AWSCognitoIdentityProvider

Objective-C

@interface AWSCognitoIdentityProvider

Swift

class AWSCognitoIdentityProvider

With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To authenticate users from third-party identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the authentication and authorization of federated users at Adding user pool sign-in through a third party and in the User pool federation endpoints and hosted UI reference.

This API reference provides detailed information about API operations and object types in Amazon Cognito.

Along with resource management operations, the Amazon Cognito user pools API includes classes of operations and authorization models for client-side and server-side authentication of users. You can interact with operations in the Amazon Cognito user pools API as any of the following subjects.

  1. An administrator who wants to configure user pools, app clients, users, groups, or other user pool functions.

  2. A server-side app, like a web application, that wants to use its Amazon Web Services privileges to manage, authenticate, or authorize a user.

  3. A client-side app, like a mobile app, that wants to make unauthenticated requests to manage, authenticate, or authorize a user.

For more information, see Using the Amazon Cognito user pools API and user pool endpoints in the Amazon Cognito Developer Guide.

With your Amazon Web Services SDK, you can build the logic to support operational flows in every use case for this API. You can also make direct REST API requests to Amazon Cognito user pools service endpoints. The following links can get you started with the CognitoIdentityProvider client in other supported Amazon Web Services SDKs.

To get started with an Amazon Web Services SDK, see Tools to Build on Amazon Web Services. For example actions and scenarios, see Code examples for Amazon Cognito Identity Provider using Amazon Web Services SDKs.

  • The service configuration used to instantiate this service client.

    Warning

    Once the client is instantiated, do not modify the configuration object. It may cause unspecified behaviors.

    Declaration

    Objective-C

    @property (nonatomic, strong, readonly) AWSServiceConfiguration *configuration
  • Returns the singleton service client. If the singleton object does not exist, the SDK instantiates the default service client with defaultServiceConfiguration from [AWSServiceManager defaultServiceManager]. The reference to this object is maintained by the SDK, and you do not need to retain it manually.

    For example, set the default service configuration in - application:didFinishLaunchingWithOptions:

    Swift

    func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool {
       let credentialProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: "YourIdentityPoolId")
       let configuration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: credentialProvider)
       AWSServiceManager.default().defaultServiceConfiguration = configuration
    
       return true
    

    }

    Objective-C

    - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
         AWSCognitoCredentialsProvider *credentialsProvider = [[AWSCognitoCredentialsProvider alloc] initWithRegionType:AWSRegionUSEast1
                                                                                                         identityPoolId:@"YourIdentityPoolId"];
         AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc] initWithRegion:AWSRegionUSEast1
                                                                              credentialsProvider:credentialsProvider];
         [AWSServiceManager defaultServiceManager].defaultServiceConfiguration = configuration;
    
         return YES;
     }
    

    Then call the following to get the default service client:

    Swift

    let CognitoIdentityProvider = AWSCognitoIdentityProvider.default()
    

    Objective-C

    AWSCognitoIdentityProvider *CognitoIdentityProvider = [AWSCognitoIdentityProvider defaultCognitoIdentityProvider];
    

    Declaration

    Objective-C

    + (nonnull instancetype)defaultCognitoIdentityProvider;

    Swift

    class func `default`() -> Self

    Return Value

    The default service client.

  • Creates a service client with the given service configuration and registers it for the key.

    For example, set the default service configuration in - application:didFinishLaunchingWithOptions:

    Swift

    func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool {
       let credentialProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: "YourIdentityPoolId")
       let configuration = AWSServiceConfiguration(region: .USWest2, credentialsProvider: credentialProvider)
       AWSCognitoIdentityProvider.register(with: configuration!, forKey: "USWest2CognitoIdentityProvider")
    
       return true
    

    }

    Objective-C

    - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
        AWSCognitoCredentialsProvider *credentialsProvider = [[AWSCognitoCredentialsProvider alloc] initWithRegionType:AWSRegionUSEast1
                                                                                                        identityPoolId:@"YourIdentityPoolId"];
        AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc] initWithRegion:AWSRegionUSWest2
                                                                             credentialsProvider:credentialsProvider];
    
        [AWSCognitoIdentityProvider registerCognitoIdentityProviderWithConfiguration:configuration forKey:@"USWest2CognitoIdentityProvider"];
    
        return YES;
    }
    

    Then call the following to get the service client:

    Swift

    let CognitoIdentityProvider = AWSCognitoIdentityProvider(forKey: "USWest2CognitoIdentityProvider")
    

    Objective-C

    AWSCognitoIdentityProvider *CognitoIdentityProvider = [AWSCognitoIdentityProvider CognitoIdentityProviderForKey:@"USWest2CognitoIdentityProvider"];
    

    Warning

    After calling this method, do not modify the configuration object. It may cause unspecified behaviors.

    Declaration

    Objective-C

    + (void)registerCognitoIdentityProviderWithConfiguration:(id)configuration
                                                      forKey:
                                                          (nonnull NSString *)key;

    Swift

    class func register(withConfiguration configuration: Any!, forKey key: String)

    Parameters

    configuration

    A service configuration object.

    key

    A string to identify the service client.

  • Retrieves the service client associated with the key. You need to call + registerCognitoIdentityProviderWithConfiguration:forKey: before invoking this method.

    For example, set the default service configuration in - application:didFinishLaunchingWithOptions:

    Swift

    func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool {
       let credentialProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: "YourIdentityPoolId")
       let configuration = AWSServiceConfiguration(region: .USWest2, credentialsProvider: credentialProvider)
       AWSCognitoIdentityProvider.register(with: configuration!, forKey: "USWest2CognitoIdentityProvider")
    
       return true
    

    }

    Objective-C

    - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
        AWSCognitoCredentialsProvider *credentialsProvider = [[AWSCognitoCredentialsProvider alloc] initWithRegionType:AWSRegionUSEast1
                                                                                                        identityPoolId:@"YourIdentityPoolId"];
        AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc] initWithRegion:AWSRegionUSWest2
                                                                             credentialsProvider:credentialsProvider];
    
        [AWSCognitoIdentityProvider registerCognitoIdentityProviderWithConfiguration:configuration forKey:@"USWest2CognitoIdentityProvider"];
    
        return YES;
    }
    

    Then call the following to get the service client:

    Swift

    let CognitoIdentityProvider = AWSCognitoIdentityProvider(forKey: "USWest2CognitoIdentityProvider")
    

    Objective-C

    AWSCognitoIdentityProvider *CognitoIdentityProvider = [AWSCognitoIdentityProvider CognitoIdentityProviderForKey:@"USWest2CognitoIdentityProvider"];
    

    Declaration

    Objective-C

    + (nonnull instancetype)CognitoIdentityProviderForKey:(nonnull NSString *)key;

    Swift

    convenience init(forKey key: String)

    Parameters

    key

    A string to identify the service client.

    Return Value

    An instance of the service client.

  • Removes the service client associated with the key and release it.

    Warning

    Before calling this method, make sure no method is running on this client.

    Declaration

    Objective-C

    + (void)removeCognitoIdentityProviderForKey:(nonnull NSString *)key;

    Swift

    class func remove(forKey key: String)

    Parameters

    key

    A string to identify the service client.

  • Adds additional user attributes to the user pool schema.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAddCustomAttributesRequest

    See

    AWSCognitoIdentityProviderAddCustomAttributesResponse

    Declaration

    Objective-C

    - (id)addCustomAttributes:
        (nonnull AWSCognitoIdentityProviderAddCustomAttributesRequest *)request;

    Swift

    func addCustomAttributes(_ request: AWSCognitoIdentityProviderAddCustomAttributesRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AddCustomAttributes service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAddCustomAttributesResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserImportInProgress, AWSCognitoIdentityProviderErrorInternalError.

  • Adds additional user attributes to the user pool schema.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAddCustomAttributesRequest

    See

    AWSCognitoIdentityProviderAddCustomAttributesResponse

    Declaration

    Objective-C

    - (void)
        addCustomAttributes:
            (nonnull AWSCognitoIdentityProviderAddCustomAttributesRequest *)request
          completionHandler:
              (void (^_Nullable)(
                  AWSCognitoIdentityProviderAddCustomAttributesResponse *_Nullable,
                  NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AddCustomAttributes service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserImportInProgress, AWSCognitoIdentityProviderErrorInternalError.

  • Adds a user to a group. A user who is in a group can present a preferred-role claim to an identity pool, and populates a cognito:groups claim to their access and identity tokens.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminAddUserToGroupRequest

    Declaration

    Objective-C

    - (id)adminAddUserToGroup:
        (nonnull AWSCognitoIdentityProviderAdminAddUserToGroupRequest *)request;

    Swift

    func adminAddUser(toGroup request: AWSCognitoIdentityProviderAdminAddUserToGroupRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminAddUserToGroup service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Adds a user to a group. A user who is in a group can present a preferred-role claim to an identity pool, and populates a cognito:groups claim to their access and identity tokens.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminAddUserToGroupRequest

    Declaration

    Objective-C

    - (void)adminAddUserToGroup:
                (nonnull AWSCognitoIdentityProviderAdminAddUserToGroupRequest *)
                    request
              completionHandler:
                  (void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func adminAddUser(toGroup request: AWSCognitoIdentityProviderAdminAddUserToGroupRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the AdminAddUserToGroup service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • This IAM-authenticated API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.

    Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users confirm their accounts when they respond to their invitation email message and choose a password.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminConfirmSignUpRequest

    See

    AWSCognitoIdentityProviderAdminConfirmSignUpResponse

    Declaration

    Objective-C

    - (id)adminConfirmSignUp:
        (nonnull AWSCognitoIdentityProviderAdminConfirmSignUpRequest *)request;

    Swift

    func adminConfirmSignUp(_ request: AWSCognitoIdentityProviderAdminConfirmSignUpRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminConfirmSignUp service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminConfirmSignUpResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyFailedAttempts, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • This IAM-authenticated API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.

    Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users confirm their accounts when they respond to their invitation email message and choose a password.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminConfirmSignUpRequest

    See

    AWSCognitoIdentityProviderAdminConfirmSignUpResponse

    Declaration

    Objective-C

    - (void)
        adminConfirmSignUp:
            (nonnull AWSCognitoIdentityProviderAdminConfirmSignUpRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderAdminConfirmSignUpResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminConfirmSignUp service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyFailedAttempts, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Creates a new user in the specified user pool.

    If MessageAction isn’t set, the default is to send a welcome message via email or phone (SMS).

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.

    Alternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction parameter, and Amazon Cognito won’t send any email.

    In either case, the user will be in the FORCE_CHANGE_PASSWORD state until they sign in and change their password.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminCreateUserRequest

    See

    AWSCognitoIdentityProviderAdminCreateUserResponse

    Declaration

    Objective-C

    - (id)adminCreateUser:
        (nonnull AWSCognitoIdentityProviderAdminCreateUserRequest *)request;

    Swift

    func adminCreateUser(_ request: AWSCognitoIdentityProviderAdminCreateUserRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminCreateUser service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminCreateUserResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUsernameExists, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorPreconditionNotMet, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUnsupportedUserState, AWSCognitoIdentityProviderErrorInternalError.

  • Creates a new user in the specified user pool.

    If MessageAction isn’t set, the default is to send a welcome message via email or phone (SMS).

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.

    Alternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction parameter, and Amazon Cognito won’t send any email.

    In either case, the user will be in the FORCE_CHANGE_PASSWORD state until they sign in and change their password.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminCreateUserRequest

    See

    AWSCognitoIdentityProviderAdminCreateUserResponse

    Declaration

    Objective-C

    - (void)adminCreateUser:
                (nonnull AWSCognitoIdentityProviderAdminCreateUserRequest *)request
          completionHandler:
              (void (^_Nullable)(
                  AWSCognitoIdentityProviderAdminCreateUserResponse *_Nullable,
                  NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminCreateUser service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUsernameExists, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorPreconditionNotMet, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUnsupportedUserState, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes a user as an administrator. Works on any user.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminDeleteUserRequest

    Declaration

    Objective-C

    - (id)adminDeleteUser:
        (nonnull AWSCognitoIdentityProviderAdminDeleteUserRequest *)request;

    Swift

    func adminDeleteUser(_ request: AWSCognitoIdentityProviderAdminDeleteUserRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminDeleteUser service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes a user as an administrator. Works on any user.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminDeleteUserRequest

    Declaration

    Objective-C

    - (void)adminDeleteUser:
                (nonnull AWSCognitoIdentityProviderAdminDeleteUserRequest *)request
          completionHandler:
              (void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func adminDeleteUser(_ request: AWSCognitoIdentityProviderAdminDeleteUserRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the AdminDeleteUser service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes the user attributes in a user pool as an administrator. Works on any user.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminDeleteUserAttributesRequest

    See

    AWSCognitoIdentityProviderAdminDeleteUserAttributesResponse

    Declaration

    Objective-C

    - (id)adminDeleteUserAttributes:
        (nonnull AWSCognitoIdentityProviderAdminDeleteUserAttributesRequest *)
            request;

    Swift

    func adminDeleteUserAttributes(_ request: AWSCognitoIdentityProviderAdminDeleteUserAttributesRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminDeleteUserAttributes service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminDeleteUserAttributesResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes the user attributes in a user pool as an administrator. Works on any user.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminDeleteUserAttributesRequest

    See

    AWSCognitoIdentityProviderAdminDeleteUserAttributesResponse

    Declaration

    Objective-C

    - (void)
        adminDeleteUserAttributes:
            (nonnull AWSCognitoIdentityProviderAdminDeleteUserAttributesRequest *)
                request
                completionHandler:
                    (void (^_Nullable)(
                        AWSCognitoIdentityProviderAdminDeleteUserAttributesResponse
                            *_Nullable,
                        NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminDeleteUserAttributes service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can’t use their password to sign in. If the user to deactivate is a linked external IdP user, any link between that user and an existing user is removed. When the external user signs in again, and the user is no longer attached to the previously linked DestinationUser, the user must create a new user account. See AdminLinkProviderForUser.

    The ProviderName must match the value specified when creating an IdP for the pool.

    To deactivate a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject. The ProviderAttributeValue must be the name that is used in the user pool for the user.

    The ProviderAttributeName must always be Cognito_Subject for social IdPs. The ProviderAttributeValue must always be the exact subject that was used when the user was originally linked as a source user.

    For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the ProviderAttributeName and ProviderAttributeValue must be the same values that were used for the SourceUser when the identities were originally linked using AdminLinkProviderForUser call. (If the linking was done with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminDisableProviderForUserRequest

    See

    AWSCognitoIdentityProviderAdminDisableProviderForUserResponse

    Declaration

    Objective-C

    - (id)adminDisableProviderForUser:
        (nonnull AWSCognitoIdentityProviderAdminDisableProviderForUserRequest *)
            request;

    Swift

    func adminDisableProvider(forUser request: AWSCognitoIdentityProviderAdminDisableProviderForUserRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminDisableProviderForUser service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminDisableProviderForUserResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorInternalError.

  • Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can’t use their password to sign in. If the user to deactivate is a linked external IdP user, any link between that user and an existing user is removed. When the external user signs in again, and the user is no longer attached to the previously linked DestinationUser, the user must create a new user account. See AdminLinkProviderForUser.

    The ProviderName must match the value specified when creating an IdP for the pool.

    To deactivate a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject. The ProviderAttributeValue must be the name that is used in the user pool for the user.

    The ProviderAttributeName must always be Cognito_Subject for social IdPs. The ProviderAttributeValue must always be the exact subject that was used when the user was originally linked as a source user.

    For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the ProviderAttributeName and ProviderAttributeValue must be the same values that were used for the SourceUser when the identities were originally linked using AdminLinkProviderForUser call. (If the linking was done with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminDisableProviderForUserRequest

    See

    AWSCognitoIdentityProviderAdminDisableProviderForUserResponse

    Declaration

    Objective-C

    - (void)
        adminDisableProviderForUser:
            (nonnull AWSCognitoIdentityProviderAdminDisableProviderForUserRequest *)
                request
                  completionHandler:
                      (void (^_Nullable)(
                          AWSCognitoIdentityProviderAdminDisableProviderForUserResponse
                              *_Nullable,
                          NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminDisableProviderForUser service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorInternalError.

  • Deactivates a user and revokes all access tokens for the user. A deactivated user can’t sign in, but still appears in the responses to GetUser and ListUsers API requests.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminDisableUserRequest

    See

    AWSCognitoIdentityProviderAdminDisableUserResponse

    Declaration

    Objective-C

    - (id)adminDisableUser:
        (nonnull AWSCognitoIdentityProviderAdminDisableUserRequest *)request;

    Swift

    func adminDisableUser(_ request: AWSCognitoIdentityProviderAdminDisableUserRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminDisableUser service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminDisableUserResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Deactivates a user and revokes all access tokens for the user. A deactivated user can’t sign in, but still appears in the responses to GetUser and ListUsers API requests.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminDisableUserRequest

    See

    AWSCognitoIdentityProviderAdminDisableUserResponse

    Declaration

    Objective-C

    - (void)adminDisableUser:
                (nonnull AWSCognitoIdentityProviderAdminDisableUserRequest *)request
           completionHandler:
               (void (^_Nullable)(
                   AWSCognitoIdentityProviderAdminDisableUserResponse *_Nullable,
                   NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminDisableUser service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Enables the specified user as an administrator. Works on any user.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminEnableUserRequest

    See

    AWSCognitoIdentityProviderAdminEnableUserResponse

    Declaration

    Objective-C

    - (id)adminEnableUser:
        (nonnull AWSCognitoIdentityProviderAdminEnableUserRequest *)request;

    Swift

    func adminEnableUser(_ request: AWSCognitoIdentityProviderAdminEnableUserRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminEnableUser service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminEnableUserResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Enables the specified user as an administrator. Works on any user.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminEnableUserRequest

    See

    AWSCognitoIdentityProviderAdminEnableUserResponse

    Declaration

    Objective-C

    - (void)adminEnableUser:
                (nonnull AWSCognitoIdentityProviderAdminEnableUserRequest *)request
          completionHandler:
              (void (^_Nullable)(
                  AWSCognitoIdentityProviderAdminEnableUserResponse *_Nullable,
                  NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminEnableUser service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Forgets the device, as an administrator.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminForgetDeviceRequest

    Declaration

    Objective-C

    - (id)adminForgetDevice:
        (nonnull AWSCognitoIdentityProviderAdminForgetDeviceRequest *)request;

    Swift

    func adminForgetDevice(_ request: AWSCognitoIdentityProviderAdminForgetDeviceRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminForgetDevice service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Forgets the device, as an administrator.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminForgetDeviceRequest

    Declaration

    Objective-C

    - (void)
        adminForgetDevice:
            (nonnull AWSCognitoIdentityProviderAdminForgetDeviceRequest *)request
        completionHandler:(void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func adminForgetDevice(_ request: AWSCognitoIdentityProviderAdminForgetDeviceRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the AdminForgetDevice service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Gets the device, as an administrator.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminGetDeviceRequest

    See

    AWSCognitoIdentityProviderAdminGetDeviceResponse

    Declaration

    Objective-C

    - (id)adminGetDevice:
        (nonnull AWSCognitoIdentityProviderAdminGetDeviceRequest *)request;

    Swift

    func adminGetDevice(_ request: AWSCognitoIdentityProviderAdminGetDeviceRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminGetDevice service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminGetDeviceResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorNotAuthorized.

  • Gets the device, as an administrator.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminGetDeviceRequest

    See

    AWSCognitoIdentityProviderAdminGetDeviceResponse

    Declaration

    Objective-C

    - (void)adminGetDevice:
                (nonnull AWSCognitoIdentityProviderAdminGetDeviceRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderAdminGetDeviceResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminGetDevice service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorNotAuthorized.

  • Gets the specified user by user name in a user pool as an administrator. Works on any user.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminGetUserRequest

    See

    AWSCognitoIdentityProviderAdminGetUserResponse

    Declaration

    Objective-C

    - (id)adminGetUser:
        (nonnull AWSCognitoIdentityProviderAdminGetUserRequest *)request;

    Swift

    func adminGetUser(_ request: AWSCognitoIdentityProviderAdminGetUserRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminGetUser service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminGetUserResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Gets the specified user by user name in a user pool as an administrator. Works on any user.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminGetUserRequest

    See

    AWSCognitoIdentityProviderAdminGetUserResponse

    Declaration

    Objective-C

    - (void)adminGetUser:
                (nonnull AWSCognitoIdentityProviderAdminGetUserRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderAdminGetUserResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminGetUser service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Initiates the authentication flow, as an administrator.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminInitiateAuthRequest

    See

    AWSCognitoIdentityProviderAdminInitiateAuthResponse

    Declaration

    Objective-C

    - (id)adminInitiateAuth:
        (nonnull AWSCognitoIdentityProviderAdminInitiateAuthRequest *)request;

    Swift

    func adminInitiateAuth(_ request: AWSCognitoIdentityProviderAdminInitiateAuthRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminInitiateAuth service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminInitiateAuthResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorMFAMethodNotFound, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed.

  • Initiates the authentication flow, as an administrator.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminInitiateAuthRequest

    See

    AWSCognitoIdentityProviderAdminInitiateAuthResponse

    Declaration

    Objective-C

    - (void)adminInitiateAuth:
                (nonnull AWSCognitoIdentityProviderAdminInitiateAuthRequest *)
                    request
            completionHandler:
                (void (^_Nullable)(
                    AWSCognitoIdentityProviderAdminInitiateAuthResponse *_Nullable,
                    NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminInitiateAuth service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorMFAMethodNotFound, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed.

  • Links an existing user account in a user pool (DestinationUser) to an identity from an external IdP (SourceUser) based on a specified attribute name and value from the external IdP. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in. You can then use the federated user identity to sign in as the existing user account.

    For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account.

    The maximum number of federated identities linked to a user is five.

    Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminLinkProviderForUserRequest

    See

    AWSCognitoIdentityProviderAdminLinkProviderForUserResponse

    Declaration

    Objective-C

    - (id)adminLinkProviderForUser:
        (nonnull AWSCognitoIdentityProviderAdminLinkProviderForUserRequest *)
            request;

    Swift

    func adminLinkProvider(forUser request: AWSCognitoIdentityProviderAdminLinkProviderForUserRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminLinkProviderForUser service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminLinkProviderForUserResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInternalError.

  • Links an existing user account in a user pool (DestinationUser) to an identity from an external IdP (SourceUser) based on a specified attribute name and value from the external IdP. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in. You can then use the federated user identity to sign in as the existing user account.

    For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user identity, they sign in as the existing user account.

    The maximum number of federated identities linked to a user is five.

    Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external IdPs and provider attributes that have been trusted by the application owner.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminLinkProviderForUserRequest

    See

    AWSCognitoIdentityProviderAdminLinkProviderForUserResponse

    Declaration

    Objective-C

    - (void)
        adminLinkProviderForUser:
            (nonnull AWSCognitoIdentityProviderAdminLinkProviderForUserRequest *)
                request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderAdminLinkProviderForUserResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminLinkProviderForUser service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInternalError.

  • Lists devices, as an administrator.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminListDevicesRequest

    See

    AWSCognitoIdentityProviderAdminListDevicesResponse

    Declaration

    Objective-C

    - (id)adminListDevices:
        (nonnull AWSCognitoIdentityProviderAdminListDevicesRequest *)request;

    Swift

    func adminListDevices(_ request: AWSCognitoIdentityProviderAdminListDevicesRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminListDevices service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminListDevicesResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorNotAuthorized.

  • Lists devices, as an administrator.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminListDevicesRequest

    See

    AWSCognitoIdentityProviderAdminListDevicesResponse

    Declaration

    Objective-C

    - (void)adminListDevices:
                (nonnull AWSCognitoIdentityProviderAdminListDevicesRequest *)request
           completionHandler:
               (void (^_Nullable)(
                   AWSCognitoIdentityProviderAdminListDevicesResponse *_Nullable,
                   NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminListDevices service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorNotAuthorized.

  • Lists the groups that a user belongs to.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminListGroupsForUserRequest

    See

    AWSCognitoIdentityProviderAdminListGroupsForUserResponse

    Declaration

    Objective-C

    - (id)adminListGroupsForUser:
        (nonnull AWSCognitoIdentityProviderAdminListGroupsForUserRequest *)request;

    Swift

    func adminListGroups(forUser request: AWSCognitoIdentityProviderAdminListGroupsForUserRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminListGroupsForUser service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminListGroupsForUserResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the groups that a user belongs to.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminListGroupsForUserRequest

    See

    AWSCognitoIdentityProviderAdminListGroupsForUserResponse

    Declaration

    Objective-C

    - (void)adminListGroupsForUser:
                (nonnull AWSCognitoIdentityProviderAdminListGroupsForUserRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderAdminListGroupsForUserResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminListGroupsForUser service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • A history of user activity and any risks detected as part of Amazon Cognito advanced security.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminListUserAuthEventsRequest

    See

    AWSCognitoIdentityProviderAdminListUserAuthEventsResponse

    Declaration

    Objective-C

    - (id)adminListUserAuthEvents:
        (nonnull AWSCognitoIdentityProviderAdminListUserAuthEventsRequest *)request;

    Swift

    func adminListUserAuthEvents(_ request: AWSCognitoIdentityProviderAdminListUserAuthEventsRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminListUserAuthEvents service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminListUserAuthEventsResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserPoolAddOnNotEnabled, AWSCognitoIdentityProviderErrorInternalError.

  • A history of user activity and any risks detected as part of Amazon Cognito advanced security.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminListUserAuthEventsRequest

    See

    AWSCognitoIdentityProviderAdminListUserAuthEventsResponse

    Declaration

    Objective-C

    - (void)adminListUserAuthEvents:
                (nonnull AWSCognitoIdentityProviderAdminListUserAuthEventsRequest *)
                    request
                  completionHandler:
                      (void (^_Nullable)(
                          AWSCognitoIdentityProviderAdminListUserAuthEventsResponse
                              *_Nullable,
                          NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminListUserAuthEvents service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserPoolAddOnNotEnabled, AWSCognitoIdentityProviderErrorInternalError.

  • Removes the specified user from the specified group.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminRemoveUserFromGroupRequest

    Declaration

    Objective-C

    - (id)adminRemoveUserFromGroup:
        (nonnull AWSCognitoIdentityProviderAdminRemoveUserFromGroupRequest *)
            request;

    Swift

    func adminRemoveUser(fromGroup request: AWSCognitoIdentityProviderAdminRemoveUserFromGroupRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminRemoveUserFromGroup service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Removes the specified user from the specified group.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminRemoveUserFromGroupRequest

    Declaration

    Objective-C

    - (void)
        adminRemoveUserFromGroup:
            (nonnull AWSCognitoIdentityProviderAdminRemoveUserFromGroupRequest *)
                request
               completionHandler:
                   (void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func adminRemoveUser(fromGroup request: AWSCognitoIdentityProviderAdminRemoveUserFromGroupRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the AdminRemoveUserFromGroup service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Resets the specified user’s password in a user pool as an administrator. Works on any user.

    To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Deactivates a user’s password, requiring them to change it. If a user tries to sign in after the API is called, Amazon Cognito responds with a PasswordResetRequiredException error. Your app must then perform the actions that reset your user’s password: the forgot-password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminResetUserPasswordRequest

    See

    AWSCognitoIdentityProviderAdminResetUserPasswordResponse

    Declaration

    Objective-C

    - (id)adminResetUserPassword:
        (nonnull AWSCognitoIdentityProviderAdminResetUserPasswordRequest *)request;

    Swift

    func adminResetUserPassword(_ request: AWSCognitoIdentityProviderAdminResetUserPasswordRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminResetUserPassword service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminResetUserPasswordResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInternalError.

  • Resets the specified user’s password in a user pool as an administrator. Works on any user.

    To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Deactivates a user’s password, requiring them to change it. If a user tries to sign in after the API is called, Amazon Cognito responds with a PasswordResetRequiredException error. Your app must then perform the actions that reset your user’s password: the forgot-password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminResetUserPasswordRequest

    See

    AWSCognitoIdentityProviderAdminResetUserPasswordResponse

    Declaration

    Objective-C

    - (void)adminResetUserPassword:
                (nonnull AWSCognitoIdentityProviderAdminResetUserPasswordRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderAdminResetUserPasswordResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminResetUserPassword service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInternalError.

  • Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. An AdminRespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

    For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminRespondToAuthChallengeRequest

    See

    AWSCognitoIdentityProviderAdminRespondToAuthChallengeResponse

    Declaration

    Objective-C

    - (id)adminRespondToAuthChallenge:
        (nonnull AWSCognitoIdentityProviderAdminRespondToAuthChallengeRequest *)
            request;

    Swift

    func adminRespond(toAuthChallenge request: AWSCognitoIdentityProviderAdminRespondToAuthChallengeRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminRespondToAuthChallenge service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminRespondToAuthChallengeResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorMFAMethodNotFound, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorSoftwareTokenMFANotFound.

  • Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. An AdminRespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

    For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminRespondToAuthChallengeRequest

    See

    AWSCognitoIdentityProviderAdminRespondToAuthChallengeResponse

    Declaration

    Objective-C

    - (void)
        adminRespondToAuthChallenge:
            (nonnull AWSCognitoIdentityProviderAdminRespondToAuthChallengeRequest *)
                request
                  completionHandler:
                      (void (^_Nullable)(
                          AWSCognitoIdentityProviderAdminRespondToAuthChallengeResponse
                              *_Nullable,
                          NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminRespondToAuthChallenge service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorMFAMethodNotFound, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorSoftwareTokenMFANotFound.

  • The user’s multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminSetUserMFAPreferenceRequest

    See

    AWSCognitoIdentityProviderAdminSetUserMFAPreferenceResponse

    Declaration

    Objective-C

    - (id)adminSetUserMFAPreference:
        (nonnull AWSCognitoIdentityProviderAdminSetUserMFAPreferenceRequest *)
            request;

    Swift

    func adminSetUserMFAPreference(_ request: AWSCognitoIdentityProviderAdminSetUserMFAPreferenceRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminSetUserMFAPreference service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminSetUserMFAPreferenceResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError.

  • The user’s multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminSetUserMFAPreferenceRequest

    See

    AWSCognitoIdentityProviderAdminSetUserMFAPreferenceResponse

    Declaration

    Objective-C

    - (void)
        adminSetUserMFAPreference:
            (nonnull AWSCognitoIdentityProviderAdminSetUserMFAPreferenceRequest *)
                request
                completionHandler:
                    (void (^_Nullable)(
                        AWSCognitoIdentityProviderAdminSetUserMFAPreferenceResponse
                            *_Nullable,
                        NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminSetUserMFAPreference service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError.

  • Sets the specified user’s password in a user pool as an administrator. Works on any user.

    The password can be temporary or permanent. If it is temporary, the user status enters the FORCE_CHANGE_PASSWORD state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth response will contain the NEW_PASSWORD_REQUIRED challenge. If the user doesn’t sign in before it expires, the user won’t be able to sign in, and an administrator must reset their password.

    Once the user has set a new password, or the password is permanent, the user status is set to Confirmed.

    AdminSetUserPassword can set a password for the user profile that Amazon Cognito creates for third-party federated users. When you set a password, the federated user’s status changes from EXTERNAL_PROVIDER to CONFIRMED. A user in this state can sign in as a federated user, and initiate authentication flows in the API like a linked native user. They can also modify their password and attributes in token-authenticated API requests like ChangePassword and UpdateUserAttributes. As a best security practice and to keep users in sync with your external IdP, don’t set passwords on federated user profiles. To set up a federated user for native sign-in with a linked native user, refer to Linking federated users to an existing user profile.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminSetUserPasswordRequest

    See

    AWSCognitoIdentityProviderAdminSetUserPasswordResponse

    Declaration

    Objective-C

    - (id)adminSetUserPassword:
        (nonnull AWSCognitoIdentityProviderAdminSetUserPasswordRequest *)request;

    Swift

    func adminSetUserPassword(_ request: AWSCognitoIdentityProviderAdminSetUserPasswordRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminSetUserPassword service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminSetUserPasswordResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidPassword.

  • Sets the specified user’s password in a user pool as an administrator. Works on any user.

    The password can be temporary or permanent. If it is temporary, the user status enters the FORCE_CHANGE_PASSWORD state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth response will contain the NEW_PASSWORD_REQUIRED challenge. If the user doesn’t sign in before it expires, the user won’t be able to sign in, and an administrator must reset their password.

    Once the user has set a new password, or the password is permanent, the user status is set to Confirmed.

    AdminSetUserPassword can set a password for the user profile that Amazon Cognito creates for third-party federated users. When you set a password, the federated user’s status changes from EXTERNAL_PROVIDER to CONFIRMED. A user in this state can sign in as a federated user, and initiate authentication flows in the API like a linked native user. They can also modify their password and attributes in token-authenticated API requests like ChangePassword and UpdateUserAttributes. As a best security practice and to keep users in sync with your external IdP, don’t set passwords on federated user profiles. To set up a federated user for native sign-in with a linked native user, refer to Linking federated users to an existing user profile.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminSetUserPasswordRequest

    See

    AWSCognitoIdentityProviderAdminSetUserPasswordResponse

    Declaration

    Objective-C

    - (void)adminSetUserPassword:
                (nonnull AWSCognitoIdentityProviderAdminSetUserPasswordRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderAdminSetUserPasswordResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminSetUserPassword service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidPassword.

  • This action is no longer supported. You can use it to configure only SMS MFA. You can’t use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminSetUserSettingsRequest

    See

    AWSCognitoIdentityProviderAdminSetUserSettingsResponse

    Declaration

    Objective-C

    - (id)adminSetUserSettings:
        (nonnull AWSCognitoIdentityProviderAdminSetUserSettingsRequest *)request;

    Swift

    func adminSetUserSettings(_ request: AWSCognitoIdentityProviderAdminSetUserSettingsRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminSetUserSettings service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminSetUserSettingsResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • This action is no longer supported. You can use it to configure only SMS MFA. You can’t use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminSetUserSettingsRequest

    See

    AWSCognitoIdentityProviderAdminSetUserSettingsResponse

    Declaration

    Objective-C

    - (void)adminSetUserSettings:
                (nonnull AWSCognitoIdentityProviderAdminSetUserSettingsRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderAdminSetUserSettingsResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminSetUserSettings service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminUpdateAuthEventFeedbackRequest

    See

    AWSCognitoIdentityProviderAdminUpdateAuthEventFeedbackResponse

    Declaration

    Objective-C

    - (id)adminUpdateAuthEventFeedback:
        (nonnull AWSCognitoIdentityProviderAdminUpdateAuthEventFeedbackRequest *)
            request;

    Swift

    func adminUpdateAuthEventFeedback(_ request: AWSCognitoIdentityProviderAdminUpdateAuthEventFeedbackRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminUpdateAuthEventFeedback service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminUpdateAuthEventFeedbackResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserPoolAddOnNotEnabled, AWSCognitoIdentityProviderErrorInternalError.

  • Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminUpdateAuthEventFeedbackRequest

    See

    AWSCognitoIdentityProviderAdminUpdateAuthEventFeedbackResponse

    Declaration

    Objective-C

    - (void)
        adminUpdateAuthEventFeedback:
            (nonnull AWSCognitoIdentityProviderAdminUpdateAuthEventFeedbackRequest
                 *)request
                   completionHandler:
                       (void (^_Nullable)(
                           AWSCognitoIdentityProviderAdminUpdateAuthEventFeedbackResponse
                               *_Nullable,
                           NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminUpdateAuthEventFeedback service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserPoolAddOnNotEnabled, AWSCognitoIdentityProviderErrorInternalError.

  • Updates the device status as an administrator.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminUpdateDeviceStatusRequest

    See

    AWSCognitoIdentityProviderAdminUpdateDeviceStatusResponse

    Declaration

    Objective-C

    - (id)adminUpdateDeviceStatus:
        (nonnull AWSCognitoIdentityProviderAdminUpdateDeviceStatusRequest *)request;

    Swift

    func adminUpdateDeviceStatus(_ request: AWSCognitoIdentityProviderAdminUpdateDeviceStatusRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminUpdateDeviceStatus service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminUpdateDeviceStatusResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Updates the device status as an administrator.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminUpdateDeviceStatusRequest

    See

    AWSCognitoIdentityProviderAdminUpdateDeviceStatusResponse

    Declaration

    Objective-C

    - (void)adminUpdateDeviceStatus:
                (nonnull AWSCognitoIdentityProviderAdminUpdateDeviceStatusRequest *)
                    request
                  completionHandler:
                      (void (^_Nullable)(
                          AWSCognitoIdentityProviderAdminUpdateDeviceStatusResponse
                              *_Nullable,
                          NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminUpdateDeviceStatus service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Updates the specified user’s attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.

    For custom attributes, you must prepend the custom: prefix to the attribute name.

    In addition to updating user attributes, this API can also be used to mark phone and email as verified.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminUpdateUserAttributesRequest

    See

    AWSCognitoIdentityProviderAdminUpdateUserAttributesResponse

    Declaration

    Objective-C

    - (id)adminUpdateUserAttributes:
        (nonnull AWSCognitoIdentityProviderAdminUpdateUserAttributesRequest *)
            request;

    Swift

    func adminUpdateUserAttributes(_ request: AWSCognitoIdentityProviderAdminUpdateUserAttributesRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminUpdateUserAttributes service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminUpdateUserAttributesResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship.

  • This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Updates the specified user’s attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.

    For custom attributes, you must prepend the custom: prefix to the attribute name.

    In addition to updating user attributes, this API can also be used to mark phone and email as verified.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminUpdateUserAttributesRequest

    See

    AWSCognitoIdentityProviderAdminUpdateUserAttributesResponse

    Declaration

    Objective-C

    - (void)
        adminUpdateUserAttributes:
            (nonnull AWSCognitoIdentityProviderAdminUpdateUserAttributesRequest *)
                request
                completionHandler:
                    (void (^_Nullable)(
                        AWSCognitoIdentityProviderAdminUpdateUserAttributesResponse
                            *_Nullable,
                        NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminUpdateUserAttributes service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship.

  • Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.

    • Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user’s access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.

      Amazon Cognito returns an Access Token has been revoked error when your app attempts to authorize a user pools API request with a revoked access token that contains the scope aws.cognito.signin.user.admin.

    • Amazon Cognito no longer accepts a signed-out user’s ID token in a GetId request to an identity pool with ServerSideTokenCheck enabled for its user pool IdP configuration in CognitoIdentityProvider.

    • Amazon Cognito no longer accepts a signed-out user’s refresh tokens in refresh requests.

    Other requests might be valid until your user’s token expires.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminUserGlobalSignOutRequest

    See

    AWSCognitoIdentityProviderAdminUserGlobalSignOutResponse

    Declaration

    Objective-C

    - (id)adminUserGlobalSignOut:
        (nonnull AWSCognitoIdentityProviderAdminUserGlobalSignOutRequest *)request;

    Swift

    func adminUserGlobalSignOut(_ request: AWSCognitoIdentityProviderAdminUserGlobalSignOutRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AdminUserGlobalSignOut service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAdminUserGlobalSignOutResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation with your administrative credentials when your user signs out of your app. This results in the following behavior.

    • Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user’s access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.

      Amazon Cognito returns an Access Token has been revoked error when your app attempts to authorize a user pools API request with a revoked access token that contains the scope aws.cognito.signin.user.admin.

    • Amazon Cognito no longer accepts a signed-out user’s ID token in a GetId request to an identity pool with ServerSideTokenCheck enabled for its user pool IdP configuration in CognitoIdentityProvider.

    • Amazon Cognito no longer accepts a signed-out user’s refresh tokens in refresh requests.

    Other requests might be valid until your user’s token expires.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderAdminUserGlobalSignOutRequest

    See

    AWSCognitoIdentityProviderAdminUserGlobalSignOutResponse

    Declaration

    Objective-C

    - (void)adminUserGlobalSignOut:
                (nonnull AWSCognitoIdentityProviderAdminUserGlobalSignOutRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderAdminUserGlobalSignOutResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AdminUserGlobalSignOut service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an AssociateSoftwareToken request with either the user’s access token, or a session string from a challenge response that you received from Amazon Cognito.

    Amazon Cognito disassociates an existing software token when you verify the new token in a VerifySoftwareToken API request. If you don’t verify the software token and your user pool doesn’t require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an MFA_SETUP or SOFTWARE_TOKEN_SETUP challenge each time your user signs. Complete setup with AssociateSoftwareToken and VerifySoftwareToken.

    After you set up software token MFA for your user, Amazon Cognito generates a SOFTWARE_TOKEN_MFA challenge when they authenticate. Respond to this challenge with your user’s TOTP.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderAssociateSoftwareTokenRequest

    See

    AWSCognitoIdentityProviderAssociateSoftwareTokenResponse

    Declaration

    Objective-C

    - (id)associateSoftwareToken:
        (nonnull AWSCognitoIdentityProviderAssociateSoftwareTokenRequest *)request;

    Swift

    func associateSoftwareToken(_ request: AWSCognitoIdentityProviderAssociateSoftwareTokenRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the AssociateSoftwareToken service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderAssociateSoftwareTokenResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorSoftwareTokenMFANotFound, AWSCognitoIdentityProviderErrorForbidden.

  • Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an AssociateSoftwareToken request with either the user’s access token, or a session string from a challenge response that you received from Amazon Cognito.

    Amazon Cognito disassociates an existing software token when you verify the new token in a VerifySoftwareToken API request. If you don’t verify the software token and your user pool doesn’t require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an MFA_SETUP or SOFTWARE_TOKEN_SETUP challenge each time your user signs. Complete setup with AssociateSoftwareToken and VerifySoftwareToken.

    After you set up software token MFA for your user, Amazon Cognito generates a SOFTWARE_TOKEN_MFA challenge when they authenticate. Respond to this challenge with your user’s TOTP.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderAssociateSoftwareTokenRequest

    See

    AWSCognitoIdentityProviderAssociateSoftwareTokenResponse

    Declaration

    Objective-C

    - (void)associateSoftwareToken:
                (nonnull AWSCognitoIdentityProviderAssociateSoftwareTokenRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderAssociateSoftwareTokenResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the AssociateSoftwareToken service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorSoftwareTokenMFANotFound, AWSCognitoIdentityProviderErrorForbidden.

  • Changes the password for a specified user in a user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderChangePasswordRequest

    See

    AWSCognitoIdentityProviderChangePasswordResponse

    Declaration

    Objective-C

    - (id)changePassword:
        (nonnull AWSCognitoIdentityProviderChangePasswordRequest *)request;

    Swift

    func changePassword(_ request: AWSCognitoIdentityProviderChangePasswordRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ChangePassword service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderChangePasswordResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Changes the password for a specified user in a user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderChangePasswordRequest

    See

    AWSCognitoIdentityProviderChangePasswordResponse

    Declaration

    Objective-C

    - (void)changePassword:
                (nonnull AWSCognitoIdentityProviderChangePasswordRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderChangePasswordResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ChangePassword service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see Working with user devices in your user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderConfirmDeviceRequest

    See

    AWSCognitoIdentityProviderConfirmDeviceResponse

    Declaration

    Objective-C

    - (id)confirmDevice:
        (nonnull AWSCognitoIdentityProviderConfirmDeviceRequest *)request;

    Swift

    func confirmDevice(_ request: AWSCognitoIdentityProviderConfirmDeviceRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ConfirmDevice service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderConfirmDeviceResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorUsernameExists, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see Working with user devices in your user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderConfirmDeviceRequest

    See

    AWSCognitoIdentityProviderConfirmDeviceResponse

    Declaration

    Objective-C

    - (void)confirmDevice:
                (nonnull AWSCognitoIdentityProviderConfirmDeviceRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderConfirmDeviceResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ConfirmDevice service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorUsernameExists, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Allows a user to enter a confirmation code to reset a forgotten password.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderConfirmForgotPasswordRequest

    See

    AWSCognitoIdentityProviderConfirmForgotPasswordResponse

    Declaration

    Objective-C

    - (id)confirmForgotPassword:
        (nonnull AWSCognitoIdentityProviderConfirmForgotPasswordRequest *)request;

    Swift

    func confirmForgotPassword(_ request: AWSCognitoIdentityProviderConfirmForgotPasswordRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ConfirmForgotPassword service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderConfirmForgotPasswordResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorTooManyFailedAttempts, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Allows a user to enter a confirmation code to reset a forgotten password.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderConfirmForgotPasswordRequest

    See

    AWSCognitoIdentityProviderConfirmForgotPasswordResponse

    Declaration

    Objective-C

    - (void)confirmForgotPassword:
                (nonnull AWSCognitoIdentityProviderConfirmForgotPasswordRequest *)
                    request
                completionHandler:
                    (void (^_Nullable)(
                        AWSCognitoIdentityProviderConfirmForgotPasswordResponse
                            *_Nullable,
                        NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ConfirmForgotPassword service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorTooManyFailedAttempts, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.

    Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderConfirmSignUpRequest

    See

    AWSCognitoIdentityProviderConfirmSignUpResponse

    Declaration

    Objective-C

    - (id)confirmSignUp:
        (nonnull AWSCognitoIdentityProviderConfirmSignUpRequest *)request;

    Swift

    func confirmSignUp(_ request: AWSCognitoIdentityProviderConfirmSignUpRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ConfirmSignUp service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderConfirmSignUpResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyFailedAttempts, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.

    Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderConfirmSignUpRequest

    See

    AWSCognitoIdentityProviderConfirmSignUpResponse

    Declaration

    Objective-C

    - (void)confirmSignUp:
                (nonnull AWSCognitoIdentityProviderConfirmSignUpRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderConfirmSignUpResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ConfirmSignUp service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyFailedAttempts, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Creates a new group in the specified user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateGroupRequest

    See

    AWSCognitoIdentityProviderCreateGroupResponse

    Declaration

    Objective-C

    - (id)createGroup:
        (nonnull AWSCognitoIdentityProviderCreateGroupRequest *)request;

    Swift

    func createGroup(_ request: AWSCognitoIdentityProviderCreateGroupRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the CreateGroup service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderCreateGroupResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorGroupExists, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Creates a new group in the specified user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateGroupRequest

    See

    AWSCognitoIdentityProviderCreateGroupResponse

    Declaration

    Objective-C

    - (void)createGroup:
                (nonnull AWSCognitoIdentityProviderCreateGroupRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderCreateGroupResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the CreateGroup service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorGroupExists, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateIdentityProviderRequest

    See

    AWSCognitoIdentityProviderCreateIdentityProviderResponse

    Declaration

    Objective-C

    - (id)createIdentityProvider:
        (nonnull AWSCognitoIdentityProviderCreateIdentityProviderRequest *)request;

    Swift

    func createIdentityProvider(_ request: AWSCognitoIdentityProviderCreateIdentityProviderRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the CreateIdentityProvider service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderCreateIdentityProviderResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorDuplicateProvider, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInternalError.

  • Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateIdentityProviderRequest

    See

    AWSCognitoIdentityProviderCreateIdentityProviderResponse

    Declaration

    Objective-C

    - (void)createIdentityProvider:
                (nonnull AWSCognitoIdentityProviderCreateIdentityProviderRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderCreateIdentityProviderResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the CreateIdentityProvider service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorDuplicateProvider, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInternalError.

  • Creates a new OAuth2.0 resource server and defines custom scopes within it.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateResourceServerRequest

    See

    AWSCognitoIdentityProviderCreateResourceServerResponse

    Declaration

    Objective-C

    - (id)createResourceServer:
        (nonnull AWSCognitoIdentityProviderCreateResourceServerRequest *)request;

    Swift

    func createResourceServer(_ request: AWSCognitoIdentityProviderCreateResourceServerRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the CreateResourceServer service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderCreateResourceServerResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInternalError.

  • Creates a new OAuth2.0 resource server and defines custom scopes within it.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateResourceServerRequest

    See

    AWSCognitoIdentityProviderCreateResourceServerResponse

    Declaration

    Objective-C

    - (void)createResourceServer:
                (nonnull AWSCognitoIdentityProviderCreateResourceServerRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderCreateResourceServerResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the CreateResourceServer service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInternalError.

  • Creates a user import job.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateUserImportJobRequest

    See

    AWSCognitoIdentityProviderCreateUserImportJobResponse

    Declaration

    Objective-C

    - (id)createUserImportJob:
        (nonnull AWSCognitoIdentityProviderCreateUserImportJobRequest *)request;

    Swift

    func createUserImportJob(_ request: AWSCognitoIdentityProviderCreateUserImportJobRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the CreateUserImportJob service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderCreateUserImportJobResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPreconditionNotMet, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInternalError.

  • Creates a user import job.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateUserImportJobRequest

    See

    AWSCognitoIdentityProviderCreateUserImportJobResponse

    Declaration

    Objective-C

    - (void)
        createUserImportJob:
            (nonnull AWSCognitoIdentityProviderCreateUserImportJobRequest *)request
          completionHandler:
              (void (^_Nullable)(
                  AWSCognitoIdentityProviderCreateUserImportJobResponse *_Nullable,
                  NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the CreateUserImportJob service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPreconditionNotMet, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInternalError.

  • This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Creates a new Amazon Cognito user pool and sets the password policy for the pool.

    If you don’t provide a value for an attribute, Amazon Cognito sets it to its default value.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateUserPoolRequest

    See

    AWSCognitoIdentityProviderCreateUserPoolResponse

    Declaration

    Objective-C

    - (id)createUserPool:
        (nonnull AWSCognitoIdentityProviderCreateUserPoolRequest *)request;

    Swift

    func createUserPool(_ request: AWSCognitoIdentityProviderCreateUserPoolRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the CreateUserPool service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderCreateUserPoolResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserPoolTagging, AWSCognitoIdentityProviderErrorInternalError.

  • This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Creates a new Amazon Cognito user pool and sets the password policy for the pool.

    If you don’t provide a value for an attribute, Amazon Cognito sets it to its default value.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateUserPoolRequest

    See

    AWSCognitoIdentityProviderCreateUserPoolResponse

    Declaration

    Objective-C

    - (void)createUserPool:
                (nonnull AWSCognitoIdentityProviderCreateUserPoolRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderCreateUserPoolResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the CreateUserPool service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserPoolTagging, AWSCognitoIdentityProviderErrorInternalError.

  • Creates the user pool client.

    When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, see RevokeToken.

    If you don’t provide a value for an attribute, Amazon Cognito sets it to its default value.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateUserPoolClientRequest

    See

    AWSCognitoIdentityProviderCreateUserPoolClientResponse

    Declaration

    Objective-C

    - (id)createUserPoolClient:
        (nonnull AWSCognitoIdentityProviderCreateUserPoolClientRequest *)request;

    Swift

    func createUserPoolClient(_ request: AWSCognitoIdentityProviderCreateUserPoolClientRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the CreateUserPoolClient service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderCreateUserPoolClientResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorScopeDoesNotExist, AWSCognitoIdentityProviderErrorInvalidOAuthFlow, AWSCognitoIdentityProviderErrorInternalError.

  • Creates the user pool client.

    When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, see RevokeToken.

    If you don’t provide a value for an attribute, Amazon Cognito sets it to its default value.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateUserPoolClientRequest

    See

    AWSCognitoIdentityProviderCreateUserPoolClientResponse

    Declaration

    Objective-C

    - (void)createUserPoolClient:
                (nonnull AWSCognitoIdentityProviderCreateUserPoolClientRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderCreateUserPoolClientResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the CreateUserPoolClient service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorScopeDoesNotExist, AWSCognitoIdentityProviderErrorInvalidOAuthFlow, AWSCognitoIdentityProviderErrorInternalError.

  • Creates a new domain for a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateUserPoolDomainRequest

    See

    AWSCognitoIdentityProviderCreateUserPoolDomainResponse

    Declaration

    Objective-C

    - (id)createUserPoolDomain:
        (nonnull AWSCognitoIdentityProviderCreateUserPoolDomainRequest *)request;

    Swift

    func createUserPoolDomain(_ request: AWSCognitoIdentityProviderCreateUserPoolDomainRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the CreateUserPoolDomain service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderCreateUserPoolDomainResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInternalError.

  • Creates a new domain for a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderCreateUserPoolDomainRequest

    See

    AWSCognitoIdentityProviderCreateUserPoolDomainResponse

    Declaration

    Objective-C

    - (void)createUserPoolDomain:
                (nonnull AWSCognitoIdentityProviderCreateUserPoolDomainRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderCreateUserPoolDomainResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the CreateUserPoolDomain service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes a group.

    Calling this action requires developer credentials.

    See

    AWSCognitoIdentityProviderDeleteGroupRequest

    Declaration

    Objective-C

    - (id)deleteGroup:
        (nonnull AWSCognitoIdentityProviderDeleteGroupRequest *)request;

    Swift

    func deleteGroup(_ request: AWSCognitoIdentityProviderDeleteGroupRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DeleteGroup service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes a group.

    Calling this action requires developer credentials.

    See

    AWSCognitoIdentityProviderDeleteGroupRequest

    Declaration

    Objective-C

    - (void)deleteGroup:
                (nonnull AWSCognitoIdentityProviderDeleteGroupRequest *)request
        completionHandler:(void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func deleteGroup(_ request: AWSCognitoIdentityProviderDeleteGroupRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the DeleteGroup service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes an IdP for a user pool.

    See

    AWSCognitoIdentityProviderDeleteIdentityProviderRequest

    Declaration

    Objective-C

    - (id)deleteIdentityProvider:
        (nonnull AWSCognitoIdentityProviderDeleteIdentityProviderRequest *)request;

    Swift

    func delete(_ request: AWSCognitoIdentityProviderDeleteIdentityProviderRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DeleteIdentityProvider service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnsupportedIdentityProvider, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes an IdP for a user pool.

    See

    AWSCognitoIdentityProviderDeleteIdentityProviderRequest

    Declaration

    Objective-C

    - (void)deleteIdentityProvider:
                (nonnull AWSCognitoIdentityProviderDeleteIdentityProviderRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func delete(_ request: AWSCognitoIdentityProviderDeleteIdentityProviderRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the DeleteIdentityProvider service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnsupportedIdentityProvider, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes a resource server.

    See

    AWSCognitoIdentityProviderDeleteResourceServerRequest

    Declaration

    Objective-C

    - (id)deleteResourceServer:
        (nonnull AWSCognitoIdentityProviderDeleteResourceServerRequest *)request;

    Swift

    func deleteResourceServer(_ request: AWSCognitoIdentityProviderDeleteResourceServerRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DeleteResourceServer service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes a resource server.

    See

    AWSCognitoIdentityProviderDeleteResourceServerRequest

    Declaration

    Objective-C

    - (void)deleteResourceServer:
                (nonnull AWSCognitoIdentityProviderDeleteResourceServerRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func deleteResourceServer(_ request: AWSCognitoIdentityProviderDeleteResourceServerRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the DeleteResourceServer service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Allows a user to delete their own user profile.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderDeleteUserRequest

    Declaration

    Objective-C

    - (id)deleteUser:(nonnull AWSCognitoIdentityProviderDeleteUserRequest *)request;

    Swift

    func deleteUser(_ request: AWSCognitoIdentityProviderDeleteUserRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DeleteUser service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Allows a user to delete their own user profile.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderDeleteUserRequest

    Declaration

    Objective-C

    - (void)deleteUser:
                (nonnull AWSCognitoIdentityProviderDeleteUserRequest *)request
        completionHandler:(void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func deleteUser(_ request: AWSCognitoIdentityProviderDeleteUserRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the DeleteUser service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Deletes the attributes for a user.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderDeleteUserAttributesRequest

    See

    AWSCognitoIdentityProviderDeleteUserAttributesResponse

    Declaration

    Objective-C

    - (id)deleteUserAttributes:
        (nonnull AWSCognitoIdentityProviderDeleteUserAttributesRequest *)request;

    Swift

    func deleteUserAttributes(_ request: AWSCognitoIdentityProviderDeleteUserAttributesRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DeleteUserAttributes service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderDeleteUserAttributesResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Deletes the attributes for a user.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderDeleteUserAttributesRequest

    See

    AWSCognitoIdentityProviderDeleteUserAttributesResponse

    Declaration

    Objective-C

    - (void)deleteUserAttributes:
                (nonnull AWSCognitoIdentityProviderDeleteUserAttributesRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderDeleteUserAttributesResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the DeleteUserAttributes service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Deletes the specified Amazon Cognito user pool.

    See

    AWSCognitoIdentityProviderDeleteUserPoolRequest

    Declaration

    Objective-C

    - (id)deleteUserPool:
        (nonnull AWSCognitoIdentityProviderDeleteUserPoolRequest *)request;

    Swift

    func deleteUserPool(_ request: AWSCognitoIdentityProviderDeleteUserPoolRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DeleteUserPool service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserImportInProgress, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes the specified Amazon Cognito user pool.

    See

    AWSCognitoIdentityProviderDeleteUserPoolRequest

    Declaration

    Objective-C

    - (void)deleteUserPool:
                (nonnull AWSCognitoIdentityProviderDeleteUserPoolRequest *)request
         completionHandler:(void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func deleteUserPool(_ request: AWSCognitoIdentityProviderDeleteUserPoolRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the DeleteUserPool service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserImportInProgress, AWSCognitoIdentityProviderErrorInternalError.

  • Allows the developer to delete the user pool client.

    See

    AWSCognitoIdentityProviderDeleteUserPoolClientRequest

    Declaration

    Objective-C

    - (id)deleteUserPoolClient:
        (nonnull AWSCognitoIdentityProviderDeleteUserPoolClientRequest *)request;

    Swift

    func deleteUserPoolClient(_ request: AWSCognitoIdentityProviderDeleteUserPoolClientRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DeleteUserPoolClient service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorInternalError.

  • Allows the developer to delete the user pool client.

    See

    AWSCognitoIdentityProviderDeleteUserPoolClientRequest

    Declaration

    Objective-C

    - (void)deleteUserPoolClient:
                (nonnull AWSCognitoIdentityProviderDeleteUserPoolClientRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func deleteUserPoolClient(_ request: AWSCognitoIdentityProviderDeleteUserPoolClientRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the DeleteUserPoolClient service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes a domain for a user pool.

    See

    AWSCognitoIdentityProviderDeleteUserPoolDomainRequest

    See

    AWSCognitoIdentityProviderDeleteUserPoolDomainResponse

    Declaration

    Objective-C

    - (id)deleteUserPoolDomain:
        (nonnull AWSCognitoIdentityProviderDeleteUserPoolDomainRequest *)request;

    Swift

    func deleteUserPoolDomain(_ request: AWSCognitoIdentityProviderDeleteUserPoolDomainRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DeleteUserPoolDomain service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderDeleteUserPoolDomainResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Deletes a domain for a user pool.

    See

    AWSCognitoIdentityProviderDeleteUserPoolDomainRequest

    See

    AWSCognitoIdentityProviderDeleteUserPoolDomainResponse

    Declaration

    Objective-C

    - (void)deleteUserPoolDomain:
                (nonnull AWSCognitoIdentityProviderDeleteUserPoolDomainRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderDeleteUserPoolDomainResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the DeleteUserPoolDomain service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Gets information about a specific IdP.

    See

    AWSCognitoIdentityProviderDescribeIdentityProviderRequest

    See

    AWSCognitoIdentityProviderDescribeIdentityProviderResponse

    Declaration

    Objective-C

    - (id)describeIdentityProvider:
        (nonnull AWSCognitoIdentityProviderDescribeIdentityProviderRequest *)
            request;

    Swift

    func describe(_ request: AWSCognitoIdentityProviderDescribeIdentityProviderRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DescribeIdentityProvider service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderDescribeIdentityProviderResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Gets information about a specific IdP.

    See

    AWSCognitoIdentityProviderDescribeIdentityProviderRequest

    See

    AWSCognitoIdentityProviderDescribeIdentityProviderResponse

    Declaration

    Objective-C

    - (void)
        describeIdentityProvider:
            (nonnull AWSCognitoIdentityProviderDescribeIdentityProviderRequest *)
                request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderDescribeIdentityProviderResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the DescribeIdentityProvider service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Describes a resource server.

    See

    AWSCognitoIdentityProviderDescribeResourceServerRequest

    See

    AWSCognitoIdentityProviderDescribeResourceServerResponse

    Declaration

    Objective-C

    - (id)describeResourceServer:
        (nonnull AWSCognitoIdentityProviderDescribeResourceServerRequest *)request;

    Swift

    func describeResourceServer(_ request: AWSCognitoIdentityProviderDescribeResourceServerRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DescribeResourceServer service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderDescribeResourceServerResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Describes a resource server.

    See

    AWSCognitoIdentityProviderDescribeResourceServerRequest

    See

    AWSCognitoIdentityProviderDescribeResourceServerResponse

    Declaration

    Objective-C

    - (void)describeResourceServer:
                (nonnull AWSCognitoIdentityProviderDescribeResourceServerRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderDescribeResourceServerResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the DescribeResourceServer service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Describes the risk configuration.

    See

    AWSCognitoIdentityProviderDescribeRiskConfigurationRequest

    See

    AWSCognitoIdentityProviderDescribeRiskConfigurationResponse

    Declaration

    Objective-C

    - (id)describeRiskConfiguration:
        (nonnull AWSCognitoIdentityProviderDescribeRiskConfigurationRequest *)
            request;

    Swift

    func describeRiskConfiguration(_ request: AWSCognitoIdentityProviderDescribeRiskConfigurationRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DescribeRiskConfiguration service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderDescribeRiskConfigurationResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserPoolAddOnNotEnabled, AWSCognitoIdentityProviderErrorInternalError.

  • Describes the risk configuration.

    See

    AWSCognitoIdentityProviderDescribeRiskConfigurationRequest

    See

    AWSCognitoIdentityProviderDescribeRiskConfigurationResponse

    Declaration

    Objective-C

    - (void)
        describeRiskConfiguration:
            (nonnull AWSCognitoIdentityProviderDescribeRiskConfigurationRequest *)
                request
                completionHandler:
                    (void (^_Nullable)(
                        AWSCognitoIdentityProviderDescribeRiskConfigurationResponse
                            *_Nullable,
                        NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the DescribeRiskConfiguration service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserPoolAddOnNotEnabled, AWSCognitoIdentityProviderErrorInternalError.

  • Describes the user import job.

    See

    AWSCognitoIdentityProviderDescribeUserImportJobRequest

    See

    AWSCognitoIdentityProviderDescribeUserImportJobResponse

    Declaration

    Objective-C

    - (id)describeUserImportJob:
        (nonnull AWSCognitoIdentityProviderDescribeUserImportJobRequest *)request;

    Swift

    func describeUserImportJob(_ request: AWSCognitoIdentityProviderDescribeUserImportJobRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DescribeUserImportJob service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderDescribeUserImportJobResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Describes the user import job.

    See

    AWSCognitoIdentityProviderDescribeUserImportJobRequest

    See

    AWSCognitoIdentityProviderDescribeUserImportJobResponse

    Declaration

    Objective-C

    - (void)describeUserImportJob:
                (nonnull AWSCognitoIdentityProviderDescribeUserImportJobRequest *)
                    request
                completionHandler:
                    (void (^_Nullable)(
                        AWSCognitoIdentityProviderDescribeUserImportJobResponse
                            *_Nullable,
                        NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the DescribeUserImportJob service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Returns the configuration information and metadata of the specified user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderDescribeUserPoolRequest

    See

    AWSCognitoIdentityProviderDescribeUserPoolResponse

    Declaration

    Objective-C

    - (id)describeUserPool:
        (nonnull AWSCognitoIdentityProviderDescribeUserPoolRequest *)request;

    Swift

    func describeUserPool(_ request: AWSCognitoIdentityProviderDescribeUserPoolRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DescribeUserPool service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderDescribeUserPoolResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserPoolTagging, AWSCognitoIdentityProviderErrorInternalError.

  • Returns the configuration information and metadata of the specified user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderDescribeUserPoolRequest

    See

    AWSCognitoIdentityProviderDescribeUserPoolResponse

    Declaration

    Objective-C

    - (void)describeUserPool:
                (nonnull AWSCognitoIdentityProviderDescribeUserPoolRequest *)request
           completionHandler:
               (void (^_Nullable)(
                   AWSCognitoIdentityProviderDescribeUserPoolResponse *_Nullable,
                   NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the DescribeUserPool service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserPoolTagging, AWSCognitoIdentityProviderErrorInternalError.

  • Client method for returning the configuration information and metadata of the specified user pool app client.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderDescribeUserPoolClientRequest

    See

    AWSCognitoIdentityProviderDescribeUserPoolClientResponse

    Declaration

    Objective-C

    - (id)describeUserPoolClient:
        (nonnull AWSCognitoIdentityProviderDescribeUserPoolClientRequest *)request;

    Swift

    func describeUserPoolClient(_ request: AWSCognitoIdentityProviderDescribeUserPoolClientRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DescribeUserPoolClient service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderDescribeUserPoolClientResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Client method for returning the configuration information and metadata of the specified user pool app client.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderDescribeUserPoolClientRequest

    See

    AWSCognitoIdentityProviderDescribeUserPoolClientResponse

    Declaration

    Objective-C

    - (void)describeUserPoolClient:
                (nonnull AWSCognitoIdentityProviderDescribeUserPoolClientRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderDescribeUserPoolClientResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the DescribeUserPoolClient service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Gets information about a domain.

    See

    AWSCognitoIdentityProviderDescribeUserPoolDomainRequest

    See

    AWSCognitoIdentityProviderDescribeUserPoolDomainResponse

    Declaration

    Objective-C

    - (id)describeUserPoolDomain:
        (nonnull AWSCognitoIdentityProviderDescribeUserPoolDomainRequest *)request;

    Swift

    func describeUserPoolDomain(_ request: AWSCognitoIdentityProviderDescribeUserPoolDomainRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the DescribeUserPoolDomain service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderDescribeUserPoolDomainResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Gets information about a domain.

    See

    AWSCognitoIdentityProviderDescribeUserPoolDomainRequest

    See

    AWSCognitoIdentityProviderDescribeUserPoolDomainResponse

    Declaration

    Objective-C

    - (void)describeUserPoolDomain:
                (nonnull AWSCognitoIdentityProviderDescribeUserPoolDomainRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderDescribeUserPoolDomainResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the DescribeUserPoolDomain service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInternalError.

  • Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderForgetDeviceRequest

    Declaration

    Objective-C

    - (id)forgetDevice:
        (nonnull AWSCognitoIdentityProviderForgetDeviceRequest *)request;

    Swift

    func forgetDevice(_ request: AWSCognitoIdentityProviderForgetDeviceRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ForgetDevice service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will be nil. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderForgetDeviceRequest

    Declaration

    Objective-C

    - (void)forgetDevice:
                (nonnull AWSCognitoIdentityProviderForgetDeviceRequest *)request
        completionHandler:(void (^_Nullable)(NSError *_Nullable))completionHandler;

    Swift

    func forgetDevice(_ request: AWSCognitoIdentityProviderForgetDeviceRequest) async throws

    Parameters

    request

    A container for the necessary parameters to execute the ForgetDevice service method.

    completionHandler

    The completion handler to call when the load request is complete. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user’s password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the password, call ConfirmForgotPassword.

    If neither a verified phone number nor a verified email exists, this API returns InvalidParameterException. If your app client has a client secret and you don’t provide a SECRET_HASH parameter, this API returns NotAuthorizedException.

    To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderForgotPasswordRequest

    See

    AWSCognitoIdentityProviderForgotPasswordResponse

    Declaration

    Objective-C

    - (id)forgotPassword:
        (nonnull AWSCognitoIdentityProviderForgotPasswordRequest *)request;

    Swift

    func forgotPassword(_ request: AWSCognitoIdentityProviderForgotPasswordRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ForgotPassword service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderForgotPasswordResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user’s password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the password, call ConfirmForgotPassword.

    If neither a verified phone number nor a verified email exists, this API returns InvalidParameterException. If your app client has a client secret and you don’t provide a SECRET_HASH parameter, this API returns NotAuthorizedException.

    To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderForgotPasswordRequest

    See

    AWSCognitoIdentityProviderForgotPasswordResponse

    Declaration

    Objective-C

    - (void)forgotPassword:
                (nonnull AWSCognitoIdentityProviderForgotPasswordRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderForgotPasswordResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ForgotPassword service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.

    See

    AWSCognitoIdentityProviderGetCSVHeaderRequest

    See

    AWSCognitoIdentityProviderGetCSVHeaderResponse

    Declaration

    Objective-C

    - (id)getCSVHeader:
        (nonnull AWSCognitoIdentityProviderGetCSVHeaderRequest *)request;

    Swift

    func getCSVHeader(_ request: AWSCognitoIdentityProviderGetCSVHeaderRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GetCSVHeader service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGetCSVHeaderResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.

    See

    AWSCognitoIdentityProviderGetCSVHeaderRequest

    See

    AWSCognitoIdentityProviderGetCSVHeaderResponse

    Declaration

    Objective-C

    - (void)getCSVHeader:
                (nonnull AWSCognitoIdentityProviderGetCSVHeaderRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderGetCSVHeaderResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GetCSVHeader service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Gets the device. For more information about device authentication, see Working with user devices in your user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderGetDeviceRequest

    See

    AWSCognitoIdentityProviderGetDeviceResponse

    Declaration

    Objective-C

    - (id)getDevice:(nonnull AWSCognitoIdentityProviderGetDeviceRequest *)request;

    Swift

    func getDevice(_ request: AWSCognitoIdentityProviderGetDeviceRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GetDevice service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGetDeviceResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Gets the device. For more information about device authentication, see Working with user devices in your user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderGetDeviceRequest

    See

    AWSCognitoIdentityProviderGetDeviceResponse

    Declaration

    Objective-C

    - (void)getDevice:(nonnull AWSCognitoIdentityProviderGetDeviceRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderGetDeviceResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GetDevice service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Gets a group.

    Calling this action requires developer credentials.

    See

    AWSCognitoIdentityProviderGetGroupRequest

    See

    AWSCognitoIdentityProviderGetGroupResponse

    Declaration

    Objective-C

    - (id)getGroup:(nonnull AWSCognitoIdentityProviderGetGroupRequest *)request;

    Swift

    func getGroup(_ request: AWSCognitoIdentityProviderGetGroupRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GetGroup service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGetGroupResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Gets a group.

    Calling this action requires developer credentials.

    See

    AWSCognitoIdentityProviderGetGroupRequest

    See

    AWSCognitoIdentityProviderGetGroupResponse

    Declaration

    Objective-C

    - (void)getGroup:(nonnull AWSCognitoIdentityProviderGetGroupRequest *)request
        completionHandler:(void (^_Nullable)(
                              AWSCognitoIdentityProviderGetGroupResponse *_Nullable,
                              NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GetGroup service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Gets the specified IdP.

    See

    AWSCognitoIdentityProviderGetIdentityProviderByIdentifierRequest

    See

    AWSCognitoIdentityProviderGetIdentityProviderByIdentifierResponse

    Declaration

    Objective-C

    - (id)getIdentityProviderByIdentifier:
        (nonnull AWSCognitoIdentityProviderGetIdentityProviderByIdentifierRequest *)
            request;

    Swift

    func getByIdentifier(_ request: AWSCognitoIdentityProviderGetIdentityProviderByIdentifierRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GetIdentityProviderByIdentifier service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGetIdentityProviderByIdentifierResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Gets the specified IdP.

    See

    AWSCognitoIdentityProviderGetIdentityProviderByIdentifierRequest

    See

    AWSCognitoIdentityProviderGetIdentityProviderByIdentifierResponse

    Declaration

    Objective-C

    - (void)
        getIdentityProviderByIdentifier:
            (nonnull
                 AWSCognitoIdentityProviderGetIdentityProviderByIdentifierRequest *)
                request
                      completionHandler:
                          (void (^_Nullable)(
                              AWSCognitoIdentityProviderGetIdentityProviderByIdentifierResponse
                                  *_Nullable,
                              NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GetIdentityProviderByIdentifier service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Gets the detailed activity logging configuration for a user pool.

    See

    AWSCognitoIdentityProviderGetLogDeliveryConfigurationRequest

    See

    AWSCognitoIdentityProviderGetLogDeliveryConfigurationResponse

    Declaration

    Objective-C

    - (id)getLogDeliveryConfiguration:
        (nonnull AWSCognitoIdentityProviderGetLogDeliveryConfigurationRequest *)
            request;

    Swift

    func getLogDeliveryConfiguration(_ request: AWSCognitoIdentityProviderGetLogDeliveryConfigurationRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GetLogDeliveryConfiguration service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGetLogDeliveryConfigurationResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorResourceNotFound.

  • Gets the detailed activity logging configuration for a user pool.

    See

    AWSCognitoIdentityProviderGetLogDeliveryConfigurationRequest

    See

    AWSCognitoIdentityProviderGetLogDeliveryConfigurationResponse

    Declaration

    Objective-C

    - (void)
        getLogDeliveryConfiguration:
            (nonnull AWSCognitoIdentityProviderGetLogDeliveryConfigurationRequest *)
                request
                  completionHandler:
                      (void (^_Nullable)(
                          AWSCognitoIdentityProviderGetLogDeliveryConfigurationResponse
                              *_Nullable,
                          NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GetLogDeliveryConfiguration service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorResourceNotFound.

  • This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.

    Amazon Cognito issues and assigns a new signing certificate annually. This process returns a new value in the response to GetSigningCertificate, but doesn’t invalidate the original certificate.

    See

    AWSCognitoIdentityProviderGetSigningCertificateRequest

    See

    AWSCognitoIdentityProviderGetSigningCertificateResponse

    Declaration

    Objective-C

    - (id)getSigningCertificate:
        (nonnull AWSCognitoIdentityProviderGetSigningCertificateRequest *)request;

    Swift

    func getSigningCertificate(_ request: AWSCognitoIdentityProviderGetSigningCertificateRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GetSigningCertificate service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGetSigningCertificateResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound.

  • This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.

    Amazon Cognito issues and assigns a new signing certificate annually. This process returns a new value in the response to GetSigningCertificate, but doesn’t invalidate the original certificate.

    See

    AWSCognitoIdentityProviderGetSigningCertificateRequest

    See

    AWSCognitoIdentityProviderGetSigningCertificateResponse

    Declaration

    Objective-C

    - (void)getSigningCertificate:
                (nonnull AWSCognitoIdentityProviderGetSigningCertificateRequest *)
                    request
                completionHandler:
                    (void (^_Nullable)(
                        AWSCognitoIdentityProviderGetSigningCertificateResponse
                            *_Nullable,
                        NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GetSigningCertificate service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound.

  • Gets the user interface (UI) Customization information for a particular app client’s app UI, if any such information exists for the client. If nothing is set for the particular client, but there is an existing pool level customization (the app clientId is ALL), then that information is returned. If nothing is present, then an empty shape is returned.

    See

    AWSCognitoIdentityProviderGetUICustomizationRequest

    See

    AWSCognitoIdentityProviderGetUICustomizationResponse

    Declaration

    Objective-C

    - (id)getUICustomization:
        (nonnull AWSCognitoIdentityProviderGetUICustomizationRequest *)request;

    Swift

    func getUICustomization(_ request: AWSCognitoIdentityProviderGetUICustomizationRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GetUICustomization service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGetUICustomizationResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Gets the user interface (UI) Customization information for a particular app client’s app UI, if any such information exists for the client. If nothing is set for the particular client, but there is an existing pool level customization (the app clientId is ALL), then that information is returned. If nothing is present, then an empty shape is returned.

    See

    AWSCognitoIdentityProviderGetUICustomizationRequest

    See

    AWSCognitoIdentityProviderGetUICustomizationResponse

    Declaration

    Objective-C

    - (void)
        getUICustomization:
            (nonnull AWSCognitoIdentityProviderGetUICustomizationRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderGetUICustomizationResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GetUICustomization service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Gets the user attributes and metadata for a user.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderGetUserRequest

    See

    AWSCognitoIdentityProviderGetUserResponse

    Declaration

    Objective-C

    - (id)getUser:(nonnull AWSCognitoIdentityProviderGetUserRequest *)request;

    Swift

    func getUser(_ request: AWSCognitoIdentityProviderGetUserRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GetUser service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGetUserResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Gets the user attributes and metadata for a user.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderGetUserRequest

    See

    AWSCognitoIdentityProviderGetUserResponse

    Declaration

    Objective-C

    - (void)getUser:(nonnull AWSCognitoIdentityProviderGetUserRequest *)request
        completionHandler:
            (void (^_Nullable)(AWSCognitoIdentityProviderGetUserResponse *_Nullable,
                               NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GetUser service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderGetUserAttributeVerificationCodeRequest

    See

    AWSCognitoIdentityProviderGetUserAttributeVerificationCodeResponse

    Declaration

    Objective-C

    - (id)getUserAttributeVerificationCode:
        (nonnull AWSCognitoIdentityProviderGetUserAttributeVerificationCodeRequest
             *)request;

    Swift

    func getUserAttributeVerificationCode(_ request: AWSCognitoIdentityProviderGetUserAttributeVerificationCodeRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GetUserAttributeVerificationCode service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGetUserAttributeVerificationCodeResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderGetUserAttributeVerificationCodeRequest

    See

    AWSCognitoIdentityProviderGetUserAttributeVerificationCodeResponse

    Declaration

    Objective-C

    - (void)
        getUserAttributeVerificationCode:
            (nonnull
                 AWSCognitoIdentityProviderGetUserAttributeVerificationCodeRequest
                     *)request
                       completionHandler:
                           (void (^_Nullable)(
                               AWSCognitoIdentityProviderGetUserAttributeVerificationCodeResponse
                                   *_Nullable,
                               NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GetUserAttributeVerificationCode service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Gets the user pool multi-factor authentication (MFA) configuration.

    See

    AWSCognitoIdentityProviderGetUserPoolMfaConfigRequest

    See

    AWSCognitoIdentityProviderGetUserPoolMfaConfigResponse

    Declaration

    Objective-C

    - (id)getUserPoolMfaConfig:
        (nonnull AWSCognitoIdentityProviderGetUserPoolMfaConfigRequest *)request;

    Swift

    func getUserPoolMfaConfig(_ request: AWSCognitoIdentityProviderGetUserPoolMfaConfigRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GetUserPoolMfaConfig service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGetUserPoolMfaConfigResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Gets the user pool multi-factor authentication (MFA) configuration.

    See

    AWSCognitoIdentityProviderGetUserPoolMfaConfigRequest

    See

    AWSCognitoIdentityProviderGetUserPoolMfaConfigResponse

    Declaration

    Objective-C

    - (void)getUserPoolMfaConfig:
                (nonnull AWSCognitoIdentityProviderGetUserPoolMfaConfigRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderGetUserPoolMfaConfigResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GetUserPoolMfaConfig service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.

    • Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user’s access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.

      Amazon Cognito returns an Access Token has been revoked error when your app attempts to authorize a user pools API request with a revoked access token that contains the scope aws.cognito.signin.user.admin.

    • Amazon Cognito no longer accepts a signed-out user’s ID token in a GetId request to an identity pool with ServerSideTokenCheck enabled for its user pool IdP configuration in CognitoIdentityProvider.

    • Amazon Cognito no longer accepts a signed-out user’s refresh tokens in refresh requests.

    Other requests might be valid until your user’s token expires.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderGlobalSignOutRequest

    See

    AWSCognitoIdentityProviderGlobalSignOutResponse

    Declaration

    Objective-C

    - (id)globalSignOut:
        (nonnull AWSCognitoIdentityProviderGlobalSignOutRequest *)request;

    Swift

    func globalSignOut(_ request: AWSCognitoIdentityProviderGlobalSignOutRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the GlobalSignOut service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderGlobalSignOutResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.

    • Amazon Cognito no longer accepts token-authorized user operations that you authorize with a signed-out user’s access tokens. For more information, see Using the Amazon Cognito user pools API and user pool endpoints.

      Amazon Cognito returns an Access Token has been revoked error when your app attempts to authorize a user pools API request with a revoked access token that contains the scope aws.cognito.signin.user.admin.

    • Amazon Cognito no longer accepts a signed-out user’s ID token in a GetId request to an identity pool with ServerSideTokenCheck enabled for its user pool IdP configuration in CognitoIdentityProvider.

    • Amazon Cognito no longer accepts a signed-out user’s refresh tokens in refresh requests.

    Other requests might be valid until your user’s token expires.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderGlobalSignOutRequest

    See

    AWSCognitoIdentityProviderGlobalSignOutResponse

    Declaration

    Objective-C

    - (void)globalSignOut:
                (nonnull AWSCognitoIdentityProviderGlobalSignOutRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderGlobalSignOutResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the GlobalSignOut service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Initiates sign-in for a user in the Amazon Cognito user directory. You can’t sign in a user with a federated IdP with InitiateAuth. For more information, see Adding user pool sign-in through a third party.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderInitiateAuthRequest

    See

    AWSCognitoIdentityProviderInitiateAuthResponse

    Declaration

    Objective-C

    - (id)initiateAuth:
        (nonnull AWSCognitoIdentityProviderInitiateAuthRequest *)request;

    Swift

    func initiateAuth(_ request: AWSCognitoIdentityProviderInitiateAuthRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the InitiateAuth service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderInitiateAuthResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorForbidden.

  • Initiates sign-in for a user in the Amazon Cognito user directory. You can’t sign in a user with a federated IdP with InitiateAuth. For more information, see Adding user pool sign-in through a third party.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderInitiateAuthRequest

    See

    AWSCognitoIdentityProviderInitiateAuthResponse

    Declaration

    Objective-C

    - (void)initiateAuth:
                (nonnull AWSCognitoIdentityProviderInitiateAuthRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderInitiateAuthResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the InitiateAuth service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorForbidden.

  • Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderListDevicesRequest

    See

    AWSCognitoIdentityProviderListDevicesResponse

    Declaration

    Objective-C

    - (id)listDevices:
        (nonnull AWSCognitoIdentityProviderListDevicesRequest *)request;

    Swift

    func listDevices(_ request: AWSCognitoIdentityProviderListDevicesRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ListDevices service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderListDevicesResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderListDevicesRequest

    See

    AWSCognitoIdentityProviderListDevicesResponse

    Declaration

    Objective-C

    - (void)listDevices:
                (nonnull AWSCognitoIdentityProviderListDevicesRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderListDevicesResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ListDevices service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Lists the groups associated with a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListGroupsRequest

    See

    AWSCognitoIdentityProviderListGroupsResponse

    Declaration

    Objective-C

    - (id)listGroups:(nonnull AWSCognitoIdentityProviderListGroupsRequest *)request;

    Swift

    func listGroups(_ request: AWSCognitoIdentityProviderListGroupsRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ListGroups service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderListGroupsResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the groups associated with a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListGroupsRequest

    See

    AWSCognitoIdentityProviderListGroupsResponse

    Declaration

    Objective-C

    - (void)listGroups:
                (nonnull AWSCognitoIdentityProviderListGroupsRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderListGroupsResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ListGroups service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists information about all IdPs for a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListIdentityProvidersRequest

    See

    AWSCognitoIdentityProviderListIdentityProvidersResponse

    Declaration

    Objective-C

    - (id)listIdentityProviders:
        (nonnull AWSCognitoIdentityProviderListIdentityProvidersRequest *)request;

    Swift

    func listIdentityProviders(_ request: AWSCognitoIdentityProviderListIdentityProvidersRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ListIdentityProviders service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderListIdentityProvidersResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Lists information about all IdPs for a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListIdentityProvidersRequest

    See

    AWSCognitoIdentityProviderListIdentityProvidersResponse

    Declaration

    Objective-C

    - (void)listIdentityProviders:
                (nonnull AWSCognitoIdentityProviderListIdentityProvidersRequest *)
                    request
                completionHandler:
                    (void (^_Nullable)(
                        AWSCognitoIdentityProviderListIdentityProvidersResponse
                            *_Nullable,
                        NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ListIdentityProviders service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the resource servers for a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListResourceServersRequest

    See

    AWSCognitoIdentityProviderListResourceServersResponse

    Declaration

    Objective-C

    - (id)listResourceServers:
        (nonnull AWSCognitoIdentityProviderListResourceServersRequest *)request;

    Swift

    func listResourceServers(_ request: AWSCognitoIdentityProviderListResourceServersRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ListResourceServers service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderListResourceServersResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the resource servers for a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListResourceServersRequest

    See

    AWSCognitoIdentityProviderListResourceServersResponse

    Declaration

    Objective-C

    - (void)
        listResourceServers:
            (nonnull AWSCognitoIdentityProviderListResourceServersRequest *)request
          completionHandler:
              (void (^_Nullable)(
                  AWSCognitoIdentityProviderListResourceServersResponse *_Nullable,
                  NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ListResourceServers service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the tags that are assigned to an Amazon Cognito user pool.

    A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

    You can use this action up to 10 times per second, per account.

    See

    AWSCognitoIdentityProviderListTagsForResourceRequest

    See

    AWSCognitoIdentityProviderListTagsForResourceResponse

    Declaration

    Objective-C

    - (id)listTagsForResource:
        (nonnull AWSCognitoIdentityProviderListTagsForResourceRequest *)request;

    Swift

    func listTags(forResource request: AWSCognitoIdentityProviderListTagsForResourceRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ListTagsForResource service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderListTagsForResourceResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the tags that are assigned to an Amazon Cognito user pool.

    A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

    You can use this action up to 10 times per second, per account.

    See

    AWSCognitoIdentityProviderListTagsForResourceRequest

    See

    AWSCognitoIdentityProviderListTagsForResourceResponse

    Declaration

    Objective-C

    - (void)
        listTagsForResource:
            (nonnull AWSCognitoIdentityProviderListTagsForResourceRequest *)request
          completionHandler:
              (void (^_Nullable)(
                  AWSCognitoIdentityProviderListTagsForResourceResponse *_Nullable,
                  NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ListTagsForResource service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInternalError.

  • Lists user import jobs for a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListUserImportJobsRequest

    See

    AWSCognitoIdentityProviderListUserImportJobsResponse

    Declaration

    Objective-C

    - (id)listUserImportJobs:
        (nonnull AWSCognitoIdentityProviderListUserImportJobsRequest *)request;

    Swift

    func listUserImportJobs(_ request: AWSCognitoIdentityProviderListUserImportJobsRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ListUserImportJobs service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderListUserImportJobsResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists user import jobs for a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListUserImportJobsRequest

    See

    AWSCognitoIdentityProviderListUserImportJobsResponse

    Declaration

    Objective-C

    - (void)
        listUserImportJobs:
            (nonnull AWSCognitoIdentityProviderListUserImportJobsRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderListUserImportJobsResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ListUserImportJobs service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the clients that have been created for the specified user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListUserPoolClientsRequest

    See

    AWSCognitoIdentityProviderListUserPoolClientsResponse

    Declaration

    Objective-C

    - (id)listUserPoolClients:
        (nonnull AWSCognitoIdentityProviderListUserPoolClientsRequest *)request;

    Swift

    func listUserPoolClients(_ request: AWSCognitoIdentityProviderListUserPoolClientsRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ListUserPoolClients service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderListUserPoolClientsResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the clients that have been created for the specified user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListUserPoolClientsRequest

    See

    AWSCognitoIdentityProviderListUserPoolClientsResponse

    Declaration

    Objective-C

    - (void)
        listUserPoolClients:
            (nonnull AWSCognitoIdentityProviderListUserPoolClientsRequest *)request
          completionHandler:
              (void (^_Nullable)(
                  AWSCognitoIdentityProviderListUserPoolClientsResponse *_Nullable,
                  NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ListUserPoolClients service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the user pools associated with an Amazon Web Services account.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListUserPoolsRequest

    See

    AWSCognitoIdentityProviderListUserPoolsResponse

    Declaration

    Objective-C

    - (id)listUserPools:
        (nonnull AWSCognitoIdentityProviderListUserPoolsRequest *)request;

    Swift

    func listUserPools(_ request: AWSCognitoIdentityProviderListUserPoolsRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ListUserPools service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderListUserPoolsResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the user pools associated with an Amazon Web Services account.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListUserPoolsRequest

    See

    AWSCognitoIdentityProviderListUserPoolsResponse

    Declaration

    Objective-C

    - (void)listUserPools:
                (nonnull AWSCognitoIdentityProviderListUserPoolsRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderListUserPoolsResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ListUserPools service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists users and their basic details in a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListUsersRequest

    See

    AWSCognitoIdentityProviderListUsersResponse

    Declaration

    Objective-C

    - (id)listUsers:(nonnull AWSCognitoIdentityProviderListUsersRequest *)request;

    Swift

    func listUsers(_ request: AWSCognitoIdentityProviderListUsersRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ListUsers service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderListUsersResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists users and their basic details in a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListUsersRequest

    See

    AWSCognitoIdentityProviderListUsersResponse

    Declaration

    Objective-C

    - (void)listUsers:(nonnull AWSCognitoIdentityProviderListUsersRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderListUsersResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ListUsers service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the users in the specified group.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListUsersInGroupRequest

    See

    AWSCognitoIdentityProviderListUsersInGroupResponse

    Declaration

    Objective-C

    - (id)listUsersInGroup:
        (nonnull AWSCognitoIdentityProviderListUsersInGroupRequest *)request;

    Swift

    func listUsers(inGroup request: AWSCognitoIdentityProviderListUsersInGroupRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ListUsersInGroup service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderListUsersInGroupResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Lists the users in the specified group.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderListUsersInGroupRequest

    See

    AWSCognitoIdentityProviderListUsersInGroupResponse

    Declaration

    Objective-C

    - (void)listUsersInGroup:
                (nonnull AWSCognitoIdentityProviderListUsersInGroupRequest *)request
           completionHandler:
               (void (^_Nullable)(
                   AWSCognitoIdentityProviderListUsersInGroupResponse *_Nullable,
                   NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ListUsersInGroup service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Resends the confirmation (for confirmation of registration) to a specific user in the user pool.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderResendConfirmationCodeRequest

    See

    AWSCognitoIdentityProviderResendConfirmationCodeResponse

    Declaration

    Objective-C

    - (id)resendConfirmationCode:
        (nonnull AWSCognitoIdentityProviderResendConfirmationCodeRequest *)request;

    Swift

    func resendConfirmationCode(_ request: AWSCognitoIdentityProviderResendConfirmationCodeRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the ResendConfirmationCode service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderResendConfirmationCodeResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Resends the confirmation (for confirmation of registration) to a specific user in the user pool.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderResendConfirmationCodeRequest

    See

    AWSCognitoIdentityProviderResendConfirmationCodeResponse

    Declaration

    Objective-C

    - (void)resendConfirmationCode:
                (nonnull AWSCognitoIdentityProviderResendConfirmationCodeRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderResendConfirmationCodeResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the ResendConfirmationCode service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A RespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

    For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderRespondToAuthChallengeRequest

    See

    AWSCognitoIdentityProviderRespondToAuthChallengeResponse

    Declaration

    Objective-C

    - (id)respondToAuthChallenge:
        (nonnull AWSCognitoIdentityProviderRespondToAuthChallengeRequest *)request;

    Swift

    func respond(toAuthChallenge request: AWSCognitoIdentityProviderRespondToAuthChallengeRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the RespondToAuthChallenge service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderRespondToAuthChallengeResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorMFAMethodNotFound, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorSoftwareTokenMFANotFound, AWSCognitoIdentityProviderErrorForbidden.

  • Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A RespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

    For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderRespondToAuthChallengeRequest

    See

    AWSCognitoIdentityProviderRespondToAuthChallengeResponse

    Declaration

    Objective-C

    - (void)respondToAuthChallenge:
                (nonnull AWSCognitoIdentityProviderRespondToAuthChallengeRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderRespondToAuthChallengeResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the RespondToAuthChallenge service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorMFAMethodNotFound, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorSoftwareTokenMFANotFound, AWSCognitoIdentityProviderErrorForbidden.

  • Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can’t use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderRevokeTokenRequest

    See

    AWSCognitoIdentityProviderRevokeTokenResponse

    Declaration

    Objective-C

    - (id)revokeToken:
        (nonnull AWSCognitoIdentityProviderRevokeTokenRequest *)request;

    Swift

    func revokeToken(_ request: AWSCognitoIdentityProviderRevokeTokenRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the RevokeToken service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderRevokeTokenResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorUnauthorized, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnsupportedOperation, AWSCognitoIdentityProviderErrorUnsupportedTokenType, AWSCognitoIdentityProviderErrorForbidden.

  • Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can’t use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderRevokeTokenRequest

    See

    AWSCognitoIdentityProviderRevokeTokenResponse

    Declaration

    Objective-C

    - (void)revokeToken:
                (nonnull AWSCognitoIdentityProviderRevokeTokenRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderRevokeTokenResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the RevokeToken service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorUnauthorized, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnsupportedOperation, AWSCognitoIdentityProviderErrorUnsupportedTokenType, AWSCognitoIdentityProviderErrorForbidden.

  • Sets up or modifies the detailed activity logging configuration of a user pool.

    See

    AWSCognitoIdentityProviderSetLogDeliveryConfigurationRequest

    See

    AWSCognitoIdentityProviderSetLogDeliveryConfigurationResponse

    Declaration

    Objective-C

    - (id)setLogDeliveryConfiguration:
        (nonnull AWSCognitoIdentityProviderSetLogDeliveryConfigurationRequest *)
            request;

    Swift

    func setLogDeliveryConfiguration(_ request: AWSCognitoIdentityProviderSetLogDeliveryConfigurationRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the SetLogDeliveryConfiguration service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderSetLogDeliveryConfigurationResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorResourceNotFound.

  • Sets up or modifies the detailed activity logging configuration of a user pool.

    See

    AWSCognitoIdentityProviderSetLogDeliveryConfigurationRequest

    See

    AWSCognitoIdentityProviderSetLogDeliveryConfigurationResponse

    Declaration

    Objective-C

    - (void)
        setLogDeliveryConfiguration:
            (nonnull AWSCognitoIdentityProviderSetLogDeliveryConfigurationRequest *)
                request
                  completionHandler:
                      (void (^_Nullable)(
                          AWSCognitoIdentityProviderSetLogDeliveryConfigurationResponse
                              *_Nullable,
                          NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the SetLogDeliveryConfiguration service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorResourceNotFound.

  • Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.

    To activate Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.

    See

    AWSCognitoIdentityProviderSetRiskConfigurationRequest

    See

    AWSCognitoIdentityProviderSetRiskConfigurationResponse

    Declaration

    Objective-C

    - (id)setRiskConfiguration:
        (nonnull AWSCognitoIdentityProviderSetRiskConfigurationRequest *)request;

    Swift

    func setRiskConfiguration(_ request: AWSCognitoIdentityProviderSetRiskConfigurationRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the SetRiskConfiguration service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderSetRiskConfigurationResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserPoolAddOnNotEnabled, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorInternalError.

  • Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.

    To activate Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.

    See

    AWSCognitoIdentityProviderSetRiskConfigurationRequest

    See

    AWSCognitoIdentityProviderSetRiskConfigurationResponse

    Declaration

    Objective-C

    - (void)setRiskConfiguration:
                (nonnull AWSCognitoIdentityProviderSetRiskConfigurationRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderSetRiskConfigurationResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the SetRiskConfiguration service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserPoolAddOnNotEnabled, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorInternalError.

  • Sets the user interface (UI) customization information for a user pool’s built-in app UI.

    You can specify app UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to ALL). If you specify ALL, the default configuration is used for every client that has no previously set UI customization. If you specify UI customization settings for a particular client, it will no longer return to the ALL configuration.

    To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app’s pages, and the service will throw an error.

    See

    AWSCognitoIdentityProviderSetUICustomizationRequest

    See

    AWSCognitoIdentityProviderSetUICustomizationResponse

    Declaration

    Objective-C

    - (id)setUICustomization:
        (nonnull AWSCognitoIdentityProviderSetUICustomizationRequest *)request;

    Swift

    func setUICustomization(_ request: AWSCognitoIdentityProviderSetUICustomizationRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the SetUICustomization service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderSetUICustomizationResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Sets the user interface (UI) customization information for a user pool’s built-in app UI.

    You can specify app UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to ALL). If you specify ALL, the default configuration is used for every client that has no previously set UI customization. If you specify UI customization settings for a particular client, it will no longer return to the ALL configuration.

    To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app’s pages, and the service will throw an error.

    See

    AWSCognitoIdentityProviderSetUICustomizationRequest

    See

    AWSCognitoIdentityProviderSetUICustomizationResponse

    Declaration

    Objective-C

    - (void)
        setUICustomization:
            (nonnull AWSCognitoIdentityProviderSetUICustomizationRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderSetUICustomizationResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the SetUICustomization service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Set the user’s multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderSetUserMFAPreferenceRequest

    See

    AWSCognitoIdentityProviderSetUserMFAPreferenceResponse

    Declaration

    Objective-C

    - (id)setUserMFAPreference:
        (nonnull AWSCognitoIdentityProviderSetUserMFAPreferenceRequest *)request;

    Swift

    func setUserMFAPreference(_ request: AWSCognitoIdentityProviderSetUserMFAPreferenceRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the SetUserMFAPreference service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderSetUserMFAPreferenceResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Set the user’s multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderSetUserMFAPreferenceRequest

    See

    AWSCognitoIdentityProviderSetUserMFAPreferenceResponse

    Declaration

    Objective-C

    - (void)setUserMFAPreference:
                (nonnull AWSCognitoIdentityProviderSetUserMFAPreferenceRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderSetUserMFAPreferenceResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the SetUserMFAPreference service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Sets the user pool multi-factor authentication (MFA) configuration.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderSetUserPoolMfaConfigRequest

    See

    AWSCognitoIdentityProviderSetUserPoolMfaConfigResponse

    Declaration

    Objective-C

    - (id)setUserPoolMfaConfig:
        (nonnull AWSCognitoIdentityProviderSetUserPoolMfaConfigRequest *)request;

    Swift

    func setUserPoolMfaConfig(_ request: AWSCognitoIdentityProviderSetUserPoolMfaConfigRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the SetUserPoolMfaConfig service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderSetUserPoolMfaConfigResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Sets the user pool multi-factor authentication (MFA) configuration.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderSetUserPoolMfaConfigRequest

    See

    AWSCognitoIdentityProviderSetUserPoolMfaConfigResponse

    Declaration

    Objective-C

    - (void)setUserPoolMfaConfig:
                (nonnull AWSCognitoIdentityProviderSetUserPoolMfaConfigRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderSetUserPoolMfaConfigResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the SetUserPoolMfaConfig service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • This action is no longer supported. You can use it to configure only SMS MFA. You can’t use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderSetUserSettingsRequest

    See

    AWSCognitoIdentityProviderSetUserSettingsResponse

    Declaration

    Objective-C

    - (id)setUserSettings:
        (nonnull AWSCognitoIdentityProviderSetUserSettingsRequest *)request;

    Swift

    func setUserSettings(_ request: AWSCognitoIdentityProviderSetUserSettingsRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the SetUserSettings service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderSetUserSettingsResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • This action is no longer supported. You can use it to configure only SMS MFA. You can’t use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderSetUserSettingsRequest

    See

    AWSCognitoIdentityProviderSetUserSettingsResponse

    Declaration

    Objective-C

    - (void)setUserSettings:
                (nonnull AWSCognitoIdentityProviderSetUserSettingsRequest *)request
          completionHandler:
              (void (^_Nullable)(
                  AWSCognitoIdentityProviderSetUserSettingsResponse *_Nullable,
                  NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the SetUserSettings service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Registers the user in the specified user pool and creates a user name, password, and user attributes.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderSignUpRequest

    See

    AWSCognitoIdentityProviderSignUpResponse

    Declaration

    Objective-C

    - (id)signUp:(nonnull AWSCognitoIdentityProviderSignUpRequest *)request;

    Swift

    func signUp(_ request: AWSCognitoIdentityProviderSignUpRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the SignUp service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderSignUpResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorUsernameExists, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorForbidden.

  • Registers the user in the specified user pool and creates a user name, password, and user attributes.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderSignUpRequest

    See

    AWSCognitoIdentityProviderSignUpResponse

    Declaration

    Objective-C

    - (void)signUp:(nonnull AWSCognitoIdentityProviderSignUpRequest *)request
        completionHandler:
            (void (^_Nullable)(AWSCognitoIdentityProviderSignUpResponse *_Nullable,
                               NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the SignUp service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidPassword, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorUsernameExists, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorForbidden.

  • Starts the user import.

    See

    AWSCognitoIdentityProviderStartUserImportJobRequest

    See

    AWSCognitoIdentityProviderStartUserImportJobResponse

    Declaration

    Objective-C

    - (id)startUserImportJob:
        (nonnull AWSCognitoIdentityProviderStartUserImportJobRequest *)request;

    Swift

    func startUserImportJob(_ request: AWSCognitoIdentityProviderStartUserImportJobRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the StartUserImportJob service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderStartUserImportJobResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorPreconditionNotMet, AWSCognitoIdentityProviderErrorNotAuthorized.

  • Starts the user import.

    See

    AWSCognitoIdentityProviderStartUserImportJobRequest

    See

    AWSCognitoIdentityProviderStartUserImportJobResponse

    Declaration

    Objective-C

    - (void)
        startUserImportJob:
            (nonnull AWSCognitoIdentityProviderStartUserImportJobRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderStartUserImportJobResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the StartUserImportJob service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorPreconditionNotMet, AWSCognitoIdentityProviderErrorNotAuthorized.

  • Stops the user import job.

    See

    AWSCognitoIdentityProviderStopUserImportJobRequest

    See

    AWSCognitoIdentityProviderStopUserImportJobResponse

    Declaration

    Objective-C

    - (id)stopUserImportJob:
        (nonnull AWSCognitoIdentityProviderStopUserImportJobRequest *)request;

    Swift

    func stopUserImportJob(_ request: AWSCognitoIdentityProviderStopUserImportJobRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the StopUserImportJob service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderStopUserImportJobResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorPreconditionNotMet, AWSCognitoIdentityProviderErrorNotAuthorized.

  • Stops the user import job.

    See

    AWSCognitoIdentityProviderStopUserImportJobRequest

    See

    AWSCognitoIdentityProviderStopUserImportJobResponse

    Declaration

    Objective-C

    - (void)stopUserImportJob:
                (nonnull AWSCognitoIdentityProviderStopUserImportJobRequest *)
                    request
            completionHandler:
                (void (^_Nullable)(
                    AWSCognitoIdentityProviderStopUserImportJobResponse *_Nullable,
                    NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the StopUserImportJob service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorPreconditionNotMet, AWSCognitoIdentityProviderErrorNotAuthorized.

  • Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.

    Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool, one for testing and another for production, you might assign an Environment tag key to both user pools. The value of this key might be Test for one user pool, and Production for the other.

    Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.

    You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.

    See

    AWSCognitoIdentityProviderTagResourceRequest

    See

    AWSCognitoIdentityProviderTagResourceResponse

    Declaration

    Objective-C

    - (id)tagResource:
        (nonnull AWSCognitoIdentityProviderTagResourceRequest *)request;

    Swift

    func tagResource(_ request: AWSCognitoIdentityProviderTagResourceRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the TagResource service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderTagResourceResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInternalError.

  • Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.

    Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool, one for testing and another for production, you might assign an Environment tag key to both user pools. The value of this key might be Test for one user pool, and Production for the other.

    Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.

    You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.

    See

    AWSCognitoIdentityProviderTagResourceRequest

    See

    AWSCognitoIdentityProviderTagResourceResponse

    Declaration

    Objective-C

    - (void)tagResource:
                (nonnull AWSCognitoIdentityProviderTagResourceRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderTagResourceResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the TagResource service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInternalError.

  • Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.

    See

    AWSCognitoIdentityProviderUntagResourceRequest

    See

    AWSCognitoIdentityProviderUntagResourceResponse

    Declaration

    Objective-C

    - (id)untagResource:
        (nonnull AWSCognitoIdentityProviderUntagResourceRequest *)request;

    Swift

    func untagResource(_ request: AWSCognitoIdentityProviderUntagResourceRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the UntagResource service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderUntagResourceResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInternalError.

  • Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.

    See

    AWSCognitoIdentityProviderUntagResourceRequest

    See

    AWSCognitoIdentityProviderUntagResourceResponse

    Declaration

    Objective-C

    - (void)untagResource:
                (nonnull AWSCognitoIdentityProviderUntagResourceRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderUntagResourceResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the UntagResource service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorInternalError.

  • Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderUpdateAuthEventFeedbackRequest

    See

    AWSCognitoIdentityProviderUpdateAuthEventFeedbackResponse

    Declaration

    Objective-C

    - (id)updateAuthEventFeedback:
        (nonnull AWSCognitoIdentityProviderUpdateAuthEventFeedbackRequest *)request;

    Swift

    func updateAuthEventFeedback(_ request: AWSCognitoIdentityProviderUpdateAuthEventFeedbackRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the UpdateAuthEventFeedback service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderUpdateAuthEventFeedbackResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserPoolAddOnNotEnabled, AWSCognitoIdentityProviderErrorInternalError.

  • Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderUpdateAuthEventFeedbackRequest

    See

    AWSCognitoIdentityProviderUpdateAuthEventFeedbackResponse

    Declaration

    Objective-C

    - (void)updateAuthEventFeedback:
                (nonnull AWSCognitoIdentityProviderUpdateAuthEventFeedbackRequest *)
                    request
                  completionHandler:
                      (void (^_Nullable)(
                          AWSCognitoIdentityProviderUpdateAuthEventFeedbackResponse
                              *_Nullable,
                          NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the UpdateAuthEventFeedback service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserPoolAddOnNotEnabled, AWSCognitoIdentityProviderErrorInternalError.

  • Updates the device status. For more information about device authentication, see Working with user devices in your user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderUpdateDeviceStatusRequest

    See

    AWSCognitoIdentityProviderUpdateDeviceStatusResponse

    Declaration

    Objective-C

    - (id)updateDeviceStatus:
        (nonnull AWSCognitoIdentityProviderUpdateDeviceStatusRequest *)request;

    Swift

    func updateDeviceStatus(_ request: AWSCognitoIdentityProviderUpdateDeviceStatusRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the UpdateDeviceStatus service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderUpdateDeviceStatusResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Updates the device status. For more information about device authentication, see Working with user devices in your user pool.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderUpdateDeviceStatusRequest

    See

    AWSCognitoIdentityProviderUpdateDeviceStatusResponse

    Declaration

    Objective-C

    - (void)
        updateDeviceStatus:
            (nonnull AWSCognitoIdentityProviderUpdateDeviceStatusRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderUpdateDeviceStatusResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the UpdateDeviceStatus service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • Updates the specified group with the specified attributes.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateGroupRequest

    See

    AWSCognitoIdentityProviderUpdateGroupResponse

    Declaration

    Objective-C

    - (id)updateGroup:
        (nonnull AWSCognitoIdentityProviderUpdateGroupRequest *)request;

    Swift

    func updateGroup(_ request: AWSCognitoIdentityProviderUpdateGroupRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the UpdateGroup service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderUpdateGroupResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Updates the specified group with the specified attributes.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateGroupRequest

    See

    AWSCognitoIdentityProviderUpdateGroupResponse

    Declaration

    Objective-C

    - (void)updateGroup:
                (nonnull AWSCognitoIdentityProviderUpdateGroupRequest *)request
        completionHandler:
            (void (^_Nullable)(
                AWSCognitoIdentityProviderUpdateGroupResponse *_Nullable,
                NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the UpdateGroup service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorInternalError.

  • Updates IdP information for a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateIdentityProviderRequest

    See

    AWSCognitoIdentityProviderUpdateIdentityProviderResponse

    Declaration

    Objective-C

    - (id)updateIdentityProvider:
        (nonnull AWSCognitoIdentityProviderUpdateIdentityProviderRequest *)request;

    Swift

    func update(_ request: AWSCognitoIdentityProviderUpdateIdentityProviderRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the UpdateIdentityProvider service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderUpdateIdentityProviderResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnsupportedIdentityProvider, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Updates IdP information for a user pool.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateIdentityProviderRequest

    See

    AWSCognitoIdentityProviderUpdateIdentityProviderResponse

    Declaration

    Objective-C

    - (void)updateIdentityProvider:
                (nonnull AWSCognitoIdentityProviderUpdateIdentityProviderRequest *)
                    request
                 completionHandler:
                     (void (^_Nullable)(
                         AWSCognitoIdentityProviderUpdateIdentityProviderResponse
                             *_Nullable,
                         NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the UpdateIdentityProvider service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorUnsupportedIdentityProvider, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Updates the name and scopes of resource server. All other fields are read-only.

    If you don’t provide a value for an attribute, it is set to the default value.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateResourceServerRequest

    See

    AWSCognitoIdentityProviderUpdateResourceServerResponse

    Declaration

    Objective-C

    - (id)updateResourceServer:
        (nonnull AWSCognitoIdentityProviderUpdateResourceServerRequest *)request;

    Swift

    func updateResourceServer(_ request: AWSCognitoIdentityProviderUpdateResourceServerRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the UpdateResourceServer service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderUpdateResourceServerResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Updates the name and scopes of resource server. All other fields are read-only.

    If you don’t provide a value for an attribute, it is set to the default value.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateResourceServerRequest

    See

    AWSCognitoIdentityProviderUpdateResourceServerResponse

    Declaration

    Objective-C

    - (void)updateResourceServer:
                (nonnull AWSCognitoIdentityProviderUpdateResourceServerRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderUpdateResourceServerResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the UpdateResourceServer service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user’s access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the custom: prefix.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderUpdateUserAttributesRequest

    See

    AWSCognitoIdentityProviderUpdateUserAttributesResponse

    Declaration

    Objective-C

    - (id)updateUserAttributes:
        (nonnull AWSCognitoIdentityProviderUpdateUserAttributesRequest *)request;

    Swift

    func updateUserAttributes(_ request: AWSCognitoIdentityProviderUpdateUserAttributesRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the UpdateUserAttributes service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderUpdateUserAttributesResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user’s access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the custom: prefix.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    See

    AWSCognitoIdentityProviderUpdateUserAttributesRequest

    See

    AWSCognitoIdentityProviderUpdateUserAttributesResponse

    Declaration

    Objective-C

    - (void)updateUserAttributes:
                (nonnull AWSCognitoIdentityProviderUpdateUserAttributesRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderUpdateUserAttributesResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the UpdateUserAttributes service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUnexpectedLambda, AWSCognitoIdentityProviderErrorUserLambdaValidation, AWSCognitoIdentityProviderErrorInvalidLambdaResponse, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy, AWSCognitoIdentityProviderErrorCodeDeliveryFailure, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorForbidden.

  • This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.

    If you don’t provide a value for an attribute, Amazon Cognito sets it to its default value.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateUserPoolRequest

    See

    AWSCognitoIdentityProviderUpdateUserPoolResponse

    Declaration

    Objective-C

    - (id)updateUserPool:
        (nonnull AWSCognitoIdentityProviderUpdateUserPoolRequest *)request;

    Swift

    func updateUserPool(_ request: AWSCognitoIdentityProviderUpdateUserPoolRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the UpdateUserPool service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderUpdateUserPoolResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserImportInProgress, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorUserPoolTagging, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy.

  • This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

    If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode, you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

    Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.

    If you don’t provide a value for an attribute, Amazon Cognito sets it to its default value.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateUserPoolRequest

    See

    AWSCognitoIdentityProviderUpdateUserPoolResponse

    Declaration

    Objective-C

    - (void)updateUserPool:
                (nonnull AWSCognitoIdentityProviderUpdateUserPoolRequest *)request
         completionHandler:
             (void (^_Nullable)(
                 AWSCognitoIdentityProviderUpdateUserPoolResponse *_Nullable,
                 NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the UpdateUserPool service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorUserImportInProgress, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorInvalidSmsRoleAccessPolicy, AWSCognitoIdentityProviderErrorInvalidSmsRoleTrustRelationship, AWSCognitoIdentityProviderErrorUserPoolTagging, AWSCognitoIdentityProviderErrorInvalidEmailRoleAccessPolicy.

  • Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient.

    If you don’t provide a value for an attribute, Amazon Cognito sets it to its default value.

    You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, see RevokeToken.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateUserPoolClientRequest

    See

    AWSCognitoIdentityProviderUpdateUserPoolClientResponse

    Declaration

    Objective-C

    - (id)updateUserPoolClient:
        (nonnull AWSCognitoIdentityProviderUpdateUserPoolClientRequest *)request;

    Swift

    func updateUserPoolClient(_ request: AWSCognitoIdentityProviderUpdateUserPoolClientRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the UpdateUserPoolClient service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderUpdateUserPoolClientResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorScopeDoesNotExist, AWSCognitoIdentityProviderErrorInvalidOAuthFlow, AWSCognitoIdentityProviderErrorInternalError.

  • Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient.

    If you don’t provide a value for an attribute, Amazon Cognito sets it to its default value.

    You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, see RevokeToken.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateUserPoolClientRequest

    See

    AWSCognitoIdentityProviderUpdateUserPoolClientResponse

    Declaration

    Objective-C

    - (void)updateUserPoolClient:
                (nonnull AWSCognitoIdentityProviderUpdateUserPoolClientRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderUpdateUserPoolClientResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the UpdateUserPoolClient service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorConcurrentModification, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorScopeDoesNotExist, AWSCognitoIdentityProviderErrorInvalidOAuthFlow, AWSCognitoIdentityProviderErrorInternalError.

  • Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.

    You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can’t use it to change the domain for a user pool.

    A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.

    Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically.

    However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito.

    When you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region.

    After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.

    For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateUserPoolDomainRequest

    See

    AWSCognitoIdentityProviderUpdateUserPoolDomainResponse

    Declaration

    Objective-C

    - (id)updateUserPoolDomain:
        (nonnull AWSCognitoIdentityProviderUpdateUserPoolDomainRequest *)request;

    Swift

    func updateUserPoolDomain(_ request: AWSCognitoIdentityProviderUpdateUserPoolDomainRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the UpdateUserPoolDomain service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderUpdateUserPoolDomainResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.

    You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can’t use it to change the domain for a user pool.

    A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.

    Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically.

    However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito.

    When you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region.

    After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.

    For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.

    Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

    Learn more

    See

    AWSCognitoIdentityProviderUpdateUserPoolDomainRequest

    See

    AWSCognitoIdentityProviderUpdateUserPoolDomainResponse

    Declaration

    Objective-C

    - (void)updateUserPoolDomain:
                (nonnull AWSCognitoIdentityProviderUpdateUserPoolDomainRequest *)
                    request
               completionHandler:
                   (void (^_Nullable)(
                       AWSCognitoIdentityProviderUpdateUserPoolDomainResponse
                           *_Nullable,
                       NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the UpdateUserPoolDomain service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorInternalError.

  • Use this API to register a user’s entered time-based one-time password (TOTP) code and mark the user’s software token MFA status as “verified” if successful. The request takes an access token or a session string, but not both.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderVerifySoftwareTokenRequest

    See

    AWSCognitoIdentityProviderVerifySoftwareTokenResponse

    Declaration

    Objective-C

    - (id)verifySoftwareToken:
        (nonnull AWSCognitoIdentityProviderVerifySoftwareTokenRequest *)request;

    Swift

    func verifySoftwareToken(_ request: AWSCognitoIdentityProviderVerifySoftwareTokenRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the VerifySoftwareToken service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderVerifySoftwareTokenResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorEnableSoftwareTokenMFA, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorSoftwareTokenMFANotFound, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorForbidden.

  • Use this API to register a user’s entered time-based one-time password (TOTP) code and mark the user’s software token MFA status as “verified” if successful. The request takes an access token or a session string, but not both.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderVerifySoftwareTokenRequest

    See

    AWSCognitoIdentityProviderVerifySoftwareTokenResponse

    Declaration

    Objective-C

    - (void)
        verifySoftwareToken:
            (nonnull AWSCognitoIdentityProviderVerifySoftwareTokenRequest *)request
          completionHandler:
              (void (^_Nullable)(
                  AWSCognitoIdentityProviderVerifySoftwareTokenResponse *_Nullable,
                  NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the VerifySoftwareToken service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidUserPoolConfiguration, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorEnableSoftwareTokenMFA, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorSoftwareTokenMFANotFound, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorForbidden.

  • Verifies the specified user attributes in the user pool.

    If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see UserAttributeUpdateSettingsType.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderVerifyUserAttributeRequest

    See

    AWSCognitoIdentityProviderVerifyUserAttributeResponse

    Declaration

    Objective-C

    - (id)verifyUserAttribute:
        (nonnull AWSCognitoIdentityProviderVerifyUserAttributeRequest *)request;

    Swift

    func verifyUserAttribute(_ request: AWSCognitoIdentityProviderVerifyUserAttributeRequest) -> Any!

    Parameters

    request

    A container for the necessary parameters to execute the VerifyUserAttribute service method.

    Return Value

    An instance of AWSTask. On successful execution, task.result will contain an instance of AWSCognitoIdentityProviderVerifyUserAttributeResponse. On failed execution, task.error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorForbidden.

  • Verifies the specified user attributes in the user pool.

    If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see UserAttributeUpdateSettingsType.

    Authorize this action with a signed-in user’s access token. It must include the scope aws.cognito.signin.user.admin.

    Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

    See

    AWSCognitoIdentityProviderVerifyUserAttributeRequest

    See

    AWSCognitoIdentityProviderVerifyUserAttributeResponse

    Declaration

    Objective-C

    - (void)
        verifyUserAttribute:
            (nonnull AWSCognitoIdentityProviderVerifyUserAttributeRequest *)request
          completionHandler:
              (void (^_Nullable)(
                  AWSCognitoIdentityProviderVerifyUserAttributeResponse *_Nullable,
                  NSError *_Nullable))completionHandler;

    Parameters

    request

    A container for the necessary parameters to execute the VerifyUserAttribute service method.

    completionHandler

    The completion handler to call when the load request is complete. response - A response object, or nil if the request failed. error - An error object that indicates why the request failed, or nil if the request was successful. On failed execution, error may contain an NSError with AWSCognitoIdentityProviderErrorDomain domain and the following error code: AWSCognitoIdentityProviderErrorResourceNotFound, AWSCognitoIdentityProviderErrorInvalidParameter, AWSCognitoIdentityProviderErrorCodeMismatch, AWSCognitoIdentityProviderErrorExpiredCode, AWSCognitoIdentityProviderErrorNotAuthorized, AWSCognitoIdentityProviderErrorTooManyRequests, AWSCognitoIdentityProviderErrorLimitExceeded, AWSCognitoIdentityProviderErrorPasswordResetRequired, AWSCognitoIdentityProviderErrorUserNotFound, AWSCognitoIdentityProviderErrorUserNotConfirmed, AWSCognitoIdentityProviderErrorInternalError, AWSCognitoIdentityProviderErrorAliasExists, AWSCognitoIdentityProviderErrorForbidden.