Amazon Cognito website screenshot

Amazon Cognito

Amazon Cognito is a fully managed AWS user identity and authentication service that adds sign-up, sign-in, and access control to web and mobile applications, scaling to millions of users. It provides User Pools for authentication (user directories, MFA, customizable auth flows) and Identity Pools for authorization (federated identities that dispense temporary AWS credentials), with support for OAuth 2.0, OpenID Connect, and SAML 2.0. The Cognito APIs are AWS regional service endpoints accessed over HTTPS using AWS Signature Version 4 (SigV4), typically via the AWS SDKs.

2 APIs 0 Features
AuthenticationIdentityOAuthOIDCSAMLUser ManagementFederated Identity

APIs

Amazon Cognito User Pools API

The Amazon Cognito User Pools API provides user directory management, sign-up, sign-in, and token-based authentication for web and mobile applications. It supports multi-factor ...

Amazon Cognito Identity Pools API

The Amazon Cognito Identity Pools (Federated Identities) API enables developers to create unique identities for users and federate them with identity providers. It provides temp...

Collections

GraphQL

Amazon Cognito GraphQL Schema

This GraphQL schema provides a conceptual representation of the Amazon Cognito API surface, covering both User Pools and Identity Pools. It is designed as a reference schema tha...

GRAPHQL

Pricing Plans

Rate Limits

Amazon Cognito Rate Limits

2 limits

RATE LIMITS

FinOps

Semantic Vocabularies

Amazon Cognito Cognito Context

1 classes · 35 properties

JSON-LD

Amazon Cognito Context

0 classes · 3 properties

JSON-LD

Amazon Cognito Identity Pools Context

50 classes · 55 properties

JSON-LD

Amazon Cognito User Pools Context

269 classes · 308 properties

JSON-LD

API Governance Rules

Amazon Cognito API Rules

24 rules · 10 errors 11 warnings 3 info

SPECTRAL

JSON Structure

Amazon Cognito User Pool Structure

16 properties

JSON STRUCTURE

Identity Pools Access Key String Structure

0 properties

JSON STRUCTURE

Identity Pools Account Id Structure

0 properties

JSON STRUCTURE

Identity Pools Arn String Structure

0 properties

JSON STRUCTURE

Identity Pools Claim Name Structure

0 properties

JSON STRUCTURE

Identity Pools Claim Value Structure

0 properties

JSON STRUCTURE

Identity Pools Classic Flow Structure

0 properties

JSON STRUCTURE

Identity Pools Credentials Structure

4 properties

JSON STRUCTURE

Identity Pools Date Type Structure

0 properties

JSON STRUCTURE

Identity Pools Get Id Input Structure

3 properties

JSON STRUCTURE

Identity Pools Get Id Response Structure

1 properties

JSON STRUCTURE

Identity Pools Hide Disabled Structure

0 properties

JSON STRUCTURE

Identity Pools Identities List Structure

0 properties

JSON STRUCTURE

Identity Pools Identity Description Structure

4 properties

JSON STRUCTURE

Identity Pools Identity Id List Structure

0 properties

JSON STRUCTURE

Identity Pools Identity Id Structure

0 properties

JSON STRUCTURE

Identity Pools Identity Pool Id Structure

0 properties

JSON STRUCTURE

Identity Pools Identity Pool Name Structure

0 properties

JSON STRUCTURE

Identity Pools Identity Pool Structure

10 properties

JSON STRUCTURE

Identity Pools Identity Pools List Structure

0 properties

JSON STRUCTURE

Identity Pools Identity Provider Id Structure

0 properties

JSON STRUCTURE

Identity Pools Identity Providers Structure

0 properties

JSON STRUCTURE

Identity Pools Logins List Structure

0 properties

JSON STRUCTURE

Identity Pools Logins Map Structure

0 properties

JSON STRUCTURE

Identity Pools Mapping Rule Structure

4 properties

JSON STRUCTURE

Identity Pools Mapping Rules List Structure

0 properties

JSON STRUCTURE

Identity Pools Oidc Provider List Structure

0 properties

JSON STRUCTURE

Identity Pools Oidc Token Structure

0 properties

JSON STRUCTURE

Identity Pools Pagination Key Structure

0 properties

JSON STRUCTURE

Identity Pools Principal Tag Id Structure

0 properties

JSON STRUCTURE

Identity Pools Principal Tag Value Structure

0 properties

JSON STRUCTURE

Identity Pools Principal Tags Structure

0 properties

JSON STRUCTURE

Identity Pools Query Limit Structure

0 properties

JSON STRUCTURE

Identity Pools Role Mapping Map Structure

0 properties

JSON STRUCTURE

Identity Pools Role Mapping Structure

3 properties

JSON STRUCTURE

Identity Pools Role Mapping Type Structure

0 properties

JSON STRUCTURE

Identity Pools Role Type Structure

0 properties

JSON STRUCTURE

Identity Pools Roles Map Structure

0 properties

JSON STRUCTURE

Identity Pools Saml Provider List Structure

0 properties

JSON STRUCTURE

Identity Pools Secret Key String Structure

0 properties

JSON STRUCTURE

Identity Pools Session Token String Structure

0 properties

JSON STRUCTURE

Identity Pools Tag Keys Type Structure

0 properties

JSON STRUCTURE

Identity Pools Tag Resource Input Structure

2 properties

JSON STRUCTURE

Identity Pools Tag Value Type Structure

0 properties

JSON STRUCTURE

Identity Pools Token Duration Structure

0 properties

JSON STRUCTURE

Identity Pools Untag Resource Input Structure

2 properties

JSON STRUCTURE

Identity Pools Use Defaults Structure

0 properties

JSON STRUCTURE

User Pools Admin Get Device Request Structure

3 properties

JSON STRUCTURE

User Pools Admin Get User Request Structure

2 properties

JSON STRUCTURE

User Pools Admin Get User Response Structure

9 properties

JSON STRUCTURE

User Pools Alias Attribute Type Structure

0 properties

JSON STRUCTURE

User Pools Analytics Metadata Type Structure

1 properties

JSON STRUCTURE

User Pools Arn Type Structure

0 properties

JSON STRUCTURE

User Pools Attribute Data Type Structure

0 properties

JSON STRUCTURE

User Pools Attribute List Type Structure

0 properties

JSON STRUCTURE

User Pools Attribute Mapping Type Structure

0 properties

JSON STRUCTURE

User Pools Attribute Name List Type Structure

0 properties

JSON STRUCTURE

User Pools Attribute Name Type Structure

0 properties

JSON STRUCTURE

User Pools Attribute Type Structure

2 properties

JSON STRUCTURE

User Pools Attribute Value Type Structure

0 properties

JSON STRUCTURE

User Pools Auth Event Type Structure

8 properties

JSON STRUCTURE

User Pools Auth Events Type Structure

0 properties

JSON STRUCTURE

User Pools Auth Flow Type Structure

0 properties

JSON STRUCTURE

User Pools Auth Parameters Type Structure

0 properties

JSON STRUCTURE

User Pools Aws Account Id Type Structure

0 properties

JSON STRUCTURE

User Pools Boolean Type Structure

0 properties

JSON STRUCTURE

User Pools Callback Ur Ls List Type Structure

0 properties

JSON STRUCTURE

User Pools Challenge Name Structure

0 properties

JSON STRUCTURE

User Pools Challenge Name Type Structure

0 properties

JSON STRUCTURE

User Pools Challenge Response Structure

0 properties

JSON STRUCTURE

User Pools Challenge Response Type Structure

2 properties

JSON STRUCTURE

User Pools Challenge Responses Type Structure

0 properties

JSON STRUCTURE

User Pools Change Password Request Structure

3 properties

JSON STRUCTURE

User Pools Change Password Response Structure

0 properties

JSON STRUCTURE

User Pools Client Id Type Structure

0 properties

JSON STRUCTURE

User Pools Client Metadata Type Structure

0 properties

JSON STRUCTURE

User Pools Client Name Type Structure

0 properties

JSON STRUCTURE

User Pools Client Permission Type Structure

0 properties

JSON STRUCTURE

User Pools Client Secret Type Structure

0 properties

JSON STRUCTURE

User Pools Completion Message Type Structure

0 properties

JSON STRUCTURE

User Pools Confirm Device Request Structure

4 properties

JSON STRUCTURE

User Pools Confirm Device Response Structure

1 properties

JSON STRUCTURE

User Pools Confirm Sign Up Request Structure

8 properties

JSON STRUCTURE

User Pools Confirm Sign Up Response Structure

0 properties

JSON STRUCTURE

User Pools Confirmation Code Type Structure

0 properties

JSON STRUCTURE

User Pools Context Data Type Structure

5 properties

JSON STRUCTURE

User Pools Create Group Request Structure

5 properties

JSON STRUCTURE

User Pools Create Group Response Structure

1 properties

JSON STRUCTURE

User Pools Create User Pool Request Structure

23 properties

JSON STRUCTURE

User Pools Css Type Structure

0 properties

JSON STRUCTURE

User Pools Css Version Type Structure

0 properties

JSON STRUCTURE

User Pools Date Type Structure

0 properties

JSON STRUCTURE

User Pools Delete Group Request Structure

2 properties

JSON STRUCTURE

User Pools Delete User Pool Request Structure

1 properties

JSON STRUCTURE

User Pools Delete User Request Structure

1 properties

JSON STRUCTURE

User Pools Deletion Protection Type Structure

0 properties

JSON STRUCTURE

User Pools Delivery Medium Type Structure

0 properties

JSON STRUCTURE

User Pools Description Type Structure

0 properties

JSON STRUCTURE

User Pools Device Key Type Structure

0 properties

JSON STRUCTURE

User Pools Device List Type Structure

0 properties

JSON STRUCTURE

User Pools Device Name Type Structure

0 properties

JSON STRUCTURE

User Pools Device Type Structure

5 properties

JSON STRUCTURE

User Pools Domain Description Type Structure

8 properties

JSON STRUCTURE

User Pools Domain Status Type Structure

0 properties

JSON STRUCTURE

User Pools Domain Type Structure

0 properties

JSON STRUCTURE

User Pools Domain Version Type Structure

0 properties

JSON STRUCTURE

User Pools Email Address Type Structure

0 properties

JSON STRUCTURE

User Pools Email Configuration Type Structure

5 properties

JSON STRUCTURE

User Pools Event Context Data Type Structure

5 properties

JSON STRUCTURE

User Pools Event Feedback Type Structure

3 properties

JSON STRUCTURE

User Pools Event Filter Type Structure

0 properties

JSON STRUCTURE

User Pools Event Filters Type Structure

0 properties

JSON STRUCTURE

User Pools Event Id Type Structure

0 properties

JSON STRUCTURE

User Pools Event Response Type Structure

0 properties

JSON STRUCTURE

User Pools Event Risk Type Structure

3 properties

JSON STRUCTURE

User Pools Event Source Name Structure

0 properties

JSON STRUCTURE

User Pools Event Type Structure

0 properties

JSON STRUCTURE

User Pools Explicit Auth Flows Type Structure

0 properties

JSON STRUCTURE

User Pools Feedback Value Type Structure

0 properties

JSON STRUCTURE

User Pools Force Alias Creation Structure

0 properties

JSON STRUCTURE

User Pools Forget Device Request Structure

2 properties

JSON STRUCTURE

User Pools Forgot Password Request Structure

6 properties

JSON STRUCTURE

User Pools Forgot Password Response Structure

1 properties

JSON STRUCTURE

User Pools Generate Secret Structure

0 properties

JSON STRUCTURE

User Pools Get Csv Header Request Structure

1 properties

JSON STRUCTURE

User Pools Get Csv Header Response Structure

2 properties

JSON STRUCTURE

User Pools Get Device Request Structure

2 properties

JSON STRUCTURE

User Pools Get Device Response Structure

1 properties

JSON STRUCTURE

User Pools Get Group Request Structure

2 properties

JSON STRUCTURE

User Pools Get Group Response Structure

1 properties

JSON STRUCTURE

User Pools Get User Request Structure

1 properties

JSON STRUCTURE

User Pools Get User Response Structure

5 properties

JSON STRUCTURE

User Pools Global Sign Out Request Structure

1 properties

JSON STRUCTURE

User Pools Global Sign Out Response Structure

0 properties

JSON STRUCTURE

User Pools Group List Type Structure

0 properties

JSON STRUCTURE

User Pools Group Name Type Structure

0 properties

JSON STRUCTURE

User Pools Group Type Structure

7 properties

JSON STRUCTURE

User Pools Hex String Type Structure

0 properties

JSON STRUCTURE

User Pools Http Header List Structure

0 properties

JSON STRUCTURE

User Pools Http Header Structure

2 properties

JSON STRUCTURE

User Pools Id Token Validity Type Structure

0 properties

JSON STRUCTURE

User Pools Identity Provider Type Structure

8 properties

JSON STRUCTURE

User Pools Idp Identifier Type Structure

0 properties

JSON STRUCTURE

User Pools Image File Type Structure

0 properties

JSON STRUCTURE

User Pools Image Url Type Structure

0 properties

JSON STRUCTURE

User Pools Initiate Auth Request Structure

6 properties

JSON STRUCTURE

User Pools Initiate Auth Response Structure

4 properties

JSON STRUCTURE

User Pools Integer Type Structure

0 properties

JSON STRUCTURE

User Pools Lambda Config Type Structure

13 properties

JSON STRUCTURE

User Pools List Devices Request Structure

3 properties

JSON STRUCTURE

User Pools List Devices Response Structure

2 properties

JSON STRUCTURE

User Pools List Groups Request Structure

3 properties

JSON STRUCTURE

User Pools List Groups Response Structure

2 properties

JSON STRUCTURE

User Pools List Of String Types Structure

0 properties

JSON STRUCTURE

User Pools List User Pools Request Structure

2 properties

JSON STRUCTURE

User Pools List User Pools Response Structure

2 properties

JSON STRUCTURE

User Pools List Users Request Structure

5 properties

JSON STRUCTURE

User Pools List Users Response Structure

2 properties

JSON STRUCTURE

User Pools Log Configuration Type Structure

3 properties

JSON STRUCTURE

User Pools Log Level Structure

0 properties

JSON STRUCTURE

User Pools Logout Ur Ls List Type Structure

0 properties

JSON STRUCTURE

User Pools Long Type Structure

0 properties

JSON STRUCTURE

User Pools Message Action Type Structure

0 properties

JSON STRUCTURE

User Pools Message Template Type Structure

3 properties

JSON STRUCTURE

User Pools Mfa Option List Type Structure

0 properties

JSON STRUCTURE

User Pools Mfa Option Type Structure

2 properties

JSON STRUCTURE

User Pools New Device Metadata Type Structure

2 properties

JSON STRUCTURE

User Pools Notify Email Type Structure

3 properties

JSON STRUCTURE

User Pools O Auth Flow Type Structure

0 properties

JSON STRUCTURE

User Pools O Auth Flows Type Structure

0 properties

JSON STRUCTURE

User Pools Pagination Key Structure

0 properties

JSON STRUCTURE

User Pools Pagination Key Type Structure

0 properties

JSON STRUCTURE

User Pools Password Policy Type Structure

6 properties

JSON STRUCTURE

User Pools Password Type Structure

0 properties

JSON STRUCTURE

User Pools Pool Query Limit Type Structure

0 properties

JSON STRUCTURE

User Pools Pre Signed Url Type Structure

0 properties

JSON STRUCTURE

User Pools Precedence Type Structure

0 properties

JSON STRUCTURE

User Pools Priority Type Structure

0 properties

JSON STRUCTURE

User Pools Provider Description Structure

4 properties

JSON STRUCTURE

User Pools Provider Details Type Structure

0 properties

JSON STRUCTURE

User Pools Provider Name Type Structure

0 properties

JSON STRUCTURE

User Pools Provider Name Type V1 Structure

0 properties

JSON STRUCTURE

User Pools Providers List Type Structure

0 properties

JSON STRUCTURE

User Pools Query Limit Structure

0 properties

JSON STRUCTURE

User Pools Query Limit Type Structure

0 properties

JSON STRUCTURE

User Pools Recovery Mechanisms Type Structure

0 properties

JSON STRUCTURE

User Pools Recovery Option Type Structure

2 properties

JSON STRUCTURE

User Pools Redirect Url Type Structure

0 properties

JSON STRUCTURE

User Pools Region Code Type Structure

0 properties

JSON STRUCTURE

User Pools Resource Server Type Structure

4 properties

JSON STRUCTURE

User Pools Revoke Token Request Structure

3 properties

JSON STRUCTURE

User Pools Revoke Token Response Structure

0 properties

JSON STRUCTURE

User Pools Risk Configuration Type Structure

6 properties

JSON STRUCTURE

User Pools Risk Decision Type Structure

0 properties

JSON STRUCTURE

User Pools Risk Level Type Structure

0 properties

JSON STRUCTURE

User Pools S3 Bucket Type Structure

0 properties

JSON STRUCTURE

User Pools Schema Attribute Type Structure

7 properties

JSON STRUCTURE

User Pools Scope List Type Structure

0 properties

JSON STRUCTURE

User Pools Scope Type Structure

0 properties

JSON STRUCTURE

User Pools Secret Code Type Structure

0 properties

JSON STRUCTURE

User Pools Secret Hash Type Structure

0 properties

JSON STRUCTURE

User Pools Ses Configuration Set Structure

0 properties

JSON STRUCTURE

User Pools Session Type Structure

0 properties

JSON STRUCTURE

User Pools Sign Up Request Structure

9 properties

JSON STRUCTURE

User Pools Sign Up Response Structure

3 properties

JSON STRUCTURE

User Pools Sms Configuration Type Structure

3 properties

JSON STRUCTURE

User Pools Sms Mfa Config Type Structure

2 properties

JSON STRUCTURE

User Pools Sms Mfa Settings Type Structure

2 properties

JSON STRUCTURE

User Pools Status Type Structure

0 properties

JSON STRUCTURE

User Pools String Type Structure

0 properties

JSON STRUCTURE

User Pools Tag Keys Type Structure

0 properties

JSON STRUCTURE

User Pools Tag Resource Request Structure

2 properties

JSON STRUCTURE

User Pools Tag Resource Response Structure

0 properties

JSON STRUCTURE

User Pools Tag Value Type Structure

0 properties

JSON STRUCTURE

User Pools Time Units Type Structure

0 properties

JSON STRUCTURE

User Pools Token Model Type Structure

0 properties

JSON STRUCTURE

User Pools Ui Customization Type Structure

7 properties

JSON STRUCTURE

User Pools Untag Resource Request Structure

2 properties

JSON STRUCTURE

User Pools Untag Resource Response Structure

0 properties

JSON STRUCTURE

User Pools Update Group Request Structure

5 properties

JSON STRUCTURE

User Pools Update Group Response Structure

1 properties

JSON STRUCTURE

User Pools Update User Pool Request Structure

19 properties

JSON STRUCTURE

User Pools User Context Data Type Structure

2 properties

JSON STRUCTURE

User Pools User Filter Type Structure

0 properties

JSON STRUCTURE

User Pools User Import Job Id Type Structure

0 properties

JSON STRUCTURE

User Pools User Import Job Type Structure

13 properties

JSON STRUCTURE

User Pools User Pool Add Ons Type Structure

1 properties

JSON STRUCTURE

User Pools User Pool Client Type Structure

25 properties

JSON STRUCTURE

User Pools User Pool Id Type Structure

0 properties

JSON STRUCTURE

User Pools User Pool List Type Structure

0 properties

JSON STRUCTURE

User Pools User Pool Mfa Type Structure

0 properties

JSON STRUCTURE

User Pools User Pool Name Type Structure

0 properties

JSON STRUCTURE

User Pools User Pool Policy Type Structure

1 properties

JSON STRUCTURE

User Pools User Pool Tags List Type Structure

0 properties

JSON STRUCTURE

User Pools User Pool Tags Type Structure

0 properties

JSON STRUCTURE

User Pools User Pool Type Structure

33 properties

JSON STRUCTURE

User Pools User Status Type Structure

0 properties

JSON STRUCTURE

User Pools User Type Structure

7 properties

JSON STRUCTURE

User Pools Username Attribute Type Structure

0 properties

JSON STRUCTURE

User Pools Username Type Structure

0 properties

JSON STRUCTURE

User Pools Users List Type Structure

0 properties

JSON STRUCTURE

User Pools Verified Attribute Type Structure

0 properties

JSON STRUCTURE

User Pools Wrapped Boolean Type Structure

0 properties

JSON STRUCTURE

Example Payloads

User Pools User Type Example

7 fields

EXAMPLE

Resources

🔗
Website
Website
🔗
Documentation
Documentation
💰
Pricing
Pricing
📝
Signup
Signup
🌐
Portal
Portal
🌐
Console
Console
🔗
Login
Login
💬
Support
Support
🟢
StatusPage
StatusPage
📰
Blog
Blog
💬
FAQ
FAQ
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
👥
GitHubOrganization
GitHubOrganization
👥
StackOverflow
StackOverflow
🔗
SpectralRules
SpectralRules
🔗
Vocabulary
Vocabulary

Sources

Raw ↑
opencollection: 1.0.0
info:
  name: Amazon Cognito Identity Provider
  version: '2016-04-18'
request:
  auth:
    type: apikey
    key: Authorization
    value: '{{Authorization}}'
    placement: header
items:
- info:
    name: Amazon Cognito Add Custom Attributes
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AddCustomAttributes
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: '<p>Adds additional user attributes to the user pool schema.</p> <note> <p>Amazon Cognito evaluates Identity and Access
    Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize
    requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b>
    </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon
    Web Services '
- info:
    name: Amazon Cognito Admin Add User to Group
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminAddUserToGroup
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Adds the specified user to the specified group.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management
    (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests,
    and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p>
    <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web
    Services API Reque
- info:
    name: Amazon Cognito Admin Confirm Sign Up
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminConfirmSignUp
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Confirms user registration as an admin without using a confirmation code. Works on any user.</p> <note> <p>Amazon
    Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation,
    you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a
    policy.</p> <p class="title"> <b>Learn more</b> </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signin
- info:
    name: Amazon Cognito Admin Create User
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminCreateUser
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Creates a new user in the specified user pool.</p> <p>If <code>MessageAction</code> isn't set, the default is to
    send a welcome message via email or phone (SMS).</p> <note> <p>This action might generate an SMS text message. Starting
    June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages
    to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href="https://console.aws.amazon.co
- info:
    name: Amazon Cognito Admin Delete User
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminDeleteUser
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Deletes a user as an administrator. Works on any user.</p> <note> <p>Amazon Cognito evaluates Identity and Access
    Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize
    requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b>
    </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon
    Web Services AP
- info:
    name: Amazon Cognito Admin Delete User Attributes
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminDeleteUserAttributes
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Deletes the user attributes in a user pool as an administrator. Works on any user.</p> <note> <p>Amazon Cognito
    evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must
    use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.</p>
    <p class="title"> <b>Learn more</b> </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Si
- info:
    name: Amazon Cognito Admin Disable Provider for User
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminDisableProviderForUser
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the
    user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can't use their
    password to sign in. If the user to deactivate is a linked external IdP user, any link between that user and an existing
    user is removed. When the external user signs in again, and the user is no longer attached to the previously linked <code>DestinationUser</code>,
    t
- info:
    name: Amazon Cognito Admin Disable User
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminDisableUser
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Deactivates a user and revokes all access tokens for the user. A deactivated user can't sign in, but still appears
    in the responses to <code>GetUser</code> and <code>ListUsers</code> API requests.</p> <note> <p>Amazon Cognito evaluates
    Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM
    credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title">
    <b>Learn mo
- info:
    name: Amazon Cognito Admin Enable User
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminEnableUser
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Enables the specified user as an administrator. Works on any user.</p> <note> <p>Amazon Cognito evaluates Identity
    and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials
    to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title">
    <b>Learn more</b> </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing
    Amazon Web
- info:
    name: Amazon Cognito Admin Forget Device
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminForgetDevice
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Forgets the device, as an administrator.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management
    (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests,
    and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p>
    <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web
    Services API Requests</a>
- info:
    name: Amazon Cognito Admin Get Device
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminGetDevice
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Gets the device, as an administrator.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management (IAM)
    policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and
    you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p> <ul>
    <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services
    API Requests</a> </
- info:
    name: Amazon Cognito Admin Get User
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminGetUser
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Gets the specified user by user name in a user pool as an administrator. Works on any user.</p> <note> <p>Amazon
    Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation,
    you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a
    policy.</p> <p class="title"> <b>Learn more</b> </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing
- info:
    name: Amazon Cognito Admin Initiate Auth
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminInitiateAuth
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Initiates the authentication flow, as an administrator.</p> <note> <p>This action might generate an SMS text message.
    Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS
    messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a
    href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically.
    Otherwise,
- info:
    name: Amazon Cognito Admin Link Provider for User
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminLinkProviderForUser
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Links an existing user account in a user pool (<code>DestinationUser</code>) to an identity from an external IdP
    (<code>SourceUser</code>) based on a specified attribute name and value from the external IdP. This allows you to create
    a link from the existing user account to an external federated user identity that has not yet been used to sign in. You
    can then use the federated user identity to sign in as the existing user account. </p> <p> For example, if there is an
    existing user with a use
- info:
    name: Amazon Cognito Admin List Devices
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminListDevices
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Lists devices, as an administrator.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management (IAM)
    policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and
    you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p> <ul>
    <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services
    API Requests</a> </p>
- info:
    name: Amazon Cognito Admin List Groups for User
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminListGroupsForUser
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    params:
    - name: Limit
      value: ''
      type: query
      description: Pagination limit
    - name: NextToken
      value: ''
      type: query
      description: Pagination token
    body:
      type: json
      data: '{}'
  docs: <p>Lists the groups that the user belongs to.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management
    (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests,
    and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p>
    <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web
    Services API Requests</
- info:
    name: Amazon Cognito Admin List User Auth Events
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminListUserAuthEvents
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    params:
    - name: MaxResults
      value: ''
      type: query
      description: Pagination limit
    - name: NextToken
      value: ''
      type: query
      description: Pagination token
    body:
      type: json
      data: '{}'
  docs: <p>A history of user activity and any risks detected as part of Amazon Cognito advanced security.</p> <note> <p>Amazon
    Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation,
    you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a
    policy.</p> <p class="title"> <b>Learn more</b> </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-sign
- info:
    name: Amazon Cognito Admin Remove User from Group
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminRemoveUserFromGroup
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: '<p>Removes the specified user from the specified group.</p> <note> <p>Amazon Cognito evaluates Identity and Access
    Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize
    requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b>
    </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon
    Web Services API '
- info:
    name: Amazon Cognito Admin Reset User Password
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminResetUserPassword
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Resets the specified user's password in a user pool as an administrator. Works on any user.</p> <note> <p>This
    action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination
    phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
    must register a phone number with <a href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon
    Cognito uses the registe
- info:
    name: Amazon Cognito Admin Respond to Auth Challenge
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminRespondToAuthChallenge
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Responds to an authentication challenge, as an administrator.</p> <note> <p>This action might generate an SMS text
    message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can
    send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number
    with <a href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon Cognito uses the registered number
    automatically. Othe
- info:
    name: Amazon Cognito Admin Set User M F a Preference
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminSetUserMFAPreference
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any
    are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if
    multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA
    option will be returned during sign-in.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies
    in requests for this
- info:
    name: Amazon Cognito Admin Set User Password
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminSetUserPassword
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Sets the specified user's password in a user pool as an administrator. Works on any user. </p> <p>The password
    can be temporary or permanent. If it is temporary, the user status enters the <code>FORCE_CHANGE_PASSWORD</code> state.
    When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth response will contain the <code>NEW_PASSWORD_REQUIRED</code>
    challenge. If the user doesn't sign in before it expires, the user won't be able to sign in, and an administrator must
    reset their pa
- info:
    name: Amazon Cognito Admin Set User Settings
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminSetUserSettings
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p> <i>This action is no longer supported.</i> You can use it to configure only SMS MFA. You can't use it to configure
    time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html">AdminSetUserMFAPreference</a>
    instead.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API
    operation. For thi
- info:
    name: Amazon Cognito Admin Update Auth Event Feedback
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminUpdateAuthEventFeedback
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for
    improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.</p> <note> <p>Amazon
    Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation,
    you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a
    policy.</p> <p class="ti
- info:
    name: Amazon Cognito Admin Update Device Status
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminUpdateDeviceStatus
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Updates the device status as an administrator.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management
    (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests,
    and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p>
    <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web
    Services API Reques
- info:
    name: Amazon Cognito Admin Update User Attributes
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminUpdateUserAttributes
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to
    register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages
    in Amazon Cognito, you must register a phone number with <a href="https://console.aws.amazon.com/pinpoint/home/">Amazon
    Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive
    SMS messages might not b
- info:
    name: Amazon Cognito Admin User Global Sign Out
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminUserGlobalSignOut
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Signs out a user from all devices. <code>AdminUserGlobalSignOut</code> invalidates all identity, access and refresh
    tokens that Amazon Cognito has issued to a user. A user can still use a hosted UI cookie to retrieve new tokens for the
    duration of the 1-hour cookie validity period.</p> <p>Your app isn't aware that a user's access token is revoked unless
    it attempts to authorize a user pools API request with an access token that contains the scope <code>aws.cognito.signin.user.admin</code>.
    Yo
- info:
    name: Amazon Cognito Associate Software Token
    type: http
  http:
    method: POST
    url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AssociateSoftwareToken
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    - name: X-Amz-Target
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique
    private key that Amazon Cognito generates and returns in the API response. You can authorize an <code>AssociateSoftwareToken</code>
    re

# --- truncated at 32 KB (108 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/amazon-cognito/refs/heads/main/apis.yml