Interface CfnUserPool.IDeviceConfigurationProperty

Namespace

Amazon.CDK.AWS.Cognito

Assembly

Amazon.CDK.AWS.Cognito.dll

The device-remembering configuration for a user pool.

public interface CfnUserPool.IDeviceConfigurationProperty

Examples

// The code below shows an example of how to instantiate this type.
             // The values are placeholders you should change.
             using Amazon.CDK.AWS.Cognito;

             var deviceConfigurationProperty = new DeviceConfigurationProperty {
                 ChallengeRequiredOnNewDevice = false,
                 DeviceOnlyRememberedOnUserPrompt = false
             };

Remarks

A DescribeUserPool request returns a null value for this object when the user pool isn't configured to remember devices. When device remembering is active, you can remember a user's device with a ConfirmDevice API request. Additionally. when the property DeviceOnlyRememberedOnUserPrompt is true , you must follow ConfirmDevice with an UpdateDeviceStatus API request that sets the user's device to remembered or not_remembered .

To sign in with a remembered device, include DEVICE_KEY in the authentication parameters in your user's InitiateAuth request. If your app doesn't include a DEVICE_KEY parameter, the response from Amazon Cognito includes newly-generated DEVICE_KEY and DEVICE_GROUP_KEY values under NewDeviceMetadata . Store these values to use in future device-authentication requests.

When you provide a value for any property of <code>DeviceConfiguration</code> , you activate the device remembering for the user pool.

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-deviceconfiguration.html

ExampleMetadata: fixture=_generated

Properties

ChallengeRequiredOnNewDevice

When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).

object? ChallengeRequiredOnNewDevice { get; }

Property Value

object

Remarks

Whether or not <code>ChallengeRequiredOnNewDevice</code> is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-deviceconfiguration.html#cfn-cognito-userpool-deviceconfiguration-challengerequiredonnewdevice

DeviceOnlyRememberedOnUserPrompt

When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a ConfirmDevice API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an UpdateDeviceStatus API request.

object? DeviceOnlyRememberedOnUserPrompt { get; }

Property Value

object

Remarks

When DeviceOnlyRememberedOnUserPrompt is false , Amazon Cognito immediately remembers devices that you register in a ConfirmDevice API request.

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-deviceconfiguration.html#cfn-cognito-userpool-deviceconfiguration-deviceonlyrememberedonuserprompt