or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

docs

admin-operations.mdadvanced-features.mdclient-configuration.mddata-types.mddevice-mfa.mdidentity-providers.mdindex.mduser-authentication.mduser-pool-management.md
tile.json

tessl/npm-aws-sdk--client-cognito-identity-provider

AWS SDK for JavaScript Cognito Identity Provider Client for Node.js, Browser and React Native

Workspace
tessl
Visibility
Public
Created
Last updated
Describes
npmpkg:npm/@aws-sdk/client-cognito-identity-provider@3.879.x

To install, run

npx @tessl/cli install tessl/npm-aws-sdk--client-cognito-identity-provider@3.879.0

index.mddocs/

AWS SDK Cognito Identity Provider Client

AWS SDK for JavaScript Cognito Identity Provider Client provides comprehensive access to Amazon Cognito User Pools API, enabling user authentication, authorization, and user management capabilities across web, mobile, and server-side applications. It offers a complete command-based API covering all Cognito user pool operations including user registration, authentication flows, password management, multi-factor authentication, device management, group administration, and identity provider federation.

Package Information

  • Package Name: @aws-sdk/client-cognito-identity-provider
  • Package Type: npm
  • Language: TypeScript
  • Installation: npm install @aws-sdk/client-cognito-identity-provider

Core Imports

import { 
  CognitoIdentityProviderClient, 
  InitiateAuthCommand,
  SignUpCommand,
  AdminCreateUserCommand 
} from "@aws-sdk/client-cognito-identity-provider";

For aggregated client (convenience methods):

import { CognitoIdentityProvider } from "@aws-sdk/client-cognito-identity-provider";

For CommonJS:

const { 
  CognitoIdentityProviderClient, 
  InitiateAuthCommand,
  SignUpCommand 
} = require("@aws-sdk/client-cognito-identity-provider");

Basic Usage

import { 
  CognitoIdentityProviderClient, 
  InitiateAuthCommand,
  SignUpCommand 
} from "@aws-sdk/client-cognito-identity-provider";

// Create client
const client = new CognitoIdentityProviderClient({
  region: "us-east-1",
  credentials: {
    accessKeyId: "your-access-key",
    secretAccessKey: "your-secret-key"
  }
});

// User registration
const signUpCommand = new SignUpCommand({
  ClientId: "your-client-id",
  Username: "user@example.com",
  Password: "TempPassword123!",
  UserAttributes: [
    { Name: "email", Value: "user@example.com" },
    { Name: "name", Value: "John Doe" }
  ]
});

const signUpResult = await client.send(signUpCommand);

// User authentication
const authCommand = new InitiateAuthCommand({
  AuthFlow: "USER_PASSWORD_AUTH",
  ClientId: "your-client-id",
  AuthParameters: {
    USERNAME: "user@example.com",
    PASSWORD: "TempPassword123!"
  }
});

const authResult = await client.send(authCommand);

Architecture

The AWS Cognito Identity Provider Client is built around several key components:

  • Command Pattern: All operations are implemented as command classes (119 total) that can be executed via client.send()
  • Client Classes: CognitoIdentityProviderClient for command pattern, CognitoIdentityProvider for convenience methods
  • Type Safety: Full TypeScript integration with comprehensive type definitions for all operations
  • Modular Design: Tree-shakeable imports for optimized bundle sizes
  • Multi-Platform: Supports Node.js, browsers, and React Native environments
  • Middleware Stack: Extensible middleware for authentication, retry, logging, and custom functionality

Capabilities

Client Configuration & Setup

Essential configuration options and client initialization patterns for different environments and use cases.

class CognitoIdentityProviderClient {
  constructor(configuration: CognitoIdentityProviderClientConfig);
  send<InputType, OutputType>(
    command: Command<InputType, OutputType>
  ): Promise<OutputType>;
}

interface CognitoIdentityProviderClientConfig {
  region?: string | Provider<string>;
  credentials?: AwsCredentialIdentityProvider;
  endpoint?: string | EndpointV2 | Provider<EndpointV2>;
  maxAttempts?: number | Provider<number>;
  retryMode?: string | Provider<string>;
}

Client Configuration

User Authentication & Registration

Core user authentication flows including sign-up, sign-in, password management, and session handling for client-side applications.

class SignUpCommand {
  constructor(input: SignUpCommandInput);
}

interface SignUpCommandInput {
  ClientId: string;
  Username: string;
  Password: string;
  UserAttributes?: AttributeType[];
  ValidationData?: AttributeType[];
  ClientMetadata?: Record<string, string>;
}

class InitiateAuthCommand {
  constructor(input: InitiateAuthCommandInput);
}

interface InitiateAuthCommandInput {
  AuthFlow: AuthFlowType;
  ClientId: string;
  AuthParameters?: Record<string, string>;
  ClientMetadata?: Record<string, string>;
}

User Authentication

Administrative Operations

Administrative user management operations requiring elevated privileges, including user creation, deletion, and attribute management.

class AdminCreateUserCommand {
  constructor(input: AdminCreateUserCommandInput);
}

interface AdminCreateUserCommandInput {
  UserPoolId: string;
  Username: string;
  UserAttributes?: AttributeType[];
  ValidationData?: AttributeType[];
  TemporaryPassword?: string;
  ForceAliasCreation?: boolean;
  MessageAction?: MessageActionType;
}

class AdminGetUserCommand {
  constructor(input: AdminGetUserCommandInput);
}

interface AdminGetUserCommandInput {
  UserPoolId: string;
  Username: string;
}

Administrative Operations

Device & MFA Management

Device tracking, multi-factor authentication setup, and WebAuthn credential management for enhanced security.

class AssociateSoftwareTokenCommand {
  constructor(input: AssociateSoftwareTokenCommandInput);
}

interface AssociateSoftwareTokenCommandInput {
  AccessToken?: string;
  Session?: string;
}

class ListDevicesCommand {
  constructor(input: ListDevicesCommandInput);
}

interface ListDevicesCommandInput {
  AccessToken: string;
  Limit?: number;
  PaginationToken?: string;
}

Device & MFA Management

User Pool & Client Management

User pool configuration, application client setup, and pool-level settings management for administrators.

class CreateUserPoolCommand {
  constructor(input: CreateUserPoolCommandInput);
}

interface CreateUserPoolCommandInput {
  PoolName: string;
  Policies?: UserPoolPolicyType;
  LambdaConfig?: LambdaConfigType;
  AutoVerifiedAttributes?: VerifiedAttributeType[];
  AliasAttributes?: AliasAttributeType[];
  UsernameAttributes?: UsernameAttributeType[];
}

class CreateUserPoolClientCommand {
  constructor(input: CreateUserPoolClientCommandInput);
}

interface CreateUserPoolClientCommandInput {
  UserPoolId: string;
  ClientName: string;
  GenerateSecret?: boolean;
  RefreshTokenValidity?: number;
  AccessTokenValidity?: number;
  IdTokenValidity?: number;
  ExplicitAuthFlows?: ExplicitAuthFlowsType[];
}

User Pool Management

Identity Providers & Federation

External identity provider integration including SAML, OIDC, and social identity providers (Google, Facebook, etc.).

class CreateIdentityProviderCommand {
  constructor(input: CreateIdentityProviderCommandInput);
}

interface CreateIdentityProviderCommandInput {
  UserPoolId: string;
  ProviderName: string;
  ProviderType: IdentityProviderTypeType;
  ProviderDetails: Record<string, string>;
  AttributeMapping?: Record<string, string>;
  IdpIdentifiers?: string[];
}

class ListIdentityProvidersCommand {
  constructor(input: ListIdentityProvidersCommandInput);
}

interface ListIdentityProvidersCommandInput {
  UserPoolId: string;
  MaxResults?: number;
  NextToken?: string;
}

Identity Providers

Advanced Features

Advanced security features including WebAuthn, risk configuration, managed login branding, and logging configuration.

class StartWebAuthnRegistrationCommand {
  constructor(input: StartWebAuthnRegistrationCommandInput);
}

interface StartWebAuthnRegistrationCommandInput {
  AccessToken: string;
}

class SetRiskConfigurationCommand {
  constructor(input: SetRiskConfigurationCommandInput);
}

interface SetRiskConfigurationCommandInput {
  UserPoolId: string;
  ClientId?: string;
  CompromisedCredentialsRiskConfiguration?: CompromisedCredentialsRiskConfigurationType;
  AccountTakeoverRiskConfiguration?: AccountTakeoverRiskConfigurationType;
  RiskExceptionConfiguration?: RiskExceptionConfigurationType;
}

Advanced Features

Data Types & Models

Core data structures, enumerations, and type definitions used throughout the API.

interface UserType {
  Username?: string;
  Attributes?: AttributeType[];
  UserCreateDate?: Date;
  UserLastModifiedDate?: Date;
  Enabled?: boolean;
  UserStatus?: UserStatusType;
  MFAOptions?: MFAOptionType[];
}

interface AttributeType {
  Name: string;
  Value?: string;
}

type AuthFlowType = 
  | "USER_SRP_AUTH" 
  | "REFRESH_TOKEN_AUTH" 
  | "CUSTOM_AUTH" 
  | "ADMIN_NO_SRP_AUTH" 
  | "USER_PASSWORD_AUTH" 
  | "ADMIN_USER_PASSWORD_AUTH" 
  | "USER_AUTH";

type UserStatusType = 
  | "UNCONFIRMED" 
  | "CONFIRMED" 
  | "ARCHIVED" 
  | "COMPROMISED" 
  | "UNKNOWN" 
  | "RESET_REQUIRED" 
  | "FORCE_CHANGE_PASSWORD" 
  | "EXTERNAL_PROVIDER";

Data Types