create_backend_auth(**kwargs)¶Creates a new backend authentication resource.
See also: AWS API Documentation
Request Syntax
response = client.create_backend_auth(
AppId='string',
BackendEnvironmentName='string',
ResourceConfig={
'AuthResources': 'USER_POOL_ONLY'|'IDENTITY_POOL_AND_USER_POOL',
'IdentityPoolConfigs': {
'IdentityPoolName': 'string',
'UnauthenticatedLogin': True|False
},
'Service': 'COGNITO',
'UserPoolConfigs': {
'ForgotPassword': {
'DeliveryMethod': 'EMAIL'|'SMS',
'EmailSettings': {
'EmailMessage': 'string',
'EmailSubject': 'string'
},
'SmsSettings': {
'SmsMessage': 'string'
}
},
'Mfa': {
'MFAMode': 'ON'|'OFF'|'OPTIONAL',
'Settings': {
'MfaTypes': [
'SMS'|'TOTP',
],
'SmsMessage': 'string'
}
},
'OAuth': {
'DomainPrefix': 'string',
'OAuthGrantType': 'CODE'|'IMPLICIT',
'OAuthScopes': [
'PHONE'|'EMAIL'|'OPENID'|'PROFILE'|'AWS_COGNITO_SIGNIN_USER_ADMIN',
],
'RedirectSignInURIs': [
'string',
],
'RedirectSignOutURIs': [
'string',
],
'SocialProviderSettings': {
'Facebook': {
'ClientId': 'string',
'ClientSecret': 'string'
},
'Google': {
'ClientId': 'string',
'ClientSecret': 'string'
},
'LoginWithAmazon': {
'ClientId': 'string',
'ClientSecret': 'string'
},
'SignInWithApple': {
'ClientId': 'string',
'KeyId': 'string',
'PrivateKey': 'string',
'TeamId': 'string'
}
}
},
'PasswordPolicy': {
'AdditionalConstraints': [
'REQUIRE_DIGIT'|'REQUIRE_LOWERCASE'|'REQUIRE_SYMBOL'|'REQUIRE_UPPERCASE',
],
'MinimumLength': 123.0
},
'RequiredSignUpAttributes': [
'ADDRESS'|'BIRTHDATE'|'EMAIL'|'FAMILY_NAME'|'GENDER'|'GIVEN_NAME'|'LOCALE'|'MIDDLE_NAME'|'NAME'|'NICKNAME'|'PHONE_NUMBER'|'PICTURE'|'PREFERRED_USERNAME'|'PROFILE'|'UPDATED_AT'|'WEBSITE'|'ZONE_INFO',
],
'SignInMethod': 'EMAIL'|'EMAIL_AND_PHONE_NUMBER'|'PHONE_NUMBER'|'USERNAME',
'UserPoolName': 'string',
'VerificationMessage': {
'DeliveryMethod': 'EMAIL'|'SMS',
'EmailSettings': {
'EmailMessage': 'string',
'EmailSubject': 'string'
},
'SmsSettings': {
'SmsMessage': 'string'
}
}
}
},
ResourceName='string'
)
[REQUIRED]
The app ID.
[REQUIRED]
The name of the backend environment.
[REQUIRED]
The resource configuration for this request object.
Defines whether you want to configure only authentication or both authentication and authorization settings.
Describes the authorization configuration for the Amazon Cognito identity pool, provisioned as a part of your auth resource in the Amplify project.
Name of the Amazon Cognito identity pool used for authorization.
Set to true or false based on whether you want to enable guest authorization to your Amplify app.
Defines the service name to use when configuring an authentication resource in your Amplify project.
Describes authentication configuration for the Amazon Cognito user pool, provisioned as a part of your auth resource in the Amplify project.
(DEPRECATED) Describes the forgotten password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.
(DEPRECATED) Describes which mode to use (either SMS or email) to deliver messages to app users who want to recover their password.
(DEPRECATED) The configuration for the email sent when an app user forgets their password.
The contents of the email message.
The contents of the subject line of the email message.
(DEPRECATED) The configuration for the SMS message sent when an app user forgets their password.
The contents of the SMS message.
Describes whether to apply multi-factor authentication policies for your Amazon Cognito user pool configured as a part of your Amplify project.
Describes whether MFA should be [ON, OFF, or OPTIONAL] for authentication in your Amplify project.
Describes the configuration settings and methods for your Amplify app users to use MFA.
The supported MFA types.
The body of the SMS message.
Describes the OAuth policy and rules for your Amazon Cognito user pool, configured as a part of your Amplify project.
The domain prefix for your Amplify app.
The OAuth grant type that you use to allow app users to authenticate from your Amplify app.
List of OAuth-related flows used to allow your app users to authenticate from your Amplify app.
The redirected URI for signing in to your Amplify app.
Redirect URLs that OAuth uses when a user signs out of an Amplify app.
The settings for using social providers to access your Amplify app.
Describes third-party social federation configurations for allowing your app users to sign in using OAuth.
Describes the client_id, which can be obtained from the third-party social federation provider.
Describes the client_secret, which can be obtained from third-party social federation providers.
Describes third-party social federation configurations for allowing your app users to sign in using OAuth.
Describes the client_id, which can be obtained from the third-party social federation provider.
Describes the client_secret, which can be obtained from third-party social federation providers.
Describes third-party social federation configurations for allowing your app users to sign in using OAuth.
Describes the client_id, which can be obtained from the third-party social federation provider.
Describes the client_secret, which can be obtained from third-party social federation providers.
Describes Apple social federation configurations for allowing your app users to sign in using OAuth.
Describes the client_id (also called Services ID) that comes from Apple.
Describes the key_id that comes from Apple.
Describes the private_key that comes from Apple.
Describes the team_id that comes from Apple.
Describes the password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.
Additional constraints for the password used to access the backend of your Amplify project.
The minimum length of the password used to access the backend of your Amplify project.
The required attributes to sign up new users in the user pool.
Describes the sign-in methods that your Amplify app users use to log in using the Amazon Cognito user pool, configured as a part of your Amplify project.
The Amazon Cognito user pool name.
Describes the email or SMS verification message for your Amazon Cognito user pool, configured as a part of your Amplify project.
The type of verification message to send.
The settings for the email message.
The contents of the email message.
The contents of the subject line of the email message.
The settings for the SMS message.
The contents of the SMS message.
[REQUIRED]
The name of this resource.
dict
Response Syntax
{
'AppId': 'string',
'BackendEnvironmentName': 'string',
'Error': 'string',
'JobId': 'string',
'Operation': 'string',
'Status': 'string'
}
Response Structure
(dict) --
200 response
AppId (string) --
The app ID.
BackendEnvironmentName (string) --
The name of the backend environment.
Error (string) --
If the request fails, this error is returned.
JobId (string) --
The ID for the job.
Operation (string) --
The name of the operation.
Status (string) --
The current status of the request.
Exceptions
AmplifyBackend.Client.exceptions.NotFoundExceptionAmplifyBackend.Client.exceptions.GatewayTimeoutExceptionAmplifyBackend.Client.exceptions.TooManyRequestsExceptionAmplifyBackend.Client.exceptions.BadRequestException