CognitoIdentityProvider class

Using the Amazon Cognito User Pools API, you can create a user pool to manage directories and users. You can authenticate a user to obtain tokens related to user identity and access policies.

This API reference provides information about user pools in Amazon Cognito User Pools.

For more information, see the Amazon Cognito Documentation.

Constructors

CognitoIdentityProvider({required String region, AwsClientCredentials? credentials, AwsClientCredentialsProvider? credentialsProvider, Client? client, String? endpointUrl})

Properties

hashCode → int: The hash code for this object.
no setterinherited
runtimeType → Type: A representation of the runtime type of the object.
no setterinherited

Methods

addCustomAttributes({required List<SchemaAttributeType> customAttributes, required String userPoolId}) → Future<void>: Adds additional user attributes to the user pool schema.
adminAddUserToGroup({required String groupName, required String userPoolId, required String username}) → Future<void>: Adds the specified user to the specified group.
adminConfirmSignUp({required String userPoolId, required String username, Map<String, String>? clientMetadata}) → Future<void>: Confirms user registration as an admin without using a confirmation code. Works on any user.
adminCreateUser({required String userPoolId, required String username, Map<String, String>? clientMetadata, List<DeliveryMediumType>? desiredDeliveryMediums, bool? forceAliasCreation, MessageActionType? messageAction, String? temporaryPassword, List<AttributeType>? userAttributes, List<AttributeType>? validationData}) → Future<AdminCreateUserResponse>: Creates a new user in the specified user pool.
adminDeleteUser({required String userPoolId, required String username}) → Future<void>: Deletes a user as an administrator. Works on any user.
adminDeleteUserAttributes({required List<String> userAttributeNames, required String userPoolId, required String username}) → Future<void>: Deletes the user attributes in a user pool as an administrator. Works on any user.
adminDisableProviderForUser({required ProviderUserIdentifierType user, required String userPoolId}) → Future<void>: Disables the user from signing in with the specified external (SAML or social) identity provider. If the user to disable is a Cognito User Pools native username + password user, they are not permitted to use their password to sign-in. If the user to disable is a linked external IdP user, any link between that user and an existing user is removed. The next time the external user (no longer attached to the previously linked DestinationUser) signs in, they must create a new user account. See AdminLinkProviderForUser.
adminDisableUser({required String userPoolId, required String username}) → Future<void>: Disables the specified user.
adminEnableUser({required String userPoolId, required String username}) → Future<void>: Enables the specified user as an administrator. Works on any user.
adminForgetDevice({required String deviceKey, required String userPoolId, required String username}) → Future<void>: Forgets the device, as an administrator.
adminGetDevice({required String deviceKey, required String userPoolId, required String username}) → Future<AdminGetDeviceResponse>: Gets the device, as an administrator.
adminGetUser({required String userPoolId, required String username}) → Future<AdminGetUserResponse>: Gets the specified user by user name in a user pool as an administrator. Works on any user.
adminInitiateAuth({required AuthFlowType authFlow, required String clientId, required String userPoolId, AnalyticsMetadataType? analyticsMetadata, Map<String, String>? authParameters, Map<String, String>? clientMetadata, ContextDataType? contextData}) → Future<AdminInitiateAuthResponse>: Initiates the authentication flow, as an administrator.
adminLinkProviderForUser({required ProviderUserIdentifierType destinationUser, required ProviderUserIdentifierType sourceUser, required String userPoolId}) → Future<void>: Links an existing user account in a user pool (DestinationUser) to an identity from an external identity provider (SourceUser) based on a specified attribute name and value from the external identity provider. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in, so that the federated user identity can be used to sign in as the existing user account.
adminListDevices({required String userPoolId, required String username, int? limit, String? paginationToken}) → Future<AdminListDevicesResponse>: Lists devices, as an administrator.
adminListGroupsForUser({required String userPoolId, required String username, int? limit, String? nextToken}) → Future<AdminListGroupsForUserResponse>: Lists the groups that the user belongs to.
adminListUserAuthEvents({required String userPoolId, required String username, int? maxResults, String? nextToken}) → Future<AdminListUserAuthEventsResponse>: Lists a history of user activity and any risks detected as part of Amazon Cognito advanced security.
adminRemoveUserFromGroup({required String groupName, required String userPoolId, required String username}) → Future<void>: Removes the specified user from the specified group.
adminResetUserPassword({required String userPoolId, required String username, Map<String, String>? clientMetadata}) → Future<void>: Resets the specified user's password in a user pool as an administrator. Works on any user.
adminRespondToAuthChallenge({required ChallengeNameType challengeName, required String clientId, required String userPoolId, AnalyticsMetadataType? analyticsMetadata, Map<String, String>? challengeResponses, Map<String, String>? clientMetadata, ContextDataType? contextData, String? session}) → Future<AdminRespondToAuthChallengeResponse>: Responds to an authentication challenge, as an administrator.
adminSetUserMFAPreference({required String userPoolId, required String username, SMSMfaSettingsType? sMSMfaSettings, SoftwareTokenMfaSettingsType? softwareTokenMfaSettings}) → Future<void>: Sets the user's multi-factor authentication (MFA) preference, including which MFA options are enabled and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are enabled. If multiple options are enabled and no preference is set, a challenge to choose an MFA option will be returned during sign in.
adminSetUserPassword({required String password, required String userPoolId, required String username, bool? permanent}) → Future<void>: Sets the specified user's password in a user pool as an administrator. Works on any user.
adminSetUserSettings({required List<MFAOptionType> mFAOptions, required String userPoolId, required String username}) → Future<void>: This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.
adminUpdateAuthEventFeedback({required String eventId, required FeedbackValueType feedbackValue, required String userPoolId, required String username}) → Future<void>: Provides feedback for an authentication event as to whether it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
adminUpdateDeviceStatus({required String deviceKey, required String userPoolId, required String username, DeviceRememberedStatusType? deviceRememberedStatus}) → Future<void>: Updates the device status as an administrator.
adminUpdateUserAttributes({required List<AttributeType> userAttributes, required String userPoolId, required String username, Map<String, String>? clientMetadata}) → Future<void>: Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user.
adminUserGlobalSignOut({required String userPoolId, required String username}) → Future<void>: Signs out users from all devices, as an administrator. It also invalidates all refresh tokens issued to a user. The user's current access and Id tokens remain valid until their expiry. Access and Id tokens expire one hour after they are issued.
associateSoftwareToken({String? accessToken, String? session}) → Future<AssociateSoftwareTokenResponse>: Returns a unique generated shared secret key code for the user account. The request takes an access token or a session string, but not both.
changePassword({required String accessToken, required String previousPassword, required String proposedPassword}) → Future<void>: Changes the password for a specified user in a user pool.
close() → void: Closes the internal HTTP client if none was provided at creation. If a client was passed as a constructor argument, this becomes a noop.
confirmDevice({required String accessToken, required String deviceKey, String? deviceName, DeviceSecretVerifierConfigType? deviceSecretVerifierConfig}) → Future<ConfirmDeviceResponse>: Confirms tracking of the device. This API call is the call that begins device tracking.
confirmForgotPassword({required String clientId, required String confirmationCode, required String password, required String username, AnalyticsMetadataType? analyticsMetadata, Map<String, String>? clientMetadata, String? secretHash, UserContextDataType? userContextData}) → Future<void>: Allows a user to enter a confirmation code to reset a forgotten password.
confirmSignUp({required String clientId, required String confirmationCode, required String username, AnalyticsMetadataType? analyticsMetadata, Map<String, String>? clientMetadata, bool? forceAliasCreation, String? secretHash, UserContextDataType? userContextData}) → Future<void>: Confirms registration of a user and handles the existing alias from a previous user.
createGroup({required String groupName, required String userPoolId, String? description, int? precedence, String? roleArn}) → Future<CreateGroupResponse>: Creates a new group in the specified user pool.
createIdentityProvider({required Map<String, String> providerDetails, required String providerName, required IdentityProviderTypeType providerType, required String userPoolId, Map<String, String>? attributeMapping, List<String>? idpIdentifiers}) → Future<CreateIdentityProviderResponse>: Creates an identity provider for a user pool.
createResourceServer({required String identifier, required String name, required String userPoolId, List<ResourceServerScopeType>? scopes}) → Future<CreateResourceServerResponse>: Creates a new OAuth2.0 resource server and defines custom scopes in it.
createUserImportJob({required String cloudWatchLogsRoleArn, required String jobName, required String userPoolId}) → Future<CreateUserImportJobResponse>: Creates the user import job.
createUserPool({required String poolName, AccountRecoverySettingType? accountRecoverySetting, AdminCreateUserConfigType? adminCreateUserConfig, List<AliasAttributeType>? aliasAttributes, List<VerifiedAttributeType>? autoVerifiedAttributes, DeviceConfigurationType? deviceConfiguration, EmailConfigurationType? emailConfiguration, String? emailVerificationMessage, String? emailVerificationSubject, LambdaConfigType? lambdaConfig, UserPoolMfaType? mfaConfiguration, UserPoolPolicyType? policies, List<SchemaAttributeType>? schema, String? smsAuthenticationMessage, SmsConfigurationType? smsConfiguration, String? smsVerificationMessage, UserPoolAddOnsType? userPoolAddOns, Map<String, String>? userPoolTags, List<UsernameAttributeType>? usernameAttributes, UsernameConfigurationType? usernameConfiguration, VerificationMessageTemplateType? verificationMessageTemplate}) → Future<CreateUserPoolResponse>: Creates a new Amazon Cognito user pool and sets the password policy for the pool.
createUserPoolClient({required String clientName, required String userPoolId, int? accessTokenValidity, List<OAuthFlowType>? allowedOAuthFlows, bool? allowedOAuthFlowsUserPoolClient, List<String>? allowedOAuthScopes, AnalyticsConfigurationType? analyticsConfiguration, List<String>? callbackURLs, String? defaultRedirectURI, List<ExplicitAuthFlowsType>? explicitAuthFlows, bool? generateSecret, int? idTokenValidity, List<String>? logoutURLs, PreventUserExistenceErrorTypes? preventUserExistenceErrors, List<String>? readAttributes, int? refreshTokenValidity, List<String>? supportedIdentityProviders, TokenValidityUnitsType? tokenValidityUnits, List<String>? writeAttributes}) → Future<CreateUserPoolClientResponse>: Creates the user pool client.
createUserPoolDomain({required String domain, required String userPoolId, CustomDomainConfigType? customDomainConfig}) → Future<CreateUserPoolDomainResponse>: Creates a new domain for a user pool.
deleteGroup({required String groupName, required String userPoolId}) → Future<void>: Deletes a group. Currently only groups with no members can be deleted.
deleteIdentityProvider({required String providerName, required String userPoolId}) → Future<void>: Deletes an identity provider for a user pool.
deleteResourceServer({required String identifier, required String userPoolId}) → Future<void>: Deletes a resource server.
deleteUser({required String accessToken}) → Future<void>: Allows a user to delete himself or herself.
deleteUserAttributes({required String accessToken, required List<String> userAttributeNames}) → Future<void>: Deletes the attributes for a user.
deleteUserPool({required String userPoolId}) → Future<void>: Deletes the specified Amazon Cognito user pool.
deleteUserPoolClient({required String clientId, required String userPoolId}) → Future<void>: Allows the developer to delete the user pool client.
deleteUserPoolDomain({required String domain, required String userPoolId}) → Future<void>: Deletes a domain for a user pool.
describeIdentityProvider({required String providerName, required String userPoolId}) → Future<DescribeIdentityProviderResponse>: Gets information about a specific identity provider.
describeResourceServer({required String identifier, required String userPoolId}) → Future<DescribeResourceServerResponse>: Describes a resource server.
describeRiskConfiguration({required String userPoolId, String? clientId}) → Future<DescribeRiskConfigurationResponse>: Describes the risk configuration.
describeUserImportJob({required String jobId, required String userPoolId}) → Future<DescribeUserImportJobResponse>: Describes the user import job.
describeUserPool({required String userPoolId}) → Future<DescribeUserPoolResponse>: Returns the configuration information and metadata of the specified user pool.
describeUserPoolClient({required String clientId, required String userPoolId}) → Future<DescribeUserPoolClientResponse>: Client method for returning the configuration information and metadata of the specified user pool app client.
describeUserPoolDomain({required String domain}) → Future<DescribeUserPoolDomainResponse>: Gets information about a domain.
forgetDevice({required String deviceKey, String? accessToken}) → Future<void>: Forgets the specified device.
forgotPassword({required String clientId, required String username, AnalyticsMetadataType? analyticsMetadata, Map<String, String>? clientMetadata, String? secretHash, UserContextDataType? userContextData}) → Future<ForgotPasswordResponse>: Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. If neither a verified phone number nor a verified email exists, an InvalidParameterException is thrown. To use the confirmation code for resetting the password, call ConfirmForgotPassword.
getCSVHeader({required String userPoolId}) → Future<GetCSVHeaderResponse>: Gets the header information for the .csv file to be used as input for the user import job.
getDevice({required String deviceKey, String? accessToken}) → Future<GetDeviceResponse>: Gets the device.
getGroup({required String groupName, required String userPoolId}) → Future<GetGroupResponse>: Gets a group.
getIdentityProviderByIdentifier({required String idpIdentifier, required String userPoolId}) → Future<GetIdentityProviderByIdentifierResponse>: Gets the specified identity provider.
getSigningCertificate({required String userPoolId}) → Future<GetSigningCertificateResponse>: This method takes a user pool ID, and returns the signing certificate.
getUICustomization({required String userPoolId, String? clientId}) → Future<GetUICustomizationResponse>: Gets the UI Customization information for a particular app client's app UI, if there is something set. If nothing is set for the particular client, but there is an existing pool level customization (app clientId will be ALL), then that is returned. If nothing is present, then an empty shape is returned.
getUser({required String accessToken}) → Future<GetUserResponse>: Gets the user attributes and metadata for a user.
getUserAttributeVerificationCode({required String accessToken, required String attributeName, Map<String, String>? clientMetadata}) → Future<GetUserAttributeVerificationCodeResponse>: Gets the user attribute verification code for the specified attribute name.
getUserPoolMfaConfig({required String userPoolId}) → Future<GetUserPoolMfaConfigResponse>: Gets the user pool multi-factor authentication (MFA) configuration.
globalSignOut({required String accessToken}) → Future<void>: Signs out users from all devices. It also invalidates all refresh tokens issued to a user. The user's current access and Id tokens remain valid until their expiry. Access and Id tokens expire one hour after they are issued.
initiateAuth({required AuthFlowType authFlow, required String clientId, AnalyticsMetadataType? analyticsMetadata, Map<String, String>? authParameters, Map<String, String>? clientMetadata, UserContextDataType? userContextData}) → Future<InitiateAuthResponse>: Initiates the authentication flow.
listDevices({required String accessToken, int? limit, String? paginationToken}) → Future<ListDevicesResponse>: Lists the devices.
listGroups({required String userPoolId, int? limit, String? nextToken}) → Future<ListGroupsResponse>: Lists the groups associated with a user pool.
listIdentityProviders({required String userPoolId, int? maxResults, String? nextToken}) → Future<ListIdentityProvidersResponse>: Lists information about all identity providers for a user pool.
listResourceServers({required String userPoolId, int? maxResults, String? nextToken}) → Future<ListResourceServersResponse>: Lists the resource servers for a user pool.
listTagsForResource({required String resourceArn}) → Future<ListTagsForResourceResponse>: Lists the tags that are assigned to an Amazon Cognito user pool.
listUserImportJobs({required int maxResults, required String userPoolId, String? paginationToken}) → Future<ListUserImportJobsResponse>: Lists the user import jobs.
listUserPoolClients({required String userPoolId, int? maxResults, String? nextToken}) → Future<ListUserPoolClientsResponse>: Lists the clients that have been created for the specified user pool.
listUserPools({required int maxResults, String? nextToken}) → Future<ListUserPoolsResponse>: Lists the user pools associated with an AWS account.
listUsers({required String userPoolId, List<String>? attributesToGet, String? filter, int? limit, String? paginationToken}) → Future<ListUsersResponse>: Lists the users in the Amazon Cognito user pool.
listUsersInGroup({required String groupName, required String userPoolId, int? limit, String? nextToken}) → Future<ListUsersInGroupResponse>: Lists the users in the specified group.
noSuchMethod(Invocation invocation) → dynamic: Invoked when a nonexistent method or property is accessed.
inherited
resendConfirmationCode({required String clientId, required String username, AnalyticsMetadataType? analyticsMetadata, Map<String, String>? clientMetadata, String? secretHash, UserContextDataType? userContextData}) → Future<ResendConfirmationCodeResponse>: Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
respondToAuthChallenge({required ChallengeNameType challengeName, required String clientId, AnalyticsMetadataType? analyticsMetadata, Map<String, String>? challengeResponses, Map<String, String>? clientMetadata, String? session, UserContextDataType? userContextData}) → Future<RespondToAuthChallengeResponse>: Responds to the authentication challenge.
setRiskConfiguration({required String userPoolId, AccountTakeoverRiskConfigurationType? accountTakeoverRiskConfiguration, String? clientId, CompromisedCredentialsRiskConfigurationType? compromisedCredentialsRiskConfiguration, RiskExceptionConfigurationType? riskExceptionConfiguration}) → Future<SetRiskConfigurationResponse>: Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.
setUICustomization({required String userPoolId, String? css, String? clientId, Uint8List? imageFile}) → Future<SetUICustomizationResponse>: Sets the UI customization information for a user pool's built-in app UI.
setUserMFAPreference({required String accessToken, SMSMfaSettingsType? sMSMfaSettings, SoftwareTokenMfaSettingsType? softwareTokenMfaSettings}) → Future<void>: Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are enabled and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are enabled. If multiple options are enabled and no preference is set, a challenge to choose an MFA option will be returned during sign in. If an MFA type is enabled for a user, the user will be prompted for MFA during all sign in attempts, unless device tracking is turned on and the device has been trusted. If you would like MFA to be applied selectively based on the assessed risk level of sign in attempts, disable MFA for users and turn on Adaptive Authentication for the user pool.
setUserPoolMfaConfig({required String userPoolId, UserPoolMfaType? mfaConfiguration, SmsMfaConfigType? smsMfaConfiguration, SoftwareTokenMfaConfigType? softwareTokenMfaConfiguration}) → Future<SetUserPoolMfaConfigResponse>: Set the user pool multi-factor authentication (MFA) configuration.
setUserSettings({required String accessToken, required List<MFAOptionType> mFAOptions}) → Future<void>: This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.
signUp({required String clientId, required String password, required String username, AnalyticsMetadataType? analyticsMetadata, Map<String, String>? clientMetadata, String? secretHash, List<AttributeType>? userAttributes, UserContextDataType? userContextData, List<AttributeType>? validationData}) → Future<SignUpResponse>: Registers the user in the specified user pool and creates a user name, password, and user attributes.
startUserImportJob({required String jobId, required String userPoolId}) → Future<StartUserImportJobResponse>: Starts the user import.
stopUserImportJob({required String jobId, required String userPoolId}) → Future<StopUserImportJobResponse>: Stops the user import job.
tagResource({required String resourceArn, required Map<String, String> tags}) → Future<void>: Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
toString() → String: A string representation of this object.
inherited
untagResource({required String resourceArn, required List<String> tagKeys}) → Future<void>: Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account
updateAuthEventFeedback({required String eventId, required String feedbackToken, required FeedbackValueType feedbackValue, required String userPoolId, required String username}) → Future<void>: Provides the feedback for an authentication event whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.
updateDeviceStatus({required String accessToken, required String deviceKey, DeviceRememberedStatusType? deviceRememberedStatus}) → Future<void>: Updates the device status.
updateGroup({required String groupName, required String userPoolId, String? description, int? precedence, String? roleArn}) → Future<UpdateGroupResponse>: Updates the specified group with the specified attributes.
updateIdentityProvider({required String providerName, required String userPoolId, Map<String, String>? attributeMapping, List<String>? idpIdentifiers, Map<String, String>? providerDetails}) → Future<UpdateIdentityProviderResponse>: Updates identity provider information for a user pool.
updateResourceServer({required String identifier, required String name, required String userPoolId, List<ResourceServerScopeType>? scopes}) → Future<UpdateResourceServerResponse>: Updates the name and scopes of resource server. All other fields are read-only.
updateUserAttributes({required String accessToken, required List<AttributeType> userAttributes, Map<String, String>? clientMetadata}) → Future<UpdateUserAttributesResponse>: Allows a user to update a specific attribute (one at a time).
updateUserPool({required String userPoolId, AccountRecoverySettingType? accountRecoverySetting, AdminCreateUserConfigType? adminCreateUserConfig, List<VerifiedAttributeType>? autoVerifiedAttributes, DeviceConfigurationType? deviceConfiguration, EmailConfigurationType? emailConfiguration, String? emailVerificationMessage, String? emailVerificationSubject, LambdaConfigType? lambdaConfig, UserPoolMfaType? mfaConfiguration, UserPoolPolicyType? policies, String? smsAuthenticationMessage, SmsConfigurationType? smsConfiguration, String? smsVerificationMessage, UserPoolAddOnsType? userPoolAddOns, Map<String, String>? userPoolTags, VerificationMessageTemplateType? verificationMessageTemplate}) → Future<void>: Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.
updateUserPoolClient({required String clientId, required String userPoolId, int? accessTokenValidity, List<OAuthFlowType>? allowedOAuthFlows, bool? allowedOAuthFlowsUserPoolClient, List<String>? allowedOAuthScopes, AnalyticsConfigurationType? analyticsConfiguration, List<String>? callbackURLs, String? clientName, String? defaultRedirectURI, List<ExplicitAuthFlowsType>? explicitAuthFlows, int? idTokenValidity, List<String>? logoutURLs, PreventUserExistenceErrorTypes? preventUserExistenceErrors, List<String>? readAttributes, int? refreshTokenValidity, List<String>? supportedIdentityProviders, TokenValidityUnitsType? tokenValidityUnits, List<String>? writeAttributes}) → Future<UpdateUserPoolClientResponse>: Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient.
updateUserPoolDomain({required CustomDomainConfigType customDomainConfig, required String domain, required String userPoolId}) → Future<UpdateUserPoolDomainResponse>: Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.
verifySoftwareToken({required String userCode, String? accessToken, String? friendlyDeviceName, String? session}) → Future<VerifySoftwareTokenResponse>: Use this API to register a user's entered TOTP code and mark the user's software token MFA status as "verified" if successful. The request takes an access token or a session string, but not both.
verifyUserAttribute({required String accessToken, required String attributeName, required String code}) → Future<void>: Verifies the specified user attributes in the user pool.

Operators

operator ==(Object other) → bool: The equality operator.
inherited

CognitoIdentityProvider class

Constructors

Properties

Methods

Operators

cognito-idp-2016-04-18 library