@aws-sdk/client-cognito-identity-provider

import { Command as $Command } from "@smithy/smithy-client"; import { MetadataBearer as __MetadataBearer } from "@smithy/types"; import { CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../CognitoIdentityProviderClient"; import { CreateUserPoolClientRequest, CreateUserPoolClientResponse } from "../models/models_0"; /** * @public */ export type { __MetadataBearer }; export { $Command }; /** * @public * * The input for {@link CreateUserPoolClientCommand}. */ export interface CreateUserPoolClientCommandInput extends CreateUserPoolClientRequest { } /** * @public * * The output of {@link CreateUserPoolClientCommand}. */ export interface CreateUserPoolClientCommandOutput extends CreateUserPoolClientResponse, __MetadataBearer { } declare const CreateUserPoolClientCommand_base: { new (input: CreateUserPoolClientCommandInput): import("@smithy/smithy-client").CommandImpl<CreateUserPoolClientCommandInput, CreateUserPoolClientCommandOutput, CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>; new (__0_0: CreateUserPoolClientCommandInput): import("@smithy/smithy-client").CommandImpl<CreateUserPoolClientCommandInput, CreateUserPoolClientCommandOutput, CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>; getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions; }; /** * Creates the user pool client. * When you create a new user pool client, token revocation is automatically activated. * For more information about revoking tokens, see <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html">RevokeToken</a>. * <important> * If you don't provide a value for an attribute, Amazon Cognito sets it to its default value. * </important> * <note> * Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For * this operation, you must use IAM credentials to authorize requests, and you must * grant yourself the corresponding IAM permission in a policy. * * Learn more * * <ul> * <li> * * <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services API Requests</a> * * </li> * <li> * * <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using the Amazon Cognito user pools API and user pool endpoints</a> * * </li> * </ul> * </note> * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript * import { CognitoIdentityProviderClient, CreateUserPoolClientCommand } from "@aws-sdk/client-cognito-identity-provider"; // ES Modules import * // const { CognitoIdentityProviderClient, CreateUserPoolClientCommand } = require("@aws-sdk/client-cognito-identity-provider"); // CommonJS import * const client = new CognitoIdentityProviderClient(config); * const input = { // CreateUserPoolClientRequest * UserPoolId: "STRING_VALUE", // required * ClientName: "STRING_VALUE", // required * GenerateSecret: true || false, * RefreshTokenValidity: Number("int"), * AccessTokenValidity: Number("int"), * IdTokenValidity: Number("int"), * TokenValidityUnits: { // TokenValidityUnitsType * AccessToken: "seconds" || "minutes" || "hours" || "days", * IdToken: "seconds" || "minutes" || "hours" || "days", * RefreshToken: "seconds" || "minutes" || "hours" || "days", * }, * ReadAttributes: [ // ClientPermissionListType * "STRING_VALUE", * ], * WriteAttributes: [ * "STRING_VALUE", * ], * ExplicitAuthFlows: [ // ExplicitAuthFlowsListType * "ADMIN_NO_SRP_AUTH" || "CUSTOM_AUTH_FLOW_ONLY" || "USER_PASSWORD_AUTH" || "ALLOW_ADMIN_USER_PASSWORD_AUTH" || "ALLOW_CUSTOM_AUTH" || "ALLOW_USER_PASSWORD_AUTH" || "ALLOW_USER_SRP_AUTH" || "ALLOW_REFRESH_TOKEN_AUTH", * ], * SupportedIdentityProviders: [ // SupportedIdentityProvidersListType * "STRING_VALUE", * ], * CallbackURLs: [ // CallbackURLsListType * "STRING_VALUE", * ], * LogoutURLs: [ // LogoutURLsListType * "STRING_VALUE", * ], * DefaultRedirectURI: "STRING_VALUE", * AllowedOAuthFlows: [ // OAuthFlowsType * "code" || "implicit" || "client_credentials", * ], * AllowedOAuthScopes: [ // ScopeListType * "STRING_VALUE", * ], * AllowedOAuthFlowsUserPoolClient: true || false, * AnalyticsConfiguration: { // AnalyticsConfigurationType * ApplicationId: "STRING_VALUE", * ApplicationArn: "STRING_VALUE", * RoleArn: "STRING_VALUE", * ExternalId: "STRING_VALUE", * UserDataShared: true || false, * }, * PreventUserExistenceErrors: "LEGACY" || "ENABLED", * EnableTokenRevocation: true || false, * EnablePropagateAdditionalUserContextData: true || false, * AuthSessionValidity: Number("int"), * }; * const command = new CreateUserPoolClientCommand(input); * const response = await client.send(command); * // { // CreateUserPoolClientResponse * // UserPoolClient: { // UserPoolClientType * // UserPoolId: "STRING_VALUE", * // ClientName: "STRING_VALUE", * // ClientId: "STRING_VALUE", * // ClientSecret: "STRING_VALUE", * // LastModifiedDate: new Date("TIMESTAMP"), * // CreationDate: new Date("TIMESTAMP"), * // RefreshTokenValidity: Number("int"), * // AccessTokenValidity: Number("int"), * // IdTokenValidity: Number("int"), * // TokenValidityUnits: { // TokenValidityUnitsType * // AccessToken: "seconds" || "minutes" || "hours" || "days", * // IdToken: "seconds" || "minutes" || "hours" || "days", * // RefreshToken: "seconds" || "minutes" || "hours" || "days", * // }, * // ReadAttributes: [ // ClientPermissionListType * // "STRING_VALUE", * // ], * // WriteAttributes: [ * // "STRING_VALUE", * // ], * // ExplicitAuthFlows: [ // ExplicitAuthFlowsListType * // "ADMIN_NO_SRP_AUTH" || "CUSTOM_AUTH_FLOW_ONLY" || "USER_PASSWORD_AUTH" || "ALLOW_ADMIN_USER_PASSWORD_AUTH" || "ALLOW_CUSTOM_AUTH" || "ALLOW_USER_PASSWORD_AUTH" || "ALLOW_USER_SRP_AUTH" || "ALLOW_REFRESH_TOKEN_AUTH", * // ], * // SupportedIdentityProviders: [ // SupportedIdentityProvidersListType * // "STRING_VALUE", * // ], * // CallbackURLs: [ // CallbackURLsListType * // "STRING_VALUE", * // ], * // LogoutURLs: [ // LogoutURLsListType * // "STRING_VALUE", * // ], * // DefaultRedirectURI: "STRING_VALUE", * // AllowedOAuthFlows: [ // OAuthFlowsType * // "code" || "implicit" || "client_credentials", * // ], * // AllowedOAuthScopes: [ // ScopeListType * // "STRING_VALUE", * // ], * // AllowedOAuthFlowsUserPoolClient: true || false, * // AnalyticsConfiguration: { // AnalyticsConfigurationType * // ApplicationId: "STRING_VALUE", * // ApplicationArn: "STRING_VALUE", * // RoleArn: "STRING_VALUE", * // ExternalId: "STRING_VALUE", * // UserDataShared: true || false, * // }, * // PreventUserExistenceErrors: "LEGACY" || "ENABLED", * // EnableTokenRevocation: true || false, * // EnablePropagateAdditionalUserContextData: true || false, * // AuthSessionValidity: Number("int"), * // }, * // }; * * ``` * * @param CreateUserPoolClientCommandInput - {@link CreateUserPoolClientCommandInput} * @returns {@link CreateUserPoolClientCommandOutput} * @see {@link CreateUserPoolClientCommandInput} for command's `input` shape. * @see {@link CreateUserPoolClientCommandOutput} for command's `response` shape. * @see {@link CognitoIdentityProviderClientResolvedConfig | config} for CognitoIdentityProviderClient's `config` shape. * * @throws {@link InternalErrorException} (server fault) * This exception is thrown when Amazon Cognito encounters an internal error. * * @throws {@link InvalidOAuthFlowException} (client fault) * This exception is thrown when the specified OAuth flow is not valid. * * @throws {@link InvalidParameterException} (client fault) * This exception is thrown when the Amazon Cognito service encounters an invalid * parameter. * * @throws {@link LimitExceededException} (client fault) * This exception is thrown when a user exceeds the limit for a requested Amazon Web Services * resource. * * @throws {@link NotAuthorizedException} (client fault) * This exception is thrown when a user isn't authorized. * * @throws {@link ResourceNotFoundException} (client fault) * This exception is thrown when the Amazon Cognito service can't find the requested * resource. * * @throws {@link ScopeDoesNotExistException} (client fault) * This exception is thrown when the specified scope doesn't exist. * * @throws {@link TooManyRequestsException} (client fault) * This exception is thrown when the user has made too many requests for a given * operation. * * @throws {@link CognitoIdentityProviderServiceException} * Base exception class for all service exceptions from CognitoIdentityProvider service. * * @public * @example Example user pool app client with email and username sign-in * ```javascript * // The following example creates an app client with all configurable properties set to an example value. The resulting user pool client connects to an analytics client, allows sign-in with username and password, and has two external identity providers associated with it. * const input = { * "AccessTokenValidity": 6, * "AllowedOAuthFlows": [ * "code" * ], * "AllowedOAuthFlowsUserPoolClient": true, * "AllowedOAuthScopes": [ * "aws.cognito.signin.user.admin", * "openid" * ], * "AnalyticsConfiguration": { * "ApplicationId": "d70b2ba36a8c4dc5a04a0451a31a1e12", * "ExternalId": "my-external-id", * "RoleArn": "arn:aws:iam::123456789012:role/test-cognitouserpool-role", * "UserDataShared": true * }, * "CallbackURLs": [ * "https://example.com", * "http://localhost", * "myapp://example" * ], * "ClientName": "my-test-app-client", * "DefaultRedirectURI": "https://example.com", * "ExplicitAuthFlows": [ * "ALLOW_ADMIN_USER_PASSWORD_AUTH", * "ALLOW_USER_PASSWORD_AUTH", * "ALLOW_REFRESH_TOKEN_AUTH" * ], * "GenerateSecret": true, * "IdTokenValidity": 6, * "LogoutURLs": [ * "https://example.com/logout" * ], * "PreventUserExistenceErrors": "ENABLED", * "ReadAttributes": [ * "email", * "address", * "preferred_username" * ], * "RefreshTokenValidity": 6, * "SupportedIdentityProviders": [ * "SignInWithApple", * "MySSO" * ], * "TokenValidityUnits": { * "AccessToken": "hours", * "IdToken": "minutes", * "RefreshToken": "days" * }, * "UserPoolId": "us-east-1_EXAMPLE", * "WriteAttributes": [ * "family_name", * "email" * ] * }; * const command = new CreateUserPoolClientCommand(input); * const response = await client.send(command); * /* response == * { * "UserPoolClient": { * "AccessTokenValidity": 6, * "AllowedOAuthFlows": [ * "code" * ], * "AllowedOAuthFlowsUserPoolClient": true, * "AllowedOAuthScopes": [ * "aws.cognito.signin.user.admin", * "openid" * ], * "AnalyticsConfiguration": { * "ApplicationId": "d70b2ba36a8c4dc5a04a0451a31a1e12", * "ExternalId": "my-external-id", * "RoleArn": "arn:aws:iam::123456789012:role/test-cognitouserpool-role", * "UserDataShared": true * }, * "AuthSessionValidity": 3, * "CallbackURLs": [ * "https://example.com", * "http://localhost", * "myapp://example" * ], * "ClientId": "26cb2c60kq7nbmas7rbme9b6pp", * "ClientName": "my-test-app-client", * "ClientSecret": "13ka4h7u28d9oo44tqpq9djqsfvhvu8rk4d2ighvpu0k8fj1c2r9", * "CreationDate": 1689885426.107, * "DefaultRedirectURI": "https://example.com", * "EnablePropagateAdditionalUserContextData": false, * "EnableTokenRevocation": true, * "ExplicitAuthFlows": [ * "ALLOW_USER_PASSWORD_AUTH", * "ALLOW_ADMIN_USER_PASSWORD_AUTH", * "ALLOW_REFRESH_TOKEN_AUTH" * ], * "IdTokenValidity": 6, * "LastModifiedDate": 1689885426.107, * "LogoutURLs": [ * "https://example.com/logout" * ], * "PreventUserExistenceErrors": "ENABLED", * "ReadAttributes": [ * "address", * "preferred_username", * "email" * ], * "RefreshTokenValidity": 6, * "SupportedIdentityProviders": [ * "SignInWithApple", * "MySSO" * ], * "TokenValidityUnits": { * "AccessToken": "hours", * "IdToken": "minutes", * "RefreshToken": "days" * }, * "UserPoolId": "us-east-1_EXAMPLE", * "WriteAttributes": [ * "family_name", * "email" * ] * } * } * *\/ * // example id: example-user-pool-app-client-with-email-and-username-sign-in-1689885750745 * ``` * */ export declare class CreateUserPoolClientCommand extends CreateUserPoolClientCommand_base { /** @internal type navigation helper, not in runtime. */ protected static __types: { api: { input: CreateUserPoolClientRequest; output: CreateUserPoolClientResponse; }; sdk: { input: CreateUserPoolClientCommandInput; output: CreateUserPoolClientCommandOutput; }; }; }