2016/06/23 - Amazon Cognito Identity - 4 updated api methods
{'SamlProviderARNs': ['string']}
Creates a new identity pool. The identity pool is a store of user identity information that is specific to your AWS account. The limit on identity pools is 60 per account. The keys for SupportedLoginProviders are as follows:
Facebook: graph.facebook.com
Google: accounts.google.com
Amazon: www.amazon.com
Twitter: api.twitter.com
Digits: www.digits.com
You must use AWS Developer credentials to call this API.
Request Syntax
client.create_identity_pool( IdentityPoolName='string', AllowUnauthenticatedIdentities=True|False, SupportedLoginProviders={ 'string': 'string' }, DeveloperProviderName='string', OpenIdConnectProviderARNs=[ 'string', ], CognitoIdentityProviders=[ { 'ProviderName': 'string', 'ClientId': 'string' }, ], SamlProviderARNs=[ 'string', ] )
string
[REQUIRED]
A string that you provide.
boolean
[REQUIRED]
TRUE if the identity pool supports unauthenticated logins.
dict
Optional key:value pairs mapping provider names to provider app IDs.
(string) --
(string) --
string
The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider. For the DeveloperProviderName , you can use letters as well as period (. ), underscore (_ ), and dash (- ).
Once you have set a developer provider name, you cannot change it. Please take care in setting this parameter.
list
A list of OpendID Connect provider ARNs.
(string) --
list
An array of Amazon Cognito Identity user pools.
(dict) --
A provider representing an Amazon Cognito Identity User Pool and its client ID.
ProviderName (string) --
The provider name for an Amazon Cognito Identity User Pool. For example, cognito-idp.us-east-1.amazonaws.com/us-east-1_123456789 .
ClientId (string) --
The client ID for the Amazon Cognito Identity User Pool.
list
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
(string) --
dict
Response Syntax
{ 'IdentityPoolId': 'string', 'IdentityPoolName': 'string', 'AllowUnauthenticatedIdentities': True|False, 'SupportedLoginProviders': { 'string': 'string' }, 'DeveloperProviderName': 'string', 'OpenIdConnectProviderARNs': [ 'string', ], 'CognitoIdentityProviders': [ { 'ProviderName': 'string', 'ClientId': 'string' }, ], 'SamlProviderARNs': [ 'string', ] }
Response Structure
(dict) -- An object representing a Cognito identity pool.
IdentityPoolId (string) -- An identity pool ID in the format REGION:GUID.
IdentityPoolName (string) --
A string that you provide.
AllowUnauthenticatedIdentities (boolean) -- TRUE if the identity pool supports unauthenticated logins.
SupportedLoginProviders (dict) --
Optional key:value pairs mapping provider names to provider app IDs.
(string) --
(string) --
DeveloperProviderName (string) --
The "domain" by which Cognito will refer to your users.
OpenIdConnectProviderARNs (list) --
A list of OpendID Connect provider ARNs.
(string) --
CognitoIdentityProviders (list) --
A list representing an Amazon Cognito Identity User Pool and its client ID.
(dict) --
A provider representing an Amazon Cognito Identity User Pool and its client ID.
ProviderName (string) --
The provider name for an Amazon Cognito Identity User Pool. For example, cognito-idp.us-east-1.amazonaws.com/us-east-1_123456789 .
ClientId (string) --
The client ID for the Amazon Cognito Identity User Pool.
SamlProviderARNs (list) --
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
(string) --
{'SamlProviderARNs': ['string']}
Gets details about a particular identity pool, including the pool name, ID description, creation date, and current number of users.
You must use AWS Developer credentials to call this API.
Request Syntax
client.describe_identity_pool( IdentityPoolId='string' )
string
[REQUIRED] An identity pool ID in the format REGION:GUID.
dict
Response Syntax
{ 'IdentityPoolId': 'string', 'IdentityPoolName': 'string', 'AllowUnauthenticatedIdentities': True|False, 'SupportedLoginProviders': { 'string': 'string' }, 'DeveloperProviderName': 'string', 'OpenIdConnectProviderARNs': [ 'string', ], 'CognitoIdentityProviders': [ { 'ProviderName': 'string', 'ClientId': 'string' }, ], 'SamlProviderARNs': [ 'string', ] }
Response Structure
(dict) -- An object representing a Cognito identity pool.
IdentityPoolId (string) -- An identity pool ID in the format REGION:GUID.
IdentityPoolName (string) --
A string that you provide.
AllowUnauthenticatedIdentities (boolean) -- TRUE if the identity pool supports unauthenticated logins.
SupportedLoginProviders (dict) --
Optional key:value pairs mapping provider names to provider app IDs.
(string) --
(string) --
DeveloperProviderName (string) --
The "domain" by which Cognito will refer to your users.
OpenIdConnectProviderARNs (list) --
A list of OpendID Connect provider ARNs.
(string) --
CognitoIdentityProviders (list) --
A list representing an Amazon Cognito Identity User Pool and its client ID.
(dict) --
A provider representing an Amazon Cognito Identity User Pool and its client ID.
ProviderName (string) --
The provider name for an Amazon Cognito Identity User Pool. For example, cognito-idp.us-east-1.amazonaws.com/us-east-1_123456789 .
ClientId (string) --
The client ID for the Amazon Cognito Identity User Pool.
SamlProviderARNs (list) --
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
(string) --
{'CustomRoleArn': 'string'}
Returns credentials for the provided identity ID. Any provided logins will be validated against supported login providers. If the token is for cognito-identity.amazonaws.com, it will be passed through to AWS Security Token Service with the appropriate role for the token.
This is a public API. You do not need any credentials to call this API.
Request Syntax
client.get_credentials_for_identity( IdentityId='string', Logins={ 'string': 'string' }, CustomRoleArn='string' )
string
[REQUIRED]
A unique identifier in the format REGION:GUID.
dict
A set of optional name-value pairs that map provider names to provider tokens.
(string) --
(string) --
string
The Amazon Resource Name (ARN) of the role to be assumed when multiple roles were received in the token from the identity provider. For example, a SAML-based identity provider. This parameter is optional for identity providers that do not support role customization.
dict
Response Syntax
{ 'IdentityId': 'string', 'Credentials': { 'AccessKeyId': 'string', 'SecretKey': 'string', 'SessionToken': 'string', 'Expiration': datetime(2015, 1, 1) } }
Response Structure
(dict) --
Returned in response to a successful GetCredentialsForIdentity operation.
IdentityId (string) --
A unique identifier in the format REGION:GUID.
Credentials (dict) --
Credentials for the provided identity ID.
AccessKeyId (string) --
The Access Key portion of the credentials.
SecretKey (string) --
The Secret Access Key portion of the credentials
SessionToken (string) --
The Session Token portion of the credentials
Expiration (datetime) --
The date at which these credentials will expire.
{'SamlProviderARNs': ['string']}
Updates a user pool.
You must use AWS Developer credentials to call this API.
Request Syntax
client.update_identity_pool( IdentityPoolId='string', IdentityPoolName='string', AllowUnauthenticatedIdentities=True|False, SupportedLoginProviders={ 'string': 'string' }, DeveloperProviderName='string', OpenIdConnectProviderARNs=[ 'string', ], CognitoIdentityProviders=[ { 'ProviderName': 'string', 'ClientId': 'string' }, ], SamlProviderARNs=[ 'string', ] )
string
[REQUIRED] An identity pool ID in the format REGION:GUID.
string
[REQUIRED]
A string that you provide.
boolean
[REQUIRED] TRUE if the identity pool supports unauthenticated logins.
dict
Optional key:value pairs mapping provider names to provider app IDs.
(string) --
(string) --
string
The "domain" by which Cognito will refer to your users.
list
A list of OpendID Connect provider ARNs.
(string) --
list
A list representing an Amazon Cognito Identity User Pool and its client ID.
(dict) --
A provider representing an Amazon Cognito Identity User Pool and its client ID.
ProviderName (string) --
The provider name for an Amazon Cognito Identity User Pool. For example, cognito-idp.us-east-1.amazonaws.com/us-east-1_123456789 .
ClientId (string) --
The client ID for the Amazon Cognito Identity User Pool.
list
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
(string) --
dict
Response Syntax
{ 'IdentityPoolId': 'string', 'IdentityPoolName': 'string', 'AllowUnauthenticatedIdentities': True|False, 'SupportedLoginProviders': { 'string': 'string' }, 'DeveloperProviderName': 'string', 'OpenIdConnectProviderARNs': [ 'string', ], 'CognitoIdentityProviders': [ { 'ProviderName': 'string', 'ClientId': 'string' }, ], 'SamlProviderARNs': [ 'string', ] }
Response Structure
(dict) -- An object representing a Cognito identity pool.
IdentityPoolId (string) -- An identity pool ID in the format REGION:GUID.
IdentityPoolName (string) --
A string that you provide.
AllowUnauthenticatedIdentities (boolean) -- TRUE if the identity pool supports unauthenticated logins.
SupportedLoginProviders (dict) --
Optional key:value pairs mapping provider names to provider app IDs.
(string) --
(string) --
DeveloperProviderName (string) --
The "domain" by which Cognito will refer to your users.
OpenIdConnectProviderARNs (list) --
A list of OpendID Connect provider ARNs.
(string) --
CognitoIdentityProviders (list) --
A list representing an Amazon Cognito Identity User Pool and its client ID.
(dict) --
A provider representing an Amazon Cognito Identity User Pool and its client ID.
ProviderName (string) --
The provider name for an Amazon Cognito Identity User Pool. For example, cognito-idp.us-east-1.amazonaws.com/us-east-1_123456789 .
ClientId (string) --
The client ID for the Amazon Cognito Identity User Pool.
SamlProviderARNs (list) --
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
(string) --