/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include #include #include namespace Aws { namespace CognitoIdentityProvider { namespace Model { /** *

The request to respond to the authentication challenge, as an * administrator.

See Also:

AWS * API Reference

*/ class AdminRespondToAuthChallengeRequest : public CognitoIdentityProviderRequest { public: AWS_COGNITOIDENTITYPROVIDER_API AdminRespondToAuthChallengeRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "AdminRespondToAuthChallenge"; } AWS_COGNITOIDENTITYPROVIDER_API Aws::String SerializePayload() const override; AWS_COGNITOIDENTITYPROVIDER_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; /** *

The ID of the Amazon Cognito user pool.

*/ inline const Aws::String& GetUserPoolId() const{ return m_userPoolId; } /** *

The ID of the Amazon Cognito user pool.

*/ inline bool UserPoolIdHasBeenSet() const { return m_userPoolIdHasBeenSet; } /** *

The ID of the Amazon Cognito user pool.

*/ inline void SetUserPoolId(const Aws::String& value) { m_userPoolIdHasBeenSet = true; m_userPoolId = value; } /** *

The ID of the Amazon Cognito user pool.

*/ inline void SetUserPoolId(Aws::String&& value) { m_userPoolIdHasBeenSet = true; m_userPoolId = std::move(value); } /** *

The ID of the Amazon Cognito user pool.

*/ inline void SetUserPoolId(const char* value) { m_userPoolIdHasBeenSet = true; m_userPoolId.assign(value); } /** *

The ID of the Amazon Cognito user pool.

*/ inline AdminRespondToAuthChallengeRequest& WithUserPoolId(const Aws::String& value) { SetUserPoolId(value); return *this;} /** *

The ID of the Amazon Cognito user pool.

*/ inline AdminRespondToAuthChallengeRequest& WithUserPoolId(Aws::String&& value) { SetUserPoolId(std::move(value)); return *this;} /** *

The ID of the Amazon Cognito user pool.

*/ inline AdminRespondToAuthChallengeRequest& WithUserPoolId(const char* value) { SetUserPoolId(value); return *this;} /** *

The app client ID.

*/ inline const Aws::String& GetClientId() const{ return m_clientId; } /** *

The app client ID.

*/ inline bool ClientIdHasBeenSet() const { return m_clientIdHasBeenSet; } /** *

The app client ID.

*/ inline void SetClientId(const Aws::String& value) { m_clientIdHasBeenSet = true; m_clientId = value; } /** *

The app client ID.

*/ inline void SetClientId(Aws::String&& value) { m_clientIdHasBeenSet = true; m_clientId = std::move(value); } /** *

The app client ID.

*/ inline void SetClientId(const char* value) { m_clientIdHasBeenSet = true; m_clientId.assign(value); } /** *

The app client ID.

*/ inline AdminRespondToAuthChallengeRequest& WithClientId(const Aws::String& value) { SetClientId(value); return *this;} /** *

The app client ID.

*/ inline AdminRespondToAuthChallengeRequest& WithClientId(Aws::String&& value) { SetClientId(std::move(value)); return *this;} /** *

The app client ID.

*/ inline AdminRespondToAuthChallengeRequest& WithClientId(const char* value) { SetClientId(value); return *this;} /** *

The challenge name. For more information, see AdminInitiateAuth.

*/ inline const ChallengeNameType& GetChallengeName() const{ return m_challengeName; } /** *

The challenge name. For more information, see AdminInitiateAuth.

*/ inline bool ChallengeNameHasBeenSet() const { return m_challengeNameHasBeenSet; } /** *

The challenge name. For more information, see AdminInitiateAuth.

*/ inline void SetChallengeName(const ChallengeNameType& value) { m_challengeNameHasBeenSet = true; m_challengeName = value; } /** *

The challenge name. For more information, see AdminInitiateAuth.

*/ inline void SetChallengeName(ChallengeNameType&& value) { m_challengeNameHasBeenSet = true; m_challengeName = std::move(value); } /** *

The challenge name. For more information, see AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& WithChallengeName(const ChallengeNameType& value) { SetChallengeName(value); return *this;} /** *

The challenge name. For more information, see AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& WithChallengeName(ChallengeNameType&& value) { SetChallengeName(std::move(value)); return *this;} /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline const Aws::Map& GetChallengeResponses() const{ return m_challengeResponses; } /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline bool ChallengeResponsesHasBeenSet() const { return m_challengeResponsesHasBeenSet; } /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline void SetChallengeResponses(const Aws::Map& value) { m_challengeResponsesHasBeenSet = true; m_challengeResponses = value; } /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline void SetChallengeResponses(Aws::Map&& value) { m_challengeResponsesHasBeenSet = true; m_challengeResponses = std::move(value); } /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& WithChallengeResponses(const Aws::Map& value) { SetChallengeResponses(value); return *this;} /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& WithChallengeResponses(Aws::Map&& value) { SetChallengeResponses(std::move(value)); return *this;} /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& AddChallengeResponses(const Aws::String& key, const Aws::String& value) { m_challengeResponsesHasBeenSet = true; m_challengeResponses.emplace(key, value); return *this; } /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& AddChallengeResponses(Aws::String&& key, const Aws::String& value) { m_challengeResponsesHasBeenSet = true; m_challengeResponses.emplace(std::move(key), value); return *this; } /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& AddChallengeResponses(const Aws::String& key, Aws::String&& value) { m_challengeResponsesHasBeenSet = true; m_challengeResponses.emplace(key, std::move(value)); return *this; } /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& AddChallengeResponses(Aws::String&& key, Aws::String&& value) { m_challengeResponsesHasBeenSet = true; m_challengeResponses.emplace(std::move(key), std::move(value)); return *this; } /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& AddChallengeResponses(const char* key, Aws::String&& value) { m_challengeResponsesHasBeenSet = true; m_challengeResponses.emplace(key, std::move(value)); return *this; } /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& AddChallengeResponses(Aws::String&& key, const char* value) { m_challengeResponsesHasBeenSet = true; m_challengeResponses.emplace(std::move(key), value); return *this; } /** *

The challenge responses. These are inputs corresponding to the value of * ChallengeName, for example:

  • SMS_MFA: * SMS_MFA_CODE, USERNAME, SECRET_HASH (if * app client is configured with client secret).

  • * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

    PASSWORD_VERIFIER requires * DEVICE_KEY when signing in with a remembered device.

    *

  • ADMIN_NO_SRP_AUTH: PASSWORD, * USERNAME, SECRET_HASH (if app client is configured * with client secret).

  • NEW_PASSWORD_REQUIRED: * NEW_PASSWORD, USERNAME, SECRET_HASH (if * app client is configured with client secret). To set any required attributes * that Amazon Cognito returned as requiredAttributes in the * AdminInitiateAuth response, add a * userAttributes.attributename parameter. This parameter can * also set values for writable attributes that aren't required by your user * pool.

    In a NEW_PASSWORD_REQUIRED challenge response, * you can't modify a required attribute that already has a value. In * AdminRespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * AdminUpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP * requires USERNAME, plus you must use the session value returned by * VerifySoftwareToken in the Session parameter.

    *

The value of the USERNAME attribute must be the * user's actual username, not an alias (such as an email address or phone number). * To make this simpler, the AdminInitiateAuth response includes the * actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. * This happens even if you specified an alias in your call to * AdminInitiateAuth.

*/ inline AdminRespondToAuthChallengeRequest& AddChallengeResponses(const char* key, const char* value) { m_challengeResponsesHasBeenSet = true; m_challengeResponses.emplace(key, value); return *this; } /** *

The session that should be passed both ways in challenge-response calls to * the service. If an InitiateAuth or * RespondToAuthChallenge API call determines that the caller must * pass another challenge, it returns a session with other challenge parameters. * This session should be passed as it is to the next * RespondToAuthChallenge API call.

*/ inline const Aws::String& GetSession() const{ return m_session; } /** *

The session that should be passed both ways in challenge-response calls to * the service. If an InitiateAuth or * RespondToAuthChallenge API call determines that the caller must * pass another challenge, it returns a session with other challenge parameters. * This session should be passed as it is to the next * RespondToAuthChallenge API call.

*/ inline bool SessionHasBeenSet() const { return m_sessionHasBeenSet; } /** *

The session that should be passed both ways in challenge-response calls to * the service. If an InitiateAuth or * RespondToAuthChallenge API call determines that the caller must * pass another challenge, it returns a session with other challenge parameters. * This session should be passed as it is to the next * RespondToAuthChallenge API call.

*/ inline void SetSession(const Aws::String& value) { m_sessionHasBeenSet = true; m_session = value; } /** *

The session that should be passed both ways in challenge-response calls to * the service. If an InitiateAuth or * RespondToAuthChallenge API call determines that the caller must * pass another challenge, it returns a session with other challenge parameters. * This session should be passed as it is to the next * RespondToAuthChallenge API call.

*/ inline void SetSession(Aws::String&& value) { m_sessionHasBeenSet = true; m_session = std::move(value); } /** *

The session that should be passed both ways in challenge-response calls to * the service. If an InitiateAuth or * RespondToAuthChallenge API call determines that the caller must * pass another challenge, it returns a session with other challenge parameters. * This session should be passed as it is to the next * RespondToAuthChallenge API call.

*/ inline void SetSession(const char* value) { m_sessionHasBeenSet = true; m_session.assign(value); } /** *

The session that should be passed both ways in challenge-response calls to * the service. If an InitiateAuth or * RespondToAuthChallenge API call determines that the caller must * pass another challenge, it returns a session with other challenge parameters. * This session should be passed as it is to the next * RespondToAuthChallenge API call.

*/ inline AdminRespondToAuthChallengeRequest& WithSession(const Aws::String& value) { SetSession(value); return *this;} /** *

The session that should be passed both ways in challenge-response calls to * the service. If an InitiateAuth or * RespondToAuthChallenge API call determines that the caller must * pass another challenge, it returns a session with other challenge parameters. * This session should be passed as it is to the next * RespondToAuthChallenge API call.

*/ inline AdminRespondToAuthChallengeRequest& WithSession(Aws::String&& value) { SetSession(std::move(value)); return *this;} /** *

The session that should be passed both ways in challenge-response calls to * the service. If an InitiateAuth or * RespondToAuthChallenge API call determines that the caller must * pass another challenge, it returns a session with other challenge parameters. * This session should be passed as it is to the next * RespondToAuthChallenge API call.

*/ inline AdminRespondToAuthChallengeRequest& WithSession(const char* value) { SetSession(value); return *this;} /** *

The analytics metadata for collecting Amazon Pinpoint metrics for * AdminRespondToAuthChallenge calls.

*/ inline const AnalyticsMetadataType& GetAnalyticsMetadata() const{ return m_analyticsMetadata; } /** *

The analytics metadata for collecting Amazon Pinpoint metrics for * AdminRespondToAuthChallenge calls.

*/ inline bool AnalyticsMetadataHasBeenSet() const { return m_analyticsMetadataHasBeenSet; } /** *

The analytics metadata for collecting Amazon Pinpoint metrics for * AdminRespondToAuthChallenge calls.

*/ inline void SetAnalyticsMetadata(const AnalyticsMetadataType& value) { m_analyticsMetadataHasBeenSet = true; m_analyticsMetadata = value; } /** *

The analytics metadata for collecting Amazon Pinpoint metrics for * AdminRespondToAuthChallenge calls.

*/ inline void SetAnalyticsMetadata(AnalyticsMetadataType&& value) { m_analyticsMetadataHasBeenSet = true; m_analyticsMetadata = std::move(value); } /** *

The analytics metadata for collecting Amazon Pinpoint metrics for * AdminRespondToAuthChallenge calls.

*/ inline AdminRespondToAuthChallengeRequest& WithAnalyticsMetadata(const AnalyticsMetadataType& value) { SetAnalyticsMetadata(value); return *this;} /** *

The analytics metadata for collecting Amazon Pinpoint metrics for * AdminRespondToAuthChallenge calls.

*/ inline AdminRespondToAuthChallengeRequest& WithAnalyticsMetadata(AnalyticsMetadataType&& value) { SetAnalyticsMetadata(std::move(value)); return *this;} /** *

Contextual data about your user session, such as the device fingerprint, IP * address, or location. Amazon Cognito advanced security evaluates the risk of an * authentication event based on the context that your app generates and passes to * Amazon Cognito when it makes API requests.

*/ inline const ContextDataType& GetContextData() const{ return m_contextData; } /** *

Contextual data about your user session, such as the device fingerprint, IP * address, or location. Amazon Cognito advanced security evaluates the risk of an * authentication event based on the context that your app generates and passes to * Amazon Cognito when it makes API requests.

*/ inline bool ContextDataHasBeenSet() const { return m_contextDataHasBeenSet; } /** *

Contextual data about your user session, such as the device fingerprint, IP * address, or location. Amazon Cognito advanced security evaluates the risk of an * authentication event based on the context that your app generates and passes to * Amazon Cognito when it makes API requests.

*/ inline void SetContextData(const ContextDataType& value) { m_contextDataHasBeenSet = true; m_contextData = value; } /** *

Contextual data about your user session, such as the device fingerprint, IP * address, or location. Amazon Cognito advanced security evaluates the risk of an * authentication event based on the context that your app generates and passes to * Amazon Cognito when it makes API requests.

*/ inline void SetContextData(ContextDataType&& value) { m_contextDataHasBeenSet = true; m_contextData = std::move(value); } /** *

Contextual data about your user session, such as the device fingerprint, IP * address, or location. Amazon Cognito advanced security evaluates the risk of an * authentication event based on the context that your app generates and passes to * Amazon Cognito when it makes API requests.

*/ inline AdminRespondToAuthChallengeRequest& WithContextData(const ContextDataType& value) { SetContextData(value); return *this;} /** *

Contextual data about your user session, such as the device fingerprint, IP * address, or location. Amazon Cognito advanced security evaluates the risk of an * authentication event based on the context that your app generates and passes to * Amazon Cognito when it makes API requests.

*/ inline AdminRespondToAuthChallengeRequest& WithContextData(ContextDataType&& value) { SetContextData(std::move(value)); return *this;} /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline const Aws::Map& GetClientMetadata() const{ return m_clientMetadata; } /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline bool ClientMetadataHasBeenSet() const { return m_clientMetadataHasBeenSet; } /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline void SetClientMetadata(const Aws::Map& value) { m_clientMetadataHasBeenSet = true; m_clientMetadata = value; } /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline void SetClientMetadata(Aws::Map&& value) { m_clientMetadataHasBeenSet = true; m_clientMetadata = std::move(value); } /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline AdminRespondToAuthChallengeRequest& WithClientMetadata(const Aws::Map& value) { SetClientMetadata(value); return *this;} /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline AdminRespondToAuthChallengeRequest& WithClientMetadata(Aws::Map&& value) { SetClientMetadata(std::move(value)); return *this;} /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline AdminRespondToAuthChallengeRequest& AddClientMetadata(const Aws::String& key, const Aws::String& value) { m_clientMetadataHasBeenSet = true; m_clientMetadata.emplace(key, value); return *this; } /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline AdminRespondToAuthChallengeRequest& AddClientMetadata(Aws::String&& key, const Aws::String& value) { m_clientMetadataHasBeenSet = true; m_clientMetadata.emplace(std::move(key), value); return *this; } /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline AdminRespondToAuthChallengeRequest& AddClientMetadata(const Aws::String& key, Aws::String&& value) { m_clientMetadataHasBeenSet = true; m_clientMetadata.emplace(key, std::move(value)); return *this; } /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline AdminRespondToAuthChallengeRequest& AddClientMetadata(Aws::String&& key, Aws::String&& value) { m_clientMetadataHasBeenSet = true; m_clientMetadata.emplace(std::move(key), std::move(value)); return *this; } /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline AdminRespondToAuthChallengeRequest& AddClientMetadata(const char* key, Aws::String&& value) { m_clientMetadataHasBeenSet = true; m_clientMetadata.emplace(key, std::move(value)); return *this; } /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline AdminRespondToAuthChallengeRequest& AddClientMetadata(Aws::String&& key, const char* value) { m_clientMetadataHasBeenSet = true; m_clientMetadata.emplace(std::move(key), value); return *this; } /** *

A map of custom key-value pairs that you can provide as input for any custom * workflows that this action triggers.

You create custom workflows by * assigning Lambda functions to user pool triggers. When you use the * AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions * that you have assigned to the following triggers:

  • pre * sign-up

  • custom message

  • post * authentication

  • user migration

  • pre token * generation

  • define auth challenge

  • create auth * challenge

  • verify auth challenge response

*

When Amazon Cognito invokes any of these functions, it passes a JSON payload, * which the function receives as input. This payload contains a * clientMetadata attribute that provides the data that you assigned * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In * your function code in Lambda, you can process the clientMetadata * value to enhance your workflow for your specific needs.

For more * information, see * Customizing user pool Workflows with Lambda Triggers in the Amazon * Cognito Developer Guide.

When you use the ClientMetadata * parameter, remember that Amazon Cognito won't do the following:

  • *

    Store the ClientMetadata value. This data is available only to Lambda * triggers that are assigned to a user pool to support custom workflows. If your * user pool configuration doesn't include triggers, the ClientMetadata parameter * serves no purpose.

  • Validate the ClientMetadata value.

    *

  • Encrypt the ClientMetadata value. Don't use Amazon Cognito to * provide sensitive information.

*/ inline AdminRespondToAuthChallengeRequest& AddClientMetadata(const char* key, const char* value) { m_clientMetadataHasBeenSet = true; m_clientMetadata.emplace(key, value); return *this; } private: Aws::String m_userPoolId; bool m_userPoolIdHasBeenSet = false; Aws::String m_clientId; bool m_clientIdHasBeenSet = false; ChallengeNameType m_challengeName; bool m_challengeNameHasBeenSet = false; Aws::Map m_challengeResponses; bool m_challengeResponsesHasBeenSet = false; Aws::String m_session; bool m_sessionHasBeenSet = false; AnalyticsMetadataType m_analyticsMetadata; bool m_analyticsMetadataHasBeenSet = false; ContextDataType m_contextData; bool m_contextDataHasBeenSet = false; Aws::Map m_clientMetadata; bool m_clientMetadataHasBeenSet = false; }; } // namespace Model } // namespace CognitoIdentityProvider } // namespace Aws