Package software.amazon.awssdk.services.cognitoidentityprovider

Interface CognitoIdentityProviderClient

All Superinterfaces:

AutoCloseable, AwsClient, SdkAutoCloseable, SdkClient

@Generated("software.amazon.awssdk:codegen")
@ThreadSafe
public interface CognitoIdentityProviderClient
extends AwsClient

Service client for accessing Amazon Cognito Identity Provider. This can be created using the static builder() method.

With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To authenticate users from third-party identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the authentication and authorization of federated users at Adding user pool sign-in through a third party and in the User pool federation endpoints and hosted UI reference.

This API reference provides detailed information about API operations and object types in Amazon Cognito.

Along with resource management operations, the Amazon Cognito user pools API includes classes of operations and authorization models for client-side and server-side authentication of users. You can interact with operations in the Amazon Cognito user pools API as any of the following subjects.

1. An administrator who wants to configure user pools, app clients, users, groups, or other user pool functions.

2. A server-side app, like a web application, that wants to use its Amazon Web Services privileges to manage, authenticate, or authorize a user.

3. A client-side app, like a mobile app, that wants to make unauthenticated requests to manage, authenticate, or authorize a user.

For more information, see Using the Amazon Cognito user pools API and user pool endpoints in the Amazon Cognito Developer Guide.

With your Amazon Web Services SDK, you can build the logic to support operational flows in every use case for this API. You can also make direct REST API requests to Amazon Cognito user pools service endpoints. The following links can get you started with the CognitoIdentityProvider client in other supported Amazon Web Services SDKs.

• Amazon Web Services Command Line Interface

• Amazon Web Services SDK for .NET

• Amazon Web Services SDK for C++

• Amazon Web Services SDK for Go

• Amazon Web Services SDK for Java V2

• Amazon Web Services SDK for JavaScript

• Amazon Web Services SDK for PHP V3

• Amazon Web Services SDK for Python

• Amazon Web Services SDK for Ruby V3

• Amazon Web Services SDK for Kotlin

To get started with an Amazon Web Services SDK, see Tools to Build on Amazon Web Services. For example actions and scenarios, see Code examples for Amazon Cognito Identity Provider using Amazon Web Services SDKs.

Field Summary

Fields

Modifier and Type	Field	Description
static String	SERVICE_METADATA_ID	Value for looking up the service's metadata from the ServiceMetadataProvider.
static String	SERVICE_NAME

Method Summary

Modifier and Type	Method	Description
default AddCustomAttributesResponse	addCustomAttributes(Consumer<AddCustomAttributesRequest.Builder> addCustomAttributesRequest)	Adds additional user attributes to the user pool schema.
default AddCustomAttributesResponse	addCustomAttributes(AddCustomAttributesRequest addCustomAttributesRequest)	Adds additional user attributes to the user pool schema.
default AdminAddUserToGroupResponse	adminAddUserToGroup(Consumer<AdminAddUserToGroupRequest.Builder> adminAddUserToGroupRequest)	Adds a user to a group.
default AdminAddUserToGroupResponse	adminAddUserToGroup(AdminAddUserToGroupRequest adminAddUserToGroupRequest)	Adds a user to a group.
default AdminConfirmSignUpResponse	adminConfirmSignUp(Consumer<AdminConfirmSignUpRequest.Builder> adminConfirmSignUpRequest)	Confirms user sign-up as an administrator.
default AdminConfirmSignUpResponse	adminConfirmSignUp(AdminConfirmSignUpRequest adminConfirmSignUpRequest)	Confirms user sign-up as an administrator.
default AdminCreateUserResponse	adminCreateUser(Consumer<AdminCreateUserRequest.Builder> adminCreateUserRequest)	Creates a new user in the specified user pool.
default AdminCreateUserResponse	adminCreateUser(AdminCreateUserRequest adminCreateUserRequest)	Creates a new user in the specified user pool.
default AdminDeleteUserResponse	adminDeleteUser(Consumer<AdminDeleteUserRequest.Builder> adminDeleteUserRequest)	Deletes a user profile in your user pool.
default AdminDeleteUserResponse	adminDeleteUser(AdminDeleteUserRequest adminDeleteUserRequest)	Deletes a user profile in your user pool.
default AdminDeleteUserAttributesResponse	adminDeleteUserAttributes(Consumer<AdminDeleteUserAttributesRequest.Builder> adminDeleteUserAttributesRequest)	Deletes attribute values from a user.
default AdminDeleteUserAttributesResponse	adminDeleteUserAttributes(AdminDeleteUserAttributesRequest adminDeleteUserAttributesRequest)	Deletes attribute values from a user.
default AdminDisableProviderForUserResponse	adminDisableProviderForUser(Consumer<AdminDisableProviderForUserRequest.Builder> adminDisableProviderForUserRequest)	Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP).
default AdminDisableProviderForUserResponse	adminDisableProviderForUser(AdminDisableProviderForUserRequest adminDisableProviderForUserRequest)	Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP).
default AdminDisableUserResponse	adminDisableUser(Consumer<AdminDisableUserRequest.Builder> adminDisableUserRequest)	Deactivates a user profile and revokes all access tokens for the user.
default AdminDisableUserResponse	adminDisableUser(AdminDisableUserRequest adminDisableUserRequest)	Deactivates a user profile and revokes all access tokens for the user.
default AdminEnableUserResponse	adminEnableUser(Consumer<AdminEnableUserRequest.Builder> adminEnableUserRequest)	Activate sign-in for a user profile that previously had sign-in access disabled.
default AdminEnableUserResponse	adminEnableUser(AdminEnableUserRequest adminEnableUserRequest)	Activate sign-in for a user profile that previously had sign-in access disabled.
default AdminForgetDeviceResponse	adminForgetDevice(Consumer<AdminForgetDeviceRequest.Builder> adminForgetDeviceRequest)	Forgets, or deletes, a remembered device from a user's profile.
default AdminForgetDeviceResponse	adminForgetDevice(AdminForgetDeviceRequest adminForgetDeviceRequest)	Forgets, or deletes, a remembered device from a user's profile.
default AdminGetDeviceResponse	adminGetDevice(Consumer<AdminGetDeviceRequest.Builder> adminGetDeviceRequest)	Given the device key, returns details for a user' device.
default AdminGetDeviceResponse	adminGetDevice(AdminGetDeviceRequest adminGetDeviceRequest)	Given the device key, returns details for a user' device.
default AdminGetUserResponse	adminGetUser(Consumer<AdminGetUserRequest.Builder> adminGetUserRequest)	Given the username, returns details about a user profile in a user pool.
default AdminGetUserResponse	adminGetUser(AdminGetUserRequest adminGetUserRequest)	Given the username, returns details about a user profile in a user pool.
default AdminInitiateAuthResponse	adminInitiateAuth(Consumer<AdminInitiateAuthRequest.Builder> adminInitiateAuthRequest)	Starts sign-in for applications with a server-side component, for example a traditional web application.
default AdminInitiateAuthResponse	adminInitiateAuth(AdminInitiateAuthRequest adminInitiateAuthRequest)	Starts sign-in for applications with a server-side component, for example a traditional web application.
default AdminLinkProviderForUserResponse	adminLinkProviderForUser(Consumer<AdminLinkProviderForUserRequest.Builder> adminLinkProviderForUserRequest)	Links an existing user account in a user pool (DestinationUser) to an identity from an external IdP (SourceUser) based on a specified attribute name and value from the external IdP.
default AdminLinkProviderForUserResponse	adminLinkProviderForUser(AdminLinkProviderForUserRequest adminLinkProviderForUserRequest)	Links an existing user account in a user pool (DestinationUser) to an identity from an external IdP (SourceUser) based on a specified attribute name and value from the external IdP.
default AdminListDevicesResponse	adminListDevices(Consumer<AdminListDevicesRequest.Builder> adminListDevicesRequest)	Lists a user's registered devices.
default AdminListDevicesResponse	adminListDevices(AdminListDevicesRequest adminListDevicesRequest)	Lists a user's registered devices.
default AdminListGroupsForUserResponse	adminListGroupsForUser(Consumer<AdminListGroupsForUserRequest.Builder> adminListGroupsForUserRequest)	Lists the groups that a user belongs to.
default AdminListGroupsForUserResponse	adminListGroupsForUser(AdminListGroupsForUserRequest adminListGroupsForUserRequest)	Lists the groups that a user belongs to.
default AdminListGroupsForUserIterable	adminListGroupsForUserPaginator(Consumer<AdminListGroupsForUserRequest.Builder> adminListGroupsForUserRequest)	This is a variant of adminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest) operation.
default AdminListGroupsForUserIterable	adminListGroupsForUserPaginator(AdminListGroupsForUserRequest adminListGroupsForUserRequest)	This is a variant of adminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest) operation.
default AdminListUserAuthEventsResponse	adminListUserAuthEvents(Consumer<AdminListUserAuthEventsRequest.Builder> adminListUserAuthEventsRequest)	Requests a history of user activity and any risks detected as part of Amazon Cognito threat protection.
default AdminListUserAuthEventsResponse	adminListUserAuthEvents(AdminListUserAuthEventsRequest adminListUserAuthEventsRequest)	Requests a history of user activity and any risks detected as part of Amazon Cognito threat protection.
default AdminListUserAuthEventsIterable	adminListUserAuthEventsPaginator(Consumer<AdminListUserAuthEventsRequest.Builder> adminListUserAuthEventsRequest)	This is a variant of adminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest) operation.
default AdminListUserAuthEventsIterable	adminListUserAuthEventsPaginator(AdminListUserAuthEventsRequest adminListUserAuthEventsRequest)	This is a variant of adminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest) operation.
default AdminRemoveUserFromGroupResponse	adminRemoveUserFromGroup(Consumer<AdminRemoveUserFromGroupRequest.Builder> adminRemoveUserFromGroupRequest)	Given a username and a group name.
default AdminRemoveUserFromGroupResponse	adminRemoveUserFromGroup(AdminRemoveUserFromGroupRequest adminRemoveUserFromGroupRequest)	Given a username and a group name.
default AdminResetUserPasswordResponse	adminResetUserPassword(Consumer<AdminResetUserPasswordRequest.Builder> adminResetUserPasswordRequest)	Resets the specified user's password in a user pool.
default AdminResetUserPasswordResponse	adminResetUserPassword(AdminResetUserPasswordRequest adminResetUserPasswordRequest)	Resets the specified user's password in a user pool.
default AdminRespondToAuthChallengeResponse	adminRespondToAuthChallenge(Consumer<AdminRespondToAuthChallengeRequest.Builder> adminRespondToAuthChallengeRequest)	Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge.
default AdminRespondToAuthChallengeResponse	adminRespondToAuthChallenge(AdminRespondToAuthChallengeRequest adminRespondToAuthChallengeRequest)	Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge.
default AdminSetUserMfaPreferenceResponse	adminSetUserMFAPreference(Consumer<AdminSetUserMfaPreferenceRequest.Builder> adminSetUserMfaPreferenceRequest)	Sets the user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred.
default AdminSetUserMfaPreferenceResponse	adminSetUserMFAPreference(AdminSetUserMfaPreferenceRequest adminSetUserMfaPreferenceRequest)	Sets the user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred.
default AdminSetUserPasswordResponse	adminSetUserPassword(Consumer<AdminSetUserPasswordRequest.Builder> adminSetUserPasswordRequest)	Sets the specified user's password in a user pool.
default AdminSetUserPasswordResponse	adminSetUserPassword(AdminSetUserPasswordRequest adminSetUserPasswordRequest)	Sets the specified user's password in a user pool.
default AdminSetUserSettingsResponse	adminSetUserSettings(Consumer<AdminSetUserSettingsRequest.Builder> adminSetUserSettingsRequest)	This action is no longer supported. You can use it to configure only SMS MFA.
default AdminSetUserSettingsResponse	adminSetUserSettings(AdminSetUserSettingsRequest adminSetUserSettingsRequest)	This action is no longer supported. You can use it to configure only SMS MFA.
default AdminUpdateAuthEventFeedbackResponse	adminUpdateAuthEventFeedback(Consumer<AdminUpdateAuthEventFeedbackRequest.Builder> adminUpdateAuthEventFeedbackRequest)	Provides feedback for an authentication event indicating if it was from a valid user.
default AdminUpdateAuthEventFeedbackResponse	adminUpdateAuthEventFeedback(AdminUpdateAuthEventFeedbackRequest adminUpdateAuthEventFeedbackRequest)	Provides feedback for an authentication event indicating if it was from a valid user.
default AdminUpdateDeviceStatusResponse	adminUpdateDeviceStatus(Consumer<AdminUpdateDeviceStatusRequest.Builder> adminUpdateDeviceStatusRequest)	Updates the status of a user's device so that it is marked as remembered or not remembered for the purpose of device authentication.
default AdminUpdateDeviceStatusResponse	adminUpdateDeviceStatus(AdminUpdateDeviceStatusRequest adminUpdateDeviceStatusRequest)	Updates the status of a user's device so that it is marked as remembered or not remembered for the purpose of device authentication.
default AdminUpdateUserAttributesResponse	adminUpdateUserAttributes(Consumer<AdminUpdateUserAttributesRequest.Builder> adminUpdateUserAttributesRequest)
default AdminUpdateUserAttributesResponse	adminUpdateUserAttributes(AdminUpdateUserAttributesRequest adminUpdateUserAttributesRequest)
default AdminUserGlobalSignOutResponse	adminUserGlobalSignOut(Consumer<AdminUserGlobalSignOutRequest.Builder> adminUserGlobalSignOutRequest)	Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user.
default AdminUserGlobalSignOutResponse	adminUserGlobalSignOut(AdminUserGlobalSignOutRequest adminUserGlobalSignOutRequest)	Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user.
default AssociateSoftwareTokenResponse	associateSoftwareToken(Consumer<AssociateSoftwareTokenRequest.Builder> associateSoftwareTokenRequest)	Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response.
default AssociateSoftwareTokenResponse	associateSoftwareToken(AssociateSoftwareTokenRequest associateSoftwareTokenRequest)	Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response.
static CognitoIdentityProviderClientBuilder	builder()	Create a builder that can be used to configure and create a CognitoIdentityProviderClient.
default ChangePasswordResponse	changePassword(Consumer<ChangePasswordRequest.Builder> changePasswordRequest)	Changes the password for a specified user in a user pool.
default ChangePasswordResponse	changePassword(ChangePasswordRequest changePasswordRequest)	Changes the password for a specified user in a user pool.
default CompleteWebAuthnRegistrationResponse	completeWebAuthnRegistration(Consumer<CompleteWebAuthnRegistrationRequest.Builder> completeWebAuthnRegistrationRequest)	Completes registration of a passkey authenticator for the current user.
default CompleteWebAuthnRegistrationResponse	completeWebAuthnRegistration(CompleteWebAuthnRegistrationRequest completeWebAuthnRegistrationRequest)	Completes registration of a passkey authenticator for the current user.
default ConfirmDeviceResponse	confirmDevice(Consumer<ConfirmDeviceRequest.Builder> confirmDeviceRequest)	Confirms a device that a user wants to remember.
default ConfirmDeviceResponse	confirmDevice(ConfirmDeviceRequest confirmDeviceRequest)	Confirms a device that a user wants to remember.
default ConfirmForgotPasswordResponse	confirmForgotPassword(Consumer<ConfirmForgotPasswordRequest.Builder> confirmForgotPasswordRequest)	This public API operation accepts a confirmation code that Amazon Cognito sent to a user and accepts a new password for that user.
default ConfirmForgotPasswordResponse	confirmForgotPassword(ConfirmForgotPasswordRequest confirmForgotPasswordRequest)	This public API operation accepts a confirmation code that Amazon Cognito sent to a user and accepts a new password for that user.
default ConfirmSignUpResponse	confirmSignUp(Consumer<ConfirmSignUpRequest.Builder> confirmSignUpRequest)	This public API operation submits a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation.
default ConfirmSignUpResponse	confirmSignUp(ConfirmSignUpRequest confirmSignUpRequest)	This public API operation submits a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation.
static CognitoIdentityProviderClient	create()	Create a CognitoIdentityProviderClient with the region loaded from the DefaultAwsRegionProviderChain and credentials loaded from the DefaultCredentialsProvider.
default CreateGroupResponse	createGroup(Consumer<CreateGroupRequest.Builder> createGroupRequest)	Creates a new group in the specified user pool.
default CreateGroupResponse	createGroup(CreateGroupRequest createGroupRequest)	Creates a new group in the specified user pool.
default CreateIdentityProviderResponse	createIdentityProvider(Consumer<CreateIdentityProviderRequest.Builder> createIdentityProviderRequest)	Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.
default CreateIdentityProviderResponse	createIdentityProvider(CreateIdentityProviderRequest createIdentityProviderRequest)	Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.
default CreateManagedLoginBrandingResponse	createManagedLoginBranding(Consumer<CreateManagedLoginBrandingRequest.Builder> createManagedLoginBrandingRequest)	Creates a new set of branding settings for a user pool style and associates it with an app client.
default CreateManagedLoginBrandingResponse	createManagedLoginBranding(CreateManagedLoginBrandingRequest createManagedLoginBrandingRequest)	Creates a new set of branding settings for a user pool style and associates it with an app client.
default CreateResourceServerResponse	createResourceServer(Consumer<CreateResourceServerRequest.Builder> createResourceServerRequest)	Creates a new OAuth2.0 resource server and defines custom scopes within it.
default CreateResourceServerResponse	createResourceServer(CreateResourceServerRequest createResourceServerRequest)	Creates a new OAuth2.0 resource server and defines custom scopes within it.
default CreateUserImportJobResponse	createUserImportJob(Consumer<CreateUserImportJobRequest.Builder> createUserImportJobRequest)	Creates a user import job.
default CreateUserImportJobResponse	createUserImportJob(CreateUserImportJobRequest createUserImportJobRequest)	Creates a user import job.
default CreateUserPoolResponse	createUserPool(Consumer<CreateUserPoolRequest.Builder> createUserPoolRequest)
default CreateUserPoolResponse	createUserPool(CreateUserPoolRequest createUserPoolRequest)
default CreateUserPoolClientResponse	createUserPoolClient(Consumer<CreateUserPoolClientRequest.Builder> createUserPoolClientRequest)	Creates an app client in a user pool.
default CreateUserPoolClientResponse	createUserPoolClient(CreateUserPoolClientRequest createUserPoolClientRequest)	Creates an app client in a user pool.
default CreateUserPoolDomainResponse	createUserPoolDomain(Consumer<CreateUserPoolDomainRequest.Builder> createUserPoolDomainRequest)	A user pool domain hosts managed login, an authorization server and web server for authentication in your application.
default CreateUserPoolDomainResponse	createUserPoolDomain(CreateUserPoolDomainRequest createUserPoolDomainRequest)	A user pool domain hosts managed login, an authorization server and web server for authentication in your application.
default DeleteGroupResponse	deleteGroup(Consumer<DeleteGroupRequest.Builder> deleteGroupRequest)	Deletes a group from the specified user pool.
default DeleteGroupResponse	deleteGroup(DeleteGroupRequest deleteGroupRequest)	Deletes a group from the specified user pool.
default DeleteIdentityProviderResponse	deleteIdentityProvider(Consumer<DeleteIdentityProviderRequest.Builder> deleteIdentityProviderRequest)	Deletes a user pool identity provider (IdP).
default DeleteIdentityProviderResponse	deleteIdentityProvider(DeleteIdentityProviderRequest deleteIdentityProviderRequest)	Deletes a user pool identity provider (IdP).
default DeleteManagedLoginBrandingResponse	deleteManagedLoginBranding(Consumer<DeleteManagedLoginBrandingRequest.Builder> deleteManagedLoginBrandingRequest)	Deletes a managed login branding style.
default DeleteManagedLoginBrandingResponse	deleteManagedLoginBranding(DeleteManagedLoginBrandingRequest deleteManagedLoginBrandingRequest)	Deletes a managed login branding style.
default DeleteResourceServerResponse	deleteResourceServer(Consumer<DeleteResourceServerRequest.Builder> deleteResourceServerRequest)	Deletes a resource server.
default DeleteResourceServerResponse	deleteResourceServer(DeleteResourceServerRequest deleteResourceServerRequest)	Deletes a resource server.
default DeleteUserResponse	deleteUser(Consumer<DeleteUserRequest.Builder> deleteUserRequest)	Self-deletes a user profile.
default DeleteUserResponse	deleteUser(DeleteUserRequest deleteUserRequest)	Self-deletes a user profile.
default DeleteUserAttributesResponse	deleteUserAttributes(Consumer<DeleteUserAttributesRequest.Builder> deleteUserAttributesRequest)	Self-deletes attributes for a user.
default DeleteUserAttributesResponse	deleteUserAttributes(DeleteUserAttributesRequest deleteUserAttributesRequest)	Self-deletes attributes for a user.
default DeleteUserPoolResponse	deleteUserPool(Consumer<DeleteUserPoolRequest.Builder> deleteUserPoolRequest)	Deletes a user pool.
default DeleteUserPoolResponse	deleteUserPool(DeleteUserPoolRequest deleteUserPoolRequest)	Deletes a user pool.
default DeleteUserPoolClientResponse	deleteUserPoolClient(Consumer<DeleteUserPoolClientRequest.Builder> deleteUserPoolClientRequest)	Deletes a user pool app client.
default DeleteUserPoolClientResponse	deleteUserPoolClient(DeleteUserPoolClientRequest deleteUserPoolClientRequest)	Deletes a user pool app client.
default DeleteUserPoolDomainResponse	deleteUserPoolDomain(Consumer<DeleteUserPoolDomainRequest.Builder> deleteUserPoolDomainRequest)	Given a user pool ID and domain identifier, deletes a user pool domain.
default DeleteUserPoolDomainResponse	deleteUserPoolDomain(DeleteUserPoolDomainRequest deleteUserPoolDomainRequest)	Given a user pool ID and domain identifier, deletes a user pool domain.
default DeleteWebAuthnCredentialResponse	deleteWebAuthnCredential(Consumer<DeleteWebAuthnCredentialRequest.Builder> deleteWebAuthnCredentialRequest)	Deletes a registered passkey, or webauthN, authenticator for the currently signed-in user.
default DeleteWebAuthnCredentialResponse	deleteWebAuthnCredential(DeleteWebAuthnCredentialRequest deleteWebAuthnCredentialRequest)	Deletes a registered passkey, or webauthN, authenticator for the currently signed-in user.
default DescribeIdentityProviderResponse	describeIdentityProvider(Consumer<DescribeIdentityProviderRequest.Builder> describeIdentityProviderRequest)	Given a user pool ID and identity provider (IdP) name, returns details about the IdP.
default DescribeIdentityProviderResponse	describeIdentityProvider(DescribeIdentityProviderRequest describeIdentityProviderRequest)	Given a user pool ID and identity provider (IdP) name, returns details about the IdP.
default DescribeManagedLoginBrandingResponse	describeManagedLoginBranding(Consumer<DescribeManagedLoginBrandingRequest.Builder> describeManagedLoginBrandingRequest)	Given the ID of a managed login branding style, returns detailed information about the style.
default DescribeManagedLoginBrandingResponse	describeManagedLoginBranding(DescribeManagedLoginBrandingRequest describeManagedLoginBrandingRequest)	Given the ID of a managed login branding style, returns detailed information about the style.
default DescribeManagedLoginBrandingByClientResponse	describeManagedLoginBrandingByClient(Consumer<DescribeManagedLoginBrandingByClientRequest.Builder> describeManagedLoginBrandingByClientRequest)	Given the ID of a user pool app client, returns detailed information about the style assigned to the app client.
default DescribeManagedLoginBrandingByClientResponse	describeManagedLoginBrandingByClient(DescribeManagedLoginBrandingByClientRequest describeManagedLoginBrandingByClientRequest)	Given the ID of a user pool app client, returns detailed information about the style assigned to the app client.
default DescribeResourceServerResponse	describeResourceServer(Consumer<DescribeResourceServerRequest.Builder> describeResourceServerRequest)	Describes a resource server.
default DescribeResourceServerResponse	describeResourceServer(DescribeResourceServerRequest describeResourceServerRequest)	Describes a resource server.
default DescribeRiskConfigurationResponse	describeRiskConfiguration(Consumer<DescribeRiskConfigurationRequest.Builder> describeRiskConfigurationRequest)	Given an app client or user pool ID where threat protection is configured, describes the risk configuration.
default DescribeRiskConfigurationResponse	describeRiskConfiguration(DescribeRiskConfigurationRequest describeRiskConfigurationRequest)	Given an app client or user pool ID where threat protection is configured, describes the risk configuration.
default DescribeUserImportJobResponse	describeUserImportJob(Consumer<DescribeUserImportJobRequest.Builder> describeUserImportJobRequest)	Describes a user import job.
default DescribeUserImportJobResponse	describeUserImportJob(DescribeUserImportJobRequest describeUserImportJobRequest)	Describes a user import job.
default DescribeUserPoolResponse	describeUserPool(Consumer<DescribeUserPoolRequest.Builder> describeUserPoolRequest)	Given a user pool ID, returns configuration information.
default DescribeUserPoolResponse	describeUserPool(DescribeUserPoolRequest describeUserPoolRequest)	Given a user pool ID, returns configuration information.
default DescribeUserPoolClientResponse	describeUserPoolClient(Consumer<DescribeUserPoolClientRequest.Builder> describeUserPoolClientRequest)	Given an app client ID, returns configuration information.
default DescribeUserPoolClientResponse	describeUserPoolClient(DescribeUserPoolClientRequest describeUserPoolClientRequest)	Given an app client ID, returns configuration information.
default DescribeUserPoolDomainResponse	describeUserPoolDomain(Consumer<DescribeUserPoolDomainRequest.Builder> describeUserPoolDomainRequest)	Given a user pool domain name, returns information about the domain configuration.
default DescribeUserPoolDomainResponse	describeUserPoolDomain(DescribeUserPoolDomainRequest describeUserPoolDomainRequest)	Given a user pool domain name, returns information about the domain configuration.
default ForgetDeviceResponse	forgetDevice(Consumer<ForgetDeviceRequest.Builder> forgetDeviceRequest)	Forgets the specified device.
default ForgetDeviceResponse	forgetDevice(ForgetDeviceRequest forgetDeviceRequest)	Forgets the specified device.
default ForgotPasswordResponse	forgotPassword(Consumer<ForgotPasswordRequest.Builder> forgotPasswordRequest)	Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password.
default ForgotPasswordResponse	forgotPassword(ForgotPasswordRequest forgotPasswordRequest)	Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password.
default GetCsvHeaderResponse	getCSVHeader(Consumer<GetCsvHeaderRequest.Builder> getCsvHeaderRequest)	Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.
default GetCsvHeaderResponse	getCSVHeader(GetCsvHeaderRequest getCsvHeaderRequest)	Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.
default GetDeviceResponse	getDevice(Consumer<GetDeviceRequest.Builder> getDeviceRequest)	Gets the device.
default GetDeviceResponse	getDevice(GetDeviceRequest getDeviceRequest)	Gets the device.
default GetGroupResponse	getGroup(Consumer<GetGroupRequest.Builder> getGroupRequest)	Gets a group.
default GetGroupResponse	getGroup(GetGroupRequest getGroupRequest)	Gets a group.
default GetIdentityProviderByIdentifierResponse	getIdentityProviderByIdentifier(Consumer<GetIdentityProviderByIdentifierRequest.Builder> getIdentityProviderByIdentifierRequest)	Gets the specified IdP.
default GetIdentityProviderByIdentifierResponse	getIdentityProviderByIdentifier(GetIdentityProviderByIdentifierRequest getIdentityProviderByIdentifierRequest)	Gets the specified IdP.
default GetLogDeliveryConfigurationResponse	getLogDeliveryConfiguration(Consumer<GetLogDeliveryConfigurationRequest.Builder> getLogDeliveryConfigurationRequest)	Gets the logging configuration of a user pool.
default GetLogDeliveryConfigurationResponse	getLogDeliveryConfiguration(GetLogDeliveryConfigurationRequest getLogDeliveryConfigurationRequest)	Gets the logging configuration of a user pool.
default GetSigningCertificateResponse	getSigningCertificate(Consumer<GetSigningCertificateRequest.Builder> getSigningCertificateRequest)	This method takes a user pool ID, and returns the signing certificate.
default GetSigningCertificateResponse	getSigningCertificate(GetSigningCertificateRequest getSigningCertificateRequest)	This method takes a user pool ID, and returns the signing certificate.
default GetUiCustomizationResponse	getUICustomization(Consumer<GetUiCustomizationRequest.Builder> getUiCustomizationRequest)	Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client.
default GetUiCustomizationResponse	getUICustomization(GetUiCustomizationRequest getUiCustomizationRequest)	Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client.
default GetUserResponse	getUser(Consumer<GetUserRequest.Builder> getUserRequest)	Gets the user attributes and metadata for a user.
default GetUserResponse	getUser(GetUserRequest getUserRequest)	Gets the user attributes and metadata for a user.
default GetUserAttributeVerificationCodeResponse	getUserAttributeVerificationCode(Consumer<GetUserAttributeVerificationCodeRequest.Builder> getUserAttributeVerificationCodeRequest)	Generates a user attribute verification code for the specified attribute name.
default GetUserAttributeVerificationCodeResponse	getUserAttributeVerificationCode(GetUserAttributeVerificationCodeRequest getUserAttributeVerificationCodeRequest)	Generates a user attribute verification code for the specified attribute name.
default GetUserAuthFactorsResponse	getUserAuthFactors(Consumer<GetUserAuthFactorsRequest.Builder> getUserAuthFactorsRequest)	Lists the authentication options for the currently signed-in user.
default GetUserAuthFactorsResponse	getUserAuthFactors(GetUserAuthFactorsRequest getUserAuthFactorsRequest)	Lists the authentication options for the currently signed-in user.
default GetUserPoolMfaConfigResponse	getUserPoolMfaConfig(Consumer<GetUserPoolMfaConfigRequest.Builder> getUserPoolMfaConfigRequest)	Gets the user pool multi-factor authentication (MFA) configuration.
default GetUserPoolMfaConfigResponse	getUserPoolMfaConfig(GetUserPoolMfaConfigRequest getUserPoolMfaConfigRequest)	Gets the user pool multi-factor authentication (MFA) configuration.
default GlobalSignOutResponse	globalSignOut(Consumer<GlobalSignOutRequest.Builder> globalSignOutRequest)	Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user.
default GlobalSignOutResponse	globalSignOut(GlobalSignOutRequest globalSignOutRequest)	Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user.
default InitiateAuthResponse	initiateAuth(Consumer<InitiateAuthRequest.Builder> initiateAuthRequest)	Initiates sign-in for a user in the Amazon Cognito user directory.
default InitiateAuthResponse	initiateAuth(InitiateAuthRequest initiateAuthRequest)	Initiates sign-in for a user in the Amazon Cognito user directory.
default ListDevicesResponse	listDevices(Consumer<ListDevicesRequest.Builder> listDevicesRequest)	Lists the sign-in devices that Amazon Cognito has registered to the current user.
default ListDevicesResponse	listDevices(ListDevicesRequest listDevicesRequest)	Lists the sign-in devices that Amazon Cognito has registered to the current user.
default ListGroupsResponse	listGroups(Consumer<ListGroupsRequest.Builder> listGroupsRequest)	Lists the groups associated with a user pool.
default ListGroupsResponse	listGroups(ListGroupsRequest listGroupsRequest)	Lists the groups associated with a user pool.
default ListGroupsIterable	listGroupsPaginator(Consumer<ListGroupsRequest.Builder> listGroupsRequest)	This is a variant of listGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest) operation.
default ListGroupsIterable	listGroupsPaginator(ListGroupsRequest listGroupsRequest)	This is a variant of listGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest) operation.
default ListIdentityProvidersResponse	listIdentityProviders(Consumer<ListIdentityProvidersRequest.Builder> listIdentityProvidersRequest)	Lists information about all IdPs for a user pool.
default ListIdentityProvidersResponse	listIdentityProviders(ListIdentityProvidersRequest listIdentityProvidersRequest)	Lists information about all IdPs for a user pool.
default ListIdentityProvidersIterable	listIdentityProvidersPaginator(Consumer<ListIdentityProvidersRequest.Builder> listIdentityProvidersRequest)	This is a variant of listIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest) operation.
default ListIdentityProvidersIterable	listIdentityProvidersPaginator(ListIdentityProvidersRequest listIdentityProvidersRequest)	This is a variant of listIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest) operation.
default ListResourceServersResponse	listResourceServers(Consumer<ListResourceServersRequest.Builder> listResourceServersRequest)	Lists the resource servers for a user pool.
default ListResourceServersResponse	listResourceServers(ListResourceServersRequest listResourceServersRequest)	Lists the resource servers for a user pool.
default ListResourceServersIterable	listResourceServersPaginator(Consumer<ListResourceServersRequest.Builder> listResourceServersRequest)	This is a variant of listResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest) operation.
default ListResourceServersIterable	listResourceServersPaginator(ListResourceServersRequest listResourceServersRequest)	This is a variant of listResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest) operation.
default ListTagsForResourceResponse	listTagsForResource(Consumer<ListTagsForResourceRequest.Builder> listTagsForResourceRequest)	Lists the tags that are assigned to an Amazon Cognito user pool.
default ListTagsForResourceResponse	listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest)	Lists the tags that are assigned to an Amazon Cognito user pool.
default ListUserImportJobsResponse	listUserImportJobs(Consumer<ListUserImportJobsRequest.Builder> listUserImportJobsRequest)	Lists user import jobs for a user pool.
default ListUserImportJobsResponse	listUserImportJobs(ListUserImportJobsRequest listUserImportJobsRequest)	Lists user import jobs for a user pool.
default ListUserPoolClientsResponse	listUserPoolClients(Consumer<ListUserPoolClientsRequest.Builder> listUserPoolClientsRequest)	Lists the clients that have been created for the specified user pool.
default ListUserPoolClientsResponse	listUserPoolClients(ListUserPoolClientsRequest listUserPoolClientsRequest)	Lists the clients that have been created for the specified user pool.
default ListUserPoolClientsIterable	listUserPoolClientsPaginator(Consumer<ListUserPoolClientsRequest.Builder> listUserPoolClientsRequest)	This is a variant of listUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest) operation.
default ListUserPoolClientsIterable	listUserPoolClientsPaginator(ListUserPoolClientsRequest listUserPoolClientsRequest)	This is a variant of listUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest) operation.
default ListUserPoolsResponse	listUserPools(Consumer<ListUserPoolsRequest.Builder> listUserPoolsRequest)	Lists the user pools associated with an Amazon Web Services account.
default ListUserPoolsResponse	listUserPools(ListUserPoolsRequest listUserPoolsRequest)	Lists the user pools associated with an Amazon Web Services account.
default ListUserPoolsIterable	listUserPoolsPaginator(Consumer<ListUserPoolsRequest.Builder> listUserPoolsRequest)	This is a variant of listUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest) operation.
default ListUserPoolsIterable	listUserPoolsPaginator(ListUserPoolsRequest listUserPoolsRequest)	This is a variant of listUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest) operation.
default ListUsersResponse	listUsers(Consumer<ListUsersRequest.Builder> listUsersRequest)	Lists users and their basic details in a user pool.
default ListUsersResponse	listUsers(ListUsersRequest listUsersRequest)	Lists users and their basic details in a user pool.
default ListUsersInGroupResponse	listUsersInGroup(Consumer<ListUsersInGroupRequest.Builder> listUsersInGroupRequest)	Lists the users in the specified group.
default ListUsersInGroupResponse	listUsersInGroup(ListUsersInGroupRequest listUsersInGroupRequest)	Lists the users in the specified group.
default ListUsersInGroupIterable	listUsersInGroupPaginator(Consumer<ListUsersInGroupRequest.Builder> listUsersInGroupRequest)	This is a variant of listUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest) operation.
default ListUsersInGroupIterable	listUsersInGroupPaginator(ListUsersInGroupRequest listUsersInGroupRequest)	This is a variant of listUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest) operation.
default ListUsersIterable	listUsersPaginator(Consumer<ListUsersRequest.Builder> listUsersRequest)	This is a variant of listUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest) operation.
default ListUsersIterable	listUsersPaginator(ListUsersRequest listUsersRequest)	This is a variant of listUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest) operation.
default ListWebAuthnCredentialsResponse	listWebAuthnCredentials(Consumer<ListWebAuthnCredentialsRequest.Builder> listWebAuthnCredentialsRequest)	Generates a list of the current user's registered passkey, or webauthN, credentials.
default ListWebAuthnCredentialsResponse	listWebAuthnCredentials(ListWebAuthnCredentialsRequest listWebAuthnCredentialsRequest)	Generates a list of the current user's registered passkey, or webauthN, credentials.
default ResendConfirmationCodeResponse	resendConfirmationCode(Consumer<ResendConfirmationCodeRequest.Builder> resendConfirmationCodeRequest)	Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
default ResendConfirmationCodeResponse	resendConfirmationCode(ResendConfirmationCodeRequest resendConfirmationCodeRequest)	Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
default RespondToAuthChallengeResponse	respondToAuthChallenge(Consumer<RespondToAuthChallengeRequest.Builder> respondToAuthChallengeRequest)	Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge.
default RespondToAuthChallengeResponse	respondToAuthChallenge(RespondToAuthChallengeRequest respondToAuthChallengeRequest)	Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge.
default RevokeTokenResponse	revokeToken(Consumer<RevokeTokenRequest.Builder> revokeTokenRequest)	Revokes all of the access tokens generated by, and at the same time as, the specified refresh token.
default RevokeTokenResponse	revokeToken(RevokeTokenRequest revokeTokenRequest)	Revokes all of the access tokens generated by, and at the same time as, the specified refresh token.
default CognitoIdentityProviderServiceClientConfiguration	serviceClientConfiguration()
static ServiceMetadata	serviceMetadata()
default SetLogDeliveryConfigurationResponse	setLogDeliveryConfiguration(Consumer<SetLogDeliveryConfigurationRequest.Builder> setLogDeliveryConfigurationRequest)	Sets up or modifies the logging configuration of a user pool.
default SetLogDeliveryConfigurationResponse	setLogDeliveryConfiguration(SetLogDeliveryConfigurationRequest setLogDeliveryConfigurationRequest)	Sets up or modifies the logging configuration of a user pool.
default SetRiskConfigurationResponse	setRiskConfiguration(Consumer<SetRiskConfigurationRequest.Builder> setRiskConfigurationRequest)	Configures actions on detected risks.
default SetRiskConfigurationResponse	setRiskConfiguration(SetRiskConfigurationRequest setRiskConfigurationRequest)	Configures actions on detected risks.
default SetUiCustomizationResponse	setUICustomization(Consumer<SetUiCustomizationRequest.Builder> setUiCustomizationRequest)	Sets the user interface (UI) customization information for a user pool's built-in app UI.
default SetUiCustomizationResponse	setUICustomization(SetUiCustomizationRequest setUiCustomizationRequest)	Sets the user interface (UI) customization information for a user pool's built-in app UI.
default SetUserMfaPreferenceResponse	setUserMFAPreference(Consumer<SetUserMfaPreferenceRequest.Builder> setUserMfaPreferenceRequest)	Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred.
default SetUserMfaPreferenceResponse	setUserMFAPreference(SetUserMfaPreferenceRequest setUserMfaPreferenceRequest)	Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred.
default SetUserPoolMfaConfigResponse	setUserPoolMfaConfig(Consumer<SetUserPoolMfaConfigRequest.Builder> setUserPoolMfaConfigRequest)	Sets the user pool multi-factor authentication (MFA) and passkey configuration.
default SetUserPoolMfaConfigResponse	setUserPoolMfaConfig(SetUserPoolMfaConfigRequest setUserPoolMfaConfigRequest)	Sets the user pool multi-factor authentication (MFA) and passkey configuration.
default SetUserSettingsResponse	setUserSettings(Consumer<SetUserSettingsRequest.Builder> setUserSettingsRequest)	This action is no longer supported. You can use it to configure only SMS MFA.
default SetUserSettingsResponse	setUserSettings(SetUserSettingsRequest setUserSettingsRequest)	This action is no longer supported. You can use it to configure only SMS MFA.
default SignUpResponse	signUp(Consumer<SignUpRequest.Builder> signUpRequest)	Registers the user in the specified user pool and creates a user name, password, and user attributes.
default SignUpResponse	signUp(SignUpRequest signUpRequest)	Registers the user in the specified user pool and creates a user name, password, and user attributes.
default StartUserImportJobResponse	startUserImportJob(Consumer<StartUserImportJobRequest.Builder> startUserImportJobRequest)	Starts the user import.
default StartUserImportJobResponse	startUserImportJob(StartUserImportJobRequest startUserImportJobRequest)	Starts the user import.
default StartWebAuthnRegistrationResponse	startWebAuthnRegistration(Consumer<StartWebAuthnRegistrationRequest.Builder> startWebAuthnRegistrationRequest)	Requests credential creation options from your user pool for registration of a passkey authenticator.
default StartWebAuthnRegistrationResponse	startWebAuthnRegistration(StartWebAuthnRegistrationRequest startWebAuthnRegistrationRequest)	Requests credential creation options from your user pool for registration of a passkey authenticator.
default StopUserImportJobResponse	stopUserImportJob(Consumer<StopUserImportJobRequest.Builder> stopUserImportJobRequest)	Stops the user import job.
default StopUserImportJobResponse	stopUserImportJob(StopUserImportJobRequest stopUserImportJobRequest)	Stops the user import job.
default TagResourceResponse	tagResource(Consumer<TagResourceRequest.Builder> tagResourceRequest)	Assigns a set of tags to an Amazon Cognito user pool.
default TagResourceResponse	tagResource(TagResourceRequest tagResourceRequest)	Assigns a set of tags to an Amazon Cognito user pool.
default UntagResourceResponse	untagResource(Consumer<UntagResourceRequest.Builder> untagResourceRequest)	Removes the specified tags from an Amazon Cognito user pool.
default UntagResourceResponse	untagResource(UntagResourceRequest untagResourceRequest)	Removes the specified tags from an Amazon Cognito user pool.
default UpdateAuthEventFeedbackResponse	updateAuthEventFeedback(Consumer<UpdateAuthEventFeedbackRequest.Builder> updateAuthEventFeedbackRequest)	Provides the feedback for an authentication event, whether it was from a valid user or not.
default UpdateAuthEventFeedbackResponse	updateAuthEventFeedback(UpdateAuthEventFeedbackRequest updateAuthEventFeedbackRequest)	Provides the feedback for an authentication event, whether it was from a valid user or not.
default UpdateDeviceStatusResponse	updateDeviceStatus(Consumer<UpdateDeviceStatusRequest.Builder> updateDeviceStatusRequest)	Updates the device status.
default UpdateDeviceStatusResponse	updateDeviceStatus(UpdateDeviceStatusRequest updateDeviceStatusRequest)	Updates the device status.
default UpdateGroupResponse	updateGroup(Consumer<UpdateGroupRequest.Builder> updateGroupRequest)	Updates the specified group with the specified attributes.
default UpdateGroupResponse	updateGroup(UpdateGroupRequest updateGroupRequest)	Updates the specified group with the specified attributes.
default UpdateIdentityProviderResponse	updateIdentityProvider(Consumer<UpdateIdentityProviderRequest.Builder> updateIdentityProviderRequest)	Updates IdP information for a user pool.
default UpdateIdentityProviderResponse	updateIdentityProvider(UpdateIdentityProviderRequest updateIdentityProviderRequest)	Updates IdP information for a user pool.
default UpdateManagedLoginBrandingResponse	updateManagedLoginBranding(Consumer<UpdateManagedLoginBrandingRequest.Builder> updateManagedLoginBrandingRequest)	Configures the branding settings for a user pool style.
default UpdateManagedLoginBrandingResponse	updateManagedLoginBranding(UpdateManagedLoginBrandingRequest updateManagedLoginBrandingRequest)	Configures the branding settings for a user pool style.
default UpdateResourceServerResponse	updateResourceServer(Consumer<UpdateResourceServerRequest.Builder> updateResourceServerRequest)	Updates the name and scopes of resource server.
default UpdateResourceServerResponse	updateResourceServer(UpdateResourceServerRequest updateResourceServerRequest)	Updates the name and scopes of resource server.
default UpdateUserAttributesResponse	updateUserAttributes(Consumer<UpdateUserAttributesRequest.Builder> updateUserAttributesRequest)	With this operation, your users can update one or more of their attributes with their own credentials.
default UpdateUserAttributesResponse	updateUserAttributes(UpdateUserAttributesRequest updateUserAttributesRequest)	With this operation, your users can update one or more of their attributes with their own credentials.
default UpdateUserPoolResponse	updateUserPool(Consumer<UpdateUserPoolRequest.Builder> updateUserPoolRequest)
default UpdateUserPoolResponse	updateUserPool(UpdateUserPoolRequest updateUserPoolRequest)
default UpdateUserPoolClientResponse	updateUserPoolClient(Consumer<UpdateUserPoolClientRequest.Builder> updateUserPoolClientRequest)	Updates the specified user pool app client with the specified attributes.
default UpdateUserPoolClientResponse	updateUserPoolClient(UpdateUserPoolClientRequest updateUserPoolClientRequest)	Updates the specified user pool app client with the specified attributes.
default UpdateUserPoolDomainResponse	updateUserPoolDomain(Consumer<UpdateUserPoolDomainRequest.Builder> updateUserPoolDomainRequest)	A user pool domain hosts managed login, an authorization server and web server for authentication in your application.
default UpdateUserPoolDomainResponse	updateUserPoolDomain(UpdateUserPoolDomainRequest updateUserPoolDomainRequest)	A user pool domain hosts managed login, an authorization server and web server for authentication in your application.
default VerifySoftwareTokenResponse	verifySoftwareToken(Consumer<VerifySoftwareTokenRequest.Builder> verifySoftwareTokenRequest)	Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful.
default VerifySoftwareTokenResponse	verifySoftwareToken(VerifySoftwareTokenRequest verifySoftwareTokenRequest)	Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful.
default VerifyUserAttributeResponse	verifyUserAttribute(Consumer<VerifyUserAttributeRequest.Builder> verifyUserAttributeRequest)	Verifies the specified user attributes in the user pool.
default VerifyUserAttributeResponse	verifyUserAttribute(VerifyUserAttributeRequest verifyUserAttributeRequest)	Verifies the specified user attributes in the user pool.

Methods inherited from interface software.amazon.awssdk.utils.SdkAutoCloseable

close

Methods inherited from interface software.amazon.awssdk.core.SdkClient

serviceName

Field Detail

SERVICE_NAME

static final String SERVICE_NAME

See Also:

Constant Field Values

SERVICE_METADATA_ID

static final String SERVICE_METADATA_ID

Value for looking up the service's metadata from the ServiceMetadataProvider.

See Also:

Constant Field Values

Method Detail

addCustomAttributes

default AddCustomAttributesResponse addCustomAttributes(AddCustomAttributesRequest addCustomAttributesRequest)
                                                 throws ResourceNotFoundException,
                                                        InvalidParameterException,
                                                        TooManyRequestsException,
                                                        NotAuthorizedException,
                                                        UserImportInProgressException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Adds additional user attributes to the user pool schema. Custom attributes can be mutable or immutable and have a custom: or dev: prefix. For more information, see Custom attributes.

You can also create custom attributes in the Schema parameter of CreateUserPool and UpdateUserPool. You can't delete custom attributes after you create them.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

addCustomAttributesRequest - Represents the request to add custom attributes.

Returns:

Result of the AddCustomAttributes operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserImportInProgressException - This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

addCustomAttributes

default AddCustomAttributesResponse addCustomAttributes(Consumer<AddCustomAttributesRequest.Builder> addCustomAttributesRequest)
                                                 throws ResourceNotFoundException,
                                                        InvalidParameterException,
                                                        TooManyRequestsException,
                                                        NotAuthorizedException,
                                                        UserImportInProgressException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Adds additional user attributes to the user pool schema. Custom attributes can be mutable or immutable and have a custom: or dev: prefix. For more information, see Custom attributes.

You can also create custom attributes in the Schema parameter of CreateUserPool and UpdateUserPool. You can't delete custom attributes after you create them.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AddCustomAttributesRequest.Builder avoiding the need to create one manually via AddCustomAttributesRequest.builder()

Parameters:

addCustomAttributesRequest - A Consumer that will call methods on AddCustomAttributesRequest.Builder to create a request. Represents the request to add custom attributes.

Returns:

Result of the AddCustomAttributes operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserImportInProgressException - This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminAddUserToGroup

default AdminAddUserToGroupResponse adminAddUserToGroup(AdminAddUserToGroupRequest adminAddUserToGroupRequest)
                                                 throws InvalidParameterException,
                                                        ResourceNotFoundException,
                                                        TooManyRequestsException,
                                                        NotAuthorizedException,
                                                        UserNotFoundException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Adds a user to a group. A user who is in a group can present a preferred-role claim to an identity pool, and populates a cognito:groups claim to their access and identity tokens.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminAddUserToGroupRequest -

Returns:

Result of the AdminAddUserToGroup operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminAddUserToGroup

default AdminAddUserToGroupResponse adminAddUserToGroup(Consumer<AdminAddUserToGroupRequest.Builder> adminAddUserToGroupRequest)
                                                 throws InvalidParameterException,
                                                        ResourceNotFoundException,
                                                        TooManyRequestsException,
                                                        NotAuthorizedException,
                                                        UserNotFoundException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Adds a user to a group. A user who is in a group can present a preferred-role claim to an identity pool, and populates a cognito:groups claim to their access and identity tokens.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminAddUserToGroupRequest.Builder avoiding the need to create one manually via AdminAddUserToGroupRequest.builder()

Parameters:

adminAddUserToGroupRequest - A Consumer that will call methods on AdminAddUserToGroupRequest.Builder to create a request.

Returns:

Result of the AdminAddUserToGroup operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminConfirmSignUp

default AdminConfirmSignUpResponse adminConfirmSignUp(AdminConfirmSignUpRequest adminConfirmSignUpRequest)
                                               throws ResourceNotFoundException,
                                                      InvalidParameterException,
                                                      UnexpectedLambdaException,
                                                      UserLambdaValidationException,
                                                      NotAuthorizedException,
                                                      TooManyFailedAttemptsException,
                                                      InvalidLambdaResponseException,
                                                      TooManyRequestsException,
                                                      LimitExceededException,
                                                      UserNotFoundException,
                                                      InternalErrorException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Confirms user sign-up as an administrator. Unlike ConfirmSignUp, your IAM credentials authorize user account confirmation. No confirmation code is required.

This request sets a user account active in a user pool that requires confirmation of new user accounts before they can sign in. You can configure your user pool to not send confirmation codes to new users and instead confirm them with this API operation on the back end.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

To configure your user pool to require administrative confirmation of users, set AllowAdminCreateUserOnly to true in a CreateUserPool or UpdateUserPool request.

Parameters:

adminConfirmSignUpRequest - Confirm a user's registration as a user pool administrator.

Returns:

Result of the AdminConfirmSignUp operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyFailedAttemptsException - This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminConfirmSignUp

default AdminConfirmSignUpResponse adminConfirmSignUp(Consumer<AdminConfirmSignUpRequest.Builder> adminConfirmSignUpRequest)
                                               throws ResourceNotFoundException,
                                                      InvalidParameterException,
                                                      UnexpectedLambdaException,
                                                      UserLambdaValidationException,
                                                      NotAuthorizedException,
                                                      TooManyFailedAttemptsException,
                                                      InvalidLambdaResponseException,
                                                      TooManyRequestsException,
                                                      LimitExceededException,
                                                      UserNotFoundException,
                                                      InternalErrorException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Confirms user sign-up as an administrator. Unlike ConfirmSignUp, your IAM credentials authorize user account confirmation. No confirmation code is required.

This request sets a user account active in a user pool that requires confirmation of new user accounts before they can sign in. You can configure your user pool to not send confirmation codes to new users and instead confirm them with this API operation on the back end.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

To configure your user pool to require administrative confirmation of users, set AllowAdminCreateUserOnly to true in a CreateUserPool or UpdateUserPool request.

This is a convenience which creates an instance of the AdminConfirmSignUpRequest.Builder avoiding the need to create one manually via AdminConfirmSignUpRequest.builder()

Parameters:

adminConfirmSignUpRequest - A Consumer that will call methods on AdminConfirmSignUpRequest.Builder to create a request. Confirm a user's registration as a user pool administrator.

Returns:

Result of the AdminConfirmSignUp operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyFailedAttemptsException - This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminCreateUser

default AdminCreateUserResponse adminCreateUser(AdminCreateUserRequest adminCreateUserRequest)
                                         throws ResourceNotFoundException,
                                                InvalidParameterException,
                                                UserNotFoundException,
                                                UsernameExistsException,
                                                InvalidPasswordException,
                                                CodeDeliveryFailureException,
                                                UnexpectedLambdaException,
                                                UserLambdaValidationException,
                                                InvalidLambdaResponseException,
                                                PreconditionNotMetException,
                                                InvalidSmsRoleAccessPolicyException,
                                                InvalidSmsRoleTrustRelationshipException,
                                                TooManyRequestsException,
                                                NotAuthorizedException,
                                                UnsupportedUserStateException,
                                                InternalErrorException,
                                                AwsServiceException,
                                                SdkClientException,
                                                CognitoIdentityProviderException

Creates a new user in the specified user pool.

If MessageAction isn't set, the default is to send a welcome message via email or phone (SMS).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.

Alternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction parameter, and Amazon Cognito won't send any email.

In either case, if the user has a password, they will be in the FORCE_CHANGE_PASSWORD state until they sign in and set their password. Your invitation message template must have the {####} password placeholder if your users have passwords. If your template doesn't have this placeholder, Amazon Cognito doesn't deliver the invitation message. In this case, you must update your message template and resend the password with a new AdminCreateUser request with a MessageAction value of RESEND.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminCreateUserRequest - Creates a new user in the specified user pool.

Returns:

Result of the AdminCreateUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UserNotFoundException - This exception is thrown when a user isn't found.

UsernameExistsException - This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

PreconditionNotMetException - This exception is thrown when a precondition is not met.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UnsupportedUserStateException - The request failed because the user is in an unsupported state.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminCreateUser

default AdminCreateUserResponse adminCreateUser(Consumer<AdminCreateUserRequest.Builder> adminCreateUserRequest)
                                         throws ResourceNotFoundException,
                                                InvalidParameterException,
                                                UserNotFoundException,
                                                UsernameExistsException,
                                                InvalidPasswordException,
                                                CodeDeliveryFailureException,
                                                UnexpectedLambdaException,
                                                UserLambdaValidationException,
                                                InvalidLambdaResponseException,
                                                PreconditionNotMetException,
                                                InvalidSmsRoleAccessPolicyException,
                                                InvalidSmsRoleTrustRelationshipException,
                                                TooManyRequestsException,
                                                NotAuthorizedException,
                                                UnsupportedUserStateException,
                                                InternalErrorException,
                                                AwsServiceException,
                                                SdkClientException,
                                                CognitoIdentityProviderException

Creates a new user in the specified user pool.

If MessageAction isn't set, the default is to send a welcome message via email or phone (SMS).

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.

Alternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction parameter, and Amazon Cognito won't send any email.

In either case, if the user has a password, they will be in the FORCE_CHANGE_PASSWORD state until they sign in and set their password. Your invitation message template must have the {####} password placeholder if your users have passwords. If your template doesn't have this placeholder, Amazon Cognito doesn't deliver the invitation message. In this case, you must update your message template and resend the password with a new AdminCreateUser request with a MessageAction value of RESEND.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminCreateUserRequest.Builder avoiding the need to create one manually via AdminCreateUserRequest.builder()

Parameters:

adminCreateUserRequest - A Consumer that will call methods on AdminCreateUserRequest.Builder to create a request. Creates a new user in the specified user pool.

Returns:

Result of the AdminCreateUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UserNotFoundException - This exception is thrown when a user isn't found.

UsernameExistsException - This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

PreconditionNotMetException - This exception is thrown when a precondition is not met.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UnsupportedUserStateException - The request failed because the user is in an unsupported state.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminDeleteUser

default AdminDeleteUserResponse adminDeleteUser(AdminDeleteUserRequest adminDeleteUserRequest)
                                         throws ResourceNotFoundException,
                                                InvalidParameterException,
                                                TooManyRequestsException,
                                                NotAuthorizedException,
                                                UserNotFoundException,
                                                InternalErrorException,
                                                AwsServiceException,
                                                SdkClientException,
                                                CognitoIdentityProviderException

Deletes a user profile in your user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminDeleteUserRequest - Represents the request to delete a user as an administrator.

Returns:

Result of the AdminDeleteUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminDeleteUser

default AdminDeleteUserResponse adminDeleteUser(Consumer<AdminDeleteUserRequest.Builder> adminDeleteUserRequest)
                                         throws ResourceNotFoundException,
                                                InvalidParameterException,
                                                TooManyRequestsException,
                                                NotAuthorizedException,
                                                UserNotFoundException,
                                                InternalErrorException,
                                                AwsServiceException,
                                                SdkClientException,
                                                CognitoIdentityProviderException

Deletes a user profile in your user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminDeleteUserRequest.Builder avoiding the need to create one manually via AdminDeleteUserRequest.builder()

Parameters:

adminDeleteUserRequest - A Consumer that will call methods on AdminDeleteUserRequest.Builder to create a request. Represents the request to delete a user as an administrator.

Returns:

Result of the AdminDeleteUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminDeleteUserAttributes

default AdminDeleteUserAttributesResponse adminDeleteUserAttributes(AdminDeleteUserAttributesRequest adminDeleteUserAttributesRequest)
                                                             throws ResourceNotFoundException,
                                                                    InvalidParameterException,
                                                                    TooManyRequestsException,
                                                                    NotAuthorizedException,
                                                                    UserNotFoundException,
                                                                    InternalErrorException,
                                                                    AwsServiceException,
                                                                    SdkClientException,
                                                                    CognitoIdentityProviderException

Deletes attribute values from a user. This operation doesn't affect tokens for existing user sessions. The next ID token that the user receives will no longer have this attribute.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminDeleteUserAttributesRequest - Represents the request to delete user attributes as an administrator.

Returns:

Result of the AdminDeleteUserAttributes operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminDeleteUserAttributes

default AdminDeleteUserAttributesResponse adminDeleteUserAttributes(Consumer<AdminDeleteUserAttributesRequest.Builder> adminDeleteUserAttributesRequest)
                                                             throws ResourceNotFoundException,
                                                                    InvalidParameterException,
                                                                    TooManyRequestsException,
                                                                    NotAuthorizedException,
                                                                    UserNotFoundException,
                                                                    InternalErrorException,
                                                                    AwsServiceException,
                                                                    SdkClientException,
                                                                    CognitoIdentityProviderException

Deletes attribute values from a user. This operation doesn't affect tokens for existing user sessions. The next ID token that the user receives will no longer have this attribute.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminDeleteUserAttributesRequest.Builder avoiding the need to create one manually via AdminDeleteUserAttributesRequest.builder()

Parameters:

adminDeleteUserAttributesRequest - A Consumer that will call methods on AdminDeleteUserAttributesRequest.Builder to create a request. Represents the request to delete user attributes as an administrator.

Returns:

Result of the AdminDeleteUserAttributes operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminDisableProviderForUser

default AdminDisableProviderForUserResponse adminDisableProviderForUser(AdminDisableProviderForUserRequest adminDisableProviderForUserRequest)
                                                                 throws ResourceNotFoundException,
                                                                        InvalidParameterException,
                                                                        TooManyRequestsException,
                                                                        NotAuthorizedException,
                                                                        UserNotFoundException,
                                                                        AliasExistsException,
                                                                        InternalErrorException,
                                                                        AwsServiceException,
                                                                        SdkClientException,
                                                                        CognitoIdentityProviderException

Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can't use their password to sign in. If the user to deactivate is a linked external IdP user, any link between that user and an existing user is removed. When the external user signs in again, and the user is no longer attached to the previously linked DestinationUser, the user must create a new user account. See AdminLinkProviderForUser.

The ProviderName must match the value specified when creating an IdP for the pool.

To deactivate a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject. The ProviderAttributeValue must be the name that is used in the user pool for the user.

The ProviderAttributeName must always be Cognito_Subject for social IdPs. The ProviderAttributeValue must always be the exact subject that was used when the user was originally linked as a source user.

For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the ProviderAttributeName and ProviderAttributeValue must be the same values that were used for the SourceUser when the identities were originally linked using AdminLinkProviderForUser call. (If the linking was done with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminDisableProviderForUserRequest -

Returns:

Result of the AdminDisableProviderForUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminDisableProviderForUser

default AdminDisableProviderForUserResponse adminDisableProviderForUser(Consumer<AdminDisableProviderForUserRequest.Builder> adminDisableProviderForUserRequest)
                                                                 throws ResourceNotFoundException,
                                                                        InvalidParameterException,
                                                                        TooManyRequestsException,
                                                                        NotAuthorizedException,
                                                                        UserNotFoundException,
                                                                        AliasExistsException,
                                                                        InternalErrorException,
                                                                        AwsServiceException,
                                                                        SdkClientException,
                                                                        CognitoIdentityProviderException

Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can't use their password to sign in. If the user to deactivate is a linked external IdP user, any link between that user and an existing user is removed. When the external user signs in again, and the user is no longer attached to the previously linked DestinationUser, the user must create a new user account. See AdminLinkProviderForUser.

The ProviderName must match the value specified when creating an IdP for the pool.

To deactivate a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject. The ProviderAttributeValue must be the name that is used in the user pool for the user.

The ProviderAttributeName must always be Cognito_Subject for social IdPs. The ProviderAttributeValue must always be the exact subject that was used when the user was originally linked as a source user.

For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the ProviderAttributeName and ProviderAttributeValue must be the same values that were used for the SourceUser when the identities were originally linked using AdminLinkProviderForUser call. (If the linking was done with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminDisableProviderForUserRequest.Builder avoiding the need to create one manually via AdminDisableProviderForUserRequest.builder()

Parameters:

adminDisableProviderForUserRequest - A Consumer that will call methods on AdminDisableProviderForUserRequest.Builder to create a request.

Returns:

Result of the AdminDisableProviderForUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminDisableUser

default AdminDisableUserResponse adminDisableUser(AdminDisableUserRequest adminDisableUserRequest)
                                           throws ResourceNotFoundException,
                                                  InvalidParameterException,
                                                  TooManyRequestsException,
                                                  NotAuthorizedException,
                                                  UserNotFoundException,
                                                  InternalErrorException,
                                                  AwsServiceException,
                                                  SdkClientException,
                                                  CognitoIdentityProviderException

Deactivates a user profile and revokes all access tokens for the user. A deactivated user can't sign in, but still appears in the responses to ListUsers API requests.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminDisableUserRequest - Represents the request to disable the user as an administrator.

Returns:

Result of the AdminDisableUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminDisableUser

default AdminDisableUserResponse adminDisableUser(Consumer<AdminDisableUserRequest.Builder> adminDisableUserRequest)
                                           throws ResourceNotFoundException,
                                                  InvalidParameterException,
                                                  TooManyRequestsException,
                                                  NotAuthorizedException,
                                                  UserNotFoundException,
                                                  InternalErrorException,
                                                  AwsServiceException,
                                                  SdkClientException,
                                                  CognitoIdentityProviderException

Deactivates a user profile and revokes all access tokens for the user. A deactivated user can't sign in, but still appears in the responses to ListUsers API requests.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminDisableUserRequest.Builder avoiding the need to create one manually via AdminDisableUserRequest.builder()

Parameters:

adminDisableUserRequest - A Consumer that will call methods on AdminDisableUserRequest.Builder to create a request. Represents the request to disable the user as an administrator.

Returns:

Result of the AdminDisableUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminEnableUser

default AdminEnableUserResponse adminEnableUser(AdminEnableUserRequest adminEnableUserRequest)
                                         throws ResourceNotFoundException,
                                                InvalidParameterException,
                                                TooManyRequestsException,
                                                NotAuthorizedException,
                                                UserNotFoundException,
                                                InternalErrorException,
                                                AwsServiceException,
                                                SdkClientException,
                                                CognitoIdentityProviderException

Activate sign-in for a user profile that previously had sign-in access disabled.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminEnableUserRequest - Represents the request that enables the user as an administrator.

Returns:

Result of the AdminEnableUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminEnableUser

default AdminEnableUserResponse adminEnableUser(Consumer<AdminEnableUserRequest.Builder> adminEnableUserRequest)
                                         throws ResourceNotFoundException,
                                                InvalidParameterException,
                                                TooManyRequestsException,
                                                NotAuthorizedException,
                                                UserNotFoundException,
                                                InternalErrorException,
                                                AwsServiceException,
                                                SdkClientException,
                                                CognitoIdentityProviderException

Activate sign-in for a user profile that previously had sign-in access disabled.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminEnableUserRequest.Builder avoiding the need to create one manually via AdminEnableUserRequest.builder()

Parameters:

adminEnableUserRequest - A Consumer that will call methods on AdminEnableUserRequest.Builder to create a request. Represents the request that enables the user as an administrator.

Returns:

Result of the AdminEnableUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminForgetDevice

default AdminForgetDeviceResponse adminForgetDevice(AdminForgetDeviceRequest adminForgetDeviceRequest)
                                             throws ResourceNotFoundException,
                                                    InvalidParameterException,
                                                    InvalidUserPoolConfigurationException,
                                                    TooManyRequestsException,
                                                    NotAuthorizedException,
                                                    UserNotFoundException,
                                                    InternalErrorException,
                                                    AwsServiceException,
                                                    SdkClientException,
                                                    CognitoIdentityProviderException

Forgets, or deletes, a remembered device from a user's profile. After you forget the device, the user can no longer complete device authentication with that device and when applicable, must submit MFA codes again. For more information, see Working with devices.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminForgetDeviceRequest - Sends the forgot device request, as an administrator.

Returns:

Result of the AdminForgetDevice operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminForgetDevice

default AdminForgetDeviceResponse adminForgetDevice(Consumer<AdminForgetDeviceRequest.Builder> adminForgetDeviceRequest)
                                             throws ResourceNotFoundException,
                                                    InvalidParameterException,
                                                    InvalidUserPoolConfigurationException,
                                                    TooManyRequestsException,
                                                    NotAuthorizedException,
                                                    UserNotFoundException,
                                                    InternalErrorException,
                                                    AwsServiceException,
                                                    SdkClientException,
                                                    CognitoIdentityProviderException

Forgets, or deletes, a remembered device from a user's profile. After you forget the device, the user can no longer complete device authentication with that device and when applicable, must submit MFA codes again. For more information, see Working with devices.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminForgetDeviceRequest.Builder avoiding the need to create one manually via AdminForgetDeviceRequest.builder()

Parameters:

adminForgetDeviceRequest - A Consumer that will call methods on AdminForgetDeviceRequest.Builder to create a request. Sends the forgot device request, as an administrator.

Returns:

Result of the AdminForgetDevice operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminGetDevice

default AdminGetDeviceResponse adminGetDevice(AdminGetDeviceRequest adminGetDeviceRequest)
                                       throws ResourceNotFoundException,
                                              InvalidParameterException,
                                              InvalidUserPoolConfigurationException,
                                              TooManyRequestsException,
                                              InternalErrorException,
                                              NotAuthorizedException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

Given the device key, returns details for a user' device. For more information, see Working with devices.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminGetDeviceRequest - Represents the request to get the device, as an administrator.

Returns:

Result of the AdminGetDevice operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminGetDevice

default AdminGetDeviceResponse adminGetDevice(Consumer<AdminGetDeviceRequest.Builder> adminGetDeviceRequest)
                                       throws ResourceNotFoundException,
                                              InvalidParameterException,
                                              InvalidUserPoolConfigurationException,
                                              TooManyRequestsException,
                                              InternalErrorException,
                                              NotAuthorizedException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

Given the device key, returns details for a user' device. For more information, see Working with devices.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminGetDeviceRequest.Builder avoiding the need to create one manually via AdminGetDeviceRequest.builder()

Parameters:

adminGetDeviceRequest - A Consumer that will call methods on AdminGetDeviceRequest.Builder to create a request. Represents the request to get the device, as an administrator.

Returns:

Result of the AdminGetDevice operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminGetUser

default AdminGetUserResponse adminGetUser(AdminGetUserRequest adminGetUserRequest)
                                   throws ResourceNotFoundException,
                                          InvalidParameterException,
                                          TooManyRequestsException,
                                          NotAuthorizedException,
                                          UserNotFoundException,
                                          InternalErrorException,
                                          AwsServiceException,
                                          SdkClientException,
                                          CognitoIdentityProviderException

Given the username, returns details about a user profile in a user pool. This operation contributes to your monthly active user (MAU) count for the purpose of billing. You can specify alias attributes in the Username parameter.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminGetUserRequest - Represents the request to get the specified user as an administrator.

Returns:

Result of the AdminGetUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminGetUser

default AdminGetUserResponse adminGetUser(Consumer<AdminGetUserRequest.Builder> adminGetUserRequest)
                                   throws ResourceNotFoundException,
                                          InvalidParameterException,
                                          TooManyRequestsException,
                                          NotAuthorizedException,
                                          UserNotFoundException,
                                          InternalErrorException,
                                          AwsServiceException,
                                          SdkClientException,
                                          CognitoIdentityProviderException

Given the username, returns details about a user profile in a user pool. This operation contributes to your monthly active user (MAU) count for the purpose of billing. You can specify alias attributes in the Username parameter.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminGetUserRequest.Builder avoiding the need to create one manually via AdminGetUserRequest.builder()

Parameters:

adminGetUserRequest - A Consumer that will call methods on AdminGetUserRequest.Builder to create a request. Represents the request to get the specified user as an administrator.

Returns:

Result of the AdminGetUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminInitiateAuth

default AdminInitiateAuthResponse adminInitiateAuth(AdminInitiateAuthRequest adminInitiateAuthRequest)
                                             throws ResourceNotFoundException,
                                                    InvalidParameterException,
                                                    NotAuthorizedException,
                                                    TooManyRequestsException,
                                                    InternalErrorException,
                                                    UnexpectedLambdaException,
                                                    InvalidUserPoolConfigurationException,
                                                    UserLambdaValidationException,
                                                    InvalidLambdaResponseException,
                                                    MfaMethodNotFoundException,
                                                    InvalidSmsRoleAccessPolicyException,
                                                    InvalidEmailRoleAccessPolicyException,
                                                    InvalidSmsRoleTrustRelationshipException,
                                                    PasswordResetRequiredException,
                                                    UserNotFoundException,
                                                    UserNotConfirmedException,
                                                    AwsServiceException,
                                                    SdkClientException,
                                                    CognitoIdentityProviderException

Starts sign-in for applications with a server-side component, for example a traditional web application. This operation specifies the authentication flow that you'd like to begin. The authentication flow that you specify must be supported in your app client configuration. For more information about authentication flows, see Authentication flows.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminInitiateAuthRequest - Initiates the authorization request, as an administrator.

Returns:

Result of the AdminInitiateAuth operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

MfaMethodNotFoundException - This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminInitiateAuth

default AdminInitiateAuthResponse adminInitiateAuth(Consumer<AdminInitiateAuthRequest.Builder> adminInitiateAuthRequest)
                                             throws ResourceNotFoundException,
                                                    InvalidParameterException,
                                                    NotAuthorizedException,
                                                    TooManyRequestsException,
                                                    InternalErrorException,
                                                    UnexpectedLambdaException,
                                                    InvalidUserPoolConfigurationException,
                                                    UserLambdaValidationException,
                                                    InvalidLambdaResponseException,
                                                    MfaMethodNotFoundException,
                                                    InvalidSmsRoleAccessPolicyException,
                                                    InvalidEmailRoleAccessPolicyException,
                                                    InvalidSmsRoleTrustRelationshipException,
                                                    PasswordResetRequiredException,
                                                    UserNotFoundException,
                                                    UserNotConfirmedException,
                                                    AwsServiceException,
                                                    SdkClientException,
                                                    CognitoIdentityProviderException

Starts sign-in for applications with a server-side component, for example a traditional web application. This operation specifies the authentication flow that you'd like to begin. The authentication flow that you specify must be supported in your app client configuration. For more information about authentication flows, see Authentication flows.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminInitiateAuthRequest.Builder avoiding the need to create one manually via AdminInitiateAuthRequest.builder()

Parameters:

adminInitiateAuthRequest - A Consumer that will call methods on AdminInitiateAuthRequest.Builder to create a request. Initiates the authorization request, as an administrator.

Returns:

Result of the AdminInitiateAuth operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

MfaMethodNotFoundException - This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminLinkProviderForUser

default AdminLinkProviderForUserResponse adminLinkProviderForUser(AdminLinkProviderForUserRequest adminLinkProviderForUserRequest)
                                                           throws ResourceNotFoundException,
                                                                  InvalidParameterException,
                                                                  TooManyRequestsException,
                                                                  NotAuthorizedException,
                                                                  UserNotFoundException,
                                                                  AliasExistsException,
                                                                  LimitExceededException,
                                                                  InternalErrorException,
                                                                  AwsServiceException,
                                                                  SdkClientException,
                                                                  CognitoIdentityProviderException

Links an existing user account in a user pool (DestinationUser) to an identity from an external IdP (SourceUser) based on a specified attribute name and value from the external IdP. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in. You can then use the federated user identity to sign in as the existing user account.

For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account.

The maximum number of federated identities linked to a user is five.

Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminLinkProviderForUserRequest -

Returns:

Result of the AdminLinkProviderForUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminLinkProviderForUser

default AdminLinkProviderForUserResponse adminLinkProviderForUser(Consumer<AdminLinkProviderForUserRequest.Builder> adminLinkProviderForUserRequest)
                                                           throws ResourceNotFoundException,
                                                                  InvalidParameterException,
                                                                  TooManyRequestsException,
                                                                  NotAuthorizedException,
                                                                  UserNotFoundException,
                                                                  AliasExistsException,
                                                                  LimitExceededException,
                                                                  InternalErrorException,
                                                                  AwsServiceException,
                                                                  SdkClientException,
                                                                  CognitoIdentityProviderException

Links an existing user account in a user pool (DestinationUser) to an identity from an external IdP (SourceUser) based on a specified attribute name and value from the external IdP. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in. You can then use the federated user identity to sign in as the existing user account.

For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account.

The maximum number of federated identities linked to a user is five.

Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminLinkProviderForUserRequest.Builder avoiding the need to create one manually via AdminLinkProviderForUserRequest.builder()

Parameters:

adminLinkProviderForUserRequest - A Consumer that will call methods on AdminLinkProviderForUserRequest.Builder to create a request.

Returns:

Result of the AdminLinkProviderForUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminListDevices

default AdminListDevicesResponse adminListDevices(AdminListDevicesRequest adminListDevicesRequest)
                                           throws InvalidParameterException,
                                                  ResourceNotFoundException,
                                                  InvalidUserPoolConfigurationException,
                                                  TooManyRequestsException,
                                                  InternalErrorException,
                                                  NotAuthorizedException,
                                                  AwsServiceException,
                                                  SdkClientException,
                                                  CognitoIdentityProviderException

Lists a user's registered devices. Remembered devices are used in authentication services where you offer a "Remember me" option for users who you want to permit to sign in without MFA from a trusted device. Users can bypass MFA while your application performs device SRP authentication on the back end. For more information, see Working with devices.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminListDevicesRequest - Represents the request to list devices, as an administrator.

Returns:

Result of the AdminListDevices operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminListDevices

default AdminListDevicesResponse adminListDevices(Consumer<AdminListDevicesRequest.Builder> adminListDevicesRequest)
                                           throws InvalidParameterException,
                                                  ResourceNotFoundException,
                                                  InvalidUserPoolConfigurationException,
                                                  TooManyRequestsException,
                                                  InternalErrorException,
                                                  NotAuthorizedException,
                                                  AwsServiceException,
                                                  SdkClientException,
                                                  CognitoIdentityProviderException

Lists a user's registered devices. Remembered devices are used in authentication services where you offer a "Remember me" option for users who you want to permit to sign in without MFA from a trusted device. Users can bypass MFA while your application performs device SRP authentication on the back end. For more information, see Working with devices.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminListDevicesRequest.Builder avoiding the need to create one manually via AdminListDevicesRequest.builder()

Parameters:

adminListDevicesRequest - A Consumer that will call methods on AdminListDevicesRequest.Builder to create a request. Represents the request to list devices, as an administrator.

Returns:

Result of the AdminListDevices operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminListGroupsForUser

default AdminListGroupsForUserResponse adminListGroupsForUser(AdminListGroupsForUserRequest adminListGroupsForUserRequest)
                                                       throws InvalidParameterException,
                                                              ResourceNotFoundException,
                                                              TooManyRequestsException,
                                                              NotAuthorizedException,
                                                              UserNotFoundException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Lists the groups that a user belongs to. User pool groups are identifiers that you can reference from the contents of ID and access tokens, and set preferred IAM roles for identity-pool authentication. For more information, see Adding groups to a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminListGroupsForUserRequest -

Returns:

Result of the AdminListGroupsForUser operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminListGroupsForUser

default AdminListGroupsForUserResponse adminListGroupsForUser(Consumer<AdminListGroupsForUserRequest.Builder> adminListGroupsForUserRequest)
                                                       throws InvalidParameterException,
                                                              ResourceNotFoundException,
                                                              TooManyRequestsException,
                                                              NotAuthorizedException,
                                                              UserNotFoundException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Lists the groups that a user belongs to. User pool groups are identifiers that you can reference from the contents of ID and access tokens, and set preferred IAM roles for identity-pool authentication. For more information, see Adding groups to a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminListGroupsForUserRequest.Builder avoiding the need to create one manually via AdminListGroupsForUserRequest.builder()

Parameters:

adminListGroupsForUserRequest - A Consumer that will call methods on AdminListGroupsForUserRequest.Builder to create a request.

Returns:

Result of the AdminListGroupsForUser operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminListGroupsForUserPaginator

default AdminListGroupsForUserIterable adminListGroupsForUserPaginator(AdminListGroupsForUserRequest adminListGroupsForUserRequest)
                                                                throws InvalidParameterException,
                                                                       ResourceNotFoundException,
                                                                       TooManyRequestsException,
                                                                       NotAuthorizedException,
                                                                       UserNotFoundException,
                                                                       InternalErrorException,
                                                                       AwsServiceException,
                                                                       SdkClientException,
                                                                       CognitoIdentityProviderException

This is a variant of adminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client.adminListGroupsForUserPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client
             .adminListGroupsForUserPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client.adminListGroupsForUserPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the adminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest) operation.

Parameters:

adminListGroupsForUserRequest -

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminListGroupsForUserPaginator

default AdminListGroupsForUserIterable adminListGroupsForUserPaginator(Consumer<AdminListGroupsForUserRequest.Builder> adminListGroupsForUserRequest)
                                                                throws InvalidParameterException,
                                                                       ResourceNotFoundException,
                                                                       TooManyRequestsException,
                                                                       NotAuthorizedException,
                                                                       UserNotFoundException,
                                                                       InternalErrorException,
                                                                       AwsServiceException,
                                                                       SdkClientException,
                                                                       CognitoIdentityProviderException

This is a variant of adminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client.adminListGroupsForUserPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client
             .adminListGroupsForUserPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListGroupsForUserIterable responses = client.adminListGroupsForUserPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the adminListGroupsForUser(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListGroupsForUserRequest) operation.

This is a convenience which creates an instance of the AdminListGroupsForUserRequest.Builder avoiding the need to create one manually via AdminListGroupsForUserRequest.builder()

Parameters:

adminListGroupsForUserRequest - A Consumer that will call methods on AdminListGroupsForUserRequest.Builder to create a request.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminListUserAuthEvents

default AdminListUserAuthEventsResponse adminListUserAuthEvents(AdminListUserAuthEventsRequest adminListUserAuthEventsRequest)
                                                         throws InvalidParameterException,
                                                                ResourceNotFoundException,
                                                                TooManyRequestsException,
                                                                NotAuthorizedException,
                                                                UserNotFoundException,
                                                                UserPoolAddOnNotEnabledException,
                                                                InternalErrorException,
                                                                AwsServiceException,
                                                                SdkClientException,
                                                                CognitoIdentityProviderException

Requests a history of user activity and any risks detected as part of Amazon Cognito threat protection. For more information, see Viewing user event history.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminListUserAuthEventsRequest -

Returns:

Result of the AdminListUserAuthEvents operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminListUserAuthEvents

default AdminListUserAuthEventsResponse adminListUserAuthEvents(Consumer<AdminListUserAuthEventsRequest.Builder> adminListUserAuthEventsRequest)
                                                         throws InvalidParameterException,
                                                                ResourceNotFoundException,
                                                                TooManyRequestsException,
                                                                NotAuthorizedException,
                                                                UserNotFoundException,
                                                                UserPoolAddOnNotEnabledException,
                                                                InternalErrorException,
                                                                AwsServiceException,
                                                                SdkClientException,
                                                                CognitoIdentityProviderException

Requests a history of user activity and any risks detected as part of Amazon Cognito threat protection. For more information, see Viewing user event history.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminListUserAuthEventsRequest.Builder avoiding the need to create one manually via AdminListUserAuthEventsRequest.builder()

Parameters:

adminListUserAuthEventsRequest - A Consumer that will call methods on AdminListUserAuthEventsRequest.Builder to create a request.

Returns:

Result of the AdminListUserAuthEvents operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminListUserAuthEventsPaginator

default AdminListUserAuthEventsIterable adminListUserAuthEventsPaginator(AdminListUserAuthEventsRequest adminListUserAuthEventsRequest)
                                                                  throws InvalidParameterException,
                                                                         ResourceNotFoundException,
                                                                         TooManyRequestsException,
                                                                         NotAuthorizedException,
                                                                         UserNotFoundException,
                                                                         UserPoolAddOnNotEnabledException,
                                                                         InternalErrorException,
                                                                         AwsServiceException,
                                                                         SdkClientException,
                                                                         CognitoIdentityProviderException

This is a variant of adminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client.adminListUserAuthEventsPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client
             .adminListUserAuthEventsPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client.adminListUserAuthEventsPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the adminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest) operation.

Parameters:

adminListUserAuthEventsRequest -

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminListUserAuthEventsPaginator

default AdminListUserAuthEventsIterable adminListUserAuthEventsPaginator(Consumer<AdminListUserAuthEventsRequest.Builder> adminListUserAuthEventsRequest)
                                                                  throws InvalidParameterException,
                                                                         ResourceNotFoundException,
                                                                         TooManyRequestsException,
                                                                         NotAuthorizedException,
                                                                         UserNotFoundException,
                                                                         UserPoolAddOnNotEnabledException,
                                                                         InternalErrorException,
                                                                         AwsServiceException,
                                                                         SdkClientException,
                                                                         CognitoIdentityProviderException

This is a variant of adminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client.adminListUserAuthEventsPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client
             .adminListUserAuthEventsPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.AdminListUserAuthEventsIterable responses = client.adminListUserAuthEventsPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the adminListUserAuthEvents(software.amazon.awssdk.services.cognitoidentityprovider.model.AdminListUserAuthEventsRequest) operation.

This is a convenience which creates an instance of the AdminListUserAuthEventsRequest.Builder avoiding the need to create one manually via AdminListUserAuthEventsRequest.builder()

Parameters:

adminListUserAuthEventsRequest - A Consumer that will call methods on AdminListUserAuthEventsRequest.Builder to create a request.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminRemoveUserFromGroup

default AdminRemoveUserFromGroupResponse adminRemoveUserFromGroup(AdminRemoveUserFromGroupRequest adminRemoveUserFromGroupRequest)
                                                           throws InvalidParameterException,
                                                                  ResourceNotFoundException,
                                                                  TooManyRequestsException,
                                                                  NotAuthorizedException,
                                                                  UserNotFoundException,
                                                                  InternalErrorException,
                                                                  AwsServiceException,
                                                                  SdkClientException,
                                                                  CognitoIdentityProviderException

Given a username and a group name. removes them from the group. User pool groups are identifiers that you can reference from the contents of ID and access tokens, and set preferred IAM roles for identity-pool authentication. For more information, see Adding groups to a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminRemoveUserFromGroupRequest -

Returns:

Result of the AdminRemoveUserFromGroup operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminRemoveUserFromGroup

default AdminRemoveUserFromGroupResponse adminRemoveUserFromGroup(Consumer<AdminRemoveUserFromGroupRequest.Builder> adminRemoveUserFromGroupRequest)
                                                           throws InvalidParameterException,
                                                                  ResourceNotFoundException,
                                                                  TooManyRequestsException,
                                                                  NotAuthorizedException,
                                                                  UserNotFoundException,
                                                                  InternalErrorException,
                                                                  AwsServiceException,
                                                                  SdkClientException,
                                                                  CognitoIdentityProviderException

Given a username and a group name. removes them from the group. User pool groups are identifiers that you can reference from the contents of ID and access tokens, and set preferred IAM roles for identity-pool authentication. For more information, see Adding groups to a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminRemoveUserFromGroupRequest.Builder avoiding the need to create one manually via AdminRemoveUserFromGroupRequest.builder()

Parameters:

adminRemoveUserFromGroupRequest - A Consumer that will call methods on AdminRemoveUserFromGroupRequest.Builder to create a request.

Returns:

Result of the AdminRemoveUserFromGroup operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminResetUserPassword

default AdminResetUserPasswordResponse adminResetUserPassword(AdminResetUserPasswordRequest adminResetUserPasswordRequest)
                                                       throws ResourceNotFoundException,
                                                              InvalidParameterException,
                                                              UnexpectedLambdaException,
                                                              UserLambdaValidationException,
                                                              NotAuthorizedException,
                                                              InvalidLambdaResponseException,
                                                              TooManyRequestsException,
                                                              LimitExceededException,
                                                              UserNotFoundException,
                                                              InvalidSmsRoleAccessPolicyException,
                                                              InvalidEmailRoleAccessPolicyException,
                                                              InvalidSmsRoleTrustRelationshipException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Resets the specified user's password in a user pool. This operation doesn't change the user's password, but sends a password-reset code. This operation is the administrative authentication API equivalent to ForgotPassword.

This operation deactivates a user's password, requiring them to change it. If a user tries to sign in after the API request, Amazon Cognito responds with a PasswordResetRequiredException error. Your app must then complete the forgot-password flow by prompting the user for their code and a new password, then submitting those values in a ConfirmForgotPassword request. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.

To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminResetUserPasswordRequest - Represents the request to reset a user's password as an administrator.

Returns:

Result of the AdminResetUserPassword operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

UserNotFoundException - This exception is thrown when a user isn't found.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminResetUserPassword

default AdminResetUserPasswordResponse adminResetUserPassword(Consumer<AdminResetUserPasswordRequest.Builder> adminResetUserPasswordRequest)
                                                       throws ResourceNotFoundException,
                                                              InvalidParameterException,
                                                              UnexpectedLambdaException,
                                                              UserLambdaValidationException,
                                                              NotAuthorizedException,
                                                              InvalidLambdaResponseException,
                                                              TooManyRequestsException,
                                                              LimitExceededException,
                                                              UserNotFoundException,
                                                              InvalidSmsRoleAccessPolicyException,
                                                              InvalidEmailRoleAccessPolicyException,
                                                              InvalidSmsRoleTrustRelationshipException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Resets the specified user's password in a user pool. This operation doesn't change the user's password, but sends a password-reset code. This operation is the administrative authentication API equivalent to ForgotPassword.

This operation deactivates a user's password, requiring them to change it. If a user tries to sign in after the API request, Amazon Cognito responds with a PasswordResetRequiredException error. Your app must then complete the forgot-password flow by prompting the user for their code and a new password, then submitting those values in a ConfirmForgotPassword request. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.

To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminResetUserPasswordRequest.Builder avoiding the need to create one manually via AdminResetUserPasswordRequest.builder()

Parameters:

adminResetUserPasswordRequest - A Consumer that will call methods on AdminResetUserPasswordRequest.Builder to create a request. Represents the request to reset a user's password as an administrator.

Returns:

Result of the AdminResetUserPassword operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

UserNotFoundException - This exception is thrown when a user isn't found.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminRespondToAuthChallenge

default AdminRespondToAuthChallengeResponse adminRespondToAuthChallenge(AdminRespondToAuthChallengeRequest adminRespondToAuthChallengeRequest)
                                                                 throws ResourceNotFoundException,
                                                                        InvalidParameterException,
                                                                        NotAuthorizedException,
                                                                        CodeMismatchException,
                                                                        ExpiredCodeException,
                                                                        UnexpectedLambdaException,
                                                                        InvalidPasswordException,
                                                                        PasswordHistoryPolicyViolationException,
                                                                        UserLambdaValidationException,
                                                                        InvalidLambdaResponseException,
                                                                        TooManyRequestsException,
                                                                        InvalidUserPoolConfigurationException,
                                                                        InternalErrorException,
                                                                        MfaMethodNotFoundException,
                                                                        InvalidEmailRoleAccessPolicyException,
                                                                        InvalidSmsRoleAccessPolicyException,
                                                                        InvalidSmsRoleTrustRelationshipException,
                                                                        AliasExistsException,
                                                                        PasswordResetRequiredException,
                                                                        UserNotFoundException,
                                                                        UserNotConfirmedException,
                                                                        SoftwareTokenMfaNotFoundException,
                                                                        AwsServiceException,
                                                                        SdkClientException,
                                                                        CognitoIdentityProviderException

Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. An AdminRespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminRespondToAuthChallengeRequest - The request to respond to the authentication challenge, as an administrator.

Returns:

Result of the AdminRespondToAuthChallenge operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

PasswordHistoryPolicyViolationException - The message returned when a user's new password matches a previous password and doesn't comply with the password-history policy.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

MfaMethodNotFoundException - This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

SoftwareTokenMfaNotFoundException - This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminRespondToAuthChallenge

default AdminRespondToAuthChallengeResponse adminRespondToAuthChallenge(Consumer<AdminRespondToAuthChallengeRequest.Builder> adminRespondToAuthChallengeRequest)
                                                                 throws ResourceNotFoundException,
                                                                        InvalidParameterException,
                                                                        NotAuthorizedException,
                                                                        CodeMismatchException,
                                                                        ExpiredCodeException,
                                                                        UnexpectedLambdaException,
                                                                        InvalidPasswordException,
                                                                        PasswordHistoryPolicyViolationException,
                                                                        UserLambdaValidationException,
                                                                        InvalidLambdaResponseException,
                                                                        TooManyRequestsException,
                                                                        InvalidUserPoolConfigurationException,
                                                                        InternalErrorException,
                                                                        MfaMethodNotFoundException,
                                                                        InvalidEmailRoleAccessPolicyException,
                                                                        InvalidSmsRoleAccessPolicyException,
                                                                        InvalidSmsRoleTrustRelationshipException,
                                                                        AliasExistsException,
                                                                        PasswordResetRequiredException,
                                                                        UserNotFoundException,
                                                                        UserNotConfirmedException,
                                                                        SoftwareTokenMfaNotFoundException,
                                                                        AwsServiceException,
                                                                        SdkClientException,
                                                                        CognitoIdentityProviderException

Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. An AdminRespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminRespondToAuthChallengeRequest.Builder avoiding the need to create one manually via AdminRespondToAuthChallengeRequest.builder()

Parameters:

adminRespondToAuthChallengeRequest - A Consumer that will call methods on AdminRespondToAuthChallengeRequest.Builder to create a request. The request to respond to the authentication challenge, as an administrator.

Returns:

Result of the AdminRespondToAuthChallenge operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

PasswordHistoryPolicyViolationException - The message returned when a user's new password matches a previous password and doesn't comply with the password-history policy.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

MfaMethodNotFoundException - This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

SoftwareTokenMfaNotFoundException - This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminSetUserMFAPreference

default AdminSetUserMfaPreferenceResponse adminSetUserMFAPreference(AdminSetUserMfaPreferenceRequest adminSetUserMfaPreferenceRequest)
                                                             throws ResourceNotFoundException,
                                                                    InvalidParameterException,
                                                                    NotAuthorizedException,
                                                                    PasswordResetRequiredException,
                                                                    UserNotFoundException,
                                                                    UserNotConfirmedException,
                                                                    InternalErrorException,
                                                                    AwsServiceException,
                                                                    SdkClientException,
                                                                    CognitoIdentityProviderException

Sets the user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in.

This operation doesn't reset an existing TOTP MFA for a user. To register a new TOTP factor for a user, make an AssociateSoftwareToken request. For more information, see TOTP software token MFA.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminSetUserMfaPreferenceRequest -

Returns:

Result of the AdminSetUserMFAPreference operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminSetUserMFAPreference

default AdminSetUserMfaPreferenceResponse adminSetUserMFAPreference(Consumer<AdminSetUserMfaPreferenceRequest.Builder> adminSetUserMfaPreferenceRequest)
                                                             throws ResourceNotFoundException,
                                                                    InvalidParameterException,
                                                                    NotAuthorizedException,
                                                                    PasswordResetRequiredException,
                                                                    UserNotFoundException,
                                                                    UserNotConfirmedException,
                                                                    InternalErrorException,
                                                                    AwsServiceException,
                                                                    SdkClientException,
                                                                    CognitoIdentityProviderException

Sets the user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in.

This operation doesn't reset an existing TOTP MFA for a user. To register a new TOTP factor for a user, make an AssociateSoftwareToken request. For more information, see TOTP software token MFA.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminSetUserMfaPreferenceRequest.Builder avoiding the need to create one manually via AdminSetUserMfaPreferenceRequest.builder()

Parameters:

adminSetUserMfaPreferenceRequest - A Consumer that will call methods on AdminSetUserMfaPreferenceRequest.Builder to create a request.

Returns:

Result of the AdminSetUserMFAPreference operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminSetUserPassword

default AdminSetUserPasswordResponse adminSetUserPassword(AdminSetUserPasswordRequest adminSetUserPasswordRequest)
                                                   throws ResourceNotFoundException,
                                                          NotAuthorizedException,
                                                          UserNotFoundException,
                                                          InternalErrorException,
                                                          TooManyRequestsException,
                                                          InvalidParameterException,
                                                          InvalidPasswordException,
                                                          PasswordHistoryPolicyViolationException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Sets the specified user's password in a user pool. This operation administratively sets a temporary or permanent password for a user. With this operation, you can bypass self-service password changes and permit immediate sign-in with the password that you set. To do this, set Permanent to true.

You can also set a new temporary password in this request, send it to a user, and require them to choose a new password on their next sign-in. To do this, set Permanent to false.

If the password is temporary, the user's Status becomes FORCE_CHANGE_PASSWORD. When the user next tries to sign in, the InitiateAuth or AdminInitiateAuth response includes the NEW_PASSWORD_REQUIRED challenge. If the user doesn't sign in before the temporary password expires, they can no longer sign in and you must repeat this operation to set a temporary or permanent password for them.

After the user sets a new password, or if you set a permanent password, their status becomes Confirmed.

AdminSetUserPassword can set a password for the user profile that Amazon Cognito creates for third-party federated users. When you set a password, the federated user's status changes from EXTERNAL_PROVIDER to CONFIRMED. A user in this state can sign in as a federated user, and initiate authentication flows in the API like a linked native user. They can also modify their password and attributes in token-authenticated API requests like ChangePassword and UpdateUserAttributes. As a best security practice and to keep users in sync with your external IdP, don't set passwords on federated user profiles. To set up a federated user for native sign-in with a linked native user, refer to Linking federated users to an existing user profile.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminSetUserPasswordRequest -

Returns:

Result of the AdminSetUserPassword operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

PasswordHistoryPolicyViolationException - The message returned when a user's new password matches a previous password and doesn't comply with the password-history policy.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminSetUserPassword

default AdminSetUserPasswordResponse adminSetUserPassword(Consumer<AdminSetUserPasswordRequest.Builder> adminSetUserPasswordRequest)
                                                   throws ResourceNotFoundException,
                                                          NotAuthorizedException,
                                                          UserNotFoundException,
                                                          InternalErrorException,
                                                          TooManyRequestsException,
                                                          InvalidParameterException,
                                                          InvalidPasswordException,
                                                          PasswordHistoryPolicyViolationException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Sets the specified user's password in a user pool. This operation administratively sets a temporary or permanent password for a user. With this operation, you can bypass self-service password changes and permit immediate sign-in with the password that you set. To do this, set Permanent to true.

You can also set a new temporary password in this request, send it to a user, and require them to choose a new password on their next sign-in. To do this, set Permanent to false.

If the password is temporary, the user's Status becomes FORCE_CHANGE_PASSWORD. When the user next tries to sign in, the InitiateAuth or AdminInitiateAuth response includes the NEW_PASSWORD_REQUIRED challenge. If the user doesn't sign in before the temporary password expires, they can no longer sign in and you must repeat this operation to set a temporary or permanent password for them.

After the user sets a new password, or if you set a permanent password, their status becomes Confirmed.

AdminSetUserPassword can set a password for the user profile that Amazon Cognito creates for third-party federated users. When you set a password, the federated user's status changes from EXTERNAL_PROVIDER to CONFIRMED. A user in this state can sign in as a federated user, and initiate authentication flows in the API like a linked native user. They can also modify their password and attributes in token-authenticated API requests like ChangePassword and UpdateUserAttributes. As a best security practice and to keep users in sync with your external IdP, don't set passwords on federated user profiles. To set up a federated user for native sign-in with a linked native user, refer to Linking federated users to an existing user profile.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminSetUserPasswordRequest.Builder avoiding the need to create one manually via AdminSetUserPasswordRequest.builder()

Parameters:

adminSetUserPasswordRequest - A Consumer that will call methods on AdminSetUserPasswordRequest.Builder to create a request.

Returns:

Result of the AdminSetUserPassword operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

PasswordHistoryPolicyViolationException - The message returned when a user's new password matches a previous password and doesn't comply with the password-history policy.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminSetUserSettings

default AdminSetUserSettingsResponse adminSetUserSettings(AdminSetUserSettingsRequest adminSetUserSettingsRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          NotAuthorizedException,
                                                          UserNotFoundException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminSetUserSettingsRequest - You can use this parameter to set an MFA configuration that uses the SMS delivery medium.

Returns:

Result of the AdminSetUserSettings operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminSetUserSettings

default AdminSetUserSettingsResponse adminSetUserSettings(Consumer<AdminSetUserSettingsRequest.Builder> adminSetUserSettingsRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          NotAuthorizedException,
                                                          UserNotFoundException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminSetUserSettingsRequest.Builder avoiding the need to create one manually via AdminSetUserSettingsRequest.builder()

Parameters:

adminSetUserSettingsRequest - A Consumer that will call methods on AdminSetUserSettingsRequest.Builder to create a request. You can use this parameter to set an MFA configuration that uses the SMS delivery medium.

Returns:

Result of the AdminSetUserSettings operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminUpdateAuthEventFeedback

default AdminUpdateAuthEventFeedbackResponse adminUpdateAuthEventFeedback(AdminUpdateAuthEventFeedbackRequest adminUpdateAuthEventFeedbackRequest)
                                                                   throws InvalidParameterException,
                                                                          ResourceNotFoundException,
                                                                          TooManyRequestsException,
                                                                          NotAuthorizedException,
                                                                          UserNotFoundException,
                                                                          UserPoolAddOnNotEnabledException,
                                                                          InternalErrorException,
                                                                          AwsServiceException,
                                                                          SdkClientException,
                                                                          CognitoIdentityProviderException

Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito threat protection. To train the threat-protection model to recognize trusted and untrusted sign-in characteristics, configure threat protection in audit-only mode and provide a mechanism for users or administrators to submit feedback. Your feedback can tell Amazon Cognito that a risk rating was assigned at a level you don't agree with.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminUpdateAuthEventFeedbackRequest -

Returns:

Result of the AdminUpdateAuthEventFeedback operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminUpdateAuthEventFeedback

default AdminUpdateAuthEventFeedbackResponse adminUpdateAuthEventFeedback(Consumer<AdminUpdateAuthEventFeedbackRequest.Builder> adminUpdateAuthEventFeedbackRequest)
                                                                   throws InvalidParameterException,
                                                                          ResourceNotFoundException,
                                                                          TooManyRequestsException,
                                                                          NotAuthorizedException,
                                                                          UserNotFoundException,
                                                                          UserPoolAddOnNotEnabledException,
                                                                          InternalErrorException,
                                                                          AwsServiceException,
                                                                          SdkClientException,
                                                                          CognitoIdentityProviderException

Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito threat protection. To train the threat-protection model to recognize trusted and untrusted sign-in characteristics, configure threat protection in audit-only mode and provide a mechanism for users or administrators to submit feedback. Your feedback can tell Amazon Cognito that a risk rating was assigned at a level you don't agree with.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminUpdateAuthEventFeedbackRequest.Builder avoiding the need to create one manually via AdminUpdateAuthEventFeedbackRequest.builder()

Parameters:

adminUpdateAuthEventFeedbackRequest - A Consumer that will call methods on AdminUpdateAuthEventFeedbackRequest.Builder to create a request.

Returns:

Result of the AdminUpdateAuthEventFeedback operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminUpdateDeviceStatus

default AdminUpdateDeviceStatusResponse adminUpdateDeviceStatus(AdminUpdateDeviceStatusRequest adminUpdateDeviceStatusRequest)
                                                         throws InvalidParameterException,
                                                                ResourceNotFoundException,
                                                                InvalidUserPoolConfigurationException,
                                                                TooManyRequestsException,
                                                                NotAuthorizedException,
                                                                UserNotFoundException,
                                                                InternalErrorException,
                                                                AwsServiceException,
                                                                SdkClientException,
                                                                CognitoIdentityProviderException

Updates the status of a user's device so that it is marked as remembered or not remembered for the purpose of device authentication. Device authentication is a "remember me" mechanism that silently completes sign-in from trusted devices with a device key instead of a user-provided MFA code. This operation changes the status of a device without deleting it, so you can enable it again later. For more information about device authentication, see Working with devices.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminUpdateDeviceStatusRequest - The request to update the device status, as an administrator.

Returns:

Result of the AdminUpdateDeviceStatus operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminUpdateDeviceStatus

default AdminUpdateDeviceStatusResponse adminUpdateDeviceStatus(Consumer<AdminUpdateDeviceStatusRequest.Builder> adminUpdateDeviceStatusRequest)
                                                         throws InvalidParameterException,
                                                                ResourceNotFoundException,
                                                                InvalidUserPoolConfigurationException,
                                                                TooManyRequestsException,
                                                                NotAuthorizedException,
                                                                UserNotFoundException,
                                                                InternalErrorException,
                                                                AwsServiceException,
                                                                SdkClientException,
                                                                CognitoIdentityProviderException

Updates the status of a user's device so that it is marked as remembered or not remembered for the purpose of device authentication. Device authentication is a "remember me" mechanism that silently completes sign-in from trusted devices with a device key instead of a user-provided MFA code. This operation changes the status of a device without deleting it, so you can enable it again later. For more information about device authentication, see Working with devices.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminUpdateDeviceStatusRequest.Builder avoiding the need to create one manually via AdminUpdateDeviceStatusRequest.builder()

Parameters:

adminUpdateDeviceStatusRequest - A Consumer that will call methods on AdminUpdateDeviceStatusRequest.Builder to create a request. The request to update the device status, as an administrator.

Returns:

Result of the AdminUpdateDeviceStatus operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminUpdateUserAttributes

default AdminUpdateUserAttributesResponse adminUpdateUserAttributes(AdminUpdateUserAttributesRequest adminUpdateUserAttributesRequest)
                                                             throws ResourceNotFoundException,
                                                                    InvalidParameterException,
                                                                    UnexpectedLambdaException,
                                                                    UserLambdaValidationException,
                                                                    InvalidLambdaResponseException,
                                                                    AliasExistsException,
                                                                    TooManyRequestsException,
                                                                    NotAuthorizedException,
                                                                    UserNotFoundException,
                                                                    InternalErrorException,
                                                                    InvalidSmsRoleAccessPolicyException,
                                                                    InvalidEmailRoleAccessPolicyException,
                                                                    InvalidSmsRoleTrustRelationshipException,
                                                                    AwsServiceException,
                                                                    SdkClientException,
                                                                    CognitoIdentityProviderException

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Updates the specified user's attributes. To delete an attribute from your user, submit the attribute in your API request with a blank value.

For custom attributes, you must prepend the custom: prefix to the attribute name.

This operation can set a user's email address or phone number as verified and permit immediate sign-in in user pools that require verification of these attributes. To do this, set the email_verified or phone_number_verified attribute to true.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminUpdateUserAttributesRequest - Represents the request to update the user's attributes as an administrator.

Returns:

Result of the AdminUpdateUserAttributes operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminUpdateUserAttributes

default AdminUpdateUserAttributesResponse adminUpdateUserAttributes(Consumer<AdminUpdateUserAttributesRequest.Builder> adminUpdateUserAttributesRequest)
                                                             throws ResourceNotFoundException,
                                                                    InvalidParameterException,
                                                                    UnexpectedLambdaException,
                                                                    UserLambdaValidationException,
                                                                    InvalidLambdaResponseException,
                                                                    AliasExistsException,
                                                                    TooManyRequestsException,
                                                                    NotAuthorizedException,
                                                                    UserNotFoundException,
                                                                    InternalErrorException,
                                                                    InvalidSmsRoleAccessPolicyException,
                                                                    InvalidEmailRoleAccessPolicyException,
                                                                    InvalidSmsRoleTrustRelationshipException,
                                                                    AwsServiceException,
                                                                    SdkClientException,
                                                                    CognitoIdentityProviderException

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Updates the specified user's attributes. To delete an attribute from your user, submit the attribute in your API request with a blank value.

For custom attributes, you must prepend the custom: prefix to the attribute name.

This operation can set a user's email address or phone number as verified and permit immediate sign-in in user pools that require verification of these attributes. To do this, set the email_verified or phone_number_verified attribute to true.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminUpdateUserAttributesRequest.Builder avoiding the need to create one manually via AdminUpdateUserAttributesRequest.builder()

Parameters:

adminUpdateUserAttributesRequest - A Consumer that will call methods on AdminUpdateUserAttributesRequest.Builder to create a request. Represents the request to update the user's attributes as an administrator.

Returns:

Result of the AdminUpdateUserAttributes operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminUserGlobalSignOut

default AdminUserGlobalSignOutResponse adminUserGlobalSignOut(AdminUserGlobalSignOutRequest adminUserGlobalSignOutRequest)
                                                       throws ResourceNotFoundException,
                                                              InvalidParameterException,
                                                              TooManyRequestsException,
                                                              NotAuthorizedException,
                                                              UserNotFoundException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.

• Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.

  Amazon Cognito returns an Access Token has been revoked error when your app attempts to authorize a user pools API request with a revoked access token that contains the scope aws.cognito.signin.user.admin.

• Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with ServerSideTokenCheck enabled for its user pool IdP configuration in CognitoIdentityProvider.

• Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.

Other requests might be valid until your user's token expires. This operation doesn't clear the managed login session cookie. To clear the session for a user who signed in with managed login or the classic hosted UI, direct their browser session to the logout endpoint.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

adminUserGlobalSignOutRequest - The request to sign out of all devices, as an administrator.

Returns:

Result of the AdminUserGlobalSignOut operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

adminUserGlobalSignOut

default AdminUserGlobalSignOutResponse adminUserGlobalSignOut(Consumer<AdminUserGlobalSignOutRequest.Builder> adminUserGlobalSignOutRequest)
                                                       throws ResourceNotFoundException,
                                                              InvalidParameterException,
                                                              TooManyRequestsException,
                                                              NotAuthorizedException,
                                                              UserNotFoundException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.

• Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.

  Amazon Cognito returns an Access Token has been revoked error when your app attempts to authorize a user pools API request with a revoked access token that contains the scope aws.cognito.signin.user.admin.

• Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with ServerSideTokenCheck enabled for its user pool IdP configuration in CognitoIdentityProvider.

• Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.

Other requests might be valid until your user's token expires. This operation doesn't clear the managed login session cookie. To clear the session for a user who signed in with managed login or the classic hosted UI, direct their browser session to the logout endpoint.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the AdminUserGlobalSignOutRequest.Builder avoiding the need to create one manually via AdminUserGlobalSignOutRequest.builder()

Parameters:

adminUserGlobalSignOutRequest - A Consumer that will call methods on AdminUserGlobalSignOutRequest.Builder to create a request. The request to sign out of all devices, as an administrator.

Returns:

Result of the AdminUserGlobalSignOut operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

associateSoftwareToken

default AssociateSoftwareTokenResponse associateSoftwareToken(AssociateSoftwareTokenRequest associateSoftwareTokenRequest)
                                                       throws ConcurrentModificationException,
                                                              InvalidParameterException,
                                                              NotAuthorizedException,
                                                              ResourceNotFoundException,
                                                              InternalErrorException,
                                                              SoftwareTokenMfaNotFoundException,
                                                              ForbiddenException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an AssociateSoftwareToken request with either the user's access token, or a session string from a challenge response that you received from Amazon Cognito.

Amazon Cognito disassociates an existing software token when you verify the new token in a VerifySoftwareToken API request. If you don't verify the software token and your user pool doesn't require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an MFA_SETUP or SOFTWARE_TOKEN_SETUP challenge each time your user signs in. Complete setup with AssociateSoftwareToken and VerifySoftwareToken.

After you set up software token MFA for your user, Amazon Cognito generates a SOFTWARE_TOKEN_MFA challenge when they authenticate. Respond to this challenge with your user's TOTP.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Parameters:

associateSoftwareTokenRequest -

Returns:

Result of the AssociateSoftwareToken operation returned by the service.

Throws:

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SoftwareTokenMfaNotFoundException - This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

associateSoftwareToken

default AssociateSoftwareTokenResponse associateSoftwareToken(Consumer<AssociateSoftwareTokenRequest.Builder> associateSoftwareTokenRequest)
                                                       throws ConcurrentModificationException,
                                                              InvalidParameterException,
                                                              NotAuthorizedException,
                                                              ResourceNotFoundException,
                                                              InternalErrorException,
                                                              SoftwareTokenMfaNotFoundException,
                                                              ForbiddenException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an AssociateSoftwareToken request with either the user's access token, or a session string from a challenge response that you received from Amazon Cognito.

Amazon Cognito disassociates an existing software token when you verify the new token in a VerifySoftwareToken API request. If you don't verify the software token and your user pool doesn't require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an MFA_SETUP or SOFTWARE_TOKEN_SETUP challenge each time your user signs in. Complete setup with AssociateSoftwareToken and VerifySoftwareToken.

After you set up software token MFA for your user, Amazon Cognito generates a SOFTWARE_TOKEN_MFA challenge when they authenticate. Respond to this challenge with your user's TOTP.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

This is a convenience which creates an instance of the AssociateSoftwareTokenRequest.Builder avoiding the need to create one manually via AssociateSoftwareTokenRequest.builder()

Parameters:

associateSoftwareTokenRequest - A Consumer that will call methods on AssociateSoftwareTokenRequest.Builder to create a request.

Returns:

Result of the AssociateSoftwareToken operation returned by the service.

Throws:

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SoftwareTokenMfaNotFoundException - This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

changePassword

default ChangePasswordResponse changePassword(ChangePasswordRequest changePasswordRequest)
                                       throws ResourceNotFoundException,
                                              InvalidParameterException,
                                              InvalidPasswordException,
                                              PasswordHistoryPolicyViolationException,
                                              NotAuthorizedException,
                                              TooManyRequestsException,
                                              LimitExceededException,
                                              PasswordResetRequiredException,
                                              UserNotFoundException,
                                              UserNotConfirmedException,
                                              InternalErrorException,
                                              ForbiddenException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

Changes the password for a specified user in a user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

changePasswordRequest - Represents the request to change a user password.

Returns:

Result of the ChangePassword operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

PasswordHistoryPolicyViolationException - The message returned when a user's new password matches a previous password and doesn't comply with the password-history policy.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

changePassword

default ChangePasswordResponse changePassword(Consumer<ChangePasswordRequest.Builder> changePasswordRequest)
                                       throws ResourceNotFoundException,
                                              InvalidParameterException,
                                              InvalidPasswordException,
                                              PasswordHistoryPolicyViolationException,
                                              NotAuthorizedException,
                                              TooManyRequestsException,
                                              LimitExceededException,
                                              PasswordResetRequiredException,
                                              UserNotFoundException,
                                              UserNotConfirmedException,
                                              InternalErrorException,
                                              ForbiddenException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

Changes the password for a specified user in a user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the ChangePasswordRequest.Builder avoiding the need to create one manually via ChangePasswordRequest.builder()

Parameters:

changePasswordRequest - A Consumer that will call methods on ChangePasswordRequest.Builder to create a request. Represents the request to change a user password.

Returns:

Result of the ChangePassword operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

PasswordHistoryPolicyViolationException - The message returned when a user's new password matches a previous password and doesn't comply with the password-history policy.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

completeWebAuthnRegistration

default CompleteWebAuthnRegistrationResponse completeWebAuthnRegistration(CompleteWebAuthnRegistrationRequest completeWebAuthnRegistrationRequest)
                                                                   throws ForbiddenException,
                                                                          InternalErrorException,
                                                                          InvalidParameterException,
                                                                          LimitExceededException,
                                                                          NotAuthorizedException,
                                                                          TooManyRequestsException,
                                                                          WebAuthnNotEnabledException,
                                                                          WebAuthnChallengeNotFoundException,
                                                                          WebAuthnRelyingPartyMismatchException,
                                                                          WebAuthnClientMismatchException,
                                                                          WebAuthnOriginNotAllowedException,
                                                                          WebAuthnCredentialNotSupportedException,
                                                                          AwsServiceException,
                                                                          SdkClientException,
                                                                          CognitoIdentityProviderException

Completes registration of a passkey authenticator for the current user. Your application provides data from a successful registration request with the data from the output of a StartWebAuthnRegistration.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Parameters:

completeWebAuthnRegistrationRequest -

Returns:

Result of the CompleteWebAuthnRegistration operation returned by the service.

Throws:

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

WebAuthnNotEnabledException - This exception is thrown when the passkey feature isn't enabled for the user pool.

WebAuthnChallengeNotFoundException - This exception is thrown when the challenge from StartWebAuthn registration has expired.

WebAuthnRelyingPartyMismatchException - This exception is thrown when the given passkey credential is associated with a different relying party ID than the user pool relying party ID.

WebAuthnClientMismatchException - This exception is thrown when the access token is for a different client than the one in the original StartWebAuthnRegistration request.

WebAuthnOriginNotAllowedException - This exception is thrown when the passkey credential's registration origin does not align with the user pool relying party id.

WebAuthnCredentialNotSupportedException - This exception is thrown when a user presents passkey credentials from an unsupported device or provider.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

completeWebAuthnRegistration

default CompleteWebAuthnRegistrationResponse completeWebAuthnRegistration(Consumer<CompleteWebAuthnRegistrationRequest.Builder> completeWebAuthnRegistrationRequest)
                                                                   throws ForbiddenException,
                                                                          InternalErrorException,
                                                                          InvalidParameterException,
                                                                          LimitExceededException,
                                                                          NotAuthorizedException,
                                                                          TooManyRequestsException,
                                                                          WebAuthnNotEnabledException,
                                                                          WebAuthnChallengeNotFoundException,
                                                                          WebAuthnRelyingPartyMismatchException,
                                                                          WebAuthnClientMismatchException,
                                                                          WebAuthnOriginNotAllowedException,
                                                                          WebAuthnCredentialNotSupportedException,
                                                                          AwsServiceException,
                                                                          SdkClientException,
                                                                          CognitoIdentityProviderException

Completes registration of a passkey authenticator for the current user. Your application provides data from a successful registration request with the data from the output of a StartWebAuthnRegistration.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

This is a convenience which creates an instance of the CompleteWebAuthnRegistrationRequest.Builder avoiding the need to create one manually via CompleteWebAuthnRegistrationRequest.builder()

Parameters:

completeWebAuthnRegistrationRequest - A Consumer that will call methods on CompleteWebAuthnRegistrationRequest.Builder to create a request.

Returns:

Result of the CompleteWebAuthnRegistration operation returned by the service.

Throws:

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

WebAuthnNotEnabledException - This exception is thrown when the passkey feature isn't enabled for the user pool.

WebAuthnChallengeNotFoundException - This exception is thrown when the challenge from StartWebAuthn registration has expired.

WebAuthnRelyingPartyMismatchException - This exception is thrown when the given passkey credential is associated with a different relying party ID than the user pool relying party ID.

WebAuthnClientMismatchException - This exception is thrown when the access token is for a different client than the one in the original StartWebAuthnRegistration request.

WebAuthnOriginNotAllowedException - This exception is thrown when the passkey credential's registration origin does not align with the user pool relying party id.

WebAuthnCredentialNotSupportedException - This exception is thrown when a user presents passkey credentials from an unsupported device or provider.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

confirmDevice

default ConfirmDeviceResponse confirmDevice(ConfirmDeviceRequest confirmDeviceRequest)
                                     throws ResourceNotFoundException,
                                            InvalidParameterException,
                                            NotAuthorizedException,
                                            InvalidPasswordException,
                                            InvalidLambdaResponseException,
                                            UsernameExistsException,
                                            InvalidUserPoolConfigurationException,
                                            TooManyRequestsException,
                                            PasswordResetRequiredException,
                                            UserNotFoundException,
                                            UserNotConfirmedException,
                                            InternalErrorException,
                                            ForbiddenException,
                                            AwsServiceException,
                                            SdkClientException,
                                            CognitoIdentityProviderException

Confirms a device that a user wants to remember. A remembered device is a "Remember me on this device" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

confirmDeviceRequest - The confirm-device request.

Returns:

Result of the ConfirmDevice operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

UsernameExistsException - This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

confirmDevice

default ConfirmDeviceResponse confirmDevice(Consumer<ConfirmDeviceRequest.Builder> confirmDeviceRequest)
                                     throws ResourceNotFoundException,
                                            InvalidParameterException,
                                            NotAuthorizedException,
                                            InvalidPasswordException,
                                            InvalidLambdaResponseException,
                                            UsernameExistsException,
                                            InvalidUserPoolConfigurationException,
                                            TooManyRequestsException,
                                            PasswordResetRequiredException,
                                            UserNotFoundException,
                                            UserNotConfirmedException,
                                            InternalErrorException,
                                            ForbiddenException,
                                            AwsServiceException,
                                            SdkClientException,
                                            CognitoIdentityProviderException

Confirms a device that a user wants to remember. A remembered device is a "Remember me on this device" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the ConfirmDeviceRequest.Builder avoiding the need to create one manually via ConfirmDeviceRequest.builder()

Parameters:

confirmDeviceRequest - A Consumer that will call methods on ConfirmDeviceRequest.Builder to create a request. The confirm-device request.

Returns:

Result of the ConfirmDevice operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

UsernameExistsException - This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

confirmForgotPassword

default ConfirmForgotPasswordResponse confirmForgotPassword(ConfirmForgotPasswordRequest confirmForgotPasswordRequest)
                                                     throws ResourceNotFoundException,
                                                            UnexpectedLambdaException,
                                                            UserLambdaValidationException,
                                                            InvalidParameterException,
                                                            InvalidPasswordException,
                                                            PasswordHistoryPolicyViolationException,
                                                            NotAuthorizedException,
                                                            CodeMismatchException,
                                                            ExpiredCodeException,
                                                            TooManyFailedAttemptsException,
                                                            InvalidLambdaResponseException,
                                                            TooManyRequestsException,
                                                            LimitExceededException,
                                                            UserNotFoundException,
                                                            UserNotConfirmedException,
                                                            InternalErrorException,
                                                            ForbiddenException,
                                                            AwsServiceException,
                                                            SdkClientException,
                                                            CognitoIdentityProviderException

This public API operation accepts a confirmation code that Amazon Cognito sent to a user and accepts a new password for that user.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

confirmForgotPasswordRequest - The request representing the confirmation for a password reset.

Returns:

Result of the ConfirmForgotPassword operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

PasswordHistoryPolicyViolationException - The message returned when a user's new password matches a previous password and doesn't comply with the password-history policy.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

TooManyFailedAttemptsException - This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

confirmForgotPassword

default ConfirmForgotPasswordResponse confirmForgotPassword(Consumer<ConfirmForgotPasswordRequest.Builder> confirmForgotPasswordRequest)
                                                     throws ResourceNotFoundException,
                                                            UnexpectedLambdaException,
                                                            UserLambdaValidationException,
                                                            InvalidParameterException,
                                                            InvalidPasswordException,
                                                            PasswordHistoryPolicyViolationException,
                                                            NotAuthorizedException,
                                                            CodeMismatchException,
                                                            ExpiredCodeException,
                                                            TooManyFailedAttemptsException,
                                                            InvalidLambdaResponseException,
                                                            TooManyRequestsException,
                                                            LimitExceededException,
                                                            UserNotFoundException,
                                                            UserNotConfirmedException,
                                                            InternalErrorException,
                                                            ForbiddenException,
                                                            AwsServiceException,
                                                            SdkClientException,
                                                            CognitoIdentityProviderException

This public API operation accepts a confirmation code that Amazon Cognito sent to a user and accepts a new password for that user.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the ConfirmForgotPasswordRequest.Builder avoiding the need to create one manually via ConfirmForgotPasswordRequest.builder()

Parameters:

confirmForgotPasswordRequest - A Consumer that will call methods on ConfirmForgotPasswordRequest.Builder to create a request. The request representing the confirmation for a password reset.

Returns:

Result of the ConfirmForgotPassword operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

PasswordHistoryPolicyViolationException - The message returned when a user's new password matches a previous password and doesn't comply with the password-history policy.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

TooManyFailedAttemptsException - This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

confirmSignUp

default ConfirmSignUpResponse confirmSignUp(ConfirmSignUpRequest confirmSignUpRequest)
                                     throws ResourceNotFoundException,
                                            InvalidParameterException,
                                            UnexpectedLambdaException,
                                            UserLambdaValidationException,
                                            NotAuthorizedException,
                                            TooManyFailedAttemptsException,
                                            CodeMismatchException,
                                            ExpiredCodeException,
                                            InvalidLambdaResponseException,
                                            AliasExistsException,
                                            TooManyRequestsException,
                                            LimitExceededException,
                                            UserNotFoundException,
                                            InternalErrorException,
                                            ForbiddenException,
                                            AwsServiceException,
                                            SdkClientException,
                                            CognitoIdentityProviderException

This public API operation submits a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.

Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

confirmSignUpRequest - Represents the request to confirm registration of a user.

Returns:

Result of the ConfirmSignUp operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyFailedAttemptsException - This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

confirmSignUp

default ConfirmSignUpResponse confirmSignUp(Consumer<ConfirmSignUpRequest.Builder> confirmSignUpRequest)
                                     throws ResourceNotFoundException,
                                            InvalidParameterException,
                                            UnexpectedLambdaException,
                                            UserLambdaValidationException,
                                            NotAuthorizedException,
                                            TooManyFailedAttemptsException,
                                            CodeMismatchException,
                                            ExpiredCodeException,
                                            InvalidLambdaResponseException,
                                            AliasExistsException,
                                            TooManyRequestsException,
                                            LimitExceededException,
                                            UserNotFoundException,
                                            InternalErrorException,
                                            ForbiddenException,
                                            AwsServiceException,
                                            SdkClientException,
                                            CognitoIdentityProviderException

This public API operation submits a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.

Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the ConfirmSignUpRequest.Builder avoiding the need to create one manually via ConfirmSignUpRequest.builder()

Parameters:

confirmSignUpRequest - A Consumer that will call methods on ConfirmSignUpRequest.Builder to create a request. Represents the request to confirm registration of a user.

Returns:

Result of the ConfirmSignUp operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyFailedAttemptsException - This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createGroup

default CreateGroupResponse createGroup(CreateGroupRequest createGroupRequest)
                                 throws InvalidParameterException,
                                        GroupExistsException,
                                        ResourceNotFoundException,
                                        TooManyRequestsException,
                                        LimitExceededException,
                                        NotAuthorizedException,
                                        InternalErrorException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Creates a new group in the specified user pool. For more information about user pool groups see Adding groups to a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

createGroupRequest -

Returns:

Result of the CreateGroup operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

GroupExistsException - This exception is thrown when Amazon Cognito encounters a group that already exists in the user pool.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createGroup

default CreateGroupResponse createGroup(Consumer<CreateGroupRequest.Builder> createGroupRequest)
                                 throws InvalidParameterException,
                                        GroupExistsException,
                                        ResourceNotFoundException,
                                        TooManyRequestsException,
                                        LimitExceededException,
                                        NotAuthorizedException,
                                        InternalErrorException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Creates a new group in the specified user pool. For more information about user pool groups see Adding groups to a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the CreateGroupRequest.Builder avoiding the need to create one manually via CreateGroupRequest.builder()

Parameters:

createGroupRequest - A Consumer that will call methods on CreateGroupRequest.Builder to create a request.

Returns:

Result of the CreateGroup operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

GroupExistsException - This exception is thrown when Amazon Cognito encounters a group that already exists in the user pool.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createIdentityProvider

default CreateIdentityProviderResponse createIdentityProvider(CreateIdentityProviderRequest createIdentityProviderRequest)
                                                       throws InvalidParameterException,
                                                              DuplicateProviderException,
                                                              ResourceNotFoundException,
                                                              NotAuthorizedException,
                                                              TooManyRequestsException,
                                                              LimitExceededException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool. Amazon Cognito accepts sign-in with third-party identity providers through managed login and OIDC relying-party libraries. For more information, see Third-party IdP sign-in.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

createIdentityProviderRequest -

Returns:

Result of the CreateIdentityProvider operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

DuplicateProviderException - This exception is thrown when the provider is already supported by the user pool.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createIdentityProvider

default CreateIdentityProviderResponse createIdentityProvider(Consumer<CreateIdentityProviderRequest.Builder> createIdentityProviderRequest)
                                                       throws InvalidParameterException,
                                                              DuplicateProviderException,
                                                              ResourceNotFoundException,
                                                              NotAuthorizedException,
                                                              TooManyRequestsException,
                                                              LimitExceededException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool. Amazon Cognito accepts sign-in with third-party identity providers through managed login and OIDC relying-party libraries. For more information, see Third-party IdP sign-in.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the CreateIdentityProviderRequest.Builder avoiding the need to create one manually via CreateIdentityProviderRequest.builder()

Parameters:

createIdentityProviderRequest - A Consumer that will call methods on CreateIdentityProviderRequest.Builder to create a request.

Returns:

Result of the CreateIdentityProvider operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

DuplicateProviderException - This exception is thrown when the provider is already supported by the user pool.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createManagedLoginBranding

default CreateManagedLoginBrandingResponse createManagedLoginBranding(CreateManagedLoginBrandingRequest createManagedLoginBrandingRequest)
                                                               throws ResourceNotFoundException,
                                                                      ConcurrentModificationException,
                                                                      ManagedLoginBrandingExistsException,
                                                                      InvalidParameterException,
                                                                      TooManyRequestsException,
                                                                      NotAuthorizedException,
                                                                      LimitExceededException,
                                                                      InternalErrorException,
                                                                      AwsServiceException,
                                                                      SdkClientException,
                                                                      CognitoIdentityProviderException

Creates a new set of branding settings for a user pool style and associates it with an app client. This operation is the programmatic option for the creation of a new style in the branding designer.

Provides values for UI customization in a Settings JSON object and image files in an Assets array. To send the JSON object Document type parameter in Settings, you might need to update to the most recent version of your Amazon Web Services SDK. To create a new style with default settings, set UseCognitoProvidedValues to true and don't provide values for any other options.

This operation has a 2-megabyte request-size limit and include the CSS settings and image assets for your app client. Your branding settings might exceed 2MB in size. Amazon Cognito doesn't require that you pass all parameters in one request and preserves existing style settings that you don't specify. If your request is larger than 2MB, separate it into multiple requests, each with a size smaller than the limit.

As a best practice, modify the output of DescribeManagedLoginBrandingByClient into the request parameters for this operation. To get all settings, set ReturnMergedResources to true. For more information, see API and SDK operations for managed login branding.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

createManagedLoginBrandingRequest -

Returns:

Result of the CreateManagedLoginBranding operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

ManagedLoginBrandingExistsException - This exception is thrown when you attempt to apply a managed login branding style to an app client that already has an assigned style.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createManagedLoginBranding

default CreateManagedLoginBrandingResponse createManagedLoginBranding(Consumer<CreateManagedLoginBrandingRequest.Builder> createManagedLoginBrandingRequest)
                                                               throws ResourceNotFoundException,
                                                                      ConcurrentModificationException,
                                                                      ManagedLoginBrandingExistsException,
                                                                      InvalidParameterException,
                                                                      TooManyRequestsException,
                                                                      NotAuthorizedException,
                                                                      LimitExceededException,
                                                                      InternalErrorException,
                                                                      AwsServiceException,
                                                                      SdkClientException,
                                                                      CognitoIdentityProviderException

Creates a new set of branding settings for a user pool style and associates it with an app client. This operation is the programmatic option for the creation of a new style in the branding designer.

Provides values for UI customization in a Settings JSON object and image files in an Assets array. To send the JSON object Document type parameter in Settings, you might need to update to the most recent version of your Amazon Web Services SDK. To create a new style with default settings, set UseCognitoProvidedValues to true and don't provide values for any other options.

This operation has a 2-megabyte request-size limit and include the CSS settings and image assets for your app client. Your branding settings might exceed 2MB in size. Amazon Cognito doesn't require that you pass all parameters in one request and preserves existing style settings that you don't specify. If your request is larger than 2MB, separate it into multiple requests, each with a size smaller than the limit.

As a best practice, modify the output of DescribeManagedLoginBrandingByClient into the request parameters for this operation. To get all settings, set ReturnMergedResources to true. For more information, see API and SDK operations for managed login branding.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the CreateManagedLoginBrandingRequest.Builder avoiding the need to create one manually via CreateManagedLoginBrandingRequest.builder()

Parameters:

createManagedLoginBrandingRequest - A Consumer that will call methods on CreateManagedLoginBrandingRequest.Builder to create a request.

Returns:

Result of the CreateManagedLoginBranding operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

ManagedLoginBrandingExistsException - This exception is thrown when you attempt to apply a managed login branding style to an app client that already has an assigned style.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createResourceServer

default CreateResourceServerResponse createResourceServer(CreateResourceServerRequest createResourceServerRequest)
                                                   throws InvalidParameterException,
                                                          ResourceNotFoundException,
                                                          NotAuthorizedException,
                                                          TooManyRequestsException,
                                                          LimitExceededException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Creates a new OAuth2.0 resource server and defines custom scopes within it. Resource servers are associated with custom scopes and machine-to-machine (M2M) authorization. For more information, see Access control with resource servers.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

createResourceServerRequest -

Returns:

Result of the CreateResourceServer operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createResourceServer

default CreateResourceServerResponse createResourceServer(Consumer<CreateResourceServerRequest.Builder> createResourceServerRequest)
                                                   throws InvalidParameterException,
                                                          ResourceNotFoundException,
                                                          NotAuthorizedException,
                                                          TooManyRequestsException,
                                                          LimitExceededException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Creates a new OAuth2.0 resource server and defines custom scopes within it. Resource servers are associated with custom scopes and machine-to-machine (M2M) authorization. For more information, see Access control with resource servers.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the CreateResourceServerRequest.Builder avoiding the need to create one manually via CreateResourceServerRequest.builder()

Parameters:

createResourceServerRequest - A Consumer that will call methods on CreateResourceServerRequest.Builder to create a request.

Returns:

Result of the CreateResourceServer operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createUserImportJob

default CreateUserImportJobResponse createUserImportJob(CreateUserImportJobRequest createUserImportJobRequest)
                                                 throws ResourceNotFoundException,
                                                        InvalidParameterException,
                                                        TooManyRequestsException,
                                                        PreconditionNotMetException,
                                                        NotAuthorizedException,
                                                        LimitExceededException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Creates a user import job. You can import users into user pools from a comma-separated values (CSV) file without adding Amazon Cognito MAU costs to your Amazon Web Services bill. To generate a template for your import, see GetCSVHeader. To learn more about CSV import, see Importing users from a CSV file.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

createUserImportJobRequest - Represents the request to create the user import job.

Returns:

Result of the CreateUserImportJob operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PreconditionNotMetException - This exception is thrown when a precondition is not met.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createUserImportJob

default CreateUserImportJobResponse createUserImportJob(Consumer<CreateUserImportJobRequest.Builder> createUserImportJobRequest)
                                                 throws ResourceNotFoundException,
                                                        InvalidParameterException,
                                                        TooManyRequestsException,
                                                        PreconditionNotMetException,
                                                        NotAuthorizedException,
                                                        LimitExceededException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Creates a user import job. You can import users into user pools from a comma-separated values (CSV) file without adding Amazon Cognito MAU costs to your Amazon Web Services bill. To generate a template for your import, see GetCSVHeader. To learn more about CSV import, see Importing users from a CSV file.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the CreateUserImportJobRequest.Builder avoiding the need to create one manually via CreateUserImportJobRequest.builder()

Parameters:

createUserImportJobRequest - A Consumer that will call methods on CreateUserImportJobRequest.Builder to create a request. Represents the request to create the user import job.

Returns:

Result of the CreateUserImportJob operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PreconditionNotMetException - This exception is thrown when a precondition is not met.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createUserPool

default CreateUserPoolResponse createUserPool(CreateUserPoolRequest createUserPoolRequest)
                                       throws InvalidParameterException,
                                              TooManyRequestsException,
                                              LimitExceededException,
                                              InvalidSmsRoleAccessPolicyException,
                                              InvalidSmsRoleTrustRelationshipException,
                                              InvalidEmailRoleAccessPolicyException,
                                              NotAuthorizedException,
                                              UserPoolTaggingException,
                                              InternalErrorException,
                                              TierChangeNotAllowedException,
                                              FeatureUnavailableInTierException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Creates a new Amazon Cognito user pool. This operation sets basic and advanced configuration options. You can create a user pool in the Amazon Cognito console to your preferences and use the output of DescribeUserPool to generate requests from that baseline.

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

createUserPoolRequest - Represents the request to create a user pool.

Returns:

Result of the CreateUserPool operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserPoolTaggingException - This exception is thrown when a user pool tag can't be set or updated.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

TierChangeNotAllowedException - This exception is thrown when you've attempted to change your feature plan but the operation isn't permitted.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createUserPool

default CreateUserPoolResponse createUserPool(Consumer<CreateUserPoolRequest.Builder> createUserPoolRequest)
                                       throws InvalidParameterException,
                                              TooManyRequestsException,
                                              LimitExceededException,
                                              InvalidSmsRoleAccessPolicyException,
                                              InvalidSmsRoleTrustRelationshipException,
                                              InvalidEmailRoleAccessPolicyException,
                                              NotAuthorizedException,
                                              UserPoolTaggingException,
                                              InternalErrorException,
                                              TierChangeNotAllowedException,
                                              FeatureUnavailableInTierException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Creates a new Amazon Cognito user pool. This operation sets basic and advanced configuration options. You can create a user pool in the Amazon Cognito console to your preferences and use the output of DescribeUserPool to generate requests from that baseline.

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the CreateUserPoolRequest.Builder avoiding the need to create one manually via CreateUserPoolRequest.builder()

Parameters:

createUserPoolRequest - A Consumer that will call methods on CreateUserPoolRequest.Builder to create a request. Represents the request to create a user pool.

Returns:

Result of the CreateUserPool operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserPoolTaggingException - This exception is thrown when a user pool tag can't be set or updated.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

TierChangeNotAllowedException - This exception is thrown when you've attempted to change your feature plan but the operation isn't permitted.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createUserPoolClient

default CreateUserPoolClientResponse createUserPoolClient(CreateUserPoolClientRequest createUserPoolClientRequest)
                                                   throws InvalidParameterException,
                                                          ResourceNotFoundException,
                                                          TooManyRequestsException,
                                                          LimitExceededException,
                                                          NotAuthorizedException,
                                                          ScopeDoesNotExistException,
                                                          InvalidOAuthFlowException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Creates an app client in a user pool. This operation sets basic and advanced configuration options. You can create an app client in the Amazon Cognito console to your preferences and use the output of DescribeUserPoolClient to generate requests from that baseline.

New app clients activate token revocation by default. For more information about revoking tokens, see RevokeToken.

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

createUserPoolClientRequest - Represents the request to create a user pool client.

Returns:

Result of the CreateUserPoolClient operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ScopeDoesNotExistException - This exception is thrown when the specified scope doesn't exist.

InvalidOAuthFlowException - This exception is thrown when the specified OAuth flow is not valid.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createUserPoolClient

default CreateUserPoolClientResponse createUserPoolClient(Consumer<CreateUserPoolClientRequest.Builder> createUserPoolClientRequest)
                                                   throws InvalidParameterException,
                                                          ResourceNotFoundException,
                                                          TooManyRequestsException,
                                                          LimitExceededException,
                                                          NotAuthorizedException,
                                                          ScopeDoesNotExistException,
                                                          InvalidOAuthFlowException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Creates an app client in a user pool. This operation sets basic and advanced configuration options. You can create an app client in the Amazon Cognito console to your preferences and use the output of DescribeUserPoolClient to generate requests from that baseline.

New app clients activate token revocation by default. For more information about revoking tokens, see RevokeToken.

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the CreateUserPoolClientRequest.Builder avoiding the need to create one manually via CreateUserPoolClientRequest.builder()

Parameters:

createUserPoolClientRequest - A Consumer that will call methods on CreateUserPoolClientRequest.Builder to create a request. Represents the request to create a user pool client.

Returns:

Result of the CreateUserPoolClient operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ScopeDoesNotExistException - This exception is thrown when the specified scope doesn't exist.

InvalidOAuthFlowException - This exception is thrown when the specified OAuth flow is not valid.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createUserPoolDomain

default CreateUserPoolDomainResponse createUserPoolDomain(CreateUserPoolDomainRequest createUserPoolDomainRequest)
                                                   throws InvalidParameterException,
                                                          NotAuthorizedException,
                                                          ResourceNotFoundException,
                                                          LimitExceededException,
                                                          InternalErrorException,
                                                          FeatureUnavailableInTierException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

A user pool domain hosts managed login, an authorization server and web server for authentication in your application. This operation creates a new user pool prefix or custom domain and sets the managed login branding version. Set the branding version to 1 for hosted UI (classic) or 2 for managed login. When you choose a custom domain, you must provide an SSL certificate in the US East (N. Virginia) Amazon Web Services Region in your request.

Your prefix domain might take up to one minute to take effect. Your custom domain is online within five minutes, but it can take up to one hour to distribute your SSL certificate.

For more information about adding a custom domain to your user pool, see Configuring a user pool domain.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

createUserPoolDomainRequest -

Returns:

Result of the CreateUserPoolDomain operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

createUserPoolDomain

default CreateUserPoolDomainResponse createUserPoolDomain(Consumer<CreateUserPoolDomainRequest.Builder> createUserPoolDomainRequest)
                                                   throws InvalidParameterException,
                                                          NotAuthorizedException,
                                                          ResourceNotFoundException,
                                                          LimitExceededException,
                                                          InternalErrorException,
                                                          FeatureUnavailableInTierException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

A user pool domain hosts managed login, an authorization server and web server for authentication in your application. This operation creates a new user pool prefix or custom domain and sets the managed login branding version. Set the branding version to 1 for hosted UI (classic) or 2 for managed login. When you choose a custom domain, you must provide an SSL certificate in the US East (N. Virginia) Amazon Web Services Region in your request.

Your prefix domain might take up to one minute to take effect. Your custom domain is online within five minutes, but it can take up to one hour to distribute your SSL certificate.

For more information about adding a custom domain to your user pool, see Configuring a user pool domain.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the CreateUserPoolDomainRequest.Builder avoiding the need to create one manually via CreateUserPoolDomainRequest.builder()

Parameters:

createUserPoolDomainRequest - A Consumer that will call methods on CreateUserPoolDomainRequest.Builder to create a request.

Returns:

Result of the CreateUserPoolDomain operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteGroup

default DeleteGroupResponse deleteGroup(DeleteGroupRequest deleteGroupRequest)
                                 throws ResourceNotFoundException,
                                        InvalidParameterException,
                                        TooManyRequestsException,
                                        NotAuthorizedException,
                                        InternalErrorException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Deletes a group from the specified user pool. When you delete a group, that group no longer contributes to users' cognito:preferred_group or cognito:groups claims, and no longer influence access-control decision that are based on group membership. For more information about user pool groups, see Adding groups to a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

deleteGroupRequest -

Returns:

Result of the DeleteGroup operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteGroup

default DeleteGroupResponse deleteGroup(Consumer<DeleteGroupRequest.Builder> deleteGroupRequest)
                                 throws ResourceNotFoundException,
                                        InvalidParameterException,
                                        TooManyRequestsException,
                                        NotAuthorizedException,
                                        InternalErrorException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Deletes a group from the specified user pool. When you delete a group, that group no longer contributes to users' cognito:preferred_group or cognito:groups claims, and no longer influence access-control decision that are based on group membership. For more information about user pool groups, see Adding groups to a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the DeleteGroupRequest.Builder avoiding the need to create one manually via DeleteGroupRequest.builder()

Parameters:

deleteGroupRequest - A Consumer that will call methods on DeleteGroupRequest.Builder to create a request.

Returns:

Result of the DeleteGroup operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteIdentityProvider

default DeleteIdentityProviderResponse deleteIdentityProvider(DeleteIdentityProviderRequest deleteIdentityProviderRequest)
                                                       throws InvalidParameterException,
                                                              UnsupportedIdentityProviderException,
                                                              ConcurrentModificationException,
                                                              ResourceNotFoundException,
                                                              NotAuthorizedException,
                                                              TooManyRequestsException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Deletes a user pool identity provider (IdP). After you delete an IdP, users can no longer sign in to your user pool through that IdP. For more information about user pool IdPs, see Third-party IdP sign-in.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

deleteIdentityProviderRequest -

Returns:

Result of the DeleteIdentityProvider operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnsupportedIdentityProviderException - This exception is thrown when the specified identifier isn't supported.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteIdentityProvider

default DeleteIdentityProviderResponse deleteIdentityProvider(Consumer<DeleteIdentityProviderRequest.Builder> deleteIdentityProviderRequest)
                                                       throws InvalidParameterException,
                                                              UnsupportedIdentityProviderException,
                                                              ConcurrentModificationException,
                                                              ResourceNotFoundException,
                                                              NotAuthorizedException,
                                                              TooManyRequestsException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Deletes a user pool identity provider (IdP). After you delete an IdP, users can no longer sign in to your user pool through that IdP. For more information about user pool IdPs, see Third-party IdP sign-in.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the DeleteIdentityProviderRequest.Builder avoiding the need to create one manually via DeleteIdentityProviderRequest.builder()

Parameters:

deleteIdentityProviderRequest - A Consumer that will call methods on DeleteIdentityProviderRequest.Builder to create a request.

Returns:

Result of the DeleteIdentityProvider operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnsupportedIdentityProviderException - This exception is thrown when the specified identifier isn't supported.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteManagedLoginBranding

default DeleteManagedLoginBrandingResponse deleteManagedLoginBranding(DeleteManagedLoginBrandingRequest deleteManagedLoginBrandingRequest)
                                                               throws ResourceNotFoundException,
                                                                      ConcurrentModificationException,
                                                                      InvalidParameterException,
                                                                      TooManyRequestsException,
                                                                      NotAuthorizedException,
                                                                      InternalErrorException,
                                                                      AwsServiceException,
                                                                      SdkClientException,
                                                                      CognitoIdentityProviderException

Deletes a managed login branding style. When you delete a style, you delete the branding association for an app client. When an app client doesn't have a style assigned, your managed login pages for that app client are nonfunctional until you create a new style or switch the domain branding version.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

deleteManagedLoginBrandingRequest -

Returns:

Result of the DeleteManagedLoginBranding operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteManagedLoginBranding

default DeleteManagedLoginBrandingResponse deleteManagedLoginBranding(Consumer<DeleteManagedLoginBrandingRequest.Builder> deleteManagedLoginBrandingRequest)
                                                               throws ResourceNotFoundException,
                                                                      ConcurrentModificationException,
                                                                      InvalidParameterException,
                                                                      TooManyRequestsException,
                                                                      NotAuthorizedException,
                                                                      InternalErrorException,
                                                                      AwsServiceException,
                                                                      SdkClientException,
                                                                      CognitoIdentityProviderException

Deletes a managed login branding style. When you delete a style, you delete the branding association for an app client. When an app client doesn't have a style assigned, your managed login pages for that app client are nonfunctional until you create a new style or switch the domain branding version.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the DeleteManagedLoginBrandingRequest.Builder avoiding the need to create one manually via DeleteManagedLoginBrandingRequest.builder()

Parameters:

deleteManagedLoginBrandingRequest - A Consumer that will call methods on DeleteManagedLoginBrandingRequest.Builder to create a request.

Returns:

Result of the DeleteManagedLoginBranding operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteResourceServer

default DeleteResourceServerResponse deleteResourceServer(DeleteResourceServerRequest deleteResourceServerRequest)
                                                   throws InvalidParameterException,
                                                          ResourceNotFoundException,
                                                          NotAuthorizedException,
                                                          TooManyRequestsException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Deletes a resource server. After you delete a resource server, users can no longer generate access tokens with scopes that are associate with that resource server.

Resource servers are associated with custom scopes and machine-to-machine (M2M) authorization. For more information, see Access control with resource servers.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

deleteResourceServerRequest -

Returns:

Result of the DeleteResourceServer operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteResourceServer

default DeleteResourceServerResponse deleteResourceServer(Consumer<DeleteResourceServerRequest.Builder> deleteResourceServerRequest)
                                                   throws InvalidParameterException,
                                                          ResourceNotFoundException,
                                                          NotAuthorizedException,
                                                          TooManyRequestsException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Deletes a resource server. After you delete a resource server, users can no longer generate access tokens with scopes that are associate with that resource server.

Resource servers are associated with custom scopes and machine-to-machine (M2M) authorization. For more information, see Access control with resource servers.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the DeleteResourceServerRequest.Builder avoiding the need to create one manually via DeleteResourceServerRequest.builder()

Parameters:

deleteResourceServerRequest - A Consumer that will call methods on DeleteResourceServerRequest.Builder to create a request.

Returns:

Result of the DeleteResourceServer operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteUser

default DeleteUserResponse deleteUser(DeleteUserRequest deleteUserRequest)
                               throws ResourceNotFoundException,
                                      InvalidParameterException,
                                      NotAuthorizedException,
                                      TooManyRequestsException,
                                      PasswordResetRequiredException,
                                      UserNotFoundException,
                                      UserNotConfirmedException,
                                      InternalErrorException,
                                      ForbiddenException,
                                      AwsServiceException,
                                      SdkClientException,
                                      CognitoIdentityProviderException

Self-deletes a user profile. A deleted user profile can no longer be used to sign in and can't be restored.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

deleteUserRequest - Represents the request to delete a user.

Returns:

Result of the DeleteUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteUser

default DeleteUserResponse deleteUser(Consumer<DeleteUserRequest.Builder> deleteUserRequest)
                               throws ResourceNotFoundException,
                                      InvalidParameterException,
                                      NotAuthorizedException,
                                      TooManyRequestsException,
                                      PasswordResetRequiredException,
                                      UserNotFoundException,
                                      UserNotConfirmedException,
                                      InternalErrorException,
                                      ForbiddenException,
                                      AwsServiceException,
                                      SdkClientException,
                                      CognitoIdentityProviderException

Self-deletes a user profile. A deleted user profile can no longer be used to sign in and can't be restored.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the DeleteUserRequest.Builder avoiding the need to create one manually via DeleteUserRequest.builder()

Parameters:

deleteUserRequest - A Consumer that will call methods on DeleteUserRequest.Builder to create a request. Represents the request to delete a user.

Returns:

Result of the DeleteUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteUserAttributes

default DeleteUserAttributesResponse deleteUserAttributes(DeleteUserAttributesRequest deleteUserAttributesRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          NotAuthorizedException,
                                                          TooManyRequestsException,
                                                          PasswordResetRequiredException,
                                                          UserNotFoundException,
                                                          UserNotConfirmedException,
                                                          InternalErrorException,
                                                          ForbiddenException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Self-deletes attributes for a user. For example, your application can submit a request to this operation when a user wants to remove their birthdate attribute value.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

deleteUserAttributesRequest - Represents the request to delete user attributes.

Returns:

Result of the DeleteUserAttributes operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteUserAttributes

default DeleteUserAttributesResponse deleteUserAttributes(Consumer<DeleteUserAttributesRequest.Builder> deleteUserAttributesRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          NotAuthorizedException,
                                                          TooManyRequestsException,
                                                          PasswordResetRequiredException,
                                                          UserNotFoundException,
                                                          UserNotConfirmedException,
                                                          InternalErrorException,
                                                          ForbiddenException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Self-deletes attributes for a user. For example, your application can submit a request to this operation when a user wants to remove their birthdate attribute value.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the DeleteUserAttributesRequest.Builder avoiding the need to create one manually via DeleteUserAttributesRequest.builder()

Parameters:

deleteUserAttributesRequest - A Consumer that will call methods on DeleteUserAttributesRequest.Builder to create a request. Represents the request to delete user attributes.

Returns:

Result of the DeleteUserAttributes operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteUserPool

default DeleteUserPoolResponse deleteUserPool(DeleteUserPoolRequest deleteUserPoolRequest)
                                       throws ResourceNotFoundException,
                                              InvalidParameterException,
                                              TooManyRequestsException,
                                              NotAuthorizedException,
                                              UserImportInProgressException,
                                              InternalErrorException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

Deletes a user pool. After you delete a user pool, users can no longer sign in to any associated applications.

Parameters:

deleteUserPoolRequest - Represents the request to delete a user pool.

Returns:

Result of the DeleteUserPool operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserImportInProgressException - This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteUserPool

default DeleteUserPoolResponse deleteUserPool(Consumer<DeleteUserPoolRequest.Builder> deleteUserPoolRequest)
                                       throws ResourceNotFoundException,
                                              InvalidParameterException,
                                              TooManyRequestsException,
                                              NotAuthorizedException,
                                              UserImportInProgressException,
                                              InternalErrorException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

Deletes a user pool. After you delete a user pool, users can no longer sign in to any associated applications.

This is a convenience which creates an instance of the DeleteUserPoolRequest.Builder avoiding the need to create one manually via DeleteUserPoolRequest.builder()

Parameters:

deleteUserPoolRequest - A Consumer that will call methods on DeleteUserPoolRequest.Builder to create a request. Represents the request to delete a user pool.

Returns:

Result of the DeleteUserPool operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserImportInProgressException - This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteUserPoolClient

default DeleteUserPoolClientResponse deleteUserPoolClient(DeleteUserPoolClientRequest deleteUserPoolClientRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          TooManyRequestsException,
                                                          NotAuthorizedException,
                                                          ConcurrentModificationException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Deletes a user pool app client. After you delete an app client, users can no longer sign in to the associated application.

Parameters:

deleteUserPoolClientRequest - Represents the request to delete a user pool client.

Returns:

Result of the DeleteUserPoolClient operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteUserPoolClient

default DeleteUserPoolClientResponse deleteUserPoolClient(Consumer<DeleteUserPoolClientRequest.Builder> deleteUserPoolClientRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          TooManyRequestsException,
                                                          NotAuthorizedException,
                                                          ConcurrentModificationException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Deletes a user pool app client. After you delete an app client, users can no longer sign in to the associated application.

This is a convenience which creates an instance of the DeleteUserPoolClientRequest.Builder avoiding the need to create one manually via DeleteUserPoolClientRequest.builder()

Parameters:

deleteUserPoolClientRequest - A Consumer that will call methods on DeleteUserPoolClientRequest.Builder to create a request. Represents the request to delete a user pool client.

Returns:

Result of the DeleteUserPoolClient operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteUserPoolDomain

default DeleteUserPoolDomainResponse deleteUserPoolDomain(DeleteUserPoolDomainRequest deleteUserPoolDomainRequest)
                                                   throws NotAuthorizedException,
                                                          InvalidParameterException,
                                                          ResourceNotFoundException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Given a user pool ID and domain identifier, deletes a user pool domain. After you delete a user pool domain, your managed login pages and authorization server are no longer available.

Parameters:

deleteUserPoolDomainRequest -

Returns:

Result of the DeleteUserPoolDomain operation returned by the service.

Throws:

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteUserPoolDomain

default DeleteUserPoolDomainResponse deleteUserPoolDomain(Consumer<DeleteUserPoolDomainRequest.Builder> deleteUserPoolDomainRequest)
                                                   throws NotAuthorizedException,
                                                          InvalidParameterException,
                                                          ResourceNotFoundException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Given a user pool ID and domain identifier, deletes a user pool domain. After you delete a user pool domain, your managed login pages and authorization server are no longer available.

This is a convenience which creates an instance of the DeleteUserPoolDomainRequest.Builder avoiding the need to create one manually via DeleteUserPoolDomainRequest.builder()

Parameters:

deleteUserPoolDomainRequest - A Consumer that will call methods on DeleteUserPoolDomainRequest.Builder to create a request.

Returns:

Result of the DeleteUserPoolDomain operation returned by the service.

Throws:

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteWebAuthnCredential

default DeleteWebAuthnCredentialResponse deleteWebAuthnCredential(DeleteWebAuthnCredentialRequest deleteWebAuthnCredentialRequest)
                                                           throws ForbiddenException,
                                                                  InternalErrorException,
                                                                  InvalidParameterException,
                                                                  NotAuthorizedException,
                                                                  ResourceNotFoundException,
                                                                  AwsServiceException,
                                                                  SdkClientException,
                                                                  CognitoIdentityProviderException

Deletes a registered passkey, or webauthN, authenticator for the currently signed-in user.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

deleteWebAuthnCredentialRequest -

Returns:

Result of the DeleteWebAuthnCredential operation returned by the service.

Throws:

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

deleteWebAuthnCredential

default DeleteWebAuthnCredentialResponse deleteWebAuthnCredential(Consumer<DeleteWebAuthnCredentialRequest.Builder> deleteWebAuthnCredentialRequest)
                                                           throws ForbiddenException,
                                                                  InternalErrorException,
                                                                  InvalidParameterException,
                                                                  NotAuthorizedException,
                                                                  ResourceNotFoundException,
                                                                  AwsServiceException,
                                                                  SdkClientException,
                                                                  CognitoIdentityProviderException

Deletes a registered passkey, or webauthN, authenticator for the currently signed-in user.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the DeleteWebAuthnCredentialRequest.Builder avoiding the need to create one manually via DeleteWebAuthnCredentialRequest.builder()

Parameters:

deleteWebAuthnCredentialRequest - A Consumer that will call methods on DeleteWebAuthnCredentialRequest.Builder to create a request.

Returns:

Result of the DeleteWebAuthnCredential operation returned by the service.

Throws:

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeIdentityProvider

default DescribeIdentityProviderResponse describeIdentityProvider(DescribeIdentityProviderRequest describeIdentityProviderRequest)
                                                           throws InvalidParameterException,
                                                                  ResourceNotFoundException,
                                                                  NotAuthorizedException,
                                                                  TooManyRequestsException,
                                                                  InternalErrorException,
                                                                  AwsServiceException,
                                                                  SdkClientException,
                                                                  CognitoIdentityProviderException

Given a user pool ID and identity provider (IdP) name, returns details about the IdP.

Parameters:

describeIdentityProviderRequest -

Returns:

Result of the DescribeIdentityProvider operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeIdentityProvider

default DescribeIdentityProviderResponse describeIdentityProvider(Consumer<DescribeIdentityProviderRequest.Builder> describeIdentityProviderRequest)
                                                           throws InvalidParameterException,
                                                                  ResourceNotFoundException,
                                                                  NotAuthorizedException,
                                                                  TooManyRequestsException,
                                                                  InternalErrorException,
                                                                  AwsServiceException,
                                                                  SdkClientException,
                                                                  CognitoIdentityProviderException

Given a user pool ID and identity provider (IdP) name, returns details about the IdP.

This is a convenience which creates an instance of the DescribeIdentityProviderRequest.Builder avoiding the need to create one manually via DescribeIdentityProviderRequest.builder()

Parameters:

describeIdentityProviderRequest - A Consumer that will call methods on DescribeIdentityProviderRequest.Builder to create a request.

Returns:

Result of the DescribeIdentityProvider operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeManagedLoginBranding

default DescribeManagedLoginBrandingResponse describeManagedLoginBranding(DescribeManagedLoginBrandingRequest describeManagedLoginBrandingRequest)
                                                                   throws ResourceNotFoundException,
                                                                          InvalidParameterException,
                                                                          TooManyRequestsException,
                                                                          NotAuthorizedException,
                                                                          InternalErrorException,
                                                                          AwsServiceException,
                                                                          SdkClientException,
                                                                          CognitoIdentityProviderException

Given the ID of a managed login branding style, returns detailed information about the style.

Parameters:

describeManagedLoginBrandingRequest -

Returns:

Result of the DescribeManagedLoginBranding operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeManagedLoginBranding

default DescribeManagedLoginBrandingResponse describeManagedLoginBranding(Consumer<DescribeManagedLoginBrandingRequest.Builder> describeManagedLoginBrandingRequest)
                                                                   throws ResourceNotFoundException,
                                                                          InvalidParameterException,
                                                                          TooManyRequestsException,
                                                                          NotAuthorizedException,
                                                                          InternalErrorException,
                                                                          AwsServiceException,
                                                                          SdkClientException,
                                                                          CognitoIdentityProviderException

Given the ID of a managed login branding style, returns detailed information about the style.

This is a convenience which creates an instance of the DescribeManagedLoginBrandingRequest.Builder avoiding the need to create one manually via DescribeManagedLoginBrandingRequest.builder()

Parameters:

describeManagedLoginBrandingRequest - A Consumer that will call methods on DescribeManagedLoginBrandingRequest.Builder to create a request.

Returns:

Result of the DescribeManagedLoginBranding operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeManagedLoginBrandingByClient

default DescribeManagedLoginBrandingByClientResponse describeManagedLoginBrandingByClient(DescribeManagedLoginBrandingByClientRequest describeManagedLoginBrandingByClientRequest)
                                                                                   throws ResourceNotFoundException,
                                                                                          InvalidParameterException,
                                                                                          TooManyRequestsException,
                                                                                          NotAuthorizedException,
                                                                                          InternalErrorException,
                                                                                          AwsServiceException,
                                                                                          SdkClientException,
                                                                                          CognitoIdentityProviderException

Given the ID of a user pool app client, returns detailed information about the style assigned to the app client.

Parameters:

describeManagedLoginBrandingByClientRequest -

Returns:

Result of the DescribeManagedLoginBrandingByClient operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeManagedLoginBrandingByClient

default DescribeManagedLoginBrandingByClientResponse describeManagedLoginBrandingByClient(Consumer<DescribeManagedLoginBrandingByClientRequest.Builder> describeManagedLoginBrandingByClientRequest)
                                                                                   throws ResourceNotFoundException,
                                                                                          InvalidParameterException,
                                                                                          TooManyRequestsException,
                                                                                          NotAuthorizedException,
                                                                                          InternalErrorException,
                                                                                          AwsServiceException,
                                                                                          SdkClientException,
                                                                                          CognitoIdentityProviderException

Given the ID of a user pool app client, returns detailed information about the style assigned to the app client.

This is a convenience which creates an instance of the DescribeManagedLoginBrandingByClientRequest.Builder avoiding the need to create one manually via DescribeManagedLoginBrandingByClientRequest.builder()

Parameters:

describeManagedLoginBrandingByClientRequest - A Consumer that will call methods on DescribeManagedLoginBrandingByClientRequest.Builder to create a request.

Returns:

Result of the DescribeManagedLoginBrandingByClient operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeResourceServer

default DescribeResourceServerResponse describeResourceServer(DescribeResourceServerRequest describeResourceServerRequest)
                                                       throws InvalidParameterException,
                                                              ResourceNotFoundException,
                                                              NotAuthorizedException,
                                                              TooManyRequestsException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Describes a resource server. For more information about resource servers, see Access control with resource servers.

Parameters:

describeResourceServerRequest -

Returns:

Result of the DescribeResourceServer operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeResourceServer

default DescribeResourceServerResponse describeResourceServer(Consumer<DescribeResourceServerRequest.Builder> describeResourceServerRequest)
                                                       throws InvalidParameterException,
                                                              ResourceNotFoundException,
                                                              NotAuthorizedException,
                                                              TooManyRequestsException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Describes a resource server. For more information about resource servers, see Access control with resource servers.

This is a convenience which creates an instance of the DescribeResourceServerRequest.Builder avoiding the need to create one manually via DescribeResourceServerRequest.builder()

Parameters:

describeResourceServerRequest - A Consumer that will call methods on DescribeResourceServerRequest.Builder to create a request.

Returns:

Result of the DescribeResourceServer operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeRiskConfiguration

default DescribeRiskConfigurationResponse describeRiskConfiguration(DescribeRiskConfigurationRequest describeRiskConfigurationRequest)
                                                             throws ResourceNotFoundException,
                                                                    InvalidParameterException,
                                                                    TooManyRequestsException,
                                                                    NotAuthorizedException,
                                                                    UserPoolAddOnNotEnabledException,
                                                                    InternalErrorException,
                                                                    AwsServiceException,
                                                                    SdkClientException,
                                                                    CognitoIdentityProviderException

Given an app client or user pool ID where threat protection is configured, describes the risk configuration. This operation returns details about adaptive authentication, compromised credentials, and IP-address allow- and denylists. For more information about threat protection, see Threat protection.

Parameters:

describeRiskConfigurationRequest -

Returns:

Result of the DescribeRiskConfiguration operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeRiskConfiguration

default DescribeRiskConfigurationResponse describeRiskConfiguration(Consumer<DescribeRiskConfigurationRequest.Builder> describeRiskConfigurationRequest)
                                                             throws ResourceNotFoundException,
                                                                    InvalidParameterException,
                                                                    TooManyRequestsException,
                                                                    NotAuthorizedException,
                                                                    UserPoolAddOnNotEnabledException,
                                                                    InternalErrorException,
                                                                    AwsServiceException,
                                                                    SdkClientException,
                                                                    CognitoIdentityProviderException

Given an app client or user pool ID where threat protection is configured, describes the risk configuration. This operation returns details about adaptive authentication, compromised credentials, and IP-address allow- and denylists. For more information about threat protection, see Threat protection.

This is a convenience which creates an instance of the DescribeRiskConfigurationRequest.Builder avoiding the need to create one manually via DescribeRiskConfigurationRequest.builder()

Parameters:

describeRiskConfigurationRequest - A Consumer that will call methods on DescribeRiskConfigurationRequest.Builder to create a request.

Returns:

Result of the DescribeRiskConfiguration operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeUserImportJob

default DescribeUserImportJobResponse describeUserImportJob(DescribeUserImportJobRequest describeUserImportJobRequest)
                                                     throws ResourceNotFoundException,
                                                            InvalidParameterException,
                                                            TooManyRequestsException,
                                                            NotAuthorizedException,
                                                            InternalErrorException,
                                                            AwsServiceException,
                                                            SdkClientException,
                                                            CognitoIdentityProviderException

Describes a user import job. For more information about user CSV import, see Importing users from a CSV file.

Parameters:

describeUserImportJobRequest - Represents the request to describe the user import job.

Returns:

Result of the DescribeUserImportJob operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeUserImportJob

default DescribeUserImportJobResponse describeUserImportJob(Consumer<DescribeUserImportJobRequest.Builder> describeUserImportJobRequest)
                                                     throws ResourceNotFoundException,
                                                            InvalidParameterException,
                                                            TooManyRequestsException,
                                                            NotAuthorizedException,
                                                            InternalErrorException,
                                                            AwsServiceException,
                                                            SdkClientException,
                                                            CognitoIdentityProviderException

Describes a user import job. For more information about user CSV import, see Importing users from a CSV file.

This is a convenience which creates an instance of the DescribeUserImportJobRequest.Builder avoiding the need to create one manually via DescribeUserImportJobRequest.builder()

Parameters:

describeUserImportJobRequest - A Consumer that will call methods on DescribeUserImportJobRequest.Builder to create a request. Represents the request to describe the user import job.

Returns:

Result of the DescribeUserImportJob operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeUserPool

default DescribeUserPoolResponse describeUserPool(DescribeUserPoolRequest describeUserPoolRequest)
                                           throws ResourceNotFoundException,
                                                  InvalidParameterException,
                                                  TooManyRequestsException,
                                                  NotAuthorizedException,
                                                  UserPoolTaggingException,
                                                  InternalErrorException,
                                                  AwsServiceException,
                                                  SdkClientException,
                                                  CognitoIdentityProviderException

Given a user pool ID, returns configuration information. This operation is useful when you want to inspect an existing user pool and programmatically replicate the configuration to another user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

describeUserPoolRequest - Represents the request to describe the user pool.

Returns:

Result of the DescribeUserPool operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserPoolTaggingException - This exception is thrown when a user pool tag can't be set or updated.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeUserPool

default DescribeUserPoolResponse describeUserPool(Consumer<DescribeUserPoolRequest.Builder> describeUserPoolRequest)
                                           throws ResourceNotFoundException,
                                                  InvalidParameterException,
                                                  TooManyRequestsException,
                                                  NotAuthorizedException,
                                                  UserPoolTaggingException,
                                                  InternalErrorException,
                                                  AwsServiceException,
                                                  SdkClientException,
                                                  CognitoIdentityProviderException

Given a user pool ID, returns configuration information. This operation is useful when you want to inspect an existing user pool and programmatically replicate the configuration to another user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the DescribeUserPoolRequest.Builder avoiding the need to create one manually via DescribeUserPoolRequest.builder()

Parameters:

describeUserPoolRequest - A Consumer that will call methods on DescribeUserPoolRequest.Builder to create a request. Represents the request to describe the user pool.

Returns:

Result of the DescribeUserPool operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserPoolTaggingException - This exception is thrown when a user pool tag can't be set or updated.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeUserPoolClient

default DescribeUserPoolClientResponse describeUserPoolClient(DescribeUserPoolClientRequest describeUserPoolClientRequest)
                                                       throws ResourceNotFoundException,
                                                              InvalidParameterException,
                                                              TooManyRequestsException,
                                                              NotAuthorizedException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Given an app client ID, returns configuration information. This operation is useful when you want to inspect an existing app client and programmatically replicate the configuration to another app client. For more information about app clients, see App clients.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

describeUserPoolClientRequest - Represents the request to describe a user pool client.

Returns:

Result of the DescribeUserPoolClient operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeUserPoolClient

default DescribeUserPoolClientResponse describeUserPoolClient(Consumer<DescribeUserPoolClientRequest.Builder> describeUserPoolClientRequest)
                                                       throws ResourceNotFoundException,
                                                              InvalidParameterException,
                                                              TooManyRequestsException,
                                                              NotAuthorizedException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Given an app client ID, returns configuration information. This operation is useful when you want to inspect an existing app client and programmatically replicate the configuration to another app client. For more information about app clients, see App clients.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the DescribeUserPoolClientRequest.Builder avoiding the need to create one manually via DescribeUserPoolClientRequest.builder()

Parameters:

describeUserPoolClientRequest - A Consumer that will call methods on DescribeUserPoolClientRequest.Builder to create a request. Represents the request to describe a user pool client.

Returns:

Result of the DescribeUserPoolClient operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeUserPoolDomain

default DescribeUserPoolDomainResponse describeUserPoolDomain(DescribeUserPoolDomainRequest describeUserPoolDomainRequest)
                                                       throws NotAuthorizedException,
                                                              InvalidParameterException,
                                                              ResourceNotFoundException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Given a user pool domain name, returns information about the domain configuration.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

describeUserPoolDomainRequest -

Returns:

Result of the DescribeUserPoolDomain operation returned by the service.

Throws:

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

describeUserPoolDomain

default DescribeUserPoolDomainResponse describeUserPoolDomain(Consumer<DescribeUserPoolDomainRequest.Builder> describeUserPoolDomainRequest)
                                                       throws NotAuthorizedException,
                                                              InvalidParameterException,
                                                              ResourceNotFoundException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Given a user pool domain name, returns information about the domain configuration.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the DescribeUserPoolDomainRequest.Builder avoiding the need to create one manually via DescribeUserPoolDomainRequest.builder()

Parameters:

describeUserPoolDomainRequest - A Consumer that will call methods on DescribeUserPoolDomainRequest.Builder to create a request.

Returns:

Result of the DescribeUserPoolDomain operation returned by the service.

Throws:

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

forgetDevice

default ForgetDeviceResponse forgetDevice(ForgetDeviceRequest forgetDeviceRequest)
                                   throws ResourceNotFoundException,
                                          InvalidParameterException,
                                          NotAuthorizedException,
                                          TooManyRequestsException,
                                          InvalidUserPoolConfigurationException,
                                          PasswordResetRequiredException,
                                          UserNotFoundException,
                                          UserNotConfirmedException,
                                          InternalErrorException,
                                          ForbiddenException,
                                          AwsServiceException,
                                          SdkClientException,
                                          CognitoIdentityProviderException

Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

forgetDeviceRequest - Represents the request to forget the device.

Returns:

Result of the ForgetDevice operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

forgetDevice

default ForgetDeviceResponse forgetDevice(Consumer<ForgetDeviceRequest.Builder> forgetDeviceRequest)
                                   throws ResourceNotFoundException,
                                          InvalidParameterException,
                                          NotAuthorizedException,
                                          TooManyRequestsException,
                                          InvalidUserPoolConfigurationException,
                                          PasswordResetRequiredException,
                                          UserNotFoundException,
                                          UserNotConfirmedException,
                                          InternalErrorException,
                                          ForbiddenException,
                                          AwsServiceException,
                                          SdkClientException,
                                          CognitoIdentityProviderException

Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the ForgetDeviceRequest.Builder avoiding the need to create one manually via ForgetDeviceRequest.builder()

Parameters:

forgetDeviceRequest - A Consumer that will call methods on ForgetDeviceRequest.Builder to create a request. Represents the request to forget the device.

Returns:

Result of the ForgetDevice operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

forgotPassword

default ForgotPasswordResponse forgotPassword(ForgotPasswordRequest forgotPasswordRequest)
                                       throws ResourceNotFoundException,
                                              InvalidParameterException,
                                              UnexpectedLambdaException,
                                              UserLambdaValidationException,
                                              NotAuthorizedException,
                                              InvalidLambdaResponseException,
                                              TooManyRequestsException,
                                              LimitExceededException,
                                              InvalidSmsRoleAccessPolicyException,
                                              InvalidSmsRoleTrustRelationshipException,
                                              InvalidEmailRoleAccessPolicyException,
                                              CodeDeliveryFailureException,
                                              UserNotFoundException,
                                              InternalErrorException,
                                              ForbiddenException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the password, call ConfirmForgotPassword.

If neither a verified phone number nor a verified email exists, this API returns InvalidParameterException. If your app client has a client secret and you don't provide a SECRET_HASH parameter, this API returns NotAuthorizedException.

To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Parameters:

forgotPasswordRequest - Represents the request to reset a user's password.

Returns:

Result of the ForgotPassword operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

forgotPassword

default ForgotPasswordResponse forgotPassword(Consumer<ForgotPasswordRequest.Builder> forgotPasswordRequest)
                                       throws ResourceNotFoundException,
                                              InvalidParameterException,
                                              UnexpectedLambdaException,
                                              UserLambdaValidationException,
                                              NotAuthorizedException,
                                              InvalidLambdaResponseException,
                                              TooManyRequestsException,
                                              LimitExceededException,
                                              InvalidSmsRoleAccessPolicyException,
                                              InvalidSmsRoleTrustRelationshipException,
                                              InvalidEmailRoleAccessPolicyException,
                                              CodeDeliveryFailureException,
                                              UserNotFoundException,
                                              InternalErrorException,
                                              ForbiddenException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the password, call ConfirmForgotPassword.

If neither a verified phone number nor a verified email exists, this API returns InvalidParameterException. If your app client has a client secret and you don't provide a SECRET_HASH parameter, this API returns NotAuthorizedException.

To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

This is a convenience which creates an instance of the ForgotPasswordRequest.Builder avoiding the need to create one manually via ForgotPasswordRequest.builder()

Parameters:

forgotPasswordRequest - A Consumer that will call methods on ForgotPasswordRequest.Builder to create a request. Represents the request to reset a user's password.

Returns:

Result of the ForgotPassword operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getCSVHeader

default GetCsvHeaderResponse getCSVHeader(GetCsvHeaderRequest getCsvHeaderRequest)
                                   throws ResourceNotFoundException,
                                          InvalidParameterException,
                                          TooManyRequestsException,
                                          NotAuthorizedException,
                                          InternalErrorException,
                                          AwsServiceException,
                                          SdkClientException,
                                          CognitoIdentityProviderException

Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.

Parameters:

getCsvHeaderRequest - Represents the request to get the header information of the CSV file for the user import job.

Returns:

Result of the GetCSVHeader operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getCSVHeader

default GetCsvHeaderResponse getCSVHeader(Consumer<GetCsvHeaderRequest.Builder> getCsvHeaderRequest)
                                   throws ResourceNotFoundException,
                                          InvalidParameterException,
                                          TooManyRequestsException,
                                          NotAuthorizedException,
                                          InternalErrorException,
                                          AwsServiceException,
                                          SdkClientException,
                                          CognitoIdentityProviderException

Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.

This is a convenience which creates an instance of the GetCsvHeaderRequest.Builder avoiding the need to create one manually via GetCsvHeaderRequest.builder()

Parameters:

getCsvHeaderRequest - A Consumer that will call methods on GetCsvHeaderRequest.Builder to create a request. Represents the request to get the header information of the CSV file for the user import job.

Returns:

Result of the GetCSVHeader operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getDevice

default GetDeviceResponse getDevice(GetDeviceRequest getDeviceRequest)
                             throws ResourceNotFoundException,
                                    InvalidParameterException,
                                    InvalidUserPoolConfigurationException,
                                    NotAuthorizedException,
                                    TooManyRequestsException,
                                    PasswordResetRequiredException,
                                    UserNotFoundException,
                                    UserNotConfirmedException,
                                    InternalErrorException,
                                    ForbiddenException,
                                    AwsServiceException,
                                    SdkClientException,
                                    CognitoIdentityProviderException

Gets the device. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

getDeviceRequest - Represents the request to get the device.

Returns:

Result of the GetDevice operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getDevice

default GetDeviceResponse getDevice(Consumer<GetDeviceRequest.Builder> getDeviceRequest)
                             throws ResourceNotFoundException,
                                    InvalidParameterException,
                                    InvalidUserPoolConfigurationException,
                                    NotAuthorizedException,
                                    TooManyRequestsException,
                                    PasswordResetRequiredException,
                                    UserNotFoundException,
                                    UserNotConfirmedException,
                                    InternalErrorException,
                                    ForbiddenException,
                                    AwsServiceException,
                                    SdkClientException,
                                    CognitoIdentityProviderException

Gets the device. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the GetDeviceRequest.Builder avoiding the need to create one manually via GetDeviceRequest.builder()

Parameters:

getDeviceRequest - A Consumer that will call methods on GetDeviceRequest.Builder to create a request. Represents the request to get the device.

Returns:

Result of the GetDevice operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getGroup

default GetGroupResponse getGroup(GetGroupRequest getGroupRequest)
                           throws ResourceNotFoundException,
                                  InvalidParameterException,
                                  TooManyRequestsException,
                                  NotAuthorizedException,
                                  InternalErrorException,
                                  AwsServiceException,
                                  SdkClientException,
                                  CognitoIdentityProviderException

Gets a group.

Calling this action requires developer credentials.

Parameters:

getGroupRequest -

Returns:

Result of the GetGroup operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getGroup

default GetGroupResponse getGroup(Consumer<GetGroupRequest.Builder> getGroupRequest)
                           throws ResourceNotFoundException,
                                  InvalidParameterException,
                                  TooManyRequestsException,
                                  NotAuthorizedException,
                                  InternalErrorException,
                                  AwsServiceException,
                                  SdkClientException,
                                  CognitoIdentityProviderException

Gets a group.

Calling this action requires developer credentials.

This is a convenience which creates an instance of the GetGroupRequest.Builder avoiding the need to create one manually via GetGroupRequest.builder()

Parameters:

getGroupRequest - A Consumer that will call methods on GetGroupRequest.Builder to create a request.

Returns:

Result of the GetGroup operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getIdentityProviderByIdentifier

default GetIdentityProviderByIdentifierResponse getIdentityProviderByIdentifier(GetIdentityProviderByIdentifierRequest getIdentityProviderByIdentifierRequest)
                                                                         throws InvalidParameterException,
                                                                                ResourceNotFoundException,
                                                                                NotAuthorizedException,
                                                                                TooManyRequestsException,
                                                                                InternalErrorException,
                                                                                AwsServiceException,
                                                                                SdkClientException,
                                                                                CognitoIdentityProviderException

Gets the specified IdP.

Parameters:

getIdentityProviderByIdentifierRequest -

Returns:

Result of the GetIdentityProviderByIdentifier operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getIdentityProviderByIdentifier

default GetIdentityProviderByIdentifierResponse getIdentityProviderByIdentifier(Consumer<GetIdentityProviderByIdentifierRequest.Builder> getIdentityProviderByIdentifierRequest)
                                                                         throws InvalidParameterException,
                                                                                ResourceNotFoundException,
                                                                                NotAuthorizedException,
                                                                                TooManyRequestsException,
                                                                                InternalErrorException,
                                                                                AwsServiceException,
                                                                                SdkClientException,
                                                                                CognitoIdentityProviderException

Gets the specified IdP.

This is a convenience which creates an instance of the GetIdentityProviderByIdentifierRequest.Builder avoiding the need to create one manually via GetIdentityProviderByIdentifierRequest.builder()

Parameters:

getIdentityProviderByIdentifierRequest - A Consumer that will call methods on GetIdentityProviderByIdentifierRequest.Builder to create a request.

Returns:

Result of the GetIdentityProviderByIdentifier operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getLogDeliveryConfiguration

default GetLogDeliveryConfigurationResponse getLogDeliveryConfiguration(GetLogDeliveryConfigurationRequest getLogDeliveryConfigurationRequest)
                                                                 throws InvalidParameterException,
                                                                        InternalErrorException,
                                                                        TooManyRequestsException,
                                                                        NotAuthorizedException,
                                                                        ResourceNotFoundException,
                                                                        AwsServiceException,
                                                                        SdkClientException,
                                                                        CognitoIdentityProviderException

Gets the logging configuration of a user pool.

Parameters:

getLogDeliveryConfigurationRequest -

Returns:

Result of the GetLogDeliveryConfiguration operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getLogDeliveryConfiguration

default GetLogDeliveryConfigurationResponse getLogDeliveryConfiguration(Consumer<GetLogDeliveryConfigurationRequest.Builder> getLogDeliveryConfigurationRequest)
                                                                 throws InvalidParameterException,
                                                                        InternalErrorException,
                                                                        TooManyRequestsException,
                                                                        NotAuthorizedException,
                                                                        ResourceNotFoundException,
                                                                        AwsServiceException,
                                                                        SdkClientException,
                                                                        CognitoIdentityProviderException

Gets the logging configuration of a user pool.

This is a convenience which creates an instance of the GetLogDeliveryConfigurationRequest.Builder avoiding the need to create one manually via GetLogDeliveryConfigurationRequest.builder()

Parameters:

getLogDeliveryConfigurationRequest - A Consumer that will call methods on GetLogDeliveryConfigurationRequest.Builder to create a request.

Returns:

Result of the GetLogDeliveryConfiguration operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getSigningCertificate

default GetSigningCertificateResponse getSigningCertificate(GetSigningCertificateRequest getSigningCertificateRequest)
                                                     throws InternalErrorException,
                                                            InvalidParameterException,
                                                            ResourceNotFoundException,
                                                            AwsServiceException,
                                                            SdkClientException,
                                                            CognitoIdentityProviderException

This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.

Amazon Cognito issues and assigns a new signing certificate annually. This process returns a new value in the response to GetSigningCertificate, but doesn't invalidate the original certificate.

Parameters:

getSigningCertificateRequest - Request to get a signing certificate from Amazon Cognito.

Returns:

Result of the GetSigningCertificate operation returned by the service.

Throws:

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getSigningCertificate

default GetSigningCertificateResponse getSigningCertificate(Consumer<GetSigningCertificateRequest.Builder> getSigningCertificateRequest)
                                                     throws InternalErrorException,
                                                            InvalidParameterException,
                                                            ResourceNotFoundException,
                                                            AwsServiceException,
                                                            SdkClientException,
                                                            CognitoIdentityProviderException

This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.

Amazon Cognito issues and assigns a new signing certificate annually. This process returns a new value in the response to GetSigningCertificate, but doesn't invalidate the original certificate.

This is a convenience which creates an instance of the GetSigningCertificateRequest.Builder avoiding the need to create one manually via GetSigningCertificateRequest.builder()

Parameters:

getSigningCertificateRequest - A Consumer that will call methods on GetSigningCertificateRequest.Builder to create a request. Request to get a signing certificate from Amazon Cognito.

Returns:

Result of the GetSigningCertificate operation returned by the service.

Throws:

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getUICustomization

default GetUiCustomizationResponse getUICustomization(GetUiCustomizationRequest getUiCustomizationRequest)
                                               throws InvalidParameterException,
                                                      ResourceNotFoundException,
                                                      NotAuthorizedException,
                                                      TooManyRequestsException,
                                                      InternalErrorException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client. If nothing is set for the particular client, but there is an existing pool level customization (the app clientId is ALL), then that information is returned. If nothing is present, then an empty shape is returned.

Parameters:

getUiCustomizationRequest -

Returns:

Result of the GetUICustomization operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getUICustomization

default GetUiCustomizationResponse getUICustomization(Consumer<GetUiCustomizationRequest.Builder> getUiCustomizationRequest)
                                               throws InvalidParameterException,
                                                      ResourceNotFoundException,
                                                      NotAuthorizedException,
                                                      TooManyRequestsException,
                                                      InternalErrorException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client. If nothing is set for the particular client, but there is an existing pool level customization (the app clientId is ALL), then that information is returned. If nothing is present, then an empty shape is returned.

This is a convenience which creates an instance of the GetUiCustomizationRequest.Builder avoiding the need to create one manually via GetUiCustomizationRequest.builder()

Parameters:

getUiCustomizationRequest - A Consumer that will call methods on GetUiCustomizationRequest.Builder to create a request.

Returns:

Result of the GetUICustomization operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getUser

default GetUserResponse getUser(GetUserRequest getUserRequest)
                         throws ResourceNotFoundException,
                                InvalidParameterException,
                                NotAuthorizedException,
                                TooManyRequestsException,
                                PasswordResetRequiredException,
                                UserNotFoundException,
                                UserNotConfirmedException,
                                InternalErrorException,
                                ForbiddenException,
                                AwsServiceException,
                                SdkClientException,
                                CognitoIdentityProviderException

Gets the user attributes and metadata for a user.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

getUserRequest - Represents the request to get information about the user.

Returns:

Result of the GetUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getUser

default GetUserResponse getUser(Consumer<GetUserRequest.Builder> getUserRequest)
                         throws ResourceNotFoundException,
                                InvalidParameterException,
                                NotAuthorizedException,
                                TooManyRequestsException,
                                PasswordResetRequiredException,
                                UserNotFoundException,
                                UserNotConfirmedException,
                                InternalErrorException,
                                ForbiddenException,
                                AwsServiceException,
                                SdkClientException,
                                CognitoIdentityProviderException

Gets the user attributes and metadata for a user.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the GetUserRequest.Builder avoiding the need to create one manually via GetUserRequest.builder()

Parameters:

getUserRequest - A Consumer that will call methods on GetUserRequest.Builder to create a request. Represents the request to get information about the user.

Returns:

Result of the GetUser operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getUserAttributeVerificationCode

default GetUserAttributeVerificationCodeResponse getUserAttributeVerificationCode(GetUserAttributeVerificationCodeRequest getUserAttributeVerificationCodeRequest)
                                                                           throws ResourceNotFoundException,
                                                                                  InvalidParameterException,
                                                                                  TooManyRequestsException,
                                                                                  NotAuthorizedException,
                                                                                  UnexpectedLambdaException,
                                                                                  UserLambdaValidationException,
                                                                                  InvalidLambdaResponseException,
                                                                                  InvalidSmsRoleAccessPolicyException,
                                                                                  InvalidSmsRoleTrustRelationshipException,
                                                                                  InvalidEmailRoleAccessPolicyException,
                                                                                  CodeDeliveryFailureException,
                                                                                  LimitExceededException,
                                                                                  PasswordResetRequiredException,
                                                                                  UserNotFoundException,
                                                                                  UserNotConfirmedException,
                                                                                  InternalErrorException,
                                                                                  ForbiddenException,
                                                                                  AwsServiceException,
                                                                                  SdkClientException,
                                                                                  CognitoIdentityProviderException

Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Parameters:

getUserAttributeVerificationCodeRequest - Represents the request to get user attribute verification.

Returns:

Result of the GetUserAttributeVerificationCode operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getUserAttributeVerificationCode

default GetUserAttributeVerificationCodeResponse getUserAttributeVerificationCode(Consumer<GetUserAttributeVerificationCodeRequest.Builder> getUserAttributeVerificationCodeRequest)
                                                                           throws ResourceNotFoundException,
                                                                                  InvalidParameterException,
                                                                                  TooManyRequestsException,
                                                                                  NotAuthorizedException,
                                                                                  UnexpectedLambdaException,
                                                                                  UserLambdaValidationException,
                                                                                  InvalidLambdaResponseException,
                                                                                  InvalidSmsRoleAccessPolicyException,
                                                                                  InvalidSmsRoleTrustRelationshipException,
                                                                                  InvalidEmailRoleAccessPolicyException,
                                                                                  CodeDeliveryFailureException,
                                                                                  LimitExceededException,
                                                                                  PasswordResetRequiredException,
                                                                                  UserNotFoundException,
                                                                                  UserNotConfirmedException,
                                                                                  InternalErrorException,
                                                                                  ForbiddenException,
                                                                                  AwsServiceException,
                                                                                  SdkClientException,
                                                                                  CognitoIdentityProviderException

Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

This is a convenience which creates an instance of the GetUserAttributeVerificationCodeRequest.Builder avoiding the need to create one manually via GetUserAttributeVerificationCodeRequest.builder()

Parameters:

getUserAttributeVerificationCodeRequest - A Consumer that will call methods on GetUserAttributeVerificationCodeRequest.Builder to create a request. Represents the request to get user attribute verification.

Returns:

Result of the GetUserAttributeVerificationCode operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getUserAuthFactors

default GetUserAuthFactorsResponse getUserAuthFactors(GetUserAuthFactorsRequest getUserAuthFactorsRequest)
                                               throws ResourceNotFoundException,
                                                      InvalidParameterException,
                                                      NotAuthorizedException,
                                                      TooManyRequestsException,
                                                      PasswordResetRequiredException,
                                                      UserNotFoundException,
                                                      UserNotConfirmedException,
                                                      InternalErrorException,
                                                      ForbiddenException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Lists the authentication options for the currently signed-in user. Returns the following:

1. The user's multi-factor authentication (MFA) preferences.

2. The user's options in the USER_AUTH flow that they can select in a SELECT_CHALLENGE response or request in a PREFERRED_CHALLENGErequest.

Parameters:

getUserAuthFactorsRequest -

Returns:

Result of the GetUserAuthFactors operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getUserAuthFactors

default GetUserAuthFactorsResponse getUserAuthFactors(Consumer<GetUserAuthFactorsRequest.Builder> getUserAuthFactorsRequest)
                                               throws ResourceNotFoundException,
                                                      InvalidParameterException,
                                                      NotAuthorizedException,
                                                      TooManyRequestsException,
                                                      PasswordResetRequiredException,
                                                      UserNotFoundException,
                                                      UserNotConfirmedException,
                                                      InternalErrorException,
                                                      ForbiddenException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Lists the authentication options for the currently signed-in user. Returns the following:

1. The user's multi-factor authentication (MFA) preferences.

2. The user's options in the USER_AUTH flow that they can select in a SELECT_CHALLENGE response or request in a PREFERRED_CHALLENGErequest.

This is a convenience which creates an instance of the GetUserAuthFactorsRequest.Builder avoiding the need to create one manually via GetUserAuthFactorsRequest.builder()

Parameters:

getUserAuthFactorsRequest - A Consumer that will call methods on GetUserAuthFactorsRequest.Builder to create a request.

Returns:

Result of the GetUserAuthFactors operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getUserPoolMfaConfig

default GetUserPoolMfaConfigResponse getUserPoolMfaConfig(GetUserPoolMfaConfigRequest getUserPoolMfaConfigRequest)
                                                   throws InvalidParameterException,
                                                          TooManyRequestsException,
                                                          ResourceNotFoundException,
                                                          NotAuthorizedException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Gets the user pool multi-factor authentication (MFA) configuration.

Parameters:

getUserPoolMfaConfigRequest -

Returns:

Result of the GetUserPoolMfaConfig operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

getUserPoolMfaConfig

default GetUserPoolMfaConfigResponse getUserPoolMfaConfig(Consumer<GetUserPoolMfaConfigRequest.Builder> getUserPoolMfaConfigRequest)
                                                   throws InvalidParameterException,
                                                          TooManyRequestsException,
                                                          ResourceNotFoundException,
                                                          NotAuthorizedException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Gets the user pool multi-factor authentication (MFA) configuration.

This is a convenience which creates an instance of the GetUserPoolMfaConfigRequest.Builder avoiding the need to create one manually via GetUserPoolMfaConfigRequest.builder()

Parameters:

getUserPoolMfaConfigRequest - A Consumer that will call methods on GetUserPoolMfaConfigRequest.Builder to create a request.

Returns:

Result of the GetUserPoolMfaConfig operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

globalSignOut

default GlobalSignOutResponse globalSignOut(GlobalSignOutRequest globalSignOutRequest)
                                     throws ResourceNotFoundException,
                                            InvalidParameterException,
                                            NotAuthorizedException,
                                            TooManyRequestsException,
                                            PasswordResetRequiredException,
                                            UserNotConfirmedException,
                                            InternalErrorException,
                                            ForbiddenException,
                                            AwsServiceException,
                                            SdkClientException,
                                            CognitoIdentityProviderException

Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.

• Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.

  Amazon Cognito returns an Access Token has been revoked error when your app attempts to authorize a user pools API request with a revoked access token that contains the scope aws.cognito.signin.user.admin.

• Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with ServerSideTokenCheck enabled for its user pool IdP configuration in CognitoIdentityProvider.

• Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.

Other requests might be valid until your user's token expires. This operation doesn't clear the managed login session cookie. To clear the session for a user who signed in with managed login or the classic hosted UI, direct their browser session to the logout endpoint.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

globalSignOutRequest - Represents the request to sign out all devices.

Returns:

Result of the GlobalSignOut operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

globalSignOut

default GlobalSignOutResponse globalSignOut(Consumer<GlobalSignOutRequest.Builder> globalSignOutRequest)
                                     throws ResourceNotFoundException,
                                            InvalidParameterException,
                                            NotAuthorizedException,
                                            TooManyRequestsException,
                                            PasswordResetRequiredException,
                                            UserNotConfirmedException,
                                            InternalErrorException,
                                            ForbiddenException,
                                            AwsServiceException,
                                            SdkClientException,
                                            CognitoIdentityProviderException

Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.

• Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user's access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.

  Amazon Cognito returns an Access Token has been revoked error when your app attempts to authorize a user pools API request with a revoked access token that contains the scope aws.cognito.signin.user.admin.

• Amazon Cognito no longer accepts a signed-out user's ID token in a GetId request to an identity pool with ServerSideTokenCheck enabled for its user pool IdP configuration in CognitoIdentityProvider.

• Amazon Cognito no longer accepts a signed-out user's refresh tokens in refresh requests.

Other requests might be valid until your user's token expires. This operation doesn't clear the managed login session cookie. To clear the session for a user who signed in with managed login or the classic hosted UI, direct their browser session to the logout endpoint.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the GlobalSignOutRequest.Builder avoiding the need to create one manually via GlobalSignOutRequest.builder()

Parameters:

globalSignOutRequest - A Consumer that will call methods on GlobalSignOutRequest.Builder to create a request. Represents the request to sign out all devices.

Returns:

Result of the GlobalSignOut operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

initiateAuth

default InitiateAuthResponse initiateAuth(InitiateAuthRequest initiateAuthRequest)
                                   throws ResourceNotFoundException,
                                          InvalidParameterException,
                                          NotAuthorizedException,
                                          TooManyRequestsException,
                                          UnexpectedLambdaException,
                                          InvalidUserPoolConfigurationException,
                                          UserLambdaValidationException,
                                          InvalidLambdaResponseException,
                                          PasswordResetRequiredException,
                                          UserNotFoundException,
                                          UserNotConfirmedException,
                                          InternalErrorException,
                                          InvalidSmsRoleAccessPolicyException,
                                          InvalidEmailRoleAccessPolicyException,
                                          InvalidSmsRoleTrustRelationshipException,
                                          ForbiddenException,
                                          AwsServiceException,
                                          SdkClientException,
                                          CognitoIdentityProviderException

Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with InitiateAuth. For more information, see Adding user pool sign-in through a third party.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Parameters:

initiateAuthRequest - Initiates the authentication request.

Returns:

Result of the InitiateAuth operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

initiateAuth

default InitiateAuthResponse initiateAuth(Consumer<InitiateAuthRequest.Builder> initiateAuthRequest)
                                   throws ResourceNotFoundException,
                                          InvalidParameterException,
                                          NotAuthorizedException,
                                          TooManyRequestsException,
                                          UnexpectedLambdaException,
                                          InvalidUserPoolConfigurationException,
                                          UserLambdaValidationException,
                                          InvalidLambdaResponseException,
                                          PasswordResetRequiredException,
                                          UserNotFoundException,
                                          UserNotConfirmedException,
                                          InternalErrorException,
                                          InvalidSmsRoleAccessPolicyException,
                                          InvalidEmailRoleAccessPolicyException,
                                          InvalidSmsRoleTrustRelationshipException,
                                          ForbiddenException,
                                          AwsServiceException,
                                          SdkClientException,
                                          CognitoIdentityProviderException

Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with InitiateAuth. For more information, see Adding user pool sign-in through a third party.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

This is a convenience which creates an instance of the InitiateAuthRequest.Builder avoiding the need to create one manually via InitiateAuthRequest.builder()

Parameters:

initiateAuthRequest - A Consumer that will call methods on InitiateAuthRequest.Builder to create a request. Initiates the authentication request.

Returns:

Result of the InitiateAuth operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listDevices

default ListDevicesResponse listDevices(ListDevicesRequest listDevicesRequest)
                                 throws InvalidParameterException,
                                        ResourceNotFoundException,
                                        NotAuthorizedException,
                                        InvalidUserPoolConfigurationException,
                                        TooManyRequestsException,
                                        PasswordResetRequiredException,
                                        UserNotFoundException,
                                        UserNotConfirmedException,
                                        InternalErrorException,
                                        ForbiddenException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

listDevicesRequest - Represents the request to list the devices.

Returns:

Result of the ListDevices operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listDevices

default ListDevicesResponse listDevices(Consumer<ListDevicesRequest.Builder> listDevicesRequest)
                                 throws InvalidParameterException,
                                        ResourceNotFoundException,
                                        NotAuthorizedException,
                                        InvalidUserPoolConfigurationException,
                                        TooManyRequestsException,
                                        PasswordResetRequiredException,
                                        UserNotFoundException,
                                        UserNotConfirmedException,
                                        InternalErrorException,
                                        ForbiddenException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the ListDevicesRequest.Builder avoiding the need to create one manually via ListDevicesRequest.builder()

Parameters:

listDevicesRequest - A Consumer that will call methods on ListDevicesRequest.Builder to create a request. Represents the request to list the devices.

Returns:

Result of the ListDevices operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listGroups

default ListGroupsResponse listGroups(ListGroupsRequest listGroupsRequest)
                               throws InvalidParameterException,
                                      ResourceNotFoundException,
                                      TooManyRequestsException,
                                      NotAuthorizedException,
                                      InternalErrorException,
                                      AwsServiceException,
                                      SdkClientException,
                                      CognitoIdentityProviderException

Lists the groups associated with a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

listGroupsRequest -

Returns:

Result of the ListGroups operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listGroups

default ListGroupsResponse listGroups(Consumer<ListGroupsRequest.Builder> listGroupsRequest)
                               throws InvalidParameterException,
                                      ResourceNotFoundException,
                                      TooManyRequestsException,
                                      NotAuthorizedException,
                                      InternalErrorException,
                                      AwsServiceException,
                                      SdkClientException,
                                      CognitoIdentityProviderException

Lists the groups associated with a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the ListGroupsRequest.Builder avoiding the need to create one manually via ListGroupsRequest.builder()

Parameters:

listGroupsRequest - A Consumer that will call methods on ListGroupsRequest.Builder to create a request.

Returns:

Result of the ListGroups operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listGroupsPaginator

default ListGroupsIterable listGroupsPaginator(ListGroupsRequest listGroupsRequest)
                                        throws InvalidParameterException,
                                               ResourceNotFoundException,
                                               TooManyRequestsException,
                                               NotAuthorizedException,
                                               InternalErrorException,
                                               AwsServiceException,
                                               SdkClientException,
                                               CognitoIdentityProviderException

This is a variant of listGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client
             .listGroupsPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest) operation.

Parameters:

listGroupsRequest -

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listGroupsPaginator

default ListGroupsIterable listGroupsPaginator(Consumer<ListGroupsRequest.Builder> listGroupsRequest)
                                        throws InvalidParameterException,
                                               ResourceNotFoundException,
                                               TooManyRequestsException,
                                               NotAuthorizedException,
                                               InternalErrorException,
                                               AwsServiceException,
                                               SdkClientException,
                                               CognitoIdentityProviderException

This is a variant of listGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client
             .listGroupsPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listGroups(software.amazon.awssdk.services.cognitoidentityprovider.model.ListGroupsRequest) operation.

This is a convenience which creates an instance of the ListGroupsRequest.Builder avoiding the need to create one manually via ListGroupsRequest.builder()

Parameters:

listGroupsRequest - A Consumer that will call methods on ListGroupsRequest.Builder to create a request.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listIdentityProviders

default ListIdentityProvidersResponse listIdentityProviders(ListIdentityProvidersRequest listIdentityProvidersRequest)
                                                     throws InvalidParameterException,
                                                            ResourceNotFoundException,
                                                            NotAuthorizedException,
                                                            TooManyRequestsException,
                                                            InternalErrorException,
                                                            AwsServiceException,
                                                            SdkClientException,
                                                            CognitoIdentityProviderException

Lists information about all IdPs for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

listIdentityProvidersRequest -

Returns:

Result of the ListIdentityProviders operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listIdentityProviders

default ListIdentityProvidersResponse listIdentityProviders(Consumer<ListIdentityProvidersRequest.Builder> listIdentityProvidersRequest)
                                                     throws InvalidParameterException,
                                                            ResourceNotFoundException,
                                                            NotAuthorizedException,
                                                            TooManyRequestsException,
                                                            InternalErrorException,
                                                            AwsServiceException,
                                                            SdkClientException,
                                                            CognitoIdentityProviderException

Lists information about all IdPs for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the ListIdentityProvidersRequest.Builder avoiding the need to create one manually via ListIdentityProvidersRequest.builder()

Parameters:

listIdentityProvidersRequest - A Consumer that will call methods on ListIdentityProvidersRequest.Builder to create a request.

Returns:

Result of the ListIdentityProviders operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listIdentityProvidersPaginator

default ListIdentityProvidersIterable listIdentityProvidersPaginator(ListIdentityProvidersRequest listIdentityProvidersRequest)
                                                              throws InvalidParameterException,
                                                                     ResourceNotFoundException,
                                                                     NotAuthorizedException,
                                                                     TooManyRequestsException,
                                                                     InternalErrorException,
                                                                     AwsServiceException,
                                                                     SdkClientException,
                                                                     CognitoIdentityProviderException

This is a variant of listIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client.listIdentityProvidersPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client
             .listIdentityProvidersPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client.listIdentityProvidersPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest) operation.

Parameters:

listIdentityProvidersRequest -

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listIdentityProvidersPaginator

default ListIdentityProvidersIterable listIdentityProvidersPaginator(Consumer<ListIdentityProvidersRequest.Builder> listIdentityProvidersRequest)
                                                              throws InvalidParameterException,
                                                                     ResourceNotFoundException,
                                                                     NotAuthorizedException,
                                                                     TooManyRequestsException,
                                                                     InternalErrorException,
                                                                     AwsServiceException,
                                                                     SdkClientException,
                                                                     CognitoIdentityProviderException

This is a variant of listIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client.listIdentityProvidersPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client
             .listIdentityProvidersPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListIdentityProvidersIterable responses = client.listIdentityProvidersPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listIdentityProviders(software.amazon.awssdk.services.cognitoidentityprovider.model.ListIdentityProvidersRequest) operation.

This is a convenience which creates an instance of the ListIdentityProvidersRequest.Builder avoiding the need to create one manually via ListIdentityProvidersRequest.builder()

Parameters:

listIdentityProvidersRequest - A Consumer that will call methods on ListIdentityProvidersRequest.Builder to create a request.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listResourceServers

default ListResourceServersResponse listResourceServers(ListResourceServersRequest listResourceServersRequest)
                                                 throws InvalidParameterException,
                                                        ResourceNotFoundException,
                                                        NotAuthorizedException,
                                                        TooManyRequestsException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Lists the resource servers for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

listResourceServersRequest -

Returns:

Result of the ListResourceServers operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listResourceServers

default ListResourceServersResponse listResourceServers(Consumer<ListResourceServersRequest.Builder> listResourceServersRequest)
                                                 throws InvalidParameterException,
                                                        ResourceNotFoundException,
                                                        NotAuthorizedException,
                                                        TooManyRequestsException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Lists the resource servers for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the ListResourceServersRequest.Builder avoiding the need to create one manually via ListResourceServersRequest.builder()

Parameters:

listResourceServersRequest - A Consumer that will call methods on ListResourceServersRequest.Builder to create a request.

Returns:

Result of the ListResourceServers operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listResourceServersPaginator

default ListResourceServersIterable listResourceServersPaginator(ListResourceServersRequest listResourceServersRequest)
                                                          throws InvalidParameterException,
                                                                 ResourceNotFoundException,
                                                                 NotAuthorizedException,
                                                                 TooManyRequestsException,
                                                                 InternalErrorException,
                                                                 AwsServiceException,
                                                                 SdkClientException,
                                                                 CognitoIdentityProviderException

This is a variant of listResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client.listResourceServersPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client
             .listResourceServersPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client.listResourceServersPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest) operation.

Parameters:

listResourceServersRequest -

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listResourceServersPaginator

default ListResourceServersIterable listResourceServersPaginator(Consumer<ListResourceServersRequest.Builder> listResourceServersRequest)
                                                          throws InvalidParameterException,
                                                                 ResourceNotFoundException,
                                                                 NotAuthorizedException,
                                                                 TooManyRequestsException,
                                                                 InternalErrorException,
                                                                 AwsServiceException,
                                                                 SdkClientException,
                                                                 CognitoIdentityProviderException

This is a variant of listResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client.listResourceServersPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client
             .listResourceServersPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListResourceServersIterable responses = client.listResourceServersPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listResourceServers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListResourceServersRequest) operation.

This is a convenience which creates an instance of the ListResourceServersRequest.Builder avoiding the need to create one manually via ListResourceServersRequest.builder()

Parameters:

listResourceServersRequest - A Consumer that will call methods on ListResourceServersRequest.Builder to create a request.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listTagsForResource

default ListTagsForResourceResponse listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest)
                                                 throws ResourceNotFoundException,
                                                        NotAuthorizedException,
                                                        TooManyRequestsException,
                                                        InvalidParameterException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Lists the tags that are assigned to an Amazon Cognito user pool.

A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

You can use this action up to 10 times per second, per account.

Parameters:

listTagsForResourceRequest -

Returns:

Result of the ListTagsForResource operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listTagsForResource

default ListTagsForResourceResponse listTagsForResource(Consumer<ListTagsForResourceRequest.Builder> listTagsForResourceRequest)
                                                 throws ResourceNotFoundException,
                                                        NotAuthorizedException,
                                                        TooManyRequestsException,
                                                        InvalidParameterException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Lists the tags that are assigned to an Amazon Cognito user pool.

A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

You can use this action up to 10 times per second, per account.

This is a convenience which creates an instance of the ListTagsForResourceRequest.Builder avoiding the need to create one manually via ListTagsForResourceRequest.builder()

Parameters:

listTagsForResourceRequest - A Consumer that will call methods on ListTagsForResourceRequest.Builder to create a request.

Returns:

Result of the ListTagsForResource operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUserImportJobs

default ListUserImportJobsResponse listUserImportJobs(ListUserImportJobsRequest listUserImportJobsRequest)
                                               throws ResourceNotFoundException,
                                                      InvalidParameterException,
                                                      TooManyRequestsException,
                                                      NotAuthorizedException,
                                                      InternalErrorException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Lists user import jobs for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

listUserImportJobsRequest - Represents the request to list the user import jobs.

Returns:

Result of the ListUserImportJobs operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUserImportJobs

default ListUserImportJobsResponse listUserImportJobs(Consumer<ListUserImportJobsRequest.Builder> listUserImportJobsRequest)
                                               throws ResourceNotFoundException,
                                                      InvalidParameterException,
                                                      TooManyRequestsException,
                                                      NotAuthorizedException,
                                                      InternalErrorException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Lists user import jobs for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the ListUserImportJobsRequest.Builder avoiding the need to create one manually via ListUserImportJobsRequest.builder()

Parameters:

listUserImportJobsRequest - A Consumer that will call methods on ListUserImportJobsRequest.Builder to create a request. Represents the request to list the user import jobs.

Returns:

Result of the ListUserImportJobs operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUserPoolClients

default ListUserPoolClientsResponse listUserPoolClients(ListUserPoolClientsRequest listUserPoolClientsRequest)
                                                 throws InvalidParameterException,
                                                        ResourceNotFoundException,
                                                        TooManyRequestsException,
                                                        NotAuthorizedException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Lists the clients that have been created for the specified user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

listUserPoolClientsRequest - Represents the request to list the user pool clients.

Returns:

Result of the ListUserPoolClients operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUserPoolClients

default ListUserPoolClientsResponse listUserPoolClients(Consumer<ListUserPoolClientsRequest.Builder> listUserPoolClientsRequest)
                                                 throws InvalidParameterException,
                                                        ResourceNotFoundException,
                                                        TooManyRequestsException,
                                                        NotAuthorizedException,
                                                        InternalErrorException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Lists the clients that have been created for the specified user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the ListUserPoolClientsRequest.Builder avoiding the need to create one manually via ListUserPoolClientsRequest.builder()

Parameters:

listUserPoolClientsRequest - A Consumer that will call methods on ListUserPoolClientsRequest.Builder to create a request. Represents the request to list the user pool clients.

Returns:

Result of the ListUserPoolClients operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUserPoolClientsPaginator

default ListUserPoolClientsIterable listUserPoolClientsPaginator(ListUserPoolClientsRequest listUserPoolClientsRequest)
                                                          throws InvalidParameterException,
                                                                 ResourceNotFoundException,
                                                                 TooManyRequestsException,
                                                                 NotAuthorizedException,
                                                                 InternalErrorException,
                                                                 AwsServiceException,
                                                                 SdkClientException,
                                                                 CognitoIdentityProviderException

This is a variant of listUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client.listUserPoolClientsPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client
             .listUserPoolClientsPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client.listUserPoolClientsPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest) operation.

Parameters:

listUserPoolClientsRequest - Represents the request to list the user pool clients.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUserPoolClientsPaginator

default ListUserPoolClientsIterable listUserPoolClientsPaginator(Consumer<ListUserPoolClientsRequest.Builder> listUserPoolClientsRequest)
                                                          throws InvalidParameterException,
                                                                 ResourceNotFoundException,
                                                                 TooManyRequestsException,
                                                                 NotAuthorizedException,
                                                                 InternalErrorException,
                                                                 AwsServiceException,
                                                                 SdkClientException,
                                                                 CognitoIdentityProviderException

This is a variant of listUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client.listUserPoolClientsPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client
             .listUserPoolClientsPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolClientsIterable responses = client.listUserPoolClientsPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listUserPoolClients(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolClientsRequest) operation.

This is a convenience which creates an instance of the ListUserPoolClientsRequest.Builder avoiding the need to create one manually via ListUserPoolClientsRequest.builder()

Parameters:

listUserPoolClientsRequest - A Consumer that will call methods on ListUserPoolClientsRequest.Builder to create a request. Represents the request to list the user pool clients.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUserPools

default ListUserPoolsResponse listUserPools(ListUserPoolsRequest listUserPoolsRequest)
                                     throws InvalidParameterException,
                                            TooManyRequestsException,
                                            NotAuthorizedException,
                                            InternalErrorException,
                                            AwsServiceException,
                                            SdkClientException,
                                            CognitoIdentityProviderException

Lists the user pools associated with an Amazon Web Services account.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

listUserPoolsRequest - Represents the request to list user pools.

Returns:

Result of the ListUserPools operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUserPools

default ListUserPoolsResponse listUserPools(Consumer<ListUserPoolsRequest.Builder> listUserPoolsRequest)
                                     throws InvalidParameterException,
                                            TooManyRequestsException,
                                            NotAuthorizedException,
                                            InternalErrorException,
                                            AwsServiceException,
                                            SdkClientException,
                                            CognitoIdentityProviderException

Lists the user pools associated with an Amazon Web Services account.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the ListUserPoolsRequest.Builder avoiding the need to create one manually via ListUserPoolsRequest.builder()

Parameters:

listUserPoolsRequest - A Consumer that will call methods on ListUserPoolsRequest.Builder to create a request. Represents the request to list user pools.

Returns:

Result of the ListUserPools operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUserPoolsPaginator

default ListUserPoolsIterable listUserPoolsPaginator(ListUserPoolsRequest listUserPoolsRequest)
                                              throws InvalidParameterException,
                                                     TooManyRequestsException,
                                                     NotAuthorizedException,
                                                     InternalErrorException,
                                                     AwsServiceException,
                                                     SdkClientException,
                                                     CognitoIdentityProviderException

This is a variant of listUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client.listUserPoolsPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client
             .listUserPoolsPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client.listUserPoolsPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest) operation.

Parameters:

listUserPoolsRequest - Represents the request to list user pools.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUserPoolsPaginator

default ListUserPoolsIterable listUserPoolsPaginator(Consumer<ListUserPoolsRequest.Builder> listUserPoolsRequest)
                                              throws InvalidParameterException,
                                                     TooManyRequestsException,
                                                     NotAuthorizedException,
                                                     InternalErrorException,
                                                     AwsServiceException,
                                                     SdkClientException,
                                                     CognitoIdentityProviderException

This is a variant of listUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client.listUserPoolsPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client
             .listUserPoolsPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUserPoolsIterable responses = client.listUserPoolsPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of MaxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listUserPools(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest) operation.

This is a convenience which creates an instance of the ListUserPoolsRequest.Builder avoiding the need to create one manually via ListUserPoolsRequest.builder()

Parameters:

listUserPoolsRequest - A Consumer that will call methods on ListUserPoolsRequest.Builder to create a request. Represents the request to list user pools.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUsers

default ListUsersResponse listUsers(ListUsersRequest listUsersRequest)
                             throws InvalidParameterException,
                                    ResourceNotFoundException,
                                    TooManyRequestsException,
                                    NotAuthorizedException,
                                    InternalErrorException,
                                    AwsServiceException,
                                    SdkClientException,
                                    CognitoIdentityProviderException

Lists users and their basic details in a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

listUsersRequest - Represents the request to list users.

Returns:

Result of the ListUsers operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUsers

default ListUsersResponse listUsers(Consumer<ListUsersRequest.Builder> listUsersRequest)
                             throws InvalidParameterException,
                                    ResourceNotFoundException,
                                    TooManyRequestsException,
                                    NotAuthorizedException,
                                    InternalErrorException,
                                    AwsServiceException,
                                    SdkClientException,
                                    CognitoIdentityProviderException

Lists users and their basic details in a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the ListUsersRequest.Builder avoiding the need to create one manually via ListUsersRequest.builder()

Parameters:

listUsersRequest - A Consumer that will call methods on ListUsersRequest.Builder to create a request. Represents the request to list users.

Returns:

Result of the ListUsers operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUsersPaginator

default ListUsersIterable listUsersPaginator(ListUsersRequest listUsersRequest)
                                      throws InvalidParameterException,
                                             ResourceNotFoundException,
                                             TooManyRequestsException,
                                             NotAuthorizedException,
                                             InternalErrorException,
                                             AwsServiceException,
                                             SdkClientException,
                                             CognitoIdentityProviderException

This is a variant of listUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client.listUsersPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client
             .listUsersPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client.listUsersPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest) operation.

Parameters:

listUsersRequest - Represents the request to list users.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUsersPaginator

default ListUsersIterable listUsersPaginator(Consumer<ListUsersRequest.Builder> listUsersRequest)
                                      throws InvalidParameterException,
                                             ResourceNotFoundException,
                                             TooManyRequestsException,
                                             NotAuthorizedException,
                                             InternalErrorException,
                                             AwsServiceException,
                                             SdkClientException,
                                             CognitoIdentityProviderException

This is a variant of listUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client.listUsersPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client
             .listUsersPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersIterable responses = client.listUsersPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listUsers(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest) operation.

This is a convenience which creates an instance of the ListUsersRequest.Builder avoiding the need to create one manually via ListUsersRequest.builder()

Parameters:

listUsersRequest - A Consumer that will call methods on ListUsersRequest.Builder to create a request. Represents the request to list users.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUsersInGroup

default ListUsersInGroupResponse listUsersInGroup(ListUsersInGroupRequest listUsersInGroupRequest)
                                           throws InvalidParameterException,
                                                  ResourceNotFoundException,
                                                  TooManyRequestsException,
                                                  NotAuthorizedException,
                                                  InternalErrorException,
                                                  AwsServiceException,
                                                  SdkClientException,
                                                  CognitoIdentityProviderException

Lists the users in the specified group.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

listUsersInGroupRequest -

Returns:

Result of the ListUsersInGroup operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUsersInGroup

default ListUsersInGroupResponse listUsersInGroup(Consumer<ListUsersInGroupRequest.Builder> listUsersInGroupRequest)
                                           throws InvalidParameterException,
                                                  ResourceNotFoundException,
                                                  TooManyRequestsException,
                                                  NotAuthorizedException,
                                                  InternalErrorException,
                                                  AwsServiceException,
                                                  SdkClientException,
                                                  CognitoIdentityProviderException

Lists the users in the specified group.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the ListUsersInGroupRequest.Builder avoiding the need to create one manually via ListUsersInGroupRequest.builder()

Parameters:

listUsersInGroupRequest - A Consumer that will call methods on ListUsersInGroupRequest.Builder to create a request.

Returns:

Result of the ListUsersInGroup operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUsersInGroupPaginator

default ListUsersInGroupIterable listUsersInGroupPaginator(ListUsersInGroupRequest listUsersInGroupRequest)
                                                    throws InvalidParameterException,
                                                           ResourceNotFoundException,
                                                           TooManyRequestsException,
                                                           NotAuthorizedException,
                                                           InternalErrorException,
                                                           AwsServiceException,
                                                           SdkClientException,
                                                           CognitoIdentityProviderException

This is a variant of listUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client.listUsersInGroupPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client
             .listUsersInGroupPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client.listUsersInGroupPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest) operation.

Parameters:

listUsersInGroupRequest -

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listUsersInGroupPaginator

default ListUsersInGroupIterable listUsersInGroupPaginator(Consumer<ListUsersInGroupRequest.Builder> listUsersInGroupRequest)
                                                    throws InvalidParameterException,
                                                           ResourceNotFoundException,
                                                           TooManyRequestsException,
                                                           NotAuthorizedException,
                                                           InternalErrorException,
                                                           AwsServiceException,
                                                           SdkClientException,
                                                           CognitoIdentityProviderException

This is a variant of listUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest) operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.

When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.

The following are few ways to iterate through the response pages:

1) Using a Stream

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client.listUsersInGroupPaginator(request);
 responses.stream().forEach(....);
 
 

2) Using For loop

 {
     @code
     software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client
             .listUsersInGroupPaginator(request);
     for (software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupResponse response : responses) {
         // do something;
     }
 }
 

3) Use iterator directly

 
 software.amazon.awssdk.services.cognitoidentityprovider.paginators.ListUsersInGroupIterable responses = client.listUsersInGroupPaginator(request);
 responses.iterator().forEachRemaining(....);
 
 

Please notice that the configuration of Limit won't limit the number of results you get with the paginator. It only limits the number of results in each page.

Note: If you prefer to have control on service calls, use the listUsersInGroup(software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersInGroupRequest) operation.

This is a convenience which creates an instance of the ListUsersInGroupRequest.Builder avoiding the need to create one manually via ListUsersInGroupRequest.builder()

Parameters:

listUsersInGroupRequest - A Consumer that will call methods on ListUsersInGroupRequest.Builder to create a request.

Returns:

A custom iterable that can be used to iterate through all the response pages.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listWebAuthnCredentials

default ListWebAuthnCredentialsResponse listWebAuthnCredentials(ListWebAuthnCredentialsRequest listWebAuthnCredentialsRequest)
                                                         throws ForbiddenException,
                                                                InternalErrorException,
                                                                InvalidParameterException,
                                                                NotAuthorizedException,
                                                                AwsServiceException,
                                                                SdkClientException,
                                                                CognitoIdentityProviderException

Generates a list of the current user's registered passkey, or webauthN, credentials.

Parameters:

listWebAuthnCredentialsRequest -

Returns:

Result of the ListWebAuthnCredentials operation returned by the service.

Throws:

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

listWebAuthnCredentials

default ListWebAuthnCredentialsResponse listWebAuthnCredentials(Consumer<ListWebAuthnCredentialsRequest.Builder> listWebAuthnCredentialsRequest)
                                                         throws ForbiddenException,
                                                                InternalErrorException,
                                                                InvalidParameterException,
                                                                NotAuthorizedException,
                                                                AwsServiceException,
                                                                SdkClientException,
                                                                CognitoIdentityProviderException

Generates a list of the current user's registered passkey, or webauthN, credentials.

This is a convenience which creates an instance of the ListWebAuthnCredentialsRequest.Builder avoiding the need to create one manually via ListWebAuthnCredentialsRequest.builder()

Parameters:

listWebAuthnCredentialsRequest - A Consumer that will call methods on ListWebAuthnCredentialsRequest.Builder to create a request.

Returns:

Result of the ListWebAuthnCredentials operation returned by the service.

Throws:

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

resendConfirmationCode

default ResendConfirmationCodeResponse resendConfirmationCode(ResendConfirmationCodeRequest resendConfirmationCodeRequest)
                                                       throws ResourceNotFoundException,
                                                              InvalidParameterException,
                                                              UnexpectedLambdaException,
                                                              UserLambdaValidationException,
                                                              NotAuthorizedException,
                                                              InvalidLambdaResponseException,
                                                              TooManyRequestsException,
                                                              LimitExceededException,
                                                              InvalidSmsRoleAccessPolicyException,
                                                              InvalidSmsRoleTrustRelationshipException,
                                                              InvalidEmailRoleAccessPolicyException,
                                                              CodeDeliveryFailureException,
                                                              UserNotFoundException,
                                                              InternalErrorException,
                                                              ForbiddenException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Resends the confirmation (for confirmation of registration) to a specific user in the user pool.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Parameters:

resendConfirmationCodeRequest - Represents the request to resend the confirmation code.

Returns:

Result of the ResendConfirmationCode operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

resendConfirmationCode

default ResendConfirmationCodeResponse resendConfirmationCode(Consumer<ResendConfirmationCodeRequest.Builder> resendConfirmationCodeRequest)
                                                       throws ResourceNotFoundException,
                                                              InvalidParameterException,
                                                              UnexpectedLambdaException,
                                                              UserLambdaValidationException,
                                                              NotAuthorizedException,
                                                              InvalidLambdaResponseException,
                                                              TooManyRequestsException,
                                                              LimitExceededException,
                                                              InvalidSmsRoleAccessPolicyException,
                                                              InvalidSmsRoleTrustRelationshipException,
                                                              InvalidEmailRoleAccessPolicyException,
                                                              CodeDeliveryFailureException,
                                                              UserNotFoundException,
                                                              InternalErrorException,
                                                              ForbiddenException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Resends the confirmation (for confirmation of registration) to a specific user in the user pool.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

This is a convenience which creates an instance of the ResendConfirmationCodeRequest.Builder avoiding the need to create one manually via ResendConfirmationCodeRequest.builder()

Parameters:

resendConfirmationCodeRequest - A Consumer that will call methods on ResendConfirmationCodeRequest.Builder to create a request. Represents the request to resend the confirmation code.

Returns:

Result of the ResendConfirmationCode operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

UserNotFoundException - This exception is thrown when a user isn't found.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

respondToAuthChallenge

default RespondToAuthChallengeResponse respondToAuthChallenge(RespondToAuthChallengeRequest respondToAuthChallengeRequest)
                                                       throws ResourceNotFoundException,
                                                              InvalidParameterException,
                                                              NotAuthorizedException,
                                                              CodeMismatchException,
                                                              ExpiredCodeException,
                                                              UnexpectedLambdaException,
                                                              UserLambdaValidationException,
                                                              InvalidPasswordException,
                                                              PasswordHistoryPolicyViolationException,
                                                              InvalidLambdaResponseException,
                                                              TooManyRequestsException,
                                                              InvalidUserPoolConfigurationException,
                                                              MfaMethodNotFoundException,
                                                              PasswordResetRequiredException,
                                                              UserNotFoundException,
                                                              UserNotConfirmedException,
                                                              InvalidSmsRoleAccessPolicyException,
                                                              InvalidSmsRoleTrustRelationshipException,
                                                              InvalidEmailRoleAccessPolicyException,
                                                              AliasExistsException,
                                                              InternalErrorException,
                                                              SoftwareTokenMfaNotFoundException,
                                                              ForbiddenException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A RespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Parameters:

respondToAuthChallengeRequest - The request to respond to an authentication challenge.

Returns:

Result of the RespondToAuthChallenge operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

PasswordHistoryPolicyViolationException - The message returned when a user's new password matches a previous password and doesn't comply with the password-history policy.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

MfaMethodNotFoundException - This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SoftwareTokenMfaNotFoundException - This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

respondToAuthChallenge

default RespondToAuthChallengeResponse respondToAuthChallenge(Consumer<RespondToAuthChallengeRequest.Builder> respondToAuthChallengeRequest)
                                                       throws ResourceNotFoundException,
                                                              InvalidParameterException,
                                                              NotAuthorizedException,
                                                              CodeMismatchException,
                                                              ExpiredCodeException,
                                                              UnexpectedLambdaException,
                                                              UserLambdaValidationException,
                                                              InvalidPasswordException,
                                                              PasswordHistoryPolicyViolationException,
                                                              InvalidLambdaResponseException,
                                                              TooManyRequestsException,
                                                              InvalidUserPoolConfigurationException,
                                                              MfaMethodNotFoundException,
                                                              PasswordResetRequiredException,
                                                              UserNotFoundException,
                                                              UserNotConfirmedException,
                                                              InvalidSmsRoleAccessPolicyException,
                                                              InvalidSmsRoleTrustRelationshipException,
                                                              InvalidEmailRoleAccessPolicyException,
                                                              AliasExistsException,
                                                              InternalErrorException,
                                                              SoftwareTokenMfaNotFoundException,
                                                              ForbiddenException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A RespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

This is a convenience which creates an instance of the RespondToAuthChallengeRequest.Builder avoiding the need to create one manually via RespondToAuthChallengeRequest.builder()

Parameters:

respondToAuthChallengeRequest - A Consumer that will call methods on RespondToAuthChallengeRequest.Builder to create a request. The request to respond to an authentication challenge.

Returns:

Result of the RespondToAuthChallenge operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

PasswordHistoryPolicyViolationException - The message returned when a user's new password matches a previous password and doesn't comply with the password-history policy.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

MfaMethodNotFoundException - This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SoftwareTokenMfaNotFoundException - This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

revokeToken

default RevokeTokenResponse revokeToken(RevokeTokenRequest revokeTokenRequest)
                                 throws TooManyRequestsException,
                                        InternalErrorException,
                                        UnauthorizedException,
                                        InvalidParameterException,
                                        UnsupportedOperationException,
                                        UnsupportedTokenTypeException,
                                        ForbiddenException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

revokeTokenRequest -

Returns:

Result of the RevokeToken operation returned by the service.

Throws:

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

UnauthorizedException - Exception that is thrown when the request isn't authorized. This can happen due to an invalid access token in the request.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnsupportedOperationException - Exception that is thrown when you attempt to perform an operation that isn't enabled for the user pool client.

UnsupportedTokenTypeException - Exception that is thrown when an unsupported token is passed to an operation.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

UnsupportedOperationException

AwsServiceException

See Also:

AWS API Documentation

revokeToken

default RevokeTokenResponse revokeToken(Consumer<RevokeTokenRequest.Builder> revokeTokenRequest)
                                 throws TooManyRequestsException,
                                        InternalErrorException,
                                        UnauthorizedException,
                                        InvalidParameterException,
                                        UnsupportedOperationException,
                                        UnsupportedTokenTypeException,
                                        ForbiddenException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the RevokeTokenRequest.Builder avoiding the need to create one manually via RevokeTokenRequest.builder()

Parameters:

revokeTokenRequest - A Consumer that will call methods on RevokeTokenRequest.Builder to create a request.

Returns:

Result of the RevokeToken operation returned by the service.

Throws:

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

UnauthorizedException - Exception that is thrown when the request isn't authorized. This can happen due to an invalid access token in the request.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnsupportedOperationException - Exception that is thrown when you attempt to perform an operation that isn't enabled for the user pool client.

UnsupportedTokenTypeException - Exception that is thrown when an unsupported token is passed to an operation.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

UnsupportedOperationException

AwsServiceException

See Also:

AWS API Documentation

setLogDeliveryConfiguration

default SetLogDeliveryConfigurationResponse setLogDeliveryConfiguration(SetLogDeliveryConfigurationRequest setLogDeliveryConfigurationRequest)
                                                                 throws InvalidParameterException,
                                                                        InternalErrorException,
                                                                        TooManyRequestsException,
                                                                        NotAuthorizedException,
                                                                        ResourceNotFoundException,
                                                                        FeatureUnavailableInTierException,
                                                                        AwsServiceException,
                                                                        SdkClientException,
                                                                        CognitoIdentityProviderException

Sets up or modifies the logging configuration of a user pool. User pools can export user notification logs and advanced security features user activity logs.

Parameters:

setLogDeliveryConfigurationRequest -

Returns:

Result of the SetLogDeliveryConfiguration operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setLogDeliveryConfiguration

default SetLogDeliveryConfigurationResponse setLogDeliveryConfiguration(Consumer<SetLogDeliveryConfigurationRequest.Builder> setLogDeliveryConfigurationRequest)
                                                                 throws InvalidParameterException,
                                                                        InternalErrorException,
                                                                        TooManyRequestsException,
                                                                        NotAuthorizedException,
                                                                        ResourceNotFoundException,
                                                                        FeatureUnavailableInTierException,
                                                                        AwsServiceException,
                                                                        SdkClientException,
                                                                        CognitoIdentityProviderException

Sets up or modifies the logging configuration of a user pool. User pools can export user notification logs and advanced security features user activity logs.

This is a convenience which creates an instance of the SetLogDeliveryConfigurationRequest.Builder avoiding the need to create one manually via SetLogDeliveryConfigurationRequest.builder()

Parameters:

setLogDeliveryConfigurationRequest - A Consumer that will call methods on SetLogDeliveryConfigurationRequest.Builder to create a request.

Returns:

Result of the SetLogDeliveryConfiguration operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setRiskConfiguration

default SetRiskConfigurationResponse setRiskConfiguration(SetRiskConfigurationRequest setRiskConfigurationRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          TooManyRequestsException,
                                                          NotAuthorizedException,
                                                          UserPoolAddOnNotEnabledException,
                                                          CodeDeliveryFailureException,
                                                          InvalidEmailRoleAccessPolicyException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.

To activate Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.

Parameters:

setRiskConfigurationRequest -

Returns:

Result of the SetRiskConfiguration operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setRiskConfiguration

default SetRiskConfigurationResponse setRiskConfiguration(Consumer<SetRiskConfigurationRequest.Builder> setRiskConfigurationRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          TooManyRequestsException,
                                                          NotAuthorizedException,
                                                          UserPoolAddOnNotEnabledException,
                                                          CodeDeliveryFailureException,
                                                          InvalidEmailRoleAccessPolicyException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.

To activate Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.

This is a convenience which creates an instance of the SetRiskConfigurationRequest.Builder avoiding the need to create one manually via SetRiskConfigurationRequest.builder()

Parameters:

setRiskConfigurationRequest - A Consumer that will call methods on SetRiskConfigurationRequest.Builder to create a request.

Returns:

Result of the SetRiskConfiguration operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setUICustomization

default SetUiCustomizationResponse setUICustomization(SetUiCustomizationRequest setUiCustomizationRequest)
                                               throws InvalidParameterException,
                                                      ResourceNotFoundException,
                                                      NotAuthorizedException,
                                                      TooManyRequestsException,
                                                      InternalErrorException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Sets the user interface (UI) customization information for a user pool's built-in app UI.

You can specify app UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to ALL). If you specify ALL, the default configuration is used for every client that has no previously set UI customization. If you specify UI customization settings for a particular client, it will no longer return to the ALL configuration.

To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.

Parameters:

setUiCustomizationRequest -

Returns:

Result of the SetUICustomization operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setUICustomization

default SetUiCustomizationResponse setUICustomization(Consumer<SetUiCustomizationRequest.Builder> setUiCustomizationRequest)
                                               throws InvalidParameterException,
                                                      ResourceNotFoundException,
                                                      NotAuthorizedException,
                                                      TooManyRequestsException,
                                                      InternalErrorException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Sets the user interface (UI) customization information for a user pool's built-in app UI.

You can specify app UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to ALL). If you specify ALL, the default configuration is used for every client that has no previously set UI customization. If you specify UI customization settings for a particular client, it will no longer return to the ALL configuration.

To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.

This is a convenience which creates an instance of the SetUiCustomizationRequest.Builder avoiding the need to create one manually via SetUiCustomizationRequest.builder()

Parameters:

setUiCustomizationRequest - A Consumer that will call methods on SetUiCustomizationRequest.Builder to create a request.

Returns:

Result of the SetUICustomization operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setUserMFAPreference

default SetUserMfaPreferenceResponse setUserMFAPreference(SetUserMfaPreferenceRequest setUserMfaPreferenceRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          NotAuthorizedException,
                                                          PasswordResetRequiredException,
                                                          UserNotFoundException,
                                                          UserNotConfirmedException,
                                                          InternalErrorException,
                                                          ForbiddenException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.

This operation doesn't reset an existing TOTP MFA for a user. To register a new TOTP factor for a user, make an AssociateSoftwareToken request. For more information, see TOTP software token MFA.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

setUserMfaPreferenceRequest -

Returns:

Result of the SetUserMFAPreference operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setUserMFAPreference

default SetUserMfaPreferenceResponse setUserMFAPreference(Consumer<SetUserMfaPreferenceRequest.Builder> setUserMfaPreferenceRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          NotAuthorizedException,
                                                          PasswordResetRequiredException,
                                                          UserNotFoundException,
                                                          UserNotConfirmedException,
                                                          InternalErrorException,
                                                          ForbiddenException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.

This operation doesn't reset an existing TOTP MFA for a user. To register a new TOTP factor for a user, make an AssociateSoftwareToken request. For more information, see TOTP software token MFA.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the SetUserMfaPreferenceRequest.Builder avoiding the need to create one manually via SetUserMfaPreferenceRequest.builder()

Parameters:

setUserMfaPreferenceRequest - A Consumer that will call methods on SetUserMfaPreferenceRequest.Builder to create a request.

Returns:

Result of the SetUserMFAPreference operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setUserPoolMfaConfig

default SetUserPoolMfaConfigResponse setUserPoolMfaConfig(SetUserPoolMfaConfigRequest setUserPoolMfaConfigRequest)
                                                   throws InvalidParameterException,
                                                          TooManyRequestsException,
                                                          ConcurrentModificationException,
                                                          ResourceNotFoundException,
                                                          InvalidSmsRoleAccessPolicyException,
                                                          InvalidSmsRoleTrustRelationshipException,
                                                          NotAuthorizedException,
                                                          InternalErrorException,
                                                          FeatureUnavailableInTierException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Sets the user pool multi-factor authentication (MFA) and passkey configuration.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Parameters:

setUserPoolMfaConfigRequest -

Returns:

Result of the SetUserPoolMfaConfig operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setUserPoolMfaConfig

default SetUserPoolMfaConfigResponse setUserPoolMfaConfig(Consumer<SetUserPoolMfaConfigRequest.Builder> setUserPoolMfaConfigRequest)
                                                   throws InvalidParameterException,
                                                          TooManyRequestsException,
                                                          ConcurrentModificationException,
                                                          ResourceNotFoundException,
                                                          InvalidSmsRoleAccessPolicyException,
                                                          InvalidSmsRoleTrustRelationshipException,
                                                          NotAuthorizedException,
                                                          InternalErrorException,
                                                          FeatureUnavailableInTierException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Sets the user pool multi-factor authentication (MFA) and passkey configuration.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

This is a convenience which creates an instance of the SetUserPoolMfaConfigRequest.Builder avoiding the need to create one manually via SetUserPoolMfaConfigRequest.builder()

Parameters:

setUserPoolMfaConfigRequest - A Consumer that will call methods on SetUserPoolMfaConfigRequest.Builder to create a request.

Returns:

Result of the SetUserPoolMfaConfig operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setUserSettings

default SetUserSettingsResponse setUserSettings(SetUserSettingsRequest setUserSettingsRequest)
                                         throws ResourceNotFoundException,
                                                InvalidParameterException,
                                                NotAuthorizedException,
                                                PasswordResetRequiredException,
                                                UserNotFoundException,
                                                UserNotConfirmedException,
                                                InternalErrorException,
                                                ForbiddenException,
                                                AwsServiceException,
                                                SdkClientException,
                                                CognitoIdentityProviderException

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

setUserSettingsRequest - Represents the request to set user settings.

Returns:

Result of the SetUserSettings operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

setUserSettings

default SetUserSettingsResponse setUserSettings(Consumer<SetUserSettingsRequest.Builder> setUserSettingsRequest)
                                         throws ResourceNotFoundException,
                                                InvalidParameterException,
                                                NotAuthorizedException,
                                                PasswordResetRequiredException,
                                                UserNotFoundException,
                                                UserNotConfirmedException,
                                                InternalErrorException,
                                                ForbiddenException,
                                                AwsServiceException,
                                                SdkClientException,
                                                CognitoIdentityProviderException

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the SetUserSettingsRequest.Builder avoiding the need to create one manually via SetUserSettingsRequest.builder()

Parameters:

setUserSettingsRequest - A Consumer that will call methods on SetUserSettingsRequest.Builder to create a request. Represents the request to set user settings.

Returns:

Result of the SetUserSettings operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

signUp

default SignUpResponse signUp(SignUpRequest signUpRequest)
                       throws ResourceNotFoundException,
                              InvalidParameterException,
                              UnexpectedLambdaException,
                              UserLambdaValidationException,
                              NotAuthorizedException,
                              InvalidPasswordException,
                              InvalidLambdaResponseException,
                              UsernameExistsException,
                              TooManyRequestsException,
                              InternalErrorException,
                              LimitExceededException,
                              InvalidSmsRoleAccessPolicyException,
                              InvalidSmsRoleTrustRelationshipException,
                              InvalidEmailRoleAccessPolicyException,
                              CodeDeliveryFailureException,
                              ForbiddenException,
                              AwsServiceException,
                              SdkClientException,
                              CognitoIdentityProviderException

Registers the user in the specified user pool and creates a user name, password, and user attributes.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

You might receive a LimitExceeded exception in response to this request if you have exceeded a rate quota for email or SMS messages, and if your user pool automatically verifies email addresses or phone numbers. When you get this exception in the response, the user is successfully created and is in an UNCONFIRMED state. You can send a new code with the ResendConfirmationCode request, or confirm the user as an administrator with an AdminConfirmSignUp request.

Parameters:

signUpRequest - Represents the request to register a user.

Returns:

Result of the SignUp operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

UsernameExistsException - This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

signUp

default SignUpResponse signUp(Consumer<SignUpRequest.Builder> signUpRequest)
                       throws ResourceNotFoundException,
                              InvalidParameterException,
                              UnexpectedLambdaException,
                              UserLambdaValidationException,
                              NotAuthorizedException,
                              InvalidPasswordException,
                              InvalidLambdaResponseException,
                              UsernameExistsException,
                              TooManyRequestsException,
                              InternalErrorException,
                              LimitExceededException,
                              InvalidSmsRoleAccessPolicyException,
                              InvalidSmsRoleTrustRelationshipException,
                              InvalidEmailRoleAccessPolicyException,
                              CodeDeliveryFailureException,
                              ForbiddenException,
                              AwsServiceException,
                              SdkClientException,
                              CognitoIdentityProviderException

Registers the user in the specified user pool and creates a user name, password, and user attributes.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

You might receive a LimitExceeded exception in response to this request if you have exceeded a rate quota for email or SMS messages, and if your user pool automatically verifies email addresses or phone numbers. When you get this exception in the response, the user is successfully created and is in an UNCONFIRMED state. You can send a new code with the ResendConfirmationCode request, or confirm the user as an administrator with an AdminConfirmSignUp request.

This is a convenience which creates an instance of the SignUpRequest.Builder avoiding the need to create one manually via SignUpRequest.builder()

Parameters:

signUpRequest - A Consumer that will call methods on SignUpRequest.Builder to create a request. Represents the request to register a user.

Returns:

Result of the SignUp operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidPasswordException - This exception is thrown when Amazon Cognito encounters an invalid password.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

UsernameExistsException - This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

startUserImportJob

default StartUserImportJobResponse startUserImportJob(StartUserImportJobRequest startUserImportJobRequest)
                                               throws ResourceNotFoundException,
                                                      InvalidParameterException,
                                                      TooManyRequestsException,
                                                      InternalErrorException,
                                                      PreconditionNotMetException,
                                                      NotAuthorizedException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Starts the user import.

Parameters:

startUserImportJobRequest - Represents the request to start the user import job.

Returns:

Result of the StartUserImportJob operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

PreconditionNotMetException - This exception is thrown when a precondition is not met.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

startUserImportJob

default StartUserImportJobResponse startUserImportJob(Consumer<StartUserImportJobRequest.Builder> startUserImportJobRequest)
                                               throws ResourceNotFoundException,
                                                      InvalidParameterException,
                                                      TooManyRequestsException,
                                                      InternalErrorException,
                                                      PreconditionNotMetException,
                                                      NotAuthorizedException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Starts the user import.

This is a convenience which creates an instance of the StartUserImportJobRequest.Builder avoiding the need to create one manually via StartUserImportJobRequest.builder()

Parameters:

startUserImportJobRequest - A Consumer that will call methods on StartUserImportJobRequest.Builder to create a request. Represents the request to start the user import job.

Returns:

Result of the StartUserImportJob operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

PreconditionNotMetException - This exception is thrown when a precondition is not met.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

startWebAuthnRegistration

default StartWebAuthnRegistrationResponse startWebAuthnRegistration(StartWebAuthnRegistrationRequest startWebAuthnRegistrationRequest)
                                                             throws ForbiddenException,
                                                                    InternalErrorException,
                                                                    InvalidParameterException,
                                                                    LimitExceededException,
                                                                    NotAuthorizedException,
                                                                    TooManyRequestsException,
                                                                    WebAuthnNotEnabledException,
                                                                    WebAuthnConfigurationMissingException,
                                                                    AwsServiceException,
                                                                    SdkClientException,
                                                                    CognitoIdentityProviderException

Requests credential creation options from your user pool for registration of a passkey authenticator. Returns information about the user pool, the user profile, and authentication requirements. Users must provide this information in their request to enroll your application with their passkey provider.

After users present this data and register with their passkey provider, return the response to your user pool in a CompleteWebAuthnRegistration API request.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Parameters:

startWebAuthnRegistrationRequest -

Returns:

Result of the StartWebAuthnRegistration operation returned by the service.

Throws:

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

WebAuthnNotEnabledException - This exception is thrown when the passkey feature isn't enabled for the user pool.

WebAuthnConfigurationMissingException - This exception is thrown when a user pool doesn't have a configured relying party id or a user pool domain.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

startWebAuthnRegistration

default StartWebAuthnRegistrationResponse startWebAuthnRegistration(Consumer<StartWebAuthnRegistrationRequest.Builder> startWebAuthnRegistrationRequest)
                                                             throws ForbiddenException,
                                                                    InternalErrorException,
                                                                    InvalidParameterException,
                                                                    LimitExceededException,
                                                                    NotAuthorizedException,
                                                                    TooManyRequestsException,
                                                                    WebAuthnNotEnabledException,
                                                                    WebAuthnConfigurationMissingException,
                                                                    AwsServiceException,
                                                                    SdkClientException,
                                                                    CognitoIdentityProviderException

Requests credential creation options from your user pool for registration of a passkey authenticator. Returns information about the user pool, the user profile, and authentication requirements. Users must provide this information in their request to enroll your application with their passkey provider.

After users present this data and register with their passkey provider, return the response to your user pool in a CompleteWebAuthnRegistration API request.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

This is a convenience which creates an instance of the StartWebAuthnRegistrationRequest.Builder avoiding the need to create one manually via StartWebAuthnRegistrationRequest.builder()

Parameters:

startWebAuthnRegistrationRequest - A Consumer that will call methods on StartWebAuthnRegistrationRequest.Builder to create a request.

Returns:

Result of the StartWebAuthnRegistration operation returned by the service.

Throws:

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

WebAuthnNotEnabledException - This exception is thrown when the passkey feature isn't enabled for the user pool.

WebAuthnConfigurationMissingException - This exception is thrown when a user pool doesn't have a configured relying party id or a user pool domain.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

stopUserImportJob

default StopUserImportJobResponse stopUserImportJob(StopUserImportJobRequest stopUserImportJobRequest)
                                             throws ResourceNotFoundException,
                                                    InvalidParameterException,
                                                    TooManyRequestsException,
                                                    InternalErrorException,
                                                    PreconditionNotMetException,
                                                    NotAuthorizedException,
                                                    AwsServiceException,
                                                    SdkClientException,
                                                    CognitoIdentityProviderException

Stops the user import job.

Parameters:

stopUserImportJobRequest - Represents the request to stop the user import job.

Returns:

Result of the StopUserImportJob operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

PreconditionNotMetException - This exception is thrown when a precondition is not met.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

stopUserImportJob

default StopUserImportJobResponse stopUserImportJob(Consumer<StopUserImportJobRequest.Builder> stopUserImportJobRequest)
                                             throws ResourceNotFoundException,
                                                    InvalidParameterException,
                                                    TooManyRequestsException,
                                                    InternalErrorException,
                                                    PreconditionNotMetException,
                                                    NotAuthorizedException,
                                                    AwsServiceException,
                                                    SdkClientException,
                                                    CognitoIdentityProviderException

Stops the user import job.

This is a convenience which creates an instance of the StopUserImportJobRequest.Builder avoiding the need to create one manually via StopUserImportJobRequest.builder()

Parameters:

stopUserImportJobRequest - A Consumer that will call methods on StopUserImportJobRequest.Builder to create a request. Represents the request to stop the user import job.

Returns:

Result of the StopUserImportJob operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

PreconditionNotMetException - This exception is thrown when a precondition is not met.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

tagResource

default TagResourceResponse tagResource(TagResourceRequest tagResourceRequest)
                                 throws ResourceNotFoundException,
                                        NotAuthorizedException,
                                        TooManyRequestsException,
                                        InvalidParameterException,
                                        InternalErrorException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.

Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool, one for testing and another for production, you might assign an Environment tag key to both user pools. The value of this key might be Test for one user pool, and Production for the other.

Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.

You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.

Parameters:

tagResourceRequest -

Returns:

Result of the TagResource operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

tagResource

default TagResourceResponse tagResource(Consumer<TagResourceRequest.Builder> tagResourceRequest)
                                 throws ResourceNotFoundException,
                                        NotAuthorizedException,
                                        TooManyRequestsException,
                                        InvalidParameterException,
                                        InternalErrorException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.

Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool, one for testing and another for production, you might assign an Environment tag key to both user pools. The value of this key might be Test for one user pool, and Production for the other.

Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.

You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.

This is a convenience which creates an instance of the TagResourceRequest.Builder avoiding the need to create one manually via TagResourceRequest.builder()

Parameters:

tagResourceRequest - A Consumer that will call methods on TagResourceRequest.Builder to create a request.

Returns:

Result of the TagResource operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

untagResource

default UntagResourceResponse untagResource(UntagResourceRequest untagResourceRequest)
                                     throws ResourceNotFoundException,
                                            NotAuthorizedException,
                                            TooManyRequestsException,
                                            InvalidParameterException,
                                            InternalErrorException,
                                            AwsServiceException,
                                            SdkClientException,
                                            CognitoIdentityProviderException

Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.

Parameters:

untagResourceRequest -

Returns:

Result of the UntagResource operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

untagResource

default UntagResourceResponse untagResource(Consumer<UntagResourceRequest.Builder> untagResourceRequest)
                                     throws ResourceNotFoundException,
                                            NotAuthorizedException,
                                            TooManyRequestsException,
                                            InvalidParameterException,
                                            InternalErrorException,
                                            AwsServiceException,
                                            SdkClientException,
                                            CognitoIdentityProviderException

Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.

This is a convenience which creates an instance of the UntagResourceRequest.Builder avoiding the need to create one manually via UntagResourceRequest.builder()

Parameters:

untagResourceRequest - A Consumer that will call methods on UntagResourceRequest.Builder to create a request.

Returns:

Result of the UntagResource operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateAuthEventFeedback

default UpdateAuthEventFeedbackResponse updateAuthEventFeedback(UpdateAuthEventFeedbackRequest updateAuthEventFeedbackRequest)
                                                         throws InvalidParameterException,
                                                                ResourceNotFoundException,
                                                                TooManyRequestsException,
                                                                NotAuthorizedException,
                                                                UserNotFoundException,
                                                                UserPoolAddOnNotEnabledException,
                                                                InternalErrorException,
                                                                AwsServiceException,
                                                                SdkClientException,
                                                                CognitoIdentityProviderException

Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

updateAuthEventFeedbackRequest -

Returns:

Result of the UpdateAuthEventFeedback operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateAuthEventFeedback

default UpdateAuthEventFeedbackResponse updateAuthEventFeedback(Consumer<UpdateAuthEventFeedbackRequest.Builder> updateAuthEventFeedbackRequest)
                                                         throws InvalidParameterException,
                                                                ResourceNotFoundException,
                                                                TooManyRequestsException,
                                                                NotAuthorizedException,
                                                                UserNotFoundException,
                                                                UserPoolAddOnNotEnabledException,
                                                                InternalErrorException,
                                                                AwsServiceException,
                                                                SdkClientException,
                                                                CognitoIdentityProviderException

Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the UpdateAuthEventFeedbackRequest.Builder avoiding the need to create one manually via UpdateAuthEventFeedbackRequest.builder()

Parameters:

updateAuthEventFeedbackRequest - A Consumer that will call methods on UpdateAuthEventFeedbackRequest.Builder to create a request.

Returns:

Result of the UpdateAuthEventFeedback operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserNotFoundException - This exception is thrown when a user isn't found.

UserPoolAddOnNotEnabledException - This exception is thrown when user pool add-ons aren't enabled.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateDeviceStatus

default UpdateDeviceStatusResponse updateDeviceStatus(UpdateDeviceStatusRequest updateDeviceStatusRequest)
                                               throws InvalidParameterException,
                                                      ResourceNotFoundException,
                                                      NotAuthorizedException,
                                                      InvalidUserPoolConfigurationException,
                                                      TooManyRequestsException,
                                                      PasswordResetRequiredException,
                                                      UserNotFoundException,
                                                      UserNotConfirmedException,
                                                      InternalErrorException,
                                                      ForbiddenException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Updates the device status. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

updateDeviceStatusRequest - Represents the request to update the device status.

Returns:

Result of the UpdateDeviceStatus operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateDeviceStatus

default UpdateDeviceStatusResponse updateDeviceStatus(Consumer<UpdateDeviceStatusRequest.Builder> updateDeviceStatusRequest)
                                               throws InvalidParameterException,
                                                      ResourceNotFoundException,
                                                      NotAuthorizedException,
                                                      InvalidUserPoolConfigurationException,
                                                      TooManyRequestsException,
                                                      PasswordResetRequiredException,
                                                      UserNotFoundException,
                                                      UserNotConfirmedException,
                                                      InternalErrorException,
                                                      ForbiddenException,
                                                      AwsServiceException,
                                                      SdkClientException,
                                                      CognitoIdentityProviderException

Updates the device status. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the UpdateDeviceStatusRequest.Builder avoiding the need to create one manually via UpdateDeviceStatusRequest.builder()

Parameters:

updateDeviceStatusRequest - A Consumer that will call methods on UpdateDeviceStatusRequest.Builder to create a request. Represents the request to update the device status.

Returns:

Result of the UpdateDeviceStatus operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateGroup

default UpdateGroupResponse updateGroup(UpdateGroupRequest updateGroupRequest)
                                 throws ResourceNotFoundException,
                                        InvalidParameterException,
                                        TooManyRequestsException,
                                        NotAuthorizedException,
                                        InternalErrorException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Updates the specified group with the specified attributes.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

updateGroupRequest -

Returns:

Result of the UpdateGroup operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateGroup

default UpdateGroupResponse updateGroup(Consumer<UpdateGroupRequest.Builder> updateGroupRequest)
                                 throws ResourceNotFoundException,
                                        InvalidParameterException,
                                        TooManyRequestsException,
                                        NotAuthorizedException,
                                        InternalErrorException,
                                        AwsServiceException,
                                        SdkClientException,
                                        CognitoIdentityProviderException

Updates the specified group with the specified attributes.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the UpdateGroupRequest.Builder avoiding the need to create one manually via UpdateGroupRequest.builder()

Parameters:

updateGroupRequest - A Consumer that will call methods on UpdateGroupRequest.Builder to create a request.

Returns:

Result of the UpdateGroup operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateIdentityProvider

default UpdateIdentityProviderResponse updateIdentityProvider(UpdateIdentityProviderRequest updateIdentityProviderRequest)
                                                       throws InvalidParameterException,
                                                              UnsupportedIdentityProviderException,
                                                              ResourceNotFoundException,
                                                              ConcurrentModificationException,
                                                              NotAuthorizedException,
                                                              TooManyRequestsException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Updates IdP information for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

updateIdentityProviderRequest -

Returns:

Result of the UpdateIdentityProvider operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnsupportedIdentityProviderException - This exception is thrown when the specified identifier isn't supported.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateIdentityProvider

default UpdateIdentityProviderResponse updateIdentityProvider(Consumer<UpdateIdentityProviderRequest.Builder> updateIdentityProviderRequest)
                                                       throws InvalidParameterException,
                                                              UnsupportedIdentityProviderException,
                                                              ResourceNotFoundException,
                                                              ConcurrentModificationException,
                                                              NotAuthorizedException,
                                                              TooManyRequestsException,
                                                              InternalErrorException,
                                                              AwsServiceException,
                                                              SdkClientException,
                                                              CognitoIdentityProviderException

Updates IdP information for a user pool.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the UpdateIdentityProviderRequest.Builder avoiding the need to create one manually via UpdateIdentityProviderRequest.builder()

Parameters:

updateIdentityProviderRequest - A Consumer that will call methods on UpdateIdentityProviderRequest.Builder to create a request.

Returns:

Result of the UpdateIdentityProvider operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

UnsupportedIdentityProviderException - This exception is thrown when the specified identifier isn't supported.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateManagedLoginBranding

default UpdateManagedLoginBrandingResponse updateManagedLoginBranding(UpdateManagedLoginBrandingRequest updateManagedLoginBrandingRequest)
                                                               throws ResourceNotFoundException,
                                                                      ConcurrentModificationException,
                                                                      InvalidParameterException,
                                                                      TooManyRequestsException,
                                                                      NotAuthorizedException,
                                                                      InternalErrorException,
                                                                      AwsServiceException,
                                                                      SdkClientException,
                                                                      CognitoIdentityProviderException

Configures the branding settings for a user pool style. This operation is the programmatic option for the configuration of a style in the branding designer.

Provides values for UI customization in a Settings JSON object and image files in an Assets array.

This operation has a 2-megabyte request-size limit and include the CSS settings and image assets for your app client. Your branding settings might exceed 2MB in size. Amazon Cognito doesn't require that you pass all parameters in one request and preserves existing style settings that you don't specify. If your request is larger than 2MB, separate it into multiple requests, each with a size smaller than the limit.

As a best practice, modify the output of DescribeManagedLoginBrandingByClient into the request parameters for this operation. To get all settings, set ReturnMergedResources to true. For more information, see API and SDK operations for managed login branding

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

updateManagedLoginBrandingRequest -

Returns:

Result of the UpdateManagedLoginBranding operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateManagedLoginBranding

default UpdateManagedLoginBrandingResponse updateManagedLoginBranding(Consumer<UpdateManagedLoginBrandingRequest.Builder> updateManagedLoginBrandingRequest)
                                                               throws ResourceNotFoundException,
                                                                      ConcurrentModificationException,
                                                                      InvalidParameterException,
                                                                      TooManyRequestsException,
                                                                      NotAuthorizedException,
                                                                      InternalErrorException,
                                                                      AwsServiceException,
                                                                      SdkClientException,
                                                                      CognitoIdentityProviderException

Configures the branding settings for a user pool style. This operation is the programmatic option for the configuration of a style in the branding designer.

Provides values for UI customization in a Settings JSON object and image files in an Assets array.

This operation has a 2-megabyte request-size limit and include the CSS settings and image assets for your app client. Your branding settings might exceed 2MB in size. Amazon Cognito doesn't require that you pass all parameters in one request and preserves existing style settings that you don't specify. If your request is larger than 2MB, separate it into multiple requests, each with a size smaller than the limit.

As a best practice, modify the output of DescribeManagedLoginBrandingByClient into the request parameters for this operation. To get all settings, set ReturnMergedResources to true. For more information, see API and SDK operations for managed login branding

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the UpdateManagedLoginBrandingRequest.Builder avoiding the need to create one manually via UpdateManagedLoginBrandingRequest.builder()

Parameters:

updateManagedLoginBrandingRequest - A Consumer that will call methods on UpdateManagedLoginBrandingRequest.Builder to create a request.

Returns:

Result of the UpdateManagedLoginBranding operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateResourceServer

default UpdateResourceServerResponse updateResourceServer(UpdateResourceServerRequest updateResourceServerRequest)
                                                   throws InvalidParameterException,
                                                          ResourceNotFoundException,
                                                          NotAuthorizedException,
                                                          TooManyRequestsException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Updates the name and scopes of resource server. All other fields are read-only.

If you don't provide a value for an attribute, it is set to the default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

updateResourceServerRequest -

Returns:

Result of the UpdateResourceServer operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateResourceServer

default UpdateResourceServerResponse updateResourceServer(Consumer<UpdateResourceServerRequest.Builder> updateResourceServerRequest)
                                                   throws InvalidParameterException,
                                                          ResourceNotFoundException,
                                                          NotAuthorizedException,
                                                          TooManyRequestsException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Updates the name and scopes of resource server. All other fields are read-only.

If you don't provide a value for an attribute, it is set to the default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the UpdateResourceServerRequest.Builder avoiding the need to create one manually via UpdateResourceServerRequest.builder()

Parameters:

updateResourceServerRequest - A Consumer that will call methods on UpdateResourceServerRequest.Builder to create a request.

Returns:

Result of the UpdateResourceServer operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateUserAttributes

default UpdateUserAttributesResponse updateUserAttributes(UpdateUserAttributesRequest updateUserAttributesRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          CodeMismatchException,
                                                          ExpiredCodeException,
                                                          NotAuthorizedException,
                                                          UnexpectedLambdaException,
                                                          UserLambdaValidationException,
                                                          InvalidLambdaResponseException,
                                                          TooManyRequestsException,
                                                          AliasExistsException,
                                                          InvalidSmsRoleAccessPolicyException,
                                                          InvalidSmsRoleTrustRelationshipException,
                                                          InvalidEmailRoleAccessPolicyException,
                                                          CodeDeliveryFailureException,
                                                          PasswordResetRequiredException,
                                                          UserNotFoundException,
                                                          UserNotConfirmedException,
                                                          InternalErrorException,
                                                          ForbiddenException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user's access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the custom: prefix.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Parameters:

updateUserAttributesRequest - Represents the request to update user attributes.

Returns:

Result of the UpdateUserAttributes operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateUserAttributes

default UpdateUserAttributesResponse updateUserAttributes(Consumer<UpdateUserAttributesRequest.Builder> updateUserAttributesRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          CodeMismatchException,
                                                          ExpiredCodeException,
                                                          NotAuthorizedException,
                                                          UnexpectedLambdaException,
                                                          UserLambdaValidationException,
                                                          InvalidLambdaResponseException,
                                                          TooManyRequestsException,
                                                          AliasExistsException,
                                                          InvalidSmsRoleAccessPolicyException,
                                                          InvalidSmsRoleTrustRelationshipException,
                                                          InvalidEmailRoleAccessPolicyException,
                                                          CodeDeliveryFailureException,
                                                          PasswordResetRequiredException,
                                                          UserNotFoundException,
                                                          UserNotConfirmedException,
                                                          InternalErrorException,
                                                          ForbiddenException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user's access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the custom: prefix.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

This is a convenience which creates an instance of the UpdateUserAttributesRequest.Builder avoiding the need to create one manually via UpdateUserAttributesRequest.builder()

Parameters:

updateUserAttributesRequest - A Consumer that will call methods on UpdateUserAttributesRequest.Builder to create a request. Represents the request to update user attributes.

Returns:

Result of the UpdateUserAttributes operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UnexpectedLambdaException - This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.

UserLambdaValidationException - This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.

InvalidLambdaResponseException - This exception is thrown when Amazon Cognito encounters an invalid Lambda response.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

CodeDeliveryFailureException - This exception is thrown when a verification code fails to deliver successfully.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateUserPool

default UpdateUserPoolResponse updateUserPool(UpdateUserPoolRequest updateUserPoolRequest)
                                       throws ResourceNotFoundException,
                                              InvalidParameterException,
                                              ConcurrentModificationException,
                                              TooManyRequestsException,
                                              NotAuthorizedException,
                                              UserImportInProgressException,
                                              InternalErrorException,
                                              InvalidSmsRoleAccessPolicyException,
                                              InvalidSmsRoleTrustRelationshipException,
                                              UserPoolTaggingException,
                                              InvalidEmailRoleAccessPolicyException,
                                              TierChangeNotAllowedException,
                                              FeatureUnavailableInTierException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

updateUserPoolRequest - Represents the request to update the user pool.

Returns:

Result of the UpdateUserPool operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserImportInProgressException - This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

UserPoolTaggingException - This exception is thrown when a user pool tag can't be set or updated.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

TierChangeNotAllowedException - This exception is thrown when you've attempted to change your feature plan but the operation isn't permitted.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateUserPool

default UpdateUserPoolResponse updateUserPool(Consumer<UpdateUserPoolRequest.Builder> updateUserPoolRequest)
                                       throws ResourceNotFoundException,
                                              InvalidParameterException,
                                              ConcurrentModificationException,
                                              TooManyRequestsException,
                                              NotAuthorizedException,
                                              UserImportInProgressException,
                                              InternalErrorException,
                                              InvalidSmsRoleAccessPolicyException,
                                              InvalidSmsRoleTrustRelationshipException,
                                              UserPoolTaggingException,
                                              InvalidEmailRoleAccessPolicyException,
                                              TierChangeNotAllowedException,
                                              FeatureUnavailableInTierException,
                                              AwsServiceException,
                                              SdkClientException,
                                              CognitoIdentityProviderException

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the UpdateUserPoolRequest.Builder avoiding the need to create one manually via UpdateUserPoolRequest.builder()

Parameters:

updateUserPoolRequest - A Consumer that will call methods on UpdateUserPoolRequest.Builder to create a request. Represents the request to update the user pool.

Returns:

Result of the UpdateUserPool operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

UserImportInProgressException - This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

InvalidSmsRoleAccessPolicyException - This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.

InvalidSmsRoleTrustRelationshipException - This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the external ID provided in the role does not match what is provided in the SMS configuration for the user pool.

UserPoolTaggingException - This exception is thrown when a user pool tag can't be set or updated.

InvalidEmailRoleAccessPolicyException - This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.

TierChangeNotAllowedException - This exception is thrown when you've attempted to change your feature plan but the operation isn't permitted.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateUserPoolClient

default UpdateUserPoolClientResponse updateUserPoolClient(UpdateUserPoolClientRequest updateUserPoolClientRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          ConcurrentModificationException,
                                                          TooManyRequestsException,
                                                          NotAuthorizedException,
                                                          ScopeDoesNotExistException,
                                                          InvalidOAuthFlowException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient.

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, see RevokeToken.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

updateUserPoolClientRequest - Represents the request to update the user pool client.

Returns:

Result of the UpdateUserPoolClient operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ScopeDoesNotExistException - This exception is thrown when the specified scope doesn't exist.

InvalidOAuthFlowException - This exception is thrown when the specified OAuth flow is not valid.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateUserPoolClient

default UpdateUserPoolClientResponse updateUserPoolClient(Consumer<UpdateUserPoolClientRequest.Builder> updateUserPoolClientRequest)
                                                   throws ResourceNotFoundException,
                                                          InvalidParameterException,
                                                          ConcurrentModificationException,
                                                          TooManyRequestsException,
                                                          NotAuthorizedException,
                                                          ScopeDoesNotExistException,
                                                          InvalidOAuthFlowException,
                                                          InternalErrorException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient.

If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.

You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, see RevokeToken.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the UpdateUserPoolClientRequest.Builder avoiding the need to create one manually via UpdateUserPoolClientRequest.builder()

Parameters:

updateUserPoolClientRequest - A Consumer that will call methods on UpdateUserPoolClientRequest.Builder to create a request. Represents the request to update the user pool client.

Returns:

Result of the UpdateUserPoolClient operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ConcurrentModificationException - This exception is thrown if two or more modifications are happening concurrently.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ScopeDoesNotExistException - This exception is thrown when the specified scope doesn't exist.

InvalidOAuthFlowException - This exception is thrown when the specified OAuth flow is not valid.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateUserPoolDomain

default UpdateUserPoolDomainResponse updateUserPoolDomain(UpdateUserPoolDomainRequest updateUserPoolDomainRequest)
                                                   throws InvalidParameterException,
                                                          NotAuthorizedException,
                                                          ResourceNotFoundException,
                                                          TooManyRequestsException,
                                                          InternalErrorException,
                                                          FeatureUnavailableInTierException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

A user pool domain hosts managed login, an authorization server and web server for authentication in your application. This operation updates the branding version for user pool domains between 1 for hosted UI (classic) and 2 for managed login. It also updates the SSL certificate for user pool custom domains.

Changes to the domain branding version take up to one minute to take effect for a prefix domain and up to five minutes for a custom domain.

This operation doesn't change the name of your user pool domain. To change your domain, delete it with DeleteUserPoolDomain and create a new domain with CreateUserPoolDomain.

You can pass the ARN of a new Certificate Manager certificate in this request. Typically, ACM certificates automatically renew and you user pool can continue to use the same ARN. But if you generate a new certificate for your custom domain name, replace the original configuration with the new ARN in this request.

ACM certificates for custom domains must be in the US East (N. Virginia) Amazon Web Services Region. After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.

For more information about adding a custom domain to your user pool, see Configuring a user pool domain.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

Parameters:

updateUserPoolDomainRequest - The UpdateUserPoolDomain request input.

Returns:

Result of the UpdateUserPoolDomain operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

updateUserPoolDomain

default UpdateUserPoolDomainResponse updateUserPoolDomain(Consumer<UpdateUserPoolDomainRequest.Builder> updateUserPoolDomainRequest)
                                                   throws InvalidParameterException,
                                                          NotAuthorizedException,
                                                          ResourceNotFoundException,
                                                          TooManyRequestsException,
                                                          InternalErrorException,
                                                          FeatureUnavailableInTierException,
                                                          AwsServiceException,
                                                          SdkClientException,
                                                          CognitoIdentityProviderException

A user pool domain hosts managed login, an authorization server and web server for authentication in your application. This operation updates the branding version for user pool domains between 1 for hosted UI (classic) and 2 for managed login. It also updates the SSL certificate for user pool custom domains.

Changes to the domain branding version take up to one minute to take effect for a prefix domain and up to five minutes for a custom domain.

This operation doesn't change the name of your user pool domain. To change your domain, delete it with DeleteUserPoolDomain and create a new domain with CreateUserPoolDomain.

You can pass the ARN of a new Certificate Manager certificate in this request. Typically, ACM certificates automatically renew and you user pool can continue to use the same ARN. But if you generate a new certificate for your custom domain name, replace the original configuration with the new ARN in this request.

ACM certificates for custom domains must be in the US East (N. Virginia) Amazon Web Services Region. After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.

For more information about adding a custom domain to your user pool, see Configuring a user pool domain.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

• Signing Amazon Web Services API Requests

• Using the Amazon Cognito user pools API and user pool endpoints

This is a convenience which creates an instance of the UpdateUserPoolDomainRequest.Builder avoiding the need to create one manually via UpdateUserPoolDomainRequest.builder()

Parameters:

updateUserPoolDomainRequest - A Consumer that will call methods on UpdateUserPoolDomainRequest.Builder to create a request. The UpdateUserPoolDomain request input.

Returns:

Result of the UpdateUserPoolDomain operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

FeatureUnavailableInTierException - This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

verifySoftwareToken

default VerifySoftwareTokenResponse verifySoftwareToken(VerifySoftwareTokenRequest verifySoftwareTokenRequest)
                                                 throws InvalidParameterException,
                                                        ResourceNotFoundException,
                                                        InvalidUserPoolConfigurationException,
                                                        NotAuthorizedException,
                                                        TooManyRequestsException,
                                                        PasswordResetRequiredException,
                                                        UserNotFoundException,
                                                        UserNotConfirmedException,
                                                        InternalErrorException,
                                                        EnableSoftwareTokenMfaException,
                                                        SoftwareTokenMfaNotFoundException,
                                                        CodeMismatchException,
                                                        ForbiddenException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful. The request takes an access token or a session string, but not both.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

verifySoftwareTokenRequest -

Returns:

Result of the VerifySoftwareToken operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

EnableSoftwareTokenMfaException - This exception is thrown when there is a code mismatch and the service fails to configure the software token TOTP multi-factor authentication (MFA).

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SoftwareTokenMfaNotFoundException - This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

verifySoftwareToken

default VerifySoftwareTokenResponse verifySoftwareToken(Consumer<VerifySoftwareTokenRequest.Builder> verifySoftwareTokenRequest)
                                                 throws InvalidParameterException,
                                                        ResourceNotFoundException,
                                                        InvalidUserPoolConfigurationException,
                                                        NotAuthorizedException,
                                                        TooManyRequestsException,
                                                        PasswordResetRequiredException,
                                                        UserNotFoundException,
                                                        UserNotConfirmedException,
                                                        InternalErrorException,
                                                        EnableSoftwareTokenMfaException,
                                                        SoftwareTokenMfaNotFoundException,
                                                        CodeMismatchException,
                                                        ForbiddenException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful. The request takes an access token or a session string, but not both.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the VerifySoftwareTokenRequest.Builder avoiding the need to create one manually via VerifySoftwareTokenRequest.builder()

Parameters:

verifySoftwareTokenRequest - A Consumer that will call methods on VerifySoftwareTokenRequest.Builder to create a request.

Returns:

Result of the VerifySoftwareToken operation returned by the service.

Throws:

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidUserPoolConfigurationException - This exception is thrown when the user pool configuration is not valid.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

EnableSoftwareTokenMfaException - This exception is thrown when there is a code mismatch and the service fails to configure the software token TOTP multi-factor authentication (MFA).

NotAuthorizedException - This exception is thrown when a user isn't authorized.

SoftwareTokenMfaNotFoundException - This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

verifyUserAttribute

default VerifyUserAttributeResponse verifyUserAttribute(VerifyUserAttributeRequest verifyUserAttributeRequest)
                                                 throws ResourceNotFoundException,
                                                        InvalidParameterException,
                                                        CodeMismatchException,
                                                        ExpiredCodeException,
                                                        NotAuthorizedException,
                                                        TooManyRequestsException,
                                                        LimitExceededException,
                                                        PasswordResetRequiredException,
                                                        UserNotFoundException,
                                                        UserNotConfirmedException,
                                                        InternalErrorException,
                                                        AliasExistsException,
                                                        ForbiddenException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Verifies the specified user attributes in the user pool.

If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see UserAttributeUpdateSettingsType.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

Parameters:

verifyUserAttributeRequest - Represents the request to verify user attributes.

Returns:

Result of the VerifyUserAttribute operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

verifyUserAttribute

default VerifyUserAttributeResponse verifyUserAttribute(Consumer<VerifyUserAttributeRequest.Builder> verifyUserAttributeRequest)
                                                 throws ResourceNotFoundException,
                                                        InvalidParameterException,
                                                        CodeMismatchException,
                                                        ExpiredCodeException,
                                                        NotAuthorizedException,
                                                        TooManyRequestsException,
                                                        LimitExceededException,
                                                        PasswordResetRequiredException,
                                                        UserNotFoundException,
                                                        UserNotConfirmedException,
                                                        InternalErrorException,
                                                        AliasExistsException,
                                                        ForbiddenException,
                                                        AwsServiceException,
                                                        SdkClientException,
                                                        CognitoIdentityProviderException

Verifies the specified user attributes in the user pool.

If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see UserAttributeUpdateSettingsType.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This is a convenience which creates an instance of the VerifyUserAttributeRequest.Builder avoiding the need to create one manually via VerifyUserAttributeRequest.builder()

Parameters:

verifyUserAttributeRequest - A Consumer that will call methods on VerifyUserAttributeRequest.Builder to create a request. Represents the request to verify user attributes.

Returns:

Result of the VerifyUserAttribute operation returned by the service.

Throws:

ResourceNotFoundException - This exception is thrown when the Amazon Cognito service can't find the requested resource.

InvalidParameterException - This exception is thrown when the Amazon Cognito service encounters an invalid parameter.

CodeMismatchException - This exception is thrown if the provided code doesn't match what the server was expecting.

ExpiredCodeException - This exception is thrown if a code has expired.

NotAuthorizedException - This exception is thrown when a user isn't authorized.

TooManyRequestsException - This exception is thrown when the user has made too many requests for a given operation.

LimitExceededException - This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.

PasswordResetRequiredException - This exception is thrown when a password reset is required.

UserNotFoundException - This exception is thrown when a user isn't found.

UserNotConfirmedException - This exception is thrown when a user isn't confirmed successfully.

InternalErrorException - This exception is thrown when Amazon Cognito encounters an internal error.

AliasExistsException - This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.

ForbiddenException - This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

SdkException - Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.

SdkClientException - If any client side error occurs such as an IO related failure, failure to get credentials, etc.

CognitoIdentityProviderException - Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.

AwsServiceException

See Also:

AWS API Documentation

create

static CognitoIdentityProviderClient create()

Create a CognitoIdentityProviderClient with the region loaded from the DefaultAwsRegionProviderChain and credentials loaded from the DefaultCredentialsProvider.

builder

static CognitoIdentityProviderClientBuilder builder()

Create a builder that can be used to configure and create a CognitoIdentityProviderClient.

serviceMetadata

static ServiceMetadata serviceMetadata()

serviceClientConfiguration

default CognitoIdentityProviderServiceClientConfiguration serviceClientConfiguration()

Specified by:

serviceClientConfiguration in interface AwsClient

Specified by:

serviceClientConfiguration in interface SdkClient