이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

aws_cognito_user_pool

account_id

Type: STRING

account_recovery_setting

Type: STRUCT
Provider name: AccountRecoverySetting
Description: The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn’t qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.

  • recovery_mechanisms
    Type: UNORDERED_LIST_STRUCT
    Provider name: RecoveryMechanisms
    Description: The list of RecoveryOptionTypes.
    • name
      Type: STRING
      Provider name: Name
      Description: The recovery method for a user.
    • priority
      Type: INT32
      Provider name: Priority
      Description: A positive integer specifying priority of a method with 1 being the highest priority.

admin_create_user_config

Type: STRUCT
Provider name: AdminCreateUserConfig
Description: The configuration for AdminCreateUser requests.

  • allow_admin_create_user_only
    Type: BOOLEAN
    Provider name: AllowAdminCreateUserOnly
    Description: Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app.
  • invite_message_template
    Type: STRUCT
    Provider name: InviteMessageTemplate
    Description: The message template to be used for the welcome message to new users. See also Customizing User Invitation Messages.
    • email_message
      Type: STRING
      Provider name: EmailMessage
      Description: The message template for email messages. EmailMessage is allowed only if EmailSendingAccount is DEVELOPER.
    • email_subject
      Type: STRING
      Provider name: EmailSubject
      Description: The subject line for email messages. EmailSubject is allowed only if EmailSendingAccount is DEVELOPER.
    • sms_message
      Type: STRING
      Provider name: SMSMessage
      Description: The message template for SMS messages.
  • unused_account_validity_days
    Type: INT32
    Provider name: UnusedAccountValidityDays
    Description: The user account expiration limit, in days, after which a new account that hasn’t signed in is no longer usable. To reset the account after that time limit, you must call AdminCreateUser again, specifying “RESEND” for the MessageAction parameter. The default value for this parameter is 7. If you set a value for TemporaryPasswordValidityDays in PasswordPolicy, that value will be used, and UnusedAccountValidityDays will be no longer be an available parameter for that user pool.

alias_attributes

Type: UNORDERED_LIST_STRING
Provider name: AliasAttributes
Description: The attributes that are aliased in a user pool.

arn

Type: STRING
Provider name: Arn
Description: The Amazon Resource Name (ARN) for the user pool.

auto_verified_attributes

Type: UNORDERED_LIST_STRING
Provider name: AutoVerifiedAttributes
Description: The attributes that are auto-verified in a user pool.

creation_date

Type: TIMESTAMP
Provider name: CreationDate
Description: The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.

custom_domain

Type: STRING
Provider name: CustomDomain
Description: A custom domain name that you provide to Amazon Cognito. This parameter applies only if you use a custom domain to host the sign-up and sign-in pages for your application. An example of a custom domain name might be auth.example.com. For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.

deletion_protection

Type: STRING
Provider name: DeletionProtection
Description: When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature. When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.

device_configuration

Type: STRUCT
Provider name: DeviceConfiguration
Description: The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool. When you provide a value for any DeviceConfiguration field, you activate the Amazon Cognito device-remembering feature.

  • challenge_required_on_new_device
    Type: BOOLEAN
    Provider name: ChallengeRequiredOnNewDevice
    Description: When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA). Whether or not ChallengeRequiredOnNewDevice is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.
  • device_only_remembered_on_user_prompt
    Type: BOOLEAN
    Provider name: DeviceOnlyRememberedOnUserPrompt
    Description: When true, Amazon Cognito doesn’t automatically remember a user’s device when your app sends a ConfirmDevice API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user’s choice in an UpdateDeviceStatus API request. When DeviceOnlyRememberedOnUserPrompt is false, Amazon Cognito immediately remembers devices that you register in a ConfirmDevice API request.

domain

Type: STRING
Provider name: Domain
Description: The domain prefix, if the user pool has a domain associated with it.

email_configuration

Type: STRUCT
Provider name: EmailConfiguration
Description: The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool.

  • configuration_set
    Type: STRING
    Provider name: ConfigurationSet
    Description: The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:
    Event publishing
    Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other Amazon Web Services services such as and Amazon CloudWatch
    IP pool management
    When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.

  • email_sending_account
    Type: STRING
    Provider name: EmailSendingAccount
    Description: Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:
    COGNITO_DEFAULT
    When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration. To look up the email delivery limit for the default option, see Limits in the Amazon Cognito Developer Guide. The default FROM address is no-reply@verificationemail.com. To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the SourceArn parameter.
    DEVELOPER
    When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your Amazon Web Services account. If you use this option, provide the ARN of an Amazon SES verified email address for the SourceArn parameter. Before Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a service-linked role, which is a type of role in your Amazon Web Services account. This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon Cognito in the Amazon Cognito Developer Guide.

  • from
    Type: STRING
    Provider name: From
    Description: Either the sender’s email address or the sender’s name with their email address. For example, testuser@example.com or Test User <testuser@example.com>. This address appears before the body of the email.
  • reply_to_email_address
    Type: STRING
    Provider name: ReplyToEmailAddress
    Description: The destination to which the receiver of the email should reply.
  • source_arn
    Type: STRING
    Provider name: SourceArn
    Description: The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a SourceArn email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the EmailSendingAccount parameter:
    • If you specify COGNITO_DEFAULT, Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.
    • If you specify DEVELOPER, Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.
    The Region value of the SourceArn parameter must indicate a supported Amazon Web Services Region of your user pool. Typically, the Region in the SourceArn and the user pool Region are the same. For more information, see Amazon SES email configuration regions in the Amazon Cognito Developer Guide.

email_configuration_failure

Type: STRING
Provider name: EmailConfigurationFailure
Description: Deprecated. Review error codes from API requests with EventSource:cognito-idp.amazonaws.com in CloudTrail for information about problems with user pool email configuration.

email_verification_message

Type: STRING
Provider name: EmailVerificationMessage
Description: This parameter is no longer used. See VerificationMessageTemplateType.

email_verification_subject

Type: STRING
Provider name: EmailVerificationSubject
Description: This parameter is no longer used. See VerificationMessageTemplateType.

estimated_number_of_users

Type: INT32
Provider name: EstimatedNumberOfUsers
Description: A number estimating the size of the user pool.

id

Type: STRING
Provider name: Id
Description: The ID of the user pool.

lambda_config

Type: STRUCT
Provider name: LambdaConfig
Description: The Lambda triggers associated with the user pool.

  • create_auth_challenge
    Type: STRING
    Provider name: CreateAuthChallenge
    Description: Creates an authentication challenge.
  • custom_email_sender
    Type: STRUCT
    Provider name: CustomEmailSender
    Description: A custom email sender Lambda trigger.
    • lambda_arn
      Type: STRING
      Provider name: LambdaArn
      Description: The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.
    • lambda_version
      Type: STRING
      Provider name: LambdaVersion
      Description: The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features. You must use a LambdaVersion of V1_0 with a custom sender function.
  • custom_message
    Type: STRING
    Provider name: CustomMessage
    Description: A custom Message Lambda trigger.
  • custom_sms_sender
    Type: STRUCT
    Provider name: CustomSMSSender
    Description: A custom SMS sender Lambda trigger.
    • lambda_arn
      Type: STRING
      Provider name: LambdaArn
      Description: The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.
    • lambda_version
      Type: STRING
      Provider name: LambdaVersion
      Description: The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features. You must use a LambdaVersion of V1_0 with a custom sender function.
  • define_auth_challenge
    Type: STRING
    Provider name: DefineAuthChallenge
    Description: Defines the authentication challenge.
  • kms_key_id
    Type: STRING
    Provider name: KMSKeyID
    Description: The Amazon Resource Name (ARN) of an KMS key. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to CustomEmailSender and CustomSMSSender.
  • post_authentication
    Type: STRING
    Provider name: PostAuthentication
    Description: A post-authentication Lambda trigger.
  • post_confirmation
    Type: STRING
    Provider name: PostConfirmation
    Description: A post-confirmation Lambda trigger.
  • pre_authentication
    Type: STRING
    Provider name: PreAuthentication
    Description: A pre-authentication Lambda trigger.
  • pre_sign_up
    Type: STRING
    Provider name: PreSignUp
    Description: A pre-registration Lambda trigger.
  • pre_token_generation
    Type: STRING
    Provider name: PreTokenGeneration
    Description: The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger. Set this parameter for legacy purposes. If you also set an ARN in PreTokenGenerationConfig, its value must be identical to PreTokenGeneration. For new instances of pre token generation triggers, set the LambdaArn of PreTokenGenerationConfig. You can set
  • pre_token_generation_config
    Type: STRUCT
    Provider name: PreTokenGenerationConfig
    Description: The detailed configuration of a pre token generation trigger. If you also set an ARN in PreTokenGeneration, its value must be identical to PreTokenGenerationConfig.
    • lambda_arn
      Type: STRING
      Provider name: LambdaArn
      Description: The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger. This parameter and the PreTokenGeneration property of LambdaConfig have the same value. For new instances of pre token generation triggers, set LambdaArn.
    • lambda_version
      Type: STRING
      Provider name: LambdaVersion
      Description: The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.
  • user_migration
    Type: STRING
    Provider name: UserMigration
    Description: The user migration Lambda config type.
  • verify_auth_challenge_response
    Type: STRING
    Provider name: VerifyAuthChallengeResponse
    Description: Verifies the authentication challenge response.

last_modified_date

Type: TIMESTAMP
Provider name: LastModifiedDate
Description: The date and time when the item was modified. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.

mfa_configuration

Type: STRING
Provider name: MfaConfiguration
Description: Can be one of the following values:

  • OFF - MFA tokens aren’t required and can’t be specified during user registration.
  • ON - MFA tokens are required for all user registrations. You can only specify required when you’re initially creating a user pool.
  • OPTIONAL - Users have the option when registering to create an MFA token.

name

Type: STRING
Provider name: Name
Description: The name of the user pool.

policies

Type: STRUCT
Provider name: Policies
Description: The policies associated with the user pool.

  • password_policy
    Type: STRUCT
    Provider name: PasswordPolicy
    Description: The password policy.
    • minimum_length
      Type: INT32
      Provider name: MinimumLength
      Description: The minimum length of the password in the policy that you have set. This value can’t be less than 6.
    • require_lowercase
      Type: BOOLEAN
      Provider name: RequireLowercase
      Description: In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.
    • require_numbers
      Type: BOOLEAN
      Provider name: RequireNumbers
      Description: In the password policy that you have set, refers to whether you have required users to use at least one number in their password.
    • require_symbols
      Type: BOOLEAN
      Provider name: RequireSymbols
      Description: In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.
    • require_uppercase
      Type: BOOLEAN
      Provider name: RequireUppercase
      Description: In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.
    • temporary_password_validity_days
      Type: INT32
      Provider name: TemporaryPasswordValidityDays
      Description: The number of days a temporary password is valid in the password policy. If the user doesn’t sign in during this time, an administrator must reset their password. Defaults to 7. If you submit a value of 0, Amazon Cognito treats it as a null value and sets TemporaryPasswordValidityDays to its default value. When you set TemporaryPasswordValidityDays for a user pool, you can no longer set a value for the legacy UnusedAccountValidityDays parameter in that user pool.

providers

Type: UNORDERED_LIST_STRUCT
Provider name: Providers
Description: A list of IdP objects.

  • creation_date
    Type: TIMESTAMP
    Provider name: CreationDate
    Description: The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
  • last_modified_date
    Type: TIMESTAMP
    Provider name: LastModifiedDate
    Description: The date the provider was last modified.
  • provider_name
    Type: STRING
    Provider name: ProviderName
    Description: The IdP name.
  • provider_type
    Type: STRING
    Provider name: ProviderType
    Description: The IdP type.

schema_attributes

Type: UNORDERED_LIST_STRUCT
Provider name: SchemaAttributes
Description: A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a custom: prefix, and developer attributes with a dev: prefix. For more information, see User pool attributes. Developer-only attributes are a legacy feature of user pools, are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.

  • attribute_data_type
    Type: STRING
    Provider name: AttributeDataType
    Description: The data format of the values for your attribute. When you choose an AttributeDataType, Amazon Cognito validates the input against the data type. A custom attribute value in your user’s ID token is always a string, for example “custom:isMember” : “true” or “custom:YearsAsMember” : “12”.
  • developer_only_attribute
    Type: BOOLEAN
    Provider name: DeveloperOnlyAttribute
    Description: You should use WriteAttributes in the user pool client to control how attributes can be mutated for new use cases instead of using DeveloperOnlyAttribute. Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won’t be able to modify this attribute using their access token. For example, DeveloperOnlyAttribute can be modified using AdminUpdateUserAttributes but can’t be updated using UpdateUserAttributes.
  • mutable
    Type: BOOLEAN
    Provider name: Mutable
    Description: Specifies whether the value of the attribute can be changed. Any user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of true. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see Specifying Identity Provider Attribute Mappings for Your User Pool.
  • name
    Type: STRING
    Provider name: Name
    Description: The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a Name value of MyAttribute, Amazon Cognito creates the custom attribute custom:MyAttribute. When DeveloperOnlyAttribute is true, Amazon Cognito creates your attribute as dev:MyAttribute. In an operation that describes a user pool, Amazon Cognito returns this value as value for standard attributes, custom:value for custom attributes, and dev:value for developer-only attributes..
  • number_attribute_constraints
    Type: STRUCT
    Provider name: NumberAttributeConstraints
    Description: Specifies the constraints for an attribute of the number type.
    • max_value
      Type: STRING
      Provider name: MaxValue
      Description: The maximum length of a number attribute value. Must be a number less than or equal to 2^1023, represented as a string with a length of 131072 characters or fewer.
    • min_value
      Type: STRING
      Provider name: MinValue
      Description: The minimum value of an attribute that is of the number data type.
  • required
    Type: BOOLEAN
    Provider name: Required
    Description: Specifies whether a user pool attribute is required. If the attribute is required and the user doesn’t provide a value, registration or sign-in will fail.
  • string_attribute_constraints
    Type: STRUCT
    Provider name: StringAttributeConstraints
    Description: Specifies the constraints for an attribute of the string type.
    • max_length
      Type: STRING
      Provider name: MaxLength
      Description: The maximum length of a string attribute value. Must be a number less than or equal to 2^1023, represented as a string with a length of 131072 characters or fewer.
    • min_length
      Type: STRING
      Provider name: MinLength
      Description: The minimum length.

sms_authentication_message

Type: STRING
Provider name: SmsAuthenticationMessage
Description: The contents of the SMS authentication message.

sms_configuration

Type: STRUCT
Provider name: SmsConfiguration
Description: The SMS configuration with the settings that your Amazon Cognito user pool must use to send an SMS message from your Amazon Web Services account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.

  • external_id
    Type: STRING
    Provider name: ExternalId
    Description: The external ID provides additional security for your IAM role. You can use an ExternalId with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an ExternalId, your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the ExternalID. If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the ExternalId. For more information about the ExternalId of a role, see How to use an external ID when granting access to your Amazon Web Services resources to a third party
  • sns_caller_arn
    Type: STRING
    Provider name: SnsCallerArn
    Description: The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your Amazon Web Services account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a spending limit.
  • sns_region
    Type: STRING
    Provider name: SnsRegion
    Description: The Amazon Web Services Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported Legacy Amazon SNS alternate Region. Amazon Cognito resources in the Asia Pacific (Seoul) Amazon Web Services Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see SMS message settings for Amazon Cognito user pools.

sms_configuration_failure

Type: STRING
Provider name: SmsConfigurationFailure
Description: The reason why the SMS configuration can’t send the messages to your users. This message might include comma-separated values to describe why your SMS configuration can’t send messages to user pool end users.

InvalidSmsRoleAccessPolicyException
The Identity and Access Management role that Amazon Cognito uses to send SMS messages isn’t properly configured. For more information, see SmsConfigurationType.
SNSSandbox
The Amazon Web Services account is in the SNS SMS Sandbox and messages will only reach verified end users. This parameter won’t get populated with SNSSandbox if the user creating the user pool doesn’t have SNS permissions. To learn how to move your Amazon Web Services account out of the sandbox, see Moving out of the SMS sandbox.

sms_verification_message

Type: STRING
Provider name: SmsVerificationMessage
Description: This parameter is no longer used. See VerificationMessageTemplateType.

status

Type: STRING
Provider name: Status
Description: This parameter is no longer used.

tags

Type: UNORDERED_LIST_STRING

user_attribute_update_settings

Type: STRUCT
Provider name: UserAttributeUpdateSettings
Description: The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users’ email address and phone number attributes. For more information, see Verifying updates to email addresses and phone numbers.

  • attributes_require_verification_before_update
    Type: UNORDERED_LIST_STRING
    Provider name: AttributesRequireVerificationBeforeUpdate
    Description: Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn’t change the value of the attribute until your user responds to the verification message and confirms the new value. You can verify an updated email address or phone number with a VerifyUserAttribute API request. You can also call the AdminUpdateUserAttributes API and set email_verified or phone_number_verified to true. When AttributesRequireVerificationBeforeUpdate is false, your user pool doesn’t require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where AttributesRequireVerificationBeforeUpdate is false, API operations that change attribute values can immediately update a user’s email or phone_number attribute.

user_pool_add_ons

Type: STRUCT
Provider name: UserPoolAddOns
Description: User pool add-ons. Contains settings for activation of advanced security features. To log user security information but take no action, set to AUDIT. To configure automatic security responses to risky traffic to your user pool, set to ENFORCED. For more information, see Adding advanced security to a user pool.

  • advanced_security_mode
    Type: STRING
    Provider name: AdvancedSecurityMode
    Description: The operating mode of advanced security features in your user pool.

user_pool_tags

Type: MAP_STRING_STRING
Provider name: UserPoolTags
Description: The tags that are assigned to the user pool. A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

username_attributes

Type: UNORDERED_LIST_STRING
Provider name: UsernameAttributes
Description: Specifies whether a user can use an email address or phone number as a username when they sign up.

username_configuration

Type: STRUCT
Provider name: UsernameConfiguration
Description: Case sensitivity of the username input for the selected sign-in option. For example, when case sensitivity is set to False, users can sign in using either “username” or “Username”. This configuration is immutable once it has been set. For more information, see UsernameConfigurationType.

  • case_sensitive
    Type: BOOLEAN
    Provider name: CaseSensitive
    Description: Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to False (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name. Valid values include:
    True
    Enables case sensitivity for all username input. When this option is set to True, users must sign in using the exact capitalization of their given username, such as “UserName”. This is the default value.
    False
    Enables case insensitivity for all username input. For example, when this option is set to False, users can sign in using username, USERNAME, or UserName. This option also enables both preferred_username and email alias to be case insensitive, in addition to the username attribute.

verification_message_template

Type: STRUCT
Provider name: VerificationMessageTemplate
Description: The template for verification messages.

  • default_email_option
    Type: STRING
    Provider name: DefaultEmailOption
    Description: The default email option.
  • email_message
    Type: STRING
    Provider name: EmailMessage
    Description: The template for email messages that Amazon Cognito sends to your users. You can set an EmailMessage template only if the value of EmailSendingAccount is DEVELOPER. When your EmailSendingAccount is DEVELOPER, your user pool sends email messages with your own Amazon SES configuration.
  • email_message_by_link
    Type: STRING
    Provider name: EmailMessageByLink
    Description: The email message template for sending a confirmation link to the user. You can set an EmailMessageByLink template only if the value of EmailSendingAccount is DEVELOPER. When your EmailSendingAccount is DEVELOPER, your user pool sends email messages with your own Amazon SES configuration.
  • email_subject
    Type: STRING
    Provider name: EmailSubject
    Description: The subject line for the email message template. You can set an EmailSubject template only if the value of EmailSendingAccount is DEVELOPER. When your EmailSendingAccount is DEVELOPER, your user pool sends email messages with your own Amazon SES configuration.
  • email_subject_by_link
    Type: STRING
    Provider name: EmailSubjectByLink
    Description: The subject line for the email message template for sending a confirmation link to the user. You can set an EmailSubjectByLink template only if the value of EmailSendingAccount is DEVELOPER. When your EmailSendingAccount is DEVELOPER, your user pool sends email messages with your own Amazon SES configuration.
  • sms_message
    Type: STRING
    Provider name: SmsMessage
    Description: The template for SMS messages that Amazon Cognito sends to your users.