Amazon Cognito · Schema
CreateUserPoolRequest
Represents the request to create a user pool.
AuthenticationAuthorizationIdentityIdentity ProviderOAuth2OIDC
Properties
| Name | Type | Description |
|---|---|---|
| PoolName | object | |
| Policies | object | |
| DeletionProtection | object | |
| LambdaConfig | object | |
| AutoVerifiedAttributes | object | |
| AliasAttributes | object | |
| UsernameAttributes | object | |
| SmsVerificationMessage | object | |
| EmailVerificationMessage | object | |
| EmailVerificationSubject | object | |
| VerificationMessageTemplate | object | |
| SmsAuthenticationMessage | object | |
| MfaConfiguration | object | |
| UserAttributeUpdateSettings | object | |
| DeviceConfiguration | object | |
| EmailConfiguration | object | |
| SmsConfiguration | object | |
| UserPoolTags | object | |
| AdminCreateUserConfig | object | |
| Schema | object | |
| UserPoolAddOns | object | |
| UsernameConfiguration | object | |
| AccountRecoverySetting | object |
JSON Schema
{
"type": "object",
"properties": {
"PoolName": {
"allOf": [
{
"$ref": "#/components/schemas/UserPoolNameType"
},
{
"description": "A string used to name the user pool."
}
]
},
"Policies": {
"allOf": [
{
"$ref": "#/components/schemas/UserPoolPolicyType"
},
{
"description": "The policies associated with the new user pool."
}
]
},
"DeletionProtection": {
"allOf": [
{
"$ref": "#/components/schemas/DeletionProtectionType"
},
{
"description": "<p>When active, <code>DeletionProtection</code> prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.</p> <p>When you try to delete a protected user pool in a <code>DeleteUserPool</code> API request, Amazon Cognito returns an <code>InvalidParameterException</code> error. To delete a protected user pool, send a new <code>DeleteUserPool</code> request after you deactivate deletion protection in an <code>UpdateUserPool</code> API request.</p>"
}
]
},
"LambdaConfig": {
"allOf": [
{
"$ref": "#/components/schemas/LambdaConfigType"
},
{
"description": "<p>The Lambda trigger configuration information for the new user pool.</p> <note> <p>In a push model, event sources (such as Amazon S3 and custom applications) need permission to invoke a function. So you must make an extra call to add permission for these event sources to invoke your Lambda function.</p> <p/> <p>For more information on using the Lambda API to add permission, see<a href=\"https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html\"> AddPermission </a>. </p> <p>For adding permission using the CLI, see<a href=\"https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html\"> add-permission </a>.</p> </note>"
}
]
},
"AutoVerifiedAttributes": {
"allOf": [
{
"$ref": "#/components/schemas/VerifiedAttributesListType"
},
{
"description": "The attributes to be auto-verified. Possible values: <b>email</b>, <b>phone_number</b>."
}
]
},
"AliasAttributes": {
"allOf": [
{
"$ref": "#/components/schemas/AliasAttributesListType"
},
{
"description": "Attributes supported as an alias for this user pool. Possible values: <b>phone_number</b>, <b>email</b>, or <b>preferred_username</b>."
}
]
},
"UsernameAttributes": {
"allOf": [
{
"$ref": "#/components/schemas/UsernameAttributesListType"
},
{
"description": "Specifies whether a user can use an email address or phone number as a username when they sign up."
}
]
},
"SmsVerificationMessage": {
"allOf": [
{
"$ref": "#/components/schemas/SmsVerificationMessageType"
},
{
"description": "This parameter is no longer used. See <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html\">VerificationMessageTemplateType</a>."
}
]
},
"EmailVerificationMessage": {
"allOf": [
{
"$ref": "#/components/schemas/EmailVerificationMessageType"
},
{
"description": "This parameter is no longer used. See <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html\">VerificationMessageTemplateType</a>."
}
]
},
"EmailVerificationSubject": {
"allOf": [
{
"$ref": "#/components/schemas/EmailVerificationSubjectType"
},
{
"description": "This parameter is no longer used. See <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html\">VerificationMessageTemplateType</a>."
}
]
},
"VerificationMessageTemplate": {
"allOf": [
{
"$ref": "#/components/schemas/VerificationMessageTemplateType"
},
{
"description": "The template for the verification message that the user sees when the app requests permission to access the user's information."
}
]
},
"SmsAuthenticationMessage": {
"allOf": [
{
"$ref": "#/components/schemas/SmsVerificationMessageType"
},
{
"description": "A string representing the SMS authentication message."
}
]
},
"MfaConfiguration": {
"allOf": [
{
"$ref": "#/components/schemas/UserPoolMfaType"
},
{
"description": "Specifies MFA configuration details."
}
]
},
"UserAttributeUpdateSettings": {
"allOf": [
{
"$ref": "#/components/schemas/UserAttributeUpdateSettingsType"
},
{
"description": "The settings for updates to user attributes. These settings include the property <code>AttributesRequireVerificationBeforeUpdate</code>, a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates\"> Verifying updates to email addresses and phone numbers</a>."
}
]
},
"DeviceConfiguration": {
"allOf": [
{
"$ref": "#/components/schemas/DeviceConfigurationType"
},
{
"description": "<p>The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.</p> <note> <p>When you provide a value for any <code>DeviceConfiguration</code> field, you activate the Amazon Cognito device-remembering feature.</p> </note>"
}
]
},
"EmailConfiguration": {
"allOf": [
{
"$ref": "#/components/schemas/EmailConfigurationType"
},
{
"description": "The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool."
}
]
},
"SmsConfiguration": {
"allOf": [
{
"$ref": "#/components/schemas/SmsConfigurationType"
},
{
"description": "The SMS configuration with the settings that your Amazon Cognito user pool must use to send an SMS message from your Amazon Web Services account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account."
}
]
},
"UserPoolTags": {
"allOf": [
{
"$ref": "#/components/schemas/UserPoolTagsType"
},
{
"description": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria."
}
]
},
"AdminCreateUserConfig": {
"allOf": [
{
"$ref": "#/components/schemas/AdminCreateUserConfigType"
},
{
"description": "The configuration for <code>AdminCreateUser</code> requests."
}
]
},
"Schema": {
"allOf": [
{
"$ref": "#/components/schemas/SchemaAttributesListType"
},
{
"description": "An array of schema attributes for the new user pool. These attributes can be standard or custom attributes."
}
]
},
"UserPoolAddOns": {
"allOf": [
{
"$ref": "#/components/schemas/UserPoolAddOnsType"
},
{
"description": "Enables advanced security risk detection. Set the key <code>AdvancedSecurityMode</code> to the value \"AUDIT\"."
}
]
},
"UsernameConfiguration": {
"allOf": [
{
"$ref": "#/components/schemas/UsernameConfigurationType"
},
{
"description": "Case sensitivity on the username input for the selected sign-in option. For example, when case sensitivity is set to <code>False</code>, users can sign in using either \"username\" or \"Username\". This configuration is immutable once it has been set. For more information, see <a href=\"https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html\">UsernameConfigurationType</a>."
}
]
},
"AccountRecoverySetting": {
"allOf": [
{
"$ref": "#/components/schemas/AccountRecoverySettingType"
},
{
"description": "The available verified method a user can use to recover their password when they call <code>ForgotPassword</code>. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email."
}
]
}
},
"required": [
"PoolName"
],
"description": "Represents the request to create a user pool.",
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://raw.githubusercontent.com/api-evangelist/aws-cognito/refs/heads/main/json-schema/cognito-idp-create-user-pool-request-schema.json",
"title": "CreateUserPoolRequest"
}