Changes Amazon Cognito now supports trigger versions that define the fields in the request sent to pre token generation Lambda triggers.
Changes New feature that logs Cognito user pool error messages to CloudWatch logs.
Changes This release adds a new "DeletionProtection" field to the UserPool in Cognito. Application admins can configure this value with either ACTIVE or INACTIVE value. Setting this field to ACTIVE will prevent a user pool from accidental deletion.
Changes This release adds a new "AuthSessionValidity" field to the UserPoolClient in Cognito. Application admins can configure this value for their users' authentication duration, which is currently fixed at 3 minutes, up to 15 minutes. Setting this field will also apply to the SMS MFA authentication flow.
Changes Amazon Cognito now supports IP Address propagation for all unauthenticated APIs (e.g. SignUp, ForgotPassword).
Changes Amazon Cognito now supports requiring attribute verification (ex. email and phone number) before update.
Changes Updated EmailConfigurationType and SmsConfigurationType to reflect that you can now choose Amazon SES and Amazon SNS resources in the same Region.
Changes Amazon Cognito now supports targeted sign out through refresh token revocation
Changes This release adds ability to configure Cognito User Pools with third party sms and email providers for sending notifications to users.
Changes Adding the option to use a service linked role to publish events to Pinpoint.
Changes Adding ability to customize expiry for Refresh, Access and ID tokens.
Changes Additional response field "CompromisedCredentialsDetected" added to AdminListUserAuthEvents.
Changes Features:This release adds a new setting for a user pool to allow if customer wants their user signup/signin with case insensitive username. The current default setting is case sensitive, and for our next release we will change it to case insensitive.
Changes This release adds a new setting for a user pool to configure which recovery methods a user can use to recover their account via the forgot password operation.
Changes Amazon Cognito Userpools now supports Sign in with Apple as an Identity Provider.
Changes This release adds a new option in the User Pool to allow specifying sender's name in the emails sent by Amazon Cognito. This release also adds support to add SES Configuration Set to the emails sent by Amazon Cognito.
Changes This release adds a new setting at user pool client to prevent user existence related errors during authentication, confirmation, and password recovery related operations. This release also adds support to enable or disable specific authentication flows for a user pool client.
Changes This release adds ClientMetadata input parameter to multiple Cognito User Pools operations, making this parameter available to the customer configured lambda triggers as applicable.
Changes This release of Amazon Cognito User Pools introduces the new AdminSetUserPassword API that allows administrators of a user pool to change a user's password. The new password can be temporary or permanent.
Changes This release adds support for the new email configuration in Amazon Cognito User Pools. You can now specify whether Amazon Cognito emails your users by using its built-in email functionality or your Amazon SES email configuration.
Changes This release adds tags and tag-based access control support to Amazon Cognito User Pools.
Changes Amazon Cognito now has API support for updating the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.
Changes Amazon Cognito now has API support for creating custom domains for our hosted UI for User Pools.