/ - Amazon Cognito Identity Provider

curl --location --request POST '/' \ --header 'X-Amz-Target;' \ --header 'Content-Type: application/json' \ --data-raw '{ "PoolName": "string", "Policies": { "PasswordPolicy": { "MinimumLength": 0, "RequireUppercase": true, "RequireLowercase": true, "RequireNumbers": true, "RequireSymbols": true, "TemporaryPasswordValidityDays": 0 } }, "DeletionProtection": "ACTIVE", "LambdaConfig": { "PreSignUp": "string", "CustomMessage": "string", "PostConfirmation": "string", "PreAuthentication": "string", "PostAuthentication": "string", "DefineAuthChallenge": "string", "CreateAuthChallenge": "string", "VerifyAuthChallengeResponse": "string", "PreTokenGeneration": "string", "UserMigration": "string", "CustomSMSSender": { "LambdaVersion": "V1_0", "LambdaArn": "string" }, "CustomEmailSender": { "LambdaVersion": "V1_0", "LambdaArn": "string" }, "KMSKeyID": "string" }, "AutoVerifiedAttributes": [], "AliasAttributes": [], "UsernameAttributes": [], "SmsVerificationMessage": "string", "EmailVerificationMessage": "string", "EmailVerificationSubject": "string", "VerificationMessageTemplate": { "SmsMessage": "string", "EmailMessage": "string", "EmailSubject": "string", "EmailMessageByLink": "string", "EmailSubjectByLink": "string", "DefaultEmailOption": "CONFIRM_WITH_LINK" }, "SmsAuthenticationMessage": "string", "MfaConfiguration": "OFF", "UserAttributeUpdateSettings": {}, "DeviceConfiguration": {}, "EmailConfiguration": {}, "SmsConfiguration": { "SnsCallerArn": "string", "ExternalId": "string", "SnsRegion": "string" }, "UserPoolTags": { "property1": "string", "property2": "string" }, "AdminCreateUserConfig": { "AllowAdminCreateUserOnly": true, "UnusedAccountValidityDays": 0, "InviteMessageTemplate": { "SMSMessage": "string", "EmailMessage": "string", "EmailSubject": "string" } }, "Schema": [], "UserPoolAddOns": { "AdvancedSecurityMode": "OFF" }, "UsernameConfiguration": { "CaseSensitive": true }, "AccountRecoverySetting": { "RecoveryMechanisms": [] } }'

{ "UserPool": { "Id": "string", "Name": "string", "Policies": { "PasswordPolicy": { "MinimumLength": 0, "RequireUppercase": true, "RequireLowercase": true, "RequireNumbers": true, "RequireSymbols": true, "TemporaryPasswordValidityDays": 0 } }, "DeletionProtection": "ACTIVE", "LambdaConfig": { "PreSignUp": "string", "CustomMessage": "string", "PostConfirmation": "string", "PreAuthentication": "string", "PostAuthentication": "string", "DefineAuthChallenge": "string", "CreateAuthChallenge": "string", "VerifyAuthChallengeResponse": "string", "PreTokenGeneration": "string", "UserMigration": "string", "CustomSMSSender": { "LambdaVersion": "V1_0", "LambdaArn": "string" }, "CustomEmailSender": { "LambdaVersion": "V1_0", "LambdaArn": "string" }, "KMSKeyID": "string" }, "Status": "Enabled", "LastModifiedDate": "string", "CreationDate": "string", "SchemaAttributes": [], "AutoVerifiedAttributes": [], "AliasAttributes": [], "UsernameAttributes": [], "SmsVerificationMessage": "string", "EmailVerificationMessage": "string", "EmailVerificationSubject": "string", "VerificationMessageTemplate": { "SmsMessage": "string", "EmailMessage": "string", "EmailSubject": "string", "EmailMessageByLink": "string", "EmailSubjectByLink": "string", "DefaultEmailOption": "CONFIRM_WITH_LINK" }, "SmsAuthenticationMessage": "string", "UserAttributeUpdateSettings": {}, "MfaConfiguration": "OFF", "DeviceConfiguration": {}, "EstimatedNumberOfUsers": 0, "EmailConfiguration": {}, "SmsConfiguration": { "SnsCallerArn": "string", "ExternalId": "string", "SnsRegion": "string" }, "UserPoolTags": { "property1": "string", "property2": "string" }, "SmsConfigurationFailure": "string", "EmailConfigurationFailure": "string", "Domain": "string", "CustomDomain": "string", "AdminCreateUserConfig": { "AllowAdminCreateUserOnly": true, "UnusedAccountValidityDays": 0, "InviteMessageTemplate": { "SMSMessage": "string", "EmailMessage": "string", "EmailSubject": "string" } }, "UserPoolAddOns": { "AdvancedSecurityMode": "OFF" }, "UsernameConfiguration": { "CaseSensitive": true }, "Arn": "string", "AccountRecoverySetting": { "RecoveryMechanisms": [] } } }

Request

Header Params

X-Amz-Target

string

required

Body Params application/json

Represents the request to create a user pool.

PoolName

string

required

A string used to name the user pool.

>= 1 characters<= 128 characters

Match pattern:

[\w\s+=,.@-]+

Policies

object

optional

The policies associated with the new user pool.

PasswordPolicy

object

optional

The password policy.

DeletionProtection

enum<string>

optional

When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.

When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.

Allowed values:

ACTIVEINACTIVE

LambdaConfig

object

optional

The Lambda trigger configuration information for the new user pool.

PreSignUp

string

optional

A pre-registration Lambda trigger.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

CustomMessage

string

optional

A custom Message Lambda trigger.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

PostConfirmation

string

optional

A post-confirmation Lambda trigger.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

PreAuthentication

string

optional

A pre-authentication Lambda trigger.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

PostAuthentication

string

optional

A post-authentication Lambda trigger.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

DefineAuthChallenge

string

optional

Defines the authentication challenge.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

CreateAuthChallenge

string

optional

Creates an authentication challenge.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

VerifyAuthChallengeResponse

string

optional

Verifies the authentication challenge response.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

PreTokenGeneration

string

optional

A Lambda trigger that is invoked before token generation.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

UserMigration

string

optional

The user migration Lambda config type.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

CustomSMSSender

object

optional

A custom SMS sender Lambda trigger.

CustomEmailSender

object

optional

A custom email sender Lambda trigger.

KMSKeyID

string

optional

The Amazon Resource Name (ARN) of an KMS key. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to CustomEmailSender and CustomSMSSender.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

AutoVerifiedAttributes

array[string]

optional

The attributes to be auto-verified. Possible values: email, phone_number.

Allowed values:

phone_numberemail

AliasAttributes

array[string]

optional

Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username.

Allowed values:

phone_numberemailpreferred_username

UsernameAttributes

array[string]

optional

Specifies whether a user can use an email address or phone number as a username when they sign up.

Allowed values:

phone_numberemail

SmsVerificationMessage

string

optional

This parameter is no longer used. See VerificationMessageTemplateType.

>= 6 characters<= 140 characters

Match pattern:

.*\{####\}.*

EmailVerificationMessage

string

optional

This parameter is no longer used. See VerificationMessageTemplateType.

>= 6 characters<= 20000 characters

Match pattern:

[\p{L}\p{M}\p{S}\p{N}\p{P}\s*]*\{####\}[\p{L}\p{M}\p{S}\p{N}\p{P}\s*]*

EmailVerificationSubject

string

optional

This parameter is no longer used. See VerificationMessageTemplateType.

>= 1 characters<= 140 characters

Match pattern:

[\p{L}\p{M}\p{S}\p{N}\p{P}\s]+

VerificationMessageTemplate

object

optional

The template for the verification message that the user sees when the app requests permission to access the user's information.

SmsMessage

string

optional

The template for SMS messages that Amazon Cognito sends to your users.

>= 6 characters<= 140 characters

Match pattern:

.*\{####\}.*

EmailMessage

string

optional

The template for email messages that Amazon Cognito sends to your users. You can set an EmailMessage template only if the value of EmailSendingAccount is DEVELOPER. When your EmailSendingAccount is DEVELOPER, your user pool sends email messages with your own Amazon SES configuration.

>= 6 characters<= 20000 characters

Match pattern:

[\p{L}\p{M}\p{S}\p{N}\p{P}\s*]*\{####\}[\p{L}\p{M}\p{S}\p{N}\p{P}\s*]*

EmailSubject

string

optional

The subject line for the email message template. You can set an EmailSubject template only if the value of EmailSendingAccount is DEVELOPER. When your EmailSendingAccount is DEVELOPER, your user pool sends email messages with your own Amazon SES configuration.

>= 1 characters<= 140 characters

Match pattern:

[\p{L}\p{M}\p{S}\p{N}\p{P}\s]+

EmailMessageByLink

string

optional

The email message template for sending a confirmation link to the user. You can set an EmailMessageByLink template only if the value of EmailSendingAccount is DEVELOPER. When your EmailSendingAccount is DEVELOPER, your user pool sends email messages with your own Amazon SES configuration.

>= 6 characters<= 20000 characters

Match pattern:

[\p{L}\p{M}\p{S}\p{N}\p{P}\s*]*\{##[\p{L}\p{M}\p{S}\p{N}\p{P}\s*]*##\}[\p{L}\p{M}\p{S}\p{N}\p{P}\s*]*

EmailSubjectByLink

string

optional

The subject line for the email message template for sending a confirmation link to the user. You can set an EmailSubjectByLink template only if the value of EmailSendingAccount is DEVELOPER. When your EmailSendingAccount is DEVELOPER, your user pool sends email messages with your own Amazon SES configuration.

>= 1 characters<= 140 characters

Match pattern:

[\p{L}\p{M}\p{S}\p{N}\p{P}\s]+

DefaultEmailOption

enum<string>

optional

The default email option.

Allowed values:

CONFIRM_WITH_LINKCONFIRM_WITH_CODE

SmsAuthenticationMessage

string

optional

A string representing the SMS authentication message.

>= 6 characters<= 140 characters

Match pattern:

.*\{####\}.*

MfaConfiguration

enum<string>

optional

Specifies MFA configuration details.

Allowed values:

OFFONOPTIONAL

UserAttributeUpdateSettings

object

optional

The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For more information, see Verifying updates to email addresses and phone numbers.

DeviceConfiguration

object

optional

The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.

EmailConfiguration

object

optional

The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool.

SmsConfiguration

object

optional

The SMS configuration with the settings that your Amazon Cognito user pool must use to send an SMS message from your Amazon Web Services account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.

SnsCallerArn

string

required

The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your Amazon Web Services account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a spending limit.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

ExternalId

string

optional

The external ID provides additional security for your IAM role. You can use an ExternalId with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an ExternalId, your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the ExternalID. If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the ExternalId.

For more information about the ExternalId of a role, see How to use an external ID when granting access to your Amazon Web Services resources to a third party

SnsRegion

string

optional

The Amazon Web Services Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported Legacy Amazon SNS alternate Region.

Amazon Cognito resources in the Asia Pacific (Seoul) Amazon Web Services Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see SMS message settings for Amazon Cognito user pools.

>= 5 characters<= 32 characters

UserPoolTags

object

optional

The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.

AdminCreateUserConfig

object

optional

The configuration for AdminCreateUser requests.

AllowAdminCreateUserOnly

boolean

optional

Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app.

UnusedAccountValidityDays

integer

optional

The user account expiration limit, in days, after which a new account that hasn't signed in is no longer usable. To reset the account after that time limit, you must call AdminCreateUser again, specifying "RESEND" for the MessageAction parameter. The default value for this parameter is 7.

>= 0<= 365

InviteMessageTemplate

object

optional

The message template to be used for the welcome message to new users.

Schema

array[object (SchemaAttributeType) {7}]

optional

An array of schema attributes for the new user pool. These attributes can be standard or custom attributes.

>= 1 items<= 50 items

Name

string

optional

A schema attribute of the name type.

>= 1 characters<= 20 characters

Match pattern:

[\p{L}\p{M}\p{S}\p{N}\p{P}]+

AttributeDataType

enum<string>

optional

The attribute data type.

Allowed values:

StringNumberDateTimeBoolean

DeveloperOnlyAttribute

boolean

optional

Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access token. For example, DeveloperOnlyAttribute can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.

Mutable

boolean

optional

Specifies whether the value of the attribute can be changed.

For any user pool attribute that is mapped to an IdP attribute, you must set this parameter to true. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see Specifying Identity Provider Attribute Mappings for Your User Pool.

Required

boolean

optional

Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.

NumberAttributeConstraints

object

optional

Specifies the constraints for an attribute of the number type.

StringAttributeConstraints

object

optional

Specifies the constraints for an attribute of the string type.

UserPoolAddOns

object

optional

Enables advanced security risk detection. Set the key AdvancedSecurityMode to the value "AUDIT".

AdvancedSecurityMode

enum<string>

required

The advanced security mode.

Allowed values:

OFFAUDITENFORCED

UsernameConfiguration

object

optional

Case sensitivity on the username input for the selected sign-in option. For example, when case sensitivity is set to False, users can sign in using either "username" or "Username". This configuration is immutable once it has been set. For more information, see UsernameConfigurationType.

CaseSensitive

boolean

required

Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs.

Valid values include:

True: Enables case sensitivity for all username input. When this option is set to True, users must sign in using the exact capitalization of their given username, such as “UserName”. This is the default value.
False: Enables case insensitivity for all username input. For example, when this option is set to False, users can sign in using either "username" or "Username". This option also enables both preferred_username and email alias to be case insensitive, in addition to the username attribute.

AccountRecoverySetting

object

optional

The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.

RecoveryMechanisms

array[object (RecoveryOptionType) {2}]

optional

The list of RecoveryOptionTypes.

>= 1 items<= 2 items

Examples

Responses

🟢200Success

application/json

Body

Represents the response from the server for the request to create a user pool.

UserPool

object

optional

A container for the user pool details.

string

optional

The ID of the user pool.

>= 1 characters<= 55 characters

Match pattern:

[\w-]+_[0-9a-zA-Z]+

Name

string

optional

The name of the user pool.

>= 1 characters<= 128 characters

Match pattern:

[\w\s+=,.@-]+

Policies

object

optional

The policies associated with the user pool.

DeletionProtection

enum<string>

optional

When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.

Allowed values:

ACTIVEINACTIVE

LambdaConfig

object

optional

The Lambda triggers associated with the user pool.

Status

enum<string>

optional

The status of a user pool.

Allowed values:

EnabledDisabled

LastModifiedDate

string <date-time>

optional

The date the user pool was last modified.

CreationDate

string <date-time>

optional

The date the user pool was created.

SchemaAttributes

array[object (SchemaAttributeType) {7}]

optional

A container with the schema attributes of a user pool.

>= 1 items<= 50 items

AutoVerifiedAttributes

array[string]

optional

The attributes that are auto-verified in a user pool.

Allowed values:

phone_numberemail

AliasAttributes

array[string]

optional

The attributes that are aliased in a user pool.

Allowed values:

phone_numberemailpreferred_username

UsernameAttributes

array[string]

optional

Specifies whether a user can use an email address or phone number as a username when they sign up.

Allowed values:

phone_numberemail

SmsVerificationMessage

string

optional

This parameter is no longer used. See VerificationMessageTemplateType.

>= 6 characters<= 140 characters

Match pattern:

.*\{####\}.*

EmailVerificationMessage

string

optional

This parameter is no longer used. See VerificationMessageTemplateType.

>= 6 characters<= 20000 characters

Match pattern:

[\p{L}\p{M}\p{S}\p{N}\p{P}\s*]*\{####\}[\p{L}\p{M}\p{S}\p{N}\p{P}\s*]*

EmailVerificationSubject

string

optional

This parameter is no longer used. See VerificationMessageTemplateType.

>= 1 characters<= 140 characters

Match pattern:

[\p{L}\p{M}\p{S}\p{N}\p{P}\s]+

VerificationMessageTemplate

object

optional

The template for verification messages.

SmsAuthenticationMessage

string

optional

The contents of the SMS authentication message.

>= 6 characters<= 140 characters

Match pattern:

.*\{####\}.*

UserAttributeUpdateSettings

object

optional

MfaConfiguration

enum<string>

optional

Can be one of the following values:

OFF - MFA tokens aren't required and can't be specified during user registration.
ON - MFA tokens are required for all user registrations. You can only specify required when you're initially creating a user pool.
OPTIONAL - Users have the option when registering to create an MFA token.

Allowed values:

OFFONOPTIONAL

DeviceConfiguration

object

optional

The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.

EstimatedNumberOfUsers

integer

optional

A number estimating the size of the user pool.

EmailConfiguration

object

optional

The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages tfrom your user pool.

SmsConfiguration

object

optional

UserPoolTags

object

optional

The tags that are assigned to the user pool. A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

SmsConfigurationFailure

string

optional

The reason why the SMS configuration can't send the messages to your users.

This message might include comma-separated values to describe why your SMS configuration can't send messages to user pool end users.

InvalidSmsRoleAccessPolicyException: The Identity and Access Management role that Amazon Cognito uses to send SMS messages isn't properly configured. For more information, see SmsConfigurationType.
SNSSandbox: The Amazon Web Services account is in the SNS SMS Sandbox and messages will only reach verified end users. This parameter won’t get populated with SNSSandbox if the IAM user creating the user pool doesn’t have SNS permissions. To learn how to move your Amazon Web Services account out of the sandbox, see Moving out of the SMS sandbox.

EmailConfigurationFailure

string

optional

Deprecated. Review error codes from API requests with EventSource:cognito-idp.amazonaws.com in CloudTrail for information about problems with user pool email configuration.

Domain

string

optional

The domain prefix, if the user pool has a domain associated with it.

>= 1 characters<= 63 characters

Match pattern:

^[a-z0-9](?:[a-z0-9\-]{0,61}[a-z0-9])?$

CustomDomain

string

optional

A custom domain name that you provide to Amazon Cognito. This parameter applies only if you use a custom domain to host the sign-up and sign-in pages for your application. An example of a custom domain name might be auth.example.com.

For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.

>= 1 characters<= 63 characters

Match pattern:

^[a-z0-9](?:[a-z0-9\-]{0,61}[a-z0-9])?$

AdminCreateUserConfig

object

optional

The configuration for AdminCreateUser requests.

UserPoolAddOns

object

optional

The user pool add-ons.

UsernameConfiguration

object

optional

Case sensitivity of the username input for the selected sign-in option. For example, when case sensitivity is set to False, users can sign in using either "username" or "Username". This configuration is immutable once it has been set. For more information, see UsernameConfigurationType.

Arn

string

optional

The Amazon Resource Name (ARN) for the user pool.

>= 20 characters<= 2048 characters

Match pattern:

arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

AccountRecoverySetting

object

optional

🟠480InvalidParameterException

🟠481TooManyRequestsException

🟠482LimitExceededException

🟠483InvalidSmsRoleAccessPolicyException

🟠484InvalidSmsRoleTrustRelationshipException

🟠485InvalidEmailRoleAccessPolicyException

🟠486NotAuthorizedException

🟠487UserPoolTaggingException

🟠488InternalErrorException