/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include #include #include #include #include namespace Aws { namespace CognitoIdentityProvider { namespace Model { /** *

Represents the request to update the user pool client.

See * Also:

AWS * API Reference

*/ class UpdateUserPoolClientRequest : public CognitoIdentityProviderRequest { public: AWS_COGNITOIDENTITYPROVIDER_API UpdateUserPoolClientRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "UpdateUserPoolClient"; } AWS_COGNITOIDENTITYPROVIDER_API Aws::String SerializePayload() const override; AWS_COGNITOIDENTITYPROVIDER_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; ///@{ /** *

The user pool ID for the user pool where you want to update the user pool * client.

*/ inline const Aws::String& GetUserPoolId() const{ return m_userPoolId; } inline bool UserPoolIdHasBeenSet() const { return m_userPoolIdHasBeenSet; } inline void SetUserPoolId(const Aws::String& value) { m_userPoolIdHasBeenSet = true; m_userPoolId = value; } inline void SetUserPoolId(Aws::String&& value) { m_userPoolIdHasBeenSet = true; m_userPoolId = std::move(value); } inline void SetUserPoolId(const char* value) { m_userPoolIdHasBeenSet = true; m_userPoolId.assign(value); } inline UpdateUserPoolClientRequest& WithUserPoolId(const Aws::String& value) { SetUserPoolId(value); return *this;} inline UpdateUserPoolClientRequest& WithUserPoolId(Aws::String&& value) { SetUserPoolId(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& WithUserPoolId(const char* value) { SetUserPoolId(value); return *this;} ///@} ///@{ /** *

The ID of the client associated with the user pool.

*/ inline const Aws::String& GetClientId() const{ return m_clientId; } inline bool ClientIdHasBeenSet() const { return m_clientIdHasBeenSet; } inline void SetClientId(const Aws::String& value) { m_clientIdHasBeenSet = true; m_clientId = value; } inline void SetClientId(Aws::String&& value) { m_clientIdHasBeenSet = true; m_clientId = std::move(value); } inline void SetClientId(const char* value) { m_clientIdHasBeenSet = true; m_clientId.assign(value); } inline UpdateUserPoolClientRequest& WithClientId(const Aws::String& value) { SetClientId(value); return *this;} inline UpdateUserPoolClientRequest& WithClientId(Aws::String&& value) { SetClientId(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& WithClientId(const char* value) { SetClientId(value); return *this;} ///@} ///@{ /** *

The client name from the update user pool client request.

*/ inline const Aws::String& GetClientName() const{ return m_clientName; } inline bool ClientNameHasBeenSet() const { return m_clientNameHasBeenSet; } inline void SetClientName(const Aws::String& value) { m_clientNameHasBeenSet = true; m_clientName = value; } inline void SetClientName(Aws::String&& value) { m_clientNameHasBeenSet = true; m_clientName = std::move(value); } inline void SetClientName(const char* value) { m_clientNameHasBeenSet = true; m_clientName.assign(value); } inline UpdateUserPoolClientRequest& WithClientName(const Aws::String& value) { SetClientName(value); return *this;} inline UpdateUserPoolClientRequest& WithClientName(Aws::String&& value) { SetClientName(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& WithClientName(const char* value) { SetClientName(value); return *this;} ///@} ///@{ /** *

The refresh token time limit. After this limit expires, your user can't use * their refresh token. To specify the time unit for * RefreshTokenValidity as seconds, minutes, * hours, or days, set a TokenValidityUnits * value in your API request.

For example, when you set * RefreshTokenValidity as 10 and * TokenValidityUnits as days, your user can refresh * their session and retrieve new access and ID tokens for 10 days.

The * default time unit for RefreshTokenValidity in an API request is * days. You can't set RefreshTokenValidity to 0. If you do, Amazon * Cognito overrides the value with the default value of 30 days. Valid * range is displayed below in seconds.

If you don't specify otherwise * in the configuration of your app client, your refresh tokens are valid for 30 * days.

*/ inline int GetRefreshTokenValidity() const{ return m_refreshTokenValidity; } inline bool RefreshTokenValidityHasBeenSet() const { return m_refreshTokenValidityHasBeenSet; } inline void SetRefreshTokenValidity(int value) { m_refreshTokenValidityHasBeenSet = true; m_refreshTokenValidity = value; } inline UpdateUserPoolClientRequest& WithRefreshTokenValidity(int value) { SetRefreshTokenValidity(value); return *this;} ///@} ///@{ /** *

The access token time limit. After this limit expires, your user can't use * their access token. To specify the time unit for * AccessTokenValidity as seconds, minutes, * hours, or days, set a TokenValidityUnits * value in your API request.

For example, when you set * AccessTokenValidity to 10 and * TokenValidityUnits to hours, your user can authorize * access with their access token for 10 hours.

The default time unit for * AccessTokenValidity in an API request is hours. Valid range * is displayed below in seconds.

If you don't specify otherwise in the * configuration of your app client, your access tokens are valid for one hour.

*/ inline int GetAccessTokenValidity() const{ return m_accessTokenValidity; } inline bool AccessTokenValidityHasBeenSet() const { return m_accessTokenValidityHasBeenSet; } inline void SetAccessTokenValidity(int value) { m_accessTokenValidityHasBeenSet = true; m_accessTokenValidity = value; } inline UpdateUserPoolClientRequest& WithAccessTokenValidity(int value) { SetAccessTokenValidity(value); return *this;} ///@} ///@{ /** *

The ID token time limit. After this limit expires, your user can't use their * ID token. To specify the time unit for IdTokenValidity as * seconds, minutes, hours, or * days, set a TokenValidityUnits value in your API * request.

For example, when you set IdTokenValidity as * 10 and TokenValidityUnits as hours, your * user can authenticate their session with their ID token for 10 hours.

The * default time unit for IdTokenValidity in an API request is hours. * Valid range is displayed below in seconds.

If you don't specify * otherwise in the configuration of your app client, your ID tokens are valid for * one hour.

*/ inline int GetIdTokenValidity() const{ return m_idTokenValidity; } inline bool IdTokenValidityHasBeenSet() const { return m_idTokenValidityHasBeenSet; } inline void SetIdTokenValidity(int value) { m_idTokenValidityHasBeenSet = true; m_idTokenValidity = value; } inline UpdateUserPoolClientRequest& WithIdTokenValidity(int value) { SetIdTokenValidity(value); return *this;} ///@} ///@{ /** *

The time units you use when you set the duration of ID, access, and refresh * tokens. The default unit for RefreshToken is days, and the default for ID and * access tokens is hours.

*/ inline const TokenValidityUnitsType& GetTokenValidityUnits() const{ return m_tokenValidityUnits; } inline bool TokenValidityUnitsHasBeenSet() const { return m_tokenValidityUnitsHasBeenSet; } inline void SetTokenValidityUnits(const TokenValidityUnitsType& value) { m_tokenValidityUnitsHasBeenSet = true; m_tokenValidityUnits = value; } inline void SetTokenValidityUnits(TokenValidityUnitsType&& value) { m_tokenValidityUnitsHasBeenSet = true; m_tokenValidityUnits = std::move(value); } inline UpdateUserPoolClientRequest& WithTokenValidityUnits(const TokenValidityUnitsType& value) { SetTokenValidityUnits(value); return *this;} inline UpdateUserPoolClientRequest& WithTokenValidityUnits(TokenValidityUnitsType&& value) { SetTokenValidityUnits(std::move(value)); return *this;} ///@} ///@{ /** *

The list of user attributes that you want your app client to have read access * to. After your user authenticates in your app, their access token authorizes * them to read their own attribute value for any attribute in this list. An * example of this kind of activity is when your user selects a link to view their * profile information. Your app makes a GetUser * API request to retrieve and display your user's profile data.

When you * don't specify the ReadAttributes for your app client, your app can * read the values of email_verified, * phone_number_verified, and the Standard attributes of your user * pool. When your user pool app client has read access to these default * attributes, ReadAttributes doesn't return any information. Amazon * Cognito only populates ReadAttributes in the API response if you * have specified your own custom set of read attributes.

*/ inline const Aws::Vector& GetReadAttributes() const{ return m_readAttributes; } inline bool ReadAttributesHasBeenSet() const { return m_readAttributesHasBeenSet; } inline void SetReadAttributes(const Aws::Vector& value) { m_readAttributesHasBeenSet = true; m_readAttributes = value; } inline void SetReadAttributes(Aws::Vector&& value) { m_readAttributesHasBeenSet = true; m_readAttributes = std::move(value); } inline UpdateUserPoolClientRequest& WithReadAttributes(const Aws::Vector& value) { SetReadAttributes(value); return *this;} inline UpdateUserPoolClientRequest& WithReadAttributes(Aws::Vector&& value) { SetReadAttributes(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& AddReadAttributes(const Aws::String& value) { m_readAttributesHasBeenSet = true; m_readAttributes.push_back(value); return *this; } inline UpdateUserPoolClientRequest& AddReadAttributes(Aws::String&& value) { m_readAttributesHasBeenSet = true; m_readAttributes.push_back(std::move(value)); return *this; } inline UpdateUserPoolClientRequest& AddReadAttributes(const char* value) { m_readAttributesHasBeenSet = true; m_readAttributes.push_back(value); return *this; } ///@} ///@{ /** *

The list of user attributes that you want your app client to have write * access to. After your user authenticates in your app, their access token * authorizes them to set or modify their own attribute value for any attribute in * this list. An example of this kind of activity is when you present your user * with a form to update their profile information and they change their last name. * Your app then makes an UpdateUserAttributes * API request and sets family_name to the new value.

When you * don't specify the WriteAttributes for your app client, your app can * write the values of the Standard attributes of your user pool. When your user * pool has write access to these default attributes, WriteAttributes * doesn't return any information. Amazon Cognito only populates * WriteAttributes in the API response if you have specified your own * custom set of write attributes.

If your app client allows users to sign * in through an IdP, this array must include all attributes that you have mapped * to IdP attributes. Amazon Cognito updates mapped attributes when users sign in * to your application through an IdP. If your app client does not have write * access to a mapped attribute, Amazon Cognito throws an error when it tries to * update the attribute. For more information, see Specifying * IdP Attribute Mappings for Your user pool.

*/ inline const Aws::Vector& GetWriteAttributes() const{ return m_writeAttributes; } inline bool WriteAttributesHasBeenSet() const { return m_writeAttributesHasBeenSet; } inline void SetWriteAttributes(const Aws::Vector& value) { m_writeAttributesHasBeenSet = true; m_writeAttributes = value; } inline void SetWriteAttributes(Aws::Vector&& value) { m_writeAttributesHasBeenSet = true; m_writeAttributes = std::move(value); } inline UpdateUserPoolClientRequest& WithWriteAttributes(const Aws::Vector& value) { SetWriteAttributes(value); return *this;} inline UpdateUserPoolClientRequest& WithWriteAttributes(Aws::Vector&& value) { SetWriteAttributes(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& AddWriteAttributes(const Aws::String& value) { m_writeAttributesHasBeenSet = true; m_writeAttributes.push_back(value); return *this; } inline UpdateUserPoolClientRequest& AddWriteAttributes(Aws::String&& value) { m_writeAttributesHasBeenSet = true; m_writeAttributes.push_back(std::move(value)); return *this; } inline UpdateUserPoolClientRequest& AddWriteAttributes(const char* value) { m_writeAttributesHasBeenSet = true; m_writeAttributes.push_back(value); return *this; } ///@} ///@{ /** *

The authentication flows that you want your user pool client to support. For * each app client in your user pool, you can sign in your users with any * combination of one or more flows, including with a user name and Secure Remote * Password (SRP), a user name and password, or a custom authentication process * that you define with Lambda functions.

If you don't specify a * value for ExplicitAuthFlows, your user client supports * ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and * ALLOW_CUSTOM_AUTH.

Valid values include:

ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user * password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting * replaces the ADMIN_NO_SRP_AUTH setting. With this authentication * flow, your app passes a user name and password to Amazon Cognito in the request, * instead of using the Secure Remote Password (SRP) protocol to securely transmit * the password.
ALLOW_CUSTOM_AUTH: Enable Lambda * trigger based authentication.
* ALLOW_USER_PASSWORD_AUTH: Enable user password-based * authentication. In this flow, Amazon Cognito receives the password in the * request instead of using the SRP protocol to verify passwords.
*
ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh * tokens.

In some environments, you will see the values * ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or * USER_PASSWORD_AUTH. You can't assign these legacy * ExplicitAuthFlows values to user pool clients at the same time as * values that begin with ALLOW_, like * ALLOW_USER_SRP_AUTH.

*/ inline const Aws::Vector& GetExplicitAuthFlows() const{ return m_explicitAuthFlows; } inline bool ExplicitAuthFlowsHasBeenSet() const { return m_explicitAuthFlowsHasBeenSet; } inline void SetExplicitAuthFlows(const Aws::Vector& value) { m_explicitAuthFlowsHasBeenSet = true; m_explicitAuthFlows = value; } inline void SetExplicitAuthFlows(Aws::Vector&& value) { m_explicitAuthFlowsHasBeenSet = true; m_explicitAuthFlows = std::move(value); } inline UpdateUserPoolClientRequest& WithExplicitAuthFlows(const Aws::Vector& value) { SetExplicitAuthFlows(value); return *this;} inline UpdateUserPoolClientRequest& WithExplicitAuthFlows(Aws::Vector&& value) { SetExplicitAuthFlows(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& AddExplicitAuthFlows(const ExplicitAuthFlowsType& value) { m_explicitAuthFlowsHasBeenSet = true; m_explicitAuthFlows.push_back(value); return *this; } inline UpdateUserPoolClientRequest& AddExplicitAuthFlows(ExplicitAuthFlowsType&& value) { m_explicitAuthFlowsHasBeenSet = true; m_explicitAuthFlows.push_back(std::move(value)); return *this; } ///@} ///@{ /** *

A list of provider names for the IdPs that this client supports. The * following are supported: COGNITO, Facebook, * Google, SignInWithApple, LoginWithAmazon, * and the names of your own SAML and OIDC providers.

*/ inline const Aws::Vector& GetSupportedIdentityProviders() const{ return m_supportedIdentityProviders; } inline bool SupportedIdentityProvidersHasBeenSet() const { return m_supportedIdentityProvidersHasBeenSet; } inline void SetSupportedIdentityProviders(const Aws::Vector& value) { m_supportedIdentityProvidersHasBeenSet = true; m_supportedIdentityProviders = value; } inline void SetSupportedIdentityProviders(Aws::Vector&& value) { m_supportedIdentityProvidersHasBeenSet = true; m_supportedIdentityProviders = std::move(value); } inline UpdateUserPoolClientRequest& WithSupportedIdentityProviders(const Aws::Vector& value) { SetSupportedIdentityProviders(value); return *this;} inline UpdateUserPoolClientRequest& WithSupportedIdentityProviders(Aws::Vector&& value) { SetSupportedIdentityProviders(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& AddSupportedIdentityProviders(const Aws::String& value) { m_supportedIdentityProvidersHasBeenSet = true; m_supportedIdentityProviders.push_back(value); return *this; } inline UpdateUserPoolClientRequest& AddSupportedIdentityProviders(Aws::String&& value) { m_supportedIdentityProvidersHasBeenSet = true; m_supportedIdentityProviders.push_back(std::move(value)); return *this; } inline UpdateUserPoolClientRequest& AddSupportedIdentityProviders(const char* value) { m_supportedIdentityProvidersHasBeenSet = true; m_supportedIdentityProviders.push_back(value); return *this; } ///@} ///@{ /** *

A list of allowed redirect (callback) URLs for the IdPs.

A redirect * URI must:

Be an absolute URI.
Be registered * with the authorization server.
Not include a fragment * component.

See OAuth 2.0 - Redirection * Endpoint.

Amazon Cognito requires HTTPS over HTTP except for * http://localhost for testing purposes only.

App callback URLs such as * myapp://example are also supported.

*/ inline const Aws::Vector& GetCallbackURLs() const{ return m_callbackURLs; } inline bool CallbackURLsHasBeenSet() const { return m_callbackURLsHasBeenSet; } inline void SetCallbackURLs(const Aws::Vector& value) { m_callbackURLsHasBeenSet = true; m_callbackURLs = value; } inline void SetCallbackURLs(Aws::Vector&& value) { m_callbackURLsHasBeenSet = true; m_callbackURLs = std::move(value); } inline UpdateUserPoolClientRequest& WithCallbackURLs(const Aws::Vector& value) { SetCallbackURLs(value); return *this;} inline UpdateUserPoolClientRequest& WithCallbackURLs(Aws::Vector&& value) { SetCallbackURLs(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& AddCallbackURLs(const Aws::String& value) { m_callbackURLsHasBeenSet = true; m_callbackURLs.push_back(value); return *this; } inline UpdateUserPoolClientRequest& AddCallbackURLs(Aws::String&& value) { m_callbackURLsHasBeenSet = true; m_callbackURLs.push_back(std::move(value)); return *this; } inline UpdateUserPoolClientRequest& AddCallbackURLs(const char* value) { m_callbackURLsHasBeenSet = true; m_callbackURLs.push_back(value); return *this; } ///@} ///@{ /** *

A list of allowed logout URLs for the IdPs.

*/ inline const Aws::Vector& GetLogoutURLs() const{ return m_logoutURLs; } inline bool LogoutURLsHasBeenSet() const { return m_logoutURLsHasBeenSet; } inline void SetLogoutURLs(const Aws::Vector& value) { m_logoutURLsHasBeenSet = true; m_logoutURLs = value; } inline void SetLogoutURLs(Aws::Vector&& value) { m_logoutURLsHasBeenSet = true; m_logoutURLs = std::move(value); } inline UpdateUserPoolClientRequest& WithLogoutURLs(const Aws::Vector& value) { SetLogoutURLs(value); return *this;} inline UpdateUserPoolClientRequest& WithLogoutURLs(Aws::Vector&& value) { SetLogoutURLs(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& AddLogoutURLs(const Aws::String& value) { m_logoutURLsHasBeenSet = true; m_logoutURLs.push_back(value); return *this; } inline UpdateUserPoolClientRequest& AddLogoutURLs(Aws::String&& value) { m_logoutURLsHasBeenSet = true; m_logoutURLs.push_back(std::move(value)); return *this; } inline UpdateUserPoolClientRequest& AddLogoutURLs(const char* value) { m_logoutURLsHasBeenSet = true; m_logoutURLs.push_back(value); return *this; } ///@} ///@{ /** *

The default redirect URI. Must be in the CallbackURLs list.

A redirect URI must:

Be an absolute URI.
*
Be registered with the authorization server.
Not include a * fragment component.

See OAuth 2.0 - Redirection * Endpoint.

Amazon Cognito requires HTTPS over HTTP except for * http://localhost for testing purposes only.

App callback * URLs such as myapp://example are also supported.

*/ inline const Aws::String& GetDefaultRedirectURI() const{ return m_defaultRedirectURI; } inline bool DefaultRedirectURIHasBeenSet() const { return m_defaultRedirectURIHasBeenSet; } inline void SetDefaultRedirectURI(const Aws::String& value) { m_defaultRedirectURIHasBeenSet = true; m_defaultRedirectURI = value; } inline void SetDefaultRedirectURI(Aws::String&& value) { m_defaultRedirectURIHasBeenSet = true; m_defaultRedirectURI = std::move(value); } inline void SetDefaultRedirectURI(const char* value) { m_defaultRedirectURIHasBeenSet = true; m_defaultRedirectURI.assign(value); } inline UpdateUserPoolClientRequest& WithDefaultRedirectURI(const Aws::String& value) { SetDefaultRedirectURI(value); return *this;} inline UpdateUserPoolClientRequest& WithDefaultRedirectURI(Aws::String&& value) { SetDefaultRedirectURI(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& WithDefaultRedirectURI(const char* value) { SetDefaultRedirectURI(value); return *this;} ///@} ///@{ /** *

The allowed OAuth flows.

code: Use a code grant * flow, which provides an authorization code as the response. This code can be * exchanged for access tokens with the /oauth2/token endpoint.
*
implicit: Issue the access token (and, optionally, ID * token, based on scopes) directly to your user.
client_credentials: Issue the access token from the * /oauth2/token endpoint directly to a non-person user using a * combination of the client ID and client secret.

*/ inline const Aws::Vector& GetAllowedOAuthFlows() const{ return m_allowedOAuthFlows; } inline bool AllowedOAuthFlowsHasBeenSet() const { return m_allowedOAuthFlowsHasBeenSet; } inline void SetAllowedOAuthFlows(const Aws::Vector& value) { m_allowedOAuthFlowsHasBeenSet = true; m_allowedOAuthFlows = value; } inline void SetAllowedOAuthFlows(Aws::Vector&& value) { m_allowedOAuthFlowsHasBeenSet = true; m_allowedOAuthFlows = std::move(value); } inline UpdateUserPoolClientRequest& WithAllowedOAuthFlows(const Aws::Vector& value) { SetAllowedOAuthFlows(value); return *this;} inline UpdateUserPoolClientRequest& WithAllowedOAuthFlows(Aws::Vector&& value) { SetAllowedOAuthFlows(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& AddAllowedOAuthFlows(const OAuthFlowType& value) { m_allowedOAuthFlowsHasBeenSet = true; m_allowedOAuthFlows.push_back(value); return *this; } inline UpdateUserPoolClientRequest& AddAllowedOAuthFlows(OAuthFlowType&& value) { m_allowedOAuthFlowsHasBeenSet = true; m_allowedOAuthFlows.push_back(std::move(value)); return *this; } ///@} ///@{ /** *

The allowed OAuth scopes. Possible values provided by OAuth are * phone, email, openid, and * profile. Possible values provided by Amazon Web Services are * aws.cognito.signin.user.admin. Custom scopes created in Resource * Servers are also supported.

*/ inline const Aws::Vector& GetAllowedOAuthScopes() const{ return m_allowedOAuthScopes; } inline bool AllowedOAuthScopesHasBeenSet() const { return m_allowedOAuthScopesHasBeenSet; } inline void SetAllowedOAuthScopes(const Aws::Vector& value) { m_allowedOAuthScopesHasBeenSet = true; m_allowedOAuthScopes = value; } inline void SetAllowedOAuthScopes(Aws::Vector&& value) { m_allowedOAuthScopesHasBeenSet = true; m_allowedOAuthScopes = std::move(value); } inline UpdateUserPoolClientRequest& WithAllowedOAuthScopes(const Aws::Vector& value) { SetAllowedOAuthScopes(value); return *this;} inline UpdateUserPoolClientRequest& WithAllowedOAuthScopes(Aws::Vector&& value) { SetAllowedOAuthScopes(std::move(value)); return *this;} inline UpdateUserPoolClientRequest& AddAllowedOAuthScopes(const Aws::String& value) { m_allowedOAuthScopesHasBeenSet = true; m_allowedOAuthScopes.push_back(value); return *this; } inline UpdateUserPoolClientRequest& AddAllowedOAuthScopes(Aws::String&& value) { m_allowedOAuthScopesHasBeenSet = true; m_allowedOAuthScopes.push_back(std::move(value)); return *this; } inline UpdateUserPoolClientRequest& AddAllowedOAuthScopes(const char* value) { m_allowedOAuthScopesHasBeenSet = true; m_allowedOAuthScopes.push_back(value); return *this; } ///@} ///@{ /** *

Set to true to use OAuth 2.0 features in your user pool app * client.

AllowedOAuthFlowsUserPoolClient must be * true before you can configure the following features in your app * client.

CallBackURLs: Callback URLs.
LogoutURLs: Sign-out redirect URLs.
* AllowedOAuthScopes: OAuth 2.0 scopes.
* AllowedOAuthFlows: Support for authorization code, implicit, and * client credentials OAuth 2.0 grants.

To use OAuth 2.0 * features, configure one of these features in the Amazon Cognito console or set * AllowedOAuthFlowsUserPoolClient to true in a * CreateUserPoolClient or UpdateUserPoolClient API * request. If you don't set a value for * AllowedOAuthFlowsUserPoolClient in a request with the CLI or SDKs, * it defaults to false.

*/ inline bool GetAllowedOAuthFlowsUserPoolClient() const{ return m_allowedOAuthFlowsUserPoolClient; } inline bool AllowedOAuthFlowsUserPoolClientHasBeenSet() const { return m_allowedOAuthFlowsUserPoolClientHasBeenSet; } inline void SetAllowedOAuthFlowsUserPoolClient(bool value) { m_allowedOAuthFlowsUserPoolClientHasBeenSet = true; m_allowedOAuthFlowsUserPoolClient = value; } inline UpdateUserPoolClientRequest& WithAllowedOAuthFlowsUserPoolClient(bool value) { SetAllowedOAuthFlowsUserPoolClient(value); return *this;} ///@} ///@{ /** *

The Amazon Pinpoint analytics configuration necessary to collect metrics for * this user pool.

In Amazon Web Services Regions where Amazon * Pinpoint isn't available, user pools only support sending events to Amazon * Pinpoint projects in us-east-1. In Regions where Amazon Pinpoint is available, * user pools support sending events to Amazon Pinpoint projects within that same * Region.

*/ inline const AnalyticsConfigurationType& GetAnalyticsConfiguration() const{ return m_analyticsConfiguration; } inline bool AnalyticsConfigurationHasBeenSet() const { return m_analyticsConfigurationHasBeenSet; } inline void SetAnalyticsConfiguration(const AnalyticsConfigurationType& value) { m_analyticsConfigurationHasBeenSet = true; m_analyticsConfiguration = value; } inline void SetAnalyticsConfiguration(AnalyticsConfigurationType&& value) { m_analyticsConfigurationHasBeenSet = true; m_analyticsConfiguration = std::move(value); } inline UpdateUserPoolClientRequest& WithAnalyticsConfiguration(const AnalyticsConfigurationType& value) { SetAnalyticsConfiguration(value); return *this;} inline UpdateUserPoolClientRequest& WithAnalyticsConfiguration(AnalyticsConfigurationType&& value) { SetAnalyticsConfiguration(std::move(value)); return *this;} ///@} ///@{ /** *

Errors and responses that you want Amazon Cognito APIs to return during * authentication, account confirmation, and password recovery when the user * doesn't exist in the user pool. When set to ENABLED and the user * doesn't exist, authentication returns an error indicating either the username or * password was incorrect. Account confirmation and password recovery return a * response indicating a code was sent to a simulated destination. When set to * LEGACY, those APIs return a UserNotFoundException * exception if the user doesn't exist in the user pool.

Valid values * include:

ENABLED - This prevents user * existence-related errors.
LEGACY - This * represents the early behavior of Amazon Cognito where user existence related * errors aren't prevented.

Defaults to LEGACY when * you don't provide a value.

*/ inline const PreventUserExistenceErrorTypes& GetPreventUserExistenceErrors() const{ return m_preventUserExistenceErrors; } inline bool PreventUserExistenceErrorsHasBeenSet() const { return m_preventUserExistenceErrorsHasBeenSet; } inline void SetPreventUserExistenceErrors(const PreventUserExistenceErrorTypes& value) { m_preventUserExistenceErrorsHasBeenSet = true; m_preventUserExistenceErrors = value; } inline void SetPreventUserExistenceErrors(PreventUserExistenceErrorTypes&& value) { m_preventUserExistenceErrorsHasBeenSet = true; m_preventUserExistenceErrors = std::move(value); } inline UpdateUserPoolClientRequest& WithPreventUserExistenceErrors(const PreventUserExistenceErrorTypes& value) { SetPreventUserExistenceErrors(value); return *this;} inline UpdateUserPoolClientRequest& WithPreventUserExistenceErrors(PreventUserExistenceErrorTypes&& value) { SetPreventUserExistenceErrors(std::move(value)); return *this;} ///@} ///@{ /** *

Activates or deactivates token revocation. For more information about * revoking tokens, see RevokeToken.

*/ inline bool GetEnableTokenRevocation() const{ return m_enableTokenRevocation; } inline bool EnableTokenRevocationHasBeenSet() const { return m_enableTokenRevocationHasBeenSet; } inline void SetEnableTokenRevocation(bool value) { m_enableTokenRevocationHasBeenSet = true; m_enableTokenRevocation = value; } inline UpdateUserPoolClientRequest& WithEnableTokenRevocation(bool value) { SetEnableTokenRevocation(value); return *this;} ///@} ///@{ /** *

Activates the propagation of additional user context data. For more * information about propagation of user context data, see * Adding advanced security to a user pool. If you don’t include this * parameter, you can't send device fingerprint information, including source IP * address, to Amazon Cognito advanced security. You can only activate * EnablePropagateAdditionalUserContextData in an app client that has * a client secret.

*/ inline bool GetEnablePropagateAdditionalUserContextData() const{ return m_enablePropagateAdditionalUserContextData; } inline bool EnablePropagateAdditionalUserContextDataHasBeenSet() const { return m_enablePropagateAdditionalUserContextDataHasBeenSet; } inline void SetEnablePropagateAdditionalUserContextData(bool value) { m_enablePropagateAdditionalUserContextDataHasBeenSet = true; m_enablePropagateAdditionalUserContextData = value; } inline UpdateUserPoolClientRequest& WithEnablePropagateAdditionalUserContextData(bool value) { SetEnablePropagateAdditionalUserContextData(value); return *this;} ///@} ///@{ /** *

Amazon Cognito creates a session token for each API request in an * authentication flow. AuthSessionValidity is the duration, in * minutes, of that session token. Your user pool native user must respond to each * authentication challenge before the session expires.

*/ inline int GetAuthSessionValidity() const{ return m_authSessionValidity; } inline bool AuthSessionValidityHasBeenSet() const { return m_authSessionValidityHasBeenSet; } inline void SetAuthSessionValidity(int value) { m_authSessionValidityHasBeenSet = true; m_authSessionValidity = value; } inline UpdateUserPoolClientRequest& WithAuthSessionValidity(int value) { SetAuthSessionValidity(value); return *this;} ///@} private: Aws::String m_userPoolId; bool m_userPoolIdHasBeenSet = false; Aws::String m_clientId; bool m_clientIdHasBeenSet = false; Aws::String m_clientName; bool m_clientNameHasBeenSet = false; int m_refreshTokenValidity; bool m_refreshTokenValidityHasBeenSet = false; int m_accessTokenValidity; bool m_accessTokenValidityHasBeenSet = false; int m_idTokenValidity; bool m_idTokenValidityHasBeenSet = false; TokenValidityUnitsType m_tokenValidityUnits; bool m_tokenValidityUnitsHasBeenSet = false; Aws::Vector m_readAttributes; bool m_readAttributesHasBeenSet = false; Aws::Vector m_writeAttributes; bool m_writeAttributesHasBeenSet = false; Aws::Vector m_explicitAuthFlows; bool m_explicitAuthFlowsHasBeenSet = false; Aws::Vector m_supportedIdentityProviders; bool m_supportedIdentityProvidersHasBeenSet = false; Aws::Vector m_callbackURLs; bool m_callbackURLsHasBeenSet = false; Aws::Vector m_logoutURLs; bool m_logoutURLsHasBeenSet = false; Aws::String m_defaultRedirectURI; bool m_defaultRedirectURIHasBeenSet = false; Aws::Vector m_allowedOAuthFlows; bool m_allowedOAuthFlowsHasBeenSet = false; Aws::Vector m_allowedOAuthScopes; bool m_allowedOAuthScopesHasBeenSet = false; bool m_allowedOAuthFlowsUserPoolClient; bool m_allowedOAuthFlowsUserPoolClientHasBeenSet = false; AnalyticsConfigurationType m_analyticsConfiguration; bool m_analyticsConfigurationHasBeenSet = false; PreventUserExistenceErrorTypes m_preventUserExistenceErrors; bool m_preventUserExistenceErrorsHasBeenSet = false; bool m_enableTokenRevocation; bool m_enableTokenRevocationHasBeenSet = false; bool m_enablePropagateAdditionalUserContextData; bool m_enablePropagateAdditionalUserContextDataHasBeenSet = false; int m_authSessionValidity; bool m_authSessionValidityHasBeenSet = false; }; } // namespace Model } // namespace CognitoIdentityProvider } // namespace Aws