithCode = "CONFIRM_WITH_CODE"
)
View Source
const (
	// DeletionProtectionTypeActive is a DeletionProtectionType enum value
	DeletionProtectionTypeActive = "ACTIVE"

	// DeletionProtectionTypeInactive is a DeletionProtectionType enum value
	DeletionProtectionTypeInactive = "INACTIVE"
)
View Source
const (
	// DeliveryMediumTypeSms is a DeliveryMediumType enum value
	DeliveryMediumTypeSms = "SMS"

	// DeliveryMediumTypeEmail is a DeliveryMediumType enum value
	DeliveryMediumTypeEmail = "EMAIL"
)
View Source
const (
	// DeviceRememberedStatusTypeRemembered is a DeviceRememberedStatusType enum value
	DeviceRememberedStatusTypeRemembered = "remembered"

	// DeviceRememberedStatusTypeNotRemembered is a DeviceRememberedStatusType enum value
	DeviceRememberedStatusTypeNotRemembered = "not_remembered"
)
View Source
const (
	// DomainStatusTypeCreating is a DomainStatusType enum value
	DomainStatusTypeCreating = "CREATING"

	// DomainStatusTypeDeleting is a DomainStatusType enum value
	DomainStatusTypeDeleting = "DELETING"

	// DomainStatusTypeUpdating is a DomainStatusType enum value
	DomainStatusTypeUpdating = "UPDATING"

	// DomainStatusTypeActive is a DomainStatusType enum value
	DomainStatusTypeActive = "ACTIVE"

	// DomainStatusTypeFailed is a DomainStatusType enum value
	DomainStatusTypeFailed = "FAILED"
)
View Source
const (
	// EmailSendingAccountTypeCognitoDefault is a EmailSendingAccountType enum value
	EmailSendingAccountTypeCognitoDefault = "COGNITO_DEFAULT"

	// EmailSendingAccountTypeDeveloper is a EmailSendingAccountType enum value
	EmailSendingAccountTypeDeveloper = "DEVELOPER"
)
View Source
const (
	// EventFilterTypeSignIn is a EventFilterType enum value
	EventFilterTypeSignIn = "SIGN_IN"

	// EventFilterTypePasswordChange is a EventFilterType enum value
	EventFilterTypePasswordChange = "PASSWORD_CHANGE"

	// EventFilterTypeSignUp is a EventFilterType enum value
	EventFilterTypeSignUp = "SIGN_UP"
)
View Source
const (
	// EventResponseTypePass is a EventResponseType enum value
	EventResponseTypePass = "Pass"

	// EventResponseTypeFail is a EventResponseType enum value
	EventResponseTypeFail = "Fail"

	// EventResponseTypeInProgress is a EventResponseType enum value
	EventResponseTypeInProgress = "InProgress"
)
View Source
const (
	// EventTypeSignIn is a EventType enum value
	EventTypeSignIn = "SignIn"

	// EventTypeSignUp is a EventType enum value
	EventTypeSignUp = "SignUp"

	// EventTypeForgotPassword is a EventType enum value
	EventTypeForgotPassword = "ForgotPassword"

	// EventTypePasswordChange is a EventType enum value
	EventTypePasswordChange = "PasswordChange"

	// EventTypeResendCode is a EventType enum value
	EventTypeResendCode = "ResendCode"
)
View Source
const (
	// ExplicitAuthFlowsTypeAdminNoSrpAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAdminNoSrpAuth = "ADMIN_NO_SRP_AUTH"

	// ExplicitAuthFlowsTypeCustomAuthFlowOnly is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeCustomAuthFlowOnly = "CUSTOM_AUTH_FLOW_ONLY"

	// ExplicitAuthFlowsTypeUserPasswordAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeUserPasswordAuth = "USER_PASSWORD_AUTH"

	// ExplicitAuthFlowsTypeAllowAdminUserPasswordAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAllowAdminUserPasswordAuth = "ALLOW_ADMIN_USER_PASSWORD_AUTH"

	// ExplicitAuthFlowsTypeAllowCustomAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAllowCustomAuth = "ALLOW_CUSTOM_AUTH"

	// ExplicitAuthFlowsTypeAllowUserPasswordAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAllowUserPasswordAuth = "ALLOW_USER_PASSWORD_AUTH"

	// ExplicitAuthFlowsTypeAllowUserSrpAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAllowUserSrpAuth = "ALLOW_USER_SRP_AUTH"

	// ExplicitAuthFlowsTypeAllowRefreshTokenAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAllowRefreshTokenAuth = "ALLOW_REFRESH_TOKEN_AUTH"
)
View Source
const (
	// FeedbackValueTypeValid is a FeedbackValueType enum value
	FeedbackValueTypeValid = "Valid"

	// FeedbackValueTypeInvalid is a FeedbackValueType enum value
	FeedbackValueTypeInvalid = "Invalid"
)
View Source
const (
	// IdentityProviderTypeTypeSaml is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeSaml = "SAML"

	// IdentityProviderTypeTypeFacebook is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeFacebook = "Facebook"

	// IdentityProviderTypeTypeGoogle is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeGoogle = "Google"

	// IdentityProviderTypeTypeLoginWithAmazon is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeLoginWithAmazon = "LoginWithAmazon"

	// IdentityProviderTypeTypeSignInWithApple is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeSignInWithApple = "SignInWithApple"

	// IdentityProviderTypeTypeOidc is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeOidc = "OIDC"
)
View Source
const (
	// MessageActionTypeResend is a MessageActionType enum value
	MessageActionTypeResend = "RESEND"

	// MessageActionTypeSuppress is a MessageActionType enum value
	MessageActionTypeSuppress = "SUPPRESS"
)
View Source
const (
	// OAuthFlowTypeCode is a OAuthFlowType enum value
	OAuthFlowTypeCode = "code"

	// OAuthFlowTypeImplicit is a OAuthFlowType enum value
	OAuthFlowTypeImplicit = "implicit"

	// OAuthFlowTypeClientCredentials is a OAuthFlowType enum value
	OAuthFlowTypeClientCredentials = "client_credentials"
)
View Source
const (
	// PreTokenGenerationLambdaVersionTypeV10 is a PreTokenGenerationLambdaVersionType enum value
	PreTokenGenerationLambdaVersionTypeV10 = "V1_0"

	// PreTokenGenerationLambdaVersionTypeV20 is a PreTokenGenerationLambdaVersionType enum value
	PreTokenGenerationLambdaVersionTypeV20 = "V2_0"
)
View Source
const (
	// PreventUserExistenceErrorTypesLegacy is a PreventUserExistenceErrorTypes enum value
	PreventUserExistenceErrorTypesLegacy = "LEGACY"

	// PreventUserExistenceErrorTypesEnabled is a PreventUserExistenceErrorTypes enum value
	PreventUserExistenceErrorTypesEnabled = "ENABLED"
)
View Source
const (
	// RecoveryOptionNameTypeVerifiedEmail is a RecoveryOptionNameType enum value
	RecoveryOptionNameTypeVerifiedEmail = "verified_email"

	// RecoveryOptionNameTypeVerifiedPhoneNumber is a RecoveryOptionNameType enum value
	RecoveryOptionNameTypeVerifiedPhoneNumber = "verified_phone_number"

	// RecoveryOptionNameTypeAdminOnly is a RecoveryOptionNameType enum value
	RecoveryOptionNameTypeAdminOnly = "admin_only"
)
View Source
const (
	// RiskDecisionTypeNoRisk is a RiskDecisionType enum value
	RiskDecisionTypeNoRisk = "NoRisk"

	// RiskDecisionTypeAccountTakeover is a RiskDecisionType enum value
	RiskDecisionTypeAccountTakeover = "AccountTakeover"

	// RiskDecisionTypeBlock is a RiskDecisionType enum value
	RiskDecisionTypeBlock = "Block"
)
View Source
const (
	// RiskLevelTypeLow is a RiskLevelType enum value
	RiskLevelTypeLow = "Low"

	// RiskLevelTypeMedium is a RiskLevelType enum value
	RiskLevelTypeMedium = "Medium"

	// RiskLevelTypeHigh is a RiskLevelType enum value
	RiskLevelTypeHigh = "High"
)
View Source
const (
	// StatusTypeEnabled is a StatusType enum value
	StatusTypeEnabled = "Enabled"

	// StatusTypeDisabled is a StatusType enum value
	StatusTypeDisabled = "Disabled"
)
View Source
const (
	// TimeUnitsTypeSeconds is a TimeUnitsType enum value
	TimeUnitsTypeSeconds = "seconds"

	// TimeUnitsTypeMinutes is a TimeUnitsType enum value
	TimeUnitsTypeMinutes = "minutes"

	// TimeUnitsTypeHours is a TimeUnitsType enum value
	TimeUnitsTypeHours = "hours"

	// TimeUnitsTypeDays is a TimeUnitsType enum value
	TimeUnitsTypeDays = "days"
)
View Source
const (
	// UserImportJobStatusTypeCreated is a UserImportJobStatusType enum value
	UserImportJobStatusTypeCreated = "Created"

	// UserImportJobStatusTypePending is a UserImportJobStatusType enum value
	UserImportJobStatusTypePending = "Pending"

	// UserImportJobStatusTypeInProgress is a UserImportJobStatusType enum value
	UserImportJobStatusTypeInProgress = "InProgress"

	// UserImportJobStatusTypeStopping is a UserImportJobStatusType enum value
	UserImportJobStatusTypeStopping = "Stopping"

	// UserImportJobStatusTypeExpired is a UserImportJobStatusType enum value
	UserImportJobStatusTypeExpired = "Expired"

	// UserImportJobStatusTypeStopped is a UserImportJobStatusType enum value
	UserImportJobStatusTypeStopped = "Stopped"

	// UserImportJobStatusTypeFailed is a UserImportJobStatusType enum value
	UserImportJobStatusTypeFailed = "Failed"

	// UserImportJobStatusTypeSucceeded is a UserImportJobStatusType enum value
	UserImportJobStatusTypeSucceeded = "Succeeded"
)
View Source
const (
	// UserPoolMfaTypeOff is a UserPoolMfaType enum value
	UserPoolMfaTypeOff = "OFF"

	// UserPoolMfaTypeOn is a UserPoolMfaType enum value
	UserPoolMfaTypeOn = "ON"

	// UserPoolMfaTypeOptional is a UserPoolMfaType enum value
	UserPoolMfaTypeOptional = "OPTIONAL"
)
View Source
const (
	// UserStatusTypeUnconfirmed is a UserStatusType enum value
	UserStatusTypeUnconfirmed = "UNCONFIRMED"

	// UserStatusTypeConfirmed is a UserStatusType enum value
	UserStatusTypeConfirmed = "CONFIRMED"

	// UserStatusTypeArchived is a UserStatusType enum value
	UserStatusTypeArchived = "ARCHIVED"

	// UserStatusTypeCompromised is a UserStatusType enum value
	UserStatusTypeCompromised = "COMPROMISED"

	// UserStatusTypeUnknown is a UserStatusType enum value
	UserStatusTypeUnknown = "UNKNOWN"

	// UserStatusTypeResetRequired is a UserStatusType enum value
	UserStatusTypeResetRequired = "RESET_REQUIRED"

	// UserStatusTypeForceChangePassword is a UserStatusType enum value
	UserStatusTypeForceChangePassword = "FORCE_CHANGE_PASSWORD"

	// UserStatusTypeExternalProvider is a UserStatusType enum value
	UserStatusTypeExternalProvider = "EXTERNAL_PROVIDER"
)
View Source
const (
	// UsernameAttributeTypePhoneNumber is a UsernameAttributeType enum value
	UsernameAttributeTypePhoneNumber = "phone_number"

	// UsernameAttributeTypeEmail is a UsernameAttributeType enum value
	UsernameAttributeTypeEmail = "email"
)
View Source
const (
	// VerifiedAttributeTypePhoneNumber is a VerifiedAttributeType enum value
	VerifiedAttributeTypePhoneNumber = "phone_number"

	// VerifiedAttributeTypeEmail is a VerifiedAttributeType enum value
	VerifiedAttributeTypeEmail = "email"
)
View Source
const (
	// VerifySoftwareTokenResponseTypeSuccess is a VerifySoftwareTokenResponseType enum value
	VerifySoftwareTokenResponseTypeSuccess = "SUCCESS"

	// VerifySoftwareTokenResponseTypeError is a VerifySoftwareTokenResponseType enum value
	VerifySoftwareTokenResponseTypeError = "ERROR"
)
View Source
const (

	// ErrCodeAliasExistsException for service response error code
	// "AliasExistsException".
	//
	// This exception is thrown when a user tries to confirm the account with an
	// email address or phone number that has already been supplied as an alias
	// for a different user profile. This exception indicates that an account with
	// this email address or phone already exists in a user pool that you've configured
	// to use email address or phone number as a sign-in alias.
	ErrCodeAliasExistsException = "AliasExistsException"

	// ErrCodeCodeDeliveryFailureException for service response error code
	// "CodeDeliveryFailureException".
	//
	// This exception is thrown when a verification code fails to deliver successfully.
	ErrCodeCodeDeliveryFailureException = "CodeDeliveryFailureException"

	// ErrCodeCodeMismatchException for service response error code
	// "CodeMismatchException".
	//
	// This exception is thrown if the provided code doesn't match what the server
	// was expecting.
	ErrCodeCodeMismatchException = "CodeMismatchException"

	// ErrCodeConcurrentModificationException for service response error code
	// "ConcurrentModificationException".
	//
	// This exception is thrown if two or more modifications are happening concurrently.
	ErrCodeConcurrentModificationException = "ConcurrentModificationException"

	// ErrCodeDuplicateProviderException for service response error code
	// "DuplicateProviderException".
	//
	// This exception is thrown when the provider is already supported by the user
	// pool.
	ErrCodeDuplicateProviderException = "DuplicateProviderException"

	// ErrCodeEnableSoftwareTokenMFAException for service response error code
	// "EnableSoftwareTokenMFAException".
	//
	// This exception is thrown when there is a code mismatch and the service fails
	// to configure the software token TOTP multi-factor authentication (MFA).
	ErrCodeEnableSoftwareTokenMFAException = "EnableSoftwareTokenMFAException"

	// ErrCodeExpiredCodeException for service response error code
	// "ExpiredCodeException".
	//
	// This exception is thrown if a code has expired.
	ErrCodeExpiredCodeException = "ExpiredCodeException"

	// ErrCodeForbiddenException for service response error code
	// "ForbiddenException".
	//
	// This exception is thrown when WAF doesn't allow your request based on a web
	// ACL that's associated with your user pool.
	ErrCodeForbiddenException = "ForbiddenException"

	// ErrCodeGroupExistsException for service response error code
	// "GroupExistsException".
	//
	// This exception is thrown when Amazon Cognito encounters a group that already
	// exists in the user pool.
	ErrCodeGroupExistsException = "GroupExistsException"

	// ErrCodeInternalErrorException for service response error code
	// "InternalErrorException".
	//
	// This exception is thrown when Amazon Cognito encounters an internal error.
	ErrCodeInternalErrorException = "InternalErrorException"

	// ErrCodeInvalidEmailRoleAccessPolicyException for service response error code
	// "InvalidEmailRoleAccessPolicyException".
	//
	// This exception is thrown when Amazon Cognito isn't allowed to use your email
	// identity. HTTP status code: 400.
	ErrCodeInvalidEmailRoleAccessPolicyException = "InvalidEmailRoleAccessPolicyException"

	// ErrCodeInvalidLambdaResponseException for service response error code
	// "InvalidLambdaResponseException".
	//
	// This exception is thrown when Amazon Cognito encounters an invalid Lambda
	// response.
	ErrCodeInvalidLambdaResponseException = "InvalidLambdaResponseException"

	// ErrCodeInvalidOAuthFlowException for service response error code
	// "InvalidOAuthFlowException".
	//
	// This exception is thrown when the specified OAuth flow is not valid.
	ErrCodeInvalidOAuthFlowException = "InvalidOAuthFlowException"

	// ErrCodeInvalidParameterException for service response error code
	// "InvalidParameterException".
	//
	// This exception is thrown when the Amazon Cognito service encounters an invalid
	// parameter.
	ErrCodeInvalidParameterException = "InvalidParameterException"

	// ErrCodeInvalidPasswordException for service response error code
	// "InvalidPasswordException".
	//
	// This exception is thrown when Amazon Cognito encounters an invalid password.
	ErrCodeInvalidPasswordException = "InvalidPasswordException"

	// ErrCodeInvalidSmsRoleAccessPolicyException for service response error code
	// "InvalidSmsRoleAccessPolicyException".
	//
	// This exception is returned when the role provided for SMS configuration doesn't
	// have permission to publish using Amazon SNS.
	ErrCodeInvalidSmsRoleAccessPolicyException = "InvalidSmsRoleAccessPolicyException"

	// ErrCodeInvalidSmsRoleTrustRelationshipException for service response error code
	// "InvalidSmsRoleTrustRelationshipException".
	//
	// This exception is thrown when the trust relationship is not valid for the
	// role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
	// or the external ID provided in the role does not match what is provided in
	// the SMS configuration for the user pool.
	ErrCodeInvalidSmsRoleTrustRelationshipException = "InvalidSmsRoleTrustRelationshipException"

	// ErrCodeInvalidUserPoolConfigurationException for service response error code
	// "InvalidUserPoolConfigurationException".
	//
	// This exception is thrown when the user pool configuration is not valid.
	ErrCodeInvalidUserPoolConfigurationException = "InvalidUserPoolConfigurationException"

	// ErrCodeLimitExceededException for service response error code
	// "LimitExceededException".
	//
	// This exception is thrown when a user exceeds the limit for a requested Amazon
	// Web Services resource.
	ErrCodeLimitExceededException = "LimitExceededException"

	// ErrCodeMFAMethodNotFoundException for service response error code
	// "MFAMethodNotFoundException".
	//
	// This exception is thrown when Amazon Cognito can't find a multi-factor authentication
	// (MFA) method.
	ErrCodeMFAMethodNotFoundException = "MFAMethodNotFoundException"

	// ErrCodeNotAuthorizedException for service response error code
	// "NotAuthorizedException".
	//
	// This exception is thrown when a user isn't authorized.
	ErrCodeNotAuthorizedException = "NotAuthorizedException"

	// ErrCodePasswordResetRequiredException for service response error code
	// "PasswordResetRequiredException".
	//
	// This exception is thrown when a password reset is required.
	ErrCodePasswordResetRequiredException = "PasswordResetRequiredException"

	// ErrCodePreconditionNotMetException for service response error code
	// "PreconditionNotMetException".
	//
	// This exception is thrown when a precondition is not met.
	ErrCodePreconditionNotMetException = "PreconditionNotMetException"

	// ErrCodeResourceNotFoundException for service response error code
	// "ResourceNotFoundException".
	//
	// This exception is thrown when the Amazon Cognito service can't find the requested
	// resource.
	ErrCodeResourceNotFoundException = "ResourceNotFoundException"

	// ErrCodeScopeDoesNotExistException for service response error code
	// "ScopeDoesNotExistException".
	//
	// This exception is thrown when the specified scope doesn't exist.
	ErrCodeScopeDoesNotExistException = "ScopeDoesNotExistException"

	// ErrCodeSoftwareTokenMFANotFoundException for service response error code
	// "SoftwareTokenMFANotFoundException".
	//
	// This exception is thrown when the software token time-based one-time password
	// (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.
	ErrCodeSoftwareTokenMFANotFoundException = "SoftwareTokenMFANotFoundException"

	// ErrCodeTooManyFailedAttemptsException for service response error code
	// "TooManyFailedAttemptsException".
	//
	// This exception is thrown when the user has made too many failed attempts
	// for a given action, such as sign-in.
	ErrCodeTooManyFailedAttemptsException = "TooManyFailedAttemptsException"

	// ErrCodeTooManyRequestsException for service response error code
	// "TooManyRequestsException".
	//
	// This exception is thrown when the user has made too many requests for a given
	// operation.
	ErrCodeTooManyRequestsException = "TooManyRequestsException"

	// ErrCodeUnauthorizedException for service response error code
	// "UnauthorizedException".
	//
	// Exception that is thrown when the request isn't authorized. This can happen
	// due to an invalid access token in the request.
	ErrCodeUnauthorizedException = "UnauthorizedException"

	// ErrCodeUnexpectedLambdaException for service response error code
	// "UnexpectedLambdaException".
	//
	// This exception is thrown when Amazon Cognito encounters an unexpected exception
	// with Lambda.
	ErrCodeUnexpectedLambdaException = "UnexpectedLambdaException"

	// ErrCodeUnsupportedIdentityProviderException for service response error code
	// "UnsupportedIdentityProviderException".
	//
	// This exception is thrown when the specified identifier isn't supported.
	ErrCodeUnsupportedIdentityProviderException = "UnsupportedIdentityProviderException"

	// ErrCodeUnsupportedOperationException for service response error code
	// "UnsupportedOperationException".
	//
	// Exception that is thrown when you attempt to perform an operation that isn't
	// enabled for the user pool client.
	ErrCodeUnsupportedOperationException = "UnsupportedOperationException"

	// ErrCodeUnsupportedTokenTypeException for service response error code
	// "UnsupportedTokenTypeException".
	//
	// Exception that is thrown when an unsupported token is passed to an operation.
	ErrCodeUnsupportedTokenTypeException = "UnsupportedTokenTypeException"

	// ErrCodeUnsupportedUserStateException for service response error code
	// "UnsupportedUserStateException".
	//
	// The request failed because the user is in an unsupported state.
	ErrCodeUnsupportedUserStateException = "UnsupportedUserStateException"

	// ErrCodeUserImportInProgressException for service response error code
	// "UserImportInProgressException".
	//
	// This exception is thrown when you're trying to modify a user pool while a
	// user import job is in progress for that pool.
	ErrCodeUserImportInProgressException = "UserImportInProgressException"

	// ErrCodeUserLambdaValidationException for service response error code
	// "UserLambdaValidationException".
	//
	// This exception is thrown when the Amazon Cognito service encounters a user
	// validation exception with the Lambda service.
	ErrCodeUserLambdaValidationException = "UserLambdaValidationException"

	// ErrCodeUserNotConfirmedException for service response error code
	// "UserNotConfirmedException".
	//
	// This exception is thrown when a user isn't confirmed successfully.
	ErrCodeUserNotConfirmedException = "UserNotConfirmedException"

	// ErrCodeUserNotFoundException for service response error code
	// "UserNotFoundException".
	//
	// This exception is thrown when a user isn't found.
	ErrCodeUserNotFoundException = "UserNotFoundException"

	// ErrCodeUserPoolAddOnNotEnabledException for service response error code
	// "UserPoolAddOnNotEnabledException".
	//
	// This exception is thrown when user pool add-ons aren't enabled.
	ErrCodeUserPoolAddOnNotEnabledException = "UserPoolAddOnNotEnabledException"

	// ErrCodeUserPoolTaggingException for service response error code
	// "UserPoolTaggingException".
	//
	// This exception is thrown when a user pool tag can't be set or updated.
	ErrCodeUserPoolTaggingException = "UserPoolTaggingException"

	// ErrCodeUsernameExistsException for service response error code
	// "UsernameExistsException".
	//
	// This exception is thrown when Amazon Cognito encounters a user name that
	// already exists in the user pool.
	ErrCodeUsernameExistsException = "UsernameExistsException"
)
View Source
const (
	ServiceName = "cognito-idp"               // Name of service.
	EndpointsID = ServiceName                 // ID to lookup a service endpoint with.
	ServiceID   = "Cognito Identity Provider" // ServiceID is a unique identifier of a specific service.
)

Service information constants

View Source
const (
	// CustomEmailSenderLambdaVersionTypeV10 is a CustomEmailSenderLambdaVersionType enum value
	CustomEmailSenderLambdaVersionTypeV10 = "V1_0"
)
View Source
const (
	// CustomSMSSenderLambdaVersionTypeV10 is a CustomSMSSenderLambdaVersionType enum value
	CustomSMSSenderLambdaVersionTypeV10 = "V1_0"
)
View Source
const (
	// EventSourceNameUserNotification is a EventSourceName enum value
	EventSourceNameUserNotification = "userNotification"
)
View Source
const (
	// LogLevelError is a LogLevel enum value
	LogLevelError = "ERROR"
)

Variables

This section is empty.

Functions

func AccountTakeoverEventActionType_Values added in v1.34.3

func AccountTakeoverEventActionType_Values() []string

AccountTakeoverEventActionType_Values returns all elements of the AccountTakeoverEventActionType enum

func AdvancedSecurityModeType_Values added in v1.34.3

func AdvancedSecurityModeType_Values() []string

AdvancedSecurityModeType_Values returns all elements of the AdvancedSecurityModeType enum

func AliasAttributeType_Values added in v1.34.3

func AliasAttributeType_Values() []string

AliasAttributeType_Values returns all elements of the AliasAttributeType enum

func AttributeDataType_Values added in v1.34.3

func AttributeDataType_Values() []string

AttributeDataType_Values returns all elements of the AttributeDataType enum

func AuthFlowType_Values added in v1.34.3

func AuthFlowType_Values() []string

AuthFlowType_Values returns all elements of the AuthFlowType enum

func ChallengeNameType_Values added in v1.34.3

func ChallengeNameType_Values() []string

ChallengeNameType_Values returns all elements of the ChallengeNameType enum

func ChallengeName_Values added in v1.34.3

func ChallengeName_Values() []string

ChallengeName_Values returns all elements of the ChallengeName enum

func ChallengeResponse_Values added in v1.34.3

func ChallengeResponse_Values() []string

ChallengeResponse_Values returns all elements of the ChallengeResponse enum

func CompromisedCredentialsEventActionType_Values added in v1.34.3

func CompromisedCredentialsEventActionType_Values() []string

CompromisedCredentialsEventActionType_Values returns all elements of the CompromisedCredentialsEventActionType enum

func CustomEmailSenderLambdaVersionType_Values added in v1.35.35

func CustomEmailSenderLambdaVersionType_Values() []string

CustomEmailSenderLambdaVersionType_Values returns all elements of the CustomEmailSenderLambdaVersionType enum

func CustomSMSSenderLambdaVersionType_Values added in v1.35.35

func CustomSMSSenderLambdaVersionType_Values() []string

CustomSMSSenderLambdaVersionType_Values returns all elements of the CustomSMSSenderLambdaVersionType enum

func DefaultEmailOptionType_Values added in v1.34.3

func DefaultEmailOptionType_Values() []string

DefaultEmailOptionType_Values returns all elements of the DefaultEmailOptionType enum

func DeletionProtectionType_Values added in v1.44.121

func DeletionProtectionType_Values() []string

DeletionProtectionType_Values returns all elements of the DeletionProtectionType enum

func DeliveryMediumType_Values added in v1.34.3

func DeliveryMediumType_Values() []string

DeliveryMediumType_Values returns all elements of the DeliveryMediumType enum

func DeviceRememberedStatusType_Values added in v1.34.3

func DeviceRememberedStatusType_Values() []string

DeviceRememberedStatusType_Values returns all elements of the DeviceRememberedStatusType enum

func DomainStatusType_Values added in v1.34.3

func DomainStatusType_Values() []string

DomainStatusType_Values returns all elements of the DomainStatusType enum

func EmailSendingAccountType_Values added in v1.34.3

func EmailSendingAccountType_Values() []string

EmailSendingAccountType_Values returns all elements of the EmailSendingAccountType enum

func EventFilterType_Values added in v1.34.3

func EventFilterType_Values() []string

EventFilterType_Values returns all elements of the EventFilterType enum

func EventResponseType_Values added in v1.34.3

func EventResponseType_Values() []string

EventResponseType_Values returns all elements of the EventResponseType enum

func EventSourceName_Values added in v1.44.315

func EventSourceName_Values() []string

EventSourceName_Values returns all elements of the EventSourceName enum

func EventType_Values added in v1.34.3

func EventType_Values() []string

EventType_Values returns all elements of the EventType enum

func ExplicitAuthFlowsType_Values added in v1.34.3

func ExplicitAuthFlowsType_Values() []string

ExplicitAuthFlowsType_Values returns all elements of the ExplicitAuthFlowsType enum

func FeedbackValueType_Values added in v1.34.3

func FeedbackValueType_Values() []string

FeedbackValueType_Values returns all elements of the FeedbackValueType enum

func IdentityProviderTypeType_Values added in v1.34.3

func IdentityProviderTypeType_Values() []string

IdentityProviderTypeType_Values returns all elements of the IdentityProviderTypeType enum

func LogLevel_Values added in v1.44.315

func LogLevel_Values() []string

LogLevel_Values returns all elements of the LogLevel enum

func MessageActionType_Values added in v1.34.3

func MessageActionType_Values() []string

MessageActionType_Values returns all elements of the MessageActionType enum

func OAuthFlowType_Values added in v1.34.3

func OAuthFlowType_Values() []string

OAuthFlowType_Values returns all elements of the OAuthFlowType enum

func PreTokenGenerationLambdaVersionType_Values added in v1.49.5

func PreTokenGenerationLambdaVersionType_Values() []string

PreTokenGenerationLambdaVersionType_Values returns all elements of the PreTokenGenerationLambdaVersionType enum

func PreventUserExistenceErrorTypes_Values added in v1.34.3

func PreventUserExistenceErrorTypes_Values() []string

PreventUserExistenceErrorTypes_Values returns all elements of the PreventUserExistenceErrorTypes enum

func RecoveryOptionNameType_Values added in v1.34.3

func RecoveryOptionNameType_Values() []string

RecoveryOptionNameType_Values returns all elements of the RecoveryOptionNameType enum

func RiskDecisionType_Values added in v1.34.3

func RiskDecisionType_Values() []string

RiskDecisionType_Values returns all elements of the RiskDecisionType enum

func RiskLevelType_Values added in v1.34.3

func RiskLevelType_Values() []string

RiskLevelType_Values returns all elements of the RiskLevelType enum

func StatusType_Values added in v1.34.3

func StatusType_Values() []string

StatusType_Values returns all elements of the StatusType enum

func TimeUnitsType_Values added in v1.34.4

func TimeUnitsType_Values() []string

TimeUnitsType_Values returns all elements of the TimeUnitsType enum

func UserImportJobStatusType_Values added in v1.34.3

func UserImportJobStatusType_Values() []string

UserImportJobStatusType_Values returns all elements of the UserImportJobStatusType enum

func UserPoolMfaType_Values added in v1.34.3

func UserPoolMfaType_Values() []string

UserPoolMfaType_Values returns all elements of the UserPoolMfaType enum

func UserStatusType_Values added in v1.34.3

func UserStatusType_Values() []string

UserStatusType_Values returns all elements of the UserStatusType enum

func UsernameAttributeType_Values added in v1.34.3

func UsernameAttributeType_Values() []string

UsernameAttributeType_Values returns all elements of the UsernameAttributeType enum

func VerifiedAttributeType_Values added in v1.34.3

func VerifiedAttributeType_Values() []string

VerifiedAttributeType_Values returns all elements of the VerifiedAttributeType enum

func VerifySoftwareTokenResponseType_Values added in v1.34.3

func VerifySoftwareTokenResponseType_Values() []string

VerifySoftwareTokenResponseType_Values returns all elements of the VerifySoftwareTokenResponseType enum

Types

type AccountRecoverySettingType added in v1.25.43

type AccountRecoverySettingType struct {

	// The list of RecoveryOptionTypes.
	RecoveryMechanisms []*RecoveryOptionType `min:"1" type:"list"`
	// contains filtered or unexported fields
}

The data type for AccountRecoverySetting.

func (AccountRecoverySettingType) GoString added in v1.25.43

func (s AccountRecoverySettingType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccountRecoverySettingType) SetRecoveryMechanisms added in v1.25.43

SetRecoveryMechanisms sets the RecoveryMechanisms field's value.

func (AccountRecoverySettingType) String added in v1.25.43

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccountRecoverySettingType) Validate added in v1.25.43

func (s *AccountRecoverySettingType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AccountTakeoverActionType added in v1.12.35

type AccountTakeoverActionType struct {

	// The action to take in response to the account takeover action. Valid values
	// are as follows:
	//
	//    * BLOCK Choosing this action will block the request.
	//
	//    * MFA_IF_CONFIGURED Present an MFA challenge if user has configured it,
	//    else allow the request.
	//
	//    * MFA_REQUIRED Present an MFA challenge if user has configured it, else
	//    block the request.
	//
	//    * NO_ACTION Allow the user to sign in.
	//
	// EventAction is a required field
	EventAction *string `type:"string" required:"true" enum:"AccountTakeoverEventActionType"`

	// Flag specifying whether to send a notification.
	//
	// Notify is a required field
	Notify *bool `type:"boolean" required:"true"`
	// contains filtered or unexported fields
}

Account takeover action type.

func (AccountTakeoverActionType) GoString added in v1.12.35

func (s AccountTakeoverActionType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccountTakeoverActionType) SetEventAction added in v1.12.35

SetEventAction sets the EventAction field's value.

func (*AccountTakeoverActionType) SetNotify added in v1.12.35

SetNotify sets the Notify field's value.

func (AccountTakeoverActionType) String added in v1.12.35

func (s AccountTakeoverActionType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccountTakeoverActionType) Validate added in v1.12.35

func (s *AccountTakeoverActionType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AccountTakeoverActionsType added in v1.12.35

type AccountTakeoverActionsType struct {

	// Action to take for a high risk.
	HighAction *AccountTakeoverActionType `type:"structure"`

	// Action to take for a low risk.
	LowAction *AccountTakeoverActionType `type:"structure"`

	// Action to take for a medium risk.
	MediumAction *AccountTakeoverActionType `type:"structure"`
	// contains filtered or unexported fields
}

Account takeover actions type.

func (AccountTakeoverActionsType) GoString added in v1.12.35

func (s AccountTakeoverActionsType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccountTakeoverActionsType) SetHighAction added in v1.12.35

SetHighAction sets the HighAction field's value.

func (*AccountTakeoverActionsType) SetLowAction added in v1.12.35

SetLowAction sets the LowAction field's value.

func (*AccountTakeoverActionsType) SetMediumAction added in v1.12.35

SetMediumAction sets the MediumAction field's value.

func (AccountTakeoverActionsType) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccountTakeoverActionsType) Validate added in v1.12.35

func (s *AccountTakeoverActionsType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AccountTakeoverRiskConfigurationType added in v1.12.35

type AccountTakeoverRiskConfigurationType struct {

	// Account takeover risk configuration actions.
	//
	// Actions is a required field
	Actions *AccountTakeoverActionsType `type:"structure" required:"true"`

	// The notify configuration used to construct email notifications.
	NotifyConfiguration *NotifyConfigurationType `type:"structure"`
	// contains filtered or unexported fields
}

Configuration for mitigation actions and notification for different levels of risk detected for a potential account takeover.

func (AccountTakeoverRiskConfigurationType) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccountTakeoverRiskConfigurationType) SetActions added in v1.12.35

SetActions sets the Actions field's value.

func (*AccountTakeoverRiskConfigurationType) SetNotifyConfiguration added in v1.12.35

SetNotifyConfiguration sets the NotifyConfiguration field's value.

func (AccountTakeoverRiskConfigurationType) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccountTakeoverRiskConfigurationType) Validate added in v1.12.35

Validate inspects the fields of the type to determine if they are valid.

type AddCustomAttributesInput

type AddCustomAttributesInput struct {

	// An array of custom attributes, such as Mutable and Name.
	//
	// CustomAttributes is a required field
	CustomAttributes []*SchemaAttributeType `min:"1" type:"list" required:"true"`

	// The user pool ID for the user pool where you want to add custom attributes.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to add custom attributes.

func (AddCustomAttributesInput) GoString

func (s AddCustomAttributesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AddCustomAttributesInput) SetCustomAttributes added in v1.5.0

SetCustomAttributes sets the CustomAttributes field's value.

func (*AddCustomAttributesInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (AddCustomAttributesInput) String

func (s AddCustomAttributesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AddCustomAttributesInput) Validate added in v1.1.21

func (s *AddCustomAttributesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AddCustomAttributesOutput

type AddCustomAttributesOutput struct {
	// contains filtered or unexported fields
}

Represents the response from the server for the request to add custom attributes.

func (AddCustomAttributesOutput) GoString

func (s AddCustomAttributesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AddCustomAttributesOutput) String

func (s AddCustomAttributesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminAddUserToGroupInput added in v1.6.4

type AdminAddUserToGroupInput struct {

	// The name of the group that you want to add your user to.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminAddUserToGroupInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (AdminAddUserToGroupInput) GoString added in v1.6.4

func (s AdminAddUserToGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminAddUserToGroupInput) SetGroupName added in v1.6.4

SetGroupName sets the GroupName field's value.

func (*AdminAddUserToGroupInput) SetUserPoolId added in v1.6.4

SetUserPoolId sets the UserPoolId field's value.

func (*AdminAddUserToGroupInput) SetUsername added in v1.6.4

SetUsername sets the Username field's value.

func (AdminAddUserToGroupInput) String added in v1.6.4

func (s AdminAddUserToGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminAddUserToGroupInput) Validate added in v1.6.4

func (s *AdminAddUserToGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminAddUserToGroupOutput added in v1.6.4

type AdminAddUserToGroupOutput struct {
	// contains filtered or unexported fields
}

func (AdminAddUserToGroupOutput) GoString added in v1.6.4

func (s AdminAddUserToGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminAddUserToGroupOutput) String added in v1.6.4

func (s AdminAddUserToGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminConfirmSignUpInput

type AdminConfirmSignUpInput struct {

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// If your user pool configuration includes triggers, the AdminConfirmSignUp
	// API action invokes the Lambda function that is specified for the post confirmation
	// trigger. When Amazon Cognito invokes this function, it passes a JSON payload,
	// which the function receives as input. In this payload, the clientMetadata
	// attribute provides the data that you assigned to the ClientMetadata parameter
	// in your AdminConfirmSignUp request. In your function code in Lambda, you
	// can process the ClientMetadata value to enhance your workflow for your specific
	// needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The user pool ID for which you want to confirm user registration.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminConfirmSignUpInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Confirm a user's registration as a user pool administrator.

func (AdminConfirmSignUpInput) GoString

func (s AdminConfirmSignUpInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminConfirmSignUpInput) SetClientMetadata added in v1.25.6

func (s *AdminConfirmSignUpInput) SetClientMetadata(v map[string]*string) *AdminConfirmSignUpInput

SetClientMetadata sets the ClientMetadata field's value.

func (*AdminConfirmSignUpInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (*AdminConfirmSignUpInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminConfirmSignUpInput) String

func (s AdminConfirmSignUpInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminConfirmSignUpInput) Validate added in v1.1.21

func (s *AdminConfirmSignUpInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminConfirmSignUpOutput

type AdminConfirmSignUpOutput struct {
	// contains filtered or unexported fields
}

Represents the response from the server for the request to confirm registration.

func (AdminConfirmSignUpOutput) GoString

func (s AdminConfirmSignUpOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminConfirmSignUpOutput) String

func (s AdminConfirmSignUpOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminCreateUserConfigType added in v1.4.15

type AdminCreateUserConfigType struct {

	// Set to True if only the administrator is allowed to create user profiles.
	// Set to False if users can sign themselves up via an app.
	AllowAdminCreateUserOnly *bool `type:"boolean"`

	// The message template to be used for the welcome message to new users.
	//
	// See also Customizing User Invitation Messages (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization).
	InviteMessageTemplate *MessageTemplateType `type:"structure"`

	// The user account expiration limit, in days, after which a new account that
	// hasn't signed in is no longer usable. To reset the account after that time
	// limit, you must call AdminCreateUser again, specifying "RESEND" for the MessageAction
	// parameter. The default value for this parameter is 7.
	//
	// If you set a value for TemporaryPasswordValidityDays in PasswordPolicy, that
	// value will be used, and UnusedAccountValidityDays will be no longer be an
	// available parameter for that user pool.
	UnusedAccountValidityDays *int64 `type:"integer"`
	// contains filtered or unexported fields
}

The configuration for creating a new user profile.

func (AdminCreateUserConfigType) GoString added in v1.4.15

func (s AdminCreateUserConfigType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminCreateUserConfigType) SetAllowAdminCreateUserOnly added in v1.5.0

func (s *AdminCreateUserConfigType) SetAllowAdminCreateUserOnly(v bool) *AdminCreateUserConfigType

SetAllowAdminCreateUserOnly sets the AllowAdminCreateUserOnly field's value.

func (*AdminCreateUserConfigType) SetInviteMessageTemplate added in v1.5.0

SetInviteMessageTemplate sets the InviteMessageTemplate field's value.

func (*AdminCreateUserConfigType) SetUnusedAccountValidityDays added in v1.5.0

func (s *AdminCreateUserConfigType) SetUnusedAccountValidityDays(v int64) *AdminCreateUserConfigType

SetUnusedAccountValidityDays sets the UnusedAccountValidityDays field's value.

func (AdminCreateUserConfigType) String added in v1.4.15

func (s AdminCreateUserConfigType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminCreateUserConfigType) Validate added in v1.4.15

func (s *AdminCreateUserConfigType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminCreateUserInput added in v1.4.15

type AdminCreateUserInput struct {

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the AdminCreateUser API action, Amazon Cognito invokes the function
	// that is assigned to the pre sign-up trigger. When Amazon Cognito invokes
	// this function, it passes a JSON payload, which the function receives as input.
	// This payload contains a clientMetadata attribute, which provides the data
	// that you assigned to the ClientMetadata parameter in your AdminCreateUser
	// request. In your function code in Lambda, you can process the clientMetadata
	// value to enhance your workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// Specify "EMAIL" if email will be used to send the welcome message. Specify
	// "SMS" if the phone number will be used. The default value is "SMS". You can
	// specify more than one value.
	DesiredDeliveryMediums []*string `type:"list" enum:"DeliveryMediumType"`

	// This parameter is used only if the phone_number_verified or email_verified
	// attribute is set to True. Otherwise, it is ignored.
	//
	// If this parameter is set to True and the phone number or email address specified
	// in the UserAttributes parameter already exists as an alias with a different
	// user, the API call will migrate the alias from the previous user to the newly
	// created user. The previous user will no longer be able to log in using that
	// alias.
	//
	// If this parameter is set to False, the API throws an AliasExistsException
	// error if the alias already exists. The default value is False.
	ForceAliasCreation *bool `type:"boolean"`

	// Set to RESEND to resend the invitation message to a user that already exists
	// and reset the expiration limit on the user's account. Set to SUPPRESS to
	// suppress sending the message. You can specify only one value.
	MessageAction *string `type:"string" enum:"MessageActionType"`

	// The user's temporary password. This password must conform to the password
	// policy that you specified when you created the user pool.
	//
	// The temporary password is valid only once. To complete the Admin Create User
	// flow, the user must enter the temporary password in the sign-in page, along
	// with a new password to be used in all future sign-ins.
	//
	// This parameter isn't required. If you don't specify a value, Amazon Cognito
	// generates one for you.
	//
	// The temporary password can only be used until the user account expiration
	// limit that you set for your user pool. To reset the account after that time
	// limit, you must call AdminCreateUser again and specify RESEND for the MessageAction
	// parameter.
	//
	// TemporaryPassword is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminCreateUserInput's
	// String and GoString methods.
	TemporaryPassword *string `type:"string" sensitive:"true"`

	// An array of name-value pairs that contain user attributes and attribute values
	// to be set for the user to be created. You can create a user without specifying
	// any attributes other than Username. However, any attributes that you specify
	// as required (when creating a user pool or in the Attributes tab of the console)
	// either you should supply (in your call to AdminCreateUser) or the user should
	// supply (when they sign up in response to your welcome message).
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	//
	// To send a message inviting the user to sign up, you must specify the user's
	// email address or phone number. You can do this in your call to AdminCreateUser
	// or in the Users tab of the Amazon Cognito console for managing your user
	// pools.
	//
	// In your call to AdminCreateUser, you can set the email_verified attribute
	// to True, and you can set the phone_number_verified attribute to True. You
	// can also do this by calling AdminUpdateUserAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html).
	//
	//    * email: The email address of the user to whom the message that contains
	//    the code and username will be sent. Required if the email_verified attribute
	//    is set to True, or if "EMAIL" is specified in the DesiredDeliveryMediums
	//    parameter.
	//
	//    * phone_number: The phone number of the user to whom the message that
	//    contains the code and username will be sent. Required if the phone_number_verified
	//    attribute is set to True, or if "SMS" is specified in the DesiredDeliveryMediums
	//    parameter.
	UserAttributes []*AttributeType `type:"list"`

	// The user pool ID for the user pool where the user will be created.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The value that you want to set as the username sign-in attribute. The following
	// conditions apply to the username parameter.
	//
	//    * The username can't be a duplicate of another username in the same user
	//    pool.
	//
	//    * You can't change the value of a username after you create it.
	//
	//    * You can only provide a value if usernames are a valid sign-in attribute
	//    for your user pool. If your user pool only supports phone numbers or email
	//    addresses as sign-in attributes, Amazon Cognito automatically generates
	//    a username value. For more information, see Customizing sign-in attributes
	//    (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases).
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminCreateUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// Temporary user attributes that contribute to the outcomes of your pre sign-up
	// Lambda trigger. This set of key-value pairs are for custom validation of
	// information that you collect from your users but don't need to retain.
	//
	// Your Lambda function can analyze this additional data and act on it. Your
	// function might perform external API operations like logging user attributes
	// and validation data to Amazon CloudWatch Logs. Validation data might also
	// affect the response that your function returns to Amazon Cognito, like automatically
	// confirming the user if they sign up from within your network.
	//
	// For more information about the pre sign-up Lambda trigger, see Pre sign-up
	// Lambda trigger (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html).
	ValidationData []*AttributeType `type:"list"`
	// contains filtered or unexported fields
}

Represents the request to create a user in the specified user pool.

func (AdminCreateUserInput) GoString added in v1.4.15

func (s AdminCreateUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminCreateUserInput) SetClientMetadata added in v1.25.6

func (s *AdminCreateUserInput) SetClientMetadata(v map[string]*string) *AdminCreateUserInput

SetClientMetadata sets the ClientMetadata field's value.

func (*AdminCreateUserInput) SetDesiredDeliveryMediums added in v1.5.0

func (s *AdminCreateUserInput) SetDesiredDeliveryMediums(v []*string) *AdminCreateUserInput

SetDesiredDeliveryMediums sets the DesiredDeliveryMediums field's value.

func (*AdminCreateUserInput) SetForceAliasCreation added in v1.5.0

func (s *AdminCreateUserInput) SetForceAliasCreation(v bool) *AdminCreateUserInput

SetForceAliasCreation sets the ForceAliasCreation field's value.

func (*AdminCreateUserInput) SetMessageAction added in v1.5.0

func (s *AdminCreateUserInput) SetMessageAction(v string) *AdminCreateUserInput

SetMessageAction sets the MessageAction field's value.

func (*AdminCreateUserInput) SetTemporaryPassword added in v1.5.0

func (s *AdminCreateUserInput) SetTemporaryPassword(v string) *AdminCreateUserInput

SetTemporaryPassword sets the TemporaryPassword field's value.

func (*AdminCreateUserInput) SetUserAttributes added in v1.5.0

func (s *AdminCreateUserInput) SetUserAttributes(v []*AttributeType) *AdminCreateUserInput

SetUserAttributes sets the UserAttributes field's value.

func (*AdminCreateUserInput) SetUserPoolId added in v1.5.0

func (s *AdminCreateUserInput) SetUserPoolId(v string) *AdminCreateUserInput

SetUserPoolId sets the UserPoolId field's value.

func (*AdminCreateUserInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (*AdminCreateUserInput) SetValidationData added in v1.5.0

func (s *AdminCreateUserInput) SetValidationData(v []*AttributeType) *AdminCreateUserInput

SetValidationData sets the ValidationData field's value.

func (AdminCreateUserInput) String added in v1.4.15

func (s AdminCreateUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminCreateUserInput) Validate added in v1.4.15

func (s *AdminCreateUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminCreateUserOutput added in v1.4.15

type AdminCreateUserOutput struct {

	// The newly created user.
	User *UserType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the response from the server to the request to create the user.

func (AdminCreateUserOutput) GoString added in v1.4.15

func (s AdminCreateUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminCreateUserOutput) SetUser added in v1.5.0

SetUser sets the User field's value.

func (AdminCreateUserOutput) String added in v1.4.15

func (s AdminCreateUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminDeleteUserAttributesInput

type AdminDeleteUserAttributesInput struct {

	// An array of strings representing the user attribute names you want to delete.
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	//
	// UserAttributeNames is a required field
	UserAttributeNames []*string `type:"list" required:"true"`

	// The user pool ID for the user pool where you want to delete user attributes.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminDeleteUserAttributesInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to delete user attributes as an administrator.

func (AdminDeleteUserAttributesInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminDeleteUserAttributesInput) SetUserAttributeNames added in v1.5.0

SetUserAttributeNames sets the UserAttributeNames field's value.

func (*AdminDeleteUserAttributesInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (*AdminDeleteUserAttributesInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminDeleteUserAttributesInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminDeleteUserAttributesInput) Validate added in v1.1.21

func (s *AdminDeleteUserAttributesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminDeleteUserAttributesOutput

type AdminDeleteUserAttributesOutput struct {
	// contains filtered or unexported fields
}

Represents the response received from the server for a request to delete user attributes.

func (AdminDeleteUserAttributesOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminDeleteUserAttributesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminDeleteUserInput

type AdminDeleteUserInput struct {

	// The user pool ID for the user pool where you want to delete the user.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminDeleteUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to delete a user as an administrator.

func (AdminDeleteUserInput) GoString

func (s AdminDeleteUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminDeleteUserInput) SetUserPoolId added in v1.5.0

func (s *AdminDeleteUserInput) SetUserPoolId(v string) *AdminDeleteUserInput

SetUserPoolId sets the UserPoolId field's value.

func (*AdminDeleteUserInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminDeleteUserInput) String

func (s AdminDeleteUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminDeleteUserInput) Validate added in v1.1.21

func (s *AdminDeleteUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminDeleteUserOutput

type AdminDeleteUserOutput struct {
	// contains filtered or unexported fields
}

func (AdminDeleteUserOutput) GoString

func (s AdminDeleteUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminDeleteUserOutput) String

func (s AdminDeleteUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminDisableProviderForUserInput added in v1.10.24

type AdminDisableProviderForUserInput struct {

	// The user to be disabled.
	//
	// User is a required field
	User *ProviderUserIdentifierType `type:"structure" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AdminDisableProviderForUserInput) GoString added in v1.10.24

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminDisableProviderForUserInput) SetUser added in v1.10.24

SetUser sets the User field's value.

func (*AdminDisableProviderForUserInput) SetUserPoolId added in v1.10.24

SetUserPoolId sets the UserPoolId field's value.

func (AdminDisableProviderForUserInput) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminDisableProviderForUserInput) Validate added in v1.10.24

Validate inspects the fields of the type to determine if they are valid.

type AdminDisableProviderForUserOutput added in v1.10.24

type AdminDisableProviderForUserOutput struct {
	// contains filtered or unexported fields
}

func (AdminDisableProviderForUserOutput) GoString added in v1.10.24

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminDisableProviderForUserOutput) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminDisableUserInput

type AdminDisableUserInput struct {

	// The user pool ID for the user pool where you want to disable the user.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminDisableUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to disable the user as an administrator.

func (AdminDisableUserInput) GoString

func (s AdminDisableUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminDisableUserInput) SetUserPoolId added in v1.5.0

func (s *AdminDisableUserInput) SetUserPoolId(v string) *AdminDisableUserInput

SetUserPoolId sets the UserPoolId field's value.

func (*AdminDisableUserInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminDisableUserInput) String

func (s AdminDisableUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminDisableUserInput) Validate added in v1.1.21

func (s *AdminDisableUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminDisableUserOutput

type AdminDisableUserOutput struct {
	// contains filtered or unexported fields
}

Represents the response received from the server to disable the user as an administrator.

func (AdminDisableUserOutput) GoString

func (s AdminDisableUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminDisableUserOutput) String

func (s AdminDisableUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminEnableUserInput

type AdminEnableUserInput struct {

	// The user pool ID for the user pool where you want to enable the user.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminEnableUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request that enables the user as an administrator.

func (AdminEnableUserInput) GoString

func (s AdminEnableUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminEnableUserInput) SetUserPoolId added in v1.5.0

func (s *AdminEnableUserInput) SetUserPoolId(v string) *AdminEnableUserInput

SetUserPoolId sets the UserPoolId field's value.

func (*AdminEnableUserInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminEnableUserInput) String

func (s AdminEnableUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminEnableUserInput) Validate added in v1.1.21

func (s *AdminEnableUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminEnableUserOutput

type AdminEnableUserOutput struct {
	// contains filtered or unexported fields
}

Represents the response from the server for the request to enable a user as an administrator.

func (AdminEnableUserOutput) GoString

func (s AdminEnableUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminEnableUserOutput) String

func (s AdminEnableUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminForgetDeviceInput added in v1.2.10

type AdminForgetDeviceInput struct {

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminForgetDeviceInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Sends the forgot device request, as an administrator.

func (AdminForgetDeviceInput) GoString added in v1.2.10

func (s AdminForgetDeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminForgetDeviceInput) SetDeviceKey added in v1.5.0

SetDeviceKey sets the DeviceKey field's value.

func (*AdminForgetDeviceInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (*AdminForgetDeviceInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminForgetDeviceInput) String added in v1.2.10

func (s AdminForgetDeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminForgetDeviceInput) Validate added in v1.2.10

func (s *AdminForgetDeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminForgetDeviceOutput added in v1.2.10

type AdminForgetDeviceOutput struct {
	// contains filtered or unexported fields
}

func (AdminForgetDeviceOutput) GoString added in v1.2.10

func (s AdminForgetDeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminForgetDeviceOutput) String added in v1.2.10

func (s AdminForgetDeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminGetDeviceInput added in v1.2.10

type AdminGetDeviceInput struct {

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminGetDeviceInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to get the device, as an administrator.

func (AdminGetDeviceInput) GoString added in v1.2.10

func (s AdminGetDeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminGetDeviceInput) SetDeviceKey added in v1.5.0

func (s *AdminGetDeviceInput) SetDeviceKey(v string) *AdminGetDeviceInput

SetDeviceKey sets the DeviceKey field's value.

func (*AdminGetDeviceInput) SetUserPoolId added in v1.5.0

func (s *AdminGetDeviceInput) SetUserPoolId(v string) *AdminGetDeviceInput

SetUserPoolId sets the UserPoolId field's value.

func (*AdminGetDeviceInput) SetUsername added in v1.5.0

func (s *AdminGetDeviceInput) SetUsername(v string) *AdminGetDeviceInput

SetUsername sets the Username field's value.

func (AdminGetDeviceInput) String added in v1.2.10

func (s AdminGetDeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminGetDeviceInput) Validate added in v1.2.10

func (s *AdminGetDeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminGetDeviceOutput added in v1.2.10

type AdminGetDeviceOutput struct {

	// The device.
	//
	// Device is a required field
	Device *DeviceType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Gets the device response, as an administrator.

func (AdminGetDeviceOutput) GoString added in v1.2.10

func (s AdminGetDeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminGetDeviceOutput) SetDevice added in v1.5.0

SetDevice sets the Device field's value.

func (AdminGetDeviceOutput) String added in v1.2.10

func (s AdminGetDeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminGetUserInput

type AdminGetUserInput struct {

	// The user pool ID for the user pool where you want to get information about
	// the user.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminGetUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to get the specified user as an administrator.

func (AdminGetUserInput) GoString

func (s AdminGetUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminGetUserInput) SetUserPoolId added in v1.5.0

func (s *AdminGetUserInput) SetUserPoolId(v string) *AdminGetUserInput

SetUserPoolId sets the UserPoolId field's value.

func (*AdminGetUserInput) SetUsername added in v1.5.0

func (s *AdminGetUserInput) SetUsername(v string) *AdminGetUserInput

SetUsername sets the Username field's value.

func (AdminGetUserInput) String

func (s AdminGetUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminGetUserInput) Validate added in v1.1.21

func (s *AdminGetUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminGetUserOutput

type AdminGetUserOutput struct {

	// Indicates that the status is enabled.
	Enabled *bool `type:"boolean"`

	// This response parameter is no longer supported. It provides information only
	// about SMS MFA configurations. It doesn't provide information about time-based
	// one-time password (TOTP) software token MFA configurations. To look up information
	// about either type of MFA configuration, use UserMFASettingList instead.
	MFAOptions []*MFAOptionType `type:"list"`

	// The user's preferred MFA setting.
	PreferredMfaSetting *string `type:"string"`

	// An array of name-value pairs representing user attributes.
	UserAttributes []*AttributeType `type:"list"`

	// The date the user was created.
	UserCreateDate *time.Time `type:"timestamp"`

	// The date and time when the item was modified. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	UserLastModifiedDate *time.Time `type:"timestamp"`

	// The MFA options that are activated for the user. The possible values in this
	// list are SMS_MFA and SOFTWARE_TOKEN_MFA.
	UserMFASettingList []*string `type:"list"`

	// The user status. Can be one of the following:
	//
	//    * UNCONFIRMED - User has been created but not confirmed.
	//
	//    * CONFIRMED - User has been confirmed.
	//
	//    * UNKNOWN - User status isn't known.
	//
	//    * RESET_REQUIRED - User is confirmed, but the user must request a code
	//    and reset their password before they can sign in.
	//
	//    * FORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign
	//    in using a temporary password, but on first sign-in, the user must change
	//    their password to a new value before doing anything else.
	UserStatus *string `type:"string" enum:"UserStatusType"`

	// The username of the user that you requested.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminGetUserOutput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the response from the server from the request to get the specified user as an administrator.

func (AdminGetUserOutput) GoString

func (s AdminGetUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminGetUserOutput) SetEnabled added in v1.5.0

func (s *AdminGetUserOutput) SetEnabled(v bool) *AdminGetUserOutput

SetEnabled sets the Enabled field's value.

func (*AdminGetUserOutput) SetMFAOptions added in v1.5.0

func (s *AdminGetUserOutput) SetMFAOptions(v []*MFAOptionType) *AdminGetUserOutput

SetMFAOptions sets the MFAOptions field's value.

func (*AdminGetUserOutput) SetPreferredMfaSetting added in v1.12.35

func (s *AdminGetUserOutput) SetPreferredMfaSetting(v string) *AdminGetUserOutput

SetPreferredMfaSetting sets the PreferredMfaSetting field's value.

func (*AdminGetUserOutput) SetUserAttributes added in v1.5.0

func (s *AdminGetUserOutput) SetUserAttributes(v []*AttributeType) *AdminGetUserOutput

SetUserAttributes sets the UserAttributes field's value.

func (*AdminGetUserOutput) SetUserCreateDate added in v1.5.0

func (s *AdminGetUserOutput) SetUserCreateDate(v time.Time) *AdminGetUserOutput

SetUserCreateDate sets the UserCreateDate field's value.

func (*AdminGetUserOutput) SetUserLastModifiedDate added in v1.5.0

func (s *AdminGetUserOutput) SetUserLastModifiedDate(v time.Time) *AdminGetUserOutput

SetUserLastModifiedDate sets the UserLastModifiedDate field's value.

func (*AdminGetUserOutput) SetUserMFASettingList added in v1.12.35

func (s *AdminGetUserOutput) SetUserMFASettingList(v []*string) *AdminGetUserOutput

SetUserMFASettingList sets the UserMFASettingList field's value.

func (*AdminGetUserOutput) SetUserStatus added in v1.5.0

func (s *AdminGetUserOutput) SetUserStatus(v string) *AdminGetUserOutput

SetUserStatus sets the UserStatus field's value.

func (*AdminGetUserOutput) SetUsername added in v1.5.0

func (s *AdminGetUserOutput) SetUsername(v string) *AdminGetUserOutput

SetUsername sets the Username field's value.

func (AdminGetUserOutput) String

func (s AdminGetUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminInitiateAuthInput added in v1.2.10

type AdminInitiateAuthInput struct {

	// The analytics metadata for collecting Amazon Pinpoint metrics for AdminInitiateAuth
	// calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The authentication flow for this call to run. The API action will depend
	// on this value. For example:
	//
	//    * REFRESH_TOKEN_AUTH will take in a valid refresh token and return new
	//    tokens.
	//
	//    * USER_SRP_AUTH will take in USERNAME and SRP_A and return the Secure
	//    Remote Password (SRP) protocol variables to be used for next challenge
	//    execution.
	//
	//    * ADMIN_USER_PASSWORD_AUTH will take in USERNAME and PASSWORD and return
	//    the next challenge or tokens.
	//
	// Valid values include:
	//
	//    * USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP)
	//    protocol.
	//
	//    * REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for refreshing
	//    the access token and ID token by supplying a valid refresh token.
	//
	//    * CUSTOM_AUTH: Custom authentication flow.
	//
	//    * ADMIN_NO_SRP_AUTH: Non-SRP authentication flow; you can pass in the
	//    USERNAME and PASSWORD directly if the flow is enabled for calling the
	//    app client.
	//
	//    * ADMIN_USER_PASSWORD_AUTH: Admin-based user password authentication.
	//    This replaces the ADMIN_NO_SRP_AUTH authentication flow. In this flow,
	//    Amazon Cognito receives the password in the request instead of using the
	//    SRP process to verify passwords.
	//
	// AuthFlow is a required field
	AuthFlow *string `type:"string" required:"true" enum:"AuthFlowType"`

	// The authentication parameters. These are inputs corresponding to the AuthFlow
	// that you're invoking. The required values depend on the value of AuthFlow:
	//
	//    * For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH
	//    (required if the app client is configured with a client secret), DEVICE_KEY.
	//
	//    * For ADMIN_USER_PASSWORD_AUTH: USERNAME (required), PASSWORD (required),
	//    SECRET_HASH (required if the app client is configured with a client secret),
	//    DEVICE_KEY.
	//
	//    * For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH
	//    (required if the app client is configured with a client secret), DEVICE_KEY.
	//
	//    * For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is
	//    configured with client secret), DEVICE_KEY. To start the authentication
	//    flow with password verification, include ChallengeName: SRP_A and SRP_A:
	//    (The SRP_A Value).
	//
	// For more information about SECRET_HASH, see Computing secret hash values
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash).
	// For information about DEVICE_KEY, see Working with user devices in your user
	// pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).
	//
	// AuthParameters is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminInitiateAuthInput's
	// String and GoString methods.
	AuthParameters map[string]*string `type:"map" sensitive:"true"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminInitiateAuthInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for certain
	// custom workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the AdminInitiateAuth API action, Amazon Cognito invokes the
	// Lambda functions that are specified for various triggers. The ClientMetadata
	// value is passed as input to the functions for only the following triggers:
	//
	//    * Pre signup
	//
	//    * Pre authentication
	//
	//    * User migration
	//
	// When Amazon Cognito invokes the functions for these triggers, it passes a
	// JSON payload, which the function receives as input. This payload contains
	// a validationData attribute, which provides the data that you assigned to
	// the ClientMetadata parameter in your AdminInitiateAuth request. In your function
	// code in Lambda, you can process the validationData value to enhance your
	// workflow for your specific needs.
	//
	// When you use the AdminInitiateAuth API action, Amazon Cognito also invokes
	// the functions for the following triggers, but it doesn't provide the ClientMetadata
	// value as input:
	//
	//    * Post authentication
	//
	//    * Custom message
	//
	//    * Pre token generation
	//
	//    * Create auth challenge
	//
	//    * Define auth challenge
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	ContextData *ContextDataType `type:"structure"`

	// The ID of the Amazon Cognito user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Initiates the authorization request, as an administrator.

func (AdminInitiateAuthInput) GoString added in v1.2.10

func (s AdminInitiateAuthInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminInitiateAuthInput) SetAnalyticsMetadata added in v1.12.35

SetAnalyticsMetadata sets the AnalyticsMetadata field's value.

func (*AdminInitiateAuthInput) SetAuthFlow added in v1.5.0

SetAuthFlow sets the AuthFlow field's value.

func (*AdminInitiateAuthInput) SetAuthParameters added in v1.5.0

func (s *AdminInitiateAuthInput) SetAuthParameters(v map[string]*string) *AdminInitiateAuthInput

SetAuthParameters sets the AuthParameters field's value.

func (*AdminInitiateAuthInput) SetClientId added in v1.5.0

SetClientId sets the ClientId field's value.

func (*AdminInitiateAuthInput) SetClientMetadata added in v1.5.0

func (s *AdminInitiateAuthInput) SetClientMetadata(v map[string]*string) *AdminInitiateAuthInput

SetClientMetadata sets the ClientMetadata field's value.

func (*AdminInitiateAuthInput) SetContextData added in v1.12.35

SetContextData sets the ContextData field's value.

func (*AdminInitiateAuthInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (AdminInitiateAuthInput) String added in v1.2.10

func (s AdminInitiateAuthInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminInitiateAuthInput) Validate added in v1.2.10

func (s *AdminInitiateAuthInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminInitiateAuthOutput added in v1.2.10

type AdminInitiateAuthOutput struct {

	// The result of the authentication response. This is only returned if the caller
	// doesn't need to pass another challenge. If the caller does need to pass another
	// challenge before it gets tokens, ChallengeName, ChallengeParameters, and
	// Session are returned.
	AuthenticationResult *AuthenticationResultType `type:"structure"`

	// The name of the challenge that you're responding to with this call. This
	// is returned in the AdminInitiateAuth response if you must pass another challenge.
	//
	//    * MFA_SETUP: If MFA is required, users who don't have at least one of
	//    the MFA methods set up are presented with an MFA_SETUP challenge. The
	//    user must set up at least one MFA type to continue to authenticate.
	//
	//    * SELECT_MFA_TYPE: Selects the MFA type. Valid MFA options are SMS_MFA
	//    for text SMS MFA, and SOFTWARE_TOKEN_MFA for time-based one-time password
	//    (TOTP) software token MFA.
	//
	//    * SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via
	//    SMS.
	//
	//    * PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
	//    PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
	//
	//    * CUSTOM_CHALLENGE: This is returned if your custom authentication flow
	//    determines that the user should pass another challenge before tokens are
	//    issued.
	//
	//    * DEVICE_SRP_AUTH: If device tracking was activated in your user pool
	//    and the previous challenges were passed, this challenge is returned so
	//    that Amazon Cognito can start tracking this device.
	//
	//    * DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices
	//    only.
	//
	//    * ADMIN_NO_SRP_AUTH: This is returned if you must authenticate with USERNAME
	//    and PASSWORD directly. An app client must be enabled to use this flow.
	//
	//    * NEW_PASSWORD_REQUIRED: For users who are required to change their passwords
	//    after successful first login. Respond to this challenge with NEW_PASSWORD
	//    and any required attributes that Amazon Cognito returned in the requiredAttributes
	//    parameter. You can also set values for attributes that aren't required
	//    by your user pool and that your app client can write. For more information,
	//    see AdminRespondToAuthChallenge (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminRespondToAuthChallenge.html).
	//    In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required
	//    attribute that already has a value. In AdminRespondToAuthChallenge, set
	//    a value for any keys that Amazon Cognito returned in the requiredAttributes
	//    parameter, then use the AdminUpdateUserAttributes API operation to modify
	//    the value of any additional attributes.
	//
	//    * MFA_SETUP: For users who are required to set up an MFA factor before
	//    they can sign in. The MFA types activated for the user pool will be listed
	//    in the challenge parameters MFAS_CAN_SETUP value. To set up software token
	//    MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken,
	//    and use the session returned by VerifySoftwareToken as an input to RespondToAuthChallenge
	//    with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA,
	//    users will need help from an administrator to add a phone number to their
	//    account and then call InitiateAuth again to restart sign-in.
	ChallengeName *string `type:"string" enum:"ChallengeNameType"`

	// The challenge parameters. These are returned to you in the AdminInitiateAuth
	// response if you must pass another challenge. The responses in this parameter
	// should be used to compute inputs to the next call (AdminRespondToAuthChallenge).
	//
	// All challenges require USERNAME and SECRET_HASH (if applicable).
	//
	// The value of the USER_ID_FOR_SRP attribute is the user's actual username,
	// not an alias (such as email address or phone number), even if you specified
	// an alias in your call to AdminInitiateAuth. This happens because, in the
	// AdminRespondToAuthChallenge API ChallengeResponses, the USERNAME attribute
	// can't be an alias.
	ChallengeParameters map[string]*string `type:"map"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. If AdminInitiateAuth or AdminRespondToAuthChallenge API call
	// determines that the caller must pass another challenge, they return a session
	// with other challenge parameters. This session should be passed as it is to
	// the next AdminRespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminInitiateAuthOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

Initiates the authentication response, as an administrator.

func (AdminInitiateAuthOutput) GoString added in v1.2.10

func (s AdminInitiateAuthOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminInitiateAuthOutput) SetAuthenticationResult added in v1.5.0

SetAuthenticationResult sets the AuthenticationResult field's value.

func (*AdminInitiateAuthOutput) SetChallengeName added in v1.5.0

func (s *AdminInitiateAuthOutput) SetChallengeName(v string) *AdminInitiateAuthOutput

SetChallengeName sets the ChallengeName field's value.

func (*AdminInitiateAuthOutput) SetChallengeParameters added in v1.5.0

func (s *AdminInitiateAuthOutput) SetChallengeParameters(v map[string]*string) *AdminInitiateAuthOutput

SetChallengeParameters sets the ChallengeParameters field's value.

func (*AdminInitiateAuthOutput) SetSession added in v1.5.0

SetSession sets the Session field's value.

func (AdminInitiateAuthOutput) String added in v1.2.10

func (s AdminInitiateAuthOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminLinkProviderForUserInput added in v1.10.24

type AdminLinkProviderForUserInput struct {

	// The existing user in the user pool that you want to assign to the external
	// IdP user account. This user can be a local (Username + Password) Amazon Cognito
	// user pools user or a federated user (for example, a SAML or Facebook user).
	// If the user doesn't exist, Amazon Cognito generates an exception. Amazon
	// Cognito returns this user when the new user (with the linked IdP attribute)
	// signs in.
	//
	// For a native username + password user, the ProviderAttributeValue for the
	// DestinationUser should be the username in the user pool. For a federated
	// user, it should be the provider-specific user_id.
	//
	// The ProviderAttributeName of the DestinationUser is ignored.
	//
	// The ProviderName should be set to Cognito for users in Cognito user pools.
	//
	// All attributes in the DestinationUser profile must be mutable. If you have
	// assigned the user any immutable custom attributes, the operation won't succeed.
	//
	// DestinationUser is a required field
	DestinationUser *ProviderUserIdentifierType `type:"structure" required:"true"`

	// An external IdP account for a user who doesn't exist yet in the user pool.
	// This user must be a federated user (for example, a SAML or Facebook user),
	// not another native user.
	//
	// If the SourceUser is using a federated social IdP, such as Facebook, Google,
	// or Login with Amazon, you must set the ProviderAttributeName to Cognito_Subject.
	// For social IdPs, the ProviderName will be Facebook, Google, or LoginWithAmazon,
	// and Amazon Cognito will automatically parse the Facebook, Google, and Login
	// with Amazon tokens for id, sub, and user_id, respectively. The ProviderAttributeValue
	// for the user must be the same value as the id, sub, or user_id value found
	// in the social IdP token.
	//
	// For OIDC, the ProviderAttributeName can be any value that matches a claim
	// in the ID token, or that your app retrieves from the userInfo endpoint. You
	// must map the claim to a user pool attribute in your IdP configuration, and
	// set the user pool attribute name as the value of ProviderAttributeName in
	// your AdminLinkProviderForUser request.
	//
	// For SAML, the ProviderAttributeName can be any value that matches a claim
	// in the SAML assertion. To link SAML users based on the subject of the SAML
	// assertion, map the subject to a claim through the SAML IdP and set that claim
	// name as the value of ProviderAttributeName in your AdminLinkProviderForUser
	// request.
	//
	// For both OIDC and SAML users, when you set ProviderAttributeName to Cognito_Subject,
	// Amazon Cognito will automatically parse the default unique identifier found
	// in the subject from the IdP token.
	//
	// SourceUser is a required field
	SourceUser *ProviderUserIdentifierType `type:"structure" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AdminLinkProviderForUserInput) GoString added in v1.10.24

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminLinkProviderForUserInput) SetDestinationUser added in v1.10.24

SetDestinationUser sets the DestinationUser field's value.

func (*AdminLinkProviderForUserInput) SetSourceUser added in v1.10.24

SetSourceUser sets the SourceUser field's value.

func (*AdminLinkProviderForUserInput) SetUserPoolId added in v1.10.24

SetUserPoolId sets the UserPoolId field's value.

func (AdminLinkProviderForUserInput) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminLinkProviderForUserInput) Validate added in v1.10.24

func (s *AdminLinkProviderForUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminLinkProviderForUserOutput added in v1.10.24

type AdminLinkProviderForUserOutput struct {
	// contains filtered or unexported fields
}

func (AdminLinkProviderForUserOutput) GoString added in v1.10.24

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminLinkProviderForUserOutput) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminListDevicesInput added in v1.2.10

type AdminListDevicesInput struct {

	// The limit of the devices request.
	Limit *int64 `type:"integer"`

	// This API operation returns a limited number of results. The pagination token
	// is an identifier that you can present in an additional API request with the
	// same parameters. When you include the pagination token, Amazon Cognito returns
	// the next set of items after the current list. Subsequent requests return
	// a new pagination token. By use of this token, you can paginate through the
	// full list of items.
	PaginationToken *string `min:"1" type:"string"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminListDevicesInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to list devices, as an administrator.

func (AdminListDevicesInput) GoString added in v1.2.10

func (s AdminListDevicesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminListDevicesInput) SetLimit added in v1.5.0

SetLimit sets the Limit field's value.

func (*AdminListDevicesInput) SetPaginationToken added in v1.5.0

func (s *AdminListDevicesInput) SetPaginationToken(v string) *AdminListDevicesInput

SetPaginationToken sets the PaginationToken field's value.

func (*AdminListDevicesInput) SetUserPoolId added in v1.5.0

func (s *AdminListDevicesInput) SetUserPoolId(v string) *AdminListDevicesInput

SetUserPoolId sets the UserPoolId field's value.

func (*AdminListDevicesInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminListDevicesInput) String added in v1.2.10

func (s AdminListDevicesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminListDevicesInput) Validate added in v1.2.10

func (s *AdminListDevicesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminListDevicesOutput added in v1.2.10

type AdminListDevicesOutput struct {

	// The devices in the list of devices response.
	Devices []*DeviceType `type:"list"`

	// The identifier that Amazon Cognito returned with the previous request to
	// this operation. When you include a pagination token in your request, Amazon
	// Cognito returns the next set of items in the list. By use of this token,
	// you can paginate through the full list of items.
	PaginationToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Lists the device's response, as an administrator.

func (AdminListDevicesOutput) GoString added in v1.2.10

func (s AdminListDevicesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminListDevicesOutput) SetDevices added in v1.5.0

SetDevices sets the Devices field's value.

func (*AdminListDevicesOutput) SetPaginationToken added in v1.5.0

func (s *AdminListDevicesOutput) SetPaginationToken(v string) *AdminListDevicesOutput

SetPaginationToken sets the PaginationToken field's value.

func (AdminListDevicesOutput) String added in v1.2.10

func (s AdminListDevicesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminListGroupsForUserInput added in v1.6.4

type AdminListGroupsForUserInput struct {

	// The limit of the request to list groups.
	Limit *int64 `type:"integer"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminListGroupsForUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (AdminListGroupsForUserInput) GoString added in v1.6.4

func (s AdminListGroupsForUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminListGroupsForUserInput) SetLimit added in v1.6.4

SetLimit sets the Limit field's value.

func (*AdminListGroupsForUserInput) SetNextToken added in v1.6.4

SetNextToken sets the NextToken field's value.

func (*AdminListGroupsForUserInput) SetUserPoolId added in v1.6.4

SetUserPoolId sets the UserPoolId field's value.

func (*AdminListGroupsForUserInput) SetUsername added in v1.6.4

SetUsername sets the Username field's value.

func (AdminListGroupsForUserInput) String added in v1.6.4

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminListGroupsForUserInput) Validate added in v1.6.4

func (s *AdminListGroupsForUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminListGroupsForUserOutput added in v1.6.4

type AdminListGroupsForUserOutput struct {

	// The groups that the user belongs to.
	Groups []*GroupType `type:"list"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (AdminListGroupsForUserOutput) GoString added in v1.6.4

func (s AdminListGroupsForUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminListGroupsForUserOutput) SetGroups added in v1.6.4

SetGroups sets the Groups field's value.

func (*AdminListGroupsForUserOutput) SetNextToken added in v1.6.4

SetNextToken sets the NextToken field's value.

func (AdminListGroupsForUserOutput) String added in v1.6.4

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminListUserAuthEventsInput added in v1.12.35

type AdminListUserAuthEventsInput struct {

	// The maximum number of authentication events to return. Returns 60 events
	// if you set MaxResults to 0, or if you don't include a MaxResults parameter.
	MaxResults *int64 `type:"integer"`

	// A pagination token.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminListUserAuthEventsInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (AdminListUserAuthEventsInput) GoString added in v1.12.35

func (s AdminListUserAuthEventsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminListUserAuthEventsInput) SetMaxResults added in v1.12.35

SetMaxResults sets the MaxResults field's value.

func (*AdminListUserAuthEventsInput) SetNextToken added in v1.12.35

SetNextToken sets the NextToken field's value.

func (*AdminListUserAuthEventsInput) SetUserPoolId added in v1.12.35

SetUserPoolId sets the UserPoolId field's value.

func (*AdminListUserAuthEventsInput) SetUsername added in v1.12.35

SetUsername sets the Username field's value.

func (AdminListUserAuthEventsInput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminListUserAuthEventsInput) Validate added in v1.12.35

func (s *AdminListUserAuthEventsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminListUserAuthEventsOutput added in v1.12.35

type AdminListUserAuthEventsOutput struct {

	// The response object. It includes the EventID, EventType, CreationDate, EventRisk,
	// and EventResponse.
	AuthEvents []*AuthEventType `type:"list"`

	// A pagination token.
	NextToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (AdminListUserAuthEventsOutput) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminListUserAuthEventsOutput) SetAuthEvents added in v1.12.35

SetAuthEvents sets the AuthEvents field's value.

func (*AdminListUserAuthEventsOutput) SetNextToken added in v1.12.35

SetNextToken sets the NextToken field's value.

func (AdminListUserAuthEventsOutput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminRemoveUserFromGroupInput added in v1.6.4

type AdminRemoveUserFromGroupInput struct {

	// The group name.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminRemoveUserFromGroupInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (AdminRemoveUserFromGroupInput) GoString added in v1.6.4

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminRemoveUserFromGroupInput) SetGroupName added in v1.6.4

SetGroupName sets the GroupName field's value.

func (*AdminRemoveUserFromGroupInput) SetUserPoolId added in v1.6.4

SetUserPoolId sets the UserPoolId field's value.

func (*AdminRemoveUserFromGroupInput) SetUsername added in v1.6.4

SetUsername sets the Username field's value.

func (AdminRemoveUserFromGroupInput) String added in v1.6.4

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminRemoveUserFromGroupInput) Validate added in v1.6.4

func (s *AdminRemoveUserFromGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminRemoveUserFromGroupOutput added in v1.6.4

type AdminRemoveUserFromGroupOutput struct {
	// contains filtered or unexported fields
}

func (AdminRemoveUserFromGroupOutput) GoString added in v1.6.4

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminRemoveUserFromGroupOutput) String added in v1.6.4

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminResetUserPasswordInput

type AdminResetUserPasswordInput struct {

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the AdminResetUserPassword API action, Amazon Cognito invokes
	// the function that is assigned to the custom message trigger. When Amazon
	// Cognito invokes this function, it passes a JSON payload, which the function
	// receives as input. This payload contains a clientMetadata attribute, which
	// provides the data that you assigned to the ClientMetadata parameter in your
	// AdminResetUserPassword request. In your function code in Lambda, you can
	// process the clientMetadata value to enhance your workflow for your specific
	// needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The user pool ID for the user pool where you want to reset the user's password.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminResetUserPasswordInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to reset a user's password as an administrator.

func (AdminResetUserPasswordInput) GoString

func (s AdminResetUserPasswordInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminResetUserPasswordInput) SetClientMetadata added in v1.25.6

SetClientMetadata sets the ClientMetadata field's value.

func (*AdminResetUserPasswordInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (*AdminResetUserPasswordInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminResetUserPasswordInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminResetUserPasswordInput) Validate added in v1.1.21

func (s *AdminResetUserPasswordInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminResetUserPasswordOutput

type AdminResetUserPasswordOutput struct {
	// contains filtered or unexported fields
}

Represents the response from the server to reset a user password as an administrator.

func (AdminResetUserPasswordOutput) GoString

func (s AdminResetUserPasswordOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminResetUserPasswordOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminRespondToAuthChallengeInput added in v1.2.10

type AdminRespondToAuthChallengeInput struct {

	// The analytics metadata for collecting Amazon Pinpoint metrics for AdminRespondToAuthChallenge
	// calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The challenge name. For more information, see AdminInitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminInitiateAuth.html).
	//
	// ChallengeName is a required field
	ChallengeName *string `type:"string" required:"true" enum:"ChallengeNameType"`

	// The responses to the challenge that you received in the previous request.
	// Each challenge has its own required response parameters. The following examples
	// are partial JSON request bodies that highlight challenge-response parameters.
	//
	// You must provide a SECRET_HASH parameter in all challenge responses to an
	// app client that has a client secret.
	//
	// SMS_MFA
	//
	// "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]",
	// "USERNAME": "[username]"}
	//
	// PASSWORD_VERIFIER
	//
	// "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE":
	// "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP":
	// [timestamp], "USERNAME": "[username]"}
	//
	// Add "DEVICE_KEY" when you sign in with a remembered device.
	//
	// CUSTOM_CHALLENGE
	//
	// "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]",
	// "ANSWER": "[challenge_answer]"}
	//
	// Add "DEVICE_KEY" when you sign in with a remembered device.
	//
	// NEW_PASSWORD_REQUIRED
	//
	// "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD":
	// "[new_password]", "USERNAME": "[username]"}
	//
	// To set any required attributes that InitiateAuth returned in an requiredAttributes
	// parameter, add "userAttributes.[attribute_name]": "[attribute_value]". This
	// parameter can also set values for writable attributes that aren't required
	// by your user pool.
	//
	// In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required
	// attribute that already has a value. In RespondToAuthChallenge, set a value
	// for any keys that Amazon Cognito returned in the requiredAttributes parameter,
	// then use the UpdateUserAttributes API operation to modify the value of any
	// additional attributes.
	//
	// SOFTWARE_TOKEN_MFA
	//
	// "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME":
	// "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
	//
	// DEVICE_SRP_AUTH
	//
	// "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]",
	// "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
	//
	// DEVICE_PASSWORD_VERIFIER
	//
	// "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY":
	// "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK":
	// "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
	//
	// MFA_SETUP
	//
	// "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"},
	// "SESSION": "[Session ID from VerifySoftwareToken]"
	//
	// SELECT_MFA_TYPE
	//
	// "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]",
	// "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
	//
	// For more information about SECRET_HASH, see Computing secret hash values
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash).
	// For information about DEVICE_KEY, see Working with user devices in your user
	// pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).
	//
	// ChallengeResponses is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminRespondToAuthChallengeInput's
	// String and GoString methods.
	ChallengeResponses map[string]*string `type:"map" sensitive:"true"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminRespondToAuthChallengeInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the AdminRespondToAuthChallenge API action, Amazon Cognito invokes
	// any functions that you have assigned to the following triggers:
	//
	//    * pre sign-up
	//
	//    * custom message
	//
	//    * post authentication
	//
	//    * user migration
	//
	//    * pre token generation
	//
	//    * define auth challenge
	//
	//    * create auth challenge
	//
	//    * verify auth challenge response
	//
	// When Amazon Cognito invokes any of these functions, it passes a JSON payload,
	// which the function receives as input. This payload contains a clientMetadata
	// attribute that provides the data that you assigned to the ClientMetadata
	// parameter in your AdminRespondToAuthChallenge request. In your function code
	// in Lambda, you can process the clientMetadata value to enhance your workflow
	// for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	ContextData *ContextDataType `type:"structure"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. If an InitiateAuth or RespondToAuthChallenge API call determines
	// that the caller must pass another challenge, it returns a session with other
	// challenge parameters. This session should be passed as it is to the next
	// RespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminRespondToAuthChallengeInput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`

	// The ID of the Amazon Cognito user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

The request to respond to the authentication challenge, as an administrator.

func (AdminRespondToAuthChallengeInput) GoString added in v1.2.10

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminRespondToAuthChallengeInput) SetAnalyticsMetadata added in v1.12.35

SetAnalyticsMetadata sets the AnalyticsMetadata field's value.

func (*AdminRespondToAuthChallengeInput) SetChallengeName added in v1.5.0

SetChallengeName sets the ChallengeName field's value.

func (*AdminRespondToAuthChallengeInput) SetChallengeResponses added in v1.5.0

SetChallengeResponses sets the ChallengeResponses field's value.

func (*AdminRespondToAuthChallengeInput) SetClientId added in v1.5.0

SetClientId sets the ClientId field's value.

func (*AdminRespondToAuthChallengeInput) SetClientMetadata added in v1.25.6

SetClientMetadata sets the ClientMetadata field's value.

func (*AdminRespondToAuthChallengeInput) SetContextData added in v1.12.35

SetContextData sets the ContextData field's value.

func (*AdminRespondToAuthChallengeInput) SetSession added in v1.5.0

SetSession sets the Session field's value.

func (*AdminRespondToAuthChallengeInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (AdminRespondToAuthChallengeInput) String added in v1.2.10

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminRespondToAuthChallengeInput) Validate added in v1.2.10

Validate inspects the fields of the type to determine if they are valid.

type AdminRespondToAuthChallengeOutput added in v1.2.10

type AdminRespondToAuthChallengeOutput struct {

	// The result returned by the server in response to the authentication request.
	AuthenticationResult *AuthenticationResultType `type:"structure"`

	// The name of the challenge. For more information, see AdminInitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminInitiateAuth.html).
	ChallengeName *string `type:"string" enum:"ChallengeNameType"`

	// The challenge parameters. For more information, see AdminInitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminInitiateAuth.html).
	ChallengeParameters map[string]*string `type:"map"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. If the caller must pass another challenge, they return a session
	// with other challenge parameters. This session should be passed as it is to
	// the next RespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminRespondToAuthChallengeOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

Responds to the authentication challenge, as an administrator.

func (AdminRespondToAuthChallengeOutput) GoString added in v1.2.10

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminRespondToAuthChallengeOutput) SetAuthenticationResult added in v1.5.0

SetAuthenticationResult sets the AuthenticationResult field's value.

func (*AdminRespondToAuthChallengeOutput) SetChallengeName added in v1.5.0

SetChallengeName sets the ChallengeName field's value.

func (*AdminRespondToAuthChallengeOutput) SetChallengeParameters added in v1.5.0

SetChallengeParameters sets the ChallengeParameters field's value.

func (*AdminRespondToAuthChallengeOutput) SetSession added in v1.5.0

SetSession sets the Session field's value.

func (AdminRespondToAuthChallengeOutput) String added in v1.2.10

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminSetUserMFAPreferenceInput added in v1.12.35

type AdminSetUserMFAPreferenceInput struct {

	// The SMS text message MFA settings.
	SMSMfaSettings *SMSMfaSettingsType `type:"structure"`

	// The time-based one-time password software token MFA settings.
	SoftwareTokenMfaSettings *SoftwareTokenMfaSettingsType `type:"structure"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminSetUserMFAPreferenceInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (AdminSetUserMFAPreferenceInput) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminSetUserMFAPreferenceInput) SetSMSMfaSettings added in v1.12.35

SetSMSMfaSettings sets the SMSMfaSettings field's value.

func (*AdminSetUserMFAPreferenceInput) SetSoftwareTokenMfaSettings added in v1.12.35

SetSoftwareTokenMfaSettings sets the SoftwareTokenMfaSettings field's value.

func (*AdminSetUserMFAPreferenceInput) SetUserPoolId added in v1.12.35

SetUserPoolId sets the UserPoolId field's value.

func (*AdminSetUserMFAPreferenceInput) SetUsername added in v1.12.35

SetUsername sets the Username field's value.

func (AdminSetUserMFAPreferenceInput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminSetUserMFAPreferenceInput) Validate added in v1.12.35

func (s *AdminSetUserMFAPreferenceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminSetUserMFAPreferenceOutput added in v1.12.35

type AdminSetUserMFAPreferenceOutput struct {
	// contains filtered or unexported fields
}

func (AdminSetUserMFAPreferenceOutput) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminSetUserMFAPreferenceOutput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminSetUserPasswordInput added in v1.19.24

type AdminSetUserPasswordInput struct {

	// The password for the user.
	//
	// Password is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminSetUserPasswordInput's
	// String and GoString methods.
	//
	// Password is a required field
	Password *string `type:"string" required:"true" sensitive:"true"`

	// True if the password is permanent, False if it is temporary.
	Permanent *bool `type:"boolean"`

	// The user pool ID for the user pool where you want to set the user's password.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminSetUserPasswordInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (AdminSetUserPasswordInput) GoString added in v1.19.24

func (s AdminSetUserPasswordInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminSetUserPasswordInput) SetPassword added in v1.19.24

SetPassword sets the Password field's value.

func (*AdminSetUserPasswordInput) SetPermanent added in v1.19.24

SetPermanent sets the Permanent field's value.

func (*AdminSetUserPasswordInput) SetUserPoolId added in v1.19.24

SetUserPoolId sets the UserPoolId field's value.

func (*AdminSetUserPasswordInput) SetUsername added in v1.19.24

SetUsername sets the Username field's value.

func (AdminSetUserPasswordInput) String added in v1.19.24

func (s AdminSetUserPasswordInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminSetUserPasswordInput) Validate added in v1.19.24

func (s *AdminSetUserPasswordInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminSetUserPasswordOutput added in v1.19.24

type AdminSetUserPasswordOutput struct {
	// contains filtered or unexported fields
}

func (AdminSetUserPasswordOutput) GoString added in v1.19.24

func (s AdminSetUserPasswordOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminSetUserPasswordOutput) String added in v1.19.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminSetUserSettingsInput

type AdminSetUserSettingsInput struct {

	// You can use this parameter only to set an SMS configuration that uses SMS
	// for delivery.
	//
	// MFAOptions is a required field
	MFAOptions []*MFAOptionType `type:"list" required:"true"`

	// The ID of the user pool that contains the user whose options you're setting.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminSetUserSettingsInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

You can use this parameter to set an MFA configuration that uses the SMS delivery medium.

func (AdminSetUserSettingsInput) GoString

func (s AdminSetUserSettingsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminSetUserSettingsInput) SetMFAOptions added in v1.5.0

SetMFAOptions sets the MFAOptions field's value.

func (*AdminSetUserSettingsInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (*AdminSetUserSettingsInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminSetUserSettingsInput) String

func (s AdminSetUserSettingsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminSetUserSettingsInput) Validate added in v1.1.21

func (s *AdminSetUserSettingsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminSetUserSettingsOutput

type AdminSetUserSettingsOutput struct {
	// contains filtered or unexported fields
}

Represents the response from the server to set user settings as an administrator.

func (AdminSetUserSettingsOutput) GoString

func (s AdminSetUserSettingsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminSetUserSettingsOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminUpdateAuthEventFeedbackInput added in v1.12.35

type AdminUpdateAuthEventFeedbackInput struct {

	// The authentication event ID.
	//
	// EventId is a required field
	EventId *string `min:"1" type:"string" required:"true"`

	// The authentication event feedback value. When you provide a FeedbackValue
	// value of valid, you tell Amazon Cognito that you trust a user session where
	// Amazon Cognito has evaluated some level of risk. When you provide a FeedbackValue
	// value of invalid, you tell Amazon Cognito that you don't trust a user session,
	// or you don't believe that Amazon Cognito evaluated a high-enough risk level.
	//
	// FeedbackValue is a required field
	FeedbackValue *string `type:"string" required:"true" enum:"FeedbackValueType"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminUpdateAuthEventFeedbackInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (AdminUpdateAuthEventFeedbackInput) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminUpdateAuthEventFeedbackInput) SetEventId added in v1.12.35

SetEventId sets the EventId field's value.

func (*AdminUpdateAuthEventFeedbackInput) SetFeedbackValue added in v1.12.35

SetFeedbackValue sets the FeedbackValue field's value.

func (*AdminUpdateAuthEventFeedbackInput) SetUserPoolId added in v1.12.35

SetUserPoolId sets the UserPoolId field's value.

func (*AdminUpdateAuthEventFeedbackInput) SetUsername added in v1.12.35

SetUsername sets the Username field's value.

func (AdminUpdateAuthEventFeedbackInput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminUpdateAuthEventFeedbackInput) Validate added in v1.12.35

Validate inspects the fields of the type to determine if they are valid.

type AdminUpdateAuthEventFeedbackOutput added in v1.12.35

type AdminUpdateAuthEventFeedbackOutput struct {
	// contains filtered or unexported fields
}

func (AdminUpdateAuthEventFeedbackOutput) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminUpdateAuthEventFeedbackOutput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminUpdateDeviceStatusInput added in v1.2.10

type AdminUpdateDeviceStatusInput struct {

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`

	// The status indicating whether a device has been remembered or not.
	DeviceRememberedStatus *string `type:"string" enum:"DeviceRememberedStatusType"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminUpdateDeviceStatusInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

The request to update the device status, as an administrator.

func (AdminUpdateDeviceStatusInput) GoString added in v1.2.10

func (s AdminUpdateDeviceStatusInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminUpdateDeviceStatusInput) SetDeviceKey added in v1.5.0

SetDeviceKey sets the DeviceKey field's value.

func (*AdminUpdateDeviceStatusInput) SetDeviceRememberedStatus added in v1.5.0

func (s *AdminUpdateDeviceStatusInput) SetDeviceRememberedStatus(v string) *AdminUpdateDeviceStatusInput

SetDeviceRememberedStatus sets the DeviceRememberedStatus field's value.

func (*AdminUpdateDeviceStatusInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (*AdminUpdateDeviceStatusInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminUpdateDeviceStatusInput) String added in v1.2.10

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminUpdateDeviceStatusInput) Validate added in v1.2.10

func (s *AdminUpdateDeviceStatusInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminUpdateDeviceStatusOutput added in v1.2.10

type AdminUpdateDeviceStatusOutput struct {
	// contains filtered or unexported fields
}

The status response to the request to update the device, as an administrator.

func (AdminUpdateDeviceStatusOutput) GoString added in v1.2.10

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminUpdateDeviceStatusOutput) String added in v1.2.10

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminUpdateUserAttributesInput

type AdminUpdateUserAttributesInput struct {

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the AdminUpdateUserAttributes API action, Amazon Cognito invokes
	// the function that is assigned to the custom message trigger. When Amazon
	// Cognito invokes this function, it passes a JSON payload, which the function
	// receives as input. This payload contains a clientMetadata attribute, which
	// provides the data that you assigned to the ClientMetadata parameter in your
	// AdminUpdateUserAttributes request. In your function code in Lambda, you can
	// process the clientMetadata value to enhance your workflow for your specific
	// needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// An array of name-value pairs representing user attributes.
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	//
	// If your user pool requires verification before Amazon Cognito updates an
	// attribute value that you specify in this request, Amazon Cognito doesn’t
	// immediately update the value of that attribute. After your user receives
	// and responds to a verification message to verify the new value, Amazon Cognito
	// updates the attribute value. Your user can sign in and receive messages with
	// the original attribute value until they verify the new value.
	//
	// To update the value of an attribute that requires verification in the same
	// API request, include the email_verified or phone_number_verified attribute,
	// with a value of true. If you set the email_verified or phone_number_verified
	// value for an email or phone_number attribute that requires verification to
	// true, Amazon Cognito doesn’t send a verification message to your user.
	//
	// UserAttributes is a required field
	UserAttributes []*AttributeType `type:"list" required:"true"`

	// The user pool ID for the user pool where you want to update user attributes.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminUpdateUserAttributesInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to update the user's attributes as an administrator.

func (AdminUpdateUserAttributesInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminUpdateUserAttributesInput) SetClientMetadata added in v1.25.6

SetClientMetadata sets the ClientMetadata field's value.

func (*AdminUpdateUserAttributesInput) SetUserAttributes added in v1.5.0

SetUserAttributes sets the UserAttributes field's value.

func (*AdminUpdateUserAttributesInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (*AdminUpdateUserAttributesInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminUpdateUserAttributesInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminUpdateUserAttributesInput) Validate added in v1.1.21

func (s *AdminUpdateUserAttributesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminUpdateUserAttributesOutput

type AdminUpdateUserAttributesOutput struct {
	// contains filtered or unexported fields
}

Represents the response from the server for the request to update user attributes as an administrator.

func (AdminUpdateUserAttributesOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminUpdateUserAttributesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AdminUserGlobalSignOutInput added in v1.2.10

type AdminUserGlobalSignOutInput struct {

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminUserGlobalSignOutInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

The request to sign out of all devices, as an administrator.

func (AdminUserGlobalSignOutInput) GoString added in v1.2.10

func (s AdminUserGlobalSignOutInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminUserGlobalSignOutInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (*AdminUserGlobalSignOutInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (AdminUserGlobalSignOutInput) String added in v1.2.10

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AdminUserGlobalSignOutInput) Validate added in v1.2.10

func (s *AdminUserGlobalSignOutInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AdminUserGlobalSignOutOutput added in v1.2.10

type AdminUserGlobalSignOutOutput struct {
	// contains filtered or unexported fields
}

The global sign-out response, as an administrator.

func (AdminUserGlobalSignOutOutput) GoString added in v1.2.10

func (s AdminUserGlobalSignOutOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AdminUserGlobalSignOutOutput) String added in v1.2.10

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AliasExistsException added in v1.28.0

type AliasExistsException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message that Amazon Cognito sends to the user when the value of an alias
	// attribute is already linked to another user profile.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

func (*AliasExistsException) Code added in v1.28.0

func (s *AliasExistsException) Code() string

Code returns the exception type name.

func (*AliasExistsException) Error added in v1.28.0

func (s *AliasExistsException) Error() string

func (AliasExistsException) GoString added in v1.28.0

func (s AliasExistsException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AliasExistsException) Message added in v1.28.0

func (s *AliasExistsException) Message() string

Message returns the exception's message.

func (*AliasExistsException) OrigErr added in v1.28.0

func (s *AliasExistsException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AliasExistsException) RequestID added in v1.28.0

func (s *AliasExistsException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AliasExistsException) StatusCode added in v1.28.0

func (s *AliasExistsException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AliasExistsException) String added in v1.28.0

func (s AliasExistsException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AnalyticsConfigurationType added in v1.12.35

type AnalyticsConfigurationType struct {

	// The Amazon Resource Name (ARN) of an Amazon Pinpoint project. You can use
	// the Amazon Pinpoint project to integrate with the chosen user pool Client.
	// Amazon Cognito publishes events to the Amazon Pinpoint project that the app
	// ARN declares.
	ApplicationArn *string `min:"20" type:"string"`

	// The application ID for an Amazon Pinpoint application.
	ApplicationId *string `type:"string"`

	// The external ID.
	ExternalId *string `type:"string"`

	// The ARN of an Identity and Access Management role that authorizes Amazon
	// Cognito to publish events to Amazon Pinpoint analytics.
	RoleArn *string `min:"20" type:"string"`

	// If UserDataShared is true, Amazon Cognito includes user data in the events
	// that it publishes to Amazon Pinpoint analytics.
	UserDataShared *bool `type:"boolean"`
	// contains filtered or unexported fields
}

The Amazon Pinpoint analytics configuration necessary to collect metrics for a user pool.

In Regions where Amazon Pinpoint isn't available, user pools only support sending events to Amazon Pinpoint projects in us-east-1. In Regions where Amazon Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same Region.

func (AnalyticsConfigurationType) GoString added in v1.12.35

func (s AnalyticsConfigurationType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AnalyticsConfigurationType) SetApplicationArn added in v1.34.7

SetApplicationArn sets the ApplicationArn field's value.

func (*AnalyticsConfigurationType) SetApplicationId added in v1.12.35

SetApplicationId sets the ApplicationId field's value.

func (*AnalyticsConfigurationType) SetExternalId added in v1.12.35

SetExternalId sets the ExternalId field's value.

func (*AnalyticsConfigurationType) SetRoleArn added in v1.12.35

SetRoleArn sets the RoleArn field's value.

func (*AnalyticsConfigurationType) SetUserDataShared added in v1.12.35

SetUserDataShared sets the UserDataShared field's value.

func (AnalyticsConfigurationType) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AnalyticsConfigurationType) Validate added in v1.12.35

func (s *AnalyticsConfigurationType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AnalyticsMetadataType added in v1.12.35

type AnalyticsMetadataType struct {

	// The endpoint ID.
	AnalyticsEndpointId *string `type:"string"`
	// contains filtered or unexported fields
}

An Amazon Pinpoint analytics endpoint.

An endpoint uniquely identifies a mobile device, email address, or phone number that can receive messages from Amazon Pinpoint analytics. For more information about Amazon Web Services Regions that can contain Amazon Pinpoint resources for use with Amazon Cognito user pools, see Using Amazon Pinpoint analytics with Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html).

func (AnalyticsMetadataType) GoString added in v1.12.35

func (s AnalyticsMetadataType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AnalyticsMetadataType) SetAnalyticsEndpointId added in v1.12.35

func (s *AnalyticsMetadataType) SetAnalyticsEndpointId(v string) *AnalyticsMetadataType

SetAnalyticsEndpointId sets the AnalyticsEndpointId field's value.

func (AnalyticsMetadataType) String added in v1.12.35

func (s AnalyticsMetadataType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AssociateSoftwareTokenInput added in v1.12.35

type AssociateSoftwareTokenInput struct {

	// A valid access token that Amazon Cognito issued to the user whose software
	// token you want to generate.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AssociateSoftwareTokenInput's
	// String and GoString methods.
	AccessToken *string `type:"string" sensitive:"true"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. This allows authentication of the user as part of the MFA setup
	// process.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AssociateSoftwareTokenInput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

func (AssociateSoftwareTokenInput) GoString added in v1.12.35

func (s AssociateSoftwareTokenInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AssociateSoftwareTokenInput) SetAccessToken added in v1.12.35

SetAccessToken sets the AccessToken field's value.

func (*AssociateSoftwareTokenInput) SetSession added in v1.12.35

SetSession sets the Session field's value.

func (AssociateSoftwareTokenInput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AssociateSoftwareTokenInput) Validate added in v1.12.35

func (s *AssociateSoftwareTokenInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AssociateSoftwareTokenOutput added in v1.12.35

type AssociateSoftwareTokenOutput struct {

	// A unique generated shared secret code that is used in the TOTP algorithm
	// to generate a one-time code.
	//
	// SecretCode is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AssociateSoftwareTokenOutput's
	// String and GoString methods.
	SecretCode *string `min:"16" type:"string" sensitive:"true"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. This allows authentication of the user as part of the MFA setup
	// process.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AssociateSoftwareTokenOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

func (AssociateSoftwareTokenOutput) GoString added in v1.12.35

func (s AssociateSoftwareTokenOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AssociateSoftwareTokenOutput) SetSecretCode added in v1.12.35

SetSecretCode sets the SecretCode field's value.

func (*AssociateSoftwareTokenOutput) SetSession added in v1.12.35

SetSession sets the Session field's value.

func (AssociateSoftwareTokenOutput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AttributeType

type AttributeType struct {

	// The name of the attribute.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// The value of the attribute.
	//
	// Value is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AttributeType's
	// String and GoString methods.
	Value *string `type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

Specifies whether the attribute is standard or custom.

func (AttributeType) GoString

func (s AttributeType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttributeType) SetName added in v1.5.0

func (s *AttributeType) SetName(v string) *AttributeType

SetName sets the Name field's value.

func (*AttributeType) SetValue added in v1.5.0

func (s *AttributeType) SetValue(v string) *AttributeType

SetValue sets the Value field's value.

func (AttributeType) String

func (s AttributeType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttributeType) Validate added in v1.1.21

func (s *AttributeType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AuthEventType added in v1.12.35

type AuthEventType struct {

	// The challenge responses.
	ChallengeResponses []*ChallengeResponseType `type:"list"`

	// The date and time when the item was created. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	CreationDate *time.Time `type:"timestamp"`

	// The user context data captured at the time of an event request. This value
	// provides additional information about the client from which event the request
	// is received.
	EventContextData *EventContextDataType `type:"structure"`

	// A flag specifying the user feedback captured at the time of an event request
	// is good or bad.
	EventFeedback *EventFeedbackType `type:"structure"`

	// The event ID.
	EventId *string `type:"string"`

	// The event response.
	EventResponse *string `type:"string" enum:"EventResponseType"`

	// The event risk.
	EventRisk *EventRiskType `type:"structure"`

	// The event type.
	EventType *string `type:"string" enum:"EventType"`
	// contains filtered or unexported fields
}

The authentication event type.

func (AuthEventType) GoString added in v1.12.35

func (s AuthEventType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AuthEventType) SetChallengeResponses added in v1.12.35

func (s *AuthEventType) SetChallengeResponses(v []*ChallengeResponseType) *AuthEventType

SetChallengeResponses sets the ChallengeResponses field's value.

func (*AuthEventType) SetCreationDate added in v1.12.35

func (s *AuthEventType) SetCreationDate(v time.Time) *AuthEventType

SetCreationDate sets the CreationDate field's value.

func (*AuthEventType) SetEventContextData added in v1.12.35

func (s *AuthEventType) SetEventContextData(v *EventContextDataType) *AuthEventType

SetEventContextData sets the EventContextData field's value.

func (*AuthEventType) SetEventFeedback added in v1.12.35

func (s *AuthEventType) SetEventFeedback(v *EventFeedbackType) *AuthEventType

SetEventFeedback sets the EventFeedback field's value.

func (*AuthEventType) SetEventId added in v1.12.35

func (s *AuthEventType) SetEventId(v string) *AuthEventType

SetEventId sets the EventId field's value.

func (*AuthEventType) SetEventResponse added in v1.12.35

func (s *AuthEventType) SetEventResponse(v string) *AuthEventType

SetEventResponse sets the EventResponse field's value.

func (*AuthEventType) SetEventRisk added in v1.12.35

func (s *AuthEventType) SetEventRisk(v *EventRiskType) *AuthEventType

SetEventRisk sets the EventRisk field's value.

func (*AuthEventType) SetEventType added in v1.12.35

func (s *AuthEventType) SetEventType(v string) *AuthEventType

SetEventType sets the EventType field's value.

func (AuthEventType) String added in v1.12.35

func (s AuthEventType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AuthenticationResultType added in v1.2.10

type AuthenticationResultType struct {

	// A valid access token that Amazon Cognito issued to the user who you want
	// to authenticate.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AuthenticationResultType's
	// String and GoString methods.
	AccessToken *string `type:"string" sensitive:"true"`

	// The expiration period of the authentication result in seconds.
	ExpiresIn *int64 `type:"integer"`

	// The ID token.
	//
	// IdToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AuthenticationResultType's
	// String and GoString methods.
	IdToken *string `type:"string" sensitive:"true"`

	// The new device metadata from an authentication result.
	NewDeviceMetadata *NewDeviceMetadataType `type:"structure"`

	// The refresh token.
	//
	// RefreshToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AuthenticationResultType's
	// String and GoString methods.
	RefreshToken *string `type:"string" sensitive:"true"`

	// The token type.
	TokenType *string `type:"string"`
	// contains filtered or unexported fields
}

The authentication result.

func (AuthenticationResultType) GoString added in v1.2.10

func (s AuthenticationResultType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AuthenticationResultType) SetAccessToken added in v1.5.0

SetAccessToken sets the AccessToken field's value.

func (*AuthenticationResultType) SetExpiresIn added in v1.5.0

SetExpiresIn sets the ExpiresIn field's value.

func (*AuthenticationResultType) SetIdToken added in v1.5.0

SetIdToken sets the IdToken field's value.

func (*AuthenticationResultType) SetNewDeviceMetadata added in v1.5.0

SetNewDeviceMetadata sets the NewDeviceMetadata field's value.

func (*AuthenticationResultType) SetRefreshToken added in v1.5.0

SetRefreshToken sets the RefreshToken field's value.

func (*AuthenticationResultType) SetTokenType added in v1.5.0

SetTokenType sets the TokenType field's value.

func (AuthenticationResultType) String added in v1.2.10

func (s AuthenticationResultType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ChallengeResponseType added in v1.12.35

type ChallengeResponseType struct {

	// The challenge name.
	ChallengeName *string `type:"string" enum:"ChallengeName"`

	// The challenge response.
	ChallengeResponse *string `type:"string" enum:"ChallengeResponse"`
	// contains filtered or unexported fields
}

The challenge response type.

func (ChallengeResponseType) GoString added in v1.12.35

func (s ChallengeResponseType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ChallengeResponseType) SetChallengeName added in v1.12.35

func (s *ChallengeResponseType) SetChallengeName(v string) *ChallengeResponseType

SetChallengeName sets the ChallengeName field's value.

func (*ChallengeResponseType) SetChallengeResponse added in v1.12.35

func (s *ChallengeResponseType) SetChallengeResponse(v string) *ChallengeResponseType

SetChallengeResponse sets the ChallengeResponse field's value.

func (ChallengeResponseType) String added in v1.12.35

func (s ChallengeResponseType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ChangePasswordInput

type ChangePasswordInput struct {

	// A valid access token that Amazon Cognito issued to the user whose password
	// you want to change.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ChangePasswordInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The old password.
	//
	// PreviousPassword is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ChangePasswordInput's
	// String and GoString methods.
	//
	// PreviousPassword is a required field
	PreviousPassword *string `type:"string" required:"true" sensitive:"true"`

	// The new password.
	//
	// ProposedPassword is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ChangePasswordInput's
	// String and GoString methods.
	//
	// ProposedPassword is a required field
	ProposedPassword *string `type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to change a user password.

func (ChangePasswordInput) GoString

func (s ChangePasswordInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ChangePasswordInput) SetAccessToken added in v1.5.0

func (s *ChangePasswordInput) SetAccessToken(v string) *ChangePasswordInput

SetAccessToken sets the AccessToken field's value.

func (*ChangePasswordInput) SetPreviousPassword added in v1.5.0

func (s *ChangePasswordInput) SetPreviousPassword(v string) *ChangePasswordInput

SetPreviousPassword sets the PreviousPassword field's value.

func (*ChangePasswordInput) SetProposedPassword added in v1.5.0

func (s *ChangePasswordInput) SetProposedPassword(v string) *ChangePasswordInput

SetProposedPassword sets the ProposedPassword field's value.

func (ChangePasswordInput) String

func (s ChangePasswordInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ChangePasswordInput) Validate added in v1.1.21

func (s *ChangePasswordInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ChangePasswordOutput

type ChangePasswordOutput struct {
	// contains filtered or unexported fields
}

The response from the server to the change password request.

func (ChangePasswordOutput) GoString

func (s ChangePasswordOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (ChangePasswordOutput) String

func (s ChangePasswordOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CloudWatchLogsConfigurationType added in v1.44.315

type CloudWatchLogsConfigurationType struct {

	// The Amazon Resource Name (arn) of a CloudWatch Logs log group where your
	// user pool sends logs. The log group must not be encrypted with Key Management
	// Service and must be in the same Amazon Web Services account as your user
	// pool.
	//
	// To send logs to log groups with a resource policy of a size greater than
	// 5120 characters, configure a log group with a path that starts with /aws/vendedlogs.
	// For more information, see Enabling logging from certain Amazon Web Services
	// services (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html).
	LogGroupArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

The CloudWatch logging destination of a user pool detailed activity logging configuration.

func (CloudWatchLogsConfigurationType) GoString added in v1.44.315

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CloudWatchLogsConfigurationType) SetLogGroupArn added in v1.44.315

SetLogGroupArn sets the LogGroupArn field's value.

func (CloudWatchLogsConfigurationType) String added in v1.44.315

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CloudWatchLogsConfigurationType) Validate added in v1.44.315

func (s *CloudWatchLogsConfigurationType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CodeDeliveryDetailsType

type CodeDeliveryDetailsType struct {

	// The name of the attribute that Amazon Cognito verifies with the code.
	AttributeName *string `min:"1" type:"string"`

	// The method that Amazon Cognito used to send the code.
	DeliveryMedium *string `type:"string" enum:"DeliveryMediumType"`

	// The email address or phone number destination where Amazon Cognito sent the
	// code.
	Destination *string `type:"string"`
	// contains filtered or unexported fields
}

The delivery details for an email or SMS message that Amazon Cognito sent for authentication or verification.

func (CodeDeliveryDetailsType) GoString

func (s CodeDeliveryDetailsType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CodeDeliveryDetailsType) SetAttributeName added in v1.5.0

func (s *CodeDeliveryDetailsType) SetAttributeName(v string) *CodeDeliveryDetailsType

SetAttributeName sets the AttributeName field's value.

func (*CodeDeliveryDetailsType) SetDeliveryMedium added in v1.5.0

func (s *CodeDeliveryDetailsType) SetDeliveryMedium(v string) *CodeDeliveryDetailsType

SetDeliveryMedium sets the DeliveryMedium field's value.

func (*CodeDeliveryDetailsType) SetDestination added in v1.5.0

SetDestination sets the Destination field's value.

func (CodeDeliveryDetailsType) String

func (s CodeDeliveryDetailsType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CodeDeliveryFailureException added in v1.28.0

type CodeDeliveryFailureException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message sent when a verification code fails to deliver successfully.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when a verification code fails to deliver successfully.

func (*CodeDeliveryFailureException) Code added in v1.28.0

Code returns the exception type name.

func (*CodeDeliveryFailureException) Error added in v1.28.0

func (CodeDeliveryFailureException) GoString added in v1.28.0

func (s CodeDeliveryFailureException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CodeDeliveryFailureException) Message added in v1.28.0

func (s *CodeDeliveryFailureException) Message() string

Message returns the exception's message.

func (*CodeDeliveryFailureException) OrigErr added in v1.28.0

func (s *CodeDeliveryFailureException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*CodeDeliveryFailureException) RequestID added in v1.28.0

func (s *CodeDeliveryFailureException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*CodeDeliveryFailureException) StatusCode added in v1.28.0

func (s *CodeDeliveryFailureException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (CodeDeliveryFailureException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CodeMismatchException added in v1.28.0

type CodeMismatchException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message provided when the code mismatch exception is thrown.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown if the provided code doesn't match what the server was expecting.

func (*CodeMismatchException) Code added in v1.28.0

func (s *CodeMismatchException) Code() string

Code returns the exception type name.

func (*CodeMismatchException) Error added in v1.28.0

func (s *CodeMismatchException) Error() string

func (CodeMismatchException) GoString added in v1.28.0

func (s CodeMismatchException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CodeMismatchException) Message added in v1.28.0

func (s *CodeMismatchException) Message() string

Message returns the exception's message.

func (*CodeMismatchException) OrigErr added in v1.28.0

func (s *CodeMismatchException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*CodeMismatchException) RequestID added in v1.28.0

func (s *CodeMismatchException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*CodeMismatchException) StatusCode added in v1.28.0

func (s *CodeMismatchException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (CodeMismatchException) String added in v1.28.0

func (s CodeMismatchException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CognitoIdentityProvider

type CognitoIdentityProvider struct {
	*client.Client
}

CognitoIdentityProvider provides the API operation methods for making requests to Amazon Cognito Identity Provider. See this package's package overview docs for details on the service.

CognitoIdentityProvider methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New

New creates a new instance of the CognitoIdentityProvider client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.

Example:

mySession := session.Must(session.NewSession())

// Create a CognitoIdentityProvider client from just a session.
svc := cognitoidentityprovider.New(mySession)

// Create a CognitoIdentityProvider client with additional configuration
svc := cognitoidentityprovider.New(mySession, aws.NewConfig().WithRegion("us-west-2"))

func (*CognitoIdentityProvider) AddCustomAttributes

AddCustomAttributes API operation for Amazon Cognito Identity Provider.

Adds additional user attributes to the user pool schema.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AddCustomAttributes for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserImportInProgressException This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AddCustomAttributes

func (*CognitoIdentityProvider) AddCustomAttributesRequest

func (c *CognitoIdentityProvider) AddCustomAttributesRequest(input *AddCustomAttributesInput) (req *request.Request, output *AddCustomAttributesOutput)

AddCustomAttributesRequest generates a "aws/request.Request" representing the client's request for the AddCustomAttributes operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AddCustomAttributes for more information on using the AddCustomAttributes API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AddCustomAttributesRequest method.
req, resp := client.AddCustomAttributesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AddCustomAttributes

func (*CognitoIdentityProvider) AddCustomAttributesWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AddCustomAttributesWithContext(ctx aws.Context, input *AddCustomAttributesInput, opts ...request.Option) (*AddCustomAttributesOutput, error)

AddCustomAttributesWithContext is the same as AddCustomAttributes with the addition of the ability to pass a context and additional request options.

See AddCustomAttributes for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminAddUserToGroup added in v1.6.4

AdminAddUserToGroup API operation for Amazon Cognito Identity Provider.

Adds a user to a group. A user who is in a group can present a preferred-role claim to an identity pool, and populates a cognito:groups claim to their access and identity tokens.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminAddUserToGroup for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminAddUserToGroup

func (*CognitoIdentityProvider) AdminAddUserToGroupRequest added in v1.6.4

func (c *CognitoIdentityProvider) AdminAddUserToGroupRequest(input *AdminAddUserToGroupInput) (req *request.Request, output *AdminAddUserToGroupOutput)

AdminAddUserToGroupRequest generates a "aws/request.Request" representing the client's request for the AdminAddUserToGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminAddUserToGroup for more information on using the AdminAddUserToGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminAddUserToGroupRequest method.
req, resp := client.AdminAddUserToGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminAddUserToGroup

func (*CognitoIdentityProvider) AdminAddUserToGroupWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminAddUserToGroupWithContext(ctx aws.Context, input *AdminAddUserToGroupInput, opts ...request.Option) (*AdminAddUserToGroupOutput, error)

AdminAddUserToGroupWithContext is the same as AdminAddUserToGroup with the addition of the ability to pass a context and additional request options.

See AdminAddUserToGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminConfirmSignUp

AdminConfirmSignUp API operation for Amazon Cognito Identity Provider.

This IAM-authenticated API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.

Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users confirm their accounts when they respond to their invitation email message and choose a password.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminConfirmSignUp for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyFailedAttemptsException This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminConfirmSignUp

func (*CognitoIdentityProvider) AdminConfirmSignUpRequest

func (c *CognitoIdentityProvider) AdminConfirmSignUpRequest(input *AdminConfirmSignUpInput) (req *request.Request, output *AdminConfirmSignUpOutput)

AdminConfirmSignUpRequest generates a "aws/request.Request" representing the client's request for the AdminConfirmSignUp operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminConfirmSignUp for more information on using the AdminConfirmSignUp API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminConfirmSignUpRequest method.
req, resp := client.AdminConfirmSignUpRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminConfirmSignUp

func (*CognitoIdentityProvider) AdminConfirmSignUpWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminConfirmSignUpWithContext(ctx aws.Context, input *AdminConfirmSignUpInput, opts ...request.Option) (*AdminConfirmSignUpOutput, error)

AdminConfirmSignUpWithContext is the same as AdminConfirmSignUp with the addition of the ability to pass a context and additional request options.

See AdminConfirmSignUp for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminCreateUser added in v1.4.15

AdminCreateUser API operation for Amazon Cognito Identity Provider.

Creates a new user in the specified user pool.

If MessageAction isn't set, the default is to send a welcome message via email or phone (SMS).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.

Alternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction parameter, and Amazon Cognito won't send any email.

In either case, the user will be in the FORCE_CHANGE_PASSWORD state until they sign in and change their password.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminCreateUser for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UsernameExistsException This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.

  • InvalidPasswordException This exception is thrown when Amazon Cognito encounters an invalid password.

  • CodeDeliveryFailureException This exception is thrown when a verification code fails to deliver successfully.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • PreconditionNotMetException This exception is thrown when a precondition is not met.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UnsupportedUserStateException The request failed because the user is in an unsupported state.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminCreateUser

Example (Shared00)

An AdminCreateUser request for for a test user named John. This request submits a value for all possible parameters for AdminCreateUser.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
)

func main() {
	svc := cognitoidentityprovider.New(session.New())
	input := &cognitoidentityprovider.AdminCreateUserInput{
		DesiredDeliveryMediums: []*string{
			aws.String("SMS"),
		},
		MessageAction:     aws.String("SUPPRESS"),
		TemporaryPassword: aws.String("This-is-my-test-99!"),
		UserAttributes: []*cognitoidentityprovider.AttributeType{
			{
				Name:  aws.String("name"),
				Value: aws.String("John"),
			},
			{
				Name:  aws.String("phone_number"),
				Value: aws.String("+12065551212"),
			},
			{
				Name:  aws.String("email"),
				Value: aws.String("testuser@example.com"),
			},
		},
		UserPoolId: aws.String("us-east-1_EXAMPLE"),
		Username:   aws.String("testuser"),
	}

	result, err := svc.AdminCreateUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case cognitoidentityprovider.ErrCodeResourceNotFoundException:
				fmt.Println(cognitoidentityprovider.ErrCodeResourceNotFoundException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidParameterException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error())
			case cognitoidentityprovider.ErrCodeUserNotFoundException:
				fmt.Println(cognitoidentityprovider.ErrCodeUserNotFoundException, aerr.Error())
			case cognitoidentityprovider.ErrCodeUsernameExistsException:
				fmt.Println(cognitoidentityprovider.ErrCodeUsernameExistsException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidPasswordException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidPasswordException, aerr.Error())
			case cognitoidentityprovider.ErrCodeCodeDeliveryFailureException:
				fmt.Println(cognitoidentityprovider.ErrCodeCodeDeliveryFailureException, aerr.Error())
			case cognitoidentityprovider.ErrCodeUnexpectedLambdaException:
				fmt.Println(cognitoidentityprovider.ErrCodeUnexpectedLambdaException, aerr.Error())
			case cognitoidentityprovider.ErrCodeUserLambdaValidationException:
				fmt.Println(cognitoidentityprovider.ErrCodeUserLambdaValidationException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidLambdaResponseException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidLambdaResponseException, aerr.Error())
			case cognitoidentityprovider.ErrCodePreconditionNotMetException:
				fmt.Println(cognitoidentityprovider.ErrCodePreconditionNotMetException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException, aerr.Error())
			case cognitoidentityprovider.ErrCodeTooManyRequestsException:
				fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error())
			case cognitoidentityprovider.ErrCodeNotAuthorizedException:
				fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error())
			case cognitoidentityprovider.ErrCodeUnsupportedUserStateException:
				fmt.Println(cognitoidentityprovider.ErrCodeUnsupportedUserStateException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInternalErrorException:
				fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*CognitoIdentityProvider) AdminCreateUserRequest added in v1.4.15

func (c *CognitoIdentityProvider) AdminCreateUserRequest(input *AdminCreateUserInput) (req *request.Request, output *AdminCreateUserOutput)

AdminCreateUserRequest generates a "aws/request.Request" representing the client's request for the AdminCreateUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminCreateUser for more information on using the AdminCreateUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminCreateUserRequest method.
req, resp := client.AdminCreateUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminCreateUser

func (*CognitoIdentityProvider) AdminCreateUserWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminCreateUserWithContext(ctx aws.Context, input *AdminCreateUserInput, opts ...request.Option) (*AdminCreateUserOutput, error)

AdminCreateUserWithContext is the same as AdminCreateUser with the addition of the ability to pass a context and additional request options.

See AdminCreateUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminDeleteUser

AdminDeleteUser API operation for Amazon Cognito Identity Provider.

Deletes a user as an administrator. Works on any user.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminDeleteUser for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDeleteUser

func (*CognitoIdentityProvider) AdminDeleteUserAttributes

AdminDeleteUserAttributes API operation for Amazon Cognito Identity Provider.

Deletes the user attributes in a user pool as an administrator. Works on any user.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminDeleteUserAttributes for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDeleteUserAttributes

func (*CognitoIdentityProvider) AdminDeleteUserAttributesRequest

func (c *CognitoIdentityProvider) AdminDeleteUserAttributesRequest(input *AdminDeleteUserAttributesInput) (req *request.Request, output *AdminDeleteUserAttributesOutput)

AdminDeleteUserAttributesRequest generates a "aws/request.Request" representing the client's request for the AdminDeleteUserAttributes operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminDeleteUserAttributes for more information on using the AdminDeleteUserAttributes API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminDeleteUserAttributesRequest method.
req, resp := client.AdminDeleteUserAttributesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDeleteUserAttributes

func (*CognitoIdentityProvider) AdminDeleteUserAttributesWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminDeleteUserAttributesWithContext(ctx aws.Context, input *AdminDeleteUserAttributesInput, opts ...request.Option) (*AdminDeleteUserAttributesOutput, error)

AdminDeleteUserAttributesWithContext is the same as AdminDeleteUserAttributes with the addition of the ability to pass a context and additional request options.

See AdminDeleteUserAttributes for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminDeleteUserRequest

func (c *CognitoIdentityProvider) AdminDeleteUserRequest(input *AdminDeleteUserInput) (req *request.Request, output *AdminDeleteUserOutput)

AdminDeleteUserRequest generates a "aws/request.Request" representing the client's request for the AdminDeleteUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminDeleteUser for more information on using the AdminDeleteUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminDeleteUserRequest method.
req, resp := client.AdminDeleteUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDeleteUser

func (*CognitoIdentityProvider) AdminDeleteUserWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminDeleteUserWithContext(ctx aws.Context, input *AdminDeleteUserInput, opts ...request.Option) (*AdminDeleteUserOutput, error)

AdminDeleteUserWithContext is the same as AdminDeleteUser with the addition of the ability to pass a context and additional request options.

See AdminDeleteUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminDisableProviderForUser added in v1.10.24

AdminDisableProviderForUser API operation for Amazon Cognito Identity Provider.

Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can't use their password to sign in. If the user to deactivate is a linked external IdP user, any link between that user and an existing user is removed. When the external user signs in again, and the user is no longer attached to the previously linked DestinationUser, the user must create a new user account. See AdminLinkProviderForUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminLinkProviderForUser.html).

The ProviderName must match the value specified when creating an IdP for the pool.

To deactivate a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject. The ProviderAttributeValue must be the name that is used in the user pool for the user.

The ProviderAttributeName must always be Cognito_Subject for social IdPs. The ProviderAttributeValue must always be the exact subject that was used when the user was originally linked as a source user.

For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the ProviderAttributeName and ProviderAttributeValue must be the same values that were used for the SourceUser when the identities were originally linked using AdminLinkProviderForUser call. (If the linking was done with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminDisableProviderForUser for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • AliasExistsException This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDisableProviderForUser

func (*CognitoIdentityProvider) AdminDisableProviderForUserRequest added in v1.10.24

func (c *CognitoIdentityProvider) AdminDisableProviderForUserRequest(input *AdminDisableProviderForUserInput) (req *request.Request, output *AdminDisableProviderForUserOutput)

AdminDisableProviderForUserRequest generates a "aws/request.Request" representing the client's request for the AdminDisableProviderForUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminDisableProviderForUser for more information on using the AdminDisableProviderForUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminDisableProviderForUserRequest method.
req, resp := client.AdminDisableProviderForUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDisableProviderForUser

func (*CognitoIdentityProvider) AdminDisableProviderForUserWithContext added in v1.10.24

func (c *CognitoIdentityProvider) AdminDisableProviderForUserWithContext(ctx aws.Context, input *AdminDisableProviderForUserInput, opts ...request.Option) (*AdminDisableProviderForUserOutput, error)

AdminDisableProviderForUserWithContext is the same as AdminDisableProviderForUser with the addition of the ability to pass a context and additional request options.

See AdminDisableProviderForUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminDisableUser

AdminDisableUser API operation for Amazon Cognito Identity Provider.

Deactivates a user and revokes all access tokens for the user. A deactivated user can't sign in, but still appears in the responses to GetUser and ListUsers API requests.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminDisableUser for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDisableUser

func (*CognitoIdentityProvider) AdminDisableUserRequest

func (c *CognitoIdentityProvider) AdminDisableUserRequest(input *AdminDisableUserInput) (req *request.Request, output *AdminDisableUserOutput)

AdminDisableUserRequest generates a "aws/request.Request" representing the client's request for the AdminDisableUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminDisableUser for more information on using the AdminDisableUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminDisableUserRequest method.
req, resp := client.AdminDisableUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDisableUser

func (*CognitoIdentityProvider) AdminDisableUserWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminDisableUserWithContext(ctx aws.Context, input *AdminDisableUserInput, opts ...request.Option) (*AdminDisableUserOutput, error)

AdminDisableUserWithContext is the same as AdminDisableUser with the addition of the ability to pass a context and additional request options.

See AdminDisableUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminEnableUser

AdminEnableUser API operation for Amazon Cognito Identity Provider.

Enables the specified user as an administrator. Works on any user.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminEnableUser for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminEnableUser

func (*CognitoIdentityProvider) AdminEnableUserRequest

func (c *CognitoIdentityProvider) AdminEnableUserRequest(input *AdminEnableUserInput) (req *request.Request, output *AdminEnableUserOutput)

AdminEnableUserRequest generates a "aws/request.Request" representing the client's request for the AdminEnableUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminEnableUser for more information on using the AdminEnableUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminEnableUserRequest method.
req, resp := client.AdminEnableUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminEnableUser

func (*CognitoIdentityProvider) AdminEnableUserWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminEnableUserWithContext(ctx aws.Context, input *AdminEnableUserInput, opts ...request.Option) (*AdminEnableUserOutput, error)

AdminEnableUserWithContext is the same as AdminEnableUser with the addition of the ability to pass a context and additional request options.

See AdminEnableUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminForgetDevice added in v1.2.10

AdminForgetDevice API operation for Amazon Cognito Identity Provider.

Forgets the device, as an administrator.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminForgetDevice for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminForgetDevice

func (*CognitoIdentityProvider) AdminForgetDeviceRequest added in v1.2.10

func (c *CognitoIdentityProvider) AdminForgetDeviceRequest(input *AdminForgetDeviceInput) (req *request.Request, output *AdminForgetDeviceOutput)

AdminForgetDeviceRequest generates a "aws/request.Request" representing the client's request for the AdminForgetDevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminForgetDevice for more information on using the AdminForgetDevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminForgetDeviceRequest method.
req, resp := client.AdminForgetDeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminForgetDevice

func (*CognitoIdentityProvider) AdminForgetDeviceWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminForgetDeviceWithContext(ctx aws.Context, input *AdminForgetDeviceInput, opts ...request.Option) (*AdminForgetDeviceOutput, error)

AdminForgetDeviceWithContext is the same as AdminForgetDevice with the addition of the ability to pass a context and additional request options.

See AdminForgetDevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminGetDevice added in v1.2.10

AdminGetDevice API operation for Amazon Cognito Identity Provider.

Gets the device, as an administrator.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminGetDevice for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminGetDevice

func (*CognitoIdentityProvider) AdminGetDeviceRequest added in v1.2.10

func (c *CognitoIdentityProvider) AdminGetDeviceRequest(input *AdminGetDeviceInput) (req *request.Request, output *AdminGetDeviceOutput)

AdminGetDeviceRequest generates a "aws/request.Request" representing the client's request for the AdminGetDevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminGetDevice for more information on using the AdminGetDevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminGetDeviceRequest method.
req, resp := client.AdminGetDeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminGetDevice

func (*CognitoIdentityProvider) AdminGetDeviceWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminGetDeviceWithContext(ctx aws.Context, input *AdminGetDeviceInput, opts ...request.Option) (*AdminGetDeviceOutput, error)

AdminGetDeviceWithContext is the same as AdminGetDevice with the addition of the ability to pass a context and additional request options.

See AdminGetDevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminGetUser

AdminGetUser API operation for Amazon Cognito Identity Provider.

Gets the specified user by user name in a user pool as an administrator. Works on any user.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminGetUser for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminGetUser

func (*CognitoIdentityProvider) AdminGetUserRequest

func (c *CognitoIdentityProvider) AdminGetUserRequest(input *AdminGetUserInput) (req *request.Request, output *AdminGetUserOutput)

AdminGetUserRequest generates a "aws/request.Request" representing the client's request for the AdminGetUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminGetUser for more information on using the AdminGetUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminGetUserRequest method.
req, resp := client.AdminGetUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminGetUser

func (*CognitoIdentityProvider) AdminGetUserWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminGetUserWithContext(ctx aws.Context, input *AdminGetUserInput, opts ...request.Option) (*AdminGetUserOutput, error)

AdminGetUserWithContext is the same as AdminGetUser with the addition of the ability to pass a context and additional request options.

See AdminGetUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminInitiateAuth added in v1.2.10

AdminInitiateAuth API operation for Amazon Cognito Identity Provider.

Initiates the authentication flow, as an administrator.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminInitiateAuth for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • MFAMethodNotFoundException This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminInitiateAuth

func (*CognitoIdentityProvider) AdminInitiateAuthRequest added in v1.2.10

func (c *CognitoIdentityProvider) AdminInitiateAuthRequest(input *AdminInitiateAuthInput) (req *request.Request, output *AdminInitiateAuthOutput)

AdminInitiateAuthRequest generates a "aws/request.Request" representing the client's request for the AdminInitiateAuth operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminInitiateAuth for more information on using the AdminInitiateAuth API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminInitiateAuthRequest method.
req, resp := client.AdminInitiateAuthRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminInitiateAuth

func (*CognitoIdentityProvider) AdminInitiateAuthWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminInitiateAuthWithContext(ctx aws.Context, input *AdminInitiateAuthInput, opts ...request.Option) (*AdminInitiateAuthOutput, error)

AdminInitiateAuthWithContext is the same as AdminInitiateAuth with the addition of the ability to pass a context and additional request options.

See AdminInitiateAuth for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminLinkProviderForUser added in v1.10.24

AdminLinkProviderForUser API operation for Amazon Cognito Identity Provider.

Links an existing user account in a user pool (DestinationUser) to an identity from an external IdP (SourceUser) based on a specified attribute name and value from the external IdP. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in. You can then use the federated user identity to sign in as the existing user account.

For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account.

The maximum number of federated identities linked to a user is five.

Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminLinkProviderForUser for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • AliasExistsException This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminLinkProviderForUser

func (*CognitoIdentityProvider) AdminLinkProviderForUserRequest added in v1.10.24

func (c *CognitoIdentityProvider) AdminLinkProviderForUserRequest(input *AdminLinkProviderForUserInput) (req *request.Request, output *AdminLinkProviderForUserOutput)

AdminLinkProviderForUserRequest generates a "aws/request.Request" representing the client's request for the AdminLinkProviderForUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminLinkProviderForUser for more information on using the AdminLinkProviderForUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminLinkProviderForUserRequest method.
req, resp := client.AdminLinkProviderForUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminLinkProviderForUser

func (*CognitoIdentityProvider) AdminLinkProviderForUserWithContext added in v1.10.24

func (c *CognitoIdentityProvider) AdminLinkProviderForUserWithContext(ctx aws.Context, input *AdminLinkProviderForUserInput, opts ...request.Option) (*AdminLinkProviderForUserOutput, error)

AdminLinkProviderForUserWithContext is the same as AdminLinkProviderForUser with the addition of the ability to pass a context and additional request options.

See AdminLinkProviderForUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminListDevices added in v1.2.10

AdminListDevices API operation for Amazon Cognito Identity Provider.

Lists devices, as an administrator.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminListDevices for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListDevices

func (*CognitoIdentityProvider) AdminListDevicesRequest added in v1.2.10

func (c *CognitoIdentityProvider) AdminListDevicesRequest(input *AdminListDevicesInput) (req *request.Request, output *AdminListDevicesOutput)

AdminListDevicesRequest generates a "aws/request.Request" representing the client's request for the AdminListDevices operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminListDevices for more information on using the AdminListDevices API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminListDevicesRequest method.
req, resp := client.AdminListDevicesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListDevices

func (*CognitoIdentityProvider) AdminListDevicesWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminListDevicesWithContext(ctx aws.Context, input *AdminListDevicesInput, opts ...request.Option) (*AdminListDevicesOutput, error)

AdminListDevicesWithContext is the same as AdminListDevices with the addition of the ability to pass a context and additional request options.

See AdminListDevices for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminListGroupsForUser added in v1.6.4

AdminListGroupsForUser API operation for Amazon Cognito Identity Provider.

Lists the groups that a user belongs to.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminListGroupsForUser for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListGroupsForUser

func (*CognitoIdentityProvider) AdminListGroupsForUserPages added in v1.19.12

func (c *CognitoIdentityProvider) AdminListGroupsForUserPages(input *AdminListGroupsForUserInput, fn func(*AdminListGroupsForUserOutput, bool) bool) error

AdminListGroupsForUserPages iterates over the pages of a AdminListGroupsForUser operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See AdminListGroupsForUser method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a AdminListGroupsForUser operation.
pageNum := 0
err := client.AdminListGroupsForUserPages(params,
    func(page *cognitoidentityprovider.AdminListGroupsForUserOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*CognitoIdentityProvider) AdminListGroupsForUserPagesWithContext added in v1.19.12

func (c *CognitoIdentityProvider) AdminListGroupsForUserPagesWithContext(ctx aws.Context, input *AdminListGroupsForUserInput, fn func(*AdminListGroupsForUserOutput, bool) bool, opts ...request.Option) error

AdminListGroupsForUserPagesWithContext same as AdminListGroupsForUserPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminListGroupsForUserRequest added in v1.6.4

func (c *CognitoIdentityProvider) AdminListGroupsForUserRequest(input *AdminListGroupsForUserInput) (req *request.Request, output *AdminListGroupsForUserOutput)

AdminListGroupsForUserRequest generates a "aws/request.Request" representing the client's request for the AdminListGroupsForUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminListGroupsForUser for more information on using the AdminListGroupsForUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminListGroupsForUserRequest method.
req, resp := client.AdminListGroupsForUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListGroupsForUser

func (*CognitoIdentityProvider) AdminListGroupsForUserWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminListGroupsForUserWithContext(ctx aws.Context, input *AdminListGroupsForUserInput, opts ...request.Option) (*AdminListGroupsForUserOutput, error)

AdminListGroupsForUserWithContext is the same as AdminListGroupsForUser with the addition of the ability to pass a context and additional request options.

See AdminListGroupsForUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminListUserAuthEvents added in v1.12.35

AdminListUserAuthEvents API operation for Amazon Cognito Identity Provider.

A history of user activity and any risks detected as part of Amazon Cognito advanced security.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminListUserAuthEvents for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserPoolAddOnNotEnabledException This exception is thrown when user pool add-ons aren't enabled.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListUserAuthEvents

func (*CognitoIdentityProvider) AdminListUserAuthEventsPages added in v1.19.12

func (c *CognitoIdentityProvider) AdminListUserAuthEventsPages(input *AdminListUserAuthEventsInput, fn func(*AdminListUserAuthEventsOutput, bool) bool) error

AdminListUserAuthEventsPages iterates over the pages of a AdminListUserAuthEvents operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See AdminListUserAuthEvents method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a AdminListUserAuthEvents operation.
pageNum := 0
err := client.AdminListUserAuthEventsPages(params,
    func(page *cognitoidentityprovider.AdminListUserAuthEventsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*CognitoIdentityProvider) AdminListUserAuthEventsPagesWithContext added in v1.19.12

func (c *CognitoIdentityProvider) AdminListUserAuthEventsPagesWithContext(ctx aws.Context, input *AdminListUserAuthEventsInput, fn func(*AdminListUserAuthEventsOutput, bool) bool, opts ...request.Option) error

AdminListUserAuthEventsPagesWithContext same as AdminListUserAuthEventsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminListUserAuthEventsRequest added in v1.12.35

func (c *CognitoIdentityProvider) AdminListUserAuthEventsRequest(input *AdminListUserAuthEventsInput) (req *request.Request, output *AdminListUserAuthEventsOutput)

AdminListUserAuthEventsRequest generates a "aws/request.Request" representing the client's request for the AdminListUserAuthEvents operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminListUserAuthEvents for more information on using the AdminListUserAuthEvents API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminListUserAuthEventsRequest method.
req, resp := client.AdminListUserAuthEventsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListUserAuthEvents

func (*CognitoIdentityProvider) AdminListUserAuthEventsWithContext added in v1.12.35

func (c *CognitoIdentityProvider) AdminListUserAuthEventsWithContext(ctx aws.Context, input *AdminListUserAuthEventsInput, opts ...request.Option) (*AdminListUserAuthEventsOutput, error)

AdminListUserAuthEventsWithContext is the same as AdminListUserAuthEvents with the addition of the ability to pass a context and additional request options.

See AdminListUserAuthEvents for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminRemoveUserFromGroup added in v1.6.4

AdminRemoveUserFromGroup API operation for Amazon Cognito Identity Provider.

Removes the specified user from the specified group.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminRemoveUserFromGroup for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminRemoveUserFromGroup

func (*CognitoIdentityProvider) AdminRemoveUserFromGroupRequest added in v1.6.4

func (c *CognitoIdentityProvider) AdminRemoveUserFromGroupRequest(input *AdminRemoveUserFromGroupInput) (req *request.Request, output *AdminRemoveUserFromGroupOutput)

AdminRemoveUserFromGroupRequest generates a "aws/request.Request" representing the client's request for the AdminRemoveUserFromGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminRemoveUserFromGroup for more information on using the AdminRemoveUserFromGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminRemoveUserFromGroupRequest method.
req, resp := client.AdminRemoveUserFromGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminRemoveUserFromGroup

func (*CognitoIdentityProvider) AdminRemoveUserFromGroupWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminRemoveUserFromGroupWithContext(ctx aws.Context, input *AdminRemoveUserFromGroupInput, opts ...request.Option) (*AdminRemoveUserFromGroupOutput, error)

AdminRemoveUserFromGroupWithContext is the same as AdminRemoveUserFromGroup with the addition of the ability to pass a context and additional request options.

See AdminRemoveUserFromGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminResetUserPassword

AdminResetUserPassword API operation for Amazon Cognito Identity Provider.

Resets the specified user's password in a user pool as an administrator. Works on any user.

To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserPassword.html) if you manage passwords as an administrator.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Deactivates a user's password, requiring them to change it. If a user tries to sign in after the API is called, Amazon Cognito responds with a PasswordResetRequiredException error. Your app must then perform the actions that reset your user's password: the forgot-password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminResetUserPassword for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidEmailRoleAccessPolicyException This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminResetUserPassword

func (*CognitoIdentityProvider) AdminResetUserPasswordRequest

func (c *CognitoIdentityProvider) AdminResetUserPasswordRequest(input *AdminResetUserPasswordInput) (req *request.Request, output *AdminResetUserPasswordOutput)

AdminResetUserPasswordRequest generates a "aws/request.Request" representing the client's request for the AdminResetUserPassword operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminResetUserPassword for more information on using the AdminResetUserPassword API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminResetUserPasswordRequest method.
req, resp := client.AdminResetUserPasswordRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminResetUserPassword

func (*CognitoIdentityProvider) AdminResetUserPasswordWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminResetUserPasswordWithContext(ctx aws.Context, input *AdminResetUserPasswordInput, opts ...request.Option) (*AdminResetUserPasswordOutput, error)

AdminResetUserPasswordWithContext is the same as AdminResetUserPassword with the addition of the ability to pass a context and additional request options.

See AdminResetUserPassword for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminRespondToAuthChallenge added in v1.2.10

AdminRespondToAuthChallenge API operation for Amazon Cognito Identity Provider.

Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. An AdminRespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminRespondToAuthChallenge for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • CodeMismatchException This exception is thrown if the provided code doesn't match what the server was expecting.

  • ExpiredCodeException This exception is thrown if a code has expired.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • InvalidPasswordException This exception is thrown when Amazon Cognito encounters an invalid password.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • MFAMethodNotFoundException This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • AliasExistsException This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • SoftwareTokenMFANotFoundException This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminRespondToAuthChallenge

func (*CognitoIdentityProvider) AdminRespondToAuthChallengeRequest added in v1.2.10

func (c *CognitoIdentityProvider) AdminRespondToAuthChallengeRequest(input *AdminRespondToAuthChallengeInput) (req *request.Request, output *AdminRespondToAuthChallengeOutput)

AdminRespondToAuthChallengeRequest generates a "aws/request.Request" representing the client's request for the AdminRespondToAuthChallenge operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminRespondToAuthChallenge for more information on using the AdminRespondToAuthChallenge API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminRespondToAuthChallengeRequest method.
req, resp := client.AdminRespondToAuthChallengeRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminRespondToAuthChallenge

func (*CognitoIdentityProvider) AdminRespondToAuthChallengeWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminRespondToAuthChallengeWithContext(ctx aws.Context, input *AdminRespondToAuthChallengeInput, opts ...request.Option) (*AdminRespondToAuthChallengeOutput, error)

AdminRespondToAuthChallengeWithContext is the same as AdminRespondToAuthChallenge with the addition of the ability to pass a context and additional request options.

See AdminRespondToAuthChallenge for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminSetUserMFAPreference added in v1.12.35

AdminSetUserMFAPreference API operation for Amazon Cognito Identity Provider.

The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminSetUserMFAPreference for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserMFAPreference

func (*CognitoIdentityProvider) AdminSetUserMFAPreferenceRequest added in v1.12.35

func (c *CognitoIdentityProvider) AdminSetUserMFAPreferenceRequest(input *AdminSetUserMFAPreferenceInput) (req *request.Request, output *AdminSetUserMFAPreferenceOutput)

AdminSetUserMFAPreferenceRequest generates a "aws/request.Request" representing the client's request for the AdminSetUserMFAPreference operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminSetUserMFAPreference for more information on using the AdminSetUserMFAPreference API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminSetUserMFAPreferenceRequest method.
req, resp := client.AdminSetUserMFAPreferenceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserMFAPreference

func (*CognitoIdentityProvider) AdminSetUserMFAPreferenceWithContext added in v1.12.35

func (c *CognitoIdentityProvider) AdminSetUserMFAPreferenceWithContext(ctx aws.Context, input *AdminSetUserMFAPreferenceInput, opts ...request.Option) (*AdminSetUserMFAPreferenceOutput, error)

AdminSetUserMFAPreferenceWithContext is the same as AdminSetUserMFAPreference with the addition of the ability to pass a context and additional request options.

See AdminSetUserMFAPreference for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminSetUserPassword added in v1.19.24

AdminSetUserPassword API operation for Amazon Cognito Identity Provider.

Sets the specified user's password in a user pool as an administrator. Works on any user.

The password can be temporary or permanent. If it is temporary, the user status enters the FORCE_CHANGE_PASSWORD state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth response will contain the NEW_PASSWORD_REQUIRED challenge. If the user doesn't sign in before it expires, the user won't be able to sign in, and an administrator must reset their password.

Once the user has set a new password, or the password is permanent, the user status is set to Confirmed.

AdminSetUserPassword can set a password for the user profile that Amazon Cognito creates for third-party federated users. When you set a password, the federated user's status changes from EXTERNAL_PROVIDER to CONFIRMED. A user in this state can sign in as a federated user, and initiate authentication flows in the API like a linked native user. They can also modify their password and attributes in token-authenticated API requests like ChangePassword and UpdateUserAttributes. As a best security practice and to keep users in sync with your external IdP, don't set passwords on federated user profiles. To set up a federated user for native sign-in with a linked native user, refer to Linking federated users to an existing user profile (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html).

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminSetUserPassword for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InvalidPasswordException This exception is thrown when Amazon Cognito encounters an invalid password.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserPassword

func (*CognitoIdentityProvider) AdminSetUserPasswordRequest added in v1.19.24

func (c *CognitoIdentityProvider) AdminSetUserPasswordRequest(input *AdminSetUserPasswordInput) (req *request.Request, output *AdminSetUserPasswordOutput)

AdminSetUserPasswordRequest generates a "aws/request.Request" representing the client's request for the AdminSetUserPassword operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminSetUserPassword for more information on using the AdminSetUserPassword API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminSetUserPasswordRequest method.
req, resp := client.AdminSetUserPasswordRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserPassword

func (*CognitoIdentityProvider) AdminSetUserPasswordWithContext added in v1.19.24

func (c *CognitoIdentityProvider) AdminSetUserPasswordWithContext(ctx aws.Context, input *AdminSetUserPasswordInput, opts ...request.Option) (*AdminSetUserPasswordOutput, error)

AdminSetUserPasswordWithContext is the same as AdminSetUserPassword with the addition of the ability to pass a context and additional request options.

See AdminSetUserPassword for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminSetUserSettings

AdminSetUserSettings API operation for Amazon Cognito Identity Provider.

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html) instead.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminSetUserSettings for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserSettings

func (*CognitoIdentityProvider) AdminSetUserSettingsRequest

func (c *CognitoIdentityProvider) AdminSetUserSettingsRequest(input *AdminSetUserSettingsInput) (req *request.Request, output *AdminSetUserSettingsOutput)

AdminSetUserSettingsRequest generates a "aws/request.Request" representing the client's request for the AdminSetUserSettings operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminSetUserSettings for more information on using the AdminSetUserSettings API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminSetUserSettingsRequest method.
req, resp := client.AdminSetUserSettingsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserSettings

func (*CognitoIdentityProvider) AdminSetUserSettingsWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminSetUserSettingsWithContext(ctx aws.Context, input *AdminSetUserSettingsInput, opts ...request.Option) (*AdminSetUserSettingsOutput, error)

AdminSetUserSettingsWithContext is the same as AdminSetUserSettings with the addition of the ability to pass a context and additional request options.

See AdminSetUserSettings for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminUpdateAuthEventFeedback added in v1.12.35

AdminUpdateAuthEventFeedback API operation for Amazon Cognito Identity Provider.

Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminUpdateAuthEventFeedback for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserPoolAddOnNotEnabledException This exception is thrown when user pool add-ons aren't enabled.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateAuthEventFeedback

func (*CognitoIdentityProvider) AdminUpdateAuthEventFeedbackRequest added in v1.12.35

func (c *CognitoIdentityProvider) AdminUpdateAuthEventFeedbackRequest(input *AdminUpdateAuthEventFeedbackInput) (req *request.Request, output *AdminUpdateAuthEventFeedbackOutput)

AdminUpdateAuthEventFeedbackRequest generates a "aws/request.Request" representing the client's request for the AdminUpdateAuthEventFeedback operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminUpdateAuthEventFeedback for more information on using the AdminUpdateAuthEventFeedback API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminUpdateAuthEventFeedbackRequest method.
req, resp := client.AdminUpdateAuthEventFeedbackRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateAuthEventFeedback

func (*CognitoIdentityProvider) AdminUpdateAuthEventFeedbackWithContext added in v1.12.35

func (c *CognitoIdentityProvider) AdminUpdateAuthEventFeedbackWithContext(ctx aws.Context, input *AdminUpdateAuthEventFeedbackInput, opts ...request.Option) (*AdminUpdateAuthEventFeedbackOutput, error)

AdminUpdateAuthEventFeedbackWithContext is the same as AdminUpdateAuthEventFeedback with the addition of the ability to pass a context and additional request options.

See AdminUpdateAuthEventFeedback for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminUpdateDeviceStatus added in v1.2.10

AdminUpdateDeviceStatus API operation for Amazon Cognito Identity Provider.

Updates the device status as an administrator.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminUpdateDeviceStatus for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateDeviceStatus

func (*CognitoIdentityProvider) AdminUpdateDeviceStatusRequest added in v1.2.10

func (c *CognitoIdentityProvider) AdminUpdateDeviceStatusRequest(input *AdminUpdateDeviceStatusInput) (req *request.Request, output *AdminUpdateDeviceStatusOutput)

AdminUpdateDeviceStatusRequest generates a "aws/request.Request" representing the client's request for the AdminUpdateDeviceStatus operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminUpdateDeviceStatus for more information on using the AdminUpdateDeviceStatus API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminUpdateDeviceStatusRequest method.
req, resp := client.AdminUpdateDeviceStatusRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateDeviceStatus

func (*CognitoIdentityProvider) AdminUpdateDeviceStatusWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminUpdateDeviceStatusWithContext(ctx aws.Context, input *AdminUpdateDeviceStatusInput, opts ...request.Option) (*AdminUpdateDeviceStatusOutput, error)

AdminUpdateDeviceStatusWithContext is the same as AdminUpdateDeviceStatus with the addition of the ability to pass a context and additional request options.

See AdminUpdateDeviceStatus for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminUpdateUserAttributes

AdminUpdateUserAttributes API operation for Amazon Cognito Identity Provider.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.

For custom attributes, you must prepend the custom: prefix to the attribute name.

In addition to updating user attributes, this API can also be used to mark phone and email as verified.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminUpdateUserAttributes for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • AliasExistsException This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidEmailRoleAccessPolicyException This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateUserAttributes

func (*CognitoIdentityProvider) AdminUpdateUserAttributesRequest

func (c *CognitoIdentityProvider) AdminUpdateUserAttributesRequest(input *AdminUpdateUserAttributesInput) (req *request.Request, output *AdminUpdateUserAttributesOutput)

AdminUpdateUserAttributesRequest generates a "aws/request.Request" representing the client's request for the AdminUpdateUserAttributes operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminUpdateUserAttributes for more information on using the AdminUpdateUserAttributes API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminUpdateUserAttributesRequest method.
req, resp := client.AdminUpdateUserAttributesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateUserAttributes

func (*CognitoIdentityProvider) AdminUpdateUserAttributesWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminUpdateUserAttributesWithContext(ctx aws.Context, input *AdminUpdateUserAttributesInput, opts ...request.Option) (*AdminUpdateUserAttributesOutput, error)

AdminUpdateUserAttributesWithContext is the same as AdminUpdateUserAttributes with the addition of the ability to pass a context and additional request options.

See AdminUpdateUserAttributes for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AdminUserGlobalSignOut added in v1.2.10

AdminUserGlobalSignOut API operation for Amazon Cognito Identity Provider.

Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.

Other requests might be valid until your user's token expires.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AdminUserGlobalSignOut for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUserGlobalSignOut

func (*CognitoIdentityProvider) AdminUserGlobalSignOutRequest added in v1.2.10

func (c *CognitoIdentityProvider) AdminUserGlobalSignOutRequest(input *AdminUserGlobalSignOutInput) (req *request.Request, output *AdminUserGlobalSignOutOutput)

AdminUserGlobalSignOutRequest generates a "aws/request.Request" representing the client's request for the AdminUserGlobalSignOut operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AdminUserGlobalSignOut for more information on using the AdminUserGlobalSignOut API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AdminUserGlobalSignOutRequest method.
req, resp := client.AdminUserGlobalSignOutRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUserGlobalSignOut

func (*CognitoIdentityProvider) AdminUserGlobalSignOutWithContext added in v1.8.0

func (c *CognitoIdentityProvider) AdminUserGlobalSignOutWithContext(ctx aws.Context, input *AdminUserGlobalSignOutInput, opts ...request.Option) (*AdminUserGlobalSignOutOutput, error)

AdminUserGlobalSignOutWithContext is the same as AdminUserGlobalSignOut with the addition of the ability to pass a context and additional request options.

See AdminUserGlobalSignOut for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) AssociateSoftwareToken added in v1.12.35

AssociateSoftwareToken API operation for Amazon Cognito Identity Provider.

Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an AssociateSoftwareToken request with either the user's access token, or a session string from a challenge response that you received from Amazon Cognito.

Amazon Cognito disassociates an existing software token when you verify the new token in a VerifySoftwareToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifySoftwareToken.html) API request. If you don't verify the software token and your user pool doesn't require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an MFA_SETUP or SOFTWARE_TOKEN_SETUP challenge each time your user signs. Complete setup with AssociateSoftwareToken and VerifySoftwareToken.

After you set up software token MFA for your user, Amazon Cognito generates a SOFTWARE_TOKEN_MFA challenge when they authenticate. Respond to this challenge with your user's TOTP.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation AssociateSoftwareToken for usage and error information.

Returned Error Types:

  • ConcurrentModificationException This exception is thrown if two or more modifications are happening concurrently.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • SoftwareTokenMFANotFoundException This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AssociateSoftwareToken

func (*CognitoIdentityProvider) AssociateSoftwareTokenRequest added in v1.12.35

func (c *CognitoIdentityProvider) AssociateSoftwareTokenRequest(input *AssociateSoftwareTokenInput) (req *request.Request, output *AssociateSoftwareTokenOutput)

AssociateSoftwareTokenRequest generates a "aws/request.Request" representing the client's request for the AssociateSoftwareToken operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AssociateSoftwareToken for more information on using the AssociateSoftwareToken API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AssociateSoftwareTokenRequest method.
req, resp := client.AssociateSoftwareTokenRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AssociateSoftwareToken

func (*CognitoIdentityProvider) AssociateSoftwareTokenWithContext added in v1.12.35

func (c *CognitoIdentityProvider) AssociateSoftwareTokenWithContext(ctx aws.Context, input *AssociateSoftwareTokenInput, opts ...request.Option) (*AssociateSoftwareTokenOutput, error)

AssociateSoftwareTokenWithContext is the same as AssociateSoftwareToken with the addition of the ability to pass a context and additional request options.

See AssociateSoftwareToken for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ChangePassword

ChangePassword API operation for Amazon Cognito Identity Provider.

Changes the password for a specified user in a user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ChangePassword for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InvalidPasswordException This exception is thrown when Amazon Cognito encounters an invalid password.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ChangePassword

func (*CognitoIdentityProvider) ChangePasswordRequest

func (c *CognitoIdentityProvider) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Request, output *ChangePasswordOutput)

ChangePasswordRequest generates a "aws/request.Request" representing the client's request for the ChangePassword operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ChangePassword for more information on using the ChangePassword API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ChangePasswordRequest method.
req, resp := client.ChangePasswordRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ChangePassword

func (*CognitoIdentityProvider) ChangePasswordWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ChangePasswordWithContext(ctx aws.Context, input *ChangePasswordInput, opts ...request.Option) (*ChangePasswordOutput, error)

ChangePasswordWithContext is the same as ChangePassword with the addition of the ability to pass a context and additional request options.

See ChangePassword for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ConfirmDevice added in v1.2.10

ConfirmDevice API operation for Amazon Cognito Identity Provider.

Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see Working with user devices in your user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ConfirmDevice for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InvalidPasswordException This exception is thrown when Amazon Cognito encounters an invalid password.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • UsernameExistsException This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmDevice

func (*CognitoIdentityProvider) ConfirmDeviceRequest added in v1.2.10

func (c *CognitoIdentityProvider) ConfirmDeviceRequest(input *ConfirmDeviceInput) (req *request.Request, output *ConfirmDeviceOutput)

ConfirmDeviceRequest generates a "aws/request.Request" representing the client's request for the ConfirmDevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ConfirmDevice for more information on using the ConfirmDevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ConfirmDeviceRequest method.
req, resp := client.ConfirmDeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmDevice

func (*CognitoIdentityProvider) ConfirmDeviceWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ConfirmDeviceWithContext(ctx aws.Context, input *ConfirmDeviceInput, opts ...request.Option) (*ConfirmDeviceOutput, error)

ConfirmDeviceWithContext is the same as ConfirmDevice with the addition of the ability to pass a context and additional request options.

See ConfirmDevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ConfirmForgotPassword

ConfirmForgotPassword API operation for Amazon Cognito Identity Provider.

Allows a user to enter a confirmation code to reset a forgotten password.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ConfirmForgotPassword for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InvalidPasswordException This exception is thrown when Amazon Cognito encounters an invalid password.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • CodeMismatchException This exception is thrown if the provided code doesn't match what the server was expecting.

  • ExpiredCodeException This exception is thrown if a code has expired.

  • TooManyFailedAttemptsException This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmForgotPassword

func (*CognitoIdentityProvider) ConfirmForgotPasswordRequest

func (c *CognitoIdentityProvider) ConfirmForgotPasswordRequest(input *ConfirmForgotPasswordInput) (req *request.Request, output *ConfirmForgotPasswordOutput)

ConfirmForgotPasswordRequest generates a "aws/request.Request" representing the client's request for the ConfirmForgotPassword operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ConfirmForgotPassword for more information on using the ConfirmForgotPassword API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ConfirmForgotPasswordRequest method.
req, resp := client.ConfirmForgotPasswordRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmForgotPassword

func (*CognitoIdentityProvider) ConfirmForgotPasswordWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ConfirmForgotPasswordWithContext(ctx aws.Context, input *ConfirmForgotPasswordInput, opts ...request.Option) (*ConfirmForgotPasswordOutput, error)

ConfirmForgotPasswordWithContext is the same as ConfirmForgotPassword with the addition of the ability to pass a context and additional request options.

See ConfirmForgotPassword for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ConfirmSignUp

ConfirmSignUp API operation for Amazon Cognito Identity Provider.

This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html) API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.

Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminCreateUser.html) API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ConfirmSignUp for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyFailedAttemptsException This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.

  • CodeMismatchException This exception is thrown if the provided code doesn't match what the server was expecting.

  • ExpiredCodeException This exception is thrown if a code has expired.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • AliasExistsException This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmSignUp

func (*CognitoIdentityProvider) ConfirmSignUpRequest

func (c *CognitoIdentityProvider) ConfirmSignUpRequest(input *ConfirmSignUpInput) (req *request.Request, output *ConfirmSignUpOutput)

ConfirmSignUpRequest generates a "aws/request.Request" representing the client's request for the ConfirmSignUp operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ConfirmSignUp for more information on using the ConfirmSignUp API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ConfirmSignUpRequest method.
req, resp := client.ConfirmSignUpRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmSignUp

func (*CognitoIdentityProvider) ConfirmSignUpWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ConfirmSignUpWithContext(ctx aws.Context, input *ConfirmSignUpInput, opts ...request.Option) (*ConfirmSignUpOutput, error)

ConfirmSignUpWithContext is the same as ConfirmSignUp with the addition of the ability to pass a context and additional request options.

See ConfirmSignUp for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) CreateGroup added in v1.6.4

CreateGroup API operation for Amazon Cognito Identity Provider.

Creates a new group in the specified user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation CreateGroup for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • GroupExistsException This exception is thrown when Amazon Cognito encounters a group that already exists in the user pool.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateGroup

func (*CognitoIdentityProvider) CreateGroupRequest added in v1.6.4

func (c *CognitoIdentityProvider) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, output *CreateGroupOutput)

CreateGroupRequest generates a "aws/request.Request" representing the client's request for the CreateGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateGroup for more information on using the CreateGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateGroupRequest method.
req, resp := client.CreateGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateGroup

func (*CognitoIdentityProvider) CreateGroupWithContext added in v1.8.0

func (c *CognitoIdentityProvider) CreateGroupWithContext(ctx aws.Context, input *CreateGroupInput, opts ...request.Option) (*CreateGroupOutput, error)

CreateGroupWithContext is the same as CreateGroup with the addition of the ability to pass a context and additional request options.

See CreateGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) CreateIdentityProvider added in v1.8.33

CreateIdentityProvider API operation for Amazon Cognito Identity Provider.

Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation CreateIdentityProvider for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • DuplicateProviderException This exception is thrown when the provider is already supported by the user pool.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateIdentityProvider

func (*CognitoIdentityProvider) CreateIdentityProviderRequest added in v1.8.33

func (c *CognitoIdentityProvider) CreateIdentityProviderRequest(input *CreateIdentityProviderInput) (req *request.Request, output *CreateIdentityProviderOutput)

CreateIdentityProviderRequest generates a "aws/request.Request" representing the client's request for the CreateIdentityProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateIdentityProvider for more information on using the CreateIdentityProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateIdentityProviderRequest method.
req, resp := client.CreateIdentityProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateIdentityProvider

func (*CognitoIdentityProvider) CreateIdentityProviderWithContext added in v1.8.33

func (c *CognitoIdentityProvider) CreateIdentityProviderWithContext(ctx aws.Context, input *CreateIdentityProviderInput, opts ...request.Option) (*CreateIdentityProviderOutput, error)

CreateIdentityProviderWithContext is the same as CreateIdentityProvider with the addition of the ability to pass a context and additional request options.

See CreateIdentityProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) CreateResourceServer added in v1.10.24

CreateResourceServer API operation for Amazon Cognito Identity Provider.

Creates a new OAuth2.0 resource server and defines custom scopes within it.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation CreateResourceServer for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateResourceServer

func (*CognitoIdentityProvider) CreateResourceServerRequest added in v1.10.24

func (c *CognitoIdentityProvider) CreateResourceServerRequest(input *CreateResourceServerInput) (req *request.Request, output *CreateResourceServerOutput)

CreateResourceServerRequest generates a "aws/request.Request" representing the client's request for the CreateResourceServer operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateResourceServer for more information on using the CreateResourceServer API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateResourceServerRequest method.
req, resp := client.CreateResourceServerRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateResourceServer

func (*CognitoIdentityProvider) CreateResourceServerWithContext added in v1.10.24

func (c *CognitoIdentityProvider) CreateResourceServerWithContext(ctx aws.Context, input *CreateResourceServerInput, opts ...request.Option) (*CreateResourceServerOutput, error)

CreateResourceServerWithContext is the same as CreateResourceServer with the addition of the ability to pass a context and additional request options.

See CreateResourceServer for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) CreateUserImportJob added in v1.4.6

CreateUserImportJob API operation for Amazon Cognito Identity Provider.

Creates a user import job.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation CreateUserImportJob for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • PreconditionNotMetException This exception is thrown when a precondition is not met.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserImportJob

func (*CognitoIdentityProvider) CreateUserImportJobRequest added in v1.4.6

func (c *CognitoIdentityProvider) CreateUserImportJobRequest(input *CreateUserImportJobInput) (req *request.Request, output *CreateUserImportJobOutput)

CreateUserImportJobRequest generates a "aws/request.Request" representing the client's request for the CreateUserImportJob operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateUserImportJob for more information on using the CreateUserImportJob API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateUserImportJobRequest method.
req, resp := client.CreateUserImportJobRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserImportJob

func (*CognitoIdentityProvider) CreateUserImportJobWithContext added in v1.8.0

func (c *CognitoIdentityProvider) CreateUserImportJobWithContext(ctx aws.Context, input *CreateUserImportJobInput, opts ...request.Option) (*CreateUserImportJobOutput, error)

CreateUserImportJobWithContext is the same as CreateUserImportJob with the addition of the ability to pass a context and additional request options.

See CreateUserImportJob for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) CreateUserPool

CreateUserPool API operation for Amazon Cognito Identity Provider.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Creates a new Amazon Cognito user pool and sets the password policy for the pool.

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation CreateUserPool for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • InvalidEmailRoleAccessPolicyException This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserPoolTaggingException This exception is thrown when a user pool tag can't be set or updated.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPool

Example (Shared00)

Example user pool with email and username sign-in The following example creates a user pool with all configurable properties set to an example value. The resulting user pool allows sign-in with username or email address, has optional MFA, and has a Lambda function assigned to each possible trigger.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
)

func main() {
	svc := cognitoidentityprovider.New(session.New())
	input := &cognitoidentityprovider.CreateUserPoolInput{
		AccountRecoverySetting: &cognitoidentityprovider.AccountRecoverySettingType{
			RecoveryMechanisms: []*cognitoidentityprovider.RecoveryOptionType{
				{
					Name:     aws.String("verified_email"),
					Priority: aws.Int64(1),
				},
			},
		},
		AdminCreateUserConfig: &cognitoidentityprovider.AdminCreateUserConfigType{
			AllowAdminCreateUserOnly: aws.Bool(false),
			InviteMessageTemplate: &cognitoidentityprovider.MessageTemplateType{
				EmailMessage: aws.String("Your username is {username} and temporary password is {####}."),
				EmailSubject: aws.String("Your sign-in information"),
				SMSMessage:   aws.String("Your username is {username} and temporary password is {####}."),
			},
		},
		AliasAttributes: []*string{
			aws.String("email"),
		},
		AutoVerifiedAttributes: []*string{
			aws.String("email"),
		},
		DeletionProtection: aws.String("ACTIVE"),
		DeviceConfiguration: &cognitoidentityprovider.DeviceConfigurationType{
			ChallengeRequiredOnNewDevice:     aws.Bool(true),
			DeviceOnlyRememberedOnUserPrompt: aws.Bool(true),
		},
		EmailConfiguration: &cognitoidentityprovider.EmailConfigurationType{
			ConfigurationSet:    aws.String("my-test-ses-configuration-set"),
			EmailSendingAccount: aws.String("DEVELOPER"),
			From:                aws.String("support@example.com"),
			ReplyToEmailAddress: aws.String("support@example.com"),
			SourceArn:           aws.String("arn:aws:ses:us-east-1:123456789012:identity/support@example.com"),
		},
		EmailVerificationMessage: aws.String("Your verification code is {####}."),
		EmailVerificationSubject: aws.String("Verify your email address"),
		LambdaConfig: &cognitoidentityprovider.LambdaConfigType{
			CustomEmailSender: &cognitoidentityprovider.CustomEmailLambdaVersionConfigType{
				LambdaArn:     aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
				LambdaVersion: aws.String("V1_0"),
			},
			CustomMessage: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
			CustomSMSSender: &cognitoidentityprovider.CustomSMSLambdaVersionConfigType{
				LambdaArn:     aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
				LambdaVersion: aws.String("V1_0"),
			},
			DefineAuthChallenge:         aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
			KMSKeyID:                    aws.String("arn:aws:kms:us-east-1:123456789012:key/a6c4f8e2-0c45-47db-925f-87854bc9e357"),
			PostAuthentication:          aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
			PostConfirmation:            aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
			PreAuthentication:           aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
			PreSignUp:                   aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
			PreTokenGeneration:          aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
			UserMigration:               aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
			VerifyAuthChallengeResponse: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"),
		},
		MfaConfiguration: aws.String("OPTIONAL"),
		Policies: &cognitoidentityprovider.UserPoolPolicyType{
			PasswordPolicy: &cognitoidentityprovider.PasswordPolicyType{
				MinimumLength:                 aws.Int64(6),
				RequireLowercase:              aws.Bool(true),
				RequireNumbers:                aws.Bool(true),
				RequireSymbols:                aws.Bool(true),
				RequireUppercase:              aws.Bool(true),
				TemporaryPasswordValidityDays: aws.Int64(7),
			},
		},
		PoolName: aws.String("my-test-user-pool"),
		Schema: []*cognitoidentityprovider.SchemaAttributeType{
			{
				AttributeDataType:      aws.String("Number"),
				DeveloperOnlyAttribute: aws.Bool(true),
				Mutable:                aws.Bool(true),
				Name:                   aws.String("mydev"),
				NumberAttributeConstraints: &cognitoidentityprovider.NumberAttributeConstraintsType{
					MaxValue: aws.String("99"),
					MinValue: aws.String("1"),
				},
				Required: aws.Bool(false),
				StringAttributeConstraints: &cognitoidentityprovider.StringAttributeConstraintsType{
					MaxLength: aws.String("99"),
					MinLength: aws.String("1"),
				},
			},
		},
		SmsAuthenticationMessage: aws.String("Your verification code is {####}."),
		SmsConfiguration: &cognitoidentityprovider.SmsConfigurationType{
			ExternalId:   aws.String("my-role-external-id"),
			SnsCallerArn: aws.String("arn:aws:iam::123456789012:role/service-role/test-cognito-SMS-Role"),
		},
		SmsVerificationMessage: aws.String("Your verification code is {####}."),
		UserAttributeUpdateSettings: &cognitoidentityprovider.UserAttributeUpdateSettingsType{
			AttributesRequireVerificationBeforeUpdate: []*string{
				aws.String("email"),
			},
		},
		UserPoolAddOns: &cognitoidentityprovider.UserPoolAddOnsType{
			AdvancedSecurityMode: aws.String("OFF"),
		},
		UserPoolTags: map[string]*string{
			"my-test-tag-key": aws.String("my-test-tag-key"),
		},
		UsernameConfiguration: &cognitoidentityprovider.UsernameConfigurationType{
			CaseSensitive: aws.Bool(true),
		},
		VerificationMessageTemplate: &cognitoidentityprovider.VerificationMessageTemplateType{
			DefaultEmailOption: aws.String("CONFIRM_WITH_CODE"),
			EmailMessage:       aws.String("Your confirmation code is {####}"),
			EmailMessageByLink: aws.String("Choose this link to {##verify your email##}"),
			EmailSubject:       aws.String("Here is your confirmation code"),
			EmailSubjectByLink: aws.String("Here is your confirmation link"),
			SmsMessage:         aws.String("Your confirmation code is {####}"),
		},
	}

	result, err := svc.CreateUserPool(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case cognitoidentityprovider.ErrCodeInvalidParameterException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error())
			case cognitoidentityprovider.ErrCodeTooManyRequestsException:
				fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error())
			case cognitoidentityprovider.ErrCodeLimitExceededException:
				fmt.Println(cognitoidentityprovider.ErrCodeLimitExceededException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidEmailRoleAccessPolicyException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidEmailRoleAccessPolicyException, aerr.Error())
			case cognitoidentityprovider.ErrCodeNotAuthorizedException:
				fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error())
			case cognitoidentityprovider.ErrCodeUserPoolTaggingException:
				fmt.Println(cognitoidentityprovider.ErrCodeUserPoolTaggingException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInternalErrorException:
				fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*CognitoIdentityProvider) CreateUserPoolClient

CreateUserPoolClient API operation for Amazon Cognito Identity Provider.

Creates the user pool client.

When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation CreateUserPoolClient for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • ScopeDoesNotExistException This exception is thrown when the specified scope doesn't exist.

  • InvalidOAuthFlowException This exception is thrown when the specified OAuth flow is not valid.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolClient

Example (Shared00)

Example user pool app client with email and username sign-in The following example creates an app client with all configurable properties set to an example value. The resulting user pool client connects to an analytics client, allows sign-in with username and password, and has two external identity providers associated with it.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
)

func main() {
	svc := cognitoidentityprovider.New(session.New())
	input := &cognitoidentityprovider.CreateUserPoolClientInput{
		AccessTokenValidity: aws.Int64(6),
		AllowedOAuthFlows: []*string{
			aws.String("code"),
		},
		AllowedOAuthFlowsUserPoolClient: aws.Bool(true),
		AllowedOAuthScopes: []*string{
			aws.String("aws.cognito.signin.user.admin"),
			aws.String("openid"),
		},
		AnalyticsConfiguration: &cognitoidentityprovider.AnalyticsConfigurationType{
			ApplicationId:  aws.String("d70b2ba36a8c4dc5a04a0451a31a1e12"),
			ExternalId:     aws.String("my-external-id"),
			RoleArn:        aws.String("arn:aws:iam::123456789012:role/test-cognitouserpool-role"),
			UserDataShared: aws.Bool(true),
		},
		CallbackURLs: []*string{
			aws.String("https://example.com"),
			aws.String("http://localhost"),
			aws.String("myapp://example"),
		},
		ClientName:         aws.String("my-test-app-client"),
		DefaultRedirectURI: aws.String("https://example.com"),
		ExplicitAuthFlows: []*string{
			aws.String("ALLOW_ADMIN_USER_PASSWORD_AUTH"),
			aws.String("ALLOW_USER_PASSWORD_AUTH"),
			aws.String("ALLOW_REFRESH_TOKEN_AUTH"),
		},
		GenerateSecret:  aws.Bool(true),
		IdTokenValidity: aws.Int64(6),
		LogoutURLs: []*string{
			aws.String("https://example.com/logout"),
		},
		PreventUserExistenceErrors: aws.String("ENABLED"),
		ReadAttributes: []*string{
			aws.String("email"),
			aws.String("address"),
			aws.String("preferred_username"),
		},
		RefreshTokenValidity: aws.Int64(6),
		SupportedIdentityProviders: []*string{
			aws.String("SignInWithApple"),
			aws.String("MySSO"),
		},
		TokenValidityUnits: &cognitoidentityprovider.TokenValidityUnitsType{
			AccessToken:  aws.String("hours"),
			IdToken:      aws.String("minutes"),
			RefreshToken: aws.String("days"),
		},
		UserPoolId: aws.String("us-east-1_EXAMPLE"),
		WriteAttributes: []*string{
			aws.String("family_name"),
			aws.String("email"),
		},
	}

	result, err := svc.CreateUserPoolClient(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case cognitoidentityprovider.ErrCodeInvalidParameterException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error())
			case cognitoidentityprovider.ErrCodeResourceNotFoundException:
				fmt.Println(cognitoidentityprovider.ErrCodeResourceNotFoundException, aerr.Error())
			case cognitoidentityprovider.ErrCodeTooManyRequestsException:
				fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error())
			case cognitoidentityprovider.ErrCodeLimitExceededException:
				fmt.Println(cognitoidentityprovider.ErrCodeLimitExceededException, aerr.Error())
			case cognitoidentityprovider.ErrCodeNotAuthorizedException:
				fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error())
			case cognitoidentityprovider.ErrCodeScopeDoesNotExistException:
				fmt.Println(cognitoidentityprovider.ErrCodeScopeDoesNotExistException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidOAuthFlowException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidOAuthFlowException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInternalErrorException:
				fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*CognitoIdentityProvider) CreateUserPoolClientRequest

func (c *CognitoIdentityProvider) CreateUserPoolClientRequest(input *CreateUserPoolClientInput) (req *request.Request, output *CreateUserPoolClientOutput)

CreateUserPoolClientRequest generates a "aws/request.Request" representing the client's request for the CreateUserPoolClient operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateUserPoolClient for more information on using the CreateUserPoolClient API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateUserPoolClientRequest method.
req, resp := client.CreateUserPoolClientRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolClient

func (*CognitoIdentityProvider) CreateUserPoolClientWithContext added in v1.8.0

func (c *CognitoIdentityProvider) CreateUserPoolClientWithContext(ctx aws.Context, input *CreateUserPoolClientInput, opts ...request.Option) (*CreateUserPoolClientOutput, error)

CreateUserPoolClientWithContext is the same as CreateUserPoolClient with the addition of the ability to pass a context and additional request options.

See CreateUserPoolClient for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) CreateUserPoolDomain added in v1.8.33

CreateUserPoolDomain API operation for Amazon Cognito Identity Provider.

Creates a new domain for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation CreateUserPoolDomain for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolDomain

func (*CognitoIdentityProvider) CreateUserPoolDomainRequest added in v1.8.33

func (c *CognitoIdentityProvider) CreateUserPoolDomainRequest(input *CreateUserPoolDomainInput) (req *request.Request, output *CreateUserPoolDomainOutput)

CreateUserPoolDomainRequest generates a "aws/request.Request" representing the client's request for the CreateUserPoolDomain operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateUserPoolDomain for more information on using the CreateUserPoolDomain API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateUserPoolDomainRequest method.
req, resp := client.CreateUserPoolDomainRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolDomain

func (*CognitoIdentityProvider) CreateUserPoolDomainWithContext added in v1.8.33

func (c *CognitoIdentityProvider) CreateUserPoolDomainWithContext(ctx aws.Context, input *CreateUserPoolDomainInput, opts ...request.Option) (*CreateUserPoolDomainOutput, error)

CreateUserPoolDomainWithContext is the same as CreateUserPoolDomain with the addition of the ability to pass a context and additional request options.

See CreateUserPoolDomain for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) CreateUserPoolRequest

func (c *CognitoIdentityProvider) CreateUserPoolRequest(input *CreateUserPoolInput) (req *request.Request, output *CreateUserPoolOutput)

CreateUserPoolRequest generates a "aws/request.Request" representing the client's request for the CreateUserPool operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateUserPool for more information on using the CreateUserPool API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateUserPoolRequest method.
req, resp := client.CreateUserPoolRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPool

func (*CognitoIdentityProvider) CreateUserPoolWithContext added in v1.8.0

func (c *CognitoIdentityProvider) CreateUserPoolWithContext(ctx aws.Context, input *CreateUserPoolInput, opts ...request.Option) (*CreateUserPoolOutput, error)

CreateUserPoolWithContext is the same as CreateUserPool with the addition of the ability to pass a context and additional request options.

See CreateUserPool for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DeleteGroup added in v1.6.4

DeleteGroup API operation for Amazon Cognito Identity Provider.

Deletes a group.

Calling this action requires developer credentials.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DeleteGroup for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteGroup

func (*CognitoIdentityProvider) DeleteGroupRequest added in v1.6.4

func (c *CognitoIdentityProvider) DeleteGroupRequest(input *DeleteGroupInput) (req *request.Request, output *DeleteGroupOutput)

DeleteGroupRequest generates a "aws/request.Request" representing the client's request for the DeleteGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteGroup for more information on using the DeleteGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteGroupRequest method.
req, resp := client.DeleteGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteGroup

func (*CognitoIdentityProvider) DeleteGroupWithContext added in v1.8.0

func (c *CognitoIdentityProvider) DeleteGroupWithContext(ctx aws.Context, input *DeleteGroupInput, opts ...request.Option) (*DeleteGroupOutput, error)

DeleteGroupWithContext is the same as DeleteGroup with the addition of the ability to pass a context and additional request options.

See DeleteGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DeleteIdentityProvider added in v1.8.33

DeleteIdentityProvider API operation for Amazon Cognito Identity Provider.

Deletes an IdP for a user pool.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DeleteIdentityProvider for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UnsupportedIdentityProviderException This exception is thrown when the specified identifier isn't supported.

  • ConcurrentModificationException This exception is thrown if two or more modifications are happening concurrently.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteIdentityProvider

func (*CognitoIdentityProvider) DeleteIdentityProviderRequest added in v1.8.33

func (c *CognitoIdentityProvider) DeleteIdentityProviderRequest(input *DeleteIdentityProviderInput) (req *request.Request, output *DeleteIdentityProviderOutput)

DeleteIdentityProviderRequest generates a "aws/request.Request" representing the client's request for the DeleteIdentityProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteIdentityProvider for more information on using the DeleteIdentityProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteIdentityProviderRequest method.
req, resp := client.DeleteIdentityProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteIdentityProvider

func (*CognitoIdentityProvider) DeleteIdentityProviderWithContext added in v1.8.33

func (c *CognitoIdentityProvider) DeleteIdentityProviderWithContext(ctx aws.Context, input *DeleteIdentityProviderInput, opts ...request.Option) (*DeleteIdentityProviderOutput, error)

DeleteIdentityProviderWithContext is the same as DeleteIdentityProvider with the addition of the ability to pass a context and additional request options.

See DeleteIdentityProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DeleteResourceServer added in v1.10.24

DeleteResourceServer API operation for Amazon Cognito Identity Provider.

Deletes a resource server.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DeleteResourceServer for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteResourceServer

func (*CognitoIdentityProvider) DeleteResourceServerRequest added in v1.10.24

func (c *CognitoIdentityProvider) DeleteResourceServerRequest(input *DeleteResourceServerInput) (req *request.Request, output *DeleteResourceServerOutput)

DeleteResourceServerRequest generates a "aws/request.Request" representing the client's request for the DeleteResourceServer operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteResourceServer for more information on using the DeleteResourceServer API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteResourceServerRequest method.
req, resp := client.DeleteResourceServerRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteResourceServer

func (*CognitoIdentityProvider) DeleteResourceServerWithContext added in v1.10.24

func (c *CognitoIdentityProvider) DeleteResourceServerWithContext(ctx aws.Context, input *DeleteResourceServerInput, opts ...request.Option) (*DeleteResourceServerOutput, error)

DeleteResourceServerWithContext is the same as DeleteResourceServer with the addition of the ability to pass a context and additional request options.

See DeleteResourceServer for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DeleteUser

DeleteUser API operation for Amazon Cognito Identity Provider.

Allows a user to delete their own user profile.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DeleteUser for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUser

func (*CognitoIdentityProvider) DeleteUserAttributes

DeleteUserAttributes API operation for Amazon Cognito Identity Provider.

Deletes the attributes for a user.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DeleteUserAttributes for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserAttributes

func (*CognitoIdentityProvider) DeleteUserAttributesRequest

func (c *CognitoIdentityProvider) DeleteUserAttributesRequest(input *DeleteUserAttributesInput) (req *request.Request, output *DeleteUserAttributesOutput)

DeleteUserAttributesRequest generates a "aws/request.Request" representing the client's request for the DeleteUserAttributes operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUserAttributes for more information on using the DeleteUserAttributes API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserAttributesRequest method.
req, resp := client.DeleteUserAttributesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserAttributes

func (*CognitoIdentityProvider) DeleteUserAttributesWithContext added in v1.8.0

func (c *CognitoIdentityProvider) DeleteUserAttributesWithContext(ctx aws.Context, input *DeleteUserAttributesInput, opts ...request.Option) (*DeleteUserAttributesOutput, error)

DeleteUserAttributesWithContext is the same as DeleteUserAttributes with the addition of the ability to pass a context and additional request options.

See DeleteUserAttributes for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DeleteUserPool

DeleteUserPool API operation for Amazon Cognito Identity Provider.

Deletes the specified Amazon Cognito user pool.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DeleteUserPool for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserImportInProgressException This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPool

func (*CognitoIdentityProvider) DeleteUserPoolClient

DeleteUserPoolClient API operation for Amazon Cognito Identity Provider.

Allows the developer to delete the user pool client.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DeleteUserPoolClient for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • ConcurrentModificationException This exception is thrown if two or more modifications are happening concurrently.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPoolClient

func (*CognitoIdentityProvider) DeleteUserPoolClientRequest

func (c *CognitoIdentityProvider) DeleteUserPoolClientRequest(input *DeleteUserPoolClientInput) (req *request.Request, output *DeleteUserPoolClientOutput)

DeleteUserPoolClientRequest generates a "aws/request.Request" representing the client's request for the DeleteUserPoolClient operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUserPoolClient for more information on using the DeleteUserPoolClient API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserPoolClientRequest method.
req, resp := client.DeleteUserPoolClientRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPoolClient

func (*CognitoIdentityProvider) DeleteUserPoolClientWithContext added in v1.8.0

func (c *CognitoIdentityProvider) DeleteUserPoolClientWithContext(ctx aws.Context, input *DeleteUserPoolClientInput, opts ...request.Option) (*DeleteUserPoolClientOutput, error)

DeleteUserPoolClientWithContext is the same as DeleteUserPoolClient with the addition of the ability to pass a context and additional request options.

See DeleteUserPoolClient for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DeleteUserPoolDomain added in v1.8.33

DeleteUserPoolDomain API operation for Amazon Cognito Identity Provider.

Deletes a domain for a user pool.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DeleteUserPoolDomain for usage and error information.

Returned Error Types:

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPoolDomain

func (*CognitoIdentityProvider) DeleteUserPoolDomainRequest added in v1.8.33

func (c *CognitoIdentityProvider) DeleteUserPoolDomainRequest(input *DeleteUserPoolDomainInput) (req *request.Request, output *DeleteUserPoolDomainOutput)

DeleteUserPoolDomainRequest generates a "aws/request.Request" representing the client's request for the DeleteUserPoolDomain operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUserPoolDomain for more information on using the DeleteUserPoolDomain API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserPoolDomainRequest method.
req, resp := client.DeleteUserPoolDomainRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPoolDomain

func (*CognitoIdentityProvider) DeleteUserPoolDomainWithContext added in v1.8.33

func (c *CognitoIdentityProvider) DeleteUserPoolDomainWithContext(ctx aws.Context, input *DeleteUserPoolDomainInput, opts ...request.Option) (*DeleteUserPoolDomainOutput, error)

DeleteUserPoolDomainWithContext is the same as DeleteUserPoolDomain with the addition of the ability to pass a context and additional request options.

See DeleteUserPoolDomain for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DeleteUserPoolRequest

func (c *CognitoIdentityProvider) DeleteUserPoolRequest(input *DeleteUserPoolInput) (req *request.Request, output *DeleteUserPoolOutput)

DeleteUserPoolRequest generates a "aws/request.Request" representing the client's request for the DeleteUserPool operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUserPool for more information on using the DeleteUserPool API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserPoolRequest method.
req, resp := client.DeleteUserPoolRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPool

func (*CognitoIdentityProvider) DeleteUserPoolWithContext added in v1.8.0

func (c *CognitoIdentityProvider) DeleteUserPoolWithContext(ctx aws.Context, input *DeleteUserPoolInput, opts ...request.Option) (*DeleteUserPoolOutput, error)

DeleteUserPoolWithContext is the same as DeleteUserPool with the addition of the ability to pass a context and additional request options.

See DeleteUserPool for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DeleteUserRequest

func (c *CognitoIdentityProvider) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, output *DeleteUserOutput)

DeleteUserRequest generates a "aws/request.Request" representing the client's request for the DeleteUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUser for more information on using the DeleteUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserRequest method.
req, resp := client.DeleteUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUser

func (*CognitoIdentityProvider) DeleteUserWithContext added in v1.8.0

func (c *CognitoIdentityProvider) DeleteUserWithContext(ctx aws.Context, input *DeleteUserInput, opts ...request.Option) (*DeleteUserOutput, error)

DeleteUserWithContext is the same as DeleteUser with the addition of the ability to pass a context and additional request options.

See DeleteUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DescribeIdentityProvider added in v1.8.33

DescribeIdentityProvider API operation for Amazon Cognito Identity Provider.

Gets information about a specific IdP.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DescribeIdentityProvider for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeIdentityProvider

func (*CognitoIdentityProvider) DescribeIdentityProviderRequest added in v1.8.33

func (c *CognitoIdentityProvider) DescribeIdentityProviderRequest(input *DescribeIdentityProviderInput) (req *request.Request, output *DescribeIdentityProviderOutput)

DescribeIdentityProviderRequest generates a "aws/request.Request" representing the client's request for the DescribeIdentityProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DescribeIdentityProvider for more information on using the DescribeIdentityProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DescribeIdentityProviderRequest method.
req, resp := client.DescribeIdentityProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeIdentityProvider

func (*CognitoIdentityProvider) DescribeIdentityProviderWithContext added in v1.8.33

func (c *CognitoIdentityProvider) DescribeIdentityProviderWithContext(ctx aws.Context, input *DescribeIdentityProviderInput, opts ...request.Option) (*DescribeIdentityProviderOutput, error)

DescribeIdentityProviderWithContext is the same as DescribeIdentityProvider with the addition of the ability to pass a context and additional request options.

See DescribeIdentityProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DescribeResourceServer added in v1.10.24

DescribeResourceServer API operation for Amazon Cognito Identity Provider.

Describes a resource server.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DescribeResourceServer for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeResourceServer

func (*CognitoIdentityProvider) DescribeResourceServerRequest added in v1.10.24

func (c *CognitoIdentityProvider) DescribeResourceServerRequest(input *DescribeResourceServerInput) (req *request.Request, output *DescribeResourceServerOutput)

DescribeResourceServerRequest generates a "aws/request.Request" representing the client's request for the DescribeResourceServer operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DescribeResourceServer for more information on using the DescribeResourceServer API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DescribeResourceServerRequest method.
req, resp := client.DescribeResourceServerRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeResourceServer

func (*CognitoIdentityProvider) DescribeResourceServerWithContext added in v1.10.24

func (c *CognitoIdentityProvider) DescribeResourceServerWithContext(ctx aws.Context, input *DescribeResourceServerInput, opts ...request.Option) (*DescribeResourceServerOutput, error)

DescribeResourceServerWithContext is the same as DescribeResourceServer with the addition of the ability to pass a context and additional request options.

See DescribeResourceServer for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DescribeRiskConfiguration added in v1.12.35

DescribeRiskConfiguration API operation for Amazon Cognito Identity Provider.

Describes the risk configuration.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DescribeRiskConfiguration for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserPoolAddOnNotEnabledException This exception is thrown when user pool add-ons aren't enabled.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeRiskConfiguration

func (*CognitoIdentityProvider) DescribeRiskConfigurationRequest added in v1.12.35

func (c *CognitoIdentityProvider) DescribeRiskConfigurationRequest(input *DescribeRiskConfigurationInput) (req *request.Request, output *DescribeRiskConfigurationOutput)

DescribeRiskConfigurationRequest generates a "aws/request.Request" representing the client's request for the DescribeRiskConfiguration operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DescribeRiskConfiguration for more information on using the DescribeRiskConfiguration API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DescribeRiskConfigurationRequest method.
req, resp := client.DescribeRiskConfigurationRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeRiskConfiguration

func (*CognitoIdentityProvider) DescribeRiskConfigurationWithContext added in v1.12.35

func (c *CognitoIdentityProvider) DescribeRiskConfigurationWithContext(ctx aws.Context, input *DescribeRiskConfigurationInput, opts ...request.Option) (*DescribeRiskConfigurationOutput, error)

DescribeRiskConfigurationWithContext is the same as DescribeRiskConfiguration with the addition of the ability to pass a context and additional request options.

See DescribeRiskConfiguration for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DescribeUserImportJob added in v1.4.6

DescribeUserImportJob API operation for Amazon Cognito Identity Provider.

Describes the user import job.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DescribeUserImportJob for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserImportJob

func (*CognitoIdentityProvider) DescribeUserImportJobRequest added in v1.4.6

func (c *CognitoIdentityProvider) DescribeUserImportJobRequest(input *DescribeUserImportJobInput) (req *request.Request, output *DescribeUserImportJobOutput)

DescribeUserImportJobRequest generates a "aws/request.Request" representing the client's request for the DescribeUserImportJob operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DescribeUserImportJob for more information on using the DescribeUserImportJob API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DescribeUserImportJobRequest method.
req, resp := client.DescribeUserImportJobRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserImportJob

func (*CognitoIdentityProvider) DescribeUserImportJobWithContext added in v1.8.0

func (c *CognitoIdentityProvider) DescribeUserImportJobWithContext(ctx aws.Context, input *DescribeUserImportJobInput, opts ...request.Option) (*DescribeUserImportJobOutput, error)

DescribeUserImportJobWithContext is the same as DescribeUserImportJob with the addition of the ability to pass a context and additional request options.

See DescribeUserImportJob for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DescribeUserPool

DescribeUserPool API operation for Amazon Cognito Identity Provider.

Returns the configuration information and metadata of the specified user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DescribeUserPool for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserPoolTaggingException This exception is thrown when a user pool tag can't be set or updated.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPool

func (*CognitoIdentityProvider) DescribeUserPoolClient

DescribeUserPoolClient API operation for Amazon Cognito Identity Provider.

Client method for returning the configuration information and metadata of the specified user pool app client.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DescribeUserPoolClient for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolClient

func (*CognitoIdentityProvider) DescribeUserPoolClientRequest

func (c *CognitoIdentityProvider) DescribeUserPoolClientRequest(input *DescribeUserPoolClientInput) (req *request.Request, output *DescribeUserPoolClientOutput)

DescribeUserPoolClientRequest generates a "aws/request.Request" representing the client's request for the DescribeUserPoolClient operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DescribeUserPoolClient for more information on using the DescribeUserPoolClient API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DescribeUserPoolClientRequest method.
req, resp := client.DescribeUserPoolClientRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolClient

func (*CognitoIdentityProvider) DescribeUserPoolClientWithContext added in v1.8.0

func (c *CognitoIdentityProvider) DescribeUserPoolClientWithContext(ctx aws.Context, input *DescribeUserPoolClientInput, opts ...request.Option) (*DescribeUserPoolClientOutput, error)

DescribeUserPoolClientWithContext is the same as DescribeUserPoolClient with the addition of the ability to pass a context and additional request options.

See DescribeUserPoolClient for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DescribeUserPoolDomain added in v1.8.33

DescribeUserPoolDomain API operation for Amazon Cognito Identity Provider.

Gets information about a domain.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation DescribeUserPoolDomain for usage and error information.

Returned Error Types:

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolDomain

func (*CognitoIdentityProvider) DescribeUserPoolDomainRequest added in v1.8.33

func (c *CognitoIdentityProvider) DescribeUserPoolDomainRequest(input *DescribeUserPoolDomainInput) (req *request.Request, output *DescribeUserPoolDomainOutput)

DescribeUserPoolDomainRequest generates a "aws/request.Request" representing the client's request for the DescribeUserPoolDomain operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DescribeUserPoolDomain for more information on using the DescribeUserPoolDomain API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DescribeUserPoolDomainRequest method.
req, resp := client.DescribeUserPoolDomainRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolDomain

func (*CognitoIdentityProvider) DescribeUserPoolDomainWithContext added in v1.8.33

func (c *CognitoIdentityProvider) DescribeUserPoolDomainWithContext(ctx aws.Context, input *DescribeUserPoolDomainInput, opts ...request.Option) (*DescribeUserPoolDomainOutput, error)

DescribeUserPoolDomainWithContext is the same as DescribeUserPoolDomain with the addition of the ability to pass a context and additional request options.

See DescribeUserPoolDomain for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) DescribeUserPoolRequest

func (c *CognitoIdentityProvider) DescribeUserPoolRequest(input *DescribeUserPoolInput) (req *request.Request, output *DescribeUserPoolOutput)

DescribeUserPoolRequest generates a "aws/request.Request" representing the client's request for the DescribeUserPool operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DescribeUserPool for more information on using the DescribeUserPool API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DescribeUserPoolRequest method.
req, resp := client.DescribeUserPoolRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPool

func (*CognitoIdentityProvider) DescribeUserPoolWithContext added in v1.8.0

func (c *CognitoIdentityProvider) DescribeUserPoolWithContext(ctx aws.Context, input *DescribeUserPoolInput, opts ...request.Option) (*DescribeUserPoolOutput, error)

DescribeUserPoolWithContext is the same as DescribeUserPool with the addition of the ability to pass a context and additional request options.

See DescribeUserPool for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ForgetDevice added in v1.2.10

ForgetDevice API operation for Amazon Cognito Identity Provider.

Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ForgetDevice for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ForgetDevice

func (*CognitoIdentityProvider) ForgetDeviceRequest added in v1.2.10

func (c *CognitoIdentityProvider) ForgetDeviceRequest(input *ForgetDeviceInput) (req *request.Request, output *ForgetDeviceOutput)

ForgetDeviceRequest generates a "aws/request.Request" representing the client's request for the ForgetDevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ForgetDevice for more information on using the ForgetDevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ForgetDeviceRequest method.
req, resp := client.ForgetDeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ForgetDevice

func (*CognitoIdentityProvider) ForgetDeviceWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ForgetDeviceWithContext(ctx aws.Context, input *ForgetDeviceInput, opts ...request.Option) (*ForgetDeviceOutput, error)

ForgetDeviceWithContext is the same as ForgetDevice with the addition of the ability to pass a context and additional request options.

See ForgetDevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ForgotPassword

ForgotPassword API operation for Amazon Cognito Identity Provider.

Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts (https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html) in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the password, call ConfirmForgotPassword (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html).

If neither a verified phone number nor a verified email exists, this API returns InvalidParameterException. If your app client has a client secret and you don't provide a SECRET_HASH parameter, this API returns NotAuthorizedException.

To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserPassword.html) if you manage passwords as an administrator.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ForgotPassword for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • InvalidEmailRoleAccessPolicyException This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

  • CodeDeliveryFailureException This exception is thrown when a verification code fails to deliver successfully.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ForgotPassword

func (*CognitoIdentityProvider) ForgotPasswordRequest

func (c *CognitoIdentityProvider) ForgotPasswordRequest(input *ForgotPasswordInput) (req *request.Request, output *ForgotPasswordOutput)

ForgotPasswordRequest generates a "aws/request.Request" representing the client's request for the ForgotPassword operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ForgotPassword for more information on using the ForgotPassword API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ForgotPasswordRequest method.
req, resp := client.ForgotPasswordRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ForgotPassword

func (*CognitoIdentityProvider) ForgotPasswordWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ForgotPasswordWithContext(ctx aws.Context, input *ForgotPasswordInput, opts ...request.Option) (*ForgotPasswordOutput, error)

ForgotPasswordWithContext is the same as ForgotPassword with the addition of the ability to pass a context and additional request options.

See ForgotPassword for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GetCSVHeader added in v1.4.6

GetCSVHeader API operation for Amazon Cognito Identity Provider.

Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GetCSVHeader for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetCSVHeader

func (*CognitoIdentityProvider) GetCSVHeaderRequest added in v1.4.6

func (c *CognitoIdentityProvider) GetCSVHeaderRequest(input *GetCSVHeaderInput) (req *request.Request, output *GetCSVHeaderOutput)

GetCSVHeaderRequest generates a "aws/request.Request" representing the client's request for the GetCSVHeader operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetCSVHeader for more information on using the GetCSVHeader API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetCSVHeaderRequest method.
req, resp := client.GetCSVHeaderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetCSVHeader

func (*CognitoIdentityProvider) GetCSVHeaderWithContext added in v1.8.0

func (c *CognitoIdentityProvider) GetCSVHeaderWithContext(ctx aws.Context, input *GetCSVHeaderInput, opts ...request.Option) (*GetCSVHeaderOutput, error)

GetCSVHeaderWithContext is the same as GetCSVHeader with the addition of the ability to pass a context and additional request options.

See GetCSVHeader for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GetDevice added in v1.2.10

GetDevice API operation for Amazon Cognito Identity Provider.

Gets the device. For more information about device authentication, see Working with user devices in your user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GetDevice for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetDevice

func (*CognitoIdentityProvider) GetDeviceRequest added in v1.2.10

func (c *CognitoIdentityProvider) GetDeviceRequest(input *GetDeviceInput) (req *request.Request, output *GetDeviceOutput)

GetDeviceRequest generates a "aws/request.Request" representing the client's request for the GetDevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetDevice for more information on using the GetDevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetDeviceRequest method.
req, resp := client.GetDeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetDevice

func (*CognitoIdentityProvider) GetDeviceWithContext added in v1.8.0

func (c *CognitoIdentityProvider) GetDeviceWithContext(ctx aws.Context, input *GetDeviceInput, opts ...request.Option) (*GetDeviceOutput, error)

GetDeviceWithContext is the same as GetDevice with the addition of the ability to pass a context and additional request options.

See GetDevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GetGroup added in v1.6.4

GetGroup API operation for Amazon Cognito Identity Provider.

Gets a group.

Calling this action requires developer credentials.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GetGroup for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetGroup

func (*CognitoIdentityProvider) GetGroupRequest added in v1.6.4

func (c *CognitoIdentityProvider) GetGroupRequest(input *GetGroupInput) (req *request.Request, output *GetGroupOutput)

GetGroupRequest generates a "aws/request.Request" representing the client's request for the GetGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetGroup for more information on using the GetGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetGroupRequest method.
req, resp := client.GetGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetGroup

func (*CognitoIdentityProvider) GetGroupWithContext added in v1.8.0

func (c *CognitoIdentityProvider) GetGroupWithContext(ctx aws.Context, input *GetGroupInput, opts ...request.Option) (*GetGroupOutput, error)

GetGroupWithContext is the same as GetGroup with the addition of the ability to pass a context and additional request options.

See GetGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GetIdentityProviderByIdentifier added in v1.8.33

GetIdentityProviderByIdentifier API operation for Amazon Cognito Identity Provider.

Gets the specified IdP.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GetIdentityProviderByIdentifier for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetIdentityProviderByIdentifier

func (*CognitoIdentityProvider) GetIdentityProviderByIdentifierRequest added in v1.8.33

func (c *CognitoIdentityProvider) GetIdentityProviderByIdentifierRequest(input *GetIdentityProviderByIdentifierInput) (req *request.Request, output *GetIdentityProviderByIdentifierOutput)

GetIdentityProviderByIdentifierRequest generates a "aws/request.Request" representing the client's request for the GetIdentityProviderByIdentifier operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetIdentityProviderByIdentifier for more information on using the GetIdentityProviderByIdentifier API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetIdentityProviderByIdentifierRequest method.
req, resp := client.GetIdentityProviderByIdentifierRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetIdentityProviderByIdentifier

func (*CognitoIdentityProvider) GetIdentityProviderByIdentifierWithContext added in v1.8.33

func (c *CognitoIdentityProvider) GetIdentityProviderByIdentifierWithContext(ctx aws.Context, input *GetIdentityProviderByIdentifierInput, opts ...request.Option) (*GetIdentityProviderByIdentifierOutput, error)

GetIdentityProviderByIdentifierWithContext is the same as GetIdentityProviderByIdentifier with the addition of the ability to pass a context and additional request options.

See GetIdentityProviderByIdentifier for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GetLogDeliveryConfiguration added in v1.44.315

GetLogDeliveryConfiguration API operation for Amazon Cognito Identity Provider.

Gets the detailed activity logging configuration for a user pool.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GetLogDeliveryConfiguration for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetLogDeliveryConfiguration

func (*CognitoIdentityProvider) GetLogDeliveryConfigurationRequest added in v1.44.315

func (c *CognitoIdentityProvider) GetLogDeliveryConfigurationRequest(input *GetLogDeliveryConfigurationInput) (req *request.Request, output *GetLogDeliveryConfigurationOutput)

GetLogDeliveryConfigurationRequest generates a "aws/request.Request" representing the client's request for the GetLogDeliveryConfiguration operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetLogDeliveryConfiguration for more information on using the GetLogDeliveryConfiguration API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetLogDeliveryConfigurationRequest method.
req, resp := client.GetLogDeliveryConfigurationRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetLogDeliveryConfiguration

func (*CognitoIdentityProvider) GetLogDeliveryConfigurationWithContext added in v1.44.315

func (c *CognitoIdentityProvider) GetLogDeliveryConfigurationWithContext(ctx aws.Context, input *GetLogDeliveryConfigurationInput, opts ...request.Option) (*GetLogDeliveryConfigurationOutput, error)

GetLogDeliveryConfigurationWithContext is the same as GetLogDeliveryConfiguration with the addition of the ability to pass a context and additional request options.

See GetLogDeliveryConfiguration for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GetSigningCertificate added in v1.12.75

GetSigningCertificate API operation for Amazon Cognito Identity Provider.

This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.

Amazon Cognito issues and assigns a new signing certificate annually. This process returns a new value in the response to GetSigningCertificate, but doesn't invalidate the original certificate.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GetSigningCertificate for usage and error information.

Returned Error Types:

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetSigningCertificate

func (*CognitoIdentityProvider) GetSigningCertificateRequest added in v1.12.75

func (c *CognitoIdentityProvider) GetSigningCertificateRequest(input *GetSigningCertificateInput) (req *request.Request, output *GetSigningCertificateOutput)

GetSigningCertificateRequest generates a "aws/request.Request" representing the client's request for the GetSigningCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetSigningCertificate for more information on using the GetSigningCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetSigningCertificateRequest method.
req, resp := client.GetSigningCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetSigningCertificate

func (*CognitoIdentityProvider) GetSigningCertificateWithContext added in v1.12.75

func (c *CognitoIdentityProvider) GetSigningCertificateWithContext(ctx aws.Context, input *GetSigningCertificateInput, opts ...request.Option) (*GetSigningCertificateOutput, error)

GetSigningCertificateWithContext is the same as GetSigningCertificate with the addition of the ability to pass a context and additional request options.

See GetSigningCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GetUICustomization added in v1.10.24

GetUICustomization API operation for Amazon Cognito Identity Provider.

Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client. If nothing is set for the particular client, but there is an existing pool level customization (the app clientId is ALL), then that information is returned. If nothing is present, then an empty shape is returned.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GetUICustomization for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUICustomization

func (*CognitoIdentityProvider) GetUICustomizationRequest added in v1.10.24

func (c *CognitoIdentityProvider) GetUICustomizationRequest(input *GetUICustomizationInput) (req *request.Request, output *GetUICustomizationOutput)

GetUICustomizationRequest generates a "aws/request.Request" representing the client's request for the GetUICustomization operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetUICustomization for more information on using the GetUICustomization API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetUICustomizationRequest method.
req, resp := client.GetUICustomizationRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUICustomization

func (*CognitoIdentityProvider) GetUICustomizationWithContext added in v1.10.24

func (c *CognitoIdentityProvider) GetUICustomizationWithContext(ctx aws.Context, input *GetUICustomizationInput, opts ...request.Option) (*GetUICustomizationOutput, error)

GetUICustomizationWithContext is the same as GetUICustomization with the addition of the ability to pass a context and additional request options.

See GetUICustomization for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GetUser

GetUser API operation for Amazon Cognito Identity Provider.

Gets the user attributes and metadata for a user.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GetUser for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUser

func (*CognitoIdentityProvider) GetUserAttributeVerificationCode

GetUserAttributeVerificationCode API operation for Amazon Cognito Identity Provider.

Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GetUserAttributeVerificationCode for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • InvalidEmailRoleAccessPolicyException This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

  • CodeDeliveryFailureException This exception is thrown when a verification code fails to deliver successfully.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUserAttributeVerificationCode

func (*CognitoIdentityProvider) GetUserAttributeVerificationCodeRequest

func (c *CognitoIdentityProvider) GetUserAttributeVerificationCodeRequest(input *GetUserAttributeVerificationCodeInput) (req *request.Request, output *GetUserAttributeVerificationCodeOutput)

GetUserAttributeVerificationCodeRequest generates a "aws/request.Request" representing the client's request for the GetUserAttributeVerificationCode operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetUserAttributeVerificationCode for more information on using the GetUserAttributeVerificationCode API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetUserAttributeVerificationCodeRequest method.
req, resp := client.GetUserAttributeVerificationCodeRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUserAttributeVerificationCode

func (*CognitoIdentityProvider) GetUserAttributeVerificationCodeWithContext added in v1.8.0

func (c *CognitoIdentityProvider) GetUserAttributeVerificationCodeWithContext(ctx aws.Context, input *GetUserAttributeVerificationCodeInput, opts ...request.Option) (*GetUserAttributeVerificationCodeOutput, error)

GetUserAttributeVerificationCodeWithContext is the same as GetUserAttributeVerificationCode with the addition of the ability to pass a context and additional request options.

See GetUserAttributeVerificationCode for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GetUserPoolMfaConfig added in v1.12.35

GetUserPoolMfaConfig API operation for Amazon Cognito Identity Provider.

Gets the user pool multi-factor authentication (MFA) configuration.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GetUserPoolMfaConfig for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUserPoolMfaConfig

func (*CognitoIdentityProvider) GetUserPoolMfaConfigRequest added in v1.12.35

func (c *CognitoIdentityProvider) GetUserPoolMfaConfigRequest(input *GetUserPoolMfaConfigInput) (req *request.Request, output *GetUserPoolMfaConfigOutput)

GetUserPoolMfaConfigRequest generates a "aws/request.Request" representing the client's request for the GetUserPoolMfaConfig operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetUserPoolMfaConfig for more information on using the GetUserPoolMfaConfig API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetUserPoolMfaConfigRequest method.
req, resp := client.GetUserPoolMfaConfigRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUserPoolMfaConfig

func (*CognitoIdentityProvider) GetUserPoolMfaConfigWithContext added in v1.12.35

func (c *CognitoIdentityProvider) GetUserPoolMfaConfigWithContext(ctx aws.Context, input *GetUserPoolMfaConfigInput, opts ...request.Option) (*GetUserPoolMfaConfigOutput, error)

GetUserPoolMfaConfigWithContext is the same as GetUserPoolMfaConfig with the addition of the ability to pass a context and additional request options.

See GetUserPoolMfaConfig for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GetUserRequest

func (c *CognitoIdentityProvider) GetUserRequest(input *GetUserInput) (req *request.Request, output *GetUserOutput)

GetUserRequest generates a "aws/request.Request" representing the client's request for the GetUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetUser for more information on using the GetUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetUserRequest method.
req, resp := client.GetUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUser

func (*CognitoIdentityProvider) GetUserWithContext added in v1.8.0

func (c *CognitoIdentityProvider) GetUserWithContext(ctx aws.Context, input *GetUserInput, opts ...request.Option) (*GetUserOutput, error)

GetUserWithContext is the same as GetUser with the addition of the ability to pass a context and additional request options.

See GetUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) GlobalSignOut added in v1.2.10

GlobalSignOut API operation for Amazon Cognito Identity Provider.

Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.

Other requests might be valid until your user's token expires.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation GlobalSignOut for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GlobalSignOut

func (*CognitoIdentityProvider) GlobalSignOutRequest added in v1.2.10

func (c *CognitoIdentityProvider) GlobalSignOutRequest(input *GlobalSignOutInput) (req *request.Request, output *GlobalSignOutOutput)

GlobalSignOutRequest generates a "aws/request.Request" representing the client's request for the GlobalSignOut operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GlobalSignOut for more information on using the GlobalSignOut API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GlobalSignOutRequest method.
req, resp := client.GlobalSignOutRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GlobalSignOut

func (*CognitoIdentityProvider) GlobalSignOutWithContext added in v1.8.0

func (c *CognitoIdentityProvider) GlobalSignOutWithContext(ctx aws.Context, input *GlobalSignOutInput, opts ...request.Option) (*GlobalSignOutOutput, error)

GlobalSignOutWithContext is the same as GlobalSignOut with the addition of the ability to pass a context and additional request options.

See GlobalSignOut for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) InitiateAuth added in v1.2.10

InitiateAuth API operation for Amazon Cognito Identity Provider.

Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with InitiateAuth. For more information, see Adding user pool sign-in through a third party (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html).

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation InitiateAuth for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/InitiateAuth

Example (Shared00)

Example username and password sign-in for a user who has TOTP MFA The following example signs in the user mytestuser with analytics data, client metadata, and user context data for advanced security.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
)

func main() {
	svc := cognitoidentityprovider.New(session.New())
	input := &cognitoidentityprovider.InitiateAuthInput{
		AnalyticsMetadata: &cognitoidentityprovider.AnalyticsMetadataType{
			AnalyticsEndpointId: aws.String("d70b2ba36a8c4dc5a04a0451a31a1e12"),
		},
		AuthFlow: aws.String("USER_PASSWORD_AUTH"),
		AuthParameters: map[string]*string{
			"PASSWORD":    aws.String("This-is-my-test-99!"),
			"SECRET_HASH": aws.String("oT5ZkS8ctnrhYeeGsGTvOzPhoc/Jd1cO5fueBWFVmp8="),
			"USERNAME":    aws.String("mytestuser"),
		},
		ClientId: aws.String("1example23456789"),
		ClientMetadata: map[string]*string{
			"MyTestKey": aws.String("MyTestValue"),
		},
		UserContextData: &cognitoidentityprovider.UserContextDataType{
			EncodedData: aws.String("AmazonCognitoAdvancedSecurityData_object"),
			IpAddress:   aws.String("192.0.2.1"),
		},
	}

	result, err := svc.InitiateAuth(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case cognitoidentityprovider.ErrCodeResourceNotFoundException:
				fmt.Println(cognitoidentityprovider.ErrCodeResourceNotFoundException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidParameterException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error())
			case cognitoidentityprovider.ErrCodeNotAuthorizedException:
				fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error())
			case cognitoidentityprovider.ErrCodeTooManyRequestsException:
				fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error())
			case cognitoidentityprovider.ErrCodeUnexpectedLambdaException:
				fmt.Println(cognitoidentityprovider.ErrCodeUnexpectedLambdaException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidUserPoolConfigurationException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidUserPoolConfigurationException, aerr.Error())
			case cognitoidentityprovider.ErrCodeUserLambdaValidationException:
				fmt.Println(cognitoidentityprovider.ErrCodeUserLambdaValidationException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidLambdaResponseException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidLambdaResponseException, aerr.Error())
			case cognitoidentityprovider.ErrCodePasswordResetRequiredException:
				fmt.Println(cognitoidentityprovider.ErrCodePasswordResetRequiredException, aerr.Error())
			case cognitoidentityprovider.ErrCodeUserNotFoundException:
				fmt.Println(cognitoidentityprovider.ErrCodeUserNotFoundException, aerr.Error())
			case cognitoidentityprovider.ErrCodeUserNotConfirmedException:
				fmt.Println(cognitoidentityprovider.ErrCodeUserNotConfirmedException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInternalErrorException:
				fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException, aerr.Error())
			case cognitoidentityprovider.ErrCodeForbiddenException:
				fmt.Println(cognitoidentityprovider.ErrCodeForbiddenException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*CognitoIdentityProvider) InitiateAuthRequest added in v1.2.10

func (c *CognitoIdentityProvider) InitiateAuthRequest(input *InitiateAuthInput) (req *request.Request, output *InitiateAuthOutput)

InitiateAuthRequest generates a "aws/request.Request" representing the client's request for the InitiateAuth operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See InitiateAuth for more information on using the InitiateAuth API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the InitiateAuthRequest method.
req, resp := client.InitiateAuthRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/InitiateAuth

func (*CognitoIdentityProvider) InitiateAuthWithContext added in v1.8.0

func (c *CognitoIdentityProvider) InitiateAuthWithContext(ctx aws.Context, input *InitiateAuthInput, opts ...request.Option) (*InitiateAuthOutput, error)

InitiateAuthWithContext is the same as InitiateAuth with the addition of the ability to pass a context and additional request options.

See InitiateAuth for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListDevices added in v1.2.10

ListDevices API operation for Amazon Cognito Identity Provider.

Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ListDevices for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListDevices

func (*CognitoIdentityProvider) ListDevicesRequest added in v1.2.10

func (c *CognitoIdentityProvider) ListDevicesRequest(input *ListDevicesInput) (req *request.Request, output *ListDevicesOutput)

ListDevicesRequest generates a "aws/request.Request" representing the client's request for the ListDevices operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListDevices for more information on using the ListDevices API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListDevicesRequest method.
req, resp := client.ListDevicesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListDevices

func (*CognitoIdentityProvider) ListDevicesWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ListDevicesWithContext(ctx aws.Context, input *ListDevicesInput, opts ...request.Option) (*ListDevicesOutput, error)

ListDevicesWithContext is the same as ListDevices with the addition of the ability to pass a context and additional request options.

See ListDevices for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListGroups added in v1.6.4

ListGroups API operation for Amazon Cognito Identity Provider.

Lists the groups associated with a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ListGroups for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListGroups

func (*CognitoIdentityProvider) ListGroupsPages added in v1.19.12

func (c *CognitoIdentityProvider) ListGroupsPages(input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool) error

ListGroupsPages iterates over the pages of a ListGroups operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListGroups method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListGroups operation.
pageNum := 0
err := client.ListGroupsPages(params,
    func(page *cognitoidentityprovider.ListGroupsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*CognitoIdentityProvider) ListGroupsPagesWithContext added in v1.19.12

func (c *CognitoIdentityProvider) ListGroupsPagesWithContext(ctx aws.Context, input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool, opts ...request.Option) error

ListGroupsPagesWithContext same as ListGroupsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListGroupsRequest added in v1.6.4

func (c *CognitoIdentityProvider) ListGroupsRequest(input *ListGroupsInput) (req *request.Request, output *ListGroupsOutput)

ListGroupsRequest generates a "aws/request.Request" representing the client's request for the ListGroups operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListGroups for more information on using the ListGroups API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListGroupsRequest method.
req, resp := client.ListGroupsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListGroups

func (*CognitoIdentityProvider) ListGroupsWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ListGroupsWithContext(ctx aws.Context, input *ListGroupsInput, opts ...request.Option) (*ListGroupsOutput, error)

ListGroupsWithContext is the same as ListGroups with the addition of the ability to pass a context and additional request options.

See ListGroups for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListIdentityProviders added in v1.8.33

ListIdentityProviders API operation for Amazon Cognito Identity Provider.

Lists information about all IdPs for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ListIdentityProviders for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListIdentityProviders

func (*CognitoIdentityProvider) ListIdentityProvidersPages added in v1.19.12

func (c *CognitoIdentityProvider) ListIdentityProvidersPages(input *ListIdentityProvidersInput, fn func(*ListIdentityProvidersOutput, bool) bool) error

ListIdentityProvidersPages iterates over the pages of a ListIdentityProviders operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListIdentityProviders method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListIdentityProviders operation.
pageNum := 0
err := client.ListIdentityProvidersPages(params,
    func(page *cognitoidentityprovider.ListIdentityProvidersOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*CognitoIdentityProvider) ListIdentityProvidersPagesWithContext added in v1.19.12

func (c *CognitoIdentityProvider) ListIdentityProvidersPagesWithContext(ctx aws.Context, input *ListIdentityProvidersInput, fn func(*ListIdentityProvidersOutput, bool) bool, opts ...request.Option) error

ListIdentityProvidersPagesWithContext same as ListIdentityProvidersPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListIdentityProvidersRequest added in v1.8.33

func (c *CognitoIdentityProvider) ListIdentityProvidersRequest(input *ListIdentityProvidersInput) (req *request.Request, output *ListIdentityProvidersOutput)

ListIdentityProvidersRequest generates a "aws/request.Request" representing the client's request for the ListIdentityProviders operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListIdentityProviders for more information on using the ListIdentityProviders API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListIdentityProvidersRequest method.
req, resp := client.ListIdentityProvidersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListIdentityProviders

func (*CognitoIdentityProvider) ListIdentityProvidersWithContext added in v1.8.33

func (c *CognitoIdentityProvider) ListIdentityProvidersWithContext(ctx aws.Context, input *ListIdentityProvidersInput, opts ...request.Option) (*ListIdentityProvidersOutput, error)

ListIdentityProvidersWithContext is the same as ListIdentityProviders with the addition of the ability to pass a context and additional request options.

See ListIdentityProviders for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListResourceServers added in v1.10.24

ListResourceServers API operation for Amazon Cognito Identity Provider.

Lists the resource servers for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ListResourceServers for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListResourceServers

func (*CognitoIdentityProvider) ListResourceServersPages added in v1.19.12

func (c *CognitoIdentityProvider) ListResourceServersPages(input *ListResourceServersInput, fn func(*ListResourceServersOutput, bool) bool) error

ListResourceServersPages iterates over the pages of a ListResourceServers operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListResourceServers method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListResourceServers operation.
pageNum := 0
err := client.ListResourceServersPages(params,
    func(page *cognitoidentityprovider.ListResourceServersOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*CognitoIdentityProvider) ListResourceServersPagesWithContext added in v1.19.12

func (c *CognitoIdentityProvider) ListResourceServersPagesWithContext(ctx aws.Context, input *ListResourceServersInput, fn func(*ListResourceServersOutput, bool) bool, opts ...request.Option) error

ListResourceServersPagesWithContext same as ListResourceServersPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListResourceServersRequest added in v1.10.24

func (c *CognitoIdentityProvider) ListResourceServersRequest(input *ListResourceServersInput) (req *request.Request, output *ListResourceServersOutput)

ListResourceServersRequest generates a "aws/request.Request" representing the client's request for the ListResourceServers operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListResourceServers for more information on using the ListResourceServers API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListResourceServersRequest method.
req, resp := client.ListResourceServersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListResourceServers

func (*CognitoIdentityProvider) ListResourceServersWithContext added in v1.10.24

func (c *CognitoIdentityProvider) ListResourceServersWithContext(ctx aws.Context, input *ListResourceServersInput, opts ...request.Option) (*ListResourceServersOutput, error)

ListResourceServersWithContext is the same as ListResourceServers with the addition of the ability to pass a context and additional request options.

See ListResourceServers for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListTagsForResource added in v1.19.0

ListTagsForResource API operation for Amazon Cognito Identity Provider.

Lists the tags that are assigned to an Amazon Cognito user pool.

A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

You can use this action up to 10 times per second, per account.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ListTagsForResource for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListTagsForResource

func (*CognitoIdentityProvider) ListTagsForResourceRequest added in v1.19.0

func (c *CognitoIdentityProvider) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput)

ListTagsForResourceRequest generates a "aws/request.Request" representing the client's request for the ListTagsForResource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListTagsForResource for more information on using the ListTagsForResource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListTagsForResourceRequest method.
req, resp := client.ListTagsForResourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListTagsForResource

func (*CognitoIdentityProvider) ListTagsForResourceWithContext added in v1.19.0

func (c *CognitoIdentityProvider) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error)

ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of the ability to pass a context and additional request options.

See ListTagsForResource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListUserImportJobs added in v1.4.6

ListUserImportJobs API operation for Amazon Cognito Identity Provider.

Lists user import jobs for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ListUserImportJobs for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserImportJobs

func (*CognitoIdentityProvider) ListUserImportJobsRequest added in v1.4.6

func (c *CognitoIdentityProvider) ListUserImportJobsRequest(input *ListUserImportJobsInput) (req *request.Request, output *ListUserImportJobsOutput)

ListUserImportJobsRequest generates a "aws/request.Request" representing the client's request for the ListUserImportJobs operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUserImportJobs for more information on using the ListUserImportJobs API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUserImportJobsRequest method.
req, resp := client.ListUserImportJobsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserImportJobs

func (*CognitoIdentityProvider) ListUserImportJobsWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ListUserImportJobsWithContext(ctx aws.Context, input *ListUserImportJobsInput, opts ...request.Option) (*ListUserImportJobsOutput, error)

ListUserImportJobsWithContext is the same as ListUserImportJobs with the addition of the ability to pass a context and additional request options.

See ListUserImportJobs for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListUserPoolClients

ListUserPoolClients API operation for Amazon Cognito Identity Provider.

Lists the clients that have been created for the specified user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ListUserPoolClients for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserPoolClients

func (*CognitoIdentityProvider) ListUserPoolClientsPages added in v1.19.12

func (c *CognitoIdentityProvider) ListUserPoolClientsPages(input *ListUserPoolClientsInput, fn func(*ListUserPoolClientsOutput, bool) bool) error

ListUserPoolClientsPages iterates over the pages of a ListUserPoolClients operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUserPoolClients method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUserPoolClients operation.
pageNum := 0
err := client.ListUserPoolClientsPages(params,
    func(page *cognitoidentityprovider.ListUserPoolClientsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*CognitoIdentityProvider) ListUserPoolClientsPagesWithContext added in v1.19.12

func (c *CognitoIdentityProvider) ListUserPoolClientsPagesWithContext(ctx aws.Context, input *ListUserPoolClientsInput, fn func(*ListUserPoolClientsOutput, bool) bool, opts ...request.Option) error

ListUserPoolClientsPagesWithContext same as ListUserPoolClientsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListUserPoolClientsRequest

func (c *CognitoIdentityProvider) ListUserPoolClientsRequest(input *ListUserPoolClientsInput) (req *request.Request, output *ListUserPoolClientsOutput)

ListUserPoolClientsRequest generates a "aws/request.Request" representing the client's request for the ListUserPoolClients operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUserPoolClients for more information on using the ListUserPoolClients API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUserPoolClientsRequest method.
req, resp := client.ListUserPoolClientsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserPoolClients

func (*CognitoIdentityProvider) ListUserPoolClientsWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ListUserPoolClientsWithContext(ctx aws.Context, input *ListUserPoolClientsInput, opts ...request.Option) (*ListUserPoolClientsOutput, error)

ListUserPoolClientsWithContext is the same as ListUserPoolClients with the addition of the ability to pass a context and additional request options.

See ListUserPoolClients for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListUserPools

ListUserPools API operation for Amazon Cognito Identity Provider.

Lists the user pools associated with an Amazon Web Services account.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ListUserPools for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserPools

func (*CognitoIdentityProvider) ListUserPoolsPages added in v1.19.12

func (c *CognitoIdentityProvider) ListUserPoolsPages(input *ListUserPoolsInput, fn func(*ListUserPoolsOutput, bool) bool) error

ListUserPoolsPages iterates over the pages of a ListUserPools operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUserPools method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUserPools operation.
pageNum := 0
err := client.ListUserPoolsPages(params,
    func(page *cognitoidentityprovider.ListUserPoolsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*CognitoIdentityProvider) ListUserPoolsPagesWithContext added in v1.19.12

func (c *CognitoIdentityProvider) ListUserPoolsPagesWithContext(ctx aws.Context, input *ListUserPoolsInput, fn func(*ListUserPoolsOutput, bool) bool, opts ...request.Option) error

ListUserPoolsPagesWithContext same as ListUserPoolsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListUserPoolsRequest

func (c *CognitoIdentityProvider) ListUserPoolsRequest(input *ListUserPoolsInput) (req *request.Request, output *ListUserPoolsOutput)

ListUserPoolsRequest generates a "aws/request.Request" representing the client's request for the ListUserPools operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUserPools for more information on using the ListUserPools API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUserPoolsRequest method.
req, resp := client.ListUserPoolsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserPools

func (*CognitoIdentityProvider) ListUserPoolsWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ListUserPoolsWithContext(ctx aws.Context, input *ListUserPoolsInput, opts ...request.Option) (*ListUserPoolsOutput, error)

ListUserPoolsWithContext is the same as ListUserPools with the addition of the ability to pass a context and additional request options.

See ListUserPools for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListUsers

ListUsers API operation for Amazon Cognito Identity Provider.

Lists users and their basic details in a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ListUsers for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUsers

Example (Shared00)

A ListUsers request for the next 3 users whose email address starts with "testuser." This request submits a value for all possible parameters for ListUsers. By iterating the PaginationToken, you can page through and collect all users in a user pool.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
)

func main() {
	svc := cognitoidentityprovider.New(session.New())
	input := &cognitoidentityprovider.ListUsersInput{
		AttributesToGet: []*string{
			aws.String("email"),
			aws.String("sub"),
		},
		Filter:          aws.String("\"email\"^=\"testuser\""),
		Limit:           aws.Int64(3),
		PaginationToken: aws.String("abcd1234EXAMPLE"),
		UserPoolId:      aws.String("us-east-1_EXAMPLE"),
	}

	result, err := svc.ListUsers(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case cognitoidentityprovider.ErrCodeInvalidParameterException:
				fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error())
			case cognitoidentityprovider.ErrCodeResourceNotFoundException:
				fmt.Println(cognitoidentityprovider.ErrCodeResourceNotFoundException, aerr.Error())
			case cognitoidentityprovider.ErrCodeTooManyRequestsException:
				fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error())
			case cognitoidentityprovider.ErrCodeNotAuthorizedException:
				fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error())
			case cognitoidentityprovider.ErrCodeInternalErrorException:
				fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*CognitoIdentityProvider) ListUsersInGroup added in v1.6.4

ListUsersInGroup API operation for Amazon Cognito Identity Provider.

Lists the users in the specified group.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ListUsersInGroup for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUsersInGroup

func (*CognitoIdentityProvider) ListUsersInGroupPages added in v1.19.12

func (c *CognitoIdentityProvider) ListUsersInGroupPages(input *ListUsersInGroupInput, fn func(*ListUsersInGroupOutput, bool) bool) error

ListUsersInGroupPages iterates over the pages of a ListUsersInGroup operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUsersInGroup method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUsersInGroup operation.
pageNum := 0
err := client.ListUsersInGroupPages(params,
    func(page *cognitoidentityprovider.ListUsersInGroupOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*CognitoIdentityProvider) ListUsersInGroupPagesWithContext added in v1.19.12

func (c *CognitoIdentityProvider) ListUsersInGroupPagesWithContext(ctx aws.Context, input *ListUsersInGroupInput, fn func(*ListUsersInGroupOutput, bool) bool, opts ...request.Option) error

ListUsersInGroupPagesWithContext same as ListUsersInGroupPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListUsersInGroupRequest added in v1.6.4

func (c *CognitoIdentityProvider) ListUsersInGroupRequest(input *ListUsersInGroupInput) (req *request.Request, output *ListUsersInGroupOutput)

ListUsersInGroupRequest generates a "aws/request.Request" representing the client's request for the ListUsersInGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUsersInGroup for more information on using the ListUsersInGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUsersInGroupRequest method.
req, resp := client.ListUsersInGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUsersInGroup

func (*CognitoIdentityProvider) ListUsersInGroupWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ListUsersInGroupWithContext(ctx aws.Context, input *ListUsersInGroupInput, opts ...request.Option) (*ListUsersInGroupOutput, error)

ListUsersInGroupWithContext is the same as ListUsersInGroup with the addition of the ability to pass a context and additional request options.

See ListUsersInGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListUsersPages added in v1.25.6

func (c *CognitoIdentityProvider) ListUsersPages(input *ListUsersInput, fn func(*ListUsersOutput, bool) bool) error

ListUsersPages iterates over the pages of a ListUsers operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUsers method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUsers operation.
pageNum := 0
err := client.ListUsersPages(params,
    func(page *cognitoidentityprovider.ListUsersOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*CognitoIdentityProvider) ListUsersPagesWithContext added in v1.25.6

func (c *CognitoIdentityProvider) ListUsersPagesWithContext(ctx aws.Context, input *ListUsersInput, fn func(*ListUsersOutput, bool) bool, opts ...request.Option) error

ListUsersPagesWithContext same as ListUsersPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ListUsersRequest

func (c *CognitoIdentityProvider) ListUsersRequest(input *ListUsersInput) (req *request.Request, output *ListUsersOutput)

ListUsersRequest generates a "aws/request.Request" representing the client's request for the ListUsers operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUsers for more information on using the ListUsers API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUsersRequest method.
req, resp := client.ListUsersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUsers

func (*CognitoIdentityProvider) ListUsersWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ListUsersWithContext(ctx aws.Context, input *ListUsersInput, opts ...request.Option) (*ListUsersOutput, error)

ListUsersWithContext is the same as ListUsers with the addition of the ability to pass a context and additional request options.

See ListUsers for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) ResendConfirmationCode

ResendConfirmationCode API operation for Amazon Cognito Identity Provider.

Resends the confirmation (for confirmation of registration) to a specific user in the user pool.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation ResendConfirmationCode for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • InvalidEmailRoleAccessPolicyException This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

  • CodeDeliveryFailureException This exception is thrown when a verification code fails to deliver successfully.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ResendConfirmationCode

func (*CognitoIdentityProvider) ResendConfirmationCodeRequest

func (c *CognitoIdentityProvider) ResendConfirmationCodeRequest(input *ResendConfirmationCodeInput) (req *request.Request, output *ResendConfirmationCodeOutput)

ResendConfirmationCodeRequest generates a "aws/request.Request" representing the client's request for the ResendConfirmationCode operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ResendConfirmationCode for more information on using the ResendConfirmationCode API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ResendConfirmationCodeRequest method.
req, resp := client.ResendConfirmationCodeRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ResendConfirmationCode

func (*CognitoIdentityProvider) ResendConfirmationCodeWithContext added in v1.8.0

func (c *CognitoIdentityProvider) ResendConfirmationCodeWithContext(ctx aws.Context, input *ResendConfirmationCodeInput, opts ...request.Option) (*ResendConfirmationCodeOutput, error)

ResendConfirmationCodeWithContext is the same as ResendConfirmationCode with the addition of the ability to pass a context and additional request options.

See ResendConfirmationCode for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) RespondToAuthChallenge added in v1.2.10

RespondToAuthChallenge API operation for Amazon Cognito Identity Provider.

Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A RespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html).

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation RespondToAuthChallenge for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • CodeMismatchException This exception is thrown if the provided code doesn't match what the server was expecting.

  • ExpiredCodeException This exception is thrown if a code has expired.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • InvalidPasswordException This exception is thrown when Amazon Cognito encounters an invalid password.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • MFAMethodNotFoundException This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • AliasExistsException This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • SoftwareTokenMFANotFoundException This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RespondToAuthChallenge

func (*CognitoIdentityProvider) RespondToAuthChallengeRequest added in v1.2.10

func (c *CognitoIdentityProvider) RespondToAuthChallengeRequest(input *RespondToAuthChallengeInput) (req *request.Request, output *RespondToAuthChallengeOutput)

RespondToAuthChallengeRequest generates a "aws/request.Request" representing the client's request for the RespondToAuthChallenge operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RespondToAuthChallenge for more information on using the RespondToAuthChallenge API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RespondToAuthChallengeRequest method.
req, resp := client.RespondToAuthChallengeRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RespondToAuthChallenge

func (*CognitoIdentityProvider) RespondToAuthChallengeWithContext added in v1.8.0

func (c *CognitoIdentityProvider) RespondToAuthChallengeWithContext(ctx aws.Context, input *RespondToAuthChallengeInput, opts ...request.Option) (*RespondToAuthChallengeOutput, error)

RespondToAuthChallengeWithContext is the same as RespondToAuthChallenge with the addition of the ability to pass a context and additional request options.

See RespondToAuthChallenge for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) RevokeToken added in v1.38.59

RevokeToken API operation for Amazon Cognito Identity Provider.

Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation RevokeToken for usage and error information.

Returned Error Types:

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • UnauthorizedException Exception that is thrown when the request isn't authorized. This can happen due to an invalid access token in the request.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UnsupportedOperationException Exception that is thrown when you attempt to perform an operation that isn't enabled for the user pool client.

  • UnsupportedTokenTypeException Exception that is thrown when an unsupported token is passed to an operation.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeToken

func (*CognitoIdentityProvider) RevokeTokenRequest added in v1.38.59

func (c *CognitoIdentityProvider) RevokeTokenRequest(input *RevokeTokenInput) (req *request.Request, output *RevokeTokenOutput)

RevokeTokenRequest generates a "aws/request.Request" representing the client's request for the RevokeToken operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RevokeToken for more information on using the RevokeToken API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RevokeTokenRequest method.
req, resp := client.RevokeTokenRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeToken

func (*CognitoIdentityProvider) RevokeTokenWithContext added in v1.38.59

func (c *CognitoIdentityProvider) RevokeTokenWithContext(ctx aws.Context, input *RevokeTokenInput, opts ...request.Option) (*RevokeTokenOutput, error)

RevokeTokenWithContext is the same as RevokeToken with the addition of the ability to pass a context and additional request options.

See RevokeToken for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) SetLogDeliveryConfiguration added in v1.44.315

SetLogDeliveryConfiguration API operation for Amazon Cognito Identity Provider.

Sets up or modifies the detailed activity logging configuration of a user pool.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation SetLogDeliveryConfiguration for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetLogDeliveryConfiguration

func (*CognitoIdentityProvider) SetLogDeliveryConfigurationRequest added in v1.44.315

func (c *CognitoIdentityProvider) SetLogDeliveryConfigurationRequest(input *SetLogDeliveryConfigurationInput) (req *request.Request, output *SetLogDeliveryConfigurationOutput)

SetLogDeliveryConfigurationRequest generates a "aws/request.Request" representing the client's request for the SetLogDeliveryConfiguration operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SetLogDeliveryConfiguration for more information on using the SetLogDeliveryConfiguration API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SetLogDeliveryConfigurationRequest method.
req, resp := client.SetLogDeliveryConfigurationRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetLogDeliveryConfiguration

func (*CognitoIdentityProvider) SetLogDeliveryConfigurationWithContext added in v1.44.315

func (c *CognitoIdentityProvider) SetLogDeliveryConfigurationWithContext(ctx aws.Context, input *SetLogDeliveryConfigurationInput, opts ...request.Option) (*SetLogDeliveryConfigurationOutput, error)

SetLogDeliveryConfigurationWithContext is the same as SetLogDeliveryConfiguration with the addition of the ability to pass a context and additional request options.

See SetLogDeliveryConfiguration for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) SetRiskConfiguration added in v1.12.35

SetRiskConfiguration API operation for Amazon Cognito Identity Provider.

Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.

To activate Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation SetRiskConfiguration for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserPoolAddOnNotEnabledException This exception is thrown when user pool add-ons aren't enabled.

  • CodeDeliveryFailureException This exception is thrown when a verification code fails to deliver successfully.

  • InvalidEmailRoleAccessPolicyException This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetRiskConfiguration

func (*CognitoIdentityProvider) SetRiskConfigurationRequest added in v1.12.35

func (c *CognitoIdentityProvider) SetRiskConfigurationRequest(input *SetRiskConfigurationInput) (req *request.Request, output *SetRiskConfigurationOutput)

SetRiskConfigurationRequest generates a "aws/request.Request" representing the client's request for the SetRiskConfiguration operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SetRiskConfiguration for more information on using the SetRiskConfiguration API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SetRiskConfigurationRequest method.
req, resp := client.SetRiskConfigurationRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetRiskConfiguration

func (*CognitoIdentityProvider) SetRiskConfigurationWithContext added in v1.12.35

func (c *CognitoIdentityProvider) SetRiskConfigurationWithContext(ctx aws.Context, input *SetRiskConfigurationInput, opts ...request.Option) (*SetRiskConfigurationOutput, error)

SetRiskConfigurationWithContext is the same as SetRiskConfiguration with the addition of the ability to pass a context and additional request options.

See SetRiskConfiguration for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) SetUICustomization added in v1.10.24

SetUICustomization API operation for Amazon Cognito Identity Provider.

Sets the user interface (UI) customization information for a user pool's built-in app UI.

You can specify app UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to ALL). If you specify ALL, the default configuration is used for every client that has no previously set UI customization. If you specify UI customization settings for a particular client, it will no longer return to the ALL configuration.

To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation SetUICustomization for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUICustomization

func (*CognitoIdentityProvider) SetUICustomizationRequest added in v1.10.24

func (c *CognitoIdentityProvider) SetUICustomizationRequest(input *SetUICustomizationInput) (req *request.Request, output *SetUICustomizationOutput)

SetUICustomizationRequest generates a "aws/request.Request" representing the client's request for the SetUICustomization operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SetUICustomization for more information on using the SetUICustomization API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SetUICustomizationRequest method.
req, resp := client.SetUICustomizationRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUICustomization

func (*CognitoIdentityProvider) SetUICustomizationWithContext added in v1.10.24

func (c *CognitoIdentityProvider) SetUICustomizationWithContext(ctx aws.Context, input *SetUICustomizationInput, opts ...request.Option) (*SetUICustomizationOutput, error)

SetUICustomizationWithContext is the same as SetUICustomization with the addition of the ability to pass a context and additional request options.

See SetUICustomization for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) SetUserMFAPreference added in v1.12.35

SetUserMFAPreference API operation for Amazon Cognito Identity Provider.

Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation SetUserMFAPreference for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserMFAPreference

func (*CognitoIdentityProvider) SetUserMFAPreferenceRequest added in v1.12.35

func (c *CognitoIdentityProvider) SetUserMFAPreferenceRequest(input *SetUserMFAPreferenceInput) (req *request.Request, output *SetUserMFAPreferenceOutput)

SetUserMFAPreferenceRequest generates a "aws/request.Request" representing the client's request for the SetUserMFAPreference operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SetUserMFAPreference for more information on using the SetUserMFAPreference API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SetUserMFAPreferenceRequest method.
req, resp := client.SetUserMFAPreferenceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserMFAPreference

func (*CognitoIdentityProvider) SetUserMFAPreferenceWithContext added in v1.12.35

func (c *CognitoIdentityProvider) SetUserMFAPreferenceWithContext(ctx aws.Context, input *SetUserMFAPreferenceInput, opts ...request.Option) (*SetUserMFAPreferenceOutput, error)

SetUserMFAPreferenceWithContext is the same as SetUserMFAPreference with the addition of the ability to pass a context and additional request options.

See SetUserMFAPreference for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) SetUserPoolMfaConfig added in v1.12.35

SetUserPoolMfaConfig API operation for Amazon Cognito Identity Provider.

Sets the user pool multi-factor authentication (MFA) configuration.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation SetUserPoolMfaConfig for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • ConcurrentModificationException This exception is thrown if two or more modifications are happening concurrently.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserPoolMfaConfig

func (*CognitoIdentityProvider) SetUserPoolMfaConfigRequest added in v1.12.35

func (c *CognitoIdentityProvider) SetUserPoolMfaConfigRequest(input *SetUserPoolMfaConfigInput) (req *request.Request, output *SetUserPoolMfaConfigOutput)

SetUserPoolMfaConfigRequest generates a "aws/request.Request" representing the client's request for the SetUserPoolMfaConfig operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SetUserPoolMfaConfig for more information on using the SetUserPoolMfaConfig API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SetUserPoolMfaConfigRequest method.
req, resp := client.SetUserPoolMfaConfigRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserPoolMfaConfig

func (*CognitoIdentityProvider) SetUserPoolMfaConfigWithContext added in v1.12.35

func (c *CognitoIdentityProvider) SetUserPoolMfaConfigWithContext(ctx aws.Context, input *SetUserPoolMfaConfigInput, opts ...request.Option) (*SetUserPoolMfaConfigOutput, error)

SetUserPoolMfaConfigWithContext is the same as SetUserPoolMfaConfig with the addition of the ability to pass a context and additional request options.

See SetUserPoolMfaConfig for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) SetUserSettings

SetUserSettings API operation for Amazon Cognito Identity Provider.

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html) instead.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation SetUserSettings for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserSettings

func (*CognitoIdentityProvider) SetUserSettingsRequest

func (c *CognitoIdentityProvider) SetUserSettingsRequest(input *SetUserSettingsInput) (req *request.Request, output *SetUserSettingsOutput)

SetUserSettingsRequest generates a "aws/request.Request" representing the client's request for the SetUserSettings operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SetUserSettings for more information on using the SetUserSettings API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SetUserSettingsRequest method.
req, resp := client.SetUserSettingsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserSettings

func (*CognitoIdentityProvider) SetUserSettingsWithContext added in v1.8.0

func (c *CognitoIdentityProvider) SetUserSettingsWithContext(ctx aws.Context, input *SetUserSettingsInput, opts ...request.Option) (*SetUserSettingsOutput, error)

SetUserSettingsWithContext is the same as SetUserSettings with the addition of the ability to pass a context and additional request options.

See SetUserSettings for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) SignUp

func (c *CognitoIdentityProvider) SignUp(input *SignUpInput) (*SignUpOutput, error)

SignUp API operation for Amazon Cognito Identity Provider.

Registers the user in the specified user pool and creates a user name, password, and user attributes.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation SignUp for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InvalidPasswordException This exception is thrown when Amazon Cognito encounters an invalid password.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • UsernameExistsException This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • InvalidEmailRoleAccessPolicyException This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

  • CodeDeliveryFailureException This exception is thrown when a verification code fails to deliver successfully.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SignUp

func (*CognitoIdentityProvider) SignUpRequest

func (c *CognitoIdentityProvider) SignUpRequest(input *SignUpInput) (req *request.Request, output *SignUpOutput)

SignUpRequest generates a "aws/request.Request" representing the client's request for the SignUp operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SignUp for more information on using the SignUp API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SignUpRequest method.
req, resp := client.SignUpRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SignUp

func (*CognitoIdentityProvider) SignUpWithContext added in v1.8.0

func (c *CognitoIdentityProvider) SignUpWithContext(ctx aws.Context, input *SignUpInput, opts ...request.Option) (*SignUpOutput, error)

SignUpWithContext is the same as SignUp with the addition of the ability to pass a context and additional request options.

See SignUp for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) StartUserImportJob added in v1.4.6

StartUserImportJob API operation for Amazon Cognito Identity Provider.

Starts the user import.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation StartUserImportJob for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • PreconditionNotMetException This exception is thrown when a precondition is not met.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/StartUserImportJob

func (*CognitoIdentityProvider) StartUserImportJobRequest added in v1.4.6

func (c *CognitoIdentityProvider) StartUserImportJobRequest(input *StartUserImportJobInput) (req *request.Request, output *StartUserImportJobOutput)

StartUserImportJobRequest generates a "aws/request.Request" representing the client's request for the StartUserImportJob operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See StartUserImportJob for more information on using the StartUserImportJob API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the StartUserImportJobRequest method.
req, resp := client.StartUserImportJobRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/StartUserImportJob

func (*CognitoIdentityProvider) StartUserImportJobWithContext added in v1.8.0

func (c *CognitoIdentityProvider) StartUserImportJobWithContext(ctx aws.Context, input *StartUserImportJobInput, opts ...request.Option) (*StartUserImportJobOutput, error)

StartUserImportJobWithContext is the same as StartUserImportJob with the addition of the ability to pass a context and additional request options.

See StartUserImportJob for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) StopUserImportJob added in v1.4.6

StopUserImportJob API operation for Amazon Cognito Identity Provider.

Stops the user import job.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation StopUserImportJob for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • PreconditionNotMetException This exception is thrown when a precondition is not met.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/StopUserImportJob

func (*CognitoIdentityProvider) StopUserImportJobRequest added in v1.4.6

func (c *CognitoIdentityProvider) StopUserImportJobRequest(input *StopUserImportJobInput) (req *request.Request, output *StopUserImportJobOutput)

StopUserImportJobRequest generates a "aws/request.Request" representing the client's request for the StopUserImportJob operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See StopUserImportJob for more information on using the StopUserImportJob API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the StopUserImportJobRequest method.
req, resp := client.StopUserImportJobRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/StopUserImportJob

func (*CognitoIdentityProvider) StopUserImportJobWithContext added in v1.8.0

func (c *CognitoIdentityProvider) StopUserImportJobWithContext(ctx aws.Context, input *StopUserImportJobInput, opts ...request.Option) (*StopUserImportJobOutput, error)

StopUserImportJobWithContext is the same as StopUserImportJob with the addition of the ability to pass a context and additional request options.

See StopUserImportJob for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) TagResource added in v1.19.0

TagResource API operation for Amazon Cognito Identity Provider.

Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.

Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool, one for testing and another for production, you might assign an Environment tag key to both user pools. The value of this key might be Test for one user pool, and Production for the other.

Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.

You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation TagResource for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/TagResource

func (*CognitoIdentityProvider) TagResourceRequest added in v1.19.0

func (c *CognitoIdentityProvider) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput)

TagResourceRequest generates a "aws/request.Request" representing the client's request for the TagResource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See TagResource for more information on using the TagResource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the TagResourceRequest method.
req, resp := client.TagResourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/TagResource

func (*CognitoIdentityProvider) TagResourceWithContext added in v1.19.0

func (c *CognitoIdentityProvider) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error)

TagResourceWithContext is the same as TagResource with the addition of the ability to pass a context and additional request options.

See TagResource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) UntagResource added in v1.19.0

UntagResource API operation for Amazon Cognito Identity Provider.

Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation UntagResource for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UntagResource

func (*CognitoIdentityProvider) UntagResourceRequest added in v1.19.0

func (c *CognitoIdentityProvider) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput)

UntagResourceRequest generates a "aws/request.Request" representing the client's request for the UntagResource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UntagResource for more information on using the UntagResource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UntagResourceRequest method.
req, resp := client.UntagResourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UntagResource

func (*CognitoIdentityProvider) UntagResourceWithContext added in v1.19.0

func (c *CognitoIdentityProvider) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error)

UntagResourceWithContext is the same as UntagResource with the addition of the ability to pass a context and additional request options.

See UntagResource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) UpdateAuthEventFeedback added in v1.12.35

UpdateAuthEventFeedback API operation for Amazon Cognito Identity Provider.

Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation UpdateAuthEventFeedback for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserPoolAddOnNotEnabledException This exception is thrown when user pool add-ons aren't enabled.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateAuthEventFeedback

func (*CognitoIdentityProvider) UpdateAuthEventFeedbackRequest added in v1.12.35

func (c *CognitoIdentityProvider) UpdateAuthEventFeedbackRequest(input *UpdateAuthEventFeedbackInput) (req *request.Request, output *UpdateAuthEventFeedbackOutput)

UpdateAuthEventFeedbackRequest generates a "aws/request.Request" representing the client's request for the UpdateAuthEventFeedback operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAuthEventFeedback for more information on using the UpdateAuthEventFeedback API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAuthEventFeedbackRequest method.
req, resp := client.UpdateAuthEventFeedbackRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateAuthEventFeedback

func (*CognitoIdentityProvider) UpdateAuthEventFeedbackWithContext added in v1.12.35

func (c *CognitoIdentityProvider) UpdateAuthEventFeedbackWithContext(ctx aws.Context, input *UpdateAuthEventFeedbackInput, opts ...request.Option) (*UpdateAuthEventFeedbackOutput, error)

UpdateAuthEventFeedbackWithContext is the same as UpdateAuthEventFeedback with the addition of the ability to pass a context and additional request options.

See UpdateAuthEventFeedback for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) UpdateDeviceStatus added in v1.2.10

UpdateDeviceStatus API operation for Amazon Cognito Identity Provider.

Updates the device status. For more information about device authentication, see Working with user devices in your user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation UpdateDeviceStatus for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateDeviceStatus

func (*CognitoIdentityProvider) UpdateDeviceStatusRequest added in v1.2.10

func (c *CognitoIdentityProvider) UpdateDeviceStatusRequest(input *UpdateDeviceStatusInput) (req *request.Request, output *UpdateDeviceStatusOutput)

UpdateDeviceStatusRequest generates a "aws/request.Request" representing the client's request for the UpdateDeviceStatus operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateDeviceStatus for more information on using the UpdateDeviceStatus API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateDeviceStatusRequest method.
req, resp := client.UpdateDeviceStatusRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateDeviceStatus

func (*CognitoIdentityProvider) UpdateDeviceStatusWithContext added in v1.8.0

func (c *CognitoIdentityProvider) UpdateDeviceStatusWithContext(ctx aws.Context, input *UpdateDeviceStatusInput, opts ...request.Option) (*UpdateDeviceStatusOutput, error)

UpdateDeviceStatusWithContext is the same as UpdateDeviceStatus with the addition of the ability to pass a context and additional request options.

See UpdateDeviceStatus for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) UpdateGroup added in v1.6.4

UpdateGroup API operation for Amazon Cognito Identity Provider.

Updates the specified group with the specified attributes.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation UpdateGroup for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateGroup

func (*CognitoIdentityProvider) UpdateGroupRequest added in v1.6.4

func (c *CognitoIdentityProvider) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, output *UpdateGroupOutput)

UpdateGroupRequest generates a "aws/request.Request" representing the client's request for the UpdateGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateGroup for more information on using the UpdateGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateGroupRequest method.
req, resp := client.UpdateGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateGroup

func (*CognitoIdentityProvider) UpdateGroupWithContext added in v1.8.0

func (c *CognitoIdentityProvider) UpdateGroupWithContext(ctx aws.Context, input *UpdateGroupInput, opts ...request.Option) (*UpdateGroupOutput, error)

UpdateGroupWithContext is the same as UpdateGroup with the addition of the ability to pass a context and additional request options.

See UpdateGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) UpdateIdentityProvider added in v1.8.33

UpdateIdentityProvider API operation for Amazon Cognito Identity Provider.

Updates IdP information for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation UpdateIdentityProvider for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • UnsupportedIdentityProviderException This exception is thrown when the specified identifier isn't supported.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • ConcurrentModificationException This exception is thrown if two or more modifications are happening concurrently.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateIdentityProvider

func (*CognitoIdentityProvider) UpdateIdentityProviderRequest added in v1.8.33

func (c *CognitoIdentityProvider) UpdateIdentityProviderRequest(input *UpdateIdentityProviderInput) (req *request.Request, output *UpdateIdentityProviderOutput)

UpdateIdentityProviderRequest generates a "aws/request.Request" representing the client's request for the UpdateIdentityProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateIdentityProvider for more information on using the UpdateIdentityProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateIdentityProviderRequest method.
req, resp := client.UpdateIdentityProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateIdentityProvider

func (*CognitoIdentityProvider) UpdateIdentityProviderWithContext added in v1.8.33

func (c *CognitoIdentityProvider) UpdateIdentityProviderWithContext(ctx aws.Context, input *UpdateIdentityProviderInput, opts ...request.Option) (*UpdateIdentityProviderOutput, error)

UpdateIdentityProviderWithContext is the same as UpdateIdentityProvider with the addition of the ability to pass a context and additional request options.

See UpdateIdentityProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) UpdateResourceServer added in v1.10.24

UpdateResourceServer API operation for Amazon Cognito Identity Provider.

Updates the name and scopes of resource server. All other fields are read-only.

If you don't provide a value for an attribute, it is set to the default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation UpdateResourceServer for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateResourceServer

func (*CognitoIdentityProvider) UpdateResourceServerRequest added in v1.10.24

func (c *CognitoIdentityProvider) UpdateResourceServerRequest(input *UpdateResourceServerInput) (req *request.Request, output *UpdateResourceServerOutput)

UpdateResourceServerRequest generates a "aws/request.Request" representing the client's request for the UpdateResourceServer operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateResourceServer for more information on using the UpdateResourceServer API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateResourceServerRequest method.
req, resp := client.UpdateResourceServerRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateResourceServer

func (*CognitoIdentityProvider) UpdateResourceServerWithContext added in v1.10.24

func (c *CognitoIdentityProvider) UpdateResourceServerWithContext(ctx aws.Context, input *UpdateResourceServerInput, opts ...request.Option) (*UpdateResourceServerOutput, error)

UpdateResourceServerWithContext is the same as UpdateResourceServer with the addition of the ability to pass a context and additional request options.

See UpdateResourceServer for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) UpdateUserAttributes

UpdateUserAttributes API operation for Amazon Cognito Identity Provider.

With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user's access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the custom: prefix.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation UpdateUserAttributes for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • CodeMismatchException This exception is thrown if the provided code doesn't match what the server was expecting.

  • ExpiredCodeException This exception is thrown if a code has expired.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UnexpectedLambdaException This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

  • UserLambdaValidationException This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

  • InvalidLambdaResponseException This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • AliasExistsException This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • InvalidEmailRoleAccessPolicyException This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

  • CodeDeliveryFailureException This exception is thrown when a verification code fails to deliver successfully.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserAttributes

func (*CognitoIdentityProvider) UpdateUserAttributesRequest

func (c *CognitoIdentityProvider) UpdateUserAttributesRequest(input *UpdateUserAttributesInput) (req *request.Request, output *UpdateUserAttributesOutput)

UpdateUserAttributesRequest generates a "aws/request.Request" representing the client's request for the UpdateUserAttributes operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateUserAttributes for more information on using the UpdateUserAttributes API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateUserAttributesRequest method.
req, resp := client.UpdateUserAttributesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserAttributes

func (*CognitoIdentityProvider) UpdateUserAttributesWithContext added in v1.8.0

func (c *CognitoIdentityProvider) UpdateUserAttributesWithContext(ctx aws.Context, input *UpdateUserAttributesInput, opts ...request.Option) (*UpdateUserAttributesOutput, error)

UpdateUserAttributesWithContext is the same as UpdateUserAttributes with the addition of the ability to pass a context and additional request options.

See UpdateUserAttributes for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) UpdateUserPool

UpdateUserPool API operation for Amazon Cognito Identity Provider.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html) , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) in the Amazon Cognito Developer Guide.

Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html).

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation UpdateUserPool for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ConcurrentModificationException This exception is thrown if two or more modifications are happening concurrently.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • UserImportInProgressException This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • InvalidSmsRoleAccessPolicyException This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

  • InvalidSmsRoleTrustRelationshipException This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

  • UserPoolTaggingException This exception is thrown when a user pool tag can't be set or updated.

  • InvalidEmailRoleAccessPolicyException This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPool

func (*CognitoIdentityProvider) UpdateUserPoolClient

UpdateUserPoolClient API operation for Amazon Cognito Identity Provider.

Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html).

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation UpdateUserPoolClient for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ConcurrentModificationException This exception is thrown if two or more modifications are happening concurrently.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • ScopeDoesNotExistException This exception is thrown when the specified scope doesn't exist.

  • InvalidOAuthFlowException This exception is thrown when the specified OAuth flow is not valid.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolClient

func (*CognitoIdentityProvider) UpdateUserPoolClientRequest

func (c *CognitoIdentityProvider) UpdateUserPoolClientRequest(input *UpdateUserPoolClientInput) (req *request.Request, output *UpdateUserPoolClientOutput)

UpdateUserPoolClientRequest generates a "aws/request.Request" representing the client's request for the UpdateUserPoolClient operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateUserPoolClient for more information on using the UpdateUserPoolClient API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateUserPoolClientRequest method.
req, resp := client.UpdateUserPoolClientRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolClient

func (*CognitoIdentityProvider) UpdateUserPoolClientWithContext added in v1.8.0

func (c *CognitoIdentityProvider) UpdateUserPoolClientWithContext(ctx aws.Context, input *UpdateUserPoolClientInput, opts ...request.Option) (*UpdateUserPoolClientOutput, error)

UpdateUserPoolClientWithContext is the same as UpdateUserPoolClient with the addition of the ability to pass a context and additional request options.

See UpdateUserPoolClient for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) UpdateUserPoolDomain added in v1.16.10

UpdateUserPoolDomain API operation for Amazon Cognito Identity Provider.

Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.

You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can't use it to change the domain for a user pool.

A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.

Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically.

However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito.

When you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region.

After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.

For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html).

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation UpdateUserPoolDomain for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolDomain

func (*CognitoIdentityProvider) UpdateUserPoolDomainRequest added in v1.16.10

func (c *CognitoIdentityProvider) UpdateUserPoolDomainRequest(input *UpdateUserPoolDomainInput) (req *request.Request, output *UpdateUserPoolDomainOutput)

UpdateUserPoolDomainRequest generates a "aws/request.Request" representing the client's request for the UpdateUserPoolDomain operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateUserPoolDomain for more information on using the UpdateUserPoolDomain API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateUserPoolDomainRequest method.
req, resp := client.UpdateUserPoolDomainRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolDomain

func (*CognitoIdentityProvider) UpdateUserPoolDomainWithContext added in v1.16.10

func (c *CognitoIdentityProvider) UpdateUserPoolDomainWithContext(ctx aws.Context, input *UpdateUserPoolDomainInput, opts ...request.Option) (*UpdateUserPoolDomainOutput, error)

UpdateUserPoolDomainWithContext is the same as UpdateUserPoolDomain with the addition of the ability to pass a context and additional request options.

See UpdateUserPoolDomain for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) UpdateUserPoolRequest

func (c *CognitoIdentityProvider) UpdateUserPoolRequest(input *UpdateUserPoolInput) (req *request.Request, output *UpdateUserPoolOutput)

UpdateUserPoolRequest generates a "aws/request.Request" representing the client's request for the UpdateUserPool operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateUserPool for more information on using the UpdateUserPool API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateUserPoolRequest method.
req, resp := client.UpdateUserPoolRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPool

func (*CognitoIdentityProvider) UpdateUserPoolWithContext added in v1.8.0

func (c *CognitoIdentityProvider) UpdateUserPoolWithContext(ctx aws.Context, input *UpdateUserPoolInput, opts ...request.Option) (*UpdateUserPoolOutput, error)

UpdateUserPoolWithContext is the same as UpdateUserPool with the addition of the ability to pass a context and additional request options.

See UpdateUserPool for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) VerifySoftwareToken added in v1.12.35

VerifySoftwareToken API operation for Amazon Cognito Identity Provider.

Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful. The request takes an access token or a session string, but not both.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation VerifySoftwareToken for usage and error information.

Returned Error Types:

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidUserPoolConfigurationException This exception is thrown when the user pool configuration is not valid.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • EnableSoftwareTokenMFAException This exception is thrown when there is a code mismatch and the service fails to configure the software token TOTP multi-factor authentication (MFA).

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • SoftwareTokenMFANotFoundException This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

  • CodeMismatchException This exception is thrown if the provided code doesn't match what the server was expecting.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/VerifySoftwareToken

func (*CognitoIdentityProvider) VerifySoftwareTokenRequest added in v1.12.35

func (c *CognitoIdentityProvider) VerifySoftwareTokenRequest(input *VerifySoftwareTokenInput) (req *request.Request, output *VerifySoftwareTokenOutput)

VerifySoftwareTokenRequest generates a "aws/request.Request" representing the client's request for the VerifySoftwareToken operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See VerifySoftwareToken for more information on using the VerifySoftwareToken API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the VerifySoftwareTokenRequest method.
req, resp := client.VerifySoftwareTokenRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/VerifySoftwareToken

func (*CognitoIdentityProvider) VerifySoftwareTokenWithContext added in v1.12.35

func (c *CognitoIdentityProvider) VerifySoftwareTokenWithContext(ctx aws.Context, input *VerifySoftwareTokenInput, opts ...request.Option) (*VerifySoftwareTokenOutput, error)

VerifySoftwareTokenWithContext is the same as VerifySoftwareToken with the addition of the ability to pass a context and additional request options.

See VerifySoftwareToken for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*CognitoIdentityProvider) VerifyUserAttribute

VerifyUserAttribute API operation for Amazon Cognito Identity Provider.

Verifies the specified user attributes in the user pool.

If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see UserAttributeUpdateSettingsType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserAttributeUpdateSettingsType.html).

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Cognito Identity Provider's API operation VerifyUserAttribute for usage and error information.

Returned Error Types:

  • ResourceNotFoundException This exception is thrown when the Amazon Cognito service can't find the requested resource.

  • InvalidParameterException This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

  • CodeMismatchException This exception is thrown if the provided code doesn't match what the server was expecting.

  • ExpiredCodeException This exception is thrown if a code has expired.

  • NotAuthorizedException This exception is thrown when a user isn't authorized.

  • TooManyRequestsException This exception is thrown when the user has made too many requests for a given operation.

  • LimitExceededException This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

  • PasswordResetRequiredException This exception is thrown when a password reset is required.

  • UserNotFoundException This exception is thrown when a user isn't found.

  • UserNotConfirmedException This exception is thrown when a user isn't confirmed successfully.

  • InternalErrorException This exception is thrown when Amazon Cognito encounters an internal error.

  • AliasExistsException This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

  • ForbiddenException This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/VerifyUserAttribute

func (*CognitoIdentityProvider) VerifyUserAttributeRequest

func (c *CognitoIdentityProvider) VerifyUserAttributeRequest(input *VerifyUserAttributeInput) (req *request.Request, output *VerifyUserAttributeOutput)

VerifyUserAttributeRequest generates a "aws/request.Request" representing the client's request for the VerifyUserAttribute operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See VerifyUserAttribute for more information on using the VerifyUserAttribute API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the VerifyUserAttributeRequest method.
req, resp := client.VerifyUserAttributeRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/VerifyUserAttribute

func (*CognitoIdentityProvider) VerifyUserAttributeWithContext added in v1.8.0

func (c *CognitoIdentityProvider) VerifyUserAttributeWithContext(ctx aws.Context, input *VerifyUserAttributeInput, opts ...request.Option) (*VerifyUserAttributeOutput, error)

VerifyUserAttributeWithContext is the same as VerifyUserAttribute with the addition of the ability to pass a context and additional request options.

See VerifyUserAttribute for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

type CompromisedCredentialsActionsType added in v1.12.35

type CompromisedCredentialsActionsType struct {

	// The event action.
	//
	// EventAction is a required field
	EventAction *string `type:"string" required:"true" enum:"CompromisedCredentialsEventActionType"`
	// contains filtered or unexported fields
}

The compromised credentials actions type.

func (CompromisedCredentialsActionsType) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CompromisedCredentialsActionsType) SetEventAction added in v1.12.35

SetEventAction sets the EventAction field's value.

func (CompromisedCredentialsActionsType) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CompromisedCredentialsActionsType) Validate added in v1.12.35

Validate inspects the fields of the type to determine if they are valid.

type CompromisedCredentialsRiskConfigurationType added in v1.12.35

type CompromisedCredentialsRiskConfigurationType struct {

	// The compromised credentials risk configuration actions.
	//
	// Actions is a required field
	Actions *CompromisedCredentialsActionsType `type:"structure" required:"true"`

	// Perform the action for these events. The default is to perform all events
	// if no event filter is specified.
	EventFilter []*string `type:"list" enum:"EventFilterType"`
	// contains filtered or unexported fields
}

The compromised credentials risk configuration type.

func (CompromisedCredentialsRiskConfigurationType) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CompromisedCredentialsRiskConfigurationType) SetActions added in v1.12.35

SetActions sets the Actions field's value.

func (*CompromisedCredentialsRiskConfigurationType) SetEventFilter added in v1.12.35

SetEventFilter sets the EventFilter field's value.

func (CompromisedCredentialsRiskConfigurationType) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CompromisedCredentialsRiskConfigurationType) Validate added in v1.12.35

Validate inspects the fields of the type to determine if they are valid.

type ConcurrentModificationException added in v1.28.0

type ConcurrentModificationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message provided when the concurrent exception is thrown.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown if two or more modifications are happening concurrently.

func (*ConcurrentModificationException) Code added in v1.28.0

Code returns the exception type name.

func (*ConcurrentModificationException) Error added in v1.28.0

func (ConcurrentModificationException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConcurrentModificationException) Message added in v1.28.0

Message returns the exception's message.

func (*ConcurrentModificationException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ConcurrentModificationException) RequestID added in v1.28.0

func (s *ConcurrentModificationException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ConcurrentModificationException) StatusCode added in v1.28.0

func (s *ConcurrentModificationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ConcurrentModificationException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ConfirmDeviceInput added in v1.2.10

type ConfirmDeviceInput struct {

	// A valid access token that Amazon Cognito issued to the user whose device
	// you want to confirm.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmDeviceInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`

	// The device name.
	DeviceName *string `min:"1" type:"string"`

	// The configuration of the device secret verifier.
	DeviceSecretVerifierConfig *DeviceSecretVerifierConfigType `type:"structure"`
	// contains filtered or unexported fields
}

Confirms the device request.

func (ConfirmDeviceInput) GoString added in v1.2.10

func (s ConfirmDeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConfirmDeviceInput) SetAccessToken added in v1.5.0

func (s *ConfirmDeviceInput) SetAccessToken(v string) *ConfirmDeviceInput

SetAccessToken sets the AccessToken field's value.

func (*ConfirmDeviceInput) SetDeviceKey added in v1.5.0

func (s *ConfirmDeviceInput) SetDeviceKey(v string) *ConfirmDeviceInput

SetDeviceKey sets the DeviceKey field's value.

func (*ConfirmDeviceInput) SetDeviceName added in v1.5.0

func (s *ConfirmDeviceInput) SetDeviceName(v string) *ConfirmDeviceInput

SetDeviceName sets the DeviceName field's value.

func (*ConfirmDeviceInput) SetDeviceSecretVerifierConfig added in v1.5.0

func (s *ConfirmDeviceInput) SetDeviceSecretVerifierConfig(v *DeviceSecretVerifierConfigType) *ConfirmDeviceInput

SetDeviceSecretVerifierConfig sets the DeviceSecretVerifierConfig field's value.

func (ConfirmDeviceInput) String added in v1.2.10

func (s ConfirmDeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConfirmDeviceInput) Validate added in v1.2.10

func (s *ConfirmDeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ConfirmDeviceOutput added in v1.2.10

type ConfirmDeviceOutput struct {

	// Indicates whether the user confirmation must confirm the device response.
	UserConfirmationNecessary *bool `type:"boolean"`
	// contains filtered or unexported fields
}

Confirms the device response.

func (ConfirmDeviceOutput) GoString added in v1.2.10

func (s ConfirmDeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConfirmDeviceOutput) SetUserConfirmationNecessary added in v1.5.0

func (s *ConfirmDeviceOutput) SetUserConfirmationNecessary(v bool) *ConfirmDeviceOutput

SetUserConfirmationNecessary sets the UserConfirmationNecessary field's value.

func (ConfirmDeviceOutput) String added in v1.2.10

func (s ConfirmDeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ConfirmForgotPasswordInput

type ConfirmForgotPasswordInput struct {

	// The Amazon Pinpoint analytics metadata for collecting metrics for ConfirmForgotPassword
	// calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The app client ID of the app associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the ConfirmForgotPassword API action, Amazon Cognito invokes
	// the function that is assigned to the post confirmation trigger. When Amazon
	// Cognito invokes this function, it passes a JSON payload, which the function
	// receives as input. This payload contains a clientMetadata attribute, which
	// provides the data that you assigned to the ClientMetadata parameter in your
	// ConfirmForgotPassword request. In your function code in Lambda, you can process
	// the clientMetadata value to enhance your workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The confirmation code from your user's request to reset their password. For
	// more information, see ForgotPassword (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html).
	//
	// ConfirmationCode is a required field
	ConfirmationCode *string `min:"1" type:"string" required:"true"`

	// The new password that your user wants to set.
	//
	// Password is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's
	// String and GoString methods.
	//
	// Password is a required field
	Password *string `type:"string" required:"true" sensitive:"true"`

	// A keyed-hash message authentication code (HMAC) calculated using the secret
	// key of a user pool client and username plus the client ID in the message.
	// For more information about SecretHash, see Computing secret hash values (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash).
	//
	// SecretHash is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's
	// String and GoString methods.
	SecretHash *string `min:"1" type:"string" sensitive:"true"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

The request representing the confirmation for a password reset.

func (ConfirmForgotPasswordInput) GoString

func (s ConfirmForgotPasswordInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConfirmForgotPasswordInput) SetAnalyticsMetadata added in v1.12.35

SetAnalyticsMetadata sets the AnalyticsMetadata field's value.

func (*ConfirmForgotPasswordInput) SetClientId added in v1.5.0

SetClientId sets the ClientId field's value.

func (*ConfirmForgotPasswordInput) SetClientMetadata added in v1.25.6

SetClientMetadata sets the ClientMetadata field's value.

func (*ConfirmForgotPasswordInput) SetConfirmationCode added in v1.5.0

SetConfirmationCode sets the ConfirmationCode field's value.

func (*ConfirmForgotPasswordInput) SetPassword added in v1.5.0

SetPassword sets the Password field's value.

func (*ConfirmForgotPasswordInput) SetSecretHash added in v1.5.0

SetSecretHash sets the SecretHash field's value.

func (*ConfirmForgotPasswordInput) SetUserContextData added in v1.12.35

SetUserContextData sets the UserContextData field's value.

func (*ConfirmForgotPasswordInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (ConfirmForgotPasswordInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConfirmForgotPasswordInput) Validate added in v1.1.21

func (s *ConfirmForgotPasswordInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ConfirmForgotPasswordOutput

type ConfirmForgotPasswordOutput struct {
	// contains filtered or unexported fields
}

The response from the server that results from a user's request to retrieve a forgotten password.

func (ConfirmForgotPasswordOutput) GoString

func (s ConfirmForgotPasswordOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (ConfirmForgotPasswordOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ConfirmSignUpInput

type ConfirmSignUpInput struct {

	// The Amazon Pinpoint analytics metadata for collecting metrics for ConfirmSignUp
	// calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The ID of the app client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmSignUpInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the ConfirmSignUp API action, Amazon Cognito invokes the function
	// that is assigned to the post confirmation trigger. When Amazon Cognito invokes
	// this function, it passes a JSON payload, which the function receives as input.
	// This payload contains a clientMetadata attribute, which provides the data
	// that you assigned to the ClientMetadata parameter in your ConfirmSignUp request.
	// In your function code in Lambda, you can process the clientMetadata value
	// to enhance your workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The confirmation code sent by a user's request to confirm registration.
	//
	// ConfirmationCode is a required field
	ConfirmationCode *string `min:"1" type:"string" required:"true"`

	// Boolean to be specified to force user confirmation irrespective of existing
	// alias. By default set to False. If this parameter is set to True and the
	// phone number/email used for sign up confirmation already exists as an alias
	// with a different user, the API call will migrate the alias from the previous
	// user to the newly created user being confirmed. If set to False, the API
	// will throw an AliasExistsException error.
	ForceAliasCreation *bool `type:"boolean"`

	// A keyed-hash message authentication code (HMAC) calculated using the secret
	// key of a user pool client and username plus the client ID in the message.
	//
	// SecretHash is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmSignUpInput's
	// String and GoString methods.
	SecretHash *string `min:"1" type:"string" sensitive:"true"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmSignUpInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmSignUpInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to confirm registration of a user.

func (ConfirmSignUpInput) GoString

func (s ConfirmSignUpInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConfirmSignUpInput) SetAnalyticsMetadata added in v1.12.35

func (s *ConfirmSignUpInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *ConfirmSignUpInput

SetAnalyticsMetadata sets the AnalyticsMetadata field's value.

func (*ConfirmSignUpInput) SetClientId added in v1.5.0

func (s *ConfirmSignUpInput) SetClientId(v string) *ConfirmSignUpInput

SetClientId sets the ClientId field's value.

func (*ConfirmSignUpInput) SetClientMetadata added in v1.25.6

func (s *ConfirmSignUpInput) SetClientMetadata(v map[string]*string) *ConfirmSignUpInput

SetClientMetadata sets the ClientMetadata field's value.

func (*ConfirmSignUpInput) SetConfirmationCode added in v1.5.0

func (s *ConfirmSignUpInput) SetConfirmationCode(v string) *ConfirmSignUpInput

SetConfirmationCode sets the ConfirmationCode field's value.

func (*ConfirmSignUpInput) SetForceAliasCreation added in v1.5.0

func (s *ConfirmSignUpInput) SetForceAliasCreation(v bool) *ConfirmSignUpInput

SetForceAliasCreation sets the ForceAliasCreation field's value.

func (*ConfirmSignUpInput) SetSecretHash added in v1.5.0

func (s *ConfirmSignUpInput) SetSecretHash(v string) *ConfirmSignUpInput

SetSecretHash sets the SecretHash field's value.

func (*ConfirmSignUpInput) SetUserContextData added in v1.12.35

func (s *ConfirmSignUpInput) SetUserContextData(v *UserContextDataType) *ConfirmSignUpInput

SetUserContextData sets the UserContextData field's value.

func (*ConfirmSignUpInput) SetUsername added in v1.5.0

func (s *ConfirmSignUpInput) SetUsername(v string) *ConfirmSignUpInput

SetUsername sets the Username field's value.

func (ConfirmSignUpInput) String

func (s ConfirmSignUpInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConfirmSignUpInput) Validate added in v1.1.21

func (s *ConfirmSignUpInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ConfirmSignUpOutput

type ConfirmSignUpOutput struct {
	// contains filtered or unexported fields
}

Represents the response from the server for the registration confirmation.

func (ConfirmSignUpOutput) GoString

func (s ConfirmSignUpOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (ConfirmSignUpOutput) String

func (s ConfirmSignUpOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ContextDataType added in v1.12.35

type ContextDataType struct {

	// Encoded device-fingerprint details that your app collected with the Amazon
	// Cognito context data collection library. For more information, see Adding
	// user device and session data to API requests (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint).
	EncodedData *string `type:"string"`

	// HttpHeaders received on your server in same order.
	//
	// HttpHeaders is a required field
	HttpHeaders []*HttpHeader `type:"list" required:"true"`

	// The source IP address of your user's device.
	//
	// IpAddress is a required field
	IpAddress *string `type:"string" required:"true"`

	// Your server endpoint where this API is invoked.
	//
	// ServerName is a required field
	ServerName *string `type:"string" required:"true"`

	// Your server path where this API is invoked.
	//
	// ServerPath is a required field
	ServerPath *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contextual user data type used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.

func (ContextDataType) GoString added in v1.12.35

func (s ContextDataType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ContextDataType) SetEncodedData added in v1.12.35

func (s *ContextDataType) SetEncodedData(v string) *ContextDataType

SetEncodedData sets the EncodedData field's value.

func (*ContextDataType) SetHttpHeaders added in v1.12.35

func (s *ContextDataType) SetHttpHeaders(v []*HttpHeader) *ContextDataType

SetHttpHeaders sets the HttpHeaders field's value.

func (*ContextDataType) SetIpAddress added in v1.12.35

func (s *ContextDataType) SetIpAddress(v string) *ContextDataType

SetIpAddress sets the IpAddress field's value.

func (*ContextDataType) SetServerName added in v1.12.35

func (s *ContextDataType) SetServerName(v string) *ContextDataType

SetServerName sets the ServerName field's value.

func (*ContextDataType) SetServerPath added in v1.12.35

func (s *ContextDataType) SetServerPath(v string) *ContextDataType

SetServerPath sets the ServerPath field's value.

func (ContextDataType) String added in v1.12.35

func (s ContextDataType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ContextDataType) Validate added in v1.12.35

func (s *ContextDataType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateGroupInput added in v1.6.4

type CreateGroupInput struct {

	// A string containing the description of the group.
	Description *string `type:"string"`

	// The name of the group. Must be unique.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// A non-negative integer value that specifies the precedence of this group
	// relative to the other groups that a user can belong to in the user pool.
	// Zero is the highest precedence value. Groups with lower Precedence values
	// take precedence over groups with higher or null Precedence values. If a user
	// belongs to two or more groups, it is the group with the lowest precedence
	// value whose role ARN is given in the user's tokens for the cognito:roles
	// and cognito:preferred_role claims.
	//
	// Two groups can have the same Precedence value. If this happens, neither group
	// takes precedence over the other. If two groups with the same Precedence have
	// the same role ARN, that role is used in the cognito:preferred_role claim
	// in tokens for users in each group. If the two groups have different role
	// ARNs, the cognito:preferred_role claim isn't set in users' tokens.
	//
	// The default Precedence value is null. The maximum Precedence value is 2^31-1.
	Precedence *int64 `type:"integer"`

	// The role Amazon Resource Name (ARN) for the group.
	RoleArn *string `min:"20" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateGroupInput) GoString added in v1.6.4

func (s CreateGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateGroupInput) SetDescription added in v1.6.4

func (s *CreateGroupInput) SetDescription(v string) *CreateGroupInput

SetDescription sets the Description field's value.

func (*CreateGroupInput) SetGroupName added in v1.6.4

func (s *CreateGroupInput) SetGroupName(v string) *CreateGroupInput

SetGroupName sets the GroupName field's value.

func (*CreateGroupInput) SetPrecedence added in v1.6.4

func (s *CreateGroupInput) SetPrecedence(v int64) *CreateGroupInput

SetPrecedence sets the Precedence field's value.

func (*CreateGroupInput) SetRoleArn added in v1.6.4

func (s *CreateGroupInput) SetRoleArn(v string) *CreateGroupInput

SetRoleArn sets the RoleArn field's value.

func (*CreateGroupInput) SetUserPoolId added in v1.6.4

func (s *CreateGroupInput) SetUserPoolId(v string) *CreateGroupInput

SetUserPoolId sets the UserPoolId field's value.

func (CreateGroupInput) String added in v1.6.4

func (s CreateGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateGroupInput) Validate added in v1.6.4

func (s *CreateGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateGroupOutput added in v1.6.4

type CreateGroupOutput struct {

	// The group object for the group.
	Group *GroupType `type:"structure"`
	// contains filtered or unexported fields
}

func (CreateGroupOutput) GoString added in v1.6.4

func (s CreateGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateGroupOutput) SetGroup added in v1.6.4

SetGroup sets the Group field's value.

func (CreateGroupOutput) String added in v1.6.4

func (s CreateGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateIdentityProviderInput added in v1.8.33

type CreateIdentityProviderInput struct {

	// A mapping of IdP attributes to standard and custom user pool attributes.
	AttributeMapping map[string]*string `type:"map"`

	// A list of IdP identifiers.
	IdpIdentifiers []*string `type:"list"`

	// The scopes, URLs, and identifiers for your external identity provider. The
	// following examples describe the provider detail keys for each IdP type. These
	// values and their schema are subject to change. Social IdP authorize_scopes
	// values must match the values listed here.
	//
	// OpenID Connect (OIDC)
	//
	// Amazon Cognito accepts the following elements when it can't discover endpoint
	// URLs from oidc_issuer: attributes_url, authorize_url, jwks_uri, token_url.
	//
	// Create or update request: "ProviderDetails": { "attributes_request_method":
	// "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes":
	// "openid profile email", "authorize_url": "https://auth.example.com/authorize",
	// "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
	// "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
	// "https://auth.example.com", "token_url": "https://example.com/token" }
	//
	// Describe response: "ProviderDetails": { "attributes_request_method": "GET",
	// "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes":
	// "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize",
	// "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
	// "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
	// "https://auth.example.com", "token_url": "https://example.com/token" }
	//
	// SAML
	//
	// Create or update request with Metadata URL: "ProviderDetails": { "IDPInit":
	// "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL":
	// "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
	// "rsa-sha256" }
	//
	// Create or update request with Metadata file: "ProviderDetails": { "IDPInit":
	// "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile":
	// "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
	//
	// The value of MetadataFile must be the plaintext metadata document with all
	// quote (") characters escaped by backslashes.
	//
	// Describe response: "ProviderDetails": { "IDPInit": "true", "IDPSignout":
	// "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
	// "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
	// "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml",
	// "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
	//
	// LoginWithAmazon
	//
	// Create or update request: "ProviderDetails": { "authorize_scopes": "profile
	// postal_code", "client_id": "amzn1.application-oa2-client.1example23456789",
	// "client_secret": "provider-app-client-secret"
	//
	// Describe response: "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile",
	// "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code",
	// "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789",
	// "client_secret": "provider-app-client-secret", "token_request_method": "POST",
	// "token_url": "https://api.amazon.com/auth/o2/token" }
	//
	// Google
	//
	// Create or update request: "ProviderDetails": { "authorize_scopes": "email
	// profile openid", "client_id": "1example23456789.apps.googleusercontent.com",
	// "client_secret": "provider-app-client-secret" }
	//
	// Describe response: "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=",
	// "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
	// openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
	// "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
	// "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
	// "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token"
	// }
	//
	// SignInWithApple
	//
	// Create or update request: "ProviderDetails": { "authorize_scopes": "email
	// name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id":
	// "2EXAMPLE", "team_id": "3EXAMPLE" }
	//
	// Describe response: "ProviderDetails": { "attributes_url_add_attributes":
	// "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize",
	// "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer":
	// "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method":
	// "POST", "token_url": "https://appleid.apple.com/auth/token" }
	//
	// Facebook
	//
	// Create or update request: "ProviderDetails": { "api_version": "v17.0", "authorize_scopes":
	// "public_profile, email", "client_id": "1example23456789", "client_secret":
	// "provider-app-client-secret" }
	//
	// Describe response: "ProviderDetails": { "api_version": "v17.0", "attributes_url":
	// "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes":
	// "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
	// "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
	// "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token"
	// }
	//
	// ProviderDetails is a required field
	ProviderDetails map[string]*string `type:"map" required:"true"`

	// The IdP name.
	//
	// ProviderName is a required field
	ProviderName *string `min:"1" type:"string" required:"true"`

	// The IdP type.
	//
	// ProviderType is a required field
	ProviderType *string `type:"string" required:"true" enum:"IdentityProviderTypeType"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateIdentityProviderInput) GoString added in v1.8.33

func (s CreateIdentityProviderInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateIdentityProviderInput) SetAttributeMapping added in v1.8.33

func (s *CreateIdentityProviderInput) SetAttributeMapping(v map[string]*string) *CreateIdentityProviderInput

SetAttributeMapping sets the AttributeMapping field's value.

func (*CreateIdentityProviderInput) SetIdpIdentifiers added in v1.8.33

SetIdpIdentifiers sets the IdpIdentifiers field's value.

func (*CreateIdentityProviderInput) SetProviderDetails added in v1.8.33

SetProviderDetails sets the ProviderDetails field's value.

func (*CreateIdentityProviderInput) SetProviderName added in v1.8.33

SetProviderName sets the ProviderName field's value.

func (*CreateIdentityProviderInput) SetProviderType added in v1.8.33

SetProviderType sets the ProviderType field's value.

func (*CreateIdentityProviderInput) SetUserPoolId added in v1.8.33

SetUserPoolId sets the UserPoolId field's value.

func (CreateIdentityProviderInput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateIdentityProviderInput) Validate added in v1.8.33

func (s *CreateIdentityProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateIdentityProviderOutput added in v1.8.33

type CreateIdentityProviderOutput struct {

	// The newly created IdP object.
	//
	// IdentityProvider is a required field
	IdentityProvider *IdentityProviderType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (CreateIdentityProviderOutput) GoString added in v1.8.33

func (s CreateIdentityProviderOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateIdentityProviderOutput) SetIdentityProvider added in v1.8.33

SetIdentityProvider sets the IdentityProvider field's value.

func (CreateIdentityProviderOutput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateResourceServerInput added in v1.10.24

type CreateResourceServerInput struct {

	// A unique resource server identifier for the resource server. The identifier
	// can be an API friendly name like solar-system-data. You can also set an API
	// URL like https://solar-system-data-api.example.com as your identifier.
	//
	// Amazon Cognito represents scopes in the access token in the format $resource-server-identifier/$scope.
	// Longer scope-identifier strings increase the size of your access tokens.
	//
	// Identifier is a required field
	Identifier *string `min:"1" type:"string" required:"true"`

	// A friendly name for the resource server.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// A list of scopes. Each scope is a key-value map with the keys name and description.
	Scopes []*ResourceServerScopeType `type:"list"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateResourceServerInput) GoString added in v1.10.24

func (s CreateResourceServerInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateResourceServerInput) SetIdentifier added in v1.10.24

SetIdentifier sets the Identifier field's value.

func (*CreateResourceServerInput) SetName added in v1.10.24

SetName sets the Name field's value.

func (*CreateResourceServerInput) SetScopes added in v1.10.24

SetScopes sets the Scopes field's value.

func (*CreateResourceServerInput) SetUserPoolId added in v1.10.24

SetUserPoolId sets the UserPoolId field's value.

func (CreateResourceServerInput) String added in v1.10.24

func (s CreateResourceServerInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateResourceServerInput) Validate added in v1.10.24

func (s *CreateResourceServerInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateResourceServerOutput added in v1.10.24

type CreateResourceServerOutput struct {

	// The newly created resource server.
	//
	// ResourceServer is a required field
	ResourceServer *ResourceServerType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (CreateResourceServerOutput) GoString added in v1.10.24

func (s CreateResourceServerOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateResourceServerOutput) SetResourceServer added in v1.10.24

SetResourceServer sets the ResourceServer field's value.

func (CreateResourceServerOutput) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateUserImportJobInput added in v1.4.6

type CreateUserImportJobInput struct {

	// The role ARN for the Amazon CloudWatch Logs Logging role for the user import
	// job.
	//
	// CloudWatchLogsRoleArn is a required field
	CloudWatchLogsRoleArn *string `min:"20" type:"string" required:"true"`

	// The job name for the user import job.
	//
	// JobName is a required field
	JobName *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that the users are being imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to create the user import job.

func (CreateUserImportJobInput) GoString added in v1.4.6

func (s CreateUserImportJobInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserImportJobInput) SetCloudWatchLogsRoleArn added in v1.5.0

func (s *CreateUserImportJobInput) SetCloudWatchLogsRoleArn(v string) *CreateUserImportJobInput

SetCloudWatchLogsRoleArn sets the CloudWatchLogsRoleArn field's value.

func (*CreateUserImportJobInput) SetJobName added in v1.5.0

SetJobName sets the JobName field's value.

func (*CreateUserImportJobInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (CreateUserImportJobInput) String added in v1.4.6

func (s CreateUserImportJobInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserImportJobInput) Validate added in v1.4.6

func (s *CreateUserImportJobInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateUserImportJobOutput added in v1.4.6

type CreateUserImportJobOutput struct {

	// The job object that represents the user import job.
	UserImportJob *UserImportJobType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the response from the server to the request to create the user import job.

func (CreateUserImportJobOutput) GoString added in v1.4.6

func (s CreateUserImportJobOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserImportJobOutput) SetUserImportJob added in v1.5.0

SetUserImportJob sets the UserImportJob field's value.

func (CreateUserImportJobOutput) String added in v1.4.6

func (s CreateUserImportJobOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateUserPoolClientInput

type CreateUserPoolClientInput struct {

	// The access token time limit. After this limit expires, your user can't use
	// their access token. To specify the time unit for AccessTokenValidity as seconds,
	// minutes, hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set AccessTokenValidity to 10 and TokenValidityUnits
	// to hours, your user can authorize access with their access token for 10 hours.
	//
	// The default time unit for AccessTokenValidity in an API request is hours.
	// Valid range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// access tokens are valid for one hour.
	AccessTokenValidity *int64 `min:"1" type:"integer"`

	// The OAuth grant types that you want your app client to generate. To create
	// an app client that generates client credentials grants, you must add client_credentials
	// as the only allowed OAuth flow.
	//
	// code
	//
	// Use a code grant flow, which provides an authorization code as the response.
	// This code can be exchanged for access tokens with the /oauth2/token endpoint.
	//
	// implicit
	//
	// Issue the access token (and, optionally, ID token, based on scopes) directly
	// to your user.
	//
	// client_credentials
	//
	// Issue the access token from the /oauth2/token endpoint directly to a non-person
	// user using a combination of the client ID and client secret.
	AllowedOAuthFlows []*string `type:"list" enum:"OAuthFlowType"`

	// Set to true to use OAuth 2.0 features in your user pool app client.
	//
	// AllowedOAuthFlowsUserPoolClient must be true before you can configure the
	// following features in your app client.
	//
	//    * CallBackURLs: Callback URLs.
	//
	//    * LogoutURLs: Sign-out redirect URLs.
	//
	//    * AllowedOAuthScopes: OAuth 2.0 scopes.
	//
	//    * AllowedOAuthFlows: Support for authorization code, implicit, and client
	//    credentials OAuth 2.0 grants.
	//
	// To use OAuth 2.0 features, configure one of these features in the Amazon
	// Cognito console or set AllowedOAuthFlowsUserPoolClient to true in a CreateUserPoolClient
	// or UpdateUserPoolClient API request. If you don't set a value for AllowedOAuthFlowsUserPoolClient
	// in a request with the CLI or SDKs, it defaults to false.
	AllowedOAuthFlowsUserPoolClient *bool `type:"boolean"`

	// The allowed OAuth scopes. Possible values provided by OAuth are phone, email,
	// openid, and profile. Possible values provided by Amazon Web Services are
	// aws.cognito.signin.user.admin. Custom scopes created in Resource Servers
	// are also supported.
	AllowedOAuthScopes []*string `type:"list"`

	// The user pool analytics configuration for collecting metrics and sending
	// them to your Amazon Pinpoint campaign.
	//
	// In Amazon Web Services Regions where Amazon Pinpoint isn't available, user
	// pools only support sending events to Amazon Pinpoint projects in Amazon Web
	// Services Region us-east-1. In Regions where Amazon Pinpoint is available,
	// user pools support sending events to Amazon Pinpoint projects within that
	// same Region.
	AnalyticsConfiguration *AnalyticsConfigurationType `type:"structure"`

	// Amazon Cognito creates a session token for each API request in an authentication
	// flow. AuthSessionValidity is the duration, in minutes, of that session token.
	// Your user pool native user must respond to each authentication challenge
	// before the session expires.
	AuthSessionValidity *int64 `min:"3" type:"integer"`

	// A list of allowed redirect (callback) URLs for the IdPs.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	CallbackURLs []*string `type:"list"`

	// The client name for the user pool client you would like to create.
	//
	// ClientName is a required field
	ClientName *string `min:"1" type:"string" required:"true"`

	// The default redirect URI. In app clients with one assigned IdP, replaces
	// redirect_uri in authentication requests. Must be in the CallbackURLs list.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// For more information, see Default redirect URI (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#cognito-user-pools-app-idp-settings-about).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	DefaultRedirectURI *string `min:"1" type:"string"`

	// Activates the propagation of additional user context data. For more information
	// about propagation of user context data, see Adding advanced security to a
	// user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
	// If you don’t include this parameter, you can't send device fingerprint
	// information, including source IP address, to Amazon Cognito advanced security.
	// You can only activate EnablePropagateAdditionalUserContextData in an app
	// client that has a client secret.
	EnablePropagateAdditionalUserContextData *bool `type:"boolean"`

	// Activates or deactivates token revocation. For more information about revoking
	// tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).
	//
	// If you don't include this parameter, token revocation is automatically activated
	// for the new user pool client.
	EnableTokenRevocation *bool `type:"boolean"`

	// The authentication flows that you want your user pool client to support.
	// For each app client in your user pool, you can sign in your users with any
	// combination of one or more flows, including with a user name and Secure Remote
	// Password (SRP), a user name and password, or a custom authentication process
	// that you define with Lambda functions.
	//
	// If you don't specify a value for ExplicitAuthFlows, your user client supports
	// ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
	//
	// Valid values include:
	//
	//    * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication
	//    flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH
	//    setting. With this authentication flow, your app passes a user name and
	//    password to Amazon Cognito in the request, instead of using the Secure
	//    Remote Password (SRP) protocol to securely transmit the password.
	//
	//    * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
	//
	//    * ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication.
	//    In this flow, Amazon Cognito receives the password in the request instead
	//    of using the SRP protocol to verify passwords.
	//
	//    * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
	//
	//    * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
	//
	// In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
	// or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values
	// to user pool clients at the same time as values that begin with ALLOW_, like
	// ALLOW_USER_SRP_AUTH.
	ExplicitAuthFlows []*string `type:"list" enum:"ExplicitAuthFlowsType"`

	// Boolean to specify whether you want to generate a secret for the user pool
	// client being created.
	GenerateSecret *bool `type:"boolean"`

	// The ID token time limit. After this limit expires, your user can't use their
	// ID token. To specify the time unit for IdTokenValidity as seconds, minutes,
	// hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set IdTokenValidity as 10 and TokenValidityUnits as
	// hours, your user can authenticate their session with their ID token for 10
	// hours.
	//
	// The default time unit for IdTokenValidity in an API request is hours. Valid
	// range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// ID tokens are valid for one hour.
	IdTokenValidity *int64 `min:"1" type:"integer"`

	// A list of allowed logout URLs for the IdPs.
	LogoutURLs []*string `type:"list"`

	// Errors and responses that you want Amazon Cognito APIs to return during authentication,
	// account confirmation, and password recovery when the user doesn't exist in
	// the user pool. When set to ENABLED and the user doesn't exist, authentication
	// returns an error indicating either the username or password was incorrect.
	// Account confirmation and password recovery return a response indicating a
	// code was sent to a simulated destination. When set to LEGACY, those APIs
	// return a UserNotFoundException exception if the user doesn't exist in the
	// user pool.
	//
	// Valid values include:
	//
	//    * ENABLED - This prevents user existence-related errors.
	//
	//    * LEGACY - This represents the early behavior of Amazon Cognito where
	//    user existence related errors aren't prevented.
	PreventUserExistenceErrors *string `type:"string" enum:"PreventUserExistenceErrorTypes"`

	// The list of user attributes that you want your app client to have read-only
	// access to. After your user authenticates in your app, their access token
	// authorizes them to read their own attribute value for any attribute in this
	// list. An example of this kind of activity is when your user selects a link
	// to view their profile information. Your app makes a GetUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html)
	// API request to retrieve and display your user's profile data.
	//
	// When you don't specify the ReadAttributes for your app client, your app can
	// read the values of email_verified, phone_number_verified, and the Standard
	// attributes of your user pool. When your user pool has read access to these
	// default attributes, ReadAttributes doesn't return any information. Amazon
	// Cognito only populates ReadAttributes in the API response if you have specified
	// your own custom set of read attributes.
	ReadAttributes []*string `type:"list"`

	// The refresh token time limit. After this limit expires, your user can't use
	// their refresh token. To specify the time unit for RefreshTokenValidity as
	// seconds, minutes, hours, or days, set a TokenValidityUnits value in your
	// API request.
	//
	// For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits
	// as days, your user can refresh their session and retrieve new access and
	// ID tokens for 10 days.
	//
	// The default time unit for RefreshTokenValidity in an API request is days.
	// You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides
	// the value with the default value of 30 days. Valid range is displayed below
	// in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// refresh tokens are valid for 30 days.
	RefreshTokenValidity *int64 `type:"integer"`

	// A list of provider names for the identity providers (IdPs) that are supported
	// on this client. The following are supported: COGNITO, Facebook, Google, SignInWithApple,
	// and LoginWithAmazon. You can also specify the names that you configured for
	// the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or MyOIDCIdP.
	SupportedIdentityProviders []*string `type:"list"`

	// The units in which the validity times are represented. The default unit for
	// RefreshToken is days, and default for ID and access tokens are hours.
	TokenValidityUnits *TokenValidityUnitsType `type:"structure"`

	// The user pool ID for the user pool where you want to create a user pool client.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The list of user attributes that you want your app client to have write access
	// to. After your user authenticates in your app, their access token authorizes
	// them to set or modify their own attribute value for any attribute in this
	// list. An example of this kind of activity is when you present your user with
	// a form to update their profile information and they change their last name.
	// Your app then makes an UpdateUserAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html)
	// API request and sets family_name to the new value.
	//
	// When you don't specify the WriteAttributes for your app client, your app
	// can write the values of the Standard attributes of your user pool. When your
	// user pool has write access to these default attributes, WriteAttributes doesn't
	// return any information. Amazon Cognito only populates WriteAttributes in
	// the API response if you have specified your own custom set of write attributes.
	//
	// If your app client allows users to sign in through an IdP, this array must
	// include all attributes that you have mapped to IdP attributes. Amazon Cognito
	// updates mapped attributes when users sign in to your application through
	// an IdP. If your app client does not have write access to a mapped attribute,
	// Amazon Cognito throws an error when it tries to update the attribute. For
	// more information, see Specifying IdP Attribute Mappings for Your user pool
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html).
	WriteAttributes []*string `type:"list"`
	// contains filtered or unexported fields
}

Represents the request to create a user pool client.

func (CreateUserPoolClientInput) GoString

func (s CreateUserPoolClientInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserPoolClientInput) SetAccessTokenValidity added in v1.34.4

func (s *CreateUserPoolClientInput) SetAccessTokenValidity(v int64) *CreateUserPoolClientInput

SetAccessTokenValidity sets the AccessTokenValidity field's value.

func (*CreateUserPoolClientInput) SetAllowedOAuthFlows added in v1.8.33

func (s *CreateUserPoolClientInput) SetAllowedOAuthFlows(v []*string) *CreateUserPoolClientInput

SetAllowedOAuthFlows sets the AllowedOAuthFlows field's value.

func (*CreateUserPoolClientInput) SetAllowedOAuthFlowsUserPoolClient added in v1.8.33

func (s *CreateUserPoolClientInput) SetAllowedOAuthFlowsUserPoolClient(v bool) *CreateUserPoolClientInput

SetAllowedOAuthFlowsUserPoolClient sets the AllowedOAuthFlowsUserPoolClient field's value.

func (*CreateUserPoolClientInput) SetAllowedOAuthScopes added in v1.8.33

func (s *CreateUserPoolClientInput) SetAllowedOAuthScopes(v []*string) *CreateUserPoolClientInput

SetAllowedOAuthScopes sets the AllowedOAuthScopes field's value.

func (*CreateUserPoolClientInput) SetAnalyticsConfiguration added in v1.12.35

SetAnalyticsConfiguration sets the AnalyticsConfiguration field's value.

func (*CreateUserPoolClientInput) SetAuthSessionValidity added in v1.44.91

func (s *CreateUserPoolClientInput) SetAuthSessionValidity(v int64) *CreateUserPoolClientInput

SetAuthSessionValidity sets the AuthSessionValidity field's value.

func (*CreateUserPoolClientInput) SetCallbackURLs added in v1.8.33

SetCallbackURLs sets the CallbackURLs field's value.

func (*CreateUserPoolClientInput) SetClientName added in v1.5.0

SetClientName sets the ClientName field's value.

func (*CreateUserPoolClientInput) SetDefaultRedirectURI added in v1.8.33

func (s *CreateUserPoolClientInput) SetDefaultRedirectURI(v string) *CreateUserPoolClientInput

SetDefaultRedirectURI sets the DefaultRedirectURI field's value.

func (*CreateUserPoolClientInput) SetEnablePropagateAdditionalUserContextData added in v1.44.25

func (s *CreateUserPoolClientInput) SetEnablePropagateAdditionalUserContextData(v bool) *CreateUserPoolClientInput

SetEnablePropagateAdditionalUserContextData sets the EnablePropagateAdditionalUserContextData field's value.

func (*CreateUserPoolClientInput) SetEnableTokenRevocation added in v1.38.59

func (s *CreateUserPoolClientInput) SetEnableTokenRevocation(v bool) *CreateUserPoolClientInput

SetEnableTokenRevocation sets the EnableTokenRevocation field's value.

func (*CreateUserPoolClientInput) SetExplicitAuthFlows added in v1.5.0

func (s *CreateUserPoolClientInput) SetExplicitAuthFlows(v []*string) *CreateUserPoolClientInput

SetExplicitAuthFlows sets the ExplicitAuthFlows field's value.

func (*CreateUserPoolClientInput) SetGenerateSecret added in v1.5.0

func (s *CreateUserPoolClientInput) SetGenerateSecret(v bool) *CreateUserPoolClientInput

SetGenerateSecret sets the GenerateSecret field's value.

func (*CreateUserPoolClientInput) SetIdTokenValidity added in v1.34.4

func (s *CreateUserPoolClientInput) SetIdTokenValidity(v int64) *CreateUserPoolClientInput

SetIdTokenValidity sets the IdTokenValidity field's value.

func (*CreateUserPoolClientInput) SetLogoutURLs added in v1.8.33

SetLogoutURLs sets the LogoutURLs field's value.

func (*CreateUserPoolClientInput) SetPreventUserExistenceErrors added in v1.25.35

func (s *CreateUserPoolClientInput) SetPreventUserExistenceErrors(v string) *CreateUserPoolClientInput

SetPreventUserExistenceErrors sets the PreventUserExistenceErrors field's value.

func (*CreateUserPoolClientInput) SetReadAttributes added in v1.5.0

func (s *CreateUserPoolClientInput) SetReadAttributes(v []*string) *CreateUserPoolClientInput

SetReadAttributes sets the ReadAttributes field's value.

func (*CreateUserPoolClientInput) SetRefreshTokenValidity added in v1.5.0

func (s *CreateUserPoolClientInput) SetRefreshTokenValidity(v int64) *CreateUserPoolClientInput

SetRefreshTokenValidity sets the RefreshTokenValidity field's value.

func (*CreateUserPoolClientInput) SetSupportedIdentityProviders added in v1.8.33

func (s *CreateUserPoolClientInput) SetSupportedIdentityProviders(v []*string) *CreateUserPoolClientInput

SetSupportedIdentityProviders sets the SupportedIdentityProviders field's value.

func (*CreateUserPoolClientInput) SetTokenValidityUnits added in v1.34.4

SetTokenValidityUnits sets the TokenValidityUnits field's value.

func (*CreateUserPoolClientInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (*CreateUserPoolClientInput) SetWriteAttributes added in v1.5.0

func (s *CreateUserPoolClientInput) SetWriteAttributes(v []*string) *CreateUserPoolClientInput

SetWriteAttributes sets the WriteAttributes field's value.

func (CreateUserPoolClientInput) String

func (s CreateUserPoolClientInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserPoolClientInput) Validate added in v1.1.21

func (s *CreateUserPoolClientInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateUserPoolClientOutput

type CreateUserPoolClientOutput struct {

	// The user pool client that was just created.
	UserPoolClient *UserPoolClientType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the response from the server to create a user pool client.

func (CreateUserPoolClientOutput) GoString

func (s CreateUserPoolClientOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserPoolClientOutput) SetUserPoolClient added in v1.5.0

SetUserPoolClient sets the UserPoolClient field's value.

func (CreateUserPoolClientOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateUserPoolDomainInput added in v1.8.33

type CreateUserPoolDomainInput struct {

	// The configuration for a custom domain that hosts the sign-up and sign-in
	// webpages for your application.
	//
	// Provide this parameter only if you want to use a custom domain for your user
	// pool. Otherwise, you can exclude this parameter and use the Amazon Cognito
	// hosted domain instead.
	//
	// For more information about the hosted domain and custom domains, see Configuring
	// a User Pool Domain (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-assign-domain.html).
	CustomDomainConfig *CustomDomainConfigType `type:"structure"`

	// The domain string. For custom domains, this is the fully-qualified domain
	// name, such as auth.example.com. For Amazon Cognito prefix domains, this is
	// the prefix alone, such as auth.
	//
	// Domain is a required field
	Domain *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateUserPoolDomainInput) GoString added in v1.8.33

func (s CreateUserPoolDomainInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserPoolDomainInput) SetCustomDomainConfig added in v1.15.20

SetCustomDomainConfig sets the CustomDomainConfig field's value.

func (*CreateUserPoolDomainInput) SetDomain added in v1.8.33

SetDomain sets the Domain field's value.

func (*CreateUserPoolDomainInput) SetUserPoolId added in v1.8.33

SetUserPoolId sets the UserPoolId field's value.

func (CreateUserPoolDomainInput) String added in v1.8.33

func (s CreateUserPoolDomainInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserPoolDomainInput) Validate added in v1.8.33

func (s *CreateUserPoolDomainInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateUserPoolDomainOutput added in v1.8.33

type CreateUserPoolDomainOutput struct {

	// The Amazon CloudFront endpoint that you use as the target of the alias that
	// you set up with your Domain Name Service (DNS) provider. Amazon Cognito returns
	// this value if you set a custom domain with CustomDomainConfig. If you set
	// an Amazon Cognito prefix domain, this operation returns a blank response.
	CloudFrontDomain *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateUserPoolDomainOutput) GoString added in v1.8.33

func (s CreateUserPoolDomainOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserPoolDomainOutput) SetCloudFrontDomain added in v1.15.20

SetCloudFrontDomain sets the CloudFrontDomain field's value.

func (CreateUserPoolDomainOutput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateUserPoolInput

type CreateUserPoolInput struct {

	// The available verified method a user can use to recover their password when
	// they call ForgotPassword. You can use this setting to define a preferred
	// method when a user has more than one method available. With this setting,
	// SMS doesn't qualify for a valid password recovery mechanism if the user also
	// has SMS multi-factor authentication (MFA) activated. In the absence of this
	// setting, Amazon Cognito uses the legacy behavior to determine the recovery
	// method where SMS is preferred through email.
	AccountRecoverySetting *AccountRecoverySettingType `type:"structure"`

	// The configuration for AdminCreateUser requests.
	AdminCreateUserConfig *AdminCreateUserConfigType `type:"structure"`

	// Attributes supported as an alias for this user pool. Possible values: phone_number,
	// email, or preferred_username.
	AliasAttributes []*string `type:"list" enum:"AliasAttributeType"`

	// The attributes to be auto-verified. Possible values: email, phone_number.
	AutoVerifiedAttributes []*string `type:"list" enum:"VerifiedAttributeType"`

	// When active, DeletionProtection prevents accidental deletion of your user
	// pool. Before you can delete a user pool that you have protected against deletion,
	// you must deactivate this feature.
	//
	// When you try to delete a protected user pool in a DeleteUserPool API request,
	// Amazon Cognito returns an InvalidParameterException error. To delete a protected
	// user pool, send a new DeleteUserPool request after you deactivate deletion
	// protection in an UpdateUserPool API request.
	DeletionProtection *string `type:"string" enum:"DeletionProtectionType"`

	// The device-remembering configuration for a user pool. A null value indicates
	// that you have deactivated device remembering in your user pool.
	//
	// When you provide a value for any DeviceConfiguration field, you activate
	// the Amazon Cognito device-remembering feature.
	DeviceConfiguration *DeviceConfigurationType `type:"structure"`

	// The email configuration of your user pool. The email configuration type sets
	// your preferred sending method, Amazon Web Services Region, and sender for
	// messages from your user pool.
	EmailConfiguration *EmailConfigurationType `type:"structure"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationMessage *string `min:"6" type:"string"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationSubject *string `min:"1" type:"string"`

	// The Lambda trigger configuration information for the new user pool.
	//
	// In a push model, event sources (such as Amazon S3 and custom applications)
	// need permission to invoke a function. So you must make an extra call to add
	// permission for these event sources to invoke your Lambda function.
	//
	// For more information on using the Lambda API to add permission, see AddPermission
	// (https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html).
	//
	// For adding permission using the CLI, see add-permission (https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html).
	LambdaConfig *LambdaConfigType `type:"structure"`

	// Specifies MFA configuration details.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// The policies associated with the new user pool.
	Policies *UserPoolPolicyType `type:"structure"`

	// A string used to name the user pool.
	//
	// PoolName is a required field
	PoolName *string `min:"1" type:"string" required:"true"`

	// An array of schema attributes for the new user pool. These attributes can
	// be standard or custom attributes.
	Schema []*SchemaAttributeType `min:"1" type:"list"`

	// A string representing the SMS authentication message.
	SmsAuthenticationMessage *string `min:"6" type:"string"`

	// The SMS configuration with the settings that your Amazon Cognito user pool
	// must use to send an SMS message from your Amazon Web Services account through
	// Amazon Simple Notification Service. To send SMS messages with Amazon SNS
	// in the Amazon Web Services Region that you want, the Amazon Cognito user
	// pool uses an Identity and Access Management (IAM) role in your Amazon Web
	// Services account.
	SmsConfiguration *SmsConfigurationType `type:"structure"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	SmsVerificationMessage *string `min:"6" type:"string"`

	// The settings for updates to user attributes. These settings include the property
	// AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells
	// Amazon Cognito how to handle changes to the value of your users' email address
	// and phone number attributes. For more information, see Verifying updates
	// to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates).
	UserAttributeUpdateSettings *UserAttributeUpdateSettingsType `type:"structure"`

	// User pool add-ons. Contains settings for activation of advanced security
	// features. To log user security information but take no action, set to AUDIT.
	// To configure automatic security responses to risky traffic to your user pool,
	// set to ENFORCED.
	//
	// For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
	UserPoolAddOns *UserPoolAddOnsType `type:"structure"`

	// The tag keys and values to assign to the user pool. A tag is a label that
	// you can use to categorize and manage user pools in different ways, such as
	// by purpose, owner, environment, or other criteria.
	UserPoolTags map[string]*string `type:"map"`

	// Specifies whether a user can use an email address or phone number as a username
	// when they sign up.
	UsernameAttributes []*string `type:"list" enum:"UsernameAttributeType"`

	// Case sensitivity on the username input for the selected sign-in option. When
	// case sensitivity is set to False (case insensitive), users can sign in with
	// any combination of capital and lowercase letters. For example, username,
	// USERNAME, or UserName, or for email, email@example.com or EMaiL@eXamplE.Com.
	// For most use cases, set case sensitivity to False (case insensitive) as a
	// best practice. When usernames and email addresses are case insensitive, Amazon
	// Cognito treats any variation in case as the same user, and prevents a case
	// variation from being assigned to the same attribute for a different user.
	//
	// This configuration is immutable after you set it. For more information, see
	// UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html).
	UsernameConfiguration *UsernameConfigurationType `type:"structure"`

	// The template for the verification message that the user sees when the app
	// requests permission to access the user's information.
	VerificationMessageTemplate *VerificationMessageTemplateType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the request to create a user pool.

func (CreateUserPoolInput) GoString

func (s CreateUserPoolInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserPoolInput) SetAccountRecoverySetting added in v1.25.43

func (s *CreateUserPoolInput) SetAccountRecoverySetting(v *AccountRecoverySettingType) *CreateUserPoolInput

SetAccountRecoverySetting sets the AccountRecoverySetting field's value.

func (*CreateUserPoolInput) SetAdminCreateUserConfig added in v1.5.0

func (s *CreateUserPoolInput) SetAdminCreateUserConfig(v *AdminCreateUserConfigType) *CreateUserPoolInput

SetAdminCreateUserConfig sets the AdminCreateUserConfig field's value.

func (*CreateUserPoolInput) SetAliasAttributes added in v1.5.0

func (s *CreateUserPoolInput) SetAliasAttributes(v []*string) *CreateUserPoolInput

SetAliasAttributes sets the AliasAttributes field's value.

func (*CreateUserPoolInput) SetAutoVerifiedAttributes added in v1.5.0

func (s *CreateUserPoolInput) SetAutoVerifiedAttributes(v []*string) *CreateUserPoolInput

SetAutoVerifiedAttributes sets the AutoVerifiedAttributes field's value.

func (*CreateUserPoolInput) SetDeletionProtection added in v1.44.121

func (s *CreateUserPoolInput) SetDeletionProtection(v string) *CreateUserPoolInput

SetDeletionProtection sets the DeletionProtection field's value.

func (*CreateUserPoolInput) SetDeviceConfiguration added in v1.5.0

func (s *CreateUserPoolInput) SetDeviceConfiguration(v *DeviceConfigurationType) *CreateUserPoolInput

SetDeviceConfiguration sets the DeviceConfiguration field's value.

func (*CreateUserPoolInput) SetEmailConfiguration added in v1.5.0

func (s *CreateUserPoolInput) SetEmailConfiguration(v *EmailConfigurationType) *CreateUserPoolInput

SetEmailConfiguration sets the EmailConfiguration field's value.

func (*CreateUserPoolInput) SetEmailVerificationMessage added in v1.5.0

func (s *CreateUserPoolInput) SetEmailVerificationMessage(v string) *CreateUserPoolInput

SetEmailVerificationMessage sets the EmailVerificationMessage field's value.

func (*CreateUserPoolInput) SetEmailVerificationSubject added in v1.5.0

func (s *CreateUserPoolInput) SetEmailVerificationSubject(v string) *CreateUserPoolInput

SetEmailVerificationSubject sets the EmailVerificationSubject field's value.

func (*CreateUserPoolInput) SetLambdaConfig added in v1.5.0

SetLambdaConfig sets the LambdaConfig field's value.

func (*CreateUserPoolInput) SetMfaConfiguration added in v1.5.0

func (s *CreateUserPoolInput) SetMfaConfiguration(v string) *CreateUserPoolInput

SetMfaConfiguration sets the MfaConfiguration field's value.

func (*CreateUserPoolInput) SetPolicies added in v1.5.0

SetPolicies sets the Policies field's value.

func (*CreateUserPoolInput) SetPoolName added in v1.5.0

func (s *CreateUserPoolInput) SetPoolName(v string) *CreateUserPoolInput

SetPoolName sets the PoolName field's value.

func (*CreateUserPoolInput) SetSchema added in v1.5.4

SetSchema sets the Schema field's value.

func (*CreateUserPoolInput) SetSmsAuthenticationMessage added in v1.5.0

func (s *CreateUserPoolInput) SetSmsAuthenticationMessage(v string) *CreateUserPoolInput

SetSmsAuthenticationMessage sets the SmsAuthenticationMessage field's value.

func (*CreateUserPoolInput) SetSmsConfiguration added in v1.5.0

func (s *CreateUserPoolInput) SetSmsConfiguration(v *SmsConfigurationType) *CreateUserPoolInput

SetSmsConfiguration sets the SmsConfiguration field's value.

func (*CreateUserPoolInput) SetSmsVerificationMessage added in v1.5.0

func (s *CreateUserPoolInput) SetSmsVerificationMessage(v string) *CreateUserPoolInput

SetSmsVerificationMessage sets the SmsVerificationMessage field's value.

func (*CreateUserPoolInput) SetUserAttributeUpdateSettings added in v1.44.21

func (s *CreateUserPoolInput) SetUserAttributeUpdateSettings(v *UserAttributeUpdateSettingsType) *CreateUserPoolInput

SetUserAttributeUpdateSettings sets the UserAttributeUpdateSettings field's value.

func (*CreateUserPoolInput) SetUserPoolAddOns added in v1.12.35

SetUserPoolAddOns sets the UserPoolAddOns field's value.

func (*CreateUserPoolInput) SetUserPoolTags added in v1.6.4

func (s *CreateUserPoolInput) SetUserPoolTags(v map[string]*string) *CreateUserPoolInput

SetUserPoolTags sets the UserPoolTags field's value.

func (*CreateUserPoolInput) SetUsernameAttributes added in v1.10.12

func (s *CreateUserPoolInput) SetUsernameAttributes(v []*string) *CreateUserPoolInput

SetUsernameAttributes sets the UsernameAttributes field's value.

func (*CreateUserPoolInput) SetUsernameConfiguration added in v1.29.0

func (s *CreateUserPoolInput) SetUsernameConfiguration(v *UsernameConfigurationType) *CreateUserPoolInput

SetUsernameConfiguration sets the UsernameConfiguration field's value.

func (*CreateUserPoolInput) SetVerificationMessageTemplate added in v1.10.24

func (s *CreateUserPoolInput) SetVerificationMessageTemplate(v *VerificationMessageTemplateType) *CreateUserPoolInput

SetVerificationMessageTemplate sets the VerificationMessageTemplate field's value.

func (CreateUserPoolInput) String

func (s CreateUserPoolInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserPoolInput) Validate added in v1.1.21

func (s *CreateUserPoolInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateUserPoolOutput

type CreateUserPoolOutput struct {

	// A container for the user pool details.
	UserPool *UserPoolType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the response from the server for the request to create a user pool.

func (CreateUserPoolOutput) GoString

func (s CreateUserPoolOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserPoolOutput) SetUserPool added in v1.5.0

SetUserPool sets the UserPool field's value.

func (CreateUserPoolOutput) String

func (s CreateUserPoolOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CustomDomainConfigType added in v1.15.20

type CustomDomainConfigType struct {

	// The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate.
	// You use this certificate for the subdomain of your custom domain.
	//
	// CertificateArn is a required field
	CertificateArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.

func (CustomDomainConfigType) GoString added in v1.15.20

func (s CustomDomainConfigType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CustomDomainConfigType) SetCertificateArn added in v1.15.20

func (s *CustomDomainConfigType) SetCertificateArn(v string) *CustomDomainConfigType

SetCertificateArn sets the CertificateArn field's value.

func (CustomDomainConfigType) String added in v1.15.20

func (s CustomDomainConfigType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CustomDomainConfigType) Validate added in v1.15.20

func (s *CustomDomainConfigType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CustomEmailLambdaVersionConfigType added in v1.35.35

type CustomEmailLambdaVersionConfigType struct {

	// The Amazon Resource Name (ARN) of the function that you want to assign to
	// your Lambda trigger.
	//
	// LambdaArn is a required field
	LambdaArn *string `min:"20" type:"string" required:"true"`

	// The user pool trigger version of the request that Amazon Cognito sends to
	// your Lambda function. Higher-numbered versions add fields that support new
	// features.
	//
	// You must use a LambdaVersion of V1_0 with a custom sender function.
	//
	// LambdaVersion is a required field
	LambdaVersion *string `type:"string" required:"true" enum:"CustomEmailSenderLambdaVersionType"`
	// contains filtered or unexported fields
}

The properties of a custom email sender Lambda trigger.

func (CustomEmailLambdaVersionConfigType) GoString added in v1.35.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CustomEmailLambdaVersionConfigType) SetLambdaArn added in v1.35.35

SetLambdaArn sets the LambdaArn field's value.

func (*CustomEmailLambdaVersionConfigType) SetLambdaVersion added in v1.35.35

SetLambdaVersion sets the LambdaVersion field's value.

func (CustomEmailLambdaVersionConfigType) String added in v1.35.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CustomEmailLambdaVersionConfigType) Validate added in v1.35.35

Validate inspects the fields of the type to determine if they are valid.

type CustomSMSLambdaVersionConfigType added in v1.35.35

type CustomSMSLambdaVersionConfigType struct {

	// The Amazon Resource Name (ARN) of the function that you want to assign to
	// your Lambda trigger.
	//
	// LambdaArn is a required field
	LambdaArn *string `min:"20" type:"string" required:"true"`

	// The user pool trigger version of the request that Amazon Cognito sends to
	// your Lambda function. Higher-numbered versions add fields that support new
	// features.
	//
	// You must use a LambdaVersion of V1_0 with a custom sender function.
	//
	// LambdaVersion is a required field
	LambdaVersion *string `type:"string" required:"true" enum:"CustomSMSSenderLambdaVersionType"`
	// contains filtered or unexported fields
}

The properties of a custom SMS sender Lambda trigger.

func (CustomSMSLambdaVersionConfigType) GoString added in v1.35.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CustomSMSLambdaVersionConfigType) SetLambdaArn added in v1.35.35

SetLambdaArn sets the LambdaArn field's value.

func (*CustomSMSLambdaVersionConfigType) SetLambdaVersion added in v1.35.35

SetLambdaVersion sets the LambdaVersion field's value.

func (CustomSMSLambdaVersionConfigType) String added in v1.35.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CustomSMSLambdaVersionConfigType) Validate added in v1.35.35

Validate inspects the fields of the type to determine if they are valid.

type DeleteGroupInput added in v1.6.4

type DeleteGroupInput struct {

	// The name of the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteGroupInput) GoString added in v1.6.4

func (s DeleteGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteGroupInput) SetGroupName added in v1.6.4

func (s *DeleteGroupInput) SetGroupName(v string) *DeleteGroupInput

SetGroupName sets the GroupName field's value.

func (*DeleteGroupInput) SetUserPoolId added in v1.6.4

func (s *DeleteGroupInput) SetUserPoolId(v string) *DeleteGroupInput

SetUserPoolId sets the UserPoolId field's value.

func (DeleteGroupInput) String added in v1.6.4

func (s DeleteGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteGroupInput) Validate added in v1.6.4

func (s *DeleteGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteGroupOutput added in v1.6.4

type DeleteGroupOutput struct {
	// contains filtered or unexported fields
}

func (DeleteGroupOutput) GoString added in v1.6.4

func (s DeleteGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteGroupOutput) String added in v1.6.4

func (s DeleteGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteIdentityProviderInput added in v1.8.33

type DeleteIdentityProviderInput struct {

	// The IdP name.
	//
	// ProviderName is a required field
	ProviderName *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteIdentityProviderInput) GoString added in v1.8.33

func (s DeleteIdentityProviderInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteIdentityProviderInput) SetProviderName added in v1.8.33

SetProviderName sets the ProviderName field's value.

func (*DeleteIdentityProviderInput) SetUserPoolId added in v1.8.33

SetUserPoolId sets the UserPoolId field's value.

func (DeleteIdentityProviderInput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteIdentityProviderInput) Validate added in v1.8.33

func (s *DeleteIdentityProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteIdentityProviderOutput added in v1.8.33

type DeleteIdentityProviderOutput struct {
	// contains filtered or unexported fields
}

func (DeleteIdentityProviderOutput) GoString added in v1.8.33

func (s DeleteIdentityProviderOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteIdentityProviderOutput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteResourceServerInput added in v1.10.24

type DeleteResourceServerInput struct {

	// The identifier for the resource server.
	//
	// Identifier is a required field
	Identifier *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that hosts the resource server.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteResourceServerInput) GoString added in v1.10.24

func (s DeleteResourceServerInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteResourceServerInput) SetIdentifier added in v1.10.24

SetIdentifier sets the Identifier field's value.

func (*DeleteResourceServerInput) SetUserPoolId added in v1.10.24

SetUserPoolId sets the UserPoolId field's value.

func (DeleteResourceServerInput) String added in v1.10.24

func (s DeleteResourceServerInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteResourceServerInput) Validate added in v1.10.24

func (s *DeleteResourceServerInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteResourceServerOutput added in v1.10.24

type DeleteResourceServerOutput struct {
	// contains filtered or unexported fields
}

func (DeleteResourceServerOutput) GoString added in v1.10.24

func (s DeleteResourceServerOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteResourceServerOutput) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteUserAttributesInput

type DeleteUserAttributesInput struct {

	// A valid access token that Amazon Cognito issued to the user whose attributes
	// you want to delete.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by DeleteUserAttributesInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// An array of strings representing the user attribute names you want to delete.
	//
	// For custom attributes, you must prependattach the custom: prefix to the front
	// of the attribute name.
	//
	// UserAttributeNames is a required field
	UserAttributeNames []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to delete user attributes.

func (DeleteUserAttributesInput) GoString

func (s DeleteUserAttributesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserAttributesInput) SetAccessToken added in v1.5.0

SetAccessToken sets the AccessToken field's value.

func (*DeleteUserAttributesInput) SetUserAttributeNames added in v1.5.0

func (s *DeleteUserAttributesInput) SetUserAttributeNames(v []*string) *DeleteUserAttributesInput

SetUserAttributeNames sets the UserAttributeNames field's value.

func (DeleteUserAttributesInput) String

func (s DeleteUserAttributesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserAttributesInput) Validate added in v1.1.21

func (s *DeleteUserAttributesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserAttributesOutput

type DeleteUserAttributesOutput struct {
	// contains filtered or unexported fields
}

Represents the response from the server to delete user attributes.

func (DeleteUserAttributesOutput) GoString

func (s DeleteUserAttributesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteUserAttributesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteUserInput

type DeleteUserInput struct {

	// A valid access token that Amazon Cognito issued to the user whose user profile
	// you want to delete.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by DeleteUserInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to delete a user.

func (DeleteUserInput) GoString

func (s DeleteUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserInput) SetAccessToken added in v1.5.0

func (s *DeleteUserInput) SetAccessToken(v string) *DeleteUserInput

SetAccessToken sets the AccessToken field's value.

func (DeleteUserInput) String

func (s DeleteUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserInput) Validate added in v1.8.33

func (s *DeleteUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserOutput

type DeleteUserOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserOutput) GoString

func (s DeleteUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteUserOutput) String

func (s DeleteUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteUserPoolClientInput

type DeleteUserPoolClientInput struct {

	// The app client ID of the app associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by DeleteUserPoolClientInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The user pool ID for the user pool where you want to delete the client.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to delete a user pool client.

func (DeleteUserPoolClientInput) GoString

func (s DeleteUserPoolClientInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserPoolClientInput) SetClientId added in v1.5.0

SetClientId sets the ClientId field's value.

func (*DeleteUserPoolClientInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (DeleteUserPoolClientInput) String

func (s DeleteUserPoolClientInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserPoolClientInput) Validate added in v1.1.21

func (s *DeleteUserPoolClientInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserPoolClientOutput

type DeleteUserPoolClientOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserPoolClientOutput) GoString

func (s DeleteUserPoolClientOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteUserPoolClientOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteUserPoolDomainInput added in v1.8.33

type DeleteUserPoolDomainInput struct {

	// The domain string. For custom domains, this is the fully-qualified domain
	// name, such as auth.example.com. For Amazon Cognito prefix domains, this is
	// the prefix alone, such as auth.
	//
	// Domain is a required field
	Domain *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserPoolDomainInput) GoString added in v1.8.33

func (s DeleteUserPoolDomainInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserPoolDomainInput) SetDomain added in v1.8.33

SetDomain sets the Domain field's value.

func (*DeleteUserPoolDomainInput) SetUserPoolId added in v1.8.33

SetUserPoolId sets the UserPoolId field's value.

func (DeleteUserPoolDomainInput) String added in v1.8.33

func (s DeleteUserPoolDomainInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserPoolDomainInput) Validate added in v1.8.33

func (s *DeleteUserPoolDomainInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserPoolDomainOutput added in v1.8.33

type DeleteUserPoolDomainOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserPoolDomainOutput) GoString added in v1.8.33

func (s DeleteUserPoolDomainOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteUserPoolDomainOutput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteUserPoolInput

type DeleteUserPoolInput struct {

	// The user pool ID for the user pool you want to delete.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to delete a user pool.

func (DeleteUserPoolInput) GoString

func (s DeleteUserPoolInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserPoolInput) SetUserPoolId added in v1.5.0

func (s *DeleteUserPoolInput) SetUserPoolId(v string) *DeleteUserPoolInput

SetUserPoolId sets the UserPoolId field's value.

func (DeleteUserPoolInput) String

func (s DeleteUserPoolInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserPoolInput) Validate added in v1.1.21

func (s *DeleteUserPoolInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserPoolOutput

type DeleteUserPoolOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserPoolOutput) GoString

func (s DeleteUserPoolOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteUserPoolOutput) String

func (s DeleteUserPoolOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DescribeIdentityProviderInput added in v1.8.33

type DescribeIdentityProviderInput struct {

	// The IdP name.
	//
	// ProviderName is a required field
	ProviderName *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DescribeIdentityProviderInput) GoString added in v1.8.33

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeIdentityProviderInput) SetProviderName added in v1.8.33

SetProviderName sets the ProviderName field's value.

func (*DescribeIdentityProviderInput) SetUserPoolId added in v1.8.33

SetUserPoolId sets the UserPoolId field's value.

func (DescribeIdentityProviderInput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeIdentityProviderInput) Validate added in v1.8.33

func (s *DescribeIdentityProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DescribeIdentityProviderOutput added in v1.8.33

type DescribeIdentityProviderOutput struct {

	// The identity provider details.
	//
	// IdentityProvider is a required field
	IdentityProvider *IdentityProviderType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (DescribeIdentityProviderOutput) GoString added in v1.8.33

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeIdentityProviderOutput) SetIdentityProvider added in v1.8.33

SetIdentityProvider sets the IdentityProvider field's value.

func (DescribeIdentityProviderOutput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DescribeResourceServerInput added in v1.10.24

type DescribeResourceServerInput struct {

	// A unique resource server identifier for the resource server. The identifier
	// can be an API friendly name like solar-system-data. You can also set an API
	// URL like https://solar-system-data-api.example.com as your identifier.
	//
	// Amazon Cognito represents scopes in the access token in the format $resource-server-identifier/$scope.
	// Longer scope-identifier strings increase the size of your access tokens.
	//
	// Identifier is a required field
	Identifier *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that hosts the resource server.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DescribeResourceServerInput) GoString added in v1.10.24

func (s DescribeResourceServerInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeResourceServerInput) SetIdentifier added in v1.10.24

SetIdentifier sets the Identifier field's value.

func (*DescribeResourceServerInput) SetUserPoolId added in v1.10.24

SetUserPoolId sets the UserPoolId field's value.

func (DescribeResourceServerInput) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeResourceServerInput) Validate added in v1.10.24

func (s *DescribeResourceServerInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DescribeResourceServerOutput added in v1.10.24

type DescribeResourceServerOutput struct {

	// The resource server.
	//
	// ResourceServer is a required field
	ResourceServer *ResourceServerType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (DescribeResourceServerOutput) GoString added in v1.10.24

func (s DescribeResourceServerOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeResourceServerOutput) SetResourceServer added in v1.10.24

SetResourceServer sets the ResourceServer field's value.

func (DescribeResourceServerOutput) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DescribeRiskConfigurationInput added in v1.12.35

type DescribeRiskConfigurationInput struct {

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by DescribeRiskConfigurationInput's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DescribeRiskConfigurationInput) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeRiskConfigurationInput) SetClientId added in v1.12.35

SetClientId sets the ClientId field's value.

func (*DescribeRiskConfigurationInput) SetUserPoolId added in v1.12.35

SetUserPoolId sets the UserPoolId field's value.

func (DescribeRiskConfigurationInput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeRiskConfigurationInput) Validate added in v1.12.35

func (s *DescribeRiskConfigurationInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DescribeRiskConfigurationOutput added in v1.12.35

type DescribeRiskConfigurationOutput struct {

	// The risk configuration.
	//
	// RiskConfiguration is a required field
	RiskConfiguration *RiskConfigurationType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (DescribeRiskConfigurationOutput) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeRiskConfigurationOutput) SetRiskConfiguration added in v1.12.35

SetRiskConfiguration sets the RiskConfiguration field's value.

func (DescribeRiskConfigurationOutput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DescribeUserImportJobInput added in v1.4.6

type DescribeUserImportJobInput struct {

	// The job ID for the user import job.
	//
	// JobId is a required field
	JobId *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that the users are being imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to describe the user import job.

func (DescribeUserImportJobInput) GoString added in v1.4.6

func (s DescribeUserImportJobInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserImportJobInput) SetJobId added in v1.5.0

SetJobId sets the JobId field's value.

func (*DescribeUserImportJobInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (DescribeUserImportJobInput) String added in v1.4.6

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserImportJobInput) Validate added in v1.4.6

func (s *DescribeUserImportJobInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DescribeUserImportJobOutput added in v1.4.6

type DescribeUserImportJobOutput struct {

	// The job object that represents the user import job.
	UserImportJob *UserImportJobType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the response from the server to the request to describe the user import job.

func (DescribeUserImportJobOutput) GoString added in v1.4.6

func (s DescribeUserImportJobOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserImportJobOutput) SetUserImportJob added in v1.5.0

SetUserImportJob sets the UserImportJob field's value.

func (DescribeUserImportJobOutput) String added in v1.4.6

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DescribeUserPoolClientInput

type DescribeUserPoolClientInput struct {

	// The app client ID of the app associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by DescribeUserPoolClientInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The user pool ID for the user pool you want to describe.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to describe a user pool client.

func (DescribeUserPoolClientInput) GoString

func (s DescribeUserPoolClientInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserPoolClientInput) SetClientId added in v1.5.0

SetClientId sets the ClientId field's value.

func (*DescribeUserPoolClientInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (DescribeUserPoolClientInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserPoolClientInput) Validate added in v1.1.21

func (s *DescribeUserPoolClientInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DescribeUserPoolClientOutput

type DescribeUserPoolClientOutput struct {

	// The user pool client from a server response to describe the user pool client.
	UserPoolClient *UserPoolClientType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the response from the server from a request to describe the user pool client.

func (DescribeUserPoolClientOutput) GoString

func (s DescribeUserPoolClientOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserPoolClientOutput) SetUserPoolClient added in v1.5.0

SetUserPoolClient sets the UserPoolClient field's value.

func (DescribeUserPoolClientOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DescribeUserPoolDomainInput added in v1.8.33

type DescribeUserPoolDomainInput struct {

	// The domain string. For custom domains, this is the fully-qualified domain
	// name, such as auth.example.com. For Amazon Cognito prefix domains, this is
	// the prefix alone, such as auth.
	//
	// Domain is a required field
	Domain *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DescribeUserPoolDomainInput) GoString added in v1.8.33

func (s DescribeUserPoolDomainInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserPoolDomainInput) SetDomain added in v1.8.33

SetDomain sets the Domain field's value.

func (DescribeUserPoolDomainInput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserPoolDomainInput) Validate added in v1.8.33

func (s *DescribeUserPoolDomainInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DescribeUserPoolDomainOutput added in v1.8.33

type DescribeUserPoolDomainOutput struct {

	// A domain description object containing information about the domain.
	DomainDescription *DomainDescriptionType `type:"structure"`
	// contains filtered or unexported fields
}

func (DescribeUserPoolDomainOutput) GoString added in v1.8.33

func (s DescribeUserPoolDomainOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserPoolDomainOutput) SetDomainDescription added in v1.8.33

SetDomainDescription sets the DomainDescription field's value.

func (DescribeUserPoolDomainOutput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DescribeUserPoolInput

type DescribeUserPoolInput struct {

	// The user pool ID for the user pool you want to describe.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to describe the user pool.

func (DescribeUserPoolInput) GoString

func (s DescribeUserPoolInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserPoolInput) SetUserPoolId added in v1.5.0

func (s *DescribeUserPoolInput) SetUserPoolId(v string) *DescribeUserPoolInput

SetUserPoolId sets the UserPoolId field's value.

func (DescribeUserPoolInput) String

func (s DescribeUserPoolInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserPoolInput) Validate added in v1.1.21

func (s *DescribeUserPoolInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DescribeUserPoolOutput

type DescribeUserPoolOutput struct {

	// The container of metadata returned by the server to describe the pool.
	UserPool *UserPoolType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the response to describe the user pool.

func (DescribeUserPoolOutput) GoString

func (s DescribeUserPoolOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DescribeUserPoolOutput) SetUserPool added in v1.5.0

SetUserPool sets the UserPool field's value.

func (DescribeUserPoolOutput) String

func (s DescribeUserPoolOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeviceConfigurationType added in v1.2.10

type DeviceConfigurationType struct {

	// When true, a remembered device can sign in with device authentication instead
	// of SMS and time-based one-time password (TOTP) factors for multi-factor authentication
	// (MFA).
	//
	// Whether or not ChallengeRequiredOnNewDevice is true, users who sign in with
	// devices that have not been confirmed or remembered must still provide a second
	// factor in a user pool that requires MFA.
	ChallengeRequiredOnNewDevice *bool `type:"boolean"`

	// When true, Amazon Cognito doesn't automatically remember a user's device
	// when your app sends a ConfirmDevice (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html)
	// API request. In your app, create a prompt for your user to choose whether
	// they want to remember their device. Return the user's choice in an UpdateDeviceStatus
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html)
	// API request.
	//
	// When DeviceOnlyRememberedOnUserPrompt is false, Amazon Cognito immediately
	// remembers devices that you register in a ConfirmDevice API request.
	DeviceOnlyRememberedOnUserPrompt *bool `type:"boolean"`
	// contains filtered or unexported fields
}

The device-remembering configuration for a user pool. A DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) request returns a null value for this object when the user pool isn't configured to remember devices. When device remembering is active, you can remember a user's device with a ConfirmDevice (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html) API request. Additionally. when the property DeviceOnlyRememberedOnUserPrompt is true, you must follow ConfirmDevice with an UpdateDeviceStatus (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html) API request that sets the user's device to remembered or not_remembered.

To sign in with a remembered device, include DEVICE_KEY in the authentication parameters in your user's InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html) request. If your app doesn't include a DEVICE_KEY parameter, the response (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html#API_InitiateAuth_ResponseSyntax) from Amazon Cognito includes newly-generated DEVICE_KEY and DEVICE_GROUP_KEY values under NewDeviceMetadata. Store these values to use in future device-authentication requests.

When you provide a value for any property of DeviceConfiguration, you activate the device remembering for the user pool.

func (DeviceConfigurationType) GoString added in v1.2.10

func (s DeviceConfigurationType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeviceConfigurationType) SetChallengeRequiredOnNewDevice added in v1.5.0

func (s *DeviceConfigurationType) SetChallengeRequiredOnNewDevice(v bool) *DeviceConfigurationType

SetChallengeRequiredOnNewDevice sets the ChallengeRequiredOnNewDevice field's value.

func (*DeviceConfigurationType) SetDeviceOnlyRememberedOnUserPrompt added in v1.5.0

func (s *DeviceConfigurationType) SetDeviceOnlyRememberedOnUserPrompt(v bool) *DeviceConfigurationType

SetDeviceOnlyRememberedOnUserPrompt sets the DeviceOnlyRememberedOnUserPrompt field's value.

func (DeviceConfigurationType) String added in v1.2.10

func (s DeviceConfigurationType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeviceSecretVerifierConfigType added in v1.2.10

type DeviceSecretVerifierConfigType struct {

	// The password verifier.
	PasswordVerifier *string `type:"string"`

	// The salt (https://en.wikipedia.org/wiki/Salt_(cryptography))
	Salt *string `type:"string"`
	// contains filtered or unexported fields
}

The device verifier against which it is authenticated.

func (DeviceSecretVerifierConfigType) GoString added in v1.2.10

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeviceSecretVerifierConfigType) SetPasswordVerifier added in v1.5.0

SetPasswordVerifier sets the PasswordVerifier field's value.

func (*DeviceSecretVerifierConfigType) SetSalt added in v1.5.0

SetSalt sets the Salt field's value.

func (DeviceSecretVerifierConfigType) String added in v1.2.10

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeviceType added in v1.2.10

type DeviceType struct {

	// The device attributes.
	DeviceAttributes []*AttributeType `type:"list"`

	// The creation date of the device.
	DeviceCreateDate *time.Time `type:"timestamp"`

	// The device key.
	DeviceKey *string `min:"1" type:"string"`

	// The date when the device was last authenticated.
	DeviceLastAuthenticatedDate *time.Time `type:"timestamp"`

	// The date and time when the item was modified. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	DeviceLastModifiedDate *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

The device type.

func (DeviceType) GoString added in v1.2.10

func (s DeviceType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeviceType) SetDeviceAttributes added in v1.5.0

func (s *DeviceType) SetDeviceAttributes(v []*AttributeType) *DeviceType

SetDeviceAttributes sets the DeviceAttributes field's value.

func (*DeviceType) SetDeviceCreateDate added in v1.5.0

func (s *DeviceType) SetDeviceCreateDate(v time.Time) *DeviceType

SetDeviceCreateDate sets the DeviceCreateDate field's value.

func (*DeviceType) SetDeviceKey added in v1.5.0

func (s *DeviceType) SetDeviceKey(v string) *DeviceType

SetDeviceKey sets the DeviceKey field's value.

func (*DeviceType) SetDeviceLastAuthenticatedDate added in v1.5.0

func (s *DeviceType) SetDeviceLastAuthenticatedDate(v time.Time) *DeviceType

SetDeviceLastAuthenticatedDate sets the DeviceLastAuthenticatedDate field's value.

func (*DeviceType) SetDeviceLastModifiedDate added in v1.5.0

func (s *DeviceType) SetDeviceLastModifiedDate(v time.Time) *DeviceType

SetDeviceLastModifiedDate sets the DeviceLastModifiedDate field's value.

func (DeviceType) String added in v1.2.10

func (s DeviceType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DomainDescriptionType added in v1.8.33

type DomainDescriptionType struct {

	// The Amazon Web Services ID for the user pool owner.
	AWSAccountId *string `type:"string"`

	// The Amazon CloudFront endpoint that you use as the target of the alias that
	// you set up with your Domain Name Service (DNS) provider.
	CloudFrontDistribution *string `type:"string"`

	// The configuration for a custom domain that hosts the sign-up and sign-in
	// webpages for your application.
	CustomDomainConfig *CustomDomainConfigType `type:"structure"`

	// The domain string. For custom domains, this is the fully-qualified domain
	// name, such as auth.example.com. For Amazon Cognito prefix domains, this is
	// the prefix alone, such as auth.
	Domain *string `min:"1" type:"string"`

	// The Amazon S3 bucket where the static files for this domain are stored.
	S3Bucket *string `min:"3" type:"string"`

	// The domain status.
	Status *string `type:"string" enum:"DomainStatusType"`

	// The user pool ID.
	UserPoolId *string `min:"1" type:"string"`

	// The app version.
	Version *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

A container for information about a domain.

func (DomainDescriptionType) GoString added in v1.8.33

func (s DomainDescriptionType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DomainDescriptionType) SetAWSAccountId added in v1.8.33

func (s *DomainDescriptionType) SetAWSAccountId(v string) *DomainDescriptionType

SetAWSAccountId sets the AWSAccountId field's value.

func (*DomainDescriptionType) SetCloudFrontDistribution added in v1.8.33

func (s *DomainDescriptionType) SetCloudFrontDistribution(v string) *DomainDescriptionType

SetCloudFrontDistribution sets the CloudFrontDistribution field's value.

func (*DomainDescriptionType) SetCustomDomainConfig added in v1.15.20

SetCustomDomainConfig sets the CustomDomainConfig field's value.

func (*DomainDescriptionType) SetDomain added in v1.8.33

SetDomain sets the Domain field's value.

func (*DomainDescriptionType) SetS3Bucket added in v1.8.33

SetS3Bucket sets the S3Bucket field's value.

func (*DomainDescriptionType) SetStatus added in v1.8.33

SetStatus sets the Status field's value.

func (*DomainDescriptionType) SetUserPoolId added in v1.8.33

func (s *DomainDescriptionType) SetUserPoolId(v string) *DomainDescriptionType

SetUserPoolId sets the UserPoolId field's value.

func (*DomainDescriptionType) SetVersion added in v1.8.33

SetVersion sets the Version field's value.

func (DomainDescriptionType) String added in v1.8.33

func (s DomainDescriptionType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DuplicateProviderException added in v1.28.0

type DuplicateProviderException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the provider is already supported by the user pool.

func (*DuplicateProviderException) Code added in v1.28.0

Code returns the exception type name.

func (*DuplicateProviderException) Error added in v1.28.0

func (DuplicateProviderException) GoString added in v1.28.0

func (s DuplicateProviderException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DuplicateProviderException) Message added in v1.28.0

func (s *DuplicateProviderException) Message() string

Message returns the exception's message.

func (*DuplicateProviderException) OrigErr added in v1.28.0

func (s *DuplicateProviderException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*DuplicateProviderException) RequestID added in v1.28.0

func (s *DuplicateProviderException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*DuplicateProviderException) StatusCode added in v1.28.0

func (s *DuplicateProviderException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (DuplicateProviderException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EmailConfigurationType added in v1.2.10

type EmailConfigurationType struct {

	// The set of configuration rules that can be applied to emails sent using Amazon
	// Simple Email Service. A configuration set is applied to an email by including
	// a reference to the configuration set in the headers of the email. Once applied,
	// all of the rules in that configuration set are applied to the email. Configuration
	// sets can be used to apply the following types of rules to emails:
	//
	// Event publishing
	//
	// Amazon Simple Email Service can track the number of send, delivery, open,
	// click, bounce, and complaint events for each email sent. Use event publishing
	// to send information about these events to other Amazon Web Services services
	// such as and Amazon CloudWatch
	//
	// IP pool management
	//
	// When leasing dedicated IP addresses with Amazon Simple Email Service, you
	// can create groups of IP addresses, called dedicated IP pools. You can then
	// associate the dedicated IP pools with configuration sets.
	ConfigurationSet *string `min:"1" type:"string"`

	// Specifies whether Amazon Cognito uses its built-in functionality to send
	// your users email messages, or uses your Amazon Simple Email Service email
	// configuration. Specify one of the following values:
	//
	// COGNITO_DEFAULT
	//
	// When Amazon Cognito emails your users, it uses its built-in email functionality.
	// When you use the default option, Amazon Cognito allows only a limited number
	// of emails each day for your user pool. For typical production environments,
	// the default email limit is less than the required delivery volume. To achieve
	// a higher delivery volume, specify DEVELOPER to use your Amazon SES email
	// configuration.
	//
	// To look up the email delivery limit for the default option, see Limits (https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html)
	// in the Amazon Cognito Developer Guide.
	//
	// The default FROM address is no-reply@verificationemail.com. To customize
	// the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES
	// verified email address for the SourceArn parameter.
	//
	// DEVELOPER
	//
	// When Amazon Cognito emails your users, it uses your Amazon SES configuration.
	// Amazon Cognito calls Amazon SES on your behalf to send email from your verified
	// email address. When you use this option, the email delivery limits are the
	// same limits that apply to your Amazon SES verified email address in your
	// Amazon Web Services account.
	//
	// If you use this option, provide the ARN of an Amazon SES verified email address
	// for the SourceArn parameter.
	//
	// Before Amazon Cognito can email your users, it requires additional permissions
	// to call Amazon SES on your behalf. When you update your user pool with this
	// option, Amazon Cognito creates a service-linked role, which is a type of
	// role in your Amazon Web Services account. This role contains the permissions
	// that allow you to access Amazon SES and send email messages from your email
	// address. For more information about the service-linked role that Amazon Cognito
	// creates, see Using Service-Linked Roles for Amazon Cognito (https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html)
	// in the Amazon Cognito Developer Guide.
	EmailSendingAccount *string `type:"string" enum:"EmailSendingAccountType"`

	// Either the sender’s email address or the sender’s name with their email
	// address. For example, testuser@example.com or Test User <testuser@example.com>.
	// This address appears before the body of the email.
	From *string `type:"string"`

	// The destination to which the receiver of the email should reply.
	ReplyToEmailAddress *string `type:"string"`

	// The ARN of a verified email address or an address from a verified domain
	// in Amazon SES. You can set a SourceArn email from a verified domain only
	// with an API request. You can set a verified email address, but not an address
	// in a verified domain, in the Amazon Cognito console. Amazon Cognito uses
	// the email address that you provide in one of the following ways, depending
	// on the value that you specify for the EmailSendingAccount parameter:
	//
	//    * If you specify COGNITO_DEFAULT, Amazon Cognito uses this address as
	//    the custom FROM address when it emails your users using its built-in email
	//    account.
	//
	//    * If you specify DEVELOPER, Amazon Cognito emails your users with this
	//    address by calling Amazon SES on your behalf.
	//
	// The Region value of the SourceArn parameter must indicate a supported Amazon
	// Web Services Region of your user pool. Typically, the Region in the SourceArn
	// and the user pool Region are the same. For more information, see Amazon SES
	// email configuration regions (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping)
	// in the Amazon Cognito Developer Guide (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html).
	SourceArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool.

Amazon Cognito can send email messages with Amazon Simple Email Service resources in the Amazon Web Services Region where you created your user pool, and in alternate Regions in some cases. For more information on the supported Regions, see Email settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html).

func (EmailConfigurationType) GoString added in v1.2.10

func (s EmailConfigurationType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EmailConfigurationType) SetConfigurationSet added in v1.25.36

func (s *EmailConfigurationType) SetConfigurationSet(v string) *EmailConfigurationType

SetConfigurationSet sets the ConfigurationSet field's value.

func (*EmailConfigurationType) SetEmailSendingAccount added in v1.19.12

func (s *EmailConfigurationType) SetEmailSendingAccount(v string) *EmailConfigurationType

SetEmailSendingAccount sets the EmailSendingAccount field's value.

func (*EmailConfigurationType) SetFrom added in v1.25.36

SetFrom sets the From field's value.

func (*EmailConfigurationType) SetReplyToEmailAddress added in v1.5.0

func (s *EmailConfigurationType) SetReplyToEmailAddress(v string) *EmailConfigurationType

SetReplyToEmailAddress sets the ReplyToEmailAddress field's value.

func (*EmailConfigurationType) SetSourceArn added in v1.5.0

SetSourceArn sets the SourceArn field's value.

func (EmailConfigurationType) String added in v1.2.10

func (s EmailConfigurationType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EmailConfigurationType) Validate added in v1.2.10

func (s *EmailConfigurationType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EnableSoftwareTokenMFAException added in v1.28.0

type EnableSoftwareTokenMFAException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when there is a code mismatch and the service fails to configure the software token TOTP multi-factor authentication (MFA).

func (*EnableSoftwareTokenMFAException) Code added in v1.28.0

Code returns the exception type name.

func (*EnableSoftwareTokenMFAException) Error added in v1.28.0

func (EnableSoftwareTokenMFAException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EnableSoftwareTokenMFAException) Message added in v1.28.0

Message returns the exception's message.

func (*EnableSoftwareTokenMFAException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*EnableSoftwareTokenMFAException) RequestID added in v1.28.0

func (s *EnableSoftwareTokenMFAException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*EnableSoftwareTokenMFAException) StatusCode added in v1.28.0

func (s *EnableSoftwareTokenMFAException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (EnableSoftwareTokenMFAException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EventContextDataType added in v1.12.35

type EventContextDataType struct {

	// The user's city.
	City *string `type:"string"`

	// The user's country.
	Country *string `type:"string"`

	// The user's device name.
	DeviceName *string `type:"string"`

	// The source IP address of your user's device.
	IpAddress *string `type:"string"`

	// The user's time zone.
	Timezone *string `type:"string"`
	// contains filtered or unexported fields
}

Specifies the user context data captured at the time of an event request.

func (EventContextDataType) GoString added in v1.12.35

func (s EventContextDataType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EventContextDataType) SetCity added in v1.12.35

SetCity sets the City field's value.

func (*EventContextDataType) SetCountry added in v1.12.35

SetCountry sets the Country field's value.

func (*EventContextDataType) SetDeviceName added in v1.12.35

func (s *EventContextDataType) SetDeviceName(v string) *EventContextDataType

SetDeviceName sets the DeviceName field's value.

func (*EventContextDataType) SetIpAddress added in v1.12.35

func (s *EventContextDataType) SetIpAddress(v string) *EventContextDataType

SetIpAddress sets the IpAddress field's value.

func (*EventContextDataType) SetTimezone added in v1.12.35

SetTimezone sets the Timezone field's value.

func (EventContextDataType) String added in v1.12.35

func (s EventContextDataType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EventFeedbackType added in v1.12.35

type EventFeedbackType struct {

	// The event feedback date.
	FeedbackDate *time.Time `type:"timestamp"`

	// The authentication event feedback value. When you provide a FeedbackValue
	// value of valid, you tell Amazon Cognito that you trust a user session where
	// Amazon Cognito has evaluated some level of risk. When you provide a FeedbackValue
	// value of invalid, you tell Amazon Cognito that you don't trust a user session,
	// or you don't believe that Amazon Cognito evaluated a high-enough risk level.
	//
	// FeedbackValue is a required field
	FeedbackValue *string `type:"string" required:"true" enum:"FeedbackValueType"`

	// The provider.
	//
	// Provider is a required field
	Provider *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

Specifies the event feedback type.

func (EventFeedbackType) GoString added in v1.12.35

func (s EventFeedbackType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EventFeedbackType) SetFeedbackDate added in v1.12.35

func (s *EventFeedbackType) SetFeedbackDate(v time.Time) *EventFeedbackType

SetFeedbackDate sets the FeedbackDate field's value.

func (*EventFeedbackType) SetFeedbackValue added in v1.12.35

func (s *EventFeedbackType) SetFeedbackValue(v string) *EventFeedbackType

SetFeedbackValue sets the FeedbackValue field's value.

func (*EventFeedbackType) SetProvider added in v1.12.35

func (s *EventFeedbackType) SetProvider(v string) *EventFeedbackType

SetProvider sets the Provider field's value.

func (EventFeedbackType) String added in v1.12.35

func (s EventFeedbackType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EventRiskType added in v1.12.35

type EventRiskType struct {

	// Indicates whether compromised credentials were detected during an authentication
	// event.
	CompromisedCredentialsDetected *bool `type:"boolean"`

	// The risk decision.
	RiskDecision *string `type:"string" enum:"RiskDecisionType"`

	// The risk level.
	RiskLevel *string `type:"string" enum:"RiskLevelType"`
	// contains filtered or unexported fields
}

The event risk type.

func (EventRiskType) GoString added in v1.12.35

func (s EventRiskType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EventRiskType) SetCompromisedCredentialsDetected added in v1.29.25

func (s *EventRiskType) SetCompromisedCredentialsDetected(v bool) *EventRiskType

SetCompromisedCredentialsDetected sets the CompromisedCredentialsDetected field's value.

func (*EventRiskType) SetRiskDecision added in v1.12.35

func (s *EventRiskType) SetRiskDecision(v string) *EventRiskType

SetRiskDecision sets the RiskDecision field's value.

func (*EventRiskType) SetRiskLevel added in v1.12.35

func (s *EventRiskType) SetRiskLevel(v string) *EventRiskType

SetRiskLevel sets the RiskLevel field's value.

func (EventRiskType) String added in v1.12.35

func (s EventRiskType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ExpiredCodeException added in v1.28.0

type ExpiredCodeException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the expired code exception is thrown.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown if a code has expired.

func (*ExpiredCodeException) Code added in v1.28.0

func (s *ExpiredCodeException) Code() string

Code returns the exception type name.

func (*ExpiredCodeException) Error added in v1.28.0

func (s *ExpiredCodeException) Error() string

func (ExpiredCodeException) GoString added in v1.28.0

func (s ExpiredCodeException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExpiredCodeException) Message added in v1.28.0

func (s *ExpiredCodeException) Message() string

Message returns the exception's message.

func (*ExpiredCodeException) OrigErr added in v1.28.0

func (s *ExpiredCodeException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ExpiredCodeException) RequestID added in v1.28.0

func (s *ExpiredCodeException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ExpiredCodeException) StatusCode added in v1.28.0

func (s *ExpiredCodeException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ExpiredCodeException) String added in v1.28.0

func (s ExpiredCodeException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ForbiddenException added in v1.44.69

type ForbiddenException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when WAF doesn't allow your request based on a web ACL
	// that's associated with your user pool.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

func (*ForbiddenException) Code added in v1.44.69

func (s *ForbiddenException) Code() string

Code returns the exception type name.

func (*ForbiddenException) Error added in v1.44.69

func (s *ForbiddenException) Error() string

func (ForbiddenException) GoString added in v1.44.69

func (s ForbiddenException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ForbiddenException) Message added in v1.44.69

func (s *ForbiddenException) Message() string

Message returns the exception's message.

func (*ForbiddenException) OrigErr added in v1.44.69

func (s *ForbiddenException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ForbiddenException) RequestID added in v1.44.69

func (s *ForbiddenException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ForbiddenException) StatusCode added in v1.44.69

func (s *ForbiddenException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ForbiddenException) String added in v1.44.69

func (s ForbiddenException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ForgetDeviceInput added in v1.2.10

type ForgetDeviceInput struct {

	// A valid access token that Amazon Cognito issued to the user whose registered
	// device you want to forget.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ForgetDeviceInput's
	// String and GoString methods.
	AccessToken *string `type:"string" sensitive:"true"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to forget the device.

func (ForgetDeviceInput) GoString added in v1.2.10

func (s ForgetDeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ForgetDeviceInput) SetAccessToken added in v1.5.0

func (s *ForgetDeviceInput) SetAccessToken(v string) *ForgetDeviceInput

SetAccessToken sets the AccessToken field's value.

func (*ForgetDeviceInput) SetDeviceKey added in v1.5.0

func (s *ForgetDeviceInput) SetDeviceKey(v string) *ForgetDeviceInput

SetDeviceKey sets the DeviceKey field's value.

func (ForgetDeviceInput) String added in v1.2.10

func (s ForgetDeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ForgetDeviceInput) Validate added in v1.2.10

func (s *ForgetDeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ForgetDeviceOutput added in v1.2.10

type ForgetDeviceOutput struct {
	// contains filtered or unexported fields
}

func (ForgetDeviceOutput) GoString added in v1.2.10

func (s ForgetDeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (ForgetDeviceOutput) String added in v1.2.10

func (s ForgetDeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ForgotPasswordInput

type ForgotPasswordInput struct {

	// The Amazon Pinpoint analytics metadata that contributes to your metrics for
	// ForgotPassword calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ForgotPasswordInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the ForgotPassword API action, Amazon Cognito invokes any functions
	// that are assigned to the following triggers: pre sign-up, custom message,
	// and user migration. When Amazon Cognito invokes any of these functions, it
	// passes a JSON payload, which the function receives as input. This payload
	// contains a clientMetadata attribute, which provides the data that you assigned
	// to the ClientMetadata parameter in your ForgotPassword request. In your function
	// code in Lambda, you can process the clientMetadata value to enhance your
	// workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// A keyed-hash message authentication code (HMAC) calculated using the secret
	// key of a user pool client and username plus the client ID in the message.
	//
	// SecretHash is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ForgotPasswordInput's
	// String and GoString methods.
	SecretHash *string `min:"1" type:"string" sensitive:"true"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ForgotPasswordInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ForgotPasswordInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to reset a user's password.

func (ForgotPasswordInput) GoString

func (s ForgotPasswordInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ForgotPasswordInput) SetAnalyticsMetadata added in v1.12.35

func (s *ForgotPasswordInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *ForgotPasswordInput

SetAnalyticsMetadata sets the AnalyticsMetadata field's value.

func (*ForgotPasswordInput) SetClientId added in v1.5.0

func (s *ForgotPasswordInput) SetClientId(v string) *ForgotPasswordInput

SetClientId sets the ClientId field's value.

func (*ForgotPasswordInput) SetClientMetadata added in v1.25.6

func (s *ForgotPasswordInput) SetClientMetadata(v map[string]*string) *ForgotPasswordInput

SetClientMetadata sets the ClientMetadata field's value.

func (*ForgotPasswordInput) SetSecretHash added in v1.5.0

func (s *ForgotPasswordInput) SetSecretHash(v string) *ForgotPasswordInput

SetSecretHash sets the SecretHash field's value.

func (*ForgotPasswordInput) SetUserContextData added in v1.12.35

func (s *ForgotPasswordInput) SetUserContextData(v *UserContextDataType) *ForgotPasswordInput

SetUserContextData sets the UserContextData field's value.

func (*ForgotPasswordInput) SetUsername added in v1.5.0

func (s *ForgotPasswordInput) SetUsername(v string) *ForgotPasswordInput

SetUsername sets the Username field's value.

func (ForgotPasswordInput) String

func (s ForgotPasswordInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ForgotPasswordInput) Validate added in v1.1.21

func (s *ForgotPasswordInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ForgotPasswordOutput

type ForgotPasswordOutput struct {

	// The code delivery details returned by the server in response to the request
	// to reset a password.
	CodeDeliveryDetails *CodeDeliveryDetailsType `type:"structure"`
	// contains filtered or unexported fields
}

The response from Amazon Cognito to a request to reset a password.

func (ForgotPasswordOutput) GoString

func (s ForgotPasswordOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ForgotPasswordOutput) SetCodeDeliveryDetails added in v1.5.0

func (s *ForgotPasswordOutput) SetCodeDeliveryDetails(v *CodeDeliveryDetailsType) *ForgotPasswordOutput

SetCodeDeliveryDetails sets the CodeDeliveryDetails field's value.

func (ForgotPasswordOutput) String

func (s ForgotPasswordOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetCSVHeaderInput added in v1.4.6

type GetCSVHeaderInput struct {

	// The user pool ID for the user pool that the users are to be imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to get the header information of the CSV file for the user import job.

func (GetCSVHeaderInput) GoString added in v1.4.6

func (s GetCSVHeaderInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetCSVHeaderInput) SetUserPoolId added in v1.5.0

func (s *GetCSVHeaderInput) SetUserPoolId(v string) *GetCSVHeaderInput

SetUserPoolId sets the UserPoolId field's value.

func (GetCSVHeaderInput) String added in v1.4.6

func (s GetCSVHeaderInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetCSVHeaderInput) Validate added in v1.4.6

func (s *GetCSVHeaderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetCSVHeaderOutput added in v1.4.6

type GetCSVHeaderOutput struct {

	// The header information of the CSV file for the user import job.
	CSVHeader []*string `type:"list"`

	// The user pool ID for the user pool that the users are to be imported into.
	UserPoolId *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Represents the response from the server to the request to get the header information of the CSV file for the user import job.

func (GetCSVHeaderOutput) GoString added in v1.4.6

func (s GetCSVHeaderOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetCSVHeaderOutput) SetCSVHeader added in v1.5.0

func (s *GetCSVHeaderOutput) SetCSVHeader(v []*string) *GetCSVHeaderOutput

SetCSVHeader sets the CSVHeader field's value.

func (*GetCSVHeaderOutput) SetUserPoolId added in v1.5.0

func (s *GetCSVHeaderOutput) SetUserPoolId(v string) *GetCSVHeaderOutput

SetUserPoolId sets the UserPoolId field's value.

func (GetCSVHeaderOutput) String added in v1.4.6

func (s GetCSVHeaderOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetDeviceInput added in v1.2.10

type GetDeviceInput struct {

	// A valid access token that Amazon Cognito issued to the user whose device
	// information you want to request.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetDeviceInput's
	// String and GoString methods.
	AccessToken *string `type:"string" sensitive:"true"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to get the device.

func (GetDeviceInput) GoString added in v1.2.10

func (s GetDeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetDeviceInput) SetAccessToken added in v1.5.0

func (s *GetDeviceInput) SetAccessToken(v string) *GetDeviceInput

SetAccessToken sets the AccessToken field's value.

func (*GetDeviceInput) SetDeviceKey added in v1.5.0

func (s *GetDeviceInput) SetDeviceKey(v string) *GetDeviceInput

SetDeviceKey sets the DeviceKey field's value.

func (GetDeviceInput) String added in v1.2.10

func (s GetDeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetDeviceInput) Validate added in v1.2.10

func (s *GetDeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetDeviceOutput added in v1.2.10

type GetDeviceOutput struct {

	// The device.
	//
	// Device is a required field
	Device *DeviceType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Gets the device response.

func (GetDeviceOutput) GoString added in v1.2.10

func (s GetDeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetDeviceOutput) SetDevice added in v1.5.0

func (s *GetDeviceOutput) SetDevice(v *DeviceType) *GetDeviceOutput

SetDevice sets the Device field's value.

func (GetDeviceOutput) String added in v1.2.10

func (s GetDeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetGroupInput added in v1.6.4

type GetGroupInput struct {

	// The name of the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetGroupInput) GoString added in v1.6.4

func (s GetGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetGroupInput) SetGroupName added in v1.6.4

func (s *GetGroupInput) SetGroupName(v string) *GetGroupInput

SetGroupName sets the GroupName field's value.

func (*GetGroupInput) SetUserPoolId added in v1.6.4

func (s *GetGroupInput) SetUserPoolId(v string) *GetGroupInput

SetUserPoolId sets the UserPoolId field's value.

func (GetGroupInput) String added in v1.6.4

func (s GetGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetGroupInput) Validate added in v1.6.4

func (s *GetGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetGroupOutput added in v1.6.4

type GetGroupOutput struct {

	// The group object for the group.
	Group *GroupType `type:"structure"`
	// contains filtered or unexported fields
}

func (GetGroupOutput) GoString added in v1.6.4

func (s GetGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetGroupOutput) SetGroup added in v1.6.4

func (s *GetGroupOutput) SetGroup(v *GroupType) *GetGroupOutput

SetGroup sets the Group field's value.

func (GetGroupOutput) String added in v1.6.4

func (s GetGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetIdentityProviderByIdentifierInput added in v1.8.33

type GetIdentityProviderByIdentifierInput struct {

	// The IdP identifier.
	//
	// IdpIdentifier is a required field
	IdpIdentifier *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetIdentityProviderByIdentifierInput) GoString added in v1.8.33

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetIdentityProviderByIdentifierInput) SetIdpIdentifier added in v1.8.33

SetIdpIdentifier sets the IdpIdentifier field's value.

func (*GetIdentityProviderByIdentifierInput) SetUserPoolId added in v1.8.33

SetUserPoolId sets the UserPoolId field's value.

func (GetIdentityProviderByIdentifierInput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetIdentityProviderByIdentifierInput) Validate added in v1.8.33

Validate inspects the fields of the type to determine if they are valid.

type GetIdentityProviderByIdentifierOutput added in v1.8.33

type GetIdentityProviderByIdentifierOutput struct {

	// The identity provider details.
	//
	// IdentityProvider is a required field
	IdentityProvider *IdentityProviderType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (GetIdentityProviderByIdentifierOutput) GoString added in v1.8.33

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetIdentityProviderByIdentifierOutput) SetIdentityProvider added in v1.8.33

SetIdentityProvider sets the IdentityProvider field's value.

func (GetIdentityProviderByIdentifierOutput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetLogDeliveryConfigurationInput added in v1.44.315

type GetLogDeliveryConfigurationInput struct {

	// The ID of the user pool where you want to view detailed activity logging
	// configuration.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetLogDeliveryConfigurationInput) GoString added in v1.44.315

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetLogDeliveryConfigurationInput) SetUserPoolId added in v1.44.315

SetUserPoolId sets the UserPoolId field's value.

func (GetLogDeliveryConfigurationInput) String added in v1.44.315

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetLogDeliveryConfigurationInput) Validate added in v1.44.315

Validate inspects the fields of the type to determine if they are valid.

type GetLogDeliveryConfigurationOutput added in v1.44.315

type GetLogDeliveryConfigurationOutput struct {

	// The detailed activity logging configuration of the requested user pool.
	LogDeliveryConfiguration *LogDeliveryConfigurationType `type:"structure"`
	// contains filtered or unexported fields
}

func (GetLogDeliveryConfigurationOutput) GoString added in v1.44.315

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetLogDeliveryConfigurationOutput) SetLogDeliveryConfiguration added in v1.44.315

SetLogDeliveryConfiguration sets the LogDeliveryConfiguration field's value.

func (GetLogDeliveryConfigurationOutput) String added in v1.44.315

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetSigningCertificateInput added in v1.12.75

type GetSigningCertificateInput struct {

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Request to get a signing certificate from Amazon Cognito.

func (GetSigningCertificateInput) GoString added in v1.12.75

func (s GetSigningCertificateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSigningCertificateInput) SetUserPoolId added in v1.12.75

SetUserPoolId sets the UserPoolId field's value.

func (GetSigningCertificateInput) String added in v1.12.75

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSigningCertificateInput) Validate added in v1.12.75

func (s *GetSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSigningCertificateOutput added in v1.12.75

type GetSigningCertificateOutput struct {

	// The signing certificate.
	Certificate *string `type:"string"`
	// contains filtered or unexported fields
}

Response from Amazon Cognito for a signing certificate request.

func (GetSigningCertificateOutput) GoString added in v1.12.75

func (s GetSigningCertificateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSigningCertificateOutput) SetCertificate added in v1.12.75

SetCertificate sets the Certificate field's value.

func (GetSigningCertificateOutput) String added in v1.12.75

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetUICustomizationInput added in v1.10.24

type GetUICustomizationInput struct {

	// The client ID for the client app.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetUICustomizationInput's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetUICustomizationInput) GoString added in v1.10.24

func (s GetUICustomizationInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUICustomizationInput) SetClientId added in v1.10.24

SetClientId sets the ClientId field's value.

func (*GetUICustomizationInput) SetUserPoolId added in v1.10.24

SetUserPoolId sets the UserPoolId field's value.

func (GetUICustomizationInput) String added in v1.10.24

func (s GetUICustomizationInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUICustomizationInput) Validate added in v1.10.24

func (s *GetUICustomizationInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUICustomizationOutput added in v1.10.24

type GetUICustomizationOutput struct {

	// The UI customization information.
	//
	// UICustomization is a required field
	UICustomization *UICustomizationType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (GetUICustomizationOutput) GoString added in v1.10.24

func (s GetUICustomizationOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUICustomizationOutput) SetUICustomization added in v1.10.24

SetUICustomization sets the UICustomization field's value.

func (GetUICustomizationOutput) String added in v1.10.24

func (s GetUICustomizationOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetUserAttributeVerificationCodeInput

type GetUserAttributeVerificationCodeInput struct {

	// A non-expired access token for the user whose attribute verification code
	// you want to generate.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetUserAttributeVerificationCodeInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The attribute name returned by the server response to get the user attribute
	// verification code.
	//
	// AttributeName is a required field
	AttributeName *string `min:"1" type:"string" required:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the GetUserAttributeVerificationCode API action, Amazon Cognito
	// invokes the function that is assigned to the custom message trigger. When
	// Amazon Cognito invokes this function, it passes a JSON payload, which the
	// function receives as input. This payload contains a clientMetadata attribute,
	// which provides the data that you assigned to the ClientMetadata parameter
	// in your GetUserAttributeVerificationCode request. In your function code in
	// Lambda, you can process the clientMetadata value to enhance your workflow
	// for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`
	// contains filtered or unexported fields
}

Represents the request to get user attribute verification.

func (GetUserAttributeVerificationCodeInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserAttributeVerificationCodeInput) SetAccessToken added in v1.5.0

SetAccessToken sets the AccessToken field's value.

func (*GetUserAttributeVerificationCodeInput) SetAttributeName added in v1.5.0

SetAttributeName sets the AttributeName field's value.

func (*GetUserAttributeVerificationCodeInput) SetClientMetadata added in v1.25.6

SetClientMetadata sets the ClientMetadata field's value.

func (GetUserAttributeVerificationCodeInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserAttributeVerificationCodeInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type GetUserAttributeVerificationCodeOutput

type GetUserAttributeVerificationCodeOutput struct {

	// The code delivery details returned by the server in response to the request
	// to get the user attribute verification code.
	CodeDeliveryDetails *CodeDeliveryDetailsType `type:"structure"`
	// contains filtered or unexported fields
}

The verification code response returned by the server response to get the user attribute verification code.

func (GetUserAttributeVerificationCodeOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserAttributeVerificationCodeOutput) SetCodeDeliveryDetails added in v1.5.0

SetCodeDeliveryDetails sets the CodeDeliveryDetails field's value.

func (GetUserAttributeVerificationCodeOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetUserInput

type GetUserInput struct {

	// A non-expired access token for the user whose information you want to query.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetUserInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to get information about the user.

func (GetUserInput) GoString

func (s GetUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserInput) SetAccessToken added in v1.5.0

func (s *GetUserInput) SetAccessToken(v string) *GetUserInput

SetAccessToken sets the AccessToken field's value.

func (GetUserInput) String

func (s GetUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserInput) Validate added in v1.8.33

func (s *GetUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUserOutput

type GetUserOutput struct {

	// This response parameter is no longer supported. It provides information only
	// about SMS MFA configurations. It doesn't provide information about time-based
	// one-time password (TOTP) software token MFA configurations. To look up information
	// about either type of MFA configuration, use UserMFASettingList instead.
	MFAOptions []*MFAOptionType `type:"list"`

	// The user's preferred MFA setting.
	PreferredMfaSetting *string `type:"string"`

	// An array of name-value pairs representing user attributes.
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	//
	// UserAttributes is a required field
	UserAttributes []*AttributeType `type:"list" required:"true"`

	// The MFA options that are activated for the user. The possible values in this
	// list are SMS_MFA and SOFTWARE_TOKEN_MFA.
	UserMFASettingList []*string `type:"list"`

	// The username of the user that you requested.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetUserOutput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the response from the server from the request to get information about the user.

func (GetUserOutput) GoString

func (s GetUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserOutput) SetMFAOptions added in v1.5.0

func (s *GetUserOutput) SetMFAOptions(v []*MFAOptionType) *GetUserOutput

SetMFAOptions sets the MFAOptions field's value.

func (*GetUserOutput) SetPreferredMfaSetting added in v1.12.35

func (s *GetUserOutput) SetPreferredMfaSetting(v string) *GetUserOutput

SetPreferredMfaSetting sets the PreferredMfaSetting field's value.

func (*GetUserOutput) SetUserAttributes added in v1.5.0

func (s *GetUserOutput) SetUserAttributes(v []*AttributeType) *GetUserOutput

SetUserAttributes sets the UserAttributes field's value.

func (*GetUserOutput) SetUserMFASettingList added in v1.12.35

func (s *GetUserOutput) SetUserMFASettingList(v []*string) *GetUserOutput

SetUserMFASettingList sets the UserMFASettingList field's value.

func (*GetUserOutput) SetUsername added in v1.5.0

func (s *GetUserOutput) SetUsername(v string) *GetUserOutput

SetUsername sets the Username field's value.

func (GetUserOutput) String

func (s GetUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetUserPoolMfaConfigInput added in v1.12.35

type GetUserPoolMfaConfigInput struct {

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetUserPoolMfaConfigInput) GoString added in v1.12.35

func (s GetUserPoolMfaConfigInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserPoolMfaConfigInput) SetUserPoolId added in v1.12.35

SetUserPoolId sets the UserPoolId field's value.

func (GetUserPoolMfaConfigInput) String added in v1.12.35

func (s GetUserPoolMfaConfigInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserPoolMfaConfigInput) Validate added in v1.12.35

func (s *GetUserPoolMfaConfigInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUserPoolMfaConfigOutput added in v1.12.35

type GetUserPoolMfaConfigOutput struct {

	// The multi-factor authentication (MFA) configuration. Valid values include:
	//
	//    * OFF MFA won't be used for any users.
	//
	//    * ON MFA is required for all users to sign in.
	//
	//    * OPTIONAL MFA will be required only for individual users who have an
	//    MFA factor activated.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// The SMS text message multi-factor authentication (MFA) configuration.
	SmsMfaConfiguration *SmsMfaConfigType `type:"structure"`

	// The software token multi-factor authentication (MFA) configuration.
	SoftwareTokenMfaConfiguration *SoftwareTokenMfaConfigType `type:"structure"`
	// contains filtered or unexported fields
}

func (GetUserPoolMfaConfigOutput) GoString added in v1.12.35

func (s GetUserPoolMfaConfigOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserPoolMfaConfigOutput) SetMfaConfiguration added in v1.12.35

SetMfaConfiguration sets the MfaConfiguration field's value.

func (*GetUserPoolMfaConfigOutput) SetSmsMfaConfiguration added in v1.12.35

SetSmsMfaConfiguration sets the SmsMfaConfiguration field's value.

func (*GetUserPoolMfaConfigOutput) SetSoftwareTokenMfaConfiguration added in v1.12.35

func (s *GetUserPoolMfaConfigOutput) SetSoftwareTokenMfaConfiguration(v *SoftwareTokenMfaConfigType) *GetUserPoolMfaConfigOutput

SetSoftwareTokenMfaConfiguration sets the SoftwareTokenMfaConfiguration field's value.

func (GetUserPoolMfaConfigOutput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GlobalSignOutInput added in v1.2.10

type GlobalSignOutInput struct {

	// A valid access token that Amazon Cognito issued to the user who you want
	// to sign out.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GlobalSignOutInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to sign out all devices.

func (GlobalSignOutInput) GoString added in v1.2.10

func (s GlobalSignOutInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GlobalSignOutInput) SetAccessToken added in v1.5.0

func (s *GlobalSignOutInput) SetAccessToken(v string) *GlobalSignOutInput

SetAccessToken sets the AccessToken field's value.

func (GlobalSignOutInput) String added in v1.2.10

func (s GlobalSignOutInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GlobalSignOutInput) Validate added in v1.8.33

func (s *GlobalSignOutInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GlobalSignOutOutput added in v1.2.10

type GlobalSignOutOutput struct {
	// contains filtered or unexported fields
}

The response to the request to sign out all devices.

func (GlobalSignOutOutput) GoString added in v1.2.10

func (s GlobalSignOutOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (GlobalSignOutOutput) String added in v1.2.10

func (s GlobalSignOutOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GroupExistsException added in v1.28.0

type GroupExistsException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when Amazon Cognito encounters a group that already exists in the user pool.

func (*GroupExistsException) Code added in v1.28.0

func (s *GroupExistsException) Code() string

Code returns the exception type name.

func (*GroupExistsException) Error added in v1.28.0

func (s *GroupExistsException) Error() string

func (GroupExistsException) GoString added in v1.28.0

func (s GroupExistsException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GroupExistsException) Message added in v1.28.0

func (s *GroupExistsException) Message() string

Message returns the exception's message.

func (*GroupExistsException) OrigErr added in v1.28.0

func (s *GroupExistsException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*GroupExistsException) RequestID added in v1.28.0

func (s *GroupExistsException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*GroupExistsException) StatusCode added in v1.28.0

func (s *GroupExistsException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (GroupExistsException) String added in v1.28.0

func (s GroupExistsException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GroupType added in v1.6.4

type GroupType struct {

	// The date and time when the item was created. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	CreationDate *time.Time `type:"timestamp"`

	// A string containing the description of the group.
	Description *string `type:"string"`

	// The name of the group.
	GroupName *string `min:"1" type:"string"`

	// The date and time when the item was modified. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	LastModifiedDate *time.Time `type:"timestamp"`

	// A non-negative integer value that specifies the precedence of this group
	// relative to the other groups that a user can belong to in the user pool.
	// Zero is the highest precedence value. Groups with lower Precedence values
	// take precedence over groups with higher ornull Precedence values. If a user
	// belongs to two or more groups, it is the group with the lowest precedence
	// value whose role ARN is given in the user's tokens for the cognito:roles
	// and cognito:preferred_role claims.
	//
	// Two groups can have the same Precedence value. If this happens, neither group
	// takes precedence over the other. If two groups with the same Precedence have
	// the same role ARN, that role is used in the cognito:preferred_role claim
	// in tokens for users in each group. If the two groups have different role
	// ARNs, the cognito:preferred_role claim isn't set in users' tokens.
	//
	// The default Precedence value is null.
	Precedence *int64 `type:"integer"`

	// The role Amazon Resource Name (ARN) for the group.
	RoleArn *string `min:"20" type:"string"`

	// The user pool ID for the user pool.
	UserPoolId *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

The group type.

func (GroupType) GoString added in v1.6.4

func (s GroupType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GroupType) SetCreationDate added in v1.6.4

func (s *GroupType) SetCreationDate(v time.Time) *GroupType

SetCreationDate sets the CreationDate field's value.

func (*GroupType) SetDescription added in v1.6.4

func (s *GroupType) SetDescription(v string) *GroupType

SetDescription sets the Description field's value.

func (*GroupType) SetGroupName added in v1.6.4

func (s *GroupType) SetGroupName(v string) *GroupType

SetGroupName sets the GroupName field's value.

func (*GroupType) SetLastModifiedDate added in v1.6.4

func (s *GroupType) SetLastModifiedDate(v time.Time) *GroupType

SetLastModifiedDate sets the LastModifiedDate field's value.

func (*GroupType) SetPrecedence added in v1.6.4

func (s *GroupType) SetPrecedence(v int64) *GroupType

SetPrecedence sets the Precedence field's value.

func (*GroupType) SetRoleArn added in v1.6.4

func (s *GroupType) SetRoleArn(v string) *GroupType

SetRoleArn sets the RoleArn field's value.

func (*GroupType) SetUserPoolId added in v1.6.4

func (s *GroupType) SetUserPoolId(v string) *GroupType

SetUserPoolId sets the UserPoolId field's value.

func (GroupType) String added in v1.6.4

func (s GroupType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type HttpHeader added in v1.12.35

type HttpHeader struct {

	// The header name.
	HeaderName *string `locationName:"headerName" type:"string"`

	// The header value.
	HeaderValue *string `locationName:"headerValue" type:"string"`
	// contains filtered or unexported fields
}

The HTTP header.

func (HttpHeader) GoString added in v1.12.35

func (s HttpHeader) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*HttpHeader) SetHeaderName added in v1.12.35

func (s *HttpHeader) SetHeaderName(v string) *HttpHeader

SetHeaderName sets the HeaderName field's value.

func (*HttpHeader) SetHeaderValue added in v1.12.35

func (s *HttpHeader) SetHeaderValue(v string) *HttpHeader

SetHeaderValue sets the HeaderValue field's value.

func (HttpHeader) String added in v1.12.35

func (s HttpHeader) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IdentityProviderType added in v1.8.33

type IdentityProviderType struct {

	// A mapping of IdP attributes to standard and custom user pool attributes.
	AttributeMapping map[string]*string `type:"map"`

	// The date and time when the item was created. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	CreationDate *time.Time `type:"timestamp"`

	// A list of IdP identifiers.
	IdpIdentifiers []*string `type:"list"`

	// The date and time when the item was modified. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	LastModifiedDate *time.Time `type:"timestamp"`

	// The scopes, URLs, and identifiers for your external identity provider. The
	// following examples describe the provider detail keys for each IdP type. These
	// values and their schema are subject to change. Social IdP authorize_scopes
	// values must match the values listed here.
	//
	// OpenID Connect (OIDC)
	//
	// Amazon Cognito accepts the following elements when it can't discover endpoint
	// URLs from oidc_issuer: attributes_url, authorize_url, jwks_uri, token_url.
	//
	// Create or update request: "ProviderDetails": { "attributes_request_method":
	// "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes":
	// "openid profile email", "authorize_url": "https://auth.example.com/authorize",
	// "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
	// "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
	// "https://auth.example.com", "token_url": "https://example.com/token" }
	//
	// Describe response: "ProviderDetails": { "attributes_request_method": "GET",
	// "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes":
	// "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize",
	// "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
	// "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
	// "https://auth.example.com", "token_url": "https://example.com/token" }
	//
	// SAML
	//
	// Create or update request with Metadata URL: "ProviderDetails": { "IDPInit":
	// "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL":
	// "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
	// "rsa-sha256" }
	//
	// Create or update request with Metadata file: "ProviderDetails": { "IDPInit":
	// "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile":
	// "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
	//
	// The value of MetadataFile must be the plaintext metadata document with all
	// quote (") characters escaped by backslashes.
	//
	// Describe response: "ProviderDetails": { "IDPInit": "true", "IDPSignout":
	// "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
	// "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
	// "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml",
	// "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
	//
	// LoginWithAmazon
	//
	// Create or update request: "ProviderDetails": { "authorize_scopes": "profile
	// postal_code", "client_id": "amzn1.application-oa2-client.1example23456789",
	// "client_secret": "provider-app-client-secret"
	//
	// Describe response: "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile",
	// "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code",
	// "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789",
	// "client_secret": "provider-app-client-secret", "token_request_method": "POST",
	// "token_url": "https://api.amazon.com/auth/o2/token" }
	//
	// Google
	//
	// Create or update request: "ProviderDetails": { "authorize_scopes": "email
	// profile openid", "client_id": "1example23456789.apps.googleusercontent.com",
	// "client_secret": "provider-app-client-secret" }
	//
	// Describe response: "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=",
	// "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
	// openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
	// "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
	// "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
	// "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token"
	// }
	//
	// SignInWithApple
	//
	// Create or update request: "ProviderDetails": { "authorize_scopes": "email
	// name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id":
	// "2EXAMPLE", "team_id": "3EXAMPLE" }
	//
	// Describe response: "ProviderDetails": { "attributes_url_add_attributes":
	// "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize",
	// "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer":
	// "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method":
	// "POST", "token_url": "https://appleid.apple.com/auth/token" }
	//
	// Facebook
	//
	// Create or update request: "ProviderDetails": { "api_version": "v17.0", "authorize_scopes":
	// "public_profile, email", "client_id": "1example23456789", "client_secret":
	// "provider-app-client-secret" }
	//
	// Describe response: "ProviderDetails": { "api_version": "v17.0", "attributes_url":
	// "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes":
	// "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
	// "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
	// "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token"
	// }
	ProviderDetails map[string]*string `type:"map"`

	// The IdP name.
	ProviderName *string `min:"1" type:"string"`

	// The IdP type.
	ProviderType *string `type:"string" enum:"IdentityProviderTypeType"`

	// The user pool ID.
	UserPoolId *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

A container for information about an IdP.

func (IdentityProviderType) GoString added in v1.8.33

func (s IdentityProviderType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentityProviderType) SetAttributeMapping added in v1.8.33

func (s *IdentityProviderType) SetAttributeMapping(v map[string]*string) *IdentityProviderType

SetAttributeMapping sets the AttributeMapping field's value.

func (*IdentityProviderType) SetCreationDate added in v1.8.33

func (s *IdentityProviderType) SetCreationDate(v time.Time) *IdentityProviderType

SetCreationDate sets the CreationDate field's value.

func (*IdentityProviderType) SetIdpIdentifiers added in v1.8.33

func (s *IdentityProviderType) SetIdpIdentifiers(v []*string) *IdentityProviderType

SetIdpIdentifiers sets the IdpIdentifiers field's value.

func (*IdentityProviderType) SetLastModifiedDate added in v1.8.33

func (s *IdentityProviderType) SetLastModifiedDate(v time.Time) *IdentityProviderType

SetLastModifiedDate sets the LastModifiedDate field's value.

func (*IdentityProviderType) SetProviderDetails added in v1.8.33

func (s *IdentityProviderType) SetProviderDetails(v map[string]*string) *IdentityProviderType

SetProviderDetails sets the ProviderDetails field's value.

func (*IdentityProviderType) SetProviderName added in v1.8.33

func (s *IdentityProviderType) SetProviderName(v string) *IdentityProviderType

SetProviderName sets the ProviderName field's value.

func (*IdentityProviderType) SetProviderType added in v1.8.33

func (s *IdentityProviderType) SetProviderType(v string) *IdentityProviderType

SetProviderType sets the ProviderType field's value.

func (*IdentityProviderType) SetUserPoolId added in v1.8.33

func (s *IdentityProviderType) SetUserPoolId(v string) *IdentityProviderType

SetUserPoolId sets the UserPoolId field's value.

func (IdentityProviderType) String added in v1.8.33

func (s IdentityProviderType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InitiateAuthInput added in v1.2.10

type InitiateAuthInput struct {

	// The Amazon Pinpoint analytics metadata that contributes to your metrics for
	// InitiateAuth calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The authentication flow for this call to run. The API action will depend
	// on this value. For example:
	//
	//    * REFRESH_TOKEN_AUTH takes in a valid refresh token and returns new tokens.
	//
	//    * USER_SRP_AUTH takes in USERNAME and SRP_A and returns the SRP variables
	//    to be used for next challenge execution.
	//
	//    * USER_PASSWORD_AUTH takes in USERNAME and PASSWORD and returns the next
	//    challenge or tokens.
	//
	// Valid values include:
	//
	//    * USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP)
	//    protocol.
	//
	//    * REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for refreshing
	//    the access token and ID token by supplying a valid refresh token.
	//
	//    * CUSTOM_AUTH: Custom authentication flow.
	//
	//    * USER_PASSWORD_AUTH: Non-SRP authentication flow; user name and password
	//    are passed directly. If a user migration Lambda trigger is set, this flow
	//    will invoke the user migration Lambda if it doesn't find the user name
	//    in the user pool.
	//
	// ADMIN_NO_SRP_AUTH isn't a valid value.
	//
	// AuthFlow is a required field
	AuthFlow *string `type:"string" required:"true" enum:"AuthFlowType"`

	// The authentication parameters. These are inputs corresponding to the AuthFlow
	// that you're invoking. The required values depend on the value of AuthFlow:
	//
	//    * For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH
	//    (required if the app client is configured with a client secret), DEVICE_KEY.
	//
	//    * For USER_PASSWORD_AUTH: USERNAME (required), PASSWORD (required), SECRET_HASH
	//    (required if the app client is configured with a client secret), DEVICE_KEY.
	//
	//    * For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH
	//    (required if the app client is configured with a client secret), DEVICE_KEY.
	//
	//    * For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is
	//    configured with client secret), DEVICE_KEY. To start the authentication
	//    flow with password verification, include ChallengeName: SRP_A and SRP_A:
	//    (The SRP_A Value).
	//
	// For more information about SECRET_HASH, see Computing secret hash values
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash).
	// For information about DEVICE_KEY, see Working with user devices in your user
	// pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).
	//
	// AuthParameters is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by InitiateAuthInput's
	// String and GoString methods.
	AuthParameters map[string]*string `type:"map" sensitive:"true"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by InitiateAuthInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for certain
	// custom workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the InitiateAuth API action, Amazon Cognito invokes the Lambda
	// functions that are specified for various triggers. The ClientMetadata value
	// is passed as input to the functions for only the following triggers:
	//
	//    * Pre signup
	//
	//    * Pre authentication
	//
	//    * User migration
	//
	// When Amazon Cognito invokes the functions for these triggers, it passes a
	// JSON payload, which the function receives as input. This payload contains
	// a validationData attribute, which provides the data that you assigned to
	// the ClientMetadata parameter in your InitiateAuth request. In your function
	// code in Lambda, you can process the validationData value to enhance your
	// workflow for your specific needs.
	//
	// When you use the InitiateAuth API action, Amazon Cognito also invokes the
	// functions for the following triggers, but it doesn't provide the ClientMetadata
	// value as input:
	//
	//    * Post authentication
	//
	//    * Custom message
	//
	//    * Pre token generation
	//
	//    * Create auth challenge
	//
	//    * Define auth challenge
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by InitiateAuthInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`
	// contains filtered or unexported fields
}

Initiates the authentication request.

func (InitiateAuthInput) GoString added in v1.2.10

func (s InitiateAuthInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InitiateAuthInput) SetAnalyticsMetadata added in v1.12.35

func (s *InitiateAuthInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *InitiateAuthInput

SetAnalyticsMetadata sets the AnalyticsMetadata field's value.

func (*InitiateAuthInput) SetAuthFlow added in v1.5.0

func (s *InitiateAuthInput) SetAuthFlow(v string) *InitiateAuthInput

SetAuthFlow sets the AuthFlow field's value.

func (*InitiateAuthInput) SetAuthParameters added in v1.5.0

func (s *InitiateAuthInput) SetAuthParameters(v map[string]*string) *InitiateAuthInput

SetAuthParameters sets the AuthParameters field's value.

func (*InitiateAuthInput) SetClientId added in v1.5.0

func (s *InitiateAuthInput) SetClientId(v string) *InitiateAuthInput

SetClientId sets the ClientId field's value.

func (*InitiateAuthInput) SetClientMetadata added in v1.5.0

func (s *InitiateAuthInput) SetClientMetadata(v map[string]*string) *InitiateAuthInput

SetClientMetadata sets the ClientMetadata field's value.

func (*InitiateAuthInput) SetUserContextData added in v1.12.35

func (s *InitiateAuthInput) SetUserContextData(v *UserContextDataType) *InitiateAuthInput

SetUserContextData sets the UserContextData field's value.

func (InitiateAuthInput) String added in v1.2.10

func (s InitiateAuthInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InitiateAuthInput) Validate added in v1.2.10

func (s *InitiateAuthInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type InitiateAuthOutput added in v1.2.10

type InitiateAuthOutput struct {

	// The result of the authentication response. This result is only returned if
	// the caller doesn't need to pass another challenge. If the caller does need
	// to pass another challenge before it gets tokens, ChallengeName, ChallengeParameters,
	// and Session are returned.
	AuthenticationResult *AuthenticationResultType `type:"structure"`

	// The name of the challenge that you're responding to with this call. This
	// name is returned in the InitiateAuth response if you must pass another challenge.
	//
	// Valid values include the following:
	//
	// All of the following challenges require USERNAME and SECRET_HASH (if applicable)
	// in the parameters.
	//
	//    * SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via
	//    SMS.
	//
	//    * PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
	//    PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
	//
	//    * CUSTOM_CHALLENGE: This is returned if your custom authentication flow
	//    determines that the user should pass another challenge before tokens are
	//    issued.
	//
	//    * DEVICE_SRP_AUTH: If device tracking was activated on your user pool
	//    and the previous challenges were passed, this challenge is returned so
	//    that Amazon Cognito can start tracking this device.
	//
	//    * DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices
	//    only.
	//
	//    * NEW_PASSWORD_REQUIRED: For users who are required to change their passwords
	//    after successful first login. Respond to this challenge with NEW_PASSWORD
	//    and any required attributes that Amazon Cognito returned in the requiredAttributes
	//    parameter. You can also set values for attributes that aren't required
	//    by your user pool and that your app client can write. For more information,
	//    see RespondToAuthChallenge (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RespondToAuthChallenge.html).
	//    In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required
	//    attribute that already has a value. In RespondToAuthChallenge, set a value
	//    for any keys that Amazon Cognito returned in the requiredAttributes parameter,
	//    then use the UpdateUserAttributes API operation to modify the value of
	//    any additional attributes.
	//
	//    * MFA_SETUP: For users who are required to setup an MFA factor before
	//    they can sign in. The MFA types activated for the user pool will be listed
	//    in the challenge parameters MFAS_CAN_SETUP value. To set up software token
	//    MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken.
	//    Use the session returned by VerifySoftwareToken as an input to RespondToAuthChallenge
	//    with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA,
	//    an administrator should help the user to add a phone number to their account,
	//    and then the user should call InitiateAuth again to restart sign-in.
	ChallengeName *string `type:"string" enum:"ChallengeNameType"`

	// The challenge parameters. These are returned in the InitiateAuth response
	// if you must pass another challenge. The responses in this parameter should
	// be used to compute inputs to the next call (RespondToAuthChallenge).
	//
	// All challenges require USERNAME and SECRET_HASH (if applicable).
	ChallengeParameters map[string]*string `type:"map"`

	// The session that should pass both ways in challenge-response calls to the
	// service. If the caller must pass another challenge, they return a session
	// with other challenge parameters. This session should be passed as it is to
	// the next RespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by InitiateAuthOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

Initiates the authentication response.

func (InitiateAuthOutput) GoString added in v1.2.10

func (s InitiateAuthOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InitiateAuthOutput) SetAuthenticationResult added in v1.5.0

func (s *InitiateAuthOutput) SetAuthenticationResult(v *AuthenticationResultType) *InitiateAuthOutput

SetAuthenticationResult sets the AuthenticationResult field's value.

func (*InitiateAuthOutput) SetChallengeName added in v1.5.0

func (s *InitiateAuthOutput) SetChallengeName(v string) *InitiateAuthOutput

SetChallengeName sets the ChallengeName field's value.

func (*InitiateAuthOutput) SetChallengeParameters added in v1.5.0

func (s *InitiateAuthOutput) SetChallengeParameters(v map[string]*string) *InitiateAuthOutput

SetChallengeParameters sets the ChallengeParameters field's value.

func (*InitiateAuthOutput) SetSession added in v1.5.0

func (s *InitiateAuthOutput) SetSession(v string) *InitiateAuthOutput

SetSession sets the Session field's value.

func (InitiateAuthOutput) String added in v1.2.10

func (s InitiateAuthOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InternalErrorException added in v1.28.0

type InternalErrorException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws an internal error exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when Amazon Cognito encounters an internal error.

func (*InternalErrorException) Code added in v1.28.0

func (s *InternalErrorException) Code() string

Code returns the exception type name.

func (*InternalErrorException) Error added in v1.28.0

func (s *InternalErrorException) Error() string

func (InternalErrorException) GoString added in v1.28.0

func (s InternalErrorException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InternalErrorException) Message added in v1.28.0

func (s *InternalErrorException) Message() string

Message returns the exception's message.

func (*InternalErrorException) OrigErr added in v1.28.0

func (s *InternalErrorException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InternalErrorException) RequestID added in v1.28.0

func (s *InternalErrorException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InternalErrorException) StatusCode added in v1.28.0

func (s *InternalErrorException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InternalErrorException) String added in v1.28.0

func (s InternalErrorException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidEmailRoleAccessPolicyException added in v1.28.0

type InvalidEmailRoleAccessPolicyException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when you have an unverified email address or the identity
	// policy isn't set on an email address that Amazon Cognito can access.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

func (*InvalidEmailRoleAccessPolicyException) Code added in v1.28.0

Code returns the exception type name.

func (*InvalidEmailRoleAccessPolicyException) Error added in v1.28.0

func (InvalidEmailRoleAccessPolicyException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidEmailRoleAccessPolicyException) Message added in v1.28.0

Message returns the exception's message.

func (*InvalidEmailRoleAccessPolicyException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidEmailRoleAccessPolicyException) RequestID added in v1.28.0

RequestID returns the service's response RequestID for request.

func (*InvalidEmailRoleAccessPolicyException) StatusCode added in v1.28.0

Status code returns the HTTP status code for the request's response error.

func (InvalidEmailRoleAccessPolicyException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidLambdaResponseException added in v1.28.0

type InvalidLambdaResponseException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws an invalid Lambda response
	// exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

func (*InvalidLambdaResponseException) Code added in v1.28.0

Code returns the exception type name.

func (*InvalidLambdaResponseException) Error added in v1.28.0

func (InvalidLambdaResponseException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidLambdaResponseException) Message added in v1.28.0

Message returns the exception's message.

func (*InvalidLambdaResponseException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidLambdaResponseException) RequestID added in v1.28.0

func (s *InvalidLambdaResponseException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InvalidLambdaResponseException) StatusCode added in v1.28.0

func (s *InvalidLambdaResponseException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InvalidLambdaResponseException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidOAuthFlowException added in v1.28.0

type InvalidOAuthFlowException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the specified OAuth flow is not valid.

func (*InvalidOAuthFlowException) Code added in v1.28.0

Code returns the exception type name.

func (*InvalidOAuthFlowException) Error added in v1.28.0

func (s *InvalidOAuthFlowException) Error() string

func (InvalidOAuthFlowException) GoString added in v1.28.0

func (s InvalidOAuthFlowException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidOAuthFlowException) Message added in v1.28.0

func (s *InvalidOAuthFlowException) Message() string

Message returns the exception's message.

func (*InvalidOAuthFlowException) OrigErr added in v1.28.0

func (s *InvalidOAuthFlowException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidOAuthFlowException) RequestID added in v1.28.0

func (s *InvalidOAuthFlowException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InvalidOAuthFlowException) StatusCode added in v1.28.0

func (s *InvalidOAuthFlowException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InvalidOAuthFlowException) String added in v1.28.0

func (s InvalidOAuthFlowException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidParameterException added in v1.28.0

type InvalidParameterException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the Amazon Cognito service throws an invalid parameter
	// exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

func (*InvalidParameterException) Code added in v1.28.0

Code returns the exception type name.

func (*InvalidParameterException) Error added in v1.28.0

func (s *InvalidParameterException) Error() string

func (InvalidParameterException) GoString added in v1.28.0

func (s InvalidParameterException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidParameterException) Message added in v1.28.0

func (s *InvalidParameterException) Message() string

Message returns the exception's message.

func (*InvalidParameterException) OrigErr added in v1.28.0

func (s *InvalidParameterException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidParameterException) RequestID added in v1.28.0

func (s *InvalidParameterException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InvalidParameterException) StatusCode added in v1.28.0

func (s *InvalidParameterException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InvalidParameterException) String added in v1.28.0

func (s InvalidParameterException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidPasswordException added in v1.28.0

type InvalidPasswordException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws an invalid user password
	// exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when Amazon Cognito encounters an invalid password.

func (*InvalidPasswordException) Code added in v1.28.0

func (s *InvalidPasswordException) Code() string

Code returns the exception type name.

func (*InvalidPasswordException) Error added in v1.28.0

func (s *InvalidPasswordException) Error() string

func (InvalidPasswordException) GoString added in v1.28.0

func (s InvalidPasswordException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidPasswordException) Message added in v1.28.0

func (s *InvalidPasswordException) Message() string

Message returns the exception's message.

func (*InvalidPasswordException) OrigErr added in v1.28.0

func (s *InvalidPasswordException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidPasswordException) RequestID added in v1.28.0

func (s *InvalidPasswordException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InvalidPasswordException) StatusCode added in v1.28.0

func (s *InvalidPasswordException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InvalidPasswordException) String added in v1.28.0

func (s InvalidPasswordException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidSmsRoleAccessPolicyException added in v1.28.0

type InvalidSmsRoleAccessPolicyException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the invalid SMS role access policy exception is
	// thrown.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

func (*InvalidSmsRoleAccessPolicyException) Code added in v1.28.0

Code returns the exception type name.

func (*InvalidSmsRoleAccessPolicyException) Error added in v1.28.0

func (InvalidSmsRoleAccessPolicyException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidSmsRoleAccessPolicyException) Message added in v1.28.0

Message returns the exception's message.

func (*InvalidSmsRoleAccessPolicyException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidSmsRoleAccessPolicyException) RequestID added in v1.28.0

RequestID returns the service's response RequestID for request.

func (*InvalidSmsRoleAccessPolicyException) StatusCode added in v1.28.0

func (s *InvalidSmsRoleAccessPolicyException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InvalidSmsRoleAccessPolicyException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidSmsRoleTrustRelationshipException added in v1.28.0

type InvalidSmsRoleTrustRelationshipException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the role trust relationship for the SMS message
	// is not valid.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

func (*InvalidSmsRoleTrustRelationshipException) Code added in v1.28.0

Code returns the exception type name.

func (*InvalidSmsRoleTrustRelationshipException) Error added in v1.28.0

func (InvalidSmsRoleTrustRelationshipException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidSmsRoleTrustRelationshipException) Message added in v1.28.0

Message returns the exception's message.

func (*InvalidSmsRoleTrustRelationshipException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidSmsRoleTrustRelationshipException) RequestID added in v1.28.0

RequestID returns the service's response RequestID for request.

func (*InvalidSmsRoleTrustRelationshipException) StatusCode added in v1.28.0

Status code returns the HTTP status code for the request's response error.

func (InvalidSmsRoleTrustRelationshipException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidUserPoolConfigurationException added in v1.28.0

type InvalidUserPoolConfigurationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the user pool configuration is not valid.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the user pool configuration is not valid.

func (*InvalidUserPoolConfigurationException) Code added in v1.28.0

Code returns the exception type name.

func (*InvalidUserPoolConfigurationException) Error added in v1.28.0

func (InvalidUserPoolConfigurationException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidUserPoolConfigurationException) Message added in v1.28.0

Message returns the exception's message.

func (*InvalidUserPoolConfigurationException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidUserPoolConfigurationException) RequestID added in v1.28.0

RequestID returns the service's response RequestID for request.

func (*InvalidUserPoolConfigurationException) StatusCode added in v1.28.0

Status code returns the HTTP status code for the request's response error.

func (InvalidUserPoolConfigurationException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type LambdaConfigType

type LambdaConfigType struct {

	// Creates an authentication challenge.
	CreateAuthChallenge *string `min:"20" type:"string"`

	// A custom email sender Lambda trigger.
	CustomEmailSender *CustomEmailLambdaVersionConfigType `type:"structure"`

	// A custom Message Lambda trigger.
	CustomMessage *string `min:"20" type:"string"`

	// A custom SMS sender Lambda trigger.
	CustomSMSSender *CustomSMSLambdaVersionConfigType `type:"structure"`

	// Defines the authentication challenge.
	DefineAuthChallenge *string `min:"20" type:"string"`

	// The Amazon Resource Name (ARN) of an KMS key (/kms/latest/developerguide/concepts.html#master_keys).
	// Amazon Cognito uses the key to encrypt codes and temporary passwords sent
	// to CustomEmailSender and CustomSMSSender.
	KMSKeyID *string `min:"20" type:"string"`

	// A post-authentication Lambda trigger.
	PostAuthentication *string `min:"20" type:"string"`

	// A post-confirmation Lambda trigger.
	PostConfirmation *string `min:"20" type:"string"`

	// A pre-authentication Lambda trigger.
	PreAuthentication *string `min:"20" type:"string"`

	// A pre-registration Lambda trigger.
	PreSignUp *string `min:"20" type:"string"`

	// The Amazon Resource Name (ARN) of the function that you want to assign to
	// your Lambda trigger.
	//
	// Set this parameter for legacy purposes. If you also set an ARN in PreTokenGenerationConfig,
	// its value must be identical to PreTokenGeneration. For new instances of pre
	// token generation triggers, set the LambdaArn of PreTokenGenerationConfig.
	//
	// You can set
	PreTokenGeneration *string `min:"20" type:"string"`

	// The detailed configuration of a pre token generation trigger. If you also
	// set an ARN in PreTokenGeneration, its value must be identical to PreTokenGenerationConfig.
	PreTokenGenerationConfig *PreTokenGenerationVersionConfigType `type:"structure"`

	// The user migration Lambda config type.
	UserMigration *string `min:"20" type:"string"`

	// Verifies the authentication challenge response.
	VerifyAuthChallengeResponse *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Specifies the configuration for Lambda triggers.

func (LambdaConfigType) GoString

func (s LambdaConfigType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*LambdaConfigType) SetCreateAuthChallenge added in v1.5.0

func (s *LambdaConfigType) SetCreateAuthChallenge(v string) *LambdaConfigType

SetCreateAuthChallenge sets the CreateAuthChallenge field's value.

func (*LambdaConfigType) SetCustomEmailSender added in v1.35.35

SetCustomEmailSender sets the CustomEmailSender field's value.

func (*LambdaConfigType) SetCustomMessage added in v1.5.0

func (s *LambdaConfigType) SetCustomMessage(v string) *LambdaConfigType

SetCustomMessage sets the CustomMessage field's value.

func (*LambdaConfigType) SetCustomSMSSender added in v1.35.35

SetCustomSMSSender sets the CustomSMSSender field's value.

func (*LambdaConfigType) SetDefineAuthChallenge added in v1.5.0

func (s *LambdaConfigType) SetDefineAuthChallenge(v string) *LambdaConfigType

SetDefineAuthChallenge sets the DefineAuthChallenge field's value.

func (*LambdaConfigType) SetKMSKeyID added in v1.35.35

func (s *LambdaConfigType) SetKMSKeyID(v string) *LambdaConfigType

SetKMSKeyID sets the KMSKeyID field's value.

func (*LambdaConfigType) SetPostAuthentication added in v1.5.0

func (s *LambdaConfigType) SetPostAuthentication(v string) *LambdaConfigType

SetPostAuthentication sets the PostAuthentication field's value.

func (*LambdaConfigType) SetPostConfirmation added in v1.5.0

func (s *LambdaConfigType) SetPostConfirmation(v string) *LambdaConfigType

SetPostConfirmation sets the PostConfirmation field's value.

func (*LambdaConfigType) SetPreAuthentication added in v1.5.0

func (s *LambdaConfigType) SetPreAuthentication(v string) *LambdaConfigType

SetPreAuthentication sets the PreAuthentication field's value.

func (*LambdaConfigType) SetPreSignUp added in v1.5.0

func (s *LambdaConfigType) SetPreSignUp(v string) *LambdaConfigType

SetPreSignUp sets the PreSignUp field's value.

func (*LambdaConfigType) SetPreTokenGeneration added in v1.12.35

func (s *LambdaConfigType) SetPreTokenGeneration(v string) *LambdaConfigType

SetPreTokenGeneration sets the PreTokenGeneration field's value.

func (*LambdaConfigType) SetPreTokenGenerationConfig added in v1.49.5

func (s *LambdaConfigType) SetPreTokenGenerationConfig(v *PreTokenGenerationVersionConfigType) *LambdaConfigType

SetPreTokenGenerationConfig sets the PreTokenGenerationConfig field's value.

func (*LambdaConfigType) SetUserMigration added in v1.12.75

func (s *LambdaConfigType) SetUserMigration(v string) *LambdaConfigType

SetUserMigration sets the UserMigration field's value.

func (*LambdaConfigType) SetVerifyAuthChallengeResponse added in v1.5.0

func (s *LambdaConfigType) SetVerifyAuthChallengeResponse(v string) *LambdaConfigType

SetVerifyAuthChallengeResponse sets the VerifyAuthChallengeResponse field's value.

func (LambdaConfigType) String

func (s LambdaConfigType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*LambdaConfigType) Validate added in v1.1.21

func (s *LambdaConfigType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type LimitExceededException added in v1.28.0

type LimitExceededException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws a limit exceeded exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

func (*LimitExceededException) Code added in v1.28.0

func (s *LimitExceededException) Code() string

Code returns the exception type name.

func (*LimitExceededException) Error added in v1.28.0

func (s *LimitExceededException) Error() string

func (LimitExceededException) GoString added in v1.28.0

func (s LimitExceededException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*LimitExceededException) Message added in v1.28.0

func (s *LimitExceededException) Message() string

Message returns the exception's message.

func (*LimitExceededException) OrigErr added in v1.28.0

func (s *LimitExceededException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*LimitExceededException) RequestID added in v1.28.0

func (s *LimitExceededException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*LimitExceededException) StatusCode added in v1.28.0

func (s *LimitExceededException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (LimitExceededException) String added in v1.28.0

func (s LimitExceededException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListDevicesInput added in v1.2.10

type ListDevicesInput struct {

	// A valid access token that Amazon Cognito issued to the user whose list of
	// devices you want to view.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ListDevicesInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The limit of the device request.
	Limit *int64 `type:"integer"`

	// This API operation returns a limited number of results. The pagination token
	// is an identifier that you can present in an additional API request with the
	// same parameters. When you include the pagination token, Amazon Cognito returns
	// the next set of items after the current list. Subsequent requests return
	// a new pagination token. By use of this token, you can paginate through the
	// full list of items.
	PaginationToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Represents the request to list the devices.

func (ListDevicesInput) GoString added in v1.2.10

func (s ListDevicesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListDevicesInput) SetAccessToken added in v1.5.0

func (s *ListDevicesInput) SetAccessToken(v string) *ListDevicesInput

SetAccessToken sets the AccessToken field's value.

func (*ListDevicesInput) SetLimit added in v1.5.0

func (s *ListDevicesInput) SetLimit(v int64) *ListDevicesInput

SetLimit sets the Limit field's value.

func (*ListDevicesInput) SetPaginationToken added in v1.5.0

func (s *ListDevicesInput) SetPaginationToken(v string) *ListDevicesInput

SetPaginationToken sets the PaginationToken field's value.

func (ListDevicesInput) String added in v1.2.10

func (s ListDevicesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListDevicesInput) Validate added in v1.2.10

func (s *ListDevicesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListDevicesOutput added in v1.2.10

type ListDevicesOutput struct {

	// The devices returned in the list devices response.
	Devices []*DeviceType `type:"list"`

	// The identifier that Amazon Cognito returned with the previous request to
	// this operation. When you include a pagination token in your request, Amazon
	// Cognito returns the next set of items in the list. By use of this token,
	// you can paginate through the full list of items.
	PaginationToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Represents the response to list devices.

func (ListDevicesOutput) GoString added in v1.2.10

func (s ListDevicesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListDevicesOutput) SetDevices added in v1.5.0

func (s *ListDevicesOutput) SetDevices(v []*DeviceType) *ListDevicesOutput

SetDevices sets the Devices field's value.

func (*ListDevicesOutput) SetPaginationToken added in v1.5.0

func (s *ListDevicesOutput) SetPaginationToken(v string) *ListDevicesOutput

SetPaginationToken sets the PaginationToken field's value.

func (ListDevicesOutput) String added in v1.2.10

func (s ListDevicesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListGroupsInput added in v1.6.4

type ListGroupsInput struct {

	// The limit of the request to list groups.
	Limit *int64 `type:"integer"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListGroupsInput) GoString added in v1.6.4

func (s ListGroupsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupsInput) SetLimit added in v1.6.4

func (s *ListGroupsInput) SetLimit(v int64) *ListGroupsInput

SetLimit sets the Limit field's value.

func (*ListGroupsInput) SetNextToken added in v1.6.4

func (s *ListGroupsInput) SetNextToken(v string) *ListGroupsInput

SetNextToken sets the NextToken field's value.

func (*ListGroupsInput) SetUserPoolId added in v1.6.4

func (s *ListGroupsInput) SetUserPoolId(v string) *ListGroupsInput

SetUserPoolId sets the UserPoolId field's value.

func (ListGroupsInput) String added in v1.6.4

func (s ListGroupsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupsInput) Validate added in v1.6.4

func (s *ListGroupsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupsOutput added in v1.6.4

type ListGroupsOutput struct {

	// The group objects for the groups.
	Groups []*GroupType `type:"list"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListGroupsOutput) GoString added in v1.6.4

func (s ListGroupsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupsOutput) SetGroups added in v1.6.4

func (s *ListGroupsOutput) SetGroups(v []*GroupType) *ListGroupsOutput

SetGroups sets the Groups field's value.

func (*ListGroupsOutput) SetNextToken added in v1.6.4

func (s *ListGroupsOutput) SetNextToken(v string) *ListGroupsOutput

SetNextToken sets the NextToken field's value.

func (ListGroupsOutput) String added in v1.6.4

func (s ListGroupsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListIdentityProvidersInput added in v1.8.33

type ListIdentityProvidersInput struct {

	// The maximum number of IdPs to return.
	MaxResults *int64 `type:"integer"`

	// A pagination token.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListIdentityProvidersInput) GoString added in v1.8.33

func (s ListIdentityProvidersInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListIdentityProvidersInput) SetMaxResults added in v1.8.33

SetMaxResults sets the MaxResults field's value.

func (*ListIdentityProvidersInput) SetNextToken added in v1.8.33

SetNextToken sets the NextToken field's value.

func (*ListIdentityProvidersInput) SetUserPoolId added in v1.8.33

SetUserPoolId sets the UserPoolId field's value.

func (ListIdentityProvidersInput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListIdentityProvidersInput) Validate added in v1.8.33

func (s *ListIdentityProvidersInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListIdentityProvidersOutput added in v1.8.33

type ListIdentityProvidersOutput struct {

	// A pagination token.
	NextToken *string `min:"1" type:"string"`

	// A list of IdP objects.
	//
	// Providers is a required field
	Providers []*ProviderDescription `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListIdentityProvidersOutput) GoString added in v1.8.33

func (s ListIdentityProvidersOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListIdentityProvidersOutput) SetNextToken added in v1.8.33

SetNextToken sets the NextToken field's value.

func (*ListIdentityProvidersOutput) SetProviders added in v1.8.33

SetProviders sets the Providers field's value.

func (ListIdentityProvidersOutput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListResourceServersInput added in v1.10.24

type ListResourceServersInput struct {

	// The maximum number of resource servers to return.
	MaxResults *int64 `min:"1" type:"integer"`

	// A pagination token.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListResourceServersInput) GoString added in v1.10.24

func (s ListResourceServersInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListResourceServersInput) SetMaxResults added in v1.10.24

SetMaxResults sets the MaxResults field's value.

func (*ListResourceServersInput) SetNextToken added in v1.10.24

SetNextToken sets the NextToken field's value.

func (*ListResourceServersInput) SetUserPoolId added in v1.10.24

SetUserPoolId sets the UserPoolId field's value.

func (ListResourceServersInput) String added in v1.10.24

func (s ListResourceServersInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListResourceServersInput) Validate added in v1.10.24

func (s *ListResourceServersInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListResourceServersOutput added in v1.10.24

type ListResourceServersOutput struct {

	// A pagination token.
	NextToken *string `min:"1" type:"string"`

	// The resource servers.
	//
	// ResourceServers is a required field
	ResourceServers []*ResourceServerType `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListResourceServersOutput) GoString added in v1.10.24

func (s ListResourceServersOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListResourceServersOutput) SetNextToken added in v1.10.24

SetNextToken sets the NextToken field's value.

func (*ListResourceServersOutput) SetResourceServers added in v1.10.24

SetResourceServers sets the ResourceServers field's value.

func (ListResourceServersOutput) String added in v1.10.24

func (s ListResourceServersOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListTagsForResourceInput added in v1.19.0

type ListTagsForResourceInput struct {

	// The Amazon Resource Name (ARN) of the user pool that the tags are assigned
	// to.
	//
	// ResourceArn is a required field
	ResourceArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListTagsForResourceInput) GoString added in v1.19.0

func (s ListTagsForResourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListTagsForResourceInput) SetResourceArn added in v1.19.0

SetResourceArn sets the ResourceArn field's value.

func (ListTagsForResourceInput) String added in v1.19.0

func (s ListTagsForResourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListTagsForResourceInput) Validate added in v1.19.0

func (s *ListTagsForResourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListTagsForResourceOutput added in v1.19.0

type ListTagsForResourceOutput struct {

	// The tags that are assigned to the user pool.
	Tags map[string]*string `type:"map"`
	// contains filtered or unexported fields
}

func (ListTagsForResourceOutput) GoString added in v1.19.0

func (s ListTagsForResourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListTagsForResourceOutput) SetTags added in v1.19.0

SetTags sets the Tags field's value.

func (ListTagsForResourceOutput) String added in v1.19.0

func (s ListTagsForResourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListUserImportJobsInput added in v1.4.6

type ListUserImportJobsInput struct {

	// The maximum number of import jobs you want the request to return.
	//
	// MaxResults is a required field
	MaxResults *int64 `min:"1" type:"integer" required:"true"`

	// This API operation returns a limited number of results. The pagination token
	// is an identifier that you can present in an additional API request with the
	// same parameters. When you include the pagination token, Amazon Cognito returns
	// the next set of items after the current list. Subsequent requests return
	// a new pagination token. By use of this token, you can paginate through the
	// full list of items.
	PaginationToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool that the users are being imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to list the user import jobs.

func (ListUserImportJobsInput) GoString added in v1.4.6

func (s ListUserImportJobsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserImportJobsInput) SetMaxResults added in v1.5.0

SetMaxResults sets the MaxResults field's value.

func (*ListUserImportJobsInput) SetPaginationToken added in v1.5.0

func (s *ListUserImportJobsInput) SetPaginationToken(v string) *ListUserImportJobsInput

SetPaginationToken sets the PaginationToken field's value.

func (*ListUserImportJobsInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (ListUserImportJobsInput) String added in v1.4.6

func (s ListUserImportJobsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserImportJobsInput) Validate added in v1.4.6

func (s *ListUserImportJobsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUserImportJobsOutput added in v1.4.6

type ListUserImportJobsOutput struct {

	// The identifier that Amazon Cognito returned with the previous request to
	// this operation. When you include a pagination token in your request, Amazon
	// Cognito returns the next set of items in the list. By use of this token,
	// you can paginate through the full list of items.
	PaginationToken *string `min:"1" type:"string"`

	// The user import jobs.
	UserImportJobs []*UserImportJobType `min:"1" type:"list"`
	// contains filtered or unexported fields
}

Represents the response from the server to the request to list the user import jobs.

func (ListUserImportJobsOutput) GoString added in v1.4.6

func (s ListUserImportJobsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserImportJobsOutput) SetPaginationToken added in v1.5.0

func (s *ListUserImportJobsOutput) SetPaginationToken(v string) *ListUserImportJobsOutput

SetPaginationToken sets the PaginationToken field's value.

func (*ListUserImportJobsOutput) SetUserImportJobs added in v1.5.0

SetUserImportJobs sets the UserImportJobs field's value.

func (ListUserImportJobsOutput) String added in v1.4.6

func (s ListUserImportJobsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListUserPoolClientsInput

type ListUserPoolClientsInput struct {

	// The maximum number of results you want the request to return when listing
	// the user pool clients.
	MaxResults *int64 `min:"1" type:"integer"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool where you want to list user pool clients.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to list the user pool clients.

func (ListUserPoolClientsInput) GoString

func (s ListUserPoolClientsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserPoolClientsInput) SetMaxResults added in v1.5.0

SetMaxResults sets the MaxResults field's value.

func (*ListUserPoolClientsInput) SetNextToken added in v1.5.0

SetNextToken sets the NextToken field's value.

func (*ListUserPoolClientsInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (ListUserPoolClientsInput) String

func (s ListUserPoolClientsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserPoolClientsInput) Validate added in v1.1.21

func (s *ListUserPoolClientsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUserPoolClientsOutput

type ListUserPoolClientsOutput struct {

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pool clients in the response that lists user pool clients.
	UserPoolClients []*UserPoolClientDescription `type:"list"`
	// contains filtered or unexported fields
}

Represents the response from the server that lists user pool clients.

func (ListUserPoolClientsOutput) GoString

func (s ListUserPoolClientsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserPoolClientsOutput) SetNextToken added in v1.5.0

SetNextToken sets the NextToken field's value.

func (*ListUserPoolClientsOutput) SetUserPoolClients added in v1.5.0

SetUserPoolClients sets the UserPoolClients field's value.

func (ListUserPoolClientsOutput) String

func (s ListUserPoolClientsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListUserPoolsInput

type ListUserPoolsInput struct {

	// The maximum number of results you want the request to return when listing
	// the user pools.
	//
	// MaxResults is a required field
	MaxResults *int64 `min:"1" type:"integer" required:"true"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Represents the request to list user pools.

func (ListUserPoolsInput) GoString

func (s ListUserPoolsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserPoolsInput) SetMaxResults added in v1.5.0

func (s *ListUserPoolsInput) SetMaxResults(v int64) *ListUserPoolsInput

SetMaxResults sets the MaxResults field's value.

func (*ListUserPoolsInput) SetNextToken added in v1.5.0

func (s *ListUserPoolsInput) SetNextToken(v string) *ListUserPoolsInput

SetNextToken sets the NextToken field's value.

func (ListUserPoolsInput) String

func (s ListUserPoolsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserPoolsInput) Validate added in v1.1.21

func (s *ListUserPoolsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUserPoolsOutput

type ListUserPoolsOutput struct {

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pools from the response to list users.
	UserPools []*UserPoolDescriptionType `type:"list"`
	// contains filtered or unexported fields
}

Represents the response to list user pools.

func (ListUserPoolsOutput) GoString

func (s ListUserPoolsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserPoolsOutput) SetNextToken added in v1.5.0

func (s *ListUserPoolsOutput) SetNextToken(v string) *ListUserPoolsOutput

SetNextToken sets the NextToken field's value.

func (*ListUserPoolsOutput) SetUserPools added in v1.5.0

SetUserPools sets the UserPools field's value.

func (ListUserPoolsOutput) String

func (s ListUserPoolsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListUsersInGroupInput added in v1.6.4

type ListUsersInGroupInput struct {

	// The name of the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The maximum number of users that you want to retrieve before pagination.
	Limit *int64 `type:"integer"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListUsersInGroupInput) GoString added in v1.6.4

func (s ListUsersInGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUsersInGroupInput) SetGroupName added in v1.6.4

SetGroupName sets the GroupName field's value.

func (*ListUsersInGroupInput) SetLimit added in v1.6.4

SetLimit sets the Limit field's value.

func (*ListUsersInGroupInput) SetNextToken added in v1.6.4

SetNextToken sets the NextToken field's value.

func (*ListUsersInGroupInput) SetUserPoolId added in v1.6.4

func (s *ListUsersInGroupInput) SetUserPoolId(v string) *ListUsersInGroupInput

SetUserPoolId sets the UserPoolId field's value.

func (ListUsersInGroupInput) String added in v1.6.4

func (s ListUsersInGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUsersInGroupInput) Validate added in v1.6.4

func (s *ListUsersInGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUsersInGroupOutput added in v1.6.4

type ListUsersInGroupOutput struct {

	// An identifier that you can use in a later request to return the next set
	// of items in the list.
	NextToken *string `min:"1" type:"string"`

	// A list of users in the group, and their attributes.
	Users []*UserType `type:"list"`
	// contains filtered or unexported fields
}

func (ListUsersInGroupOutput) GoString added in v1.6.4

func (s ListUsersInGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUsersInGroupOutput) SetNextToken added in v1.6.4

SetNextToken sets the NextToken field's value.

func (*ListUsersInGroupOutput) SetUsers added in v1.6.4

SetUsers sets the Users field's value.

func (ListUsersInGroupOutput) String added in v1.6.4

func (s ListUsersInGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListUsersInput

type ListUsersInput struct {

	// A JSON array of user attribute names, for example given_name, that you want
	// Amazon Cognito to include in the response for each user. When you don't provide
	// an AttributesToGet parameter, Amazon Cognito returns all attributes for each
	// user.
	//
	// Use AttributesToGet with required attributes in your user pool, or in conjunction
	// with Filter. Amazon Cognito returns an error if not all users in the results
	// have set a value for the attribute you request. Attributes that you can't
	// filter on, including custom attributes, must have a value set in every user
	// profile before an AttributesToGet parameter returns results.
	AttributesToGet []*string `type:"list"`

	// A filter string of the form "AttributeName Filter-Type "AttributeValue"".
	// Quotation marks within the filter string must be escaped using the backslash
	// (\) character. For example, "family_name = \"Reddy\"".
	//
	//    * AttributeName: The name of the attribute to search for. You can only
	//    search for one attribute at a time.
	//
	//    * Filter-Type: For an exact match, use =, for example, "given_name = \"Jon\"".
	//    For a prefix ("starts with") match, use ^=, for example, "given_name ^=
	//    \"Jon\"".
	//
	//    * AttributeValue: The attribute value that must be matched for each user.
	//
	// If the filter string is empty, ListUsers returns all users in the user pool.
	//
	// You can only search for the following standard attributes:
	//
	//    * username (case-sensitive)
	//
	//    * email
	//
	//    * phone_number
	//
	//    * name
	//
	//    * given_name
	//
	//    * family_name
	//
	//    * preferred_username
	//
	//    * cognito:user_status (called Status in the Console) (case-insensitive)
	//
	//    * status (called Enabled in the Console) (case-sensitive)
	//
	//    * sub
	//
	// Custom attributes aren't searchable.
	//
	// You can also list users with a client-side filter. The server-side filter
	// matches no more than one attribute. For an advanced search, use a client-side
	// filter with the --query parameter of the list-users action in the CLI. When
	// you use a client-side filter, ListUsers returns a paginated list of zero
	// or more users. You can receive multiple pages in a row with zero results.
	// Repeat the query with each pagination token that is returned until you receive
	// a null pagination token value, and then review the combined result.
	//
	// For more information about server-side and client-side filtering, see FilteringCLI
	// output (https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html)
	// in the Command Line Interface User Guide (https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html).
	//
	// For more information, see Searching for Users Using the ListUsers API (https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-manage-user-accounts.html#cognito-user-pools-searching-for-users-using-listusers-api)
	// and Examples of Using the ListUsers API (https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-manage-user-accounts.html#cognito-user-pools-searching-for-users-listusers-api-examples)
	// in the Amazon Cognito Developer Guide.
	Filter *string `type:"string"`

	// Maximum number of users to be returned.
	Limit *int64 `type:"integer"`

	// This API operation returns a limited number of results. The pagination token
	// is an identifier that you can present in an additional API request with the
	// same parameters. When you include the pagination token, Amazon Cognito returns
	// the next set of items after the current list. Subsequent requests return
	// a new pagination token. By use of this token, you can paginate through the
	// full list of items.
	PaginationToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool on which the search should be performed.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to list users.

func (ListUsersInput) GoString

func (s ListUsersInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUsersInput) SetAttributesToGet added in v1.5.0

func (s *ListUsersInput) SetAttributesToGet(v []*string) *ListUsersInput

SetAttributesToGet sets the AttributesToGet field's value.

func (*ListUsersInput) SetFilter added in v1.5.0

func (s *ListUsersInput) SetFilter(v string) *ListUsersInput

SetFilter sets the Filter field's value.

func (*ListUsersInput) SetLimit added in v1.5.0

func (s *ListUsersInput) SetLimit(v int64) *ListUsersInput

SetLimit sets the Limit field's value.

func (*ListUsersInput) SetPaginationToken added in v1.5.0

func (s *ListUsersInput) SetPaginationToken(v string) *ListUsersInput

SetPaginationToken sets the PaginationToken field's value.

func (*ListUsersInput) SetUserPoolId added in v1.5.0

func (s *ListUsersInput) SetUserPoolId(v string) *ListUsersInput

SetUserPoolId sets the UserPoolId field's value.

func (ListUsersInput) String

func (s ListUsersInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUsersInput) Validate added in v1.1.21

func (s *ListUsersInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUsersOutput

type ListUsersOutput struct {

	// The identifier that Amazon Cognito returned with the previous request to
	// this operation. When you include a pagination token in your request, Amazon
	// Cognito returns the next set of items in the list. By use of this token,
	// you can paginate through the full list of items.
	PaginationToken *string `min:"1" type:"string"`

	// A list of the user pool users, and their attributes, that match your query.
	//
	// Amazon Cognito creates a profile in your user pool for each native user in
	// your user pool, and each unique user ID from your third-party identity providers
	// (IdPs). When you link users with the AdminLinkProviderForUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminLinkProviderForUser.html)
	// API operation, the output of ListUsers displays both the IdP user and the
	// native user that you linked. You can identify IdP users in the Users object
	// of this API response by the IdP prefix that Amazon Cognito appends to Username.
	Users []*UserType `type:"list"`
	// contains filtered or unexported fields
}

The response from the request to list users.

func (ListUsersOutput) GoString

func (s ListUsersOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUsersOutput) SetPaginationToken added in v1.5.0

func (s *ListUsersOutput) SetPaginationToken(v string) *ListUsersOutput

SetPaginationToken sets the PaginationToken field's value.

func (*ListUsersOutput) SetUsers added in v1.5.0

func (s *ListUsersOutput) SetUsers(v []*UserType) *ListUsersOutput

SetUsers sets the Users field's value.

func (ListUsersOutput) String

func (s ListUsersOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type LogConfigurationType added in v1.44.315

type LogConfigurationType struct {

	// The CloudWatch logging destination of a user pool.
	CloudWatchLogsConfiguration *CloudWatchLogsConfigurationType `type:"structure"`

	// The source of events that your user pool sends for detailed activity logging.
	//
	// EventSource is a required field
	EventSource *string `type:"string" required:"true" enum:"EventSourceName"`

	// The errorlevel selection of logs that a user pool sends for detailed activity
	// logging.
	//
	// LogLevel is a required field
	LogLevel *string `type:"string" required:"true" enum:"LogLevel"`
	// contains filtered or unexported fields
}

The logging parameters of a user pool.

func (LogConfigurationType) GoString added in v1.44.315

func (s LogConfigurationType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*LogConfigurationType) SetCloudWatchLogsConfiguration added in v1.44.315

func (s *LogConfigurationType) SetCloudWatchLogsConfiguration(v *CloudWatchLogsConfigurationType) *LogConfigurationType

SetCloudWatchLogsConfiguration sets the CloudWatchLogsConfiguration field's value.

func (*LogConfigurationType) SetEventSource added in v1.44.315

func (s *LogConfigurationType) SetEventSource(v string) *LogConfigurationType

SetEventSource sets the EventSource field's value.

func (*LogConfigurationType) SetLogLevel added in v1.44.315

SetLogLevel sets the LogLevel field's value.

func (LogConfigurationType) String added in v1.44.315

func (s LogConfigurationType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*LogConfigurationType) Validate added in v1.44.315

func (s *LogConfigurationType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type LogDeliveryConfigurationType added in v1.44.315

type LogDeliveryConfigurationType struct {

	// The detailed activity logging destination of a user pool.
	//
	// LogConfigurations is a required field
	LogConfigurations []*LogConfigurationType `type:"list" required:"true"`

	// The ID of the user pool where you configured detailed activity logging.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

The logging parameters of a user pool.

func (LogDeliveryConfigurationType) GoString added in v1.44.315

func (s LogDeliveryConfigurationType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*LogDeliveryConfigurationType) SetLogConfigurations added in v1.44.315

SetLogConfigurations sets the LogConfigurations field's value.

func (*LogDeliveryConfigurationType) SetUserPoolId added in v1.44.315

SetUserPoolId sets the UserPoolId field's value.

func (LogDeliveryConfigurationType) String added in v1.44.315

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type MFAMethodNotFoundException added in v1.28.0

type MFAMethodNotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws an MFA method not found exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.

func (*MFAMethodNotFoundException) Code added in v1.28.0

Code returns the exception type name.

func (*MFAMethodNotFoundException) Error added in v1.28.0

func (MFAMethodNotFoundException) GoString added in v1.28.0

func (s MFAMethodNotFoundException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*MFAMethodNotFoundException) Message added in v1.28.0

func (s *MFAMethodNotFoundException) Message() string

Message returns the exception's message.

func (*MFAMethodNotFoundException) OrigErr added in v1.28.0

func (s *MFAMethodNotFoundException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*MFAMethodNotFoundException) RequestID added in v1.28.0

func (s *MFAMethodNotFoundException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*MFAMethodNotFoundException) StatusCode added in v1.28.0

func (s *MFAMethodNotFoundException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (MFAMethodNotFoundException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type MFAOptionType

type MFAOptionType struct {

	// The attribute name of the MFA option type. The only valid value is phone_number.
	AttributeName *string `min:"1" type:"string"`

	// The delivery medium to send the MFA code. You can use this parameter to set
	// only the SMS delivery medium value.
	DeliveryMedium *string `type:"string" enum:"DeliveryMediumType"`
	// contains filtered or unexported fields
}

This data type is no longer supported. Applies only to SMS multi-factor authentication (MFA) configurations. Does not apply to time-based one-time password (TOTP) software token MFA configurations.

func (MFAOptionType) GoString

func (s MFAOptionType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*MFAOptionType) SetAttributeName added in v1.5.0

func (s *MFAOptionType) SetAttributeName(v string) *MFAOptionType

SetAttributeName sets the AttributeName field's value.

func (*MFAOptionType) SetDeliveryMedium added in v1.5.0

func (s *MFAOptionType) SetDeliveryMedium(v string) *MFAOptionType

SetDeliveryMedium sets the DeliveryMedium field's value.

func (MFAOptionType) String

func (s MFAOptionType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*MFAOptionType) Validate added in v1.1.21

func (s *MFAOptionType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type MessageTemplateType added in v1.4.15

type MessageTemplateType struct {

	// The message template for email messages. EmailMessage is allowed only if
	// EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER.
	EmailMessage *string `min:"6" type:"string"`

	// The subject line for email messages. EmailSubject is allowed only if EmailSendingAccount
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER.
	EmailSubject *string `min:"1" type:"string"`

	// The message template for SMS messages.
	SMSMessage *string `min:"6" type:"string"`
	// contains filtered or unexported fields
}

The message template structure.

func (MessageTemplateType) GoString added in v1.4.15

func (s MessageTemplateType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*MessageTemplateType) SetEmailMessage added in v1.5.0

func (s *MessageTemplateType) SetEmailMessage(v string) *MessageTemplateType

SetEmailMessage sets the EmailMessage field's value.

func (*MessageTemplateType) SetEmailSubject added in v1.5.0

func (s *MessageTemplateType) SetEmailSubject(v string) *MessageTemplateType

SetEmailSubject sets the EmailSubject field's value.

func (*MessageTemplateType) SetSMSMessage added in v1.5.0

func (s *MessageTemplateType) SetSMSMessage(v string) *MessageTemplateType

SetSMSMessage sets the SMSMessage field's value.

func (MessageTemplateType) String added in v1.4.15

func (s MessageTemplateType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*MessageTemplateType) Validate added in v1.4.15

func (s *MessageTemplateType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type NewDeviceMetadataType added in v1.2.10

type NewDeviceMetadataType struct {

	// The device group key.
	DeviceGroupKey *string `type:"string"`

	// The device key.
	DeviceKey *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

The new device metadata type.

func (NewDeviceMetadataType) GoString added in v1.2.10

func (s NewDeviceMetadataType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*NewDeviceMetadataType) SetDeviceGroupKey added in v1.5.0

func (s *NewDeviceMetadataType) SetDeviceGroupKey(v string) *NewDeviceMetadataType

SetDeviceGroupKey sets the DeviceGroupKey field's value.

func (*NewDeviceMetadataType) SetDeviceKey added in v1.5.0

SetDeviceKey sets the DeviceKey field's value.

func (NewDeviceMetadataType) String added in v1.2.10

func (s NewDeviceMetadataType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type NotAuthorizedException added in v1.28.0

type NotAuthorizedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the Amazon Cognito service returns a not authorized
	// exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when a user isn't authorized.

func (*NotAuthorizedException) Code added in v1.28.0

func (s *NotAuthorizedException) Code() string

Code returns the exception type name.

func (*NotAuthorizedException) Error added in v1.28.0

func (s *NotAuthorizedException) Error() string

func (NotAuthorizedException) GoString added in v1.28.0

func (s NotAuthorizedException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*NotAuthorizedException) Message added in v1.28.0

func (s *NotAuthorizedException) Message() string

Message returns the exception's message.

func (*NotAuthorizedException) OrigErr added in v1.28.0

func (s *NotAuthorizedException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*NotAuthorizedException) RequestID added in v1.28.0

func (s *NotAuthorizedException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*NotAuthorizedException) StatusCode added in v1.28.0

func (s *NotAuthorizedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (NotAuthorizedException) String added in v1.28.0

func (s NotAuthorizedException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type NotifyConfigurationType added in v1.12.35

type NotifyConfigurationType struct {

	// Email template used when a detected risk event is blocked.
	BlockEmail *NotifyEmailType `type:"structure"`

	// The email address that is sending the email. The address must be either individually
	// verified with Amazon Simple Email Service, or from a domain that has been
	// verified with Amazon SES.
	From *string `type:"string"`

	// The multi-factor authentication (MFA) email template used when MFA is challenged
	// as part of a detected risk.
	MfaEmail *NotifyEmailType `type:"structure"`

	// The email template used when a detected risk event is allowed.
	NoActionEmail *NotifyEmailType `type:"structure"`

	// The destination to which the receiver of an email should reply to.
	ReplyTo *string `type:"string"`

	// The Amazon Resource Name (ARN) of the identity that is associated with the
	// sending authorization policy. This identity permits Amazon Cognito to send
	// for the email address specified in the From parameter.
	//
	// SourceArn is a required field
	SourceArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

The notify configuration type.

func (NotifyConfigurationType) GoString added in v1.12.35

func (s NotifyConfigurationType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*NotifyConfigurationType) SetBlockEmail added in v1.12.35

SetBlockEmail sets the BlockEmail field's value.

func (*NotifyConfigurationType) SetFrom added in v1.12.35

SetFrom sets the From field's value.

func (*NotifyConfigurationType) SetMfaEmail added in v1.12.35

SetMfaEmail sets the MfaEmail field's value.

func (*NotifyConfigurationType) SetNoActionEmail added in v1.12.35

SetNoActionEmail sets the NoActionEmail field's value.

func (*NotifyConfigurationType) SetReplyTo added in v1.12.35

SetReplyTo sets the ReplyTo field's value.

func (*NotifyConfigurationType) SetSourceArn added in v1.12.35

SetSourceArn sets the SourceArn field's value.

func (NotifyConfigurationType) String added in v1.12.35

func (s NotifyConfigurationType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*NotifyConfigurationType) Validate added in v1.12.35

func (s *NotifyConfigurationType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type NotifyEmailType added in v1.12.35

type NotifyEmailType struct {

	// The email HTML body.
	HtmlBody *string `min:"6" type:"string"`

	// The email subject.
	//
	// Subject is a required field
	Subject *string `min:"1" type:"string" required:"true"`

	// The email text body.
	TextBody *string `min:"6" type:"string"`
	// contains filtered or unexported fields
}

The notify email type.

func (NotifyEmailType) GoString added in v1.12.35

func (s NotifyEmailType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*NotifyEmailType) SetHtmlBody added in v1.12.35

func (s *NotifyEmailType) SetHtmlBody(v string) *NotifyEmailType

SetHtmlBody sets the HtmlBody field's value.

func (*NotifyEmailType) SetSubject added in v1.12.35

func (s *NotifyEmailType) SetSubject(v string) *NotifyEmailType

SetSubject sets the Subject field's value.

func (*NotifyEmailType) SetTextBody added in v1.12.35

func (s *NotifyEmailType) SetTextBody(v string) *NotifyEmailType

SetTextBody sets the TextBody field's value.

func (NotifyEmailType) String added in v1.12.35

func (s NotifyEmailType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*NotifyEmailType) Validate added in v1.12.35

func (s *NotifyEmailType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type NumberAttributeConstraintsType

type NumberAttributeConstraintsType struct {

	// The maximum length of a number attribute value. Must be a number less than
	// or equal to 2^1023, represented as a string with a length of 131072 characters
	// or fewer.
	MaxValue *string `type:"string"`

	// The minimum value of an attribute that is of the number data type.
	MinValue *string `type:"string"`
	// contains filtered or unexported fields
}

The minimum and maximum values of an attribute that is of the number data type.

func (NumberAttributeConstraintsType) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*NumberAttributeConstraintsType) SetMaxValue added in v1.5.0

SetMaxValue sets the MaxValue field's value.

func (*NumberAttributeConstraintsType) SetMinValue added in v1.5.0

SetMinValue sets the MinValue field's value.

func (NumberAttributeConstraintsType) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PasswordPolicyType

type PasswordPolicyType struct {

	// The minimum length of the password in the policy that you have set. This
	// value can't be less than 6.
	MinimumLength *int64 `min:"6" type:"integer"`

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one lowercase letter in their password.
	RequireLowercase *bool `type:"boolean"`

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one number in their password.
	RequireNumbers *bool `type:"boolean"`

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one symbol in their password.
	RequireSymbols *bool `type:"boolean"`

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one uppercase letter in their password.
	RequireUppercase *bool `type:"boolean"`

	// The number of days a temporary password is valid in the password policy.
	// If the user doesn't sign in during this time, an administrator must reset
	// their password. Defaults to 7. If you submit a value of 0, Amazon Cognito
	// treats it as a null value and sets TemporaryPasswordValidityDays to its default
	// value.
	//
	// When you set TemporaryPasswordValidityDays for a user pool, you can no longer
	// set a value for the legacy UnusedAccountValidityDays parameter in that user
	// pool.
	TemporaryPasswordValidityDays *int64 `type:"integer"`
	// contains filtered or unexported fields
}

The password policy type.

func (PasswordPolicyType) GoString

func (s PasswordPolicyType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PasswordPolicyType) SetMinimumLength added in v1.5.0

func (s *PasswordPolicyType) SetMinimumLength(v int64) *PasswordPolicyType

SetMinimumLength sets the MinimumLength field's value.

func (*PasswordPolicyType) SetRequireLowercase added in v1.5.0

func (s *PasswordPolicyType) SetRequireLowercase(v bool) *PasswordPolicyType

SetRequireLowercase sets the RequireLowercase field's value.

func (*PasswordPolicyType) SetRequireNumbers added in v1.5.0

func (s *PasswordPolicyType) SetRequireNumbers(v bool) *PasswordPolicyType

SetRequireNumbers sets the RequireNumbers field's value.

func (*PasswordPolicyType) SetRequireSymbols added in v1.5.0

func (s *PasswordPolicyType) SetRequireSymbols(v bool) *PasswordPolicyType

SetRequireSymbols sets the RequireSymbols field's value.

func (*PasswordPolicyType) SetRequireUppercase added in v1.5.0

func (s *PasswordPolicyType) SetRequireUppercase(v bool) *PasswordPolicyType

SetRequireUppercase sets the RequireUppercase field's value.

func (*PasswordPolicyType) SetTemporaryPasswordValidityDays added in v1.19.24

func (s *PasswordPolicyType) SetTemporaryPasswordValidityDays(v int64) *PasswordPolicyType

SetTemporaryPasswordValidityDays sets the TemporaryPasswordValidityDays field's value.

func (PasswordPolicyType) String

func (s PasswordPolicyType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PasswordPolicyType) Validate added in v1.1.21

func (s *PasswordPolicyType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PasswordResetRequiredException added in v1.28.0

type PasswordResetRequiredException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when a password reset is required.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when a password reset is required.

func (*PasswordResetRequiredException) Code added in v1.28.0

Code returns the exception type name.

func (*PasswordResetRequiredException) Error added in v1.28.0

func (PasswordResetRequiredException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PasswordResetRequiredException) Message added in v1.28.0

Message returns the exception's message.

func (*PasswordResetRequiredException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*PasswordResetRequiredException) RequestID added in v1.28.0

func (s *PasswordResetRequiredException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*PasswordResetRequiredException) StatusCode added in v1.28.0

func (s *PasswordResetRequiredException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (PasswordResetRequiredException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PreTokenGenerationVersionConfigType added in v1.49.5

type PreTokenGenerationVersionConfigType struct {

	// The Amazon Resource Name (ARN) of the function that you want to assign to
	// your Lambda trigger.
	//
	// This parameter and the PreTokenGeneration property of LambdaConfig have the
	// same value. For new instances of pre token generation triggers, set LambdaArn.
	//
	// LambdaArn is a required field
	LambdaArn *string `min:"20" type:"string" required:"true"`

	// The user pool trigger version of the request that Amazon Cognito sends to
	// your Lambda function. Higher-numbered versions add fields that support new
	// features.
	//
	// LambdaVersion is a required field
	LambdaVersion *string `type:"string" required:"true" enum:"PreTokenGenerationLambdaVersionType"`
	// contains filtered or unexported fields
}

The properties of a pre token generation Lambda trigger.

func (PreTokenGenerationVersionConfigType) GoString added in v1.49.5

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PreTokenGenerationVersionConfigType) SetLambdaArn added in v1.49.5

SetLambdaArn sets the LambdaArn field's value.

func (*PreTokenGenerationVersionConfigType) SetLambdaVersion added in v1.49.5

SetLambdaVersion sets the LambdaVersion field's value.

func (PreTokenGenerationVersionConfigType) String added in v1.49.5

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PreTokenGenerationVersionConfigType) Validate added in v1.49.5

Validate inspects the fields of the type to determine if they are valid.

type PreconditionNotMetException added in v1.28.0

type PreconditionNotMetException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when a precondition is not met.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when a precondition is not met.

func (*PreconditionNotMetException) Code added in v1.28.0

Code returns the exception type name.

func (*PreconditionNotMetException) Error added in v1.28.0

func (PreconditionNotMetException) GoString added in v1.28.0

func (s PreconditionNotMetException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PreconditionNotMetException) Message added in v1.28.0

func (s *PreconditionNotMetException) Message() string

Message returns the exception's message.

func (*PreconditionNotMetException) OrigErr added in v1.28.0

func (s *PreconditionNotMetException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*PreconditionNotMetException) RequestID added in v1.28.0

func (s *PreconditionNotMetException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*PreconditionNotMetException) StatusCode added in v1.28.0

func (s *PreconditionNotMetException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (PreconditionNotMetException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ProviderDescription added in v1.8.33

type ProviderDescription struct {

	// The date and time when the item was created. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	CreationDate *time.Time `type:"timestamp"`

	// The date the provider was last modified.
	LastModifiedDate *time.Time `type:"timestamp"`

	// The IdP name.
	ProviderName *string `min:"1" type:"string"`

	// The IdP type.
	ProviderType *string `type:"string" enum:"IdentityProviderTypeType"`
	// contains filtered or unexported fields
}

A container for IdP details.

func (ProviderDescription) GoString added in v1.8.33

func (s ProviderDescription) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ProviderDescription) SetCreationDate added in v1.8.33

func (s *ProviderDescription) SetCreationDate(v time.Time) *ProviderDescription

SetCreationDate sets the CreationDate field's value.

func (*ProviderDescription) SetLastModifiedDate added in v1.8.33

func (s *ProviderDescription) SetLastModifiedDate(v time.Time) *ProviderDescription

SetLastModifiedDate sets the LastModifiedDate field's value.

func (*ProviderDescription) SetProviderName added in v1.8.33

func (s *ProviderDescription) SetProviderName(v string) *ProviderDescription

SetProviderName sets the ProviderName field's value.

func (*ProviderDescription) SetProviderType added in v1.8.33

func (s *ProviderDescription) SetProviderType(v string) *ProviderDescription

SetProviderType sets the ProviderType field's value.

func (ProviderDescription) String added in v1.8.33

func (s ProviderDescription) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ProviderUserIdentifierType added in v1.10.24

type ProviderUserIdentifierType struct {

	// The name of the provider attribute to link to, such as NameID.
	ProviderAttributeName *string `type:"string"`

	// The value of the provider attribute to link to, such as xxxxx_account.
	ProviderAttributeValue *string `type:"string"`

	// The name of the provider, such as Facebook, Google, or Login with Amazon.
	ProviderName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

A container for information about an IdP for a user pool.

func (ProviderUserIdentifierType) GoString added in v1.10.24

func (s ProviderUserIdentifierType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ProviderUserIdentifierType) SetProviderAttributeName added in v1.10.24

func (s *ProviderUserIdentifierType) SetProviderAttributeName(v string) *ProviderUserIdentifierType

SetProviderAttributeName sets the ProviderAttributeName field's value.

func (*ProviderUserIdentifierType) SetProviderAttributeValue added in v1.10.24

func (s *ProviderUserIdentifierType) SetProviderAttributeValue(v string) *ProviderUserIdentifierType

SetProviderAttributeValue sets the ProviderAttributeValue field's value.

func (*ProviderUserIdentifierType) SetProviderName added in v1.10.24

SetProviderName sets the ProviderName field's value.

func (ProviderUserIdentifierType) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ProviderUserIdentifierType) Validate added in v1.10.24

func (s *ProviderUserIdentifierType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type RecoveryOptionType added in v1.25.43

type RecoveryOptionType struct {

	// The recovery method for a user.
	//
	// Name is a required field
	Name *string `type:"string" required:"true" enum:"RecoveryOptionNameType"`

	// A positive integer specifying priority of a method with 1 being the highest
	// priority.
	//
	// Priority is a required field
	Priority *int64 `min:"1" type:"integer" required:"true"`
	// contains filtered or unexported fields
}

A map containing a priority as a key, and recovery method name as a value.

func (RecoveryOptionType) GoString added in v1.25.43

func (s RecoveryOptionType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RecoveryOptionType) SetName added in v1.25.43

SetName sets the Name field's value.

func (*RecoveryOptionType) SetPriority added in v1.25.43

func (s *RecoveryOptionType) SetPriority(v int64) *RecoveryOptionType

SetPriority sets the Priority field's value.

func (RecoveryOptionType) String added in v1.25.43

func (s RecoveryOptionType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RecoveryOptionType) Validate added in v1.25.43

func (s *RecoveryOptionType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ResendConfirmationCodeInput

type ResendConfirmationCodeInput struct {

	// The Amazon Pinpoint analytics metadata that contributes to your metrics for
	// ResendConfirmationCode calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ResendConfirmationCodeInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the ResendConfirmationCode API action, Amazon Cognito invokes
	// the function that is assigned to the custom message trigger. When Amazon
	// Cognito invokes this function, it passes a JSON payload, which the function
	// receives as input. This payload contains a clientMetadata attribute, which
	// provides the data that you assigned to the ClientMetadata parameter in your
	// ResendConfirmationCode request. In your function code in Lambda, you can
	// process the clientMetadata value to enhance your workflow for your specific
	// needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// A keyed-hash message authentication code (HMAC) calculated using the secret
	// key of a user pool client and username plus the client ID in the message.
	//
	// SecretHash is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ResendConfirmationCodeInput's
	// String and GoString methods.
	SecretHash *string `min:"1" type:"string" sensitive:"true"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ResendConfirmationCodeInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ResendConfirmationCodeInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Represents the request to resend the confirmation code.

func (ResendConfirmationCodeInput) GoString

func (s ResendConfirmationCodeInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResendConfirmationCodeInput) SetAnalyticsMetadata added in v1.12.35

SetAnalyticsMetadata sets the AnalyticsMetadata field's value.

func (*ResendConfirmationCodeInput) SetClientId added in v1.5.0

SetClientId sets the ClientId field's value.

func (*ResendConfirmationCodeInput) SetClientMetadata added in v1.25.6

SetClientMetadata sets the ClientMetadata field's value.

func (*ResendConfirmationCodeInput) SetSecretHash added in v1.5.0

SetSecretHash sets the SecretHash field's value.

func (*ResendConfirmationCodeInput) SetUserContextData added in v1.12.35

SetUserContextData sets the UserContextData field's value.

func (*ResendConfirmationCodeInput) SetUsername added in v1.5.0

SetUsername sets the Username field's value.

func (ResendConfirmationCodeInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResendConfirmationCodeInput) Validate added in v1.1.21

func (s *ResendConfirmationCodeInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ResendConfirmationCodeOutput

type ResendConfirmationCodeOutput struct {

	// The code delivery details returned by the server in response to the request
	// to resend the confirmation code.
	CodeDeliveryDetails *CodeDeliveryDetailsType `type:"structure"`
	// contains filtered or unexported fields
}

The response from the server when Amazon Cognito makes the request to resend a confirmation code.

func (ResendConfirmationCodeOutput) GoString

func (s ResendConfirmationCodeOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResendConfirmationCodeOutput) SetCodeDeliveryDetails added in v1.5.0

SetCodeDeliveryDetails sets the CodeDeliveryDetails field's value.

func (ResendConfirmationCodeOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ResourceNotFoundException added in v1.28.0

type ResourceNotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the Amazon Cognito service returns a resource not
	// found exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the Amazon Cognito service can't find the requested resource.

func (*ResourceNotFoundException) Code added in v1.28.0

Code returns the exception type name.

func (*ResourceNotFoundException) Error added in v1.28.0

func (s *ResourceNotFoundException) Error() string

func (ResourceNotFoundException) GoString added in v1.28.0

func (s ResourceNotFoundException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceNotFoundException) Message added in v1.28.0

func (s *ResourceNotFoundException) Message() string

Message returns the exception's message.

func (*ResourceNotFoundException) OrigErr added in v1.28.0

func (s *ResourceNotFoundException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ResourceNotFoundException) RequestID added in v1.28.0

func (s *ResourceNotFoundException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ResourceNotFoundException) StatusCode added in v1.28.0

func (s *ResourceNotFoundException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ResourceNotFoundException) String added in v1.28.0

func (s ResourceNotFoundException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ResourceServerScopeType added in v1.10.24

type ResourceServerScopeType struct {

	// A description of the scope.
	//
	// ScopeDescription is a required field
	ScopeDescription *string `min:"1" type:"string" required:"true"`

	// The name of the scope.
	//
	// ScopeName is a required field
	ScopeName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

A resource server scope.

func (ResourceServerScopeType) GoString added in v1.10.24

func (s ResourceServerScopeType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceServerScopeType) SetScopeDescription added in v1.10.24

func (s *ResourceServerScopeType) SetScopeDescription(v string) *ResourceServerScopeType

SetScopeDescription sets the ScopeDescription field's value.

func (*ResourceServerScopeType) SetScopeName added in v1.10.24

SetScopeName sets the ScopeName field's value.

func (ResourceServerScopeType) String added in v1.10.24

func (s ResourceServerScopeType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceServerScopeType) Validate added in v1.10.24

func (s *ResourceServerScopeType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ResourceServerType added in v1.10.24

type ResourceServerType struct {

	// A unique resource server identifier for the resource server. The identifier
	// can be an API friendly name like solar-system-data. You can also set an API
	// URL like https://solar-system-data-api.example.com as your identifier.
	//
	// Amazon Cognito represents scopes in the access token in the format $resource-server-identifier/$scope.
	// Longer scope-identifier strings increase the size of your access tokens.
	Identifier *string `min:"1" type:"string"`

	// The name of the resource server.
	Name *string `min:"1" type:"string"`

	// A list of scopes that are defined for the resource server.
	Scopes []*ResourceServerScopeType `type:"list"`

	// The user pool ID for the user pool that hosts the resource server.
	UserPoolId *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

A container for information about a resource server for a user pool.

func (ResourceServerType) GoString added in v1.10.24

func (s ResourceServerType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceServerType) SetIdentifier added in v1.10.24

func (s *ResourceServerType) SetIdentifier(v string) *ResourceServerType

SetIdentifier sets the Identifier field's value.

func (*ResourceServerType) SetName added in v1.10.24

SetName sets the Name field's value.

func (*ResourceServerType) SetScopes added in v1.10.24

SetScopes sets the Scopes field's value.

func (*ResourceServerType) SetUserPoolId added in v1.10.24

func (s *ResourceServerType) SetUserPoolId(v string) *ResourceServerType

SetUserPoolId sets the UserPoolId field's value.

func (ResourceServerType) String added in v1.10.24

func (s ResourceServerType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RespondToAuthChallengeInput added in v1.2.10

type RespondToAuthChallengeInput struct {

	// The Amazon Pinpoint analytics metadata that contributes to your metrics for
	// RespondToAuthChallenge calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The challenge name. For more information, see InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html).
	//
	// ADMIN_NO_SRP_AUTH isn't a valid value.
	//
	// ChallengeName is a required field
	ChallengeName *string `type:"string" required:"true" enum:"ChallengeNameType"`

	// The responses to the challenge that you received in the previous request.
	// Each challenge has its own required response parameters. The following examples
	// are partial JSON request bodies that highlight challenge-response parameters.
	//
	// You must provide a SECRET_HASH parameter in all challenge responses to an
	// app client that has a client secret.
	//
	// SMS_MFA
	//
	// "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]",
	// "USERNAME": "[username]"}
	//
	// PASSWORD_VERIFIER
	//
	// "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE":
	// "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP":
	// [timestamp], "USERNAME": "[username]"}
	//
	// Add "DEVICE_KEY" when you sign in with a remembered device.
	//
	// CUSTOM_CHALLENGE
	//
	// "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]",
	// "ANSWER": "[challenge_answer]"}
	//
	// Add "DEVICE_KEY" when you sign in with a remembered device.
	//
	// NEW_PASSWORD_REQUIRED
	//
	// "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD":
	// "[new_password]", "USERNAME": "[username]"}
	//
	// To set any required attributes that InitiateAuth returned in an requiredAttributes
	// parameter, add "userAttributes.[attribute_name]": "[attribute_value]". This
	// parameter can also set values for writable attributes that aren't required
	// by your user pool.
	//
	// In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required
	// attribute that already has a value. In RespondToAuthChallenge, set a value
	// for any keys that Amazon Cognito returned in the requiredAttributes parameter,
	// then use the UpdateUserAttributes API operation to modify the value of any
	// additional attributes.
	//
	// SOFTWARE_TOKEN_MFA
	//
	// "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME":
	// "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
	//
	// DEVICE_SRP_AUTH
	//
	// "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]",
	// "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
	//
	// DEVICE_PASSWORD_VERIFIER
	//
	// "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY":
	// "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK":
	// "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
	//
	// MFA_SETUP
	//
	// "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"},
	// "SESSION": "[Session ID from VerifySoftwareToken]"
	//
	// SELECT_MFA_TYPE
	//
	// "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]",
	// "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
	//
	// For more information about SECRET_HASH, see Computing secret hash values
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash).
	// For information about DEVICE_KEY, see Working with user devices in your user
	// pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).
	//
	// ChallengeResponses is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RespondToAuthChallengeInput's
	// String and GoString methods.
	ChallengeResponses map[string]*string `type:"map" sensitive:"true"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RespondToAuthChallengeInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the RespondToAuthChallenge API action, Amazon Cognito invokes
	// any functions that are assigned to the following triggers: post authentication,
	// pre token generation, define auth challenge, create auth challenge, and verify
	// auth challenge. When Amazon Cognito invokes any of these functions, it passes
	// a JSON payload, which the function receives as input. This payload contains
	// a clientMetadata attribute, which provides the data that you assigned to
	// the ClientMetadata parameter in your RespondToAuthChallenge request. In your
	// function code in Lambda, you can process the clientMetadata value to enhance
	// your workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. If InitiateAuth or RespondToAuthChallenge API call determines
	// that the caller must pass another challenge, they return a session with other
	// challenge parameters. This session should be passed as it is to the next
	// RespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RespondToAuthChallengeInput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RespondToAuthChallengeInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`
	// contains filtered or unexported fields
}

The request to respond to an authentication challenge.

func (RespondToAuthChallengeInput) GoString added in v1.2.10

func (s RespondToAuthChallengeInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RespondToAuthChallengeInput) SetAnalyticsMetadata added in v1.12.35

SetAnalyticsMetadata sets the AnalyticsMetadata field's value.

func (*RespondToAuthChallengeInput) SetChallengeName added in v1.5.0

SetChallengeName sets the ChallengeName field's value.

func (*RespondToAuthChallengeInput) SetChallengeResponses added in v1.5.0

func (s *RespondToAuthChallengeInput) SetChallengeResponses(v map[string]*string) *RespondToAuthChallengeInput

SetChallengeResponses sets the ChallengeResponses field's value.

func (*RespondToAuthChallengeInput) SetClientId added in v1.5.0

SetClientId sets the ClientId field's value.

func (*RespondToAuthChallengeInput) SetClientMetadata added in v1.25.6

SetClientMetadata sets the ClientMetadata field's value.

func (*RespondToAuthChallengeInput) SetSession added in v1.5.0

SetSession sets the Session field's value.

func (*RespondToAuthChallengeInput) SetUserContextData added in v1.12.35

SetUserContextData sets the UserContextData field's value.

func (RespondToAuthChallengeInput) String added in v1.2.10

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RespondToAuthChallengeInput) Validate added in v1.2.10

func (s *RespondToAuthChallengeInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type RespondToAuthChallengeOutput added in v1.2.10

type RespondToAuthChallengeOutput struct {

	// The result returned by the server in response to the request to respond to
	// the authentication challenge.
	AuthenticationResult *AuthenticationResultType `type:"structure"`

	// The challenge name. For more information, see InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html).
	ChallengeName *string `type:"string" enum:"ChallengeNameType"`

	// The challenge parameters. For more information, see InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html).
	ChallengeParameters map[string]*string `type:"map"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. If the caller must pass another challenge, they return a session
	// with other challenge parameters. This session should be passed as it is to
	// the next RespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RespondToAuthChallengeOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The response to respond to the authentication challenge.

func (RespondToAuthChallengeOutput) GoString added in v1.2.10

func (s RespondToAuthChallengeOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RespondToAuthChallengeOutput) SetAuthenticationResult added in v1.5.0

SetAuthenticationResult sets the AuthenticationResult field's value.

func (*RespondToAuthChallengeOutput) SetChallengeName added in v1.5.0

SetChallengeName sets the ChallengeName field's value.

func (*RespondToAuthChallengeOutput) SetChallengeParameters added in v1.5.0

func (s *RespondToAuthChallengeOutput) SetChallengeParameters(v map[string]*string) *RespondToAuthChallengeOutput

SetChallengeParameters sets the ChallengeParameters field's value.

func (*RespondToAuthChallengeOutput) SetSession added in v1.5.0

SetSession sets the Session field's value.

func (RespondToAuthChallengeOutput) String added in v1.2.10

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RevokeTokenInput added in v1.38.59

type RevokeTokenInput struct {

	// The client ID for the token that you want to revoke.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RevokeTokenInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The secret for the client ID. This is required only if the client ID has
	// a secret.
	//
	// ClientSecret is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RevokeTokenInput's
	// String and GoString methods.
	ClientSecret *string `min:"1" type:"string" sensitive:"true"`

	// The refresh token that you want to revoke.
	//
	// Token is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RevokeTokenInput's
	// String and GoString methods.
	//
	// Token is a required field
	Token *string `type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (RevokeTokenInput) GoString added in v1.38.59

func (s RevokeTokenInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RevokeTokenInput) SetClientId added in v1.38.59

func (s *RevokeTokenInput) SetClientId(v string) *RevokeTokenInput

SetClientId sets the ClientId field's value.

func (*RevokeTokenInput) SetClientSecret added in v1.38.59

func (s *RevokeTokenInput) SetClientSecret(v string) *RevokeTokenInput

SetClientSecret sets the ClientSecret field's value.

func (*RevokeTokenInput) SetToken added in v1.38.59

func (s *RevokeTokenInput) SetToken(v string) *RevokeTokenInput

SetToken sets the Token field's value.

func (RevokeTokenInput) String added in v1.38.59

func (s RevokeTokenInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RevokeTokenInput) Validate added in v1.38.59

func (s *RevokeTokenInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type RevokeTokenOutput added in v1.38.59

type RevokeTokenOutput struct {
	// contains filtered or unexported fields
}

func (RevokeTokenOutput) GoString added in v1.38.59

func (s RevokeTokenOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (RevokeTokenOutput) String added in v1.38.59

func (s RevokeTokenOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RiskConfigurationType added in v1.12.35

type RiskConfigurationType struct {

	// The account takeover risk configuration object, including the NotifyConfiguration
	// object and Actions to take if there is an account takeover.
	AccountTakeoverRiskConfiguration *AccountTakeoverRiskConfigurationType `type:"structure"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RiskConfigurationType's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The compromised credentials risk configuration object, including the EventFilter
	// and the EventAction.
	CompromisedCredentialsRiskConfiguration *CompromisedCredentialsRiskConfigurationType `type:"structure"`

	// The date and time when the item was modified. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	LastModifiedDate *time.Time `type:"timestamp"`

	// The configuration to override the risk decision.
	RiskExceptionConfiguration *RiskExceptionConfigurationType `type:"structure"`

	// The user pool ID.
	UserPoolId *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

The risk configuration type.

func (RiskConfigurationType) GoString added in v1.12.35

func (s RiskConfigurationType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RiskConfigurationType) SetAccountTakeoverRiskConfiguration added in v1.12.35

func (s *RiskConfigurationType) SetAccountTakeoverRiskConfiguration(v *AccountTakeoverRiskConfigurationType) *RiskConfigurationType

SetAccountTakeoverRiskConfiguration sets the AccountTakeoverRiskConfiguration field's value.

func (*RiskConfigurationType) SetClientId added in v1.12.35

SetClientId sets the ClientId field's value.

func (*RiskConfigurationType) SetCompromisedCredentialsRiskConfiguration added in v1.12.35

func (s *RiskConfigurationType) SetCompromisedCredentialsRiskConfiguration(v *CompromisedCredentialsRiskConfigurationType) *RiskConfigurationType

SetCompromisedCredentialsRiskConfiguration sets the CompromisedCredentialsRiskConfiguration field's value.

func (*RiskConfigurationType) SetLastModifiedDate added in v1.12.35

func (s *RiskConfigurationType) SetLastModifiedDate(v time.Time) *RiskConfigurationType

SetLastModifiedDate sets the LastModifiedDate field's value.

func (*RiskConfigurationType) SetRiskExceptionConfiguration added in v1.12.35

func (s *RiskConfigurationType) SetRiskExceptionConfiguration(v *RiskExceptionConfigurationType) *RiskConfigurationType

SetRiskExceptionConfiguration sets the RiskExceptionConfiguration field's value.

func (*RiskConfigurationType) SetUserPoolId added in v1.12.35

func (s *RiskConfigurationType) SetUserPoolId(v string) *RiskConfigurationType

SetUserPoolId sets the UserPoolId field's value.

func (RiskConfigurationType) String added in v1.12.35

func (s RiskConfigurationType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RiskExceptionConfigurationType added in v1.12.35

type RiskExceptionConfigurationType struct {

	// Overrides the risk decision to always block the pre-authentication requests.
	// The IP range is in CIDR notation, a compact representation of an IP address
	// and its routing prefix.
	BlockedIPRangeList []*string `type:"list"`

	// Risk detection isn't performed on the IP addresses in this range list. The
	// IP range is in CIDR notation.
	SkippedIPRangeList []*string `type:"list"`
	// contains filtered or unexported fields
}

The type of the configuration to override the risk decision.

func (RiskExceptionConfigurationType) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RiskExceptionConfigurationType) SetBlockedIPRangeList added in v1.12.35

SetBlockedIPRangeList sets the BlockedIPRangeList field's value.

func (*RiskExceptionConfigurationType) SetSkippedIPRangeList added in v1.12.35

SetSkippedIPRangeList sets the SkippedIPRangeList field's value.

func (RiskExceptionConfigurationType) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SMSMfaSettingsType added in v1.12.35

type SMSMfaSettingsType struct {

	// Specifies whether SMS text message MFA is activated. If an MFA type is activated
	// for a user, the user will be prompted for MFA during all sign-in attempts,
	// unless device tracking is turned on and the device has been trusted.
	Enabled *bool `type:"boolean"`

	// Specifies whether SMS is the preferred MFA method.
	PreferredMfa *bool `type:"boolean"`
	// contains filtered or unexported fields
}

The type used for enabling SMS multi-factor authentication (MFA) at the user level. Phone numbers don't need to be verified to be used for SMS MFA. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking is turned on and the device has been trusted. If you would like MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.

func (SMSMfaSettingsType) GoString added in v1.12.35

func (s SMSMfaSettingsType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SMSMfaSettingsType) SetEnabled added in v1.12.35

func (s *SMSMfaSettingsType) SetEnabled(v bool) *SMSMfaSettingsType

SetEnabled sets the Enabled field's value.

func (*SMSMfaSettingsType) SetPreferredMfa added in v1.12.35

func (s *SMSMfaSettingsType) SetPreferredMfa(v bool) *SMSMfaSettingsType

SetPreferredMfa sets the PreferredMfa field's value.

func (SMSMfaSettingsType) String added in v1.12.35

func (s SMSMfaSettingsType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SchemaAttributeType

type SchemaAttributeType struct {

	// The data format of the values for your attribute. When you choose an AttributeDataType,
	// Amazon Cognito validates the input against the data type. A custom attribute
	// value in your user's ID token is always a string, for example "custom:isMember"
	// : "true" or "custom:YearsAsMember" : "12".
	AttributeDataType *string `type:"string" enum:"AttributeDataType"`

	//
	// You should use WriteAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes)
	// in the user pool client to control how attributes can be mutated for new
	// use cases instead of using DeveloperOnlyAttribute.
	//
	// Specifies whether the attribute type is developer only. This attribute can
	// only be modified by an administrator. Users won't be able to modify this
	// attribute using their access token. For example, DeveloperOnlyAttribute can
	// be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.
	DeveloperOnlyAttribute *bool `type:"boolean"`

	// Specifies whether the value of the attribute can be changed.
	//
	// Any user pool attribute whose value you map from an IdP attribute must be
	// mutable, with a parameter value of true. Amazon Cognito updates mapped attributes
	// when users sign in to your application through an IdP. If an attribute is
	// immutable, Amazon Cognito throws an error when it attempts to update the
	// attribute. For more information, see Specifying Identity Provider Attribute
	// Mappings for Your User Pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html).
	Mutable *bool `type:"boolean"`

	// The name of your user pool attribute. When you create or update a user pool,
	// adding a schema attribute creates a custom or developer-only attribute. When
	// you add an attribute with a Name value of MyAttribute, Amazon Cognito creates
	// the custom attribute custom:MyAttribute. When DeveloperOnlyAttribute is true,
	// Amazon Cognito creates your attribute as dev:MyAttribute. In an operation
	// that describes a user pool, Amazon Cognito returns this value as value for
	// standard attributes, custom:value for custom attributes, and dev:value for
	// developer-only attributes..
	Name *string `min:"1" type:"string"`

	// Specifies the constraints for an attribute of the number type.
	NumberAttributeConstraints *NumberAttributeConstraintsType `type:"structure"`

	// Specifies whether a user pool attribute is required. If the attribute is
	// required and the user doesn't provide a value, registration or sign-in will
	// fail.
	Required *bool `type:"boolean"`

	// Specifies the constraints for an attribute of the string type.
	StringAttributeConstraints *StringAttributeConstraintsType `type:"structure"`
	// contains filtered or unexported fields
}

A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a custom: prefix, and developer attributes with a dev: prefix. For more information, see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html).

Developer-only attributes are a legacy feature of user pools, are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.

func (SchemaAttributeType) GoString

func (s SchemaAttributeType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SchemaAttributeType) SetAttributeDataType added in v1.5.0

func (s *SchemaAttributeType) SetAttributeDataType(v string) *SchemaAttributeType

SetAttributeDataType sets the AttributeDataType field's value.

func (*SchemaAttributeType) SetDeveloperOnlyAttribute added in v1.5.0

func (s *SchemaAttributeType) SetDeveloperOnlyAttribute(v bool) *SchemaAttributeType

SetDeveloperOnlyAttribute sets the DeveloperOnlyAttribute field's value.

func (*SchemaAttributeType) SetMutable added in v1.5.0

func (s *SchemaAttributeType) SetMutable(v bool) *SchemaAttributeType

SetMutable sets the Mutable field's value.

func (*SchemaAttributeType) SetName added in v1.5.0

SetName sets the Name field's value.

func (*SchemaAttributeType) SetNumberAttributeConstraints added in v1.5.0

func (s *SchemaAttributeType) SetNumberAttributeConstraints(v *NumberAttributeConstraintsType) *SchemaAttributeType

SetNumberAttributeConstraints sets the NumberAttributeConstraints field's value.

func (*SchemaAttributeType) SetRequired added in v1.5.0

func (s *SchemaAttributeType) SetRequired(v bool) *SchemaAttributeType

SetRequired sets the Required field's value.

func (*SchemaAttributeType) SetStringAttributeConstraints added in v1.5.0

func (s *SchemaAttributeType) SetStringAttributeConstraints(v *StringAttributeConstraintsType) *SchemaAttributeType

SetStringAttributeConstraints sets the StringAttributeConstraints field's value.

func (SchemaAttributeType) String

func (s SchemaAttributeType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SchemaAttributeType) Validate added in v1.1.21

func (s *SchemaAttributeType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ScopeDoesNotExistException added in v1.28.0

type ScopeDoesNotExistException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the specified scope doesn't exist.

func (*ScopeDoesNotExistException) Code added in v1.28.0

Code returns the exception type name.

func (*ScopeDoesNotExistException) Error added in v1.28.0

func (ScopeDoesNotExistException) GoString added in v1.28.0

func (s ScopeDoesNotExistException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ScopeDoesNotExistException) Message added in v1.28.0

func (s *ScopeDoesNotExistException) Message() string

Message returns the exception's message.

func (*ScopeDoesNotExistException) OrigErr added in v1.28.0

func (s *ScopeDoesNotExistException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ScopeDoesNotExistException) RequestID added in v1.28.0

func (s *ScopeDoesNotExistException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ScopeDoesNotExistException) StatusCode added in v1.28.0

func (s *ScopeDoesNotExistException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ScopeDoesNotExistException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SetLogDeliveryConfigurationInput added in v1.44.315

type SetLogDeliveryConfigurationInput struct {

	// A collection of all of the detailed activity logging configurations for a
	// user pool.
	//
	// LogConfigurations is a required field
	LogConfigurations []*LogConfigurationType `type:"list" required:"true"`

	// The ID of the user pool where you want to configure detailed activity logging .
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (SetLogDeliveryConfigurationInput) GoString added in v1.44.315

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetLogDeliveryConfigurationInput) SetLogConfigurations added in v1.44.315

SetLogConfigurations sets the LogConfigurations field's value.

func (*SetLogDeliveryConfigurationInput) SetUserPoolId added in v1.44.315

SetUserPoolId sets the UserPoolId field's value.

func (SetLogDeliveryConfigurationInput) String added in v1.44.315

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetLogDeliveryConfigurationInput) Validate added in v1.44.315

Validate inspects the fields of the type to determine if they are valid.

type SetLogDeliveryConfigurationOutput added in v1.44.315

type SetLogDeliveryConfigurationOutput struct {

	// The detailed activity logging configuration that you applied to the requested
	// user pool.
	LogDeliveryConfiguration *LogDeliveryConfigurationType `type:"structure"`
	// contains filtered or unexported fields
}

func (SetLogDeliveryConfigurationOutput) GoString added in v1.44.315

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetLogDeliveryConfigurationOutput) SetLogDeliveryConfiguration added in v1.44.315

SetLogDeliveryConfiguration sets the LogDeliveryConfiguration field's value.

func (SetLogDeliveryConfigurationOutput) String added in v1.44.315

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SetRiskConfigurationInput added in v1.12.35

type SetRiskConfigurationInput struct {

	// The account takeover risk configuration.
	AccountTakeoverRiskConfiguration *AccountTakeoverRiskConfigurationType `type:"structure"`

	// The app client ID. If ClientId is null, then the risk configuration is mapped
	// to userPoolId. When the client ID is null, the same risk configuration is
	// applied to all the clients in the userPool.
	//
	// Otherwise, ClientId is mapped to the client. When the client ID isn't null,
	// the user pool configuration is overridden and the risk configuration for
	// the client is used instead.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SetRiskConfigurationInput's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The compromised credentials risk configuration.
	CompromisedCredentialsRiskConfiguration *CompromisedCredentialsRiskConfigurationType `type:"structure"`

	// The configuration to override the risk decision.
	RiskExceptionConfiguration *RiskExceptionConfigurationType `type:"structure"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (SetRiskConfigurationInput) GoString added in v1.12.35

func (s SetRiskConfigurationInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetRiskConfigurationInput) SetAccountTakeoverRiskConfiguration added in v1.12.35

SetAccountTakeoverRiskConfiguration sets the AccountTakeoverRiskConfiguration field's value.

func (*SetRiskConfigurationInput) SetClientId added in v1.12.35

SetClientId sets the ClientId field's value.

func (*SetRiskConfigurationInput) SetCompromisedCredentialsRiskConfiguration added in v1.12.35

func (s *SetRiskConfigurationInput) SetCompromisedCredentialsRiskConfiguration(v *CompromisedCredentialsRiskConfigurationType) *SetRiskConfigurationInput

SetCompromisedCredentialsRiskConfiguration sets the CompromisedCredentialsRiskConfiguration field's value.

func (*SetRiskConfigurationInput) SetRiskExceptionConfiguration added in v1.12.35

SetRiskExceptionConfiguration sets the RiskExceptionConfiguration field's value.

func (*SetRiskConfigurationInput) SetUserPoolId added in v1.12.35

SetUserPoolId sets the UserPoolId field's value.

func (SetRiskConfigurationInput) String added in v1.12.35

func (s SetRiskConfigurationInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetRiskConfigurationInput) Validate added in v1.12.35

func (s *SetRiskConfigurationInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SetRiskConfigurationOutput added in v1.12.35

type SetRiskConfigurationOutput struct {

	// The risk configuration.
	//
	// RiskConfiguration is a required field
	RiskConfiguration *RiskConfigurationType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (SetRiskConfigurationOutput) GoString added in v1.12.35

func (s SetRiskConfigurationOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetRiskConfigurationOutput) SetRiskConfiguration added in v1.12.35

SetRiskConfiguration sets the RiskConfiguration field's value.

func (SetRiskConfigurationOutput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SetUICustomizationInput added in v1.10.24

type SetUICustomizationInput struct {

	// The CSS values in the UI customization.
	CSS *string `type:"string"`

	// The client ID for the client app.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SetUICustomizationInput's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The uploaded logo image for the UI customization.
	// ImageFile is automatically base64 encoded/decoded by the SDK.
	ImageFile []byte `type:"blob"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (SetUICustomizationInput) GoString added in v1.10.24

func (s SetUICustomizationInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetUICustomizationInput) SetCSS added in v1.10.24

SetCSS sets the CSS field's value.

func (*SetUICustomizationInput) SetClientId added in v1.10.24

SetClientId sets the ClientId field's value.

func (*SetUICustomizationInput) SetImageFile added in v1.10.24

SetImageFile sets the ImageFile field's value.

func (*SetUICustomizationInput) SetUserPoolId added in v1.10.24

SetUserPoolId sets the UserPoolId field's value.

func (SetUICustomizationInput) String added in v1.10.24

func (s SetUICustomizationInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetUICustomizationInput) Validate added in v1.10.24

func (s *SetUICustomizationInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SetUICustomizationOutput added in v1.10.24

type SetUICustomizationOutput struct {

	// The UI customization information.
	//
	// UICustomization is a required field
	UICustomization *UICustomizationType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (SetUICustomizationOutput) GoString added in v1.10.24

func (s SetUICustomizationOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetUICustomizationOutput) SetUICustomization added in v1.10.24

SetUICustomization sets the UICustomization field's value.

func (SetUICustomizationOutput) String added in v1.10.24

func (s SetUICustomizationOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SetUserMFAPreferenceInput added in v1.12.35

type SetUserMFAPreferenceInput struct {

	// A valid access token that Amazon Cognito issued to the user whose MFA preference
	// you want to set.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SetUserMFAPreferenceInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The SMS text message multi-factor authentication (MFA) settings.
	SMSMfaSettings *SMSMfaSettingsType `type:"structure"`

	// The time-based one-time password (TOTP) software token MFA settings.
	SoftwareTokenMfaSettings *SoftwareTokenMfaSettingsType `type:"structure"`
	// contains filtered or unexported fields
}

func (SetUserMFAPreferenceInput) GoString added in v1.12.35

func (s SetUserMFAPreferenceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetUserMFAPreferenceInput) SetAccessToken added in v1.12.35

SetAccessToken sets the AccessToken field's value.

func (*SetUserMFAPreferenceInput) SetSMSMfaSettings added in v1.12.35

SetSMSMfaSettings sets the SMSMfaSettings field's value.

func (*SetUserMFAPreferenceInput) SetSoftwareTokenMfaSettings added in v1.12.35

SetSoftwareTokenMfaSettings sets the SoftwareTokenMfaSettings field's value.

func (SetUserMFAPreferenceInput) String added in v1.12.35

func (s SetUserMFAPreferenceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetUserMFAPreferenceInput) Validate added in v1.12.35

func (s *SetUserMFAPreferenceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SetUserMFAPreferenceOutput added in v1.12.35

type SetUserMFAPreferenceOutput struct {
	// contains filtered or unexported fields
}

func (SetUserMFAPreferenceOutput) GoString added in v1.12.35

func (s SetUserMFAPreferenceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (SetUserMFAPreferenceOutput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SetUserPoolMfaConfigInput added in v1.12.35

type SetUserPoolMfaConfigInput struct {

	// The MFA configuration. If you set the MfaConfiguration value to ‘ON’,
	// only users who have set up an MFA factor can sign in. To learn more, see
	// Adding Multi-Factor Authentication (MFA) to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html).
	// Valid values include:
	//
	//    * OFF MFA won't be used for any users.
	//
	//    * ON MFA is required for all users to sign in.
	//
	//    * OPTIONAL MFA will be required only for individual users who have an
	//    MFA factor activated.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// The SMS text message MFA configuration.
	SmsMfaConfiguration *SmsMfaConfigType `type:"structure"`

	// The software token MFA configuration.
	SoftwareTokenMfaConfiguration *SoftwareTokenMfaConfigType `type:"structure"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (SetUserPoolMfaConfigInput) GoString added in v1.12.35

func (s SetUserPoolMfaConfigInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetUserPoolMfaConfigInput) SetMfaConfiguration added in v1.12.35

func (s *SetUserPoolMfaConfigInput) SetMfaConfiguration(v string) *SetUserPoolMfaConfigInput

SetMfaConfiguration sets the MfaConfiguration field's value.

func (*SetUserPoolMfaConfigInput) SetSmsMfaConfiguration added in v1.12.35

SetSmsMfaConfiguration sets the SmsMfaConfiguration field's value.

func (*SetUserPoolMfaConfigInput) SetSoftwareTokenMfaConfiguration added in v1.12.35

func (s *SetUserPoolMfaConfigInput) SetSoftwareTokenMfaConfiguration(v *SoftwareTokenMfaConfigType) *SetUserPoolMfaConfigInput

SetSoftwareTokenMfaConfiguration sets the SoftwareTokenMfaConfiguration field's value.

func (*SetUserPoolMfaConfigInput) SetUserPoolId added in v1.12.35

SetUserPoolId sets the UserPoolId field's value.

func (SetUserPoolMfaConfigInput) String added in v1.12.35

func (s SetUserPoolMfaConfigInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetUserPoolMfaConfigInput) Validate added in v1.12.35

func (s *SetUserPoolMfaConfigInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SetUserPoolMfaConfigOutput added in v1.12.35

type SetUserPoolMfaConfigOutput struct {

	// The MFA configuration. Valid values include:
	//
	//    * OFF MFA won't be used for any users.
	//
	//    * ON MFA is required for all users to sign in.
	//
	//    * OPTIONAL MFA will be required only for individual users who have an
	//    MFA factor enabled.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// The SMS text message MFA configuration.
	SmsMfaConfiguration *SmsMfaConfigType `type:"structure"`

	// The software token MFA configuration.
	SoftwareTokenMfaConfiguration *SoftwareTokenMfaConfigType `type:"structure"`
	// contains filtered or unexported fields
}

func (SetUserPoolMfaConfigOutput) GoString added in v1.12.35

func (s SetUserPoolMfaConfigOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetUserPoolMfaConfigOutput) SetMfaConfiguration added in v1.12.35

SetMfaConfiguration sets the MfaConfiguration field's value.

func (*SetUserPoolMfaConfigOutput) SetSmsMfaConfiguration added in v1.12.35

SetSmsMfaConfiguration sets the SmsMfaConfiguration field's value.

func (*SetUserPoolMfaConfigOutput) SetSoftwareTokenMfaConfiguration added in v1.12.35

func (s *SetUserPoolMfaConfigOutput) SetSoftwareTokenMfaConfiguration(v *SoftwareTokenMfaConfigType) *SetUserPoolMfaConfigOutput

SetSoftwareTokenMfaConfiguration sets the SoftwareTokenMfaConfiguration field's value.

func (SetUserPoolMfaConfigOutput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SetUserSettingsInput

type SetUserSettingsInput struct {

	// A valid access token that Amazon Cognito issued to the user whose user settings
	// you want to configure.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SetUserSettingsInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// You can use this parameter only to set an SMS configuration that uses SMS
	// for delivery.
	//
	// MFAOptions is a required field
	MFAOptions []*MFAOptionType `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to set user settings.

func (SetUserSettingsInput) GoString

func (s SetUserSettingsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetUserSettingsInput) SetAccessToken added in v1.5.0

func (s *SetUserSettingsInput) SetAccessToken(v string) *SetUserSettingsInput

SetAccessToken sets the AccessToken field's value.

func (*SetUserSettingsInput) SetMFAOptions added in v1.5.0

SetMFAOptions sets the MFAOptions field's value.

func (SetUserSettingsInput) String

func (s SetUserSettingsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetUserSettingsInput) Validate added in v1.1.21

func (s *SetUserSettingsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SetUserSettingsOutput

type SetUserSettingsOutput struct {
	// contains filtered or unexported fields
}

The response from the server for a set user settings request.

func (SetUserSettingsOutput) GoString

func (s SetUserSettingsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (SetUserSettingsOutput) String

func (s SetUserSettingsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SignUpInput

type SignUpInput struct {

	// The Amazon Pinpoint analytics metadata that contributes to your metrics for
	// SignUp calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SignUpInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the SignUp API action, Amazon Cognito invokes any functions
	// that are assigned to the following triggers: pre sign-up, custom message,
	// and post confirmation. When Amazon Cognito invokes any of these functions,
	// it passes a JSON payload, which the function receives as input. This payload
	// contains a clientMetadata attribute, which provides the data that you assigned
	// to the ClientMetadata parameter in your SignUp request. In your function
	// code in Lambda, you can process the clientMetadata value to enhance your
	// workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The password of the user you want to register.
	//
	// Password is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SignUpInput's
	// String and GoString methods.
	//
	// Password is a required field
	Password *string `type:"string" required:"true" sensitive:"true"`

	// A keyed-hash message authentication code (HMAC) calculated using the secret
	// key of a user pool client and username plus the client ID in the message.
	//
	// SecretHash is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SignUpInput's
	// String and GoString methods.
	SecretHash *string `min:"1" type:"string" sensitive:"true"`

	// An array of name-value pairs representing user attributes.
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	UserAttributes []*AttributeType `type:"list"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SignUpInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`

	// The username of the user that you want to sign up. The value of this parameter
	// is typically a username, but can be any alias attribute in your user pool.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SignUpInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// Temporary user attributes that contribute to the outcomes of your pre sign-up
	// Lambda trigger. This set of key-value pairs are for custom validation of
	// information that you collect from your users but don't need to retain.
	//
	// Your Lambda function can analyze this additional data and act on it. Your
	// function might perform external API operations like logging user attributes
	// and validation data to Amazon CloudWatch Logs. Validation data might also
	// affect the response that your function returns to Amazon Cognito, like automatically
	// confirming the user if they sign up from within your network.
	//
	// For more information about the pre sign-up Lambda trigger, see Pre sign-up
	// Lambda trigger (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html).
	ValidationData []*AttributeType `type:"list"`
	// contains filtered or unexported fields
}

Represents the request to register a user.

func (SignUpInput) GoString

func (s SignUpInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SignUpInput) SetAnalyticsMetadata added in v1.12.35

func (s *SignUpInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *SignUpInput

SetAnalyticsMetadata sets the AnalyticsMetadata field's value.

func (*SignUpInput) SetClientId added in v1.5.0

func (s *SignUpInput) SetClientId(v string) *SignUpInput

SetClientId sets the ClientId field's value.

func (*SignUpInput) SetClientMetadata added in v1.25.6

func (s *SignUpInput) SetClientMetadata(v map[string]*string) *SignUpInput

SetClientMetadata sets the ClientMetadata field's value.

func (*SignUpInput) SetPassword added in v1.5.0

func (s *SignUpInput) SetPassword(v string) *SignUpInput

SetPassword sets the Password field's value.

func (*SignUpInput) SetSecretHash added in v1.5.0

func (s *SignUpInput) SetSecretHash(v string) *SignUpInput

SetSecretHash sets the SecretHash field's value.

func (*SignUpInput) SetUserAttributes added in v1.5.0

func (s *SignUpInput) SetUserAttributes(v []*AttributeType) *SignUpInput

SetUserAttributes sets the UserAttributes field's value.

func (*SignUpInput) SetUserContextData added in v1.12.35

func (s *SignUpInput) SetUserContextData(v *UserContextDataType) *SignUpInput

SetUserContextData sets the UserContextData field's value.

func (*SignUpInput) SetUsername added in v1.5.0

func (s *SignUpInput) SetUsername(v string) *SignUpInput

SetUsername sets the Username field's value.

func (*SignUpInput) SetValidationData added in v1.5.0

func (s *SignUpInput) SetValidationData(v []*AttributeType) *SignUpInput

SetValidationData sets the ValidationData field's value.

func (SignUpInput) String

func (s SignUpInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SignUpInput) Validate added in v1.1.21

func (s *SignUpInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SignUpOutput

type SignUpOutput struct {

	// The code delivery details returned by the server response to the user registration
	// request.
	CodeDeliveryDetails *CodeDeliveryDetailsType `type:"structure"`

	// A response from the server indicating that a user registration has been confirmed.
	//
	// UserConfirmed is a required field
	UserConfirmed *bool `type:"boolean" required:"true"`

	// The UUID of the authenticated user. This isn't the same as username.
	//
	// UserSub is a required field
	UserSub *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

The response from the server for a registration request.

func (SignUpOutput) GoString

func (s SignUpOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SignUpOutput) SetCodeDeliveryDetails added in v1.5.0

func (s *SignUpOutput) SetCodeDeliveryDetails(v *CodeDeliveryDetailsType) *SignUpOutput

SetCodeDeliveryDetails sets the CodeDeliveryDetails field's value.

func (*SignUpOutput) SetUserConfirmed added in v1.5.0

func (s *SignUpOutput) SetUserConfirmed(v bool) *SignUpOutput

SetUserConfirmed sets the UserConfirmed field's value.

func (*SignUpOutput) SetUserSub added in v1.8.33

func (s *SignUpOutput) SetUserSub(v string) *SignUpOutput

SetUserSub sets the UserSub field's value.

func (SignUpOutput) String

func (s SignUpOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SmsConfigurationType added in v1.2.10

type SmsConfigurationType struct {

	// The external ID provides additional security for your IAM role. You can use
	// an ExternalId with the IAM role that you use with Amazon SNS to send SMS
	// messages for your user pool. If you provide an ExternalId, your Amazon Cognito
	// user pool includes it in the request to assume your IAM role. You can configure
	// the role trust policy to require that Amazon Cognito, and any principal,
	// provide the ExternalID. If you use the Amazon Cognito Management Console
	// to create a role for SMS multi-factor authentication (MFA), Amazon Cognito
	// creates a role with the required permissions and a trust policy that demonstrates
	// use of the ExternalId.
	//
	// For more information about the ExternalId of a role, see How to use an external
	// ID when granting access to your Amazon Web Services resources to a third
	// party (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html)
	ExternalId *string `type:"string"`

	// The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN
	// of the IAM role in your Amazon Web Services account that Amazon Cognito will
	// use to send SMS messages. SMS messages are subject to a spending limit (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html).
	//
	// SnsCallerArn is a required field
	SnsCallerArn *string `min:"20" type:"string" required:"true"`

	// The Amazon Web Services Region to use with Amazon SNS integration. You can
	// choose the same Region as your user pool, or a supported Legacy Amazon SNS
	// alternate Region.
	//
	// Amazon Cognito resources in the Asia Pacific (Seoul) Amazon Web Services
	// Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo)
	// Region. For more information, see SMS message settings for Amazon Cognito
	// user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html).
	SnsRegion *string `min:"5" type:"string"`
	// contains filtered or unexported fields
}

The SMS configuration type is the settings that your Amazon Cognito user pool must use to send an SMS message from your Amazon Web Services account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.

func (SmsConfigurationType) GoString added in v1.2.10

func (s SmsConfigurationType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SmsConfigurationType) SetExternalId added in v1.5.0

func (s *SmsConfigurationType) SetExternalId(v string) *SmsConfigurationType

SetExternalId sets the ExternalId field's value.

func (*SmsConfigurationType) SetSnsCallerArn added in v1.5.0

func (s *SmsConfigurationType) SetSnsCallerArn(v string) *SmsConfigurationType

SetSnsCallerArn sets the SnsCallerArn field's value.

func (*SmsConfigurationType) SetSnsRegion added in v1.43.19

func (s *SmsConfigurationType) SetSnsRegion(v string) *SmsConfigurationType

SetSnsRegion sets the SnsRegion field's value.

func (SmsConfigurationType) String added in v1.2.10

func (s SmsConfigurationType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SmsConfigurationType) Validate added in v1.2.10

func (s *SmsConfigurationType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SmsMfaConfigType added in v1.12.35

type SmsMfaConfigType struct {

	// The SMS authentication message that will be sent to users with the code they
	// must sign in. The message must contain the ‘{####}’ placeholder, which
	// is replaced with the code. If the message isn't included, and default message
	// will be used.
	SmsAuthenticationMessage *string `min:"6" type:"string"`

	// The SMS configuration with the settings that your Amazon Cognito user pool
	// must use to send an SMS message from your Amazon Web Services account through
	// Amazon Simple Notification Service. To request Amazon SNS in the Amazon Web
	// Services Region that you want, the Amazon Cognito user pool uses an Identity
	// and Access Management (IAM) role that you provide for your Amazon Web Services
	// account.
	SmsConfiguration *SmsConfigurationType `type:"structure"`
	// contains filtered or unexported fields
}

The SMS text message multi-factor authentication (MFA) configuration type.

func (SmsMfaConfigType) GoString added in v1.12.35

func (s SmsMfaConfigType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SmsMfaConfigType) SetSmsAuthenticationMessage added in v1.12.35

func (s *SmsMfaConfigType) SetSmsAuthenticationMessage(v string) *SmsMfaConfigType

SetSmsAuthenticationMessage sets the SmsAuthenticationMessage field's value.

func (*SmsMfaConfigType) SetSmsConfiguration added in v1.12.35

func (s *SmsMfaConfigType) SetSmsConfiguration(v *SmsConfigurationType) *SmsMfaConfigType

SetSmsConfiguration sets the SmsConfiguration field's value.

func (SmsMfaConfigType) String added in v1.12.35

func (s SmsMfaConfigType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SmsMfaConfigType) Validate added in v1.12.35

func (s *SmsMfaConfigType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SoftwareTokenMFANotFoundException added in v1.28.0

type SoftwareTokenMFANotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

func (*SoftwareTokenMFANotFoundException) Code added in v1.28.0

Code returns the exception type name.

func (*SoftwareTokenMFANotFoundException) Error added in v1.28.0

func (SoftwareTokenMFANotFoundException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SoftwareTokenMFANotFoundException) Message added in v1.28.0

Message returns the exception's message.

func (*SoftwareTokenMFANotFoundException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*SoftwareTokenMFANotFoundException) RequestID added in v1.28.0

RequestID returns the service's response RequestID for request.

func (*SoftwareTokenMFANotFoundException) StatusCode added in v1.28.0

func (s *SoftwareTokenMFANotFoundException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (SoftwareTokenMFANotFoundException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SoftwareTokenMfaConfigType added in v1.12.35

type SoftwareTokenMfaConfigType struct {

	// Specifies whether software token MFA is activated.
	Enabled *bool `type:"boolean"`
	// contains filtered or unexported fields
}

The type used for enabling software token MFA at the user pool level.

func (SoftwareTokenMfaConfigType) GoString added in v1.12.35

func (s SoftwareTokenMfaConfigType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SoftwareTokenMfaConfigType) SetEnabled added in v1.12.35

SetEnabled sets the Enabled field's value.

func (SoftwareTokenMfaConfigType) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SoftwareTokenMfaSettingsType added in v1.12.35

type SoftwareTokenMfaSettingsType struct {

	// Specifies whether software token MFA is activated. If an MFA type is activated
	// for a user, the user will be prompted for MFA during all sign-in attempts,
	// unless device tracking is turned on and the device has been trusted.
	Enabled *bool `type:"boolean"`

	// Specifies whether software token MFA is the preferred MFA method.
	PreferredMfa *bool `type:"boolean"`
	// contains filtered or unexported fields
}

The type used for enabling software token MFA at the user level. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.

func (SoftwareTokenMfaSettingsType) GoString added in v1.12.35

func (s SoftwareTokenMfaSettingsType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SoftwareTokenMfaSettingsType) SetEnabled added in v1.12.35

SetEnabled sets the Enabled field's value.

func (*SoftwareTokenMfaSettingsType) SetPreferredMfa added in v1.12.35

SetPreferredMfa sets the PreferredMfa field's value.

func (SoftwareTokenMfaSettingsType) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type StartUserImportJobInput added in v1.4.6

type StartUserImportJobInput struct {

	// The job ID for the user import job.
	//
	// JobId is a required field
	JobId *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that the users are being imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to start the user import job.

func (StartUserImportJobInput) GoString added in v1.4.6

func (s StartUserImportJobInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StartUserImportJobInput) SetJobId added in v1.5.0

SetJobId sets the JobId field's value.

func (*StartUserImportJobInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (StartUserImportJobInput) String added in v1.4.6

func (s StartUserImportJobInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StartUserImportJobInput) Validate added in v1.4.6

func (s *StartUserImportJobInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type StartUserImportJobOutput added in v1.4.6

type StartUserImportJobOutput struct {

	// The job object that represents the user import job.
	UserImportJob *UserImportJobType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the response from the server to the request to start the user import job.

func (StartUserImportJobOutput) GoString added in v1.4.6

func (s StartUserImportJobOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StartUserImportJobOutput) SetUserImportJob added in v1.5.0

SetUserImportJob sets the UserImportJob field's value.

func (StartUserImportJobOutput) String added in v1.4.6

func (s StartUserImportJobOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type StopUserImportJobInput added in v1.4.6

type StopUserImportJobInput struct {

	// The job ID for the user import job.
	//
	// JobId is a required field
	JobId *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that the users are being imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to stop the user import job.

func (StopUserImportJobInput) GoString added in v1.4.6

func (s StopUserImportJobInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StopUserImportJobInput) SetJobId added in v1.5.0

SetJobId sets the JobId field's value.

func (*StopUserImportJobInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (StopUserImportJobInput) String added in v1.4.6

func (s StopUserImportJobInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StopUserImportJobInput) Validate added in v1.4.6

func (s *StopUserImportJobInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type StopUserImportJobOutput added in v1.4.6

type StopUserImportJobOutput struct {

	// The job object that represents the user import job.
	UserImportJob *UserImportJobType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the response from the server to the request to stop the user import job.

func (StopUserImportJobOutput) GoString added in v1.4.6

func (s StopUserImportJobOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StopUserImportJobOutput) SetUserImportJob added in v1.5.0

SetUserImportJob sets the UserImportJob field's value.

func (StopUserImportJobOutput) String added in v1.4.6

func (s StopUserImportJobOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type StringAttributeConstraintsType

type StringAttributeConstraintsType struct {

	// The maximum length of a string attribute value. Must be a number less than
	// or equal to 2^1023, represented as a string with a length of 131072 characters
	// or fewer.
	MaxLength *string `type:"string"`

	// The minimum length.
	MinLength *string `type:"string"`
	// contains filtered or unexported fields
}

The constraints associated with a string attribute.

func (StringAttributeConstraintsType) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StringAttributeConstraintsType) SetMaxLength added in v1.5.0

SetMaxLength sets the MaxLength field's value.

func (*StringAttributeConstraintsType) SetMinLength added in v1.5.0

SetMinLength sets the MinLength field's value.

func (StringAttributeConstraintsType) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TagResourceInput added in v1.19.0

type TagResourceInput struct {

	// The Amazon Resource Name (ARN) of the user pool to assign the tags to.
	//
	// ResourceArn is a required field
	ResourceArn *string `min:"20" type:"string" required:"true"`

	// The tags to assign to the user pool.
	//
	// Tags is a required field
	Tags map[string]*string `type:"map" required:"true"`
	// contains filtered or unexported fields
}

func (TagResourceInput) GoString added in v1.19.0

func (s TagResourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagResourceInput) SetResourceArn added in v1.19.0

func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput

SetResourceArn sets the ResourceArn field's value.

func (*TagResourceInput) SetTags added in v1.19.0

func (s *TagResourceInput) SetTags(v map[string]*string) *TagResourceInput

SetTags sets the Tags field's value.

func (TagResourceInput) String added in v1.19.0

func (s TagResourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagResourceInput) Validate added in v1.19.0

func (s *TagResourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagResourceOutput added in v1.19.0

type TagResourceOutput struct {
	// contains filtered or unexported fields
}

func (TagResourceOutput) GoString added in v1.19.0

func (s TagResourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (TagResourceOutput) String added in v1.19.0

func (s TagResourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TokenValidityUnitsType added in v1.34.4

type TokenValidityUnitsType struct {

	// A time unit of seconds, minutes, hours, or days for the value that you set
	// in the AccessTokenValidity parameter. The default AccessTokenValidity time
	// unit is hours. AccessTokenValidity duration can range from five minutes to
	// one day.
	AccessToken *string `type:"string" enum:"TimeUnitsType"`

	// A time unit of seconds, minutes, hours, or days for the value that you set
	// in the IdTokenValidity parameter. The default IdTokenValidity time unit is
	// hours. IdTokenValidity duration can range from five minutes to one day.
	IdToken *string `type:"string" enum:"TimeUnitsType"`

	// A time unit of seconds, minutes, hours, or days for the value that you set
	// in the RefreshTokenValidity parameter. The default RefreshTokenValidity time
	// unit is days. RefreshTokenValidity duration can range from 60 minutes to
	// 10 years.
	RefreshToken *string `type:"string" enum:"TimeUnitsType"`
	// contains filtered or unexported fields
}

The data type TokenValidityUnits specifies the time units you use when you set the duration of ID, access, and refresh tokens.

func (TokenValidityUnitsType) GoString added in v1.34.4

func (s TokenValidityUnitsType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TokenValidityUnitsType) SetAccessToken added in v1.34.4

SetAccessToken sets the AccessToken field's value.

func (*TokenValidityUnitsType) SetIdToken added in v1.34.4

SetIdToken sets the IdToken field's value.

func (*TokenValidityUnitsType) SetRefreshToken added in v1.34.4

func (s *TokenValidityUnitsType) SetRefreshToken(v string) *TokenValidityUnitsType

SetRefreshToken sets the RefreshToken field's value.

func (TokenValidityUnitsType) String added in v1.34.4

func (s TokenValidityUnitsType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TooManyFailedAttemptsException added in v1.28.0

type TooManyFailedAttemptsException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito returns a TooManyFailedAttempts
	// exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.

func (*TooManyFailedAttemptsException) Code added in v1.28.0

Code returns the exception type name.

func (*TooManyFailedAttemptsException) Error added in v1.28.0

func (TooManyFailedAttemptsException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TooManyFailedAttemptsException) Message added in v1.28.0

Message returns the exception's message.

func (*TooManyFailedAttemptsException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*TooManyFailedAttemptsException) RequestID added in v1.28.0

func (s *TooManyFailedAttemptsException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*TooManyFailedAttemptsException) StatusCode added in v1.28.0

func (s *TooManyFailedAttemptsException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (TooManyFailedAttemptsException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TooManyRequestsException added in v1.28.0

type TooManyRequestsException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the Amazon Cognito service returns a too many requests
	// exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the user has made too many requests for a given operation.

func (*TooManyRequestsException) Code added in v1.28.0

func (s *TooManyRequestsException) Code() string

Code returns the exception type name.

func (*TooManyRequestsException) Error added in v1.28.0

func (s *TooManyRequestsException) Error() string

func (TooManyRequestsException) GoString added in v1.28.0

func (s TooManyRequestsException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TooManyRequestsException) Message added in v1.28.0

func (s *TooManyRequestsException) Message() string

Message returns the exception's message.

func (*TooManyRequestsException) OrigErr added in v1.28.0

func (s *TooManyRequestsException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*TooManyRequestsException) RequestID added in v1.28.0

func (s *TooManyRequestsException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*TooManyRequestsException) StatusCode added in v1.28.0

func (s *TooManyRequestsException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (TooManyRequestsException) String added in v1.28.0

func (s TooManyRequestsException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UICustomizationType added in v1.10.24

type UICustomizationType struct {

	// The CSS values in the UI customization.
	CSS *string `type:"string"`

	// The CSS version number.
	CSSVersion *string `type:"string"`

	// The client ID for the client app.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UICustomizationType's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The date and time when the item was created. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	CreationDate *time.Time `type:"timestamp"`

	// The logo image for the UI customization.
	ImageUrl *string `type:"string"`

	// The date and time when the item was modified. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	LastModifiedDate *time.Time `type:"timestamp"`

	// The user pool ID for the user pool.
	UserPoolId *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

A container for the UI customization information for a user pool's built-in app UI.

func (UICustomizationType) GoString added in v1.10.24

func (s UICustomizationType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UICustomizationType) SetCSS added in v1.10.24

SetCSS sets the CSS field's value.

func (*UICustomizationType) SetCSSVersion added in v1.10.24

func (s *UICustomizationType) SetCSSVersion(v string) *UICustomizationType

SetCSSVersion sets the CSSVersion field's value.

func (*UICustomizationType) SetClientId added in v1.10.24

func (s *UICustomizationType) SetClientId(v string) *UICustomizationType

SetClientId sets the ClientId field's value.

func (*UICustomizationType) SetCreationDate added in v1.10.24

func (s *UICustomizationType) SetCreationDate(v time.Time) *UICustomizationType

SetCreationDate sets the CreationDate field's value.

func (*UICustomizationType) SetImageUrl added in v1.10.24

func (s *UICustomizationType) SetImageUrl(v string) *UICustomizationType

SetImageUrl sets the ImageUrl field's value.

func (*UICustomizationType) SetLastModifiedDate added in v1.10.24

func (s *UICustomizationType) SetLastModifiedDate(v time.Time) *UICustomizationType

SetLastModifiedDate sets the LastModifiedDate field's value.

func (*UICustomizationType) SetUserPoolId added in v1.10.24

func (s *UICustomizationType) SetUserPoolId(v string) *UICustomizationType

SetUserPoolId sets the UserPoolId field's value.

func (UICustomizationType) String added in v1.10.24

func (s UICustomizationType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UnauthorizedException added in v1.38.59

type UnauthorizedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Exception that is thrown when the request isn't authorized. This can happen due to an invalid access token in the request.

func (*UnauthorizedException) Code added in v1.38.59

func (s *UnauthorizedException) Code() string

Code returns the exception type name.

func (*UnauthorizedException) Error added in v1.38.59

func (s *UnauthorizedException) Error() string

func (UnauthorizedException) GoString added in v1.38.59

func (s UnauthorizedException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UnauthorizedException) Message added in v1.38.59

func (s *UnauthorizedException) Message() string

Message returns the exception's message.

func (*UnauthorizedException) OrigErr added in v1.38.59

func (s *UnauthorizedException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UnauthorizedException) RequestID added in v1.38.59

func (s *UnauthorizedException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UnauthorizedException) StatusCode added in v1.38.59

func (s *UnauthorizedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UnauthorizedException) String added in v1.38.59

func (s UnauthorizedException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UnexpectedLambdaException added in v1.28.0

type UnexpectedLambdaException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito returns an unexpected Lambda exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

func (*UnexpectedLambdaException) Code added in v1.28.0

Code returns the exception type name.

func (*UnexpectedLambdaException) Error added in v1.28.0

func (s *UnexpectedLambdaException) Error() string

func (UnexpectedLambdaException) GoString added in v1.28.0

func (s UnexpectedLambdaException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UnexpectedLambdaException) Message added in v1.28.0

func (s *UnexpectedLambdaException) Message() string

Message returns the exception's message.

func (*UnexpectedLambdaException) OrigErr added in v1.28.0

func (s *UnexpectedLambdaException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UnexpectedLambdaException) RequestID added in v1.28.0

func (s *UnexpectedLambdaException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UnexpectedLambdaException) StatusCode added in v1.28.0

func (s *UnexpectedLambdaException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UnexpectedLambdaException) String added in v1.28.0

func (s UnexpectedLambdaException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UnsupportedIdentityProviderException added in v1.28.0

type UnsupportedIdentityProviderException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the specified identifier isn't supported.

func (*UnsupportedIdentityProviderException) Code added in v1.28.0

Code returns the exception type name.

func (*UnsupportedIdentityProviderException) Error added in v1.28.0

func (UnsupportedIdentityProviderException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UnsupportedIdentityProviderException) Message added in v1.28.0

Message returns the exception's message.

func (*UnsupportedIdentityProviderException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UnsupportedIdentityProviderException) RequestID added in v1.28.0

RequestID returns the service's response RequestID for request.

func (*UnsupportedIdentityProviderException) StatusCode added in v1.28.0

func (s *UnsupportedIdentityProviderException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UnsupportedIdentityProviderException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UnsupportedOperationException added in v1.38.59

type UnsupportedOperationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Exception that is thrown when you attempt to perform an operation that isn't enabled for the user pool client.

func (*UnsupportedOperationException) Code added in v1.38.59

Code returns the exception type name.

func (*UnsupportedOperationException) Error added in v1.38.59

func (UnsupportedOperationException) GoString added in v1.38.59

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UnsupportedOperationException) Message added in v1.38.59

Message returns the exception's message.

func (*UnsupportedOperationException) OrigErr added in v1.38.59

func (s *UnsupportedOperationException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UnsupportedOperationException) RequestID added in v1.38.59

func (s *UnsupportedOperationException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UnsupportedOperationException) StatusCode added in v1.38.59

func (s *UnsupportedOperationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UnsupportedOperationException) String added in v1.38.59

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UnsupportedTokenTypeException added in v1.38.59

type UnsupportedTokenTypeException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Exception that is thrown when an unsupported token is passed to an operation.

func (*UnsupportedTokenTypeException) Code added in v1.38.59

Code returns the exception type name.

func (*UnsupportedTokenTypeException) Error added in v1.38.59

func (UnsupportedTokenTypeException) GoString added in v1.38.59

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UnsupportedTokenTypeException) Message added in v1.38.59

Message returns the exception's message.

func (*UnsupportedTokenTypeException) OrigErr added in v1.38.59

func (s *UnsupportedTokenTypeException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UnsupportedTokenTypeException) RequestID added in v1.38.59

func (s *UnsupportedTokenTypeException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UnsupportedTokenTypeException) StatusCode added in v1.38.59

func (s *UnsupportedTokenTypeException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UnsupportedTokenTypeException) String added in v1.38.59

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UnsupportedUserStateException added in v1.28.0

type UnsupportedUserStateException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the user is in an unsupported state.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

The request failed because the user is in an unsupported state.

func (*UnsupportedUserStateException) Code added in v1.28.0

Code returns the exception type name.

func (*UnsupportedUserStateException) Error added in v1.28.0

func (UnsupportedUserStateException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UnsupportedUserStateException) Message added in v1.28.0

Message returns the exception's message.

func (*UnsupportedUserStateException) OrigErr added in v1.28.0

func (s *UnsupportedUserStateException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UnsupportedUserStateException) RequestID added in v1.28.0

func (s *UnsupportedUserStateException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UnsupportedUserStateException) StatusCode added in v1.28.0

func (s *UnsupportedUserStateException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UnsupportedUserStateException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UntagResourceInput added in v1.19.0

type UntagResourceInput struct {

	// The Amazon Resource Name (ARN) of the user pool that the tags are assigned
	// to.
	//
	// ResourceArn is a required field
	ResourceArn *string `min:"20" type:"string" required:"true"`

	// The keys of the tags to remove from the user pool.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UntagResourceInput) GoString added in v1.19.0

func (s UntagResourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagResourceInput) SetResourceArn added in v1.19.0

func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput

SetResourceArn sets the ResourceArn field's value.

func (*UntagResourceInput) SetTagKeys added in v1.19.0

func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput

SetTagKeys sets the TagKeys field's value.

func (UntagResourceInput) String added in v1.19.0

func (s UntagResourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagResourceInput) Validate added in v1.19.0

func (s *UntagResourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagResourceOutput added in v1.19.0

type UntagResourceOutput struct {
	// contains filtered or unexported fields
}

func (UntagResourceOutput) GoString added in v1.19.0

func (s UntagResourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UntagResourceOutput) String added in v1.19.0

func (s UntagResourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateAuthEventFeedbackInput added in v1.12.35

type UpdateAuthEventFeedbackInput struct {

	// The event ID.
	//
	// EventId is a required field
	EventId *string `min:"1" type:"string" required:"true"`

	// The feedback token.
	//
	// FeedbackToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateAuthEventFeedbackInput's
	// String and GoString methods.
	//
	// FeedbackToken is a required field
	FeedbackToken *string `type:"string" required:"true" sensitive:"true"`

	// The authentication event feedback value. When you provide a FeedbackValue
	// value of valid, you tell Amazon Cognito that you trust a user session where
	// Amazon Cognito has evaluated some level of risk. When you provide a FeedbackValue
	// value of invalid, you tell Amazon Cognito that you don't trust a user session,
	// or you don't believe that Amazon Cognito evaluated a high-enough risk level.
	//
	// FeedbackValue is a required field
	FeedbackValue *string `type:"string" required:"true" enum:"FeedbackValueType"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, this
	// value must be the sub of a local user or the username of a user from a third-party
	// IdP.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateAuthEventFeedbackInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (UpdateAuthEventFeedbackInput) GoString added in v1.12.35

func (s UpdateAuthEventFeedbackInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAuthEventFeedbackInput) SetEventId added in v1.12.35

SetEventId sets the EventId field's value.

func (*UpdateAuthEventFeedbackInput) SetFeedbackToken added in v1.12.35

SetFeedbackToken sets the FeedbackToken field's value.

func (*UpdateAuthEventFeedbackInput) SetFeedbackValue added in v1.12.35

SetFeedbackValue sets the FeedbackValue field's value.

func (*UpdateAuthEventFeedbackInput) SetUserPoolId added in v1.12.35

SetUserPoolId sets the UserPoolId field's value.

func (*UpdateAuthEventFeedbackInput) SetUsername added in v1.12.35

SetUsername sets the Username field's value.

func (UpdateAuthEventFeedbackInput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAuthEventFeedbackInput) Validate added in v1.12.35

func (s *UpdateAuthEventFeedbackInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateAuthEventFeedbackOutput added in v1.12.35

type UpdateAuthEventFeedbackOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAuthEventFeedbackOutput) GoString added in v1.12.35

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateAuthEventFeedbackOutput) String added in v1.12.35

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateDeviceStatusInput added in v1.2.10

type UpdateDeviceStatusInput struct {

	// A valid access token that Amazon Cognito issued to the user whose device
	// status you want to update.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateDeviceStatusInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`

	// The status of whether a device is remembered.
	DeviceRememberedStatus *string `type:"string" enum:"DeviceRememberedStatusType"`
	// contains filtered or unexported fields
}

Represents the request to update the device status.

func (UpdateDeviceStatusInput) GoString added in v1.2.10

func (s UpdateDeviceStatusInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateDeviceStatusInput) SetAccessToken added in v1.5.0

SetAccessToken sets the AccessToken field's value.

func (*UpdateDeviceStatusInput) SetDeviceKey added in v1.5.0

SetDeviceKey sets the DeviceKey field's value.

func (*UpdateDeviceStatusInput) SetDeviceRememberedStatus added in v1.5.0

func (s *UpdateDeviceStatusInput) SetDeviceRememberedStatus(v string) *UpdateDeviceStatusInput

SetDeviceRememberedStatus sets the DeviceRememberedStatus field's value.

func (UpdateDeviceStatusInput) String added in v1.2.10

func (s UpdateDeviceStatusInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateDeviceStatusInput) Validate added in v1.2.10

func (s *UpdateDeviceStatusInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateDeviceStatusOutput added in v1.2.10

type UpdateDeviceStatusOutput struct {
	// contains filtered or unexported fields
}

The response to the request to update the device status.

func (UpdateDeviceStatusOutput) GoString added in v1.2.10

func (s UpdateDeviceStatusOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateDeviceStatusOutput) String added in v1.2.10

func (s UpdateDeviceStatusOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateGroupInput added in v1.6.4

type UpdateGroupInput struct {

	// A string containing the new description of the group.
	Description *string `type:"string"`

	// The name of the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The new precedence value for the group. For more information about this parameter,
	// see CreateGroup (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateGroup.html).
	Precedence *int64 `type:"integer"`

	// The new role Amazon Resource Name (ARN) for the group. This is used for setting
	// the cognito:roles and cognito:preferred_role claims in the token.
	RoleArn *string `min:"20" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateGroupInput) GoString added in v1.6.4

func (s UpdateGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateGroupInput) SetDescription added in v1.6.4

func (s *UpdateGroupInput) SetDescription(v string) *UpdateGroupInput

SetDescription sets the Description field's value.

func (*UpdateGroupInput) SetGroupName added in v1.6.4

func (s *UpdateGroupInput) SetGroupName(v string) *UpdateGroupInput

SetGroupName sets the GroupName field's value.

func (*UpdateGroupInput) SetPrecedence added in v1.6.4

func (s *UpdateGroupInput) SetPrecedence(v int64) *UpdateGroupInput

SetPrecedence sets the Precedence field's value.

func (*UpdateGroupInput) SetRoleArn added in v1.6.4

func (s *UpdateGroupInput) SetRoleArn(v string) *UpdateGroupInput

SetRoleArn sets the RoleArn field's value.

func (*UpdateGroupInput) SetUserPoolId added in v1.6.4

func (s *UpdateGroupInput) SetUserPoolId(v string) *UpdateGroupInput

SetUserPoolId sets the UserPoolId field's value.

func (UpdateGroupInput) String added in v1.6.4

func (s UpdateGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateGroupInput) Validate added in v1.6.4

func (s *UpdateGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateGroupOutput added in v1.6.4

type UpdateGroupOutput struct {

	// The group object for the group.
	Group *GroupType `type:"structure"`
	// contains filtered or unexported fields
}

func (UpdateGroupOutput) GoString added in v1.6.4

func (s UpdateGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateGroupOutput) SetGroup added in v1.6.4

SetGroup sets the Group field's value.

func (UpdateGroupOutput) String added in v1.6.4

func (s UpdateGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateIdentityProviderInput added in v1.8.33

type UpdateIdentityProviderInput struct {

	// The IdP attribute mapping to be changed.
	AttributeMapping map[string]*string `type:"map"`

	// A list of IdP identifiers.
	IdpIdentifiers []*string `type:"list"`

	// The scopes, URLs, and identifiers for your external identity provider. The
	// following examples describe the provider detail keys for each IdP type. These
	// values and their schema are subject to change. Social IdP authorize_scopes
	// values must match the values listed here.
	//
	// OpenID Connect (OIDC)
	//
	// Amazon Cognito accepts the following elements when it can't discover endpoint
	// URLs from oidc_issuer: attributes_url, authorize_url, jwks_uri, token_url.
	//
	// Create or update request: "ProviderDetails": { "attributes_request_method":
	// "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes":
	// "openid profile email", "authorize_url": "https://auth.example.com/authorize",
	// "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
	// "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
	// "https://auth.example.com", "token_url": "https://example.com/token" }
	//
	// Describe response: "ProviderDetails": { "attributes_request_method": "GET",
	// "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes":
	// "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize",
	// "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
	// "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer":
	// "https://auth.example.com", "token_url": "https://example.com/token" }
	//
	// SAML
	//
	// Create or update request with Metadata URL: "ProviderDetails": { "IDPInit":
	// "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL":
	// "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
	// "rsa-sha256" }
	//
	// Create or update request with Metadata file: "ProviderDetails": { "IDPInit":
	// "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile":
	// "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }
	//
	// The value of MetadataFile must be the plaintext metadata document with all
	// quote (") characters escaped by backslashes.
	//
	// Describe response: "ProviderDetails": { "IDPInit": "true", "IDPSignout":
	// "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]",
	// "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm":
	// "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml",
	// "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }
	//
	// LoginWithAmazon
	//
	// Create or update request: "ProviderDetails": { "authorize_scopes": "profile
	// postal_code", "client_id": "amzn1.application-oa2-client.1example23456789",
	// "client_secret": "provider-app-client-secret"
	//
	// Describe response: "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile",
	// "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code",
	// "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789",
	// "client_secret": "provider-app-client-secret", "token_request_method": "POST",
	// "token_url": "https://api.amazon.com/auth/o2/token" }
	//
	// Google
	//
	// Create or update request: "ProviderDetails": { "authorize_scopes": "email
	// profile openid", "client_id": "1example23456789.apps.googleusercontent.com",
	// "client_secret": "provider-app-client-secret" }
	//
	// Describe response: "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=",
	// "attributes_url_add_attributes": "true", "authorize_scopes": "email profile
	// openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth",
	// "client_id": "1example23456789.apps.googleusercontent.com", "client_secret":
	// "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com",
	// "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token"
	// }
	//
	// SignInWithApple
	//
	// Create or update request: "ProviderDetails": { "authorize_scopes": "email
	// name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id":
	// "2EXAMPLE", "team_id": "3EXAMPLE" }
	//
	// Describe response: "ProviderDetails": { "attributes_url_add_attributes":
	// "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize",
	// "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer":
	// "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method":
	// "POST", "token_url": "https://appleid.apple.com/auth/token" }
	//
	// Facebook
	//
	// Create or update request: "ProviderDetails": { "api_version": "v17.0", "authorize_scopes":
	// "public_profile, email", "client_id": "1example23456789", "client_secret":
	// "provider-app-client-secret" }
	//
	// Describe response: "ProviderDetails": { "api_version": "v17.0", "attributes_url":
	// "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes":
	// "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth",
	// "client_id": "1example23456789", "client_secret": "provider-app-client-secret",
	// "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token"
	// }
	ProviderDetails map[string]*string `type:"map"`

	// The IdP name.
	//
	// ProviderName is a required field
	ProviderName *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateIdentityProviderInput) GoString added in v1.8.33

func (s UpdateIdentityProviderInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateIdentityProviderInput) SetAttributeMapping added in v1.8.33

func (s *UpdateIdentityProviderInput) SetAttributeMapping(v map[string]*string) *UpdateIdentityProviderInput

SetAttributeMapping sets the AttributeMapping field's value.

func (*UpdateIdentityProviderInput) SetIdpIdentifiers added in v1.8.33

SetIdpIdentifiers sets the IdpIdentifiers field's value.

func (*UpdateIdentityProviderInput) SetProviderDetails added in v1.8.33

SetProviderDetails sets the ProviderDetails field's value.

func (*UpdateIdentityProviderInput) SetProviderName added in v1.8.33

SetProviderName sets the ProviderName field's value.

func (*UpdateIdentityProviderInput) SetUserPoolId added in v1.8.33

SetUserPoolId sets the UserPoolId field's value.

func (UpdateIdentityProviderInput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateIdentityProviderInput) Validate added in v1.8.33

func (s *UpdateIdentityProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateIdentityProviderOutput added in v1.8.33

type UpdateIdentityProviderOutput struct {

	// The identity provider details.
	//
	// IdentityProvider is a required field
	IdentityProvider *IdentityProviderType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateIdentityProviderOutput) GoString added in v1.8.33

func (s UpdateIdentityProviderOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateIdentityProviderOutput) SetIdentityProvider added in v1.8.33

SetIdentityProvider sets the IdentityProvider field's value.

func (UpdateIdentityProviderOutput) String added in v1.8.33

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateResourceServerInput added in v1.10.24

type UpdateResourceServerInput struct {

	// A unique resource server identifier for the resource server. The identifier
	// can be an API friendly name like solar-system-data. You can also set an API
	// URL like https://solar-system-data-api.example.com as your identifier.
	//
	// Amazon Cognito represents scopes in the access token in the format $resource-server-identifier/$scope.
	// Longer scope-identifier strings increase the size of your access tokens.
	//
	// Identifier is a required field
	Identifier *string `min:"1" type:"string" required:"true"`

	// The name of the resource server.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// The scope values to be set for the resource server.
	Scopes []*ResourceServerScopeType `type:"list"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateResourceServerInput) GoString added in v1.10.24

func (s UpdateResourceServerInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateResourceServerInput) SetIdentifier added in v1.10.24

SetIdentifier sets the Identifier field's value.

func (*UpdateResourceServerInput) SetName added in v1.10.24

SetName sets the Name field's value.

func (*UpdateResourceServerInput) SetScopes added in v1.10.24

SetScopes sets the Scopes field's value.

func (*UpdateResourceServerInput) SetUserPoolId added in v1.10.24

SetUserPoolId sets the UserPoolId field's value.

func (UpdateResourceServerInput) String added in v1.10.24

func (s UpdateResourceServerInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateResourceServerInput) Validate added in v1.10.24

func (s *UpdateResourceServerInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateResourceServerOutput added in v1.10.24

type UpdateResourceServerOutput struct {

	// The resource server.
	//
	// ResourceServer is a required field
	ResourceServer *ResourceServerType `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateResourceServerOutput) GoString added in v1.10.24

func (s UpdateResourceServerOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateResourceServerOutput) SetResourceServer added in v1.10.24

SetResourceServer sets the ResourceServer field's value.

func (UpdateResourceServerOutput) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateUserAttributesInput

type UpdateUserAttributesInput struct {

	// A valid access token that Amazon Cognito issued to the user whose user attributes
	// you want to update.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateUserAttributesInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action initiates.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the UpdateUserAttributes API action, Amazon Cognito invokes
	// the function that is assigned to the custom message trigger. When Amazon
	// Cognito invokes this function, it passes a JSON payload, which the function
	// receives as input. This payload contains a clientMetadata attribute, which
	// provides the data that you assigned to the ClientMetadata parameter in your
	// UpdateUserAttributes request. In your function code in Lambda, you can process
	// the clientMetadata value to enhance your workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// An array of name-value pairs representing user attributes.
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	//
	// If you have set an attribute to require verification before Amazon Cognito
	// updates its value, this request doesn’t immediately update the value of
	// that attribute. After your user receives and responds to a verification message
	// to verify the new value, Amazon Cognito updates the attribute value. Your
	// user can sign in and receive messages with the original attribute value until
	// they verify the new value.
	//
	// UserAttributes is a required field
	UserAttributes []*AttributeType `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to update user attributes.

func (UpdateUserAttributesInput) GoString

func (s UpdateUserAttributesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserAttributesInput) SetAccessToken added in v1.5.0

SetAccessToken sets the AccessToken field's value.

func (*UpdateUserAttributesInput) SetClientMetadata added in v1.25.6

func (s *UpdateUserAttributesInput) SetClientMetadata(v map[string]*string) *UpdateUserAttributesInput

SetClientMetadata sets the ClientMetadata field's value.

func (*UpdateUserAttributesInput) SetUserAttributes added in v1.5.0

SetUserAttributes sets the UserAttributes field's value.

func (UpdateUserAttributesInput) String

func (s UpdateUserAttributesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserAttributesInput) Validate added in v1.1.21

func (s *UpdateUserAttributesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateUserAttributesOutput

type UpdateUserAttributesOutput struct {

	// The code delivery details list from the server for the request to update
	// user attributes.
	CodeDeliveryDetailsList []*CodeDeliveryDetailsType `type:"list"`
	// contains filtered or unexported fields
}

Represents the response from the server for the request to update user attributes.

func (UpdateUserAttributesOutput) GoString

func (s UpdateUserAttributesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserAttributesOutput) SetCodeDeliveryDetailsList added in v1.5.0

SetCodeDeliveryDetailsList sets the CodeDeliveryDetailsList field's value.

func (UpdateUserAttributesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateUserPoolClientInput

type UpdateUserPoolClientInput struct {

	// The access token time limit. After this limit expires, your user can't use
	// their access token. To specify the time unit for AccessTokenValidity as seconds,
	// minutes, hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set AccessTokenValidity to 10 and TokenValidityUnits
	// to hours, your user can authorize access with their access token for 10 hours.
	//
	// The default time unit for AccessTokenValidity in an API request is hours.
	// Valid range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// access tokens are valid for one hour.
	AccessTokenValidity *int64 `min:"1" type:"integer"`

	// The allowed OAuth flows.
	//
	// code
	//
	// Use a code grant flow, which provides an authorization code as the response.
	// This code can be exchanged for access tokens with the /oauth2/token endpoint.
	//
	// implicit
	//
	// Issue the access token (and, optionally, ID token, based on scopes) directly
	// to your user.
	//
	// client_credentials
	//
	// Issue the access token from the /oauth2/token endpoint directly to a non-person
	// user using a combination of the client ID and client secret.
	AllowedOAuthFlows []*string `type:"list" enum:"OAuthFlowType"`

	// Set to true to use OAuth 2.0 features in your user pool app client.
	//
	// AllowedOAuthFlowsUserPoolClient must be true before you can configure the
	// following features in your app client.
	//
	//    * CallBackURLs: Callback URLs.
	//
	//    * LogoutURLs: Sign-out redirect URLs.
	//
	//    * AllowedOAuthScopes: OAuth 2.0 scopes.
	//
	//    * AllowedOAuthFlows: Support for authorization code, implicit, and client
	//    credentials OAuth 2.0 grants.
	//
	// To use OAuth 2.0 features, configure one of these features in the Amazon
	// Cognito console or set AllowedOAuthFlowsUserPoolClient to true in a CreateUserPoolClient
	// or UpdateUserPoolClient API request. If you don't set a value for AllowedOAuthFlowsUserPoolClient
	// in a request with the CLI or SDKs, it defaults to false.
	AllowedOAuthFlowsUserPoolClient *bool `type:"boolean"`

	// The allowed OAuth scopes. Possible values provided by OAuth are phone, email,
	// openid, and profile. Possible values provided by Amazon Web Services are
	// aws.cognito.signin.user.admin. Custom scopes created in Resource Servers
	// are also supported.
	AllowedOAuthScopes []*string `type:"list"`

	// The Amazon Pinpoint analytics configuration necessary to collect metrics
	// for this user pool.
	//
	// In Amazon Web Services Regions where Amazon Pinpoint isn't available, user
	// pools only support sending events to Amazon Pinpoint projects in us-east-1.
	// In Regions where Amazon Pinpoint is available, user pools support sending
	// events to Amazon Pinpoint projects within that same Region.
	AnalyticsConfiguration *AnalyticsConfigurationType `type:"structure"`

	// Amazon Cognito creates a session token for each API request in an authentication
	// flow. AuthSessionValidity is the duration, in minutes, of that session token.
	// Your user pool native user must respond to each authentication challenge
	// before the session expires.
	AuthSessionValidity *int64 `min:"3" type:"integer"`

	// A list of allowed redirect (callback) URLs for the IdPs.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	CallbackURLs []*string `type:"list"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateUserPoolClientInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The client name from the update user pool client request.
	ClientName *string `min:"1" type:"string"`

	// The default redirect URI. Must be in the CallbackURLs list.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	DefaultRedirectURI *string `min:"1" type:"string"`

	// Activates the propagation of additional user context data. For more information
	// about propagation of user context data, see Adding advanced security to a
	// user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
	// If you don’t include this parameter, you can't send device fingerprint
	// information, including source IP address, to Amazon Cognito advanced security.
	// You can only activate EnablePropagateAdditionalUserContextData in an app
	// client that has a client secret.
	EnablePropagateAdditionalUserContextData *bool `type:"boolean"`

	// Activates or deactivates token revocation. For more information about revoking
	// tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).
	EnableTokenRevocation *bool `type:"boolean"`

	// The authentication flows that you want your user pool client to support.
	// For each app client in your user pool, you can sign in your users with any
	// combination of one or more flows, including with a user name and Secure Remote
	// Password (SRP), a user name and password, or a custom authentication process
	// that you define with Lambda functions.
	//
	// If you don't specify a value for ExplicitAuthFlows, your user client supports
	// ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
	//
	// Valid values include:
	//
	//    * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication
	//    flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH
	//    setting. With this authentication flow, your app passes a user name and
	//    password to Amazon Cognito in the request, instead of using the Secure
	//    Remote Password (SRP) protocol to securely transmit the password.
	//
	//    * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
	//
	//    * ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication.
	//    In this flow, Amazon Cognito receives the password in the request instead
	//    of using the SRP protocol to verify passwords.
	//
	//    * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
	//
	//    * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
	//
	// In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
	// or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values
	// to user pool clients at the same time as values that begin with ALLOW_, like
	// ALLOW_USER_SRP_AUTH.
	ExplicitAuthFlows []*string `type:"list" enum:"ExplicitAuthFlowsType"`

	// The ID token time limit. After this limit expires, your user can't use their
	// ID token. To specify the time unit for IdTokenValidity as seconds, minutes,
	// hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set IdTokenValidity as 10 and TokenValidityUnits as
	// hours, your user can authenticate their session with their ID token for 10
	// hours.
	//
	// The default time unit for IdTokenValidity in an API request is hours. Valid
	// range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// ID tokens are valid for one hour.
	IdTokenValidity *int64 `min:"1" type:"integer"`

	// A list of allowed logout URLs for the IdPs.
	LogoutURLs []*string `type:"list"`

	// Errors and responses that you want Amazon Cognito APIs to return during authentication,
	// account confirmation, and password recovery when the user doesn't exist in
	// the user pool. When set to ENABLED and the user doesn't exist, authentication
	// returns an error indicating either the username or password was incorrect.
	// Account confirmation and password recovery return a response indicating a
	// code was sent to a simulated destination. When set to LEGACY, those APIs
	// return a UserNotFoundException exception if the user doesn't exist in the
	// user pool.
	//
	// Valid values include:
	//
	//    * ENABLED - This prevents user existence-related errors.
	//
	//    * LEGACY - This represents the early behavior of Amazon Cognito where
	//    user existence related errors aren't prevented.
	PreventUserExistenceErrors *string `type:"string" enum:"PreventUserExistenceErrorTypes"`

	// The list of user attributes that you want your app client to have read-only
	// access to. After your user authenticates in your app, their access token
	// authorizes them to read their own attribute value for any attribute in this
	// list. An example of this kind of activity is when your user selects a link
	// to view their profile information. Your app makes a GetUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html)
	// API request to retrieve and display your user's profile data.
	//
	// When you don't specify the ReadAttributes for your app client, your app can
	// read the values of email_verified, phone_number_verified, and the Standard
	// attributes of your user pool. When your user pool has read access to these
	// default attributes, ReadAttributes doesn't return any information. Amazon
	// Cognito only populates ReadAttributes in the API response if you have specified
	// your own custom set of read attributes.
	ReadAttributes []*string `type:"list"`

	// The refresh token time limit. After this limit expires, your user can't use
	// their refresh token. To specify the time unit for RefreshTokenValidity as
	// seconds, minutes, hours, or days, set a TokenValidityUnits value in your
	// API request.
	//
	// For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits
	// as days, your user can refresh their session and retrieve new access and
	// ID tokens for 10 days.
	//
	// The default time unit for RefreshTokenValidity in an API request is days.
	// You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides
	// the value with the default value of 30 days. Valid range is displayed below
	// in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// refresh tokens are valid for 30 days.
	RefreshTokenValidity *int64 `type:"integer"`

	// A list of provider names for the IdPs that this client supports. The following
	// are supported: COGNITO, Facebook, Google, SignInWithApple, LoginWithAmazon,
	// and the names of your own SAML and OIDC providers.
	SupportedIdentityProviders []*string `type:"list"`

	// The time units you use when you set the duration of ID, access, and refresh
	// tokens. The default unit for RefreshToken is days, and the default for ID
	// and access tokens is hours.
	TokenValidityUnits *TokenValidityUnitsType `type:"structure"`

	// The user pool ID for the user pool where you want to update the user pool
	// client.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The list of user attributes that you want your app client to have write access
	// to. After your user authenticates in your app, their access token authorizes
	// them to set or modify their own attribute value for any attribute in this
	// list. An example of this kind of activity is when you present your user with
	// a form to update their profile information and they change their last name.
	// Your app then makes an UpdateUserAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html)
	// API request and sets family_name to the new value.
	//
	// When you don't specify the WriteAttributes for your app client, your app
	// can write the values of the Standard attributes of your user pool. When your
	// user pool has write access to these default attributes, WriteAttributes doesn't
	// return any information. Amazon Cognito only populates WriteAttributes in
	// the API response if you have specified your own custom set of write attributes.
	//
	// If your app client allows users to sign in through an IdP, this array must
	// include all attributes that you have mapped to IdP attributes. Amazon Cognito
	// updates mapped attributes when users sign in to your application through
	// an IdP. If your app client does not have write access to a mapped attribute,
	// Amazon Cognito throws an error when it tries to update the attribute. For
	// more information, see Specifying IdP Attribute Mappings for Your user pool
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html).
	WriteAttributes []*string `type:"list"`
	// contains filtered or unexported fields
}

Represents the request to update the user pool client.

func (UpdateUserPoolClientInput) GoString

func (s UpdateUserPoolClientInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserPoolClientInput) SetAccessTokenValidity added in v1.34.4

func (s *UpdateUserPoolClientInput) SetAccessTokenValidity(v int64) *UpdateUserPoolClientInput

SetAccessTokenValidity sets the AccessTokenValidity field's value.

func (*UpdateUserPoolClientInput) SetAllowedOAuthFlows added in v1.8.33

func (s *UpdateUserPoolClientInput) SetAllowedOAuthFlows(v []*string) *UpdateUserPoolClientInput

SetAllowedOAuthFlows sets the AllowedOAuthFlows field's value.

func (*UpdateUserPoolClientInput) SetAllowedOAuthFlowsUserPoolClient added in v1.8.33

func (s *UpdateUserPoolClientInput) SetAllowedOAuthFlowsUserPoolClient(v bool) *UpdateUserPoolClientInput

SetAllowedOAuthFlowsUserPoolClient sets the AllowedOAuthFlowsUserPoolClient field's value.

func (*UpdateUserPoolClientInput) SetAllowedOAuthScopes added in v1.8.33

func (s *UpdateUserPoolClientInput) SetAllowedOAuthScopes(v []*string) *UpdateUserPoolClientInput

SetAllowedOAuthScopes sets the AllowedOAuthScopes field's value.

func (*UpdateUserPoolClientInput) SetAnalyticsConfiguration added in v1.12.35

SetAnalyticsConfiguration sets the AnalyticsConfiguration field's value.

func (*UpdateUserPoolClientInput) SetAuthSessionValidity added in v1.44.91

func (s *UpdateUserPoolClientInput) SetAuthSessionValidity(v int64) *UpdateUserPoolClientInput

SetAuthSessionValidity sets the AuthSessionValidity field's value.

func (*UpdateUserPoolClientInput) SetCallbackURLs added in v1.8.33

SetCallbackURLs sets the CallbackURLs field's value.

func (*UpdateUserPoolClientInput) SetClientId added in v1.5.0

SetClientId sets the ClientId field's value.

func (*UpdateUserPoolClientInput) SetClientName added in v1.5.0

SetClientName sets the ClientName field's value.

func (*UpdateUserPoolClientInput) SetDefaultRedirectURI added in v1.8.33

func (s *UpdateUserPoolClientInput) SetDefaultRedirectURI(v string) *UpdateUserPoolClientInput

SetDefaultRedirectURI sets the DefaultRedirectURI field's value.

func (*UpdateUserPoolClientInput) SetEnablePropagateAdditionalUserContextData added in v1.44.25

func (s *UpdateUserPoolClientInput) SetEnablePropagateAdditionalUserContextData(v bool) *UpdateUserPoolClientInput

SetEnablePropagateAdditionalUserContextData sets the EnablePropagateAdditionalUserContextData field's value.

func (*UpdateUserPoolClientInput) SetEnableTokenRevocation added in v1.38.59

func (s *UpdateUserPoolClientInput) SetEnableTokenRevocation(v bool) *UpdateUserPoolClientInput

SetEnableTokenRevocation sets the EnableTokenRevocation field's value.

func (*UpdateUserPoolClientInput) SetExplicitAuthFlows added in v1.5.0

func (s *UpdateUserPoolClientInput) SetExplicitAuthFlows(v []*string) *UpdateUserPoolClientInput

SetExplicitAuthFlows sets the ExplicitAuthFlows field's value.

func (*UpdateUserPoolClientInput) SetIdTokenValidity added in v1.34.4

func (s *UpdateUserPoolClientInput) SetIdTokenValidity(v int64) *UpdateUserPoolClientInput

SetIdTokenValidity sets the IdTokenValidity field's value.

func (*UpdateUserPoolClientInput) SetLogoutURLs added in v1.8.33

SetLogoutURLs sets the LogoutURLs field's value.

func (*UpdateUserPoolClientInput) SetPreventUserExistenceErrors added in v1.25.35

func (s *UpdateUserPoolClientInput) SetPreventUserExistenceErrors(v string) *UpdateUserPoolClientInput

SetPreventUserExistenceErrors sets the PreventUserExistenceErrors field's value.

func (*UpdateUserPoolClientInput) SetReadAttributes added in v1.5.0

func (s *UpdateUserPoolClientInput) SetReadAttributes(v []*string) *UpdateUserPoolClientInput

SetReadAttributes sets the ReadAttributes field's value.

func (*UpdateUserPoolClientInput) SetRefreshTokenValidity added in v1.5.0

func (s *UpdateUserPoolClientInput) SetRefreshTokenValidity(v int64) *UpdateUserPoolClientInput

SetRefreshTokenValidity sets the RefreshTokenValidity field's value.

func (*UpdateUserPoolClientInput) SetSupportedIdentityProviders added in v1.8.33

func (s *UpdateUserPoolClientInput) SetSupportedIdentityProviders(v []*string) *UpdateUserPoolClientInput

SetSupportedIdentityProviders sets the SupportedIdentityProviders field's value.

func (*UpdateUserPoolClientInput) SetTokenValidityUnits added in v1.34.4

SetTokenValidityUnits sets the TokenValidityUnits field's value.

func (*UpdateUserPoolClientInput) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (*UpdateUserPoolClientInput) SetWriteAttributes added in v1.5.0

func (s *UpdateUserPoolClientInput) SetWriteAttributes(v []*string) *UpdateUserPoolClientInput

SetWriteAttributes sets the WriteAttributes field's value.

func (UpdateUserPoolClientInput) String

func (s UpdateUserPoolClientInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserPoolClientInput) Validate added in v1.1.21

func (s *UpdateUserPoolClientInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateUserPoolClientOutput

type UpdateUserPoolClientOutput struct {

	// The user pool client value from the response from the server when you request
	// to update the user pool client.
	UserPoolClient *UserPoolClientType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the response from the server to the request to update the user pool client.

func (UpdateUserPoolClientOutput) GoString

func (s UpdateUserPoolClientOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserPoolClientOutput) SetUserPoolClient added in v1.5.0

SetUserPoolClient sets the UserPoolClient field's value.

func (UpdateUserPoolClientOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateUserPoolDomainInput added in v1.16.10

type UpdateUserPoolDomainInput struct {

	// The configuration for a custom domain that hosts the sign-up and sign-in
	// pages for your application. Use this object to specify an SSL certificate
	// that is managed by ACM.
	//
	// CustomDomainConfig is a required field
	CustomDomainConfig *CustomDomainConfigType `type:"structure" required:"true"`

	// The domain name for the custom domain that hosts the sign-up and sign-in
	// pages for your application. One example might be auth.example.com.
	//
	// This string can include only lowercase letters, numbers, and hyphens. Don't
	// use a hyphen for the first or last character. Use periods to separate subdomain
	// names.
	//
	// Domain is a required field
	Domain *string `min:"1" type:"string" required:"true"`

	// The ID of the user pool that is associated with the custom domain whose certificate
	// you're updating.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

The UpdateUserPoolDomain request input.

func (UpdateUserPoolDomainInput) GoString added in v1.16.10

func (s UpdateUserPoolDomainInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserPoolDomainInput) SetCustomDomainConfig added in v1.16.10

SetCustomDomainConfig sets the CustomDomainConfig field's value.

func (*UpdateUserPoolDomainInput) SetDomain added in v1.16.10

SetDomain sets the Domain field's value.

func (*UpdateUserPoolDomainInput) SetUserPoolId added in v1.16.10

SetUserPoolId sets the UserPoolId field's value.

func (UpdateUserPoolDomainInput) String added in v1.16.10

func (s UpdateUserPoolDomainInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserPoolDomainInput) Validate added in v1.16.10

func (s *UpdateUserPoolDomainInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateUserPoolDomainOutput added in v1.16.10

type UpdateUserPoolDomainOutput struct {

	// The Amazon CloudFront endpoint that Amazon Cognito set up when you added
	// the custom domain to your user pool.
	CloudFrontDomain *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

The UpdateUserPoolDomain response output.

func (UpdateUserPoolDomainOutput) GoString added in v1.16.10

func (s UpdateUserPoolDomainOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserPoolDomainOutput) SetCloudFrontDomain added in v1.16.10

SetCloudFrontDomain sets the CloudFrontDomain field's value.

func (UpdateUserPoolDomainOutput) String added in v1.16.10

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateUserPoolInput

type UpdateUserPoolInput struct {

	// The available verified method a user can use to recover their password when
	// they call ForgotPassword. You can use this setting to define a preferred
	// method when a user has more than one method available. With this setting,
	// SMS doesn't qualify for a valid password recovery mechanism if the user also
	// has SMS multi-factor authentication (MFA) activated. In the absence of this
	// setting, Amazon Cognito uses the legacy behavior to determine the recovery
	// method where SMS is preferred through email.
	AccountRecoverySetting *AccountRecoverySettingType `type:"structure"`

	// The configuration for AdminCreateUser requests.
	AdminCreateUserConfig *AdminCreateUserConfigType `type:"structure"`

	// The attributes that are automatically verified when Amazon Cognito requests
	// to update user pools.
	AutoVerifiedAttributes []*string `type:"list" enum:"VerifiedAttributeType"`

	// When active, DeletionProtection prevents accidental deletion of your user
	// pool. Before you can delete a user pool that you have protected against deletion,
	// you must deactivate this feature.
	//
	// When you try to delete a protected user pool in a DeleteUserPool API request,
	// Amazon Cognito returns an InvalidParameterException error. To delete a protected
	// user pool, send a new DeleteUserPool request after you deactivate deletion
	// protection in an UpdateUserPool API request.
	DeletionProtection *string `type:"string" enum:"DeletionProtectionType"`

	// The device-remembering configuration for a user pool. A null value indicates
	// that you have deactivated device remembering in your user pool.
	//
	// When you provide a value for any DeviceConfiguration field, you activate
	// the Amazon Cognito device-remembering feature.
	DeviceConfiguration *DeviceConfigurationType `type:"structure"`

	// The email configuration of your user pool. The email configuration type sets
	// your preferred sending method, Amazon Web Services Region, and sender for
	// email invitation and verification messages from your user pool.
	EmailConfiguration *EmailConfigurationType `type:"structure"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationMessage *string `min:"6" type:"string"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationSubject *string `min:"1" type:"string"`

	// The Lambda configuration information from the request to update the user
	// pool.
	LambdaConfig *LambdaConfigType `type:"structure"`

	// Possible values include:
	//
	//    * OFF - MFA tokens aren't required and can't be specified during user
	//    registration.
	//
	//    * ON - MFA tokens are required for all user registrations. You can only
	//    specify ON when you're initially creating a user pool. You can use the
	//    SetUserPoolMfaConfig (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html)
	//    API operation to turn MFA "ON" for existing user pools.
	//
	//    * OPTIONAL - Users have the option when registering to create an MFA token.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// A container with the policies you want to update in a user pool.
	Policies *UserPoolPolicyType `type:"structure"`

	// The contents of the SMS authentication message.
	SmsAuthenticationMessage *string `min:"6" type:"string"`

	// The SMS configuration with the settings that your Amazon Cognito user pool
	// must use to send an SMS message from your Amazon Web Services account through
	// Amazon Simple Notification Service. To send SMS messages with Amazon SNS
	// in the Amazon Web Services Region that you want, the Amazon Cognito user
	// pool uses an Identity and Access Management (IAM) role in your Amazon Web
	// Services account.
	SmsConfiguration *SmsConfigurationType `type:"structure"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	SmsVerificationMessage *string `min:"6" type:"string"`

	// The settings for updates to user attributes. These settings include the property
	// AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells
	// Amazon Cognito how to handle changes to the value of your users' email address
	// and phone number attributes. For more information, see Verifying updates
	// to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates).
	UserAttributeUpdateSettings *UserAttributeUpdateSettingsType `type:"structure"`

	// User pool add-ons. Contains settings for activation of advanced security
	// features. To log user security information but take no action, set to AUDIT.
	// To configure automatic security responses to risky traffic to your user pool,
	// set to ENFORCED.
	//
	// For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
	UserPoolAddOns *UserPoolAddOnsType `type:"structure"`

	// The user pool ID for the user pool you want to update.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The tag keys and values to assign to the user pool. A tag is a label that
	// you can use to categorize and manage user pools in different ways, such as
	// by purpose, owner, environment, or other criteria.
	UserPoolTags map[string]*string `type:"map"`

	// The template for verification messages.
	VerificationMessageTemplate *VerificationMessageTemplateType `type:"structure"`
	// contains filtered or unexported fields
}

Represents the request to update the user pool.

func (UpdateUserPoolInput) GoString

func (s UpdateUserPoolInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserPoolInput) SetAccountRecoverySetting added in v1.25.43

func (s *UpdateUserPoolInput) SetAccountRecoverySetting(v *AccountRecoverySettingType) *UpdateUserPoolInput

SetAccountRecoverySetting sets the AccountRecoverySetting field's value.

func (*UpdateUserPoolInput) SetAdminCreateUserConfig added in v1.5.0

func (s *UpdateUserPoolInput) SetAdminCreateUserConfig(v *AdminCreateUserConfigType) *UpdateUserPoolInput

SetAdminCreateUserConfig sets the AdminCreateUserConfig field's value.

func (*UpdateUserPoolInput) SetAutoVerifiedAttributes added in v1.5.0

func (s *UpdateUserPoolInput) SetAutoVerifiedAttributes(v []*string) *UpdateUserPoolInput

SetAutoVerifiedAttributes sets the AutoVerifiedAttributes field's value.

func (*UpdateUserPoolInput) SetDeletionProtection added in v1.44.121

func (s *UpdateUserPoolInput) SetDeletionProtection(v string) *UpdateUserPoolInput

SetDeletionProtection sets the DeletionProtection field's value.

func (*UpdateUserPoolInput) SetDeviceConfiguration added in v1.5.0

func (s *UpdateUserPoolInput) SetDeviceConfiguration(v *DeviceConfigurationType) *UpdateUserPoolInput

SetDeviceConfiguration sets the DeviceConfiguration field's value.

func (*UpdateUserPoolInput) SetEmailConfiguration added in v1.5.0

func (s *UpdateUserPoolInput) SetEmailConfiguration(v *EmailConfigurationType) *UpdateUserPoolInput

SetEmailConfiguration sets the EmailConfiguration field's value.

func (*UpdateUserPoolInput) SetEmailVerificationMessage added in v1.5.0

func (s *UpdateUserPoolInput) SetEmailVerificationMessage(v string) *UpdateUserPoolInput

SetEmailVerificationMessage sets the EmailVerificationMessage field's value.

func (*UpdateUserPoolInput) SetEmailVerificationSubject added in v1.5.0

func (s *UpdateUserPoolInput) SetEmailVerificationSubject(v string) *UpdateUserPoolInput

SetEmailVerificationSubject sets the EmailVerificationSubject field's value.

func (*UpdateUserPoolInput) SetLambdaConfig added in v1.5.0

SetLambdaConfig sets the LambdaConfig field's value.

func (*UpdateUserPoolInput) SetMfaConfiguration added in v1.5.0

func (s *UpdateUserPoolInput) SetMfaConfiguration(v string) *UpdateUserPoolInput

SetMfaConfiguration sets the MfaConfiguration field's value.

func (*UpdateUserPoolInput) SetPolicies added in v1.5.0

SetPolicies sets the Policies field's value.

func (*UpdateUserPoolInput) SetSmsAuthenticationMessage added in v1.5.0

func (s *UpdateUserPoolInput) SetSmsAuthenticationMessage(v string) *UpdateUserPoolInput

SetSmsAuthenticationMessage sets the SmsAuthenticationMessage field's value.

func (*UpdateUserPoolInput) SetSmsConfiguration added in v1.5.0

func (s *UpdateUserPoolInput) SetSmsConfiguration(v *SmsConfigurationType) *UpdateUserPoolInput

SetSmsConfiguration sets the SmsConfiguration field's value.

func (*UpdateUserPoolInput) SetSmsVerificationMessage added in v1.5.0

func (s *UpdateUserPoolInput) SetSmsVerificationMessage(v string) *UpdateUserPoolInput

SetSmsVerificationMessage sets the SmsVerificationMessage field's value.

func (*UpdateUserPoolInput) SetUserAttributeUpdateSettings added in v1.44.21

func (s *UpdateUserPoolInput) SetUserAttributeUpdateSettings(v *UserAttributeUpdateSettingsType) *UpdateUserPoolInput

SetUserAttributeUpdateSettings sets the UserAttributeUpdateSettings field's value.

func (*UpdateUserPoolInput) SetUserPoolAddOns added in v1.12.35

SetUserPoolAddOns sets the UserPoolAddOns field's value.

func (*UpdateUserPoolInput) SetUserPoolId added in v1.5.0

func (s *UpdateUserPoolInput) SetUserPoolId(v string) *UpdateUserPoolInput

SetUserPoolId sets the UserPoolId field's value.

func (*UpdateUserPoolInput) SetUserPoolTags added in v1.6.4

func (s *UpdateUserPoolInput) SetUserPoolTags(v map[string]*string) *UpdateUserPoolInput

SetUserPoolTags sets the UserPoolTags field's value.

func (*UpdateUserPoolInput) SetVerificationMessageTemplate added in v1.10.24

func (s *UpdateUserPoolInput) SetVerificationMessageTemplate(v *VerificationMessageTemplateType) *UpdateUserPoolInput

SetVerificationMessageTemplate sets the VerificationMessageTemplate field's value.

func (UpdateUserPoolInput) String

func (s UpdateUserPoolInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserPoolInput) Validate added in v1.1.21

func (s *UpdateUserPoolInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateUserPoolOutput

type UpdateUserPoolOutput struct {
	// contains filtered or unexported fields
}

Represents the response from the server when you make a request to update the user pool.

func (UpdateUserPoolOutput) GoString

func (s UpdateUserPoolOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateUserPoolOutput) String

func (s UpdateUserPoolOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserAttributeUpdateSettingsType added in v1.44.21

type UserAttributeUpdateSettingsType struct {

	// Requires that your user verifies their email address, phone number, or both
	// before Amazon Cognito updates the value of that attribute. When you update
	// a user attribute that has this option activated, Amazon Cognito sends a verification
	// message to the new phone number or email address. Amazon Cognito doesn’t
	// change the value of the attribute until your user responds to the verification
	// message and confirms the new value.
	//
	// You can verify an updated email address or phone number with a VerifyUserAttribute
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifyUserAttribute.html)
	// API request. You can also call the AdminUpdateUserAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html)
	// API and set email_verified or phone_number_verified to true.
	//
	// When AttributesRequireVerificationBeforeUpdate is false, your user pool doesn't
	// require that your users verify attribute changes before Amazon Cognito updates
	// them. In a user pool where AttributesRequireVerificationBeforeUpdate is false,
	// API operations that change attribute values can immediately update a user’s
	// email or phone_number attribute.
	AttributesRequireVerificationBeforeUpdate []*string `type:"list" enum:"VerifiedAttributeType"`
	// contains filtered or unexported fields
}

The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For more information, see Verifying updates to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates).

func (UserAttributeUpdateSettingsType) GoString added in v1.44.21

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserAttributeUpdateSettingsType) SetAttributesRequireVerificationBeforeUpdate added in v1.44.21

func (s *UserAttributeUpdateSettingsType) SetAttributesRequireVerificationBeforeUpdate(v []*string) *UserAttributeUpdateSettingsType

SetAttributesRequireVerificationBeforeUpdate sets the AttributesRequireVerificationBeforeUpdate field's value.

func (UserAttributeUpdateSettingsType) String added in v1.44.21

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserContextDataType added in v1.12.35

type UserContextDataType struct {

	// Encoded device-fingerprint details that your app collected with the Amazon
	// Cognito context data collection library. For more information, see Adding
	// user device and session data to API requests (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint).
	EncodedData *string `type:"string"`

	// The source IP address of your user's device.
	IpAddress *string `type:"string"`
	// contains filtered or unexported fields
}

Contextual data, such as the user's device fingerprint, IP address, or location, used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.

func (UserContextDataType) GoString added in v1.12.35

func (s UserContextDataType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserContextDataType) SetEncodedData added in v1.12.35

func (s *UserContextDataType) SetEncodedData(v string) *UserContextDataType

SetEncodedData sets the EncodedData field's value.

func (*UserContextDataType) SetIpAddress added in v1.44.25

func (s *UserContextDataType) SetIpAddress(v string) *UserContextDataType

SetIpAddress sets the IpAddress field's value.

func (UserContextDataType) String added in v1.12.35

func (s UserContextDataType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserImportInProgressException added in v1.28.0

type UserImportInProgressException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the user pool has an import job running.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.

func (*UserImportInProgressException) Code added in v1.28.0

Code returns the exception type name.

func (*UserImportInProgressException) Error added in v1.28.0

func (UserImportInProgressException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserImportInProgressException) Message added in v1.28.0

Message returns the exception's message.

func (*UserImportInProgressException) OrigErr added in v1.28.0

func (s *UserImportInProgressException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UserImportInProgressException) RequestID added in v1.28.0

func (s *UserImportInProgressException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UserImportInProgressException) StatusCode added in v1.28.0

func (s *UserImportInProgressException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UserImportInProgressException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserImportJobType added in v1.4.6

type UserImportJobType struct {

	// The role Amazon Resource Name (ARN) for the Amazon CloudWatch Logging role
	// for the user import job. For more information, see "Creating the CloudWatch
	// Logs IAM Role" in the Amazon Cognito Developer Guide.
	CloudWatchLogsRoleArn *string `min:"20" type:"string"`

	// The date when the user import job was completed.
	CompletionDate *time.Time `type:"timestamp"`

	// The message returned when the user import job is completed.
	CompletionMessage *string `min:"1" type:"string"`

	// The date and time when the item was created. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	CreationDate *time.Time `type:"timestamp"`

	// The number of users that couldn't be imported.
	FailedUsers *int64 `type:"long"`

	// The number of users that were successfully imported.
	ImportedUsers *int64 `type:"long"`

	// The job ID for the user import job.
	JobId *string `min:"1" type:"string"`

	// The job name for the user import job.
	JobName *string `min:"1" type:"string"`

	// The pre-signed URL to be used to upload the .csv file.
	PreSignedUrl *string `type:"string"`

	// The number of users that were skipped.
	SkippedUsers *int64 `type:"long"`

	// The date when the user import job was started.
	StartDate *time.Time `type:"timestamp"`

	// The status of the user import job. One of the following:
	//
	//    * Created - The job was created but not started.
	//
	//    * Pending - A transition state. You have started the job, but it has not
	//    begun importing users yet.
	//
	//    * InProgress - The job has started, and users are being imported.
	//
	//    * Stopping - You have stopped the job, but the job has not stopped importing
	//    users yet.
	//
	//    * Stopped - You have stopped the job, and the job has stopped importing
	//    users.
	//
	//    * Succeeded - The job has completed successfully.
	//
	//    * Failed - The job has stopped due to an error.
	//
	//    * Expired - You created a job, but did not start the job within 24-48
	//    hours. All data associated with the job was deleted, and the job can't
	//    be started.
	Status *string `type:"string" enum:"UserImportJobStatusType"`

	// The user pool ID for the user pool that the users are being imported into.
	UserPoolId *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

The user import job type.

func (UserImportJobType) GoString added in v1.4.6

func (s UserImportJobType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserImportJobType) SetCloudWatchLogsRoleArn added in v1.5.0

func (s *UserImportJobType) SetCloudWatchLogsRoleArn(v string) *UserImportJobType

SetCloudWatchLogsRoleArn sets the CloudWatchLogsRoleArn field's value.

func (*UserImportJobType) SetCompletionDate added in v1.5.0

func (s *UserImportJobType) SetCompletionDate(v time.Time) *UserImportJobType

SetCompletionDate sets the CompletionDate field's value.

func (*UserImportJobType) SetCompletionMessage added in v1.5.0

func (s *UserImportJobType) SetCompletionMessage(v string) *UserImportJobType

SetCompletionMessage sets the CompletionMessage field's value.

func (*UserImportJobType) SetCreationDate added in v1.5.0

func (s *UserImportJobType) SetCreationDate(v time.Time) *UserImportJobType

SetCreationDate sets the CreationDate field's value.

func (*UserImportJobType) SetFailedUsers added in v1.5.0

func (s *UserImportJobType) SetFailedUsers(v int64) *UserImportJobType

SetFailedUsers sets the FailedUsers field's value.

func (*UserImportJobType) SetImportedUsers added in v1.5.0

func (s *UserImportJobType) SetImportedUsers(v int64) *UserImportJobType

SetImportedUsers sets the ImportedUsers field's value.

func (*UserImportJobType) SetJobId added in v1.5.0

func (s *UserImportJobType) SetJobId(v string) *UserImportJobType

SetJobId sets the JobId field's value.

func (*UserImportJobType) SetJobName added in v1.5.0

func (s *UserImportJobType) SetJobName(v string) *UserImportJobType

SetJobName sets the JobName field's value.

func (*UserImportJobType) SetPreSignedUrl added in v1.5.0

func (s *UserImportJobType) SetPreSignedUrl(v string) *UserImportJobType

SetPreSignedUrl sets the PreSignedUrl field's value.

func (*UserImportJobType) SetSkippedUsers added in v1.5.0

func (s *UserImportJobType) SetSkippedUsers(v int64) *UserImportJobType

SetSkippedUsers sets the SkippedUsers field's value.

func (*UserImportJobType) SetStartDate added in v1.5.0

func (s *UserImportJobType) SetStartDate(v time.Time) *UserImportJobType

SetStartDate sets the StartDate field's value.

func (*UserImportJobType) SetStatus added in v1.5.0

func (s *UserImportJobType) SetStatus(v string) *UserImportJobType

SetStatus sets the Status field's value.

func (*UserImportJobType) SetUserPoolId added in v1.5.0

func (s *UserImportJobType) SetUserPoolId(v string) *UserImportJobType

SetUserPoolId sets the UserPoolId field's value.

func (UserImportJobType) String added in v1.4.6

func (s UserImportJobType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserLambdaValidationException added in v1.28.0

type UserLambdaValidationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the Amazon Cognito service returns a user validation
	// exception with the Lambda service.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

func (*UserLambdaValidationException) Code added in v1.28.0

Code returns the exception type name.

func (*UserLambdaValidationException) Error added in v1.28.0

func (UserLambdaValidationException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserLambdaValidationException) Message added in v1.28.0

Message returns the exception's message.

func (*UserLambdaValidationException) OrigErr added in v1.28.0

func (s *UserLambdaValidationException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UserLambdaValidationException) RequestID added in v1.28.0

func (s *UserLambdaValidationException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UserLambdaValidationException) StatusCode added in v1.28.0

func (s *UserLambdaValidationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UserLambdaValidationException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserNotConfirmedException added in v1.28.0

type UserNotConfirmedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when a user isn't confirmed successfully.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when a user isn't confirmed successfully.

func (*UserNotConfirmedException) Code added in v1.28.0

Code returns the exception type name.

func (*UserNotConfirmedException) Error added in v1.28.0

func (s *UserNotConfirmedException) Error() string

func (UserNotConfirmedException) GoString added in v1.28.0

func (s UserNotConfirmedException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserNotConfirmedException) Message added in v1.28.0

func (s *UserNotConfirmedException) Message() string

Message returns the exception's message.

func (*UserNotConfirmedException) OrigErr added in v1.28.0

func (s *UserNotConfirmedException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UserNotConfirmedException) RequestID added in v1.28.0

func (s *UserNotConfirmedException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UserNotConfirmedException) StatusCode added in v1.28.0

func (s *UserNotConfirmedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UserNotConfirmedException) String added in v1.28.0

func (s UserNotConfirmedException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserNotFoundException added in v1.28.0

type UserNotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when a user isn't found.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when a user isn't found.

func (*UserNotFoundException) Code added in v1.28.0

func (s *UserNotFoundException) Code() string

Code returns the exception type name.

func (*UserNotFoundException) Error added in v1.28.0

func (s *UserNotFoundException) Error() string

func (UserNotFoundException) GoString added in v1.28.0

func (s UserNotFoundException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserNotFoundException) Message added in v1.28.0

func (s *UserNotFoundException) Message() string

Message returns the exception's message.

func (*UserNotFoundException) OrigErr added in v1.28.0

func (s *UserNotFoundException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UserNotFoundException) RequestID added in v1.28.0

func (s *UserNotFoundException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UserNotFoundException) StatusCode added in v1.28.0

func (s *UserNotFoundException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UserNotFoundException) String added in v1.28.0

func (s UserNotFoundException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserPoolAddOnNotEnabledException added in v1.28.0

type UserPoolAddOnNotEnabledException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when user pool add-ons aren't enabled.

func (*UserPoolAddOnNotEnabledException) Code added in v1.28.0

Code returns the exception type name.

func (*UserPoolAddOnNotEnabledException) Error added in v1.28.0

func (UserPoolAddOnNotEnabledException) GoString added in v1.28.0

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserPoolAddOnNotEnabledException) Message added in v1.28.0

Message returns the exception's message.

func (*UserPoolAddOnNotEnabledException) OrigErr added in v1.28.0

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UserPoolAddOnNotEnabledException) RequestID added in v1.28.0

RequestID returns the service's response RequestID for request.

func (*UserPoolAddOnNotEnabledException) StatusCode added in v1.28.0

func (s *UserPoolAddOnNotEnabledException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UserPoolAddOnNotEnabledException) String added in v1.28.0

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserPoolAddOnsType added in v1.12.35

type UserPoolAddOnsType struct {

	// The operating mode of advanced security features in your user pool.
	//
	// AdvancedSecurityMode is a required field
	AdvancedSecurityMode *string `type:"string" required:"true" enum:"AdvancedSecurityModeType"`
	// contains filtered or unexported fields
}

User pool add-ons. Contains settings for activation of advanced security features. To log user security information but take no action, set to AUDIT. To configure automatic security responses to risky traffic to your user pool, set to ENFORCED.

For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).

func (UserPoolAddOnsType) GoString added in v1.12.35

func (s UserPoolAddOnsType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserPoolAddOnsType) SetAdvancedSecurityMode added in v1.12.35

func (s *UserPoolAddOnsType) SetAdvancedSecurityMode(v string) *UserPoolAddOnsType

SetAdvancedSecurityMode sets the AdvancedSecurityMode field's value.

func (UserPoolAddOnsType) String added in v1.12.35

func (s UserPoolAddOnsType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserPoolAddOnsType) Validate added in v1.12.35

func (s *UserPoolAddOnsType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UserPoolClientDescription

type UserPoolClientDescription struct {

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UserPoolClientDescription's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The client name from the user pool client description.
	ClientName *string `min:"1" type:"string"`

	// The user pool ID for the user pool where you want to describe the user pool
	// client.
	UserPoolId *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

The description of the user pool client.

func (UserPoolClientDescription) GoString

func (s UserPoolClientDescription) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserPoolClientDescription) SetClientId added in v1.5.0

SetClientId sets the ClientId field's value.

func (*UserPoolClientDescription) SetClientName added in v1.5.0

SetClientName sets the ClientName field's value.

func (*UserPoolClientDescription) SetUserPoolId added in v1.5.0

SetUserPoolId sets the UserPoolId field's value.

func (UserPoolClientDescription) String

func (s UserPoolClientDescription) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserPoolClientType

type UserPoolClientType struct {

	// The access token time limit. After this limit expires, your user can't use
	// their access token. To specify the time unit for AccessTokenValidity as seconds,
	// minutes, hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set AccessTokenValidity to 10 and TokenValidityUnits
	// to hours, your user can authorize access with their access token for 10 hours.
	//
	// The default time unit for AccessTokenValidity in an API request is hours.
	// Valid range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// access tokens are valid for one hour.
	AccessTokenValidity *int64 `min:"1" type:"integer"`

	// The allowed OAuth flows.
	//
	// code
	//
	// Use a code grant flow, which provides an authorization code as the response.
	// This code can be exchanged for access tokens with the /oauth2/token endpoint.
	//
	// implicit
	//
	// Issue the access token (and, optionally, ID token, based on scopes) directly
	// to your user.
	//
	// client_credentials
	//
	// Issue the access token from the /oauth2/token endpoint directly to a non-person
	// user using a combination of the client ID and client secret.
	AllowedOAuthFlows []*string `type:"list" enum:"OAuthFlowType"`

	// Set to true to use OAuth 2.0 features in your user pool app client.
	//
	// AllowedOAuthFlowsUserPoolClient must be true before you can configure the
	// following features in your app client.
	//
	//    * CallBackURLs: Callback URLs.
	//
	//    * LogoutURLs: Sign-out redirect URLs.
	//
	//    * AllowedOAuthScopes: OAuth 2.0 scopes.
	//
	//    * AllowedOAuthFlows: Support for authorization code, implicit, and client
	//    credentials OAuth 2.0 grants.
	//
	// To use OAuth 2.0 features, configure one of these features in the Amazon
	// Cognito console or set AllowedOAuthFlowsUserPoolClient to true in a CreateUserPoolClient
	// or UpdateUserPoolClient API request. If you don't set a value for AllowedOAuthFlowsUserPoolClient
	// in a request with the CLI or SDKs, it defaults to false.
	AllowedOAuthFlowsUserPoolClient *bool `type:"boolean"`

	// The OAuth scopes that your app client supports. Possible values that OAuth
	// provides are phone, email, openid, and profile. Possible values that Amazon
	// Web Services provides are aws.cognito.signin.user.admin. Amazon Cognito also
	// supports custom scopes that you create in Resource Servers.
	AllowedOAuthScopes []*string `type:"list"`

	// The Amazon Pinpoint analytics configuration for the user pool client.
	//
	// Amazon Cognito user pools only support sending events to Amazon Pinpoint
	// projects in the US East (N. Virginia) us-east-1 Region, regardless of the
	// Region where the user pool resides.
	AnalyticsConfiguration *AnalyticsConfigurationType `type:"structure"`

	// Amazon Cognito creates a session token for each API request in an authentication
	// flow. AuthSessionValidity is the duration, in minutes, of that session token.
	// Your user pool native user must respond to each authentication challenge
	// before the session expires.
	AuthSessionValidity *int64 `min:"3" type:"integer"`

	// A list of allowed redirect (callback) URLs for the IdPs.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	CallbackURLs []*string `type:"list"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UserPoolClientType's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The client name from the user pool request of the client type.
	ClientName *string `min:"1" type:"string"`

	// The client secret from the user pool request of the client type.
	//
	// ClientSecret is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UserPoolClientType's
	// String and GoString methods.
	ClientSecret *string `min:"1" type:"string" sensitive:"true"`

	// The date and time when the item was created. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	CreationDate *time.Time `type:"timestamp"`

	// The default redirect URI. Must be in the CallbackURLs list.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	DefaultRedirectURI *string `min:"1" type:"string"`

	// When EnablePropagateAdditionalUserContextData is true, Amazon Cognito accepts
	// an IpAddress value that you send in the UserContextData parameter. The UserContextData
	// parameter sends information to Amazon Cognito advanced security for risk
	// analysis. You can send UserContextData when you sign in Amazon Cognito native
	// users with the InitiateAuth and RespondToAuthChallenge API operations.
	//
	// When EnablePropagateAdditionalUserContextData is false, you can't send your
	// user's source IP address to Amazon Cognito advanced security with unauthenticated
	// API operations. EnablePropagateAdditionalUserContextData doesn't affect whether
	// you can send a source IP address in a ContextData parameter with the authenticated
	// API operations AdminInitiateAuth and AdminRespondToAuthChallenge.
	//
	// You can only activate EnablePropagateAdditionalUserContextData in an app
	// client that has a client secret. For more information about propagation of
	// user context data, see Adding user device and session data to API requests
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint).
	EnablePropagateAdditionalUserContextData *bool `type:"boolean"`

	// Indicates whether token revocation is activated for the user pool client.
	// When you create a new user pool client, token revocation is activated by
	// default. For more information about revoking tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).
	EnableTokenRevocation *bool `type:"boolean"`

	// The authentication flows that you want your user pool client to support.
	// For each app client in your user pool, you can sign in your users with any
	// combination of one or more flows, including with a user name and Secure Remote
	// Password (SRP), a user name and password, or a custom authentication process
	// that you define with Lambda functions.
	//
	// If you don't specify a value for ExplicitAuthFlows, your user client supports
	// ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
	//
	// Valid values include:
	//
	//    * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication
	//    flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH
	//    setting. With this authentication flow, your app passes a user name and
	//    password to Amazon Cognito in the request, instead of using the Secure
	//    Remote Password (SRP) protocol to securely transmit the password.
	//
	//    * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
	//
	//    * ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication.
	//    In this flow, Amazon Cognito receives the password in the request instead
	//    of using the SRP protocol to verify passwords.
	//
	//    * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
	//
	//    * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
	//
	// In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
	// or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values
	// to user pool clients at the same time as values that begin with ALLOW_, like
	// ALLOW_USER_SRP_AUTH.
	ExplicitAuthFlows []*string `type:"list" enum:"ExplicitAuthFlowsType"`

	// The ID token time limit. After this limit expires, your user can't use their
	// ID token. To specify the time unit for IdTokenValidity as seconds, minutes,
	// hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set IdTokenValidity as 10 and TokenValidityUnits as
	// hours, your user can authenticate their session with their ID token for 10
	// hours.
	//
	// The default time unit for IdTokenValidity in an API request is hours. Valid
	// range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// ID tokens are valid for one hour.
	IdTokenValidity *int64 `min:"1" type:"integer"`

	// The date and time when the item was modified. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	LastModifiedDate *time.Time `type:"timestamp"`

	// A list of allowed logout URLs for the IdPs.
	LogoutURLs []*string `type:"list"`

	// Errors and responses that you want Amazon Cognito APIs to return during authentication,
	// account confirmation, and password recovery when the user doesn't exist in
	// the user pool. When set to ENABLED and the user doesn't exist, authentication
	// returns an error indicating either the username or password was incorrect.
	// Account confirmation and password recovery return a response indicating a
	// code was sent to a simulated destination. When set to LEGACY, those APIs
	// return a UserNotFoundException exception if the user doesn't exist in the
	// user pool.
	//
	// Valid values include:
	//
	//    * ENABLED - This prevents user existence-related errors.
	//
	//    * LEGACY - This represents the old behavior of Amazon Cognito where user
	//    existence related errors aren't prevented.
	PreventUserExistenceErrors *string `type:"string" enum:"PreventUserExistenceErrorTypes"`

	// The list of user attributes that you want your app client to have read-only
	// access to. After your user authenticates in your app, their access token
	// authorizes them to read their own attribute value for any attribute in this
	// list. An example of this kind of activity is when your user selects a link
	// to view their profile information. Your app makes a GetUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html)
	// API request to retrieve and display your user's profile data.
	//
	// When you don't specify the ReadAttributes for your app client, your app can
	// read the values of email_verified, phone_number_verified, and the Standard
	// attributes of your user pool. When your user pool has read access to these
	// default attributes, ReadAttributes doesn't return any information. Amazon
	// Cognito only populates ReadAttributes in the API response if you have specified
	// your own custom set of read attributes.
	ReadAttributes []*string `type:"list"`

	// The refresh token time limit. After this limit expires, your user can't use
	// their refresh token. To specify the time unit for RefreshTokenValidity as
	// seconds, minutes, hours, or days, set a TokenValidityUnits value in your
	// API request.
	//
	// For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits
	// as days, your user can refresh their session and retrieve new access and
	// ID tokens for 10 days.
	//
	// The default time unit for RefreshTokenValidity in an API request is days.
	// You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides
	// the value with the default value of 30 days. Valid range is displayed below
	// in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// refresh tokens are valid for 30 days.
	RefreshTokenValidity *int64 `type:"integer"`

	// A list of provider names for the IdPs that this client supports. The following
	// are supported: COGNITO, Facebook, Google, SignInWithApple, LoginWithAmazon,
	// and the names of your own SAML and OIDC providers.
	SupportedIdentityProviders []*string `type:"list"`

	// The time units used to specify the token validity times of each token type:
	// ID, access, and refresh.
	TokenValidityUnits *TokenValidityUnitsType `type:"structure"`

	// The user pool ID for the user pool client.
	UserPoolId *string `min:"1" type:"string"`

	// The list of user attributes that you want your app client to have write access
	// to. After your user authenticates in your app, their access token authorizes
	// them to set or modify their own attribute value for any attribute in this
	// list. An example of this kind of activity is when you present your user with
	// a form to update their profile information and they change their last name.
	// Your app then makes an UpdateUserAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html)
	// API request and sets family_name to the new value.
	//
	// When you don't specify the WriteAttributes for your app client, your app
	// can write the values of the Standard attributes of your user pool. When your
	// user pool has write access to these default attributes, WriteAttributes doesn't
	// return any information. Amazon Cognito only populates WriteAttributes in
	// the API response if you have specified your own custom set of write attributes.
	//
	// If your app client allows users to sign in through an IdP, this array must
	// include all attributes that you have mapped to IdP attributes. Amazon Cognito
	// updates mapped attributes when users sign in to your application through
	// an IdP. If your app client does not have write access to a mapped attribute,
	// Amazon Cognito throws an error when it tries to update the attribute. For
	// more information, see Specifying IdP Attribute Mappings for Your user pool
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html).
	WriteAttributes []*string `type:"list"`
	// contains filtered or unexported fields
}

Contains information about a user pool client.

func (UserPoolClientType) GoString

func (s UserPoolClientType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserPoolClientType) SetAccessTokenValidity added in v1.34.4

func (s *UserPoolClientType) SetAccessTokenValidity(v int64) *UserPoolClientType

SetAccessTokenValidity sets the AccessTokenValidity field's value.

func (*UserPoolClientType) SetAllowedOAuthFlows added in v1.8.33

func (s *UserPoolClientType) SetAllowedOAuthFlows(v []*string) *UserPoolClientType

SetAllowedOAuthFlows sets the AllowedOAuthFlows field's value.

func (*UserPoolClientType) SetAllowedOAuthFlowsUserPoolClient added in v1.8.33

func (s *UserPoolClientType) SetAllowedOAuthFlowsUserPoolClient(v bool) *UserPoolClientType

SetAllowedOAuthFlowsUserPoolClient sets the AllowedOAuthFlowsUserPoolClient field's value.

func (*UserPoolClientType) SetAllowedOAuthScopes added in v1.8.33

func (s *UserPoolClientType) SetAllowedOAuthScopes(v []*string) *UserPoolClientType

SetAllowedOAuthScopes sets the AllowedOAuthScopes field's value.

func (*UserPoolClientType) SetAnalyticsConfiguration added in v1.12.35

func (s *UserPoolClientType) SetAnalyticsConfiguration(v *AnalyticsConfigurationType) *UserPoolClientType

SetAnalyticsConfiguration sets the AnalyticsConfiguration field's value.

func (*UserPoolClientType) SetAuthSessionValidity added in v1.44.91

func (s *UserPoolClientType) SetAuthSessionValidity(v int64) *UserPoolClientType

SetAuthSessionValidity sets the AuthSessionValidity field's value.

func (*UserPoolClientType) SetCallbackURLs added in v1.8.33

func (s *UserPoolClientType) SetCallbackURLs(v []*string) *UserPoolClientType

SetCallbackURLs sets the CallbackURLs field's value.

func (*UserPoolClientType) SetClientId added in v1.5.0

func (s *UserPoolClientType) SetClientId(v string) *UserPoolClientType

SetClientId sets the ClientId field's value.

func (*UserPoolClientType) SetClientName added in v1.5.0

func (s *UserPoolClientType) SetClientName(v string) *UserPoolClientType

SetClientName sets the ClientName field's value.

func (*UserPoolClientType) SetClientSecret added in v1.5.0

func (s *UserPoolClientType) SetClientSecret(v string) *UserPoolClientType

SetClientSecret sets the ClientSecret field's value.

func (*UserPoolClientType) SetCreationDate added in v1.5.0

func (s *UserPoolClientType) SetCreationDate(v time.Time) *UserPoolClientType

SetCreationDate sets the CreationDate field's value.

func (*UserPoolClientType) SetDefaultRedirectURI added in v1.8.33

func (s *UserPoolClientType) SetDefaultRedirectURI(v string) *UserPoolClientType

SetDefaultRedirectURI sets the DefaultRedirectURI field's value.

func (*UserPoolClientType) SetEnablePropagateAdditionalUserContextData added in v1.44.25

func (s *UserPoolClientType) SetEnablePropagateAdditionalUserContextData(v bool) *UserPoolClientType

SetEnablePropagateAdditionalUserContextData sets the EnablePropagateAdditionalUserContextData field's value.

func (*UserPoolClientType) SetEnableTokenRevocation added in v1.38.59

func (s *UserPoolClientType) SetEnableTokenRevocation(v bool) *UserPoolClientType

SetEnableTokenRevocation sets the EnableTokenRevocation field's value.

func (*UserPoolClientType) SetExplicitAuthFlows added in v1.5.0

func (s *UserPoolClientType) SetExplicitAuthFlows(v []*string) *UserPoolClientType

SetExplicitAuthFlows sets the ExplicitAuthFlows field's value.

func (*UserPoolClientType) SetIdTokenValidity added in v1.34.4

func (s *UserPoolClientType) SetIdTokenValidity(v int64) *UserPoolClientType

SetIdTokenValidity sets the IdTokenValidity field's value.

func (*UserPoolClientType) SetLastModifiedDate added in v1.5.0

func (s *UserPoolClientType) SetLastModifiedDate(v time.Time) *UserPoolClientType

SetLastModifiedDate sets the LastModifiedDate field's value.

func (*UserPoolClientType) SetLogoutURLs added in v1.8.33

func (s *UserPoolClientType) SetLogoutURLs(v []*string) *UserPoolClientType

SetLogoutURLs sets the LogoutURLs field's value.

func (*UserPoolClientType) SetPreventUserExistenceErrors added in v1.25.35

func (s *UserPoolClientType) SetPreventUserExistenceErrors(v string) *UserPoolClientType

SetPreventUserExistenceErrors sets the PreventUserExistenceErrors field's value.

func (*UserPoolClientType) SetReadAttributes added in v1.5.0

func (s *UserPoolClientType) SetReadAttributes(v []*string) *UserPoolClientType

SetReadAttributes sets the ReadAttributes field's value.

func (*UserPoolClientType) SetRefreshTokenValidity added in v1.5.0

func (s *UserPoolClientType) SetRefreshTokenValidity(v int64) *UserPoolClientType

SetRefreshTokenValidity sets the RefreshTokenValidity field's value.

func (*UserPoolClientType) SetSupportedIdentityProviders added in v1.8.33

func (s *UserPoolClientType) SetSupportedIdentityProviders(v []*string) *UserPoolClientType

SetSupportedIdentityProviders sets the SupportedIdentityProviders field's value.

func (*UserPoolClientType) SetTokenValidityUnits added in v1.34.4

func (s *UserPoolClientType) SetTokenValidityUnits(v *TokenValidityUnitsType) *UserPoolClientType

SetTokenValidityUnits sets the TokenValidityUnits field's value.

func (*UserPoolClientType) SetUserPoolId added in v1.5.0

func (s *UserPoolClientType) SetUserPoolId(v string) *UserPoolClientType

SetUserPoolId sets the UserPoolId field's value.

func (*UserPoolClientType) SetWriteAttributes added in v1.5.0

func (s *UserPoolClientType) SetWriteAttributes(v []*string) *UserPoolClientType

SetWriteAttributes sets the WriteAttributes field's value.

func (UserPoolClientType) String

func (s UserPoolClientType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserPoolDescriptionType

type UserPoolDescriptionType struct {

	// The date and time when the item was created. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	CreationDate *time.Time `type:"timestamp"`

	// The ID in a user pool description.
	Id *string `min:"1" type:"string"`

	// The Lambda configuration information in a user pool description.
	LambdaConfig *LambdaConfigType `type:"structure"`

	// The date and time when the item was modified. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	LastModifiedDate *time.Time `type:"timestamp"`

	// The name in a user pool description.
	Name *string `min:"1" type:"string"`

	// The user pool status in a user pool description.
	//
	// Deprecated: This property is no longer available.
	Status *string `deprecated:"true" type:"string" enum:"StatusType"`
	// contains filtered or unexported fields
}

A user pool description.

func (UserPoolDescriptionType) GoString

func (s UserPoolDescriptionType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserPoolDescriptionType) SetCreationDate added in v1.5.0

SetCreationDate sets the CreationDate field's value.

func (*UserPoolDescriptionType) SetId added in v1.5.0

SetId sets the Id field's value.

func (*UserPoolDescriptionType) SetLambdaConfig added in v1.5.0

SetLambdaConfig sets the LambdaConfig field's value.

func (*UserPoolDescriptionType) SetLastModifiedDate added in v1.5.0

func (s *UserPoolDescriptionType) SetLastModifiedDate(v time.Time) *UserPoolDescriptionType

SetLastModifiedDate sets the LastModifiedDate field's value.

func (*UserPoolDescriptionType) SetName added in v1.5.0

SetName sets the Name field's value.

func (*UserPoolDescriptionType) SetStatus added in v1.5.0

SetStatus sets the Status field's value.

func (UserPoolDescriptionType) String

func (s UserPoolDescriptionType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserPoolPolicyType

type UserPoolPolicyType struct {

	// The password policy.
	PasswordPolicy *PasswordPolicyType `type:"structure"`
	// contains filtered or unexported fields
}

The policy associated with a user pool.

func (UserPoolPolicyType) GoString

func (s UserPoolPolicyType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserPoolPolicyType) SetPasswordPolicy added in v1.5.0

func (s *UserPoolPolicyType) SetPasswordPolicy(v *PasswordPolicyType) *UserPoolPolicyType

SetPasswordPolicy sets the PasswordPolicy field's value.

func (UserPoolPolicyType) String

func (s UserPoolPolicyType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserPoolPolicyType) Validate added in v1.1.21

func (s *UserPoolPolicyType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UserPoolTaggingException added in v1.28.0

type UserPoolTaggingException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when a user pool tag can't be set or updated.

func (*UserPoolTaggingException) Code added in v1.28.0

func (s *UserPoolTaggingException) Code() string

Code returns the exception type name.

func (*UserPoolTaggingException) Error added in v1.28.0

func (s *UserPoolTaggingException) Error() string

func (UserPoolTaggingException) GoString added in v1.28.0

func (s UserPoolTaggingException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserPoolTaggingException) Message added in v1.28.0

func (s *UserPoolTaggingException) Message() string

Message returns the exception's message.

func (*UserPoolTaggingException) OrigErr added in v1.28.0

func (s *UserPoolTaggingException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UserPoolTaggingException) RequestID added in v1.28.0

func (s *UserPoolTaggingException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UserPoolTaggingException) StatusCode added in v1.28.0

func (s *UserPoolTaggingException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UserPoolTaggingException) String added in v1.28.0

func (s UserPoolTaggingException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserPoolType

type UserPoolType struct {

	// The available verified method a user can use to recover their password when
	// they call ForgotPassword. You can use this setting to define a preferred
	// method when a user has more than one method available. With this setting,
	// SMS doesn't qualify for a valid password recovery mechanism if the user also
	// has SMS multi-factor authentication (MFA) activated. In the absence of this
	// setting, Amazon Cognito uses the legacy behavior to determine the recovery
	// method where SMS is preferred through email.
	AccountRecoverySetting *AccountRecoverySettingType `type:"structure"`

	// The configuration for AdminCreateUser requests.
	AdminCreateUserConfig *AdminCreateUserConfigType `type:"structure"`

	// The attributes that are aliased in a user pool.
	AliasAttributes []*string `type:"list" enum:"AliasAttributeType"`

	// The Amazon Resource Name (ARN) for the user pool.
	Arn *string `min:"20" type:"string"`

	// The attributes that are auto-verified in a user pool.
	AutoVerifiedAttributes []*string `type:"list" enum:"VerifiedAttributeType"`

	// The date and time when the item was created. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	CreationDate *time.Time `type:"timestamp"`

	// A custom domain name that you provide to Amazon Cognito. This parameter applies
	// only if you use a custom domain to host the sign-up and sign-in pages for
	// your application. An example of a custom domain name might be auth.example.com.
	//
	// For more information about adding a custom domain to your user pool, see
	// Using Your Own Domain for the Hosted UI (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html).
	CustomDomain *string `min:"1" type:"string"`

	// When active, DeletionProtection prevents accidental deletion of your user
	// pool. Before you can delete a user pool that you have protected against deletion,
	// you must deactivate this feature.
	//
	// When you try to delete a protected user pool in a DeleteUserPool API request,
	// Amazon Cognito returns an InvalidParameterException error. To delete a protected
	// user pool, send a new DeleteUserPool request after you deactivate deletion
	// protection in an UpdateUserPool API request.
	DeletionProtection *string `type:"string" enum:"DeletionProtectionType"`

	// The device-remembering configuration for a user pool. A null value indicates
	// that you have deactivated device remembering in your user pool.
	//
	// When you provide a value for any DeviceConfiguration field, you activate
	// the Amazon Cognito device-remembering feature.
	DeviceConfiguration *DeviceConfigurationType `type:"structure"`

	// The domain prefix, if the user pool has a domain associated with it.
	Domain *string `min:"1" type:"string"`

	// The email configuration of your user pool. The email configuration type sets
	// your preferred sending method, Amazon Web Services Region, and sender for
	// messages from your user pool.
	EmailConfiguration *EmailConfigurationType `type:"structure"`

	// Deprecated. Review error codes from API requests with EventSource:cognito-idp.amazonaws.com
	// in CloudTrail for information about problems with user pool email configuration.
	EmailConfigurationFailure *string `type:"string"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationMessage *string `min:"6" type:"string"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationSubject *string `min:"1" type:"string"`

	// A number estimating the size of the user pool.
	EstimatedNumberOfUsers *int64 `type:"integer"`

	// The ID of the user pool.
	Id *string `min:"1" type:"string"`

	// The Lambda triggers associated with the user pool.
	LambdaConfig *LambdaConfigType `type:"structure"`

	// The date and time when the item was modified. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	LastModifiedDate *time.Time `type:"timestamp"`

	// Can be one of the following values:
	//
	//    * OFF - MFA tokens aren't required and can't be specified during user
	//    registration.
	//
	//    * ON - MFA tokens are required for all user registrations. You can only
	//    specify required when you're initially creating a user pool.
	//
	//    * OPTIONAL - Users have the option when registering to create an MFA token.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// The name of the user pool.
	Name *string `min:"1" type:"string"`

	// The policies associated with the user pool.
	Policies *UserPoolPolicyType `type:"structure"`

	// A list of the user attributes and their properties in your user pool. The
	// attribute schema contains standard attributes, custom attributes with a custom:
	// prefix, and developer attributes with a dev: prefix. For more information,
	// see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html).
	//
	// Developer-only attributes are a legacy feature of user pools, are read-only
	// to all app clients. You can create and update developer-only attributes only
	// with IAM-authenticated API operations. Use app client read/write permissions
	// instead.
	SchemaAttributes []*SchemaAttributeType `min:"1" type:"list"`

	// The contents of the SMS authentication message.
	SmsAuthenticationMessage *string `min:"6" type:"string"`

	// The SMS configuration with the settings that your Amazon Cognito user pool
	// must use to send an SMS message from your Amazon Web Services account through
	// Amazon Simple Notification Service. To send SMS messages with Amazon SNS
	// in the Amazon Web Services Region that you want, the Amazon Cognito user
	// pool uses an Identity and Access Management (IAM) role in your Amazon Web
	// Services account.
	SmsConfiguration *SmsConfigurationType `type:"structure"`

	// The reason why the SMS configuration can't send the messages to your users.
	//
	// This message might include comma-separated values to describe why your SMS
	// configuration can't send messages to user pool end users.
	//
	// InvalidSmsRoleAccessPolicyException
	//
	// The Identity and Access Management role that Amazon Cognito uses to send
	// SMS messages isn't properly configured. For more information, see SmsConfigurationType
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SmsConfigurationType.html).
	//
	// SNSSandbox
	//
	// The Amazon Web Services account is in the SNS SMS Sandbox and messages will
	// only reach verified end users. This parameter won’t get populated with
	// SNSSandbox if the user creating the user pool doesn’t have SNS permissions.
	// To learn how to move your Amazon Web Services account out of the sandbox,
	// see Moving out of the SMS sandbox (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox-moving-to-production.html).
	SmsConfigurationFailure *string `type:"string"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	SmsVerificationMessage *string `min:"6" type:"string"`

	// This parameter is no longer used.
	//
	// Deprecated: This property is no longer available.
	Status *string `deprecated:"true" type:"string" enum:"StatusType"`

	// The settings for updates to user attributes. These settings include the property
	// AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells
	// Amazon Cognito how to handle changes to the value of your users' email address
	// and phone number attributes. For more information, see Verifying updates
	// to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates).
	UserAttributeUpdateSettings *UserAttributeUpdateSettingsType `type:"structure"`

	// User pool add-ons. Contains settings for activation of advanced security
	// features. To log user security information but take no action, set to AUDIT.
	// To configure automatic security responses to risky traffic to your user pool,
	// set to ENFORCED.
	//
	// For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
	UserPoolAddOns *UserPoolAddOnsType `type:"structure"`

	// The tags that are assigned to the user pool. A tag is a label that you can
	// apply to user pools to categorize and manage them in different ways, such
	// as by purpose, owner, environment, or other criteria.
	UserPoolTags map[string]*string `type:"map"`

	// Specifies whether a user can use an email address or phone number as a username
	// when they sign up.
	UsernameAttributes []*string `type:"list" enum:"UsernameAttributeType"`

	// Case sensitivity of the username input for the selected sign-in option. For
	// example, when case sensitivity is set to False, users can sign in using either
	// "username" or "Username". This configuration is immutable once it has been
	// set. For more information, see UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html).
	UsernameConfiguration *UsernameConfigurationType `type:"structure"`

	// The template for verification messages.
	VerificationMessageTemplate *VerificationMessageTemplateType `type:"structure"`
	// contains filtered or unexported fields
}

A container for information about the user pool.

func (UserPoolType) GoString

func (s UserPoolType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserPoolType) SetAccountRecoverySetting added in v1.25.43

func (s *UserPoolType) SetAccountRecoverySetting(v *AccountRecoverySettingType) *UserPoolType

SetAccountRecoverySetting sets the AccountRecoverySetting field's value.

func (*UserPoolType) SetAdminCreateUserConfig added in v1.5.0

func (s *UserPoolType) SetAdminCreateUserConfig(v *AdminCreateUserConfigType) *UserPoolType

SetAdminCreateUserConfig sets the AdminCreateUserConfig field's value.

func (*UserPoolType) SetAliasAttributes added in v1.5.0

func (s *UserPoolType) SetAliasAttributes(v []*string) *UserPoolType

SetAliasAttributes sets the AliasAttributes field's value.

func (*UserPoolType) SetArn added in v1.13.51

func (s *UserPoolType) SetArn(v string) *UserPoolType

SetArn sets the Arn field's value.

func (*UserPoolType) SetAutoVerifiedAttributes added in v1.5.0

func (s *UserPoolType) SetAutoVerifiedAttributes(v []*string) *UserPoolType

SetAutoVerifiedAttributes sets the AutoVerifiedAttributes field's value.

func (*UserPoolType) SetCreationDate added in v1.5.0

func (s *UserPoolType) SetCreationDate(v time.Time) *UserPoolType

SetCreationDate sets the CreationDate field's value.

func (*UserPoolType) SetCustomDomain added in v1.15.20

func (s *UserPoolType) SetCustomDomain(v string) *UserPoolType

SetCustomDomain sets the CustomDomain field's value.

func (*UserPoolType) SetDeletionProtection added in v1.44.121

func (s *UserPoolType) SetDeletionProtection(v string) *UserPoolType

SetDeletionProtection sets the DeletionProtection field's value.

func (*UserPoolType) SetDeviceConfiguration added in v1.5.0

func (s *UserPoolType) SetDeviceConfiguration(v *DeviceConfigurationType) *UserPoolType

SetDeviceConfiguration sets the DeviceConfiguration field's value.

func (*UserPoolType) SetDomain added in v1.12.45

func (s *UserPoolType) SetDomain(v string) *UserPoolType

SetDomain sets the Domain field's value.

func (*UserPoolType) SetEmailConfiguration added in v1.5.0

func (s *UserPoolType) SetEmailConfiguration(v *EmailConfigurationType) *UserPoolType

SetEmailConfiguration sets the EmailConfiguration field's value.

func (*UserPoolType) SetEmailConfigurationFailure added in v1.5.0

func (s *UserPoolType) SetEmailConfigurationFailure(v string) *UserPoolType

SetEmailConfigurationFailure sets the EmailConfigurationFailure field's value.

func (*UserPoolType) SetEmailVerificationMessage added in v1.5.0

func (s *UserPoolType) SetEmailVerificationMessage(v string) *UserPoolType

SetEmailVerificationMessage sets the EmailVerificationMessage field's value.

func (*UserPoolType) SetEmailVerificationSubject added in v1.5.0

func (s *UserPoolType) SetEmailVerificationSubject(v string) *UserPoolType

SetEmailVerificationSubject sets the EmailVerificationSubject field's value.

func (*UserPoolType) SetEstimatedNumberOfUsers added in v1.5.0

func (s *UserPoolType) SetEstimatedNumberOfUsers(v int64) *UserPoolType

SetEstimatedNumberOfUsers sets the EstimatedNumberOfUsers field's value.

func (*UserPoolType) SetId added in v1.5.0

func (s *UserPoolType) SetId(v string) *UserPoolType

SetId sets the Id field's value.

func (*UserPoolType) SetLambdaConfig added in v1.5.0

func (s *UserPoolType) SetLambdaConfig(v *LambdaConfigType) *UserPoolType

SetLambdaConfig sets the LambdaConfig field's value.

func (*UserPoolType) SetLastModifiedDate added in v1.5.0

func (s *UserPoolType) SetLastModifiedDate(v time.Time) *UserPoolType

SetLastModifiedDate sets the LastModifiedDate field's value.

func (*UserPoolType) SetMfaConfiguration added in v1.5.0

func (s *UserPoolType) SetMfaConfiguration(v string) *UserPoolType

SetMfaConfiguration sets the MfaConfiguration field's value.

func (*UserPoolType) SetName added in v1.5.0

func (s *UserPoolType) SetName(v string) *UserPoolType

SetName sets the Name field's value.

func (*UserPoolType) SetPolicies added in v1.5.0

func (s *UserPoolType) SetPolicies(v *UserPoolPolicyType) *UserPoolType

SetPolicies sets the Policies field's value.

func (*UserPoolType) SetSchemaAttributes added in v1.5.0

func (s *UserPoolType) SetSchemaAttributes(v []*SchemaAttributeType) *UserPoolType

SetSchemaAttributes sets the SchemaAttributes field's value.

func (*UserPoolType) SetSmsAuthenticationMessage added in v1.5.0

func (s *UserPoolType) SetSmsAuthenticationMessage(v string) *UserPoolType

SetSmsAuthenticationMessage sets the SmsAuthenticationMessage field's value.

func (*UserPoolType) SetSmsConfiguration added in v1.5.0

func (s *UserPoolType) SetSmsConfiguration(v *SmsConfigurationType) *UserPoolType

SetSmsConfiguration sets the SmsConfiguration field's value.

func (*UserPoolType) SetSmsConfigurationFailure added in v1.5.0

func (s *UserPoolType) SetSmsConfigurationFailure(v string) *UserPoolType

SetSmsConfigurationFailure sets the SmsConfigurationFailure field's value.

func (*UserPoolType) SetSmsVerificationMessage added in v1.5.0

func (s *UserPoolType) SetSmsVerificationMessage(v string) *UserPoolType

SetSmsVerificationMessage sets the SmsVerificationMessage field's value.

func (*UserPoolType) SetStatus added in v1.5.0

func (s *UserPoolType) SetStatus(v string) *UserPoolType

SetStatus sets the Status field's value.

func (*UserPoolType) SetUserAttributeUpdateSettings added in v1.44.21

func (s *UserPoolType) SetUserAttributeUpdateSettings(v *UserAttributeUpdateSettingsType) *UserPoolType

SetUserAttributeUpdateSettings sets the UserAttributeUpdateSettings field's value.

func (*UserPoolType) SetUserPoolAddOns added in v1.12.35

func (s *UserPoolType) SetUserPoolAddOns(v *UserPoolAddOnsType) *UserPoolType

SetUserPoolAddOns sets the UserPoolAddOns field's value.

func (*UserPoolType) SetUserPoolTags added in v1.6.4

func (s *UserPoolType) SetUserPoolTags(v map[string]*string) *UserPoolType

SetUserPoolTags sets the UserPoolTags field's value.

func (*UserPoolType) SetUsernameAttributes added in v1.10.12

func (s *UserPoolType) SetUsernameAttributes(v []*string) *UserPoolType

SetUsernameAttributes sets the UsernameAttributes field's value.

func (*UserPoolType) SetUsernameConfiguration added in v1.29.0

func (s *UserPoolType) SetUsernameConfiguration(v *UsernameConfigurationType) *UserPoolType

SetUsernameConfiguration sets the UsernameConfiguration field's value.

func (*UserPoolType) SetVerificationMessageTemplate added in v1.10.24

func (s *UserPoolType) SetVerificationMessageTemplate(v *VerificationMessageTemplateType) *UserPoolType

SetVerificationMessageTemplate sets the VerificationMessageTemplate field's value.

func (UserPoolType) String

func (s UserPoolType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserType

type UserType struct {

	// A container with information about the user type attributes.
	Attributes []*AttributeType `type:"list"`

	// Specifies whether the user is enabled.
	Enabled *bool `type:"boolean"`

	// The MFA options for the user.
	MFAOptions []*MFAOptionType `type:"list"`

	// The creation date of the user.
	UserCreateDate *time.Time `type:"timestamp"`

	// The date and time when the item was modified. Amazon Cognito returns this
	// timestamp in UNIX epoch time format. Your SDK might render the output in
	// a human-readable format like ISO 8601 or a Java Date object.
	UserLastModifiedDate *time.Time `type:"timestamp"`

	// The user status. This can be one of the following:
	//
	//    * UNCONFIRMED - User has been created but not confirmed.
	//
	//    * CONFIRMED - User has been confirmed.
	//
	//    * EXTERNAL_PROVIDER - User signed in with a third-party IdP.
	//
	//    * UNKNOWN - User status isn't known.
	//
	//    * RESET_REQUIRED - User is confirmed, but the user must request a code
	//    and reset their password before they can sign in.
	//
	//    * FORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign
	//    in using a temporary password, but on first sign-in, the user must change
	//    their password to a new value before doing anything else.
	UserStatus *string `type:"string" enum:"UserStatusType"`

	// The user name of the user you want to describe.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UserType's
	// String and GoString methods.
	Username *string `min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

A user profile in a Amazon Cognito user pool.

func (UserType) GoString

func (s UserType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserType) SetAttributes added in v1.5.0

func (s *UserType) SetAttributes(v []*AttributeType) *UserType

SetAttributes sets the Attributes field's value.

func (*UserType) SetEnabled added in v1.5.0

func (s *UserType) SetEnabled(v bool) *UserType

SetEnabled sets the Enabled field's value.

func (*UserType) SetMFAOptions added in v1.5.0

func (s *UserType) SetMFAOptions(v []*MFAOptionType) *UserType

SetMFAOptions sets the MFAOptions field's value.

func (*UserType) SetUserCreateDate added in v1.5.0

func (s *UserType) SetUserCreateDate(v time.Time) *UserType

SetUserCreateDate sets the UserCreateDate field's value.

func (*UserType) SetUserLastModifiedDate added in v1.5.0

func (s *UserType) SetUserLastModifiedDate(v time.Time) *UserType

SetUserLastModifiedDate sets the UserLastModifiedDate field's value.

func (*UserType) SetUserStatus added in v1.5.0

func (s *UserType) SetUserStatus(v string) *UserType

SetUserStatus sets the UserStatus field's value.

func (*UserType) SetUsername added in v1.5.0

func (s *UserType) SetUsername(v string) *UserType

SetUsername sets the Username field's value.

func (UserType) String

func (s UserType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UsernameConfigurationType added in v1.29.0

type UsernameConfigurationType struct {

	// Specifies whether user name case sensitivity will be applied for all users
	// in the user pool through Amazon Cognito APIs. For most use cases, set case
	// sensitivity to False (case insensitive) as a best practice. When usernames
	// and email addresses are case insensitive, users can sign in as the same user
	// when they enter a different capitalization of their user name.
	//
	// Valid values include:
	//
	// True
	//
	// Enables case sensitivity for all username input. When this option is set
	// to True, users must sign in using the exact capitalization of their given
	// username, such as “UserName”. This is the default value.
	//
	// False
	//
	// Enables case insensitivity for all username input. For example, when this
	// option is set to False, users can sign in using username, USERNAME, or UserName.
	// This option also enables both preferred_username and email alias to be case
	// insensitive, in addition to the username attribute.
	//
	// CaseSensitive is a required field
	CaseSensitive *bool `type:"boolean" required:"true"`
	// contains filtered or unexported fields
}

The username configuration type.

func (UsernameConfigurationType) GoString added in v1.29.0

func (s UsernameConfigurationType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UsernameConfigurationType) SetCaseSensitive added in v1.29.0

SetCaseSensitive sets the CaseSensitive field's value.

func (UsernameConfigurationType) String added in v1.29.0

func (s UsernameConfigurationType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UsernameConfigurationType) Validate added in v1.29.0

func (s *UsernameConfigurationType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UsernameExistsException added in v1.28.0

type UsernameExistsException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws a user name exists exception.
	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.

func (*UsernameExistsException) Code added in v1.28.0

func (s *UsernameExistsException) Code() string

Code returns the exception type name.

func (*UsernameExistsException) Error added in v1.28.0

func (s *UsernameExistsException) Error() string

func (UsernameExistsException) GoString added in v1.28.0

func (s UsernameExistsException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UsernameExistsException) Message added in v1.28.0

func (s *UsernameExistsException) Message() string

Message returns the exception's message.

func (*UsernameExistsException) OrigErr added in v1.28.0

func (s *UsernameExistsException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UsernameExistsException) RequestID added in v1.28.0

func (s *UsernameExistsException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UsernameExistsException) StatusCode added in v1.28.0

func (s *UsernameExistsException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UsernameExistsException) String added in v1.28.0

func (s UsernameExistsException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type VerificationMessageTemplateType added in v1.10.24

type VerificationMessageTemplateType struct {

	// The default email option.
	DefaultEmailOption *string `type:"string" enum:"DefaultEmailOptionType"`

	// The template for email messages that Amazon Cognito sends to your users.
	// You can set an EmailMessage template only if the value of EmailSendingAccount
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER. When your EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER, your user pool sends email messages with your own Amazon SES
	// configuration.
	EmailMessage *string `min:"6" type:"string"`

	// The email message template for sending a confirmation link to the user. You
	// can set an EmailMessageByLink template only if the value of EmailSendingAccount
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER. When your EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER, your user pool sends email messages with your own Amazon SES
	// configuration.
	EmailMessageByLink *string `min:"6" type:"string"`

	// The subject line for the email message template. You can set an EmailSubject
	// template only if the value of EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER. When your EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER, your user pool sends email messages with your own Amazon SES
	// configuration.
	EmailSubject *string `min:"1" type:"string"`

	// The subject line for the email message template for sending a confirmation
	// link to the user. You can set an EmailSubjectByLink template only if the
	// value of EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER. When your EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER, your user pool sends email messages with your own Amazon SES
	// configuration.
	EmailSubjectByLink *string `min:"1" type:"string"`

	// The template for SMS messages that Amazon Cognito sends to your users.
	SmsMessage *string `min:"6" type:"string"`
	// contains filtered or unexported fields
}

The template for verification messages.

func (VerificationMessageTemplateType) GoString added in v1.10.24

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*VerificationMessageTemplateType) SetDefaultEmailOption added in v1.10.24

SetDefaultEmailOption sets the DefaultEmailOption field's value.

func (*VerificationMessageTemplateType) SetEmailMessage added in v1.10.24

SetEmailMessage sets the EmailMessage field's value.

SetEmailMessageByLink sets the EmailMessageByLink field's value.

func (*VerificationMessageTemplateType) SetEmailSubject added in v1.10.24

SetEmailSubject sets the EmailSubject field's value.

SetEmailSubjectByLink sets the EmailSubjectByLink field's value.

func (*VerificationMessageTemplateType) SetSmsMessage added in v1.10.24

SetSmsMessage sets the SmsMessage field's value.

func (VerificationMessageTemplateType) String added in v1.10.24

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*VerificationMessageTemplateType) Validate added in v1.10.24

func (s *VerificationMessageTemplateType) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type VerifySoftwareTokenInput added in v1.12.35

type VerifySoftwareTokenInput struct {

	// A valid access token that Amazon Cognito issued to the user whose software
	// token you want to verify.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VerifySoftwareTokenInput's
	// String and GoString methods.
	AccessToken *string `type:"string" sensitive:"true"`

	// The friendly device name.
	FriendlyDeviceName *string `type:"string"`

	// The session that should be passed both ways in challenge-response calls to
	// the service.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VerifySoftwareTokenInput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`

	// The one- time password computed using the secret code returned by AssociateSoftwareToken
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AssociateSoftwareToken.html).
	//
	// UserCode is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VerifySoftwareTokenInput's
	// String and GoString methods.
	//
	// UserCode is a required field
	UserCode *string `min:"6" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (VerifySoftwareTokenInput) GoString added in v1.12.35

func (s VerifySoftwareTokenInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*VerifySoftwareTokenInput) SetAccessToken added in v1.12.35

SetAccessToken sets the AccessToken field's value.

func (*VerifySoftwareTokenInput) SetFriendlyDeviceName added in v1.12.35

func (s *VerifySoftwareTokenInput) SetFriendlyDeviceName(v string) *VerifySoftwareTokenInput

SetFriendlyDeviceName sets the FriendlyDeviceName field's value.

func (*VerifySoftwareTokenInput) SetSession added in v1.12.35

SetSession sets the Session field's value.

func (*VerifySoftwareTokenInput) SetUserCode added in v1.12.35

SetUserCode sets the UserCode field's value.

func (VerifySoftwareTokenInput) String added in v1.12.35

func (s VerifySoftwareTokenInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*VerifySoftwareTokenInput) Validate added in v1.12.35

func (s *VerifySoftwareTokenInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type VerifySoftwareTokenOutput added in v1.12.35

type VerifySoftwareTokenOutput struct {

	// The session that should be passed both ways in challenge-response calls to
	// the service.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VerifySoftwareTokenOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`

	// The status of the verify software token.
	Status *string `type:"string" enum:"VerifySoftwareTokenResponseType"`
	// contains filtered or unexported fields
}

func (VerifySoftwareTokenOutput) GoString added in v1.12.35

func (s VerifySoftwareTokenOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*VerifySoftwareTokenOutput) SetSession added in v1.12.35

SetSession sets the Session field's value.

func (*VerifySoftwareTokenOutput) SetStatus added in v1.12.35

SetStatus sets the Status field's value.

func (VerifySoftwareTokenOutput) String added in v1.12.35

func (s VerifySoftwareTokenOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type VerifyUserAttributeInput

type VerifyUserAttributeInput struct {

	// A valid access token that Amazon Cognito issued to the user whose user attributes
	// you want to verify.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VerifyUserAttributeInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The attribute name in the request to verify user attributes.
	//
	// AttributeName is a required field
	AttributeName *string `min:"1" type:"string" required:"true"`

	// The verification code in the request to verify user attributes.
	//
	// Code is a required field
	Code *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Represents the request to verify user attributes.

func (VerifyUserAttributeInput) GoString

func (s VerifyUserAttributeInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*VerifyUserAttributeInput) SetAccessToken added in v1.5.0

SetAccessToken sets the AccessToken field's value.

func (*VerifyUserAttributeInput) SetAttributeName added in v1.5.0

SetAttributeName sets the AttributeName field's value.

func (*VerifyUserAttributeInput) SetCode added in v1.5.0

SetCode sets the Code field's value.

func (VerifyUserAttributeInput) String

func (s VerifyUserAttributeInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*VerifyUserAttributeInput) Validate added in v1.1.21

func (s *VerifyUserAttributeInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type VerifyUserAttributeOutput

type VerifyUserAttributeOutput struct {
	// contains filtered or unexported fields
}

A container representing the response from the server from the request to verify user attributes.

func (VerifyUserAttributeOutput) GoString

func (s VerifyUserAttributeOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (VerifyUserAttributeOutput) String

func (s VerifyUserAttributeOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

Directories

Path Synopsis
Package cognitoidentityprovideriface provides an interface to enable mocking the Amazon Cognito Identity Provider service client for testing your code.
Package cognitoidentityprovideriface provides an interface to enable mocking the Amazon Cognito Identity Provider service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL