* The request to respond to an authentication challenge. *
* * @see AWS * API Documentation */ @Generated("com.amazonaws:aws-java-sdk-code-generator") public class RespondToAuthChallengeRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable { /** ** The app client ID. *
*/ private String clientId; /** ** The challenge name. For more information, see InitiateAuth. *
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
*
* The session that should be passed both ways in challenge-response calls to the service. If
* InitiateAuth or RespondToAuthChallenge API call determines that the caller must pass
* another challenge, they return a session with other challenge parameters. This session should be passed as it is
* to the next RespondToAuthChallenge API call.
*
* The challenge responses. These are inputs corresponding to the value of ChallengeName, for example:
*
* SECRET_HASH (if app client is configured with client secret) applies to all of the inputs that
* follow (including SOFTWARE_TOKEN_MFA).
*
* SMS_MFA: SMS_MFA_CODE, USERNAME.
*
* PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK,
* TIMESTAMP, USERNAME.
*
* PASSWORD_VERIFIER requires DEVICE_KEY when you sign in with a remembered device.
*
* NEW_PASSWORD_REQUIRED: NEW_PASSWORD, USERNAME, SECRET_HASH
* (if app client is configured with client secret). To set any required attributes that Amazon Cognito returned as
* requiredAttributes in the InitiateAuth response, add a
* userAttributes.attributename parameter. This parameter can also set values for writable
* attributes that aren't required by your user pool.
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already
* has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify
* the value of any additional attributes.
*
* SOFTWARE_TOKEN_MFA: USERNAME and SOFTWARE_TOKEN_MFA_CODE are required
* attributes.
*
* DEVICE_SRP_AUTH requires USERNAME, DEVICE_KEY, SRP_A (and
* SECRET_HASH).
*
* DEVICE_PASSWORD_VERIFIER requires everything that PASSWORD_VERIFIER requires, plus
* DEVICE_KEY.
*
* MFA_SETUP requires USERNAME, plus you must use the session value returned by
* VerifySoftwareToken in the Session parameter.
*
* The Amazon Pinpoint analytics metadata that contributes to your metrics for RespondToAuthChallenge
* calls.
*
* Contextual data about your user session, such as the device fingerprint, IP address, or location. Amazon Cognito * advanced security evaluates the risk of an authentication event based on the context that your app generates and * passes to Amazon Cognito when it makes API requests. *
*/ private UserContextDataType userContextData; /** ** A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers. *
*
* You create custom workflows by assigning Lambda functions to user pool triggers. When you use the
* RespondToAuthChallenge API action, Amazon Cognito invokes any functions that are assigned to the following
* triggers: post authentication, pre token generation, define auth challenge, create auth
* challenge, and verify auth challenge. When Amazon Cognito invokes any of these functions, it passes a
* JSON payload, which the function receives as input. This payload contains a clientMetadata
* attribute, which provides the data that you assigned to the ClientMetadata parameter in your
* RespondToAuthChallenge request. In your function code in Lambda, you can process the clientMetadata
* value to enhance your workflow for your specific needs.
*
* For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide. *
** When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following: *
** Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool * to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata * parameter serves no purpose. *
** Validate the ClientMetadata value. *
** Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information. *
** The app client ID. *
* * @param clientId * The app client ID. */ public void setClientId(String clientId) { this.clientId = clientId; } /** ** The app client ID. *
* * @return The app client ID. */ public String getClientId() { return this.clientId; } /** ** The app client ID. *
* * @param clientId * The app client ID. * @return Returns a reference to this object so that method calls can be chained together. */ public RespondToAuthChallengeRequest withClientId(String clientId) { setClientId(clientId); return this; } /** ** The challenge name. For more information, see InitiateAuth. *
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
* @see ChallengeNameType
*/
public void setChallengeName(String challengeName) {
this.challengeName = challengeName;
}
/**
*
* The challenge name. For more information, see InitiateAuth. *
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
* @see ChallengeNameType
*/
public String getChallengeName() {
return this.challengeName;
}
/**
*
* The challenge name. For more information, see InitiateAuth. *
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
* @return Returns a reference to this object so that method calls can be chained together.
* @see ChallengeNameType
*/
public RespondToAuthChallengeRequest withChallengeName(String challengeName) {
setChallengeName(challengeName);
return this;
}
/**
*
* The challenge name. For more information, see InitiateAuth. *
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
* @see ChallengeNameType
*/
public void setChallengeName(ChallengeNameType challengeName) {
withChallengeName(challengeName);
}
/**
*
* The challenge name. For more information, see InitiateAuth. *
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
*
* ADMIN_NO_SRP_AUTH isn't a valid value.
* @return Returns a reference to this object so that method calls can be chained together.
* @see ChallengeNameType
*/
public RespondToAuthChallengeRequest withChallengeName(ChallengeNameType challengeName) {
this.challengeName = challengeName.toString();
return this;
}
/**
*
* The session that should be passed both ways in challenge-response calls to the service. If
* InitiateAuth or RespondToAuthChallenge API call determines that the caller must pass
* another challenge, they return a session with other challenge parameters. This session should be passed as it is
* to the next RespondToAuthChallenge API call.
*
InitiateAuth or RespondToAuthChallenge API call determines that the caller must
* pass another challenge, they return a session with other challenge parameters. This session should be
* passed as it is to the next RespondToAuthChallenge API call.
*/
public void setSession(String session) {
this.session = session;
}
/**
*
* The session that should be passed both ways in challenge-response calls to the service. If
* InitiateAuth or RespondToAuthChallenge API call determines that the caller must pass
* another challenge, they return a session with other challenge parameters. This session should be passed as it is
* to the next RespondToAuthChallenge API call.
*
InitiateAuth or RespondToAuthChallenge API call determines that the caller must
* pass another challenge, they return a session with other challenge parameters. This session should be
* passed as it is to the next RespondToAuthChallenge API call.
*/
public String getSession() {
return this.session;
}
/**
*
* The session that should be passed both ways in challenge-response calls to the service. If
* InitiateAuth or RespondToAuthChallenge API call determines that the caller must pass
* another challenge, they return a session with other challenge parameters. This session should be passed as it is
* to the next RespondToAuthChallenge API call.
*
InitiateAuth or RespondToAuthChallenge API call determines that the caller must
* pass another challenge, they return a session with other challenge parameters. This session should be
* passed as it is to the next RespondToAuthChallenge API call.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public RespondToAuthChallengeRequest withSession(String session) {
setSession(session);
return this;
}
/**
*
* The challenge responses. These are inputs corresponding to the value of ChallengeName, for example:
*
* SECRET_HASH (if app client is configured with client secret) applies to all of the inputs that
* follow (including SOFTWARE_TOKEN_MFA).
*
* SMS_MFA: SMS_MFA_CODE, USERNAME.
*
* PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK,
* TIMESTAMP, USERNAME.
*
* PASSWORD_VERIFIER requires DEVICE_KEY when you sign in with a remembered device.
*
* NEW_PASSWORD_REQUIRED: NEW_PASSWORD, USERNAME, SECRET_HASH
* (if app client is configured with client secret). To set any required attributes that Amazon Cognito returned as
* requiredAttributes in the InitiateAuth response, add a
* userAttributes.attributename parameter. This parameter can also set values for writable
* attributes that aren't required by your user pool.
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already
* has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify
* the value of any additional attributes.
*
* SOFTWARE_TOKEN_MFA: USERNAME and SOFTWARE_TOKEN_MFA_CODE are required
* attributes.
*
* DEVICE_SRP_AUTH requires USERNAME, DEVICE_KEY, SRP_A (and
* SECRET_HASH).
*
* DEVICE_PASSWORD_VERIFIER requires everything that PASSWORD_VERIFIER requires, plus
* DEVICE_KEY.
*
* MFA_SETUP requires USERNAME, plus you must use the session value returned by
* VerifySoftwareToken in the Session parameter.
*
ChallengeName, for
* example:
* SECRET_HASH (if app client is configured with client secret) applies to all of the inputs
* that follow (including SOFTWARE_TOKEN_MFA).
*
* SMS_MFA: SMS_MFA_CODE, USERNAME.
*
* PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, USERNAME.
*
* PASSWORD_VERIFIER requires DEVICE_KEY when you sign in with a remembered
* device.
*
* NEW_PASSWORD_REQUIRED: NEW_PASSWORD, USERNAME,
* SECRET_HASH (if app client is configured with client secret). To set any required attributes
* that Amazon Cognito returned as requiredAttributes in the InitiateAuth
* response, add a userAttributes.attributename parameter. This parameter can also set
* values for writable attributes that aren't required by your user pool.
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that
* already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito
* returned in the requiredAttributes parameter, then use the UpdateUserAttributes
* API operation to modify the value of any additional attributes.
*
* SOFTWARE_TOKEN_MFA: USERNAME and SOFTWARE_TOKEN_MFA_CODE are
* required attributes.
*
* DEVICE_SRP_AUTH requires USERNAME, DEVICE_KEY, SRP_A
* (and SECRET_HASH).
*
* DEVICE_PASSWORD_VERIFIER requires everything that PASSWORD_VERIFIER requires,
* plus DEVICE_KEY.
*
* MFA_SETUP requires USERNAME, plus you must use the session value returned by
* VerifySoftwareToken in the Session parameter.
*
* The challenge responses. These are inputs corresponding to the value of ChallengeName, for example:
*
* SECRET_HASH (if app client is configured with client secret) applies to all of the inputs that
* follow (including SOFTWARE_TOKEN_MFA).
*
* SMS_MFA: SMS_MFA_CODE, USERNAME.
*
* PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK,
* TIMESTAMP, USERNAME.
*
* PASSWORD_VERIFIER requires DEVICE_KEY when you sign in with a remembered device.
*
* NEW_PASSWORD_REQUIRED: NEW_PASSWORD, USERNAME, SECRET_HASH
* (if app client is configured with client secret). To set any required attributes that Amazon Cognito returned as
* requiredAttributes in the InitiateAuth response, add a
* userAttributes.attributename parameter. This parameter can also set values for writable
* attributes that aren't required by your user pool.
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already
* has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify
* the value of any additional attributes.
*
* SOFTWARE_TOKEN_MFA: USERNAME and SOFTWARE_TOKEN_MFA_CODE are required
* attributes.
*
* DEVICE_SRP_AUTH requires USERNAME, DEVICE_KEY, SRP_A (and
* SECRET_HASH).
*
* DEVICE_PASSWORD_VERIFIER requires everything that PASSWORD_VERIFIER requires, plus
* DEVICE_KEY.
*
* MFA_SETUP requires USERNAME, plus you must use the session value returned by
* VerifySoftwareToken in the Session parameter.
*
ChallengeName, for
* example:
* SECRET_HASH (if app client is configured with client secret) applies to all of the inputs
* that follow (including SOFTWARE_TOKEN_MFA).
*
* SMS_MFA: SMS_MFA_CODE, USERNAME.
*
* PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, USERNAME.
*
* PASSWORD_VERIFIER requires DEVICE_KEY when you sign in with a remembered device.
*
* NEW_PASSWORD_REQUIRED: NEW_PASSWORD, USERNAME,
* SECRET_HASH (if app client is configured with client secret). To set any required attributes
* that Amazon Cognito returned as requiredAttributes in the InitiateAuth response,
* add a userAttributes.attributename parameter. This parameter can also set values for
* writable attributes that aren't required by your user pool.
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that
* already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito
* returned in the requiredAttributes parameter, then use the UpdateUserAttributes
* API operation to modify the value of any additional attributes.
*
* SOFTWARE_TOKEN_MFA: USERNAME and SOFTWARE_TOKEN_MFA_CODE are
* required attributes.
*
* DEVICE_SRP_AUTH requires USERNAME, DEVICE_KEY, SRP_A
* (and SECRET_HASH).
*
* DEVICE_PASSWORD_VERIFIER requires everything that PASSWORD_VERIFIER requires,
* plus DEVICE_KEY.
*
* MFA_SETUP requires USERNAME, plus you must use the session value returned by
* VerifySoftwareToken in the Session parameter.
*
* The challenge responses. These are inputs corresponding to the value of ChallengeName, for example:
*
* SECRET_HASH (if app client is configured with client secret) applies to all of the inputs that
* follow (including SOFTWARE_TOKEN_MFA).
*
* SMS_MFA: SMS_MFA_CODE, USERNAME.
*
* PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK,
* TIMESTAMP, USERNAME.
*
* PASSWORD_VERIFIER requires DEVICE_KEY when you sign in with a remembered device.
*
* NEW_PASSWORD_REQUIRED: NEW_PASSWORD, USERNAME, SECRET_HASH
* (if app client is configured with client secret). To set any required attributes that Amazon Cognito returned as
* requiredAttributes in the InitiateAuth response, add a
* userAttributes.attributename parameter. This parameter can also set values for writable
* attributes that aren't required by your user pool.
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already
* has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify
* the value of any additional attributes.
*
* SOFTWARE_TOKEN_MFA: USERNAME and SOFTWARE_TOKEN_MFA_CODE are required
* attributes.
*
* DEVICE_SRP_AUTH requires USERNAME, DEVICE_KEY, SRP_A (and
* SECRET_HASH).
*
* DEVICE_PASSWORD_VERIFIER requires everything that PASSWORD_VERIFIER requires, plus
* DEVICE_KEY.
*
* MFA_SETUP requires USERNAME, plus you must use the session value returned by
* VerifySoftwareToken in the Session parameter.
*
ChallengeName, for
* example:
* SECRET_HASH (if app client is configured with client secret) applies to all of the inputs
* that follow (including SOFTWARE_TOKEN_MFA).
*
* SMS_MFA: SMS_MFA_CODE, USERNAME.
*
* PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, USERNAME.
*
* PASSWORD_VERIFIER requires DEVICE_KEY when you sign in with a remembered device.
*
* NEW_PASSWORD_REQUIRED: NEW_PASSWORD, USERNAME,
* SECRET_HASH (if app client is configured with client secret). To set any required attributes
* that Amazon Cognito returned as requiredAttributes in the InitiateAuth response,
* add a userAttributes.attributename parameter. This parameter can also set values for
* writable attributes that aren't required by your user pool.
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that
* already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito
* returned in the requiredAttributes parameter, then use the UpdateUserAttributes
* API operation to modify the value of any additional attributes.
*
* SOFTWARE_TOKEN_MFA: USERNAME and SOFTWARE_TOKEN_MFA_CODE are
* required attributes.
*
* DEVICE_SRP_AUTH requires USERNAME, DEVICE_KEY, SRP_A
* (and SECRET_HASH).
*
* DEVICE_PASSWORD_VERIFIER requires everything that PASSWORD_VERIFIER requires,
* plus DEVICE_KEY.
*
* MFA_SETUP requires USERNAME, plus you must use the session value returned by
* VerifySoftwareToken in the Session parameter.
*
* The Amazon Pinpoint analytics metadata that contributes to your metrics for RespondToAuthChallenge
* calls.
*
RespondToAuthChallenge calls.
*/
public void setAnalyticsMetadata(AnalyticsMetadataType analyticsMetadata) {
this.analyticsMetadata = analyticsMetadata;
}
/**
*
* The Amazon Pinpoint analytics metadata that contributes to your metrics for RespondToAuthChallenge
* calls.
*
RespondToAuthChallenge calls.
*/
public AnalyticsMetadataType getAnalyticsMetadata() {
return this.analyticsMetadata;
}
/**
*
* The Amazon Pinpoint analytics metadata that contributes to your metrics for RespondToAuthChallenge
* calls.
*
RespondToAuthChallenge calls.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public RespondToAuthChallengeRequest withAnalyticsMetadata(AnalyticsMetadataType analyticsMetadata) {
setAnalyticsMetadata(analyticsMetadata);
return this;
}
/**
* * Contextual data about your user session, such as the device fingerprint, IP address, or location. Amazon Cognito * advanced security evaluates the risk of an authentication event based on the context that your app generates and * passes to Amazon Cognito when it makes API requests. *
* * @param userContextData * Contextual data about your user session, such as the device fingerprint, IP address, or location. Amazon * Cognito advanced security evaluates the risk of an authentication event based on the context that your app * generates and passes to Amazon Cognito when it makes API requests. */ public void setUserContextData(UserContextDataType userContextData) { this.userContextData = userContextData; } /** ** Contextual data about your user session, such as the device fingerprint, IP address, or location. Amazon Cognito * advanced security evaluates the risk of an authentication event based on the context that your app generates and * passes to Amazon Cognito when it makes API requests. *
* * @return Contextual data about your user session, such as the device fingerprint, IP address, or location. Amazon * Cognito advanced security evaluates the risk of an authentication event based on the context that your * app generates and passes to Amazon Cognito when it makes API requests. */ public UserContextDataType getUserContextData() { return this.userContextData; } /** ** Contextual data about your user session, such as the device fingerprint, IP address, or location. Amazon Cognito * advanced security evaluates the risk of an authentication event based on the context that your app generates and * passes to Amazon Cognito when it makes API requests. *
* * @param userContextData * Contextual data about your user session, such as the device fingerprint, IP address, or location. Amazon * Cognito advanced security evaluates the risk of an authentication event based on the context that your app * generates and passes to Amazon Cognito when it makes API requests. * @return Returns a reference to this object so that method calls can be chained together. */ public RespondToAuthChallengeRequest withUserContextData(UserContextDataType userContextData) { setUserContextData(userContextData); return this; } /** ** A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers. *
*
* You create custom workflows by assigning Lambda functions to user pool triggers. When you use the
* RespondToAuthChallenge API action, Amazon Cognito invokes any functions that are assigned to the following
* triggers: post authentication, pre token generation, define auth challenge, create auth
* challenge, and verify auth challenge. When Amazon Cognito invokes any of these functions, it passes a
* JSON payload, which the function receives as input. This payload contains a clientMetadata
* attribute, which provides the data that you assigned to the ClientMetadata parameter in your
* RespondToAuthChallenge request. In your function code in Lambda, you can process the clientMetadata
* value to enhance your workflow for your specific needs.
*
* For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide. *
** When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following: *
** Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool * to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata * parameter serves no purpose. *
** Validate the ClientMetadata value. *
** Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information. *
*
* You create custom workflows by assigning Lambda functions to user pool triggers. When you use the
* RespondToAuthChallenge API action, Amazon Cognito invokes any functions that are assigned to the
* following triggers: post authentication, pre token generation, define auth
* challenge, create auth challenge, and verify auth challenge. When Amazon Cognito
* invokes any of these functions, it passes a JSON payload, which the function receives as input. This
* payload contains a clientMetadata attribute, which provides the data that you assigned to
* the ClientMetadata parameter in your RespondToAuthChallenge request. In your function code in Lambda, you
* can process the clientMetadata value to enhance your workflow for your specific needs.
*
* For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide. *
** When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following: *
** Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a * user pool to support custom workflows. If your user pool configuration doesn't include triggers, the * ClientMetadata parameter serves no purpose. *
** Validate the ClientMetadata value. *
** Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information. *
** A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers. *
*
* You create custom workflows by assigning Lambda functions to user pool triggers. When you use the
* RespondToAuthChallenge API action, Amazon Cognito invokes any functions that are assigned to the following
* triggers: post authentication, pre token generation, define auth challenge, create auth
* challenge, and verify auth challenge. When Amazon Cognito invokes any of these functions, it passes a
* JSON payload, which the function receives as input. This payload contains a clientMetadata
* attribute, which provides the data that you assigned to the ClientMetadata parameter in your
* RespondToAuthChallenge request. In your function code in Lambda, you can process the clientMetadata
* value to enhance your workflow for your specific needs.
*
* For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide. *
** When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following: *
** Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool * to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata * parameter serves no purpose. *
** Validate the ClientMetadata value. *
** Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information. *
*
* You create custom workflows by assigning Lambda functions to user pool triggers. When you use the
* RespondToAuthChallenge API action, Amazon Cognito invokes any functions that are assigned to the following
* triggers: post authentication, pre token generation, define auth challenge, create
* auth challenge, and verify auth challenge. When Amazon Cognito invokes any of these functions,
* it passes a JSON payload, which the function receives as input. This payload contains a
* clientMetadata attribute, which provides the data that you assigned to the ClientMetadata
* parameter in your RespondToAuthChallenge request. In your function code in Lambda, you can process the
* clientMetadata value to enhance your workflow for your specific needs.
*
* For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide. *
** When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following: *
** Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user * pool to support custom workflows. If your user pool configuration doesn't include triggers, the * ClientMetadata parameter serves no purpose. *
** Validate the ClientMetadata value. *
** Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information. *
** A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers. *
*
* You create custom workflows by assigning Lambda functions to user pool triggers. When you use the
* RespondToAuthChallenge API action, Amazon Cognito invokes any functions that are assigned to the following
* triggers: post authentication, pre token generation, define auth challenge, create auth
* challenge, and verify auth challenge. When Amazon Cognito invokes any of these functions, it passes a
* JSON payload, which the function receives as input. This payload contains a clientMetadata
* attribute, which provides the data that you assigned to the ClientMetadata parameter in your
* RespondToAuthChallenge request. In your function code in Lambda, you can process the clientMetadata
* value to enhance your workflow for your specific needs.
*
* For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide. *
** When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following: *
** Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool * to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata * parameter serves no purpose. *
** Validate the ClientMetadata value. *
** Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information. *
*
* You create custom workflows by assigning Lambda functions to user pool triggers. When you use the
* RespondToAuthChallenge API action, Amazon Cognito invokes any functions that are assigned to the following
* triggers: post authentication, pre token generation, define auth challenge, create
* auth challenge, and verify auth challenge. When Amazon Cognito invokes any of these functions,
* it passes a JSON payload, which the function receives as input. This payload contains a
* clientMetadata attribute, which provides the data that you assigned to the ClientMetadata
* parameter in your RespondToAuthChallenge request. In your function code in Lambda, you can process the
* clientMetadata value to enhance your workflow for your specific needs.
*
* For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide. *
** When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following: *
** Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user * pool to support custom workflows. If your user pool configuration doesn't include triggers, the * ClientMetadata parameter serves no purpose. *
** Validate the ClientMetadata value. *
** Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information. *
*