CognitoIdentityProvider¶
Client¶
- class CognitoIdentityProvider.Client¶
A low-level client representing Amazon Cognito Identity Provider
With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To authenticate users from third-party identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the authentication and authorization of federated users at Adding user pool sign-in through a third party and in the User pool federation endpoints and managed login reference.
This API reference provides detailed information about API operations and object types in Amazon Cognito.
Along with resource management operations, the Amazon Cognito user pools API includes classes of operations and authorization models for client-side and server-side authentication of users. You can interact with operations in the Amazon Cognito user pools API as any of the following subjects.
An administrator who wants to configure user pools, app clients, users, groups, or other user pool functions.
A server-side app, like a web application, that wants to use its Amazon Web Services privileges to manage, authenticate, or authorize a user.
A client-side app, like a mobile app, that wants to make unauthenticated requests to manage, authenticate, or authorize a user.
For more information, see Understanding API, OIDC, and managed login pages authentication in the Amazon Cognito Developer Guide.
With your Amazon Web Services SDK, you can build the logic to support operational flows in every use case for this API. You can also make direct REST API requests to Amazon Cognito user pools service endpoints. The following links can get you started with the
CognitoIdentityProviderclient in supported Amazon Web Services SDKs.To get started with an Amazon Web Services SDK, see Tools to Build on Amazon Web Services. For example actions and scenarios, see Code examples for Amazon Cognito Identity Provider using Amazon Web Services SDKs.
client = session.create_client('cognito-idp')
These are the available methods:
- add_custom_attributes
- admin_add_user_to_group
- admin_confirm_sign_up
- admin_create_user
- admin_delete_user
- admin_delete_user_attributes
- admin_disable_provider_for_user
- admin_disable_user
- admin_enable_user
- admin_forget_device
- admin_get_device
- admin_get_user
- admin_initiate_auth
- admin_link_provider_for_user
- admin_list_devices
- admin_list_groups_for_user
- admin_list_user_auth_events
- admin_remove_user_from_group
- admin_reset_user_password
- admin_respond_to_auth_challenge
- admin_set_user_mfa_preference
- admin_set_user_password
- admin_set_user_settings
- admin_update_auth_event_feedback
- admin_update_device_status
- admin_update_user_attributes
- admin_user_global_sign_out
- associate_software_token
- can_paginate
- change_password
- close
- complete_web_authn_registration
- confirm_device
- confirm_forgot_password
- confirm_sign_up
- create_group
- create_identity_provider
- create_managed_login_branding
- create_resource_server
- create_user_import_job
- create_user_pool
- create_user_pool_client
- create_user_pool_domain
- delete_group
- delete_identity_provider
- delete_managed_login_branding
- delete_resource_server
- delete_user
- delete_user_attributes
- delete_user_pool
- delete_user_pool_client
- delete_user_pool_domain
- delete_web_authn_credential
- describe_identity_provider
- describe_managed_login_branding
- describe_managed_login_branding_by_client
- describe_resource_server
- describe_risk_configuration
- describe_user_import_job
- describe_user_pool
- describe_user_pool_client
- describe_user_pool_domain
- forget_device
- forgot_password
- get_csv_header
- get_device
- get_group
- get_identity_provider_by_identifier
- get_log_delivery_configuration
- get_paginator
- get_signing_certificate
- get_tokens_from_refresh_token
- get_ui_customization
- get_user
- get_user_attribute_verification_code
- get_user_auth_factors
- get_user_pool_mfa_config
- get_waiter
- global_sign_out
- initiate_auth
- list_devices
- list_groups
- list_identity_providers
- list_resource_servers
- list_tags_for_resource
- list_user_import_jobs
- list_user_pool_clients
- list_user_pools
- list_users
- list_users_in_group
- list_web_authn_credentials
- resend_confirmation_code
- respond_to_auth_challenge
- revoke_token
- set_log_delivery_configuration
- set_risk_configuration
- set_ui_customization
- set_user_mfa_preference
- set_user_pool_mfa_config
- set_user_settings
- sign_up
- start_user_import_job
- start_web_authn_registration
- stop_user_import_job
- tag_resource
- untag_resource
- update_auth_event_feedback
- update_device_status
- update_group
- update_identity_provider
- update_managed_login_branding
- update_resource_server
- update_user_attributes
- update_user_pool
- update_user_pool_client
- update_user_pool_domain
- verify_software_token
- verify_user_attribute
Client Exceptions¶
Client exceptions are available on a client instance via the exceptions property. For more detailed instructions and examples on the exact usage of client exceptions, see the error handling user guide.
The available client exceptions are:
- AliasExistsException
- CodeDeliveryFailureException
- CodeMismatchException
- ConcurrentModificationException
- DeviceKeyExistsException
- DuplicateProviderException
- EnableSoftwareTokenMFAException
- ExpiredCodeException
- FeatureUnavailableInTierException
- ForbiddenException
- GroupExistsException
- InternalErrorException
- InvalidEmailRoleAccessPolicyException
- InvalidLambdaResponseException
- InvalidOAuthFlowException
- InvalidParameterException
- InvalidPasswordException
- InvalidSmsRoleAccessPolicyException
- InvalidSmsRoleTrustRelationshipException
- InvalidUserPoolConfigurationException
- LimitExceededException
- MFAMethodNotFoundException
- ManagedLoginBrandingExistsException
- NotAuthorizedException
- PasswordHistoryPolicyViolationException
- PasswordResetRequiredException
- PreconditionNotMetException
- RefreshTokenReuseException
- ResourceNotFoundException
- ScopeDoesNotExistException
- SoftwareTokenMFANotFoundException
- TierChangeNotAllowedException
- TooManyFailedAttemptsException
- TooManyRequestsException
- UnauthorizedException
- UnexpectedLambdaException
- UnsupportedIdentityProviderException
- UnsupportedOperationException
- UnsupportedTokenTypeException
- UnsupportedUserStateException
- UserImportInProgressException
- UserLambdaValidationException
- UserNotConfirmedException
- UserNotFoundException
- UserPoolAddOnNotEnabledException
- UserPoolTaggingException
- UsernameExistsException
- WebAuthnChallengeNotFoundException
- WebAuthnClientMismatchException
- WebAuthnConfigurationMissingException
- WebAuthnCredentialNotSupportedException
- WebAuthnNotEnabledException
- WebAuthnOriginNotAllowedException
- WebAuthnRelyingPartyMismatchException
Paginators¶
Paginators are available on a client instance via the get_paginator method. For more detailed instructions and examples on the usage of paginators, see the paginators user guide.
The available paginators are: