Amazon Cognito
Amazon Cognito is a fully managed AWS user identity and authentication service that adds sign-up, sign-in, and access control to web and mobile applications, scaling to millions of users. It provides User Pools for authentication (user directories, MFA, customizable auth flows) and Identity Pools for authorization (federated identities that dispense temporary AWS credentials), with support for OAuth 2.0, OpenID Connect, and SAML 2.0. The Cognito APIs are AWS regional service endpoints accessed over HTTPS using AWS Signature Version 4 (SigV4), typically via the AWS SDKs.
2 APIs
0 Features
AuthenticationIdentityOAuthOIDCSAMLUser ManagementFederated Identity
opencollection: 1.0.0
info:
name: Amazon Cognito Identity Provider
version: '2016-04-18'
request:
auth:
type: apikey
key: Authorization
value: '{{Authorization}}'
placement: header
items:
- info:
name: Amazon Cognito Add Custom Attributes
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AddCustomAttributes
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: '<p>Adds additional user attributes to the user pool schema.</p> <note> <p>Amazon Cognito evaluates Identity and Access
Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b>
</p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon
Web Services '
- info:
name: Amazon Cognito Admin Add User to Group
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminAddUserToGroup
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Adds the specified user to the specified group.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management
(IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests,
and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p>
<ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web
Services API Reque
- info:
name: Amazon Cognito Admin Confirm Sign Up
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminConfirmSignUp
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Confirms user registration as an admin without using a confirmation code. Works on any user.</p> <note> <p>Amazon
Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation,
you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a
policy.</p> <p class="title"> <b>Learn more</b> </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signin
- info:
name: Amazon Cognito Admin Create User
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminCreateUser
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Creates a new user in the specified user pool.</p> <p>If <code>MessageAction</code> isn't set, the default is to
send a welcome message via email or phone (SMS).</p> <note> <p>This action might generate an SMS text message. Starting
June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages
to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a href="https://console.aws.amazon.co
- info:
name: Amazon Cognito Admin Delete User
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminDeleteUser
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Deletes a user as an administrator. Works on any user.</p> <note> <p>Amazon Cognito evaluates Identity and Access
Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b>
</p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon
Web Services AP
- info:
name: Amazon Cognito Admin Delete User Attributes
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminDeleteUserAttributes
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Deletes the user attributes in a user pool as an administrator. Works on any user.</p> <note> <p>Amazon Cognito
evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must
use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.</p>
<p class="title"> <b>Learn more</b> </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Si
- info:
name: Amazon Cognito Admin Disable Provider for User
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminDisableProviderForUser
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the
user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can't use their
password to sign in. If the user to deactivate is a linked external IdP user, any link between that user and an existing
user is removed. When the external user signs in again, and the user is no longer attached to the previously linked <code>DestinationUser</code>,
t
- info:
name: Amazon Cognito Admin Disable User
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminDisableUser
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Deactivates a user and revokes all access tokens for the user. A deactivated user can't sign in, but still appears
in the responses to <code>GetUser</code> and <code>ListUsers</code> API requests.</p> <note> <p>Amazon Cognito evaluates
Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM
credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title">
<b>Learn mo
- info:
name: Amazon Cognito Admin Enable User
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminEnableUser
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Enables the specified user as an administrator. Works on any user.</p> <note> <p>Amazon Cognito evaluates Identity
and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials
to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title">
<b>Learn more</b> </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing
Amazon Web
- info:
name: Amazon Cognito Admin Forget Device
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminForgetDevice
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Forgets the device, as an administrator.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management
(IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests,
and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p>
<ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web
Services API Requests</a>
- info:
name: Amazon Cognito Admin Get Device
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminGetDevice
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Gets the device, as an administrator.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management (IAM)
policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and
you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p> <ul>
<li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services
API Requests</a> </
- info:
name: Amazon Cognito Admin Get User
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminGetUser
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Gets the specified user by user name in a user pool as an administrator. Works on any user.</p> <note> <p>Amazon
Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation,
you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a
policy.</p> <p class="title"> <b>Learn more</b> </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing
- info:
name: Amazon Cognito Admin Initiate Auth
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminInitiateAuth
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Initiates the authentication flow, as an administrator.</p> <note> <p>This action might generate an SMS text message.
Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS
messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with <a
href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon Cognito uses the registered number automatically.
Otherwise,
- info:
name: Amazon Cognito Admin Link Provider for User
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminLinkProviderForUser
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Links an existing user account in a user pool (<code>DestinationUser</code>) to an identity from an external IdP
(<code>SourceUser</code>) based on a specified attribute name and value from the external IdP. This allows you to create
a link from the existing user account to an external federated user identity that has not yet been used to sign in. You
can then use the federated user identity to sign in as the existing user account. </p> <p> For example, if there is an
existing user with a use
- info:
name: Amazon Cognito Admin List Devices
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminListDevices
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Lists devices, as an administrator.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management (IAM)
policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and
you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p> <ul>
<li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services
API Requests</a> </p>
- info:
name: Amazon Cognito Admin List Groups for User
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminListGroupsForUser
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
params:
- name: Limit
value: ''
type: query
description: Pagination limit
- name: NextToken
value: ''
type: query
description: Pagination token
body:
type: json
data: '{}'
docs: <p>Lists the groups that the user belongs to.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management
(IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests,
and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p>
<ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web
Services API Requests</
- info:
name: Amazon Cognito Admin List User Auth Events
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminListUserAuthEvents
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
params:
- name: MaxResults
value: ''
type: query
description: Pagination limit
- name: NextToken
value: ''
type: query
description: Pagination token
body:
type: json
data: '{}'
docs: <p>A history of user activity and any risks detected as part of Amazon Cognito advanced security.</p> <note> <p>Amazon
Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation,
you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a
policy.</p> <p class="title"> <b>Learn more</b> </p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-sign
- info:
name: Amazon Cognito Admin Remove User from Group
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminRemoveUserFromGroup
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: '<p>Removes the specified user from the specified group.</p> <note> <p>Amazon Cognito evaluates Identity and Access
Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize
requests, and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b>
</p> <ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon
Web Services API '
- info:
name: Amazon Cognito Admin Reset User Password
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminResetUserPassword
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Resets the specified user's password in a user pool as an administrator. Works on any user.</p> <note> <p>This
action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination
phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
must register a phone number with <a href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon
Cognito uses the registe
- info:
name: Amazon Cognito Admin Respond to Auth Challenge
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminRespondToAuthChallenge
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Responds to an authentication challenge, as an administrator.</p> <note> <p>This action might generate an SMS text
message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can
send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number
with <a href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. Amazon Cognito uses the registered number
automatically. Othe
- info:
name: Amazon Cognito Admin Set User M F a Preference
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminSetUserMFAPreference
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any
are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if
multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA
option will be returned during sign-in.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies
in requests for this
- info:
name: Amazon Cognito Admin Set User Password
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminSetUserPassword
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Sets the specified user's password in a user pool as an administrator. Works on any user. </p> <p>The password
can be temporary or permanent. If it is temporary, the user status enters the <code>FORCE_CHANGE_PASSWORD</code> state.
When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth response will contain the <code>NEW_PASSWORD_REQUIRED</code>
challenge. If the user doesn't sign in before it expires, the user won't be able to sign in, and an administrator must
reset their pa
- info:
name: Amazon Cognito Admin Set User Settings
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminSetUserSettings
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p> <i>This action is no longer supported.</i> You can use it to configure only SMS MFA. You can't use it to configure
time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html">AdminSetUserMFAPreference</a>
instead.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API
operation. For thi
- info:
name: Amazon Cognito Admin Update Auth Event Feedback
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminUpdateAuthEventFeedback
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for
improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.</p> <note> <p>Amazon
Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation,
you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a
policy.</p> <p class="ti
- info:
name: Amazon Cognito Admin Update Device Status
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminUpdateDeviceStatus
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Updates the device status as an administrator.</p> <note> <p>Amazon Cognito evaluates Identity and Access Management
(IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests,
and you must grant yourself the corresponding IAM permission in a policy.</p> <p class="title"> <b>Learn more</b> </p>
<ul> <li> <p> <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web
Services API Reques
- info:
name: Amazon Cognito Admin Update User Attributes
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminUpdateUserAttributes
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <note> <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to
register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages
in Amazon Cognito, you must register a phone number with <a href="https://console.aws.amazon.com/pinpoint/home/">Amazon
Pinpoint</a>. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive
SMS messages might not b
- info:
name: Amazon Cognito Admin User Global Sign Out
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AdminUserGlobalSignOut
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Signs out a user from all devices. <code>AdminUserGlobalSignOut</code> invalidates all identity, access and refresh
tokens that Amazon Cognito has issued to a user. A user can still use a hosted UI cookie to retrieve new tokens for the
duration of the 1-hour cookie validity period.</p> <p>Your app isn't aware that a user's access token is revoked unless
it attempts to authorize a user pools API request with an access token that contains the scope <code>aws.cognito.signin.user.admin</code>.
Yo
- info:
name: Amazon Cognito Associate Software Token
type: http
http:
method: POST
url: http://cognito-idp.{region}.amazonaws.com/#X-Amz-Target=AWSCognitoIdentityProviderService.AssociateSoftwareToken
headers:
- name: X-Amz-Content-Sha256
value: ''
- name: X-Amz-Date
value: ''
- name: X-Amz-Algorithm
value: ''
- name: X-Amz-Credential
value: ''
- name: X-Amz-Security-Token
value: ''
- name: X-Amz-Signature
value: ''
- name: X-Amz-SignedHeaders
value: ''
- name: X-Amz-Target
value: ''
body:
type: json
data: '{}'
docs: <p>Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique
private key that Amazon Cognito generates and returns in the API response. You can authorize an <code>AssociateSoftwareToken</code>
re
# --- truncated at 32 KB (108 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/amazon-cognito/refs/heads/main/apis.yml