UNPKG

@aws-sdk/client-cognito-identity-provider

Version:

AWS SDK for JavaScript Cognito Identity Provider Client for Node.js, Browser and React Native

github.com/aws/aws-sdk-js-v3/tree/main/clients/client-cognito-identity-provider

aws/aws-sdk-js-v3

219 lines (218 loc) 11.6 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
import { Command as $Command } from "@smithy/smithy-client"; import { MetadataBearer as __MetadataBearer } from "@smithy/types"; import { CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../CognitoIdentityProviderClient"; import { AdminInitiateAuthRequest, AdminInitiateAuthResponse } from "../models/models_0"; /** * @public */ export type { __MetadataBearer }; export { $Command }; /** * @public * * The input for {@link AdminInitiateAuthCommand}. */ export interface AdminInitiateAuthCommandInput extends AdminInitiateAuthRequest { } /** * @public * * The output of {@link AdminInitiateAuthCommand}. */ export interface AdminInitiateAuthCommandOutput extends AdminInitiateAuthResponse, __MetadataBearer { } declare const AdminInitiateAuthCommand_base: { new (input: AdminInitiateAuthCommandInput): import("@smithy/smithy-client").CommandImpl<AdminInitiateAuthCommandInput, AdminInitiateAuthCommandOutput, CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>; new (input: AdminInitiateAuthCommandInput): import("@smithy/smithy-client").CommandImpl<AdminInitiateAuthCommandInput, AdminInitiateAuthCommandOutput, CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>; getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions; }; /** * <p>Starts sign-in for applications with a server-side component, for example a * traditional web application. This operation specifies the authentication flow that * you'd like to begin. The authentication flow that you specify must be supported in * your app client configuration. For more information about authentication flows, see * <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html">Authentication flows</a>.</p> * <note> * <p>This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers * require you to register an origination phone number before you can send SMS messages * to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a * phone number with <a href="https://console.aws.amazon.com/pinpoint/home/">Amazon Pinpoint</a>. * Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must * receive SMS messages might not be able to sign up, activate their accounts, or sign * in.</p> * <p>If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, * Amazon Simple Notification Service might place your account in the SMS sandbox. In <i> * <a href="https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html">sandbox * mode</a> * </i>, you can send messages only to verified phone * numbers. After you test your app while in the sandbox environment, you can move out * of the sandbox and into production. For more information, see <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html"> SMS message settings for Amazon Cognito user pools</a> in the <i>Amazon Cognito * Developer Guide</i>.</p> * </note> * <note> * <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For * this operation, you must use IAM credentials to authorize requests, and you must * grant yourself the corresponding IAM permission in a policy.</p> * <p class="title"> * <b>Learn more</b> * </p> * <ul> * <li> * <p> * <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html">Signing Amazon Web Services API Requests</a> * </p> * </li> * <li> * <p> * <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html">Using the Amazon Cognito user pools API and user pool endpoints</a> * </p> * </li> * </ul> * </note> * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript * import { CognitoIdentityProviderClient, AdminInitiateAuthCommand } from "@aws-sdk/client-cognito-identity-provider"; // ES Modules import * // const { CognitoIdentityProviderClient, AdminInitiateAuthCommand } = require("@aws-sdk/client-cognito-identity-provider"); // CommonJS import * const client = new CognitoIdentityProviderClient(config); * const input = { // AdminInitiateAuthRequest * UserPoolId: "STRING_VALUE", // required * ClientId: "STRING_VALUE", // required * AuthFlow: "USER_SRP_AUTH" || "REFRESH_TOKEN_AUTH" || "REFRESH_TOKEN" || "CUSTOM_AUTH" || "ADMIN_NO_SRP_AUTH" || "USER_PASSWORD_AUTH" || "ADMIN_USER_PASSWORD_AUTH" || "USER_AUTH", // required * AuthParameters: { // AuthParametersType * "<keys>": "STRING_VALUE", * }, * ClientMetadata: { // ClientMetadataType * "<keys>": "STRING_VALUE", * }, * AnalyticsMetadata: { // AnalyticsMetadataType * AnalyticsEndpointId: "STRING_VALUE", * }, * ContextData: { // ContextDataType * IpAddress: "STRING_VALUE", // required * ServerName: "STRING_VALUE", // required * ServerPath: "STRING_VALUE", // required * HttpHeaders: [ // HttpHeaderList // required * { // HttpHeader * headerName: "STRING_VALUE", * headerValue: "STRING_VALUE", * }, * ], * EncodedData: "STRING_VALUE", * }, * Session: "STRING_VALUE", * }; * const command = new AdminInitiateAuthCommand(input); * const response = await client.send(command); * // { // AdminInitiateAuthResponse * // ChallengeName: "SMS_MFA" || "EMAIL_OTP" || "SOFTWARE_TOKEN_MFA" || "SELECT_MFA_TYPE" || "MFA_SETUP" || "PASSWORD_VERIFIER" || "CUSTOM_CHALLENGE" || "SELECT_CHALLENGE" || "DEVICE_SRP_AUTH" || "DEVICE_PASSWORD_VERIFIER" || "ADMIN_NO_SRP_AUTH" || "NEW_PASSWORD_REQUIRED" || "SMS_OTP" || "PASSWORD" || "WEB_AUTHN" || "PASSWORD_SRP", * // Session: "STRING_VALUE", * // ChallengeParameters: { // ChallengeParametersType * // "<keys>": "STRING_VALUE", * // }, * // AuthenticationResult: { // AuthenticationResultType * // AccessToken: "STRING_VALUE", * // ExpiresIn: Number("int"), * // TokenType: "STRING_VALUE", * // RefreshToken: "STRING_VALUE", * // IdToken: "STRING_VALUE", * // NewDeviceMetadata: { // NewDeviceMetadataType * // DeviceKey: "STRING_VALUE", * // DeviceGroupKey: "STRING_VALUE", * // }, * // }, * // AvailableChallenges: [ // AvailableChallengeListType * // "SMS_MFA" || "EMAIL_OTP" || "SOFTWARE_TOKEN_MFA" || "SELECT_MFA_TYPE" || "MFA_SETUP" || "PASSWORD_VERIFIER" || "CUSTOM_CHALLENGE" || "SELECT_CHALLENGE" || "DEVICE_SRP_AUTH" || "DEVICE_PASSWORD_VERIFIER" || "ADMIN_NO_SRP_AUTH" || "NEW_PASSWORD_REQUIRED" || "SMS_OTP" || "PASSWORD" || "WEB_AUTHN" || "PASSWORD_SRP", * // ], * // }; * * ``` * * @param AdminInitiateAuthCommandInput - {@link AdminInitiateAuthCommandInput} * @returns {@link AdminInitiateAuthCommandOutput} * @see {@link AdminInitiateAuthCommandInput} for command's `input` shape. * @see {@link AdminInitiateAuthCommandOutput} for command's `response` shape. * @see {@link CognitoIdentityProviderClientResolvedConfig | config} for CognitoIdentityProviderClient's `config` shape. * * @throws {@link InternalErrorException} (server fault) * <p>This exception is thrown when Amazon Cognito encounters an internal error.</p> * * @throws {@link InvalidEmailRoleAccessPolicyException} (client fault) * <p>This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP * status code: 400.</p> * * @throws {@link InvalidLambdaResponseException} (client fault) * <p>This exception is thrown when Amazon Cognito encounters an invalid Lambda response.</p> * * @throws {@link InvalidParameterException} (client fault) * <p>This exception is thrown when the Amazon Cognito service encounters an invalid * parameter.</p> * * @throws {@link InvalidSmsRoleAccessPolicyException} (client fault) * <p>This exception is returned when the role provided for SMS configuration doesn't have * permission to publish using Amazon SNS.</p> * * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault) * <p>This exception is thrown when the trust relationship is not valid for the role * provided for SMS configuration. This can happen if you don't trust * <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does * not match what is provided in the SMS configuration for the user pool.</p> * * @throws {@link InvalidUserPoolConfigurationException} (client fault) * <p>This exception is thrown when the user pool configuration is not valid.</p> * * @throws {@link MFAMethodNotFoundException} (client fault) * <p>This exception is thrown when Amazon Cognito can't find a multi-factor authentication * (MFA) method.</p> * * @throws {@link NotAuthorizedException} (client fault) * <p>This exception is thrown when a user isn't authorized.</p> * * @throws {@link PasswordResetRequiredException} (client fault) * <p>This exception is thrown when a password reset is required.</p> * * @throws {@link ResourceNotFoundException} (client fault) * <p>This exception is thrown when the Amazon Cognito service can't find the requested * resource.</p> * * @throws {@link TooManyRequestsException} (client fault) * <p>This exception is thrown when the user has made too many requests for a given * operation.</p> * * @throws {@link UnexpectedLambdaException} (client fault) * <p>This exception is thrown when Amazon Cognito encounters an unexpected exception with * Lambda.</p> * * @throws {@link UnsupportedOperationException} (client fault) * <p>Exception that is thrown when you attempt to perform an operation that isn't enabled * for the user pool client.</p> * * @throws {@link UserLambdaValidationException} (client fault) * <p>This exception is thrown when the Amazon Cognito service encounters a user validation exception * with the Lambda service.</p> * * @throws {@link UserNotConfirmedException} (client fault) * <p>This exception is thrown when a user isn't confirmed successfully.</p> * * @throws {@link UserNotFoundException} (client fault) * <p>This exception is thrown when a user isn't found.</p> * * @throws {@link CognitoIdentityProviderServiceException} * <p>Base exception class for all service exceptions from CognitoIdentityProvider service.</p> * * * @public */ export declare class AdminInitiateAuthCommand extends AdminInitiateAuthCommand_base { /** @internal type navigation helper, not in runtime. */ protected static __types: { api: { input: AdminInitiateAuthRequest; output: AdminInitiateAuthResponse; }; sdk: { input: AdminInitiateAuthCommandInput; output: AdminInitiateAuthCommandOutput; }; }; }