This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
See https://www.paws-r-sdk.com/docs/cognitoidentityprovider_create_user_pool/ for full documentation.
cognitoidentityprovider_create_user_pool(
PoolName,
Policies = NULL,
DeletionProtection = NULL,
LambdaConfig = NULL,
AutoVerifiedAttributes = NULL,
AliasAttributes = NULL,
UsernameAttributes = NULL,
SmsVerificationMessage = NULL,
EmailVerificationMessage = NULL,
EmailVerificationSubject = NULL,
VerificationMessageTemplate = NULL,
SmsAuthenticationMessage = NULL,
MfaConfiguration = NULL,
UserAttributeUpdateSettings = NULL,
DeviceConfiguration = NULL,
EmailConfiguration = NULL,
SmsConfiguration = NULL,
UserPoolTags = NULL,
AdminCreateUserConfig = NULL,
Schema = NULL,
UserPoolAddOns = NULL,
UsernameConfiguration = NULL,
AccountRecoverySetting = NULL,
UserPoolTier = NULL
)[required] A friendlhy name for your user pool.
The password policy and sign-in policy in the user pool. The password policy sets options like password complexity requirements and password history. The sign-in policy sets the options available to applications in choice-based authentication.
When active, DeletionProtection prevents accidental deletion of your
user pool. Before you can delete a user pool that you have protected
against deletion, you must deactivate this feature.
When you try to delete a protected user pool in a
delete_user_pool API
request, Amazon Cognito returns an InvalidParameterException error. To
delete a protected user pool, send a new
delete_user_pool request
after you deactivate deletion protection in an
update_user_pool API
request.
A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.
The attributes that you want your user pool to automatically verify. Possible values: email, phone_number. For more information see Verifying contact information at sign-up.
Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. For more information about alias attributes, see Customizing sign-in attributes.
Specifies whether a user can use an email address or phone number as a username when they sign up. For more information, see Customizing sign-in attributes.
This parameter is no longer used. See VerificationMessageTemplateType.
This parameter is no longer used. See VerificationMessageTemplateType.
This parameter is no longer used. See VerificationMessageTemplateType.
The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.
Set the email message type that corresponds to your DefaultEmailOption
selection. For CONFIRM_WITH_LINK, specify an EmailMessageByLink and
leave EmailMessage blank. For CONFIRM_WITH_CODE, specify an
EmailMessage and leave EmailMessageByLink blank. When you supply
both parameters with either choice, Amazon Cognito returns an error.
A string representing the SMS authentication message.
Sets multi-factor authentication (MFA) to be on, off, or optional. When
ON, all users must set up MFA before they can sign in. When
OPTIONAL, your application must make a client-side determination of
whether a user wants to register an MFA device. For user pools with
adaptive authentication with threat protection, choose OPTIONAL.
The settings for updates to user attributes. These settings include the
property AttributesRequireVerificationBeforeUpdate, a user-pool
setting that tells Amazon Cognito how to handle changes to the value of
your users' email address and phone number attributes. For more
information, see Verifying updates to email addresses and phone numbers.
The device-remembering configuration for a user pool. Device remembering or device tracking is a "Remember me on this device" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see Working with user devices in your user pool. A null value indicates that you have deactivated device remembering in your user pool.
When you provide a value for any DeviceConfiguration field, you
activate the Amazon Cognito device-remembering feature. For more infor
The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool.
The SMS configuration with the settings that your Amazon Cognito user pool must use to send an SMS message from your Amazon Web Services account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account. For more information see SMS message settings.
The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
The configuration for
admin_create_user
requests. Includes the template for the invitation message for new
users, the duration of temporary passwords, and permitting self-service
sign-up.
An array of attributes for the new user pool. You can add custom attributes and modify the properties of default attributes. The specifications in this parameter set the required attributes in your user pool. For more information, see Working with user attributes.
User pool add-ons. Contains settings for activation of advanced security
features. To log user security information but take no action, set to
AUDIT. To configure automatic security responses to risky traffic to
your user pool, set to ENFORCED.
For more information, see Adding advanced security to a user pool.
Sets the case sensitivity option for sign-in usernames. When
CaseSensitive is false (case insensitive), users can sign in with
any combination of capital and lowercase letters. For example,
username, USERNAME, or UserName, or for email, email@example.com
or EMaiL@eXamplE.Com. For most use cases, set case sensitivity to
false as a best practice. When usernames and email addresses are case
insensitive, Amazon Cognito treats any variation in case as the same
user, and prevents a case variation from being assigned to the same
attribute for a different user.
When CaseSensitive is true (case sensitive), Amazon Cognito
interprets USERNAME and UserName as distinct users.
This configuration is immutable after you set it.
The available verified method a user can use to recover their password
when they call
forgot_password. You can
use this setting to define a preferred method when a user has more than
one method available. With this setting, SMS doesn't qualify for a valid
password recovery mechanism if the user also has SMS multi-factor
authentication (MFA) activated. In the absence of this setting, Amazon
Cognito uses the legacy behavior to determine the recovery method where
SMS is preferred through email.
The user pool feature plan,
or tier. This parameter determines the eligibility of the user pool for
features like managed login, access-token customization, and threat
protection. Defaults to ESSENTIALS.