CognitoIdentityProvider / Client / confirm_device
confirm_device#
- CognitoIdentityProvider.Client.confirm_device(**kwargs)#
Confirms a device that a user wants to remember. A remembered device is a “Remember me on this device” option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see Working with user devices in your user pool.
Authorize this action with a signed-in user’s access token. It must include the scope
aws.cognito.signin.user.admin.Note
Amazon Cognito doesn’t evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can’t use IAM credentials to authorize requests, and you can’t grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
See also: AWS API Documentation
Request Syntax
response = client.confirm_device( AccessToken='string', DeviceKey='string', DeviceSecretVerifierConfig={ 'PasswordVerifier': 'string', 'Salt': 'string' }, DeviceName='string' )
- Parameters:
AccessToken (string) –
[REQUIRED]
A valid access token that Amazon Cognito issued to the user whose device you want to confirm.
DeviceKey (string) –
[REQUIRED]
The unique identifier, or device key, of the device that you want to update the status for.
DeviceSecretVerifierConfig (dict) –
The configuration of the device secret verifier.
PasswordVerifier (string) –
A password verifier for a user’s device. Used in SRP authentication.
Salt (string) –
The salt that you want to use in SRP authentication with the user’s device.
DeviceName (string) – A friendly name for the device, for example
MyMobilePhone.
- Return type:
dict
- Returns:
Response Syntax
{ 'UserConfirmationNecessary': True|False }
Response Structure
(dict) –
The confirm-device response.
UserConfirmationNecessary (boolean) –
When
true, your user must confirm that they want to remember the device. Prompt the user for an answer. You must then make an UpdateUserDevice request that sets the device torememberedornot_remembered.When
false, immediately sets the device as remembered and eligible for device authentication.You can configure your user pool to always remember devices, in which case this response is
false, or to allow users to opt in, in which case this response istrue. Configure this option under Device tracking in the Sign-in menu of your user pool. You can also configure this option with the DeviceConfiguration parameter of a CreateUserPool or UpdateUserPool request.
Exceptions
CognitoIdentityProvider.Client.exceptions.ResourceNotFoundExceptionCognitoIdentityProvider.Client.exceptions.InvalidParameterExceptionCognitoIdentityProvider.Client.exceptions.NotAuthorizedExceptionCognitoIdentityProvider.Client.exceptions.InvalidPasswordExceptionCognitoIdentityProvider.Client.exceptions.InvalidLambdaResponseExceptionCognitoIdentityProvider.Client.exceptions.UsernameExistsExceptionCognitoIdentityProvider.Client.exceptions.InvalidUserPoolConfigurationExceptionCognitoIdentityProvider.Client.exceptions.TooManyRequestsExceptionCognitoIdentityProvider.Client.exceptions.PasswordResetRequiredExceptionCognitoIdentityProvider.Client.exceptions.UserNotFoundExceptionCognitoIdentityProvider.Client.exceptions.UserNotConfirmedExceptionCognitoIdentityProvider.Client.exceptions.InternalErrorExceptionCognitoIdentityProvider.Client.exceptions.ForbiddenException