From 7ebff000eb20b854482d7f76227b3f141cb0ec4c Mon Sep 17 00:00:00 2001 From: awsmobilesdk Date: Mon, 17 Jun 2024 18:22:41 +0000 Subject: [PATCH] feat(AWSCognitoIdentityProvider): update models to latest --- AWSCognitoIdentityProvider.podspec | 2 +- .../AWSCognitoIdentityProviderResources.m | 81 ++++++++++++------- 2 files changed, 55 insertions(+), 28 deletions(-) diff --git a/AWSCognitoIdentityProvider.podspec b/AWSCognitoIdentityProvider.podspec index 34c5e8887d0..80a39ab83d3 100644 --- a/AWSCognitoIdentityProvider.podspec +++ b/AWSCognitoIdentityProvider.podspec @@ -19,5 +19,5 @@ Pod::Spec.new do |s| s.source_files = 'AWSCognitoIdentityProvider/**/*.{h,m,c}' s.public_header_files = 'AWSCognitoIdentityProvider/*.h' s.private_header_files = 'AWSCognitoIdentityProvider/Internal/*.h' - s.resource_bundle = { 'AWSCognitoIdentityProvider' => ['AWSCognitoIdentityProvider/PrivacyInfo.xcprivacy'] } + s.resource_bundle = { 'AWSCognitoIdentityProvider' => ['AWSCognitoIdentityProvider/PrivacyInfo.xcprivacy']} end diff --git a/AWSCognitoIdentityProvider/AWSCognitoIdentityProviderResources.m b/AWSCognitoIdentityProvider/AWSCognitoIdentityProviderResources.m index 670261330c7..fa1ef972cae 100644 --- a/AWSCognitoIdentityProvider/AWSCognitoIdentityProviderResources.m +++ b/AWSCognitoIdentityProvider/AWSCognitoIdentityProviderResources.m @@ -68,7 +68,8 @@ - (NSString *)definitionString { \"serviceId\":\"Cognito Identity Provider\",\ \"signatureVersion\":\"v4\",\ \"targetPrefix\":\"AWSCognitoIdentityProviderService\",\ - \"uid\":\"cognito-idp-2016-04-18\"\ + \"uid\":\"cognito-idp-2016-04-18\",\ + \"auth\":[\"aws.auth#sigv4\"]\ },\ \"operations\":{\ \"AddCustomAttributes\":{\ @@ -631,7 +632,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an AssociateSoftwareToken request with either the user's access token, or a session string from a challenge response that you received from Amazon Cognito.

Amazon Cognito disassociates an existing software token when you verify the new token in a VerifySoftwareToken API request. If you don't verify the software token and your user pool doesn't require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an MFA_SETUP or SOFTWARE_TOKEN_SETUP challenge each time your user signs. Complete setup with AssociateSoftwareToken and VerifySoftwareToken.

After you set up software token MFA for your user, Amazon Cognito generates a SOFTWARE_TOKEN_MFA challenge when they authenticate. Respond to this challenge with your user's TOTP.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"ChangePassword\":{\ \"name\":\"ChangePassword\",\ @@ -655,7 +657,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Changes the password for a specified user in a user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"ConfirmDevice\":{\ \"name\":\"ConfirmDevice\",\ @@ -681,7 +684,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Confirms tracking of the device. This API call is the call that begins device tracking. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"ConfirmForgotPassword\":{\ \"name\":\"ConfirmForgotPassword\",\ @@ -710,7 +714,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Allows a user to enter a confirmation code to reset a forgotten password.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"ConfirmSignUp\":{\ \"name\":\"ConfirmSignUp\",\ @@ -738,7 +743,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

This public API operation provides a code that Amazon Cognito sent to your user when they signed up in your user pool via the SignUp API operation. After your user enters their code, they confirm ownership of the email address or phone number that they provided, and their user account becomes active. Depending on your user pool configuration, your users will receive their confirmation code in an email or SMS message.

Local users who signed up in your user pool are the only type of user who can confirm sign-up with a code. Users who federate through an external identity provider (IdP) have already been confirmed by their IdP. Administrator-created users, users created with the AdminCreateUser API operation, confirm their accounts when they respond to their invitation email message and choose a password. They do not receive a confirmation code. Instead, they receive a temporary password.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"CreateGroup\":{\ \"name\":\"CreateGroup\",\ @@ -942,7 +948,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Allows a user to delete their own user profile.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"DeleteUserAttributes\":{\ \"name\":\"DeleteUserAttributes\",\ @@ -964,7 +971,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Deletes the attributes for a user.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"DeleteUserPool\":{\ \"name\":\"DeleteUserPool\",\ @@ -1156,7 +1164,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Forgets the specified device. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"ForgotPassword\":{\ \"name\":\"ForgotPassword\",\ @@ -1184,7 +1193,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the password, call ConfirmForgotPassword.

If neither a verified phone number nor a verified email exists, this API returns InvalidParameterException. If your app client has a client secret and you don't provide a SECRET_HASH parameter, this API returns NotAuthorizedException.

To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"GetCSVHeader\":{\ \"name\":\"GetCSVHeader\",\ @@ -1224,7 +1234,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Gets the device. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"GetGroup\":{\ \"name\":\"GetGroup\",\ @@ -1329,7 +1340,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Gets the user attributes and metadata for a user.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"GetUserAttributeVerificationCode\":{\ \"name\":\"GetUserAttributeVerificationCode\",\ @@ -1359,7 +1371,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"GetUserPoolMfaConfig\":{\ \"name\":\"GetUserPoolMfaConfig\",\ @@ -1397,7 +1410,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Invalidates the identity, access, and refresh tokens that Amazon Cognito issued to a user. Call this operation when your user signs out of your app. This results in the following behavior.

Other requests might be valid until your user's token expires.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"InitiateAuth\":{\ \"name\":\"InitiateAuth\",\ @@ -1425,7 +1439,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with InitiateAuth. For more information, see Adding user pool sign-in through a third party.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"ListDevices\":{\ \"name\":\"ListDevices\",\ @@ -1448,7 +1463,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Lists the sign-in devices that Amazon Cognito has registered to the current user. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"ListGroups\":{\ \"name\":\"ListGroups\",\ @@ -1628,7 +1644,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Resends the confirmation (for confirmation of registration) to a specific user in the user pool.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"RespondToAuthChallenge\":{\ \"name\":\"RespondToAuthChallenge\",\ @@ -1662,7 +1679,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A RespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.

For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"RevokeToken\":{\ \"name\":\"RevokeToken\",\ @@ -1682,7 +1700,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"SetLogDeliveryConfiguration\":{\ \"name\":\"SetLogDeliveryConfiguration\",\ @@ -1757,7 +1776,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"SetUserPoolMfaConfig\":{\ \"name\":\"SetUserPoolMfaConfig\",\ @@ -1798,7 +1818,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"SignUp\":{\ \"name\":\"SignUp\",\ @@ -1827,7 +1848,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Registers the user in the specified user pool and creates a user name, password, and user attributes.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"StartUserImportJob\":{\ \"name\":\"StartUserImportJob\",\ @@ -1917,7 +1939,8 @@ - (NSString *)definitionString { {\"shape\":\"InternalErrorException\"}\ ],\ \"documentation\":\"

Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"UpdateDeviceStatus\":{\ \"name\":\"UpdateDeviceStatus\",\ @@ -1940,7 +1963,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Updates the device status. For more information about device authentication, see Working with user devices in your user pool.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"UpdateGroup\":{\ \"name\":\"UpdateGroup\",\ @@ -2025,7 +2049,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user's access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the custom: prefix.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"UpdateUserPool\":{\ \"name\":\"UpdateUserPool\",\ @@ -2112,7 +2137,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as \\\"verified\\\" if successful. The request takes an access token or a session string, but not both.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ },\ \"VerifyUserAttribute\":{\ \"name\":\"VerifyUserAttribute\",\ @@ -2138,7 +2164,8 @@ - (NSString *)definitionString { {\"shape\":\"ForbiddenException\"}\ ],\ \"documentation\":\"

Verifies the specified user attributes in the user pool.

If your user pool requires verification before Amazon Cognito updates the attribute value, VerifyUserAttribute updates the affected attribute to its pending value. For more information, see UserAttributeUpdateSettingsType.

Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.

\",\ - \"authtype\":\"none\"\ + \"authtype\":\"none\",\ + \"auth\":[\"smithy.api#noAuth\"]\ }\ },\ \"shapes\":{\