# Actions
The following actions are supported:
+ [CreateIdentityPool](API_CreateIdentityPool.md)
+ [DeleteIdentities](API_DeleteIdentities.md)
+ [DeleteIdentityPool](API_DeleteIdentityPool.md)
+ [DescribeIdentity](API_DescribeIdentity.md)
+ [DescribeIdentityPool](API_DescribeIdentityPool.md)
+ [GetCredentialsForIdentity](API_GetCredentialsForIdentity.md)
+ [GetId](API_GetId.md)
+ [GetIdentityPoolRoles](API_GetIdentityPoolRoles.md)
+ [GetOpenIdToken](API_GetOpenIdToken.md)
+ [GetOpenIdTokenForDeveloperIdentity](API_GetOpenIdTokenForDeveloperIdentity.md)
+ [GetPrincipalTagAttributeMap](API_GetPrincipalTagAttributeMap.md)
+ [ListIdentities](API_ListIdentities.md)
+ [ListIdentityPools](API_ListIdentityPools.md)
+ [ListTagsForResource](API_ListTagsForResource.md)
+ [LookupDeveloperIdentity](API_LookupDeveloperIdentity.md)
+ [MergeDeveloperIdentities](API_MergeDeveloperIdentities.md)
+ [SetIdentityPoolRoles](API_SetIdentityPoolRoles.md)
+ [SetPrincipalTagAttributeMap](API_SetPrincipalTagAttributeMap.md)
+ [TagResource](API_TagResource.md)
+ [UnlinkDeveloperIdentity](API_UnlinkDeveloperIdentity.md)
+ [UnlinkIdentity](API_UnlinkIdentity.md)
+ [UntagResource](API_UntagResource.md)
+ [UpdateIdentityPool](API_UpdateIdentityPool.md)
# CreateIdentityPool
Creates a new identity pool. The identity pool is a store of user identity information that is specific to your AWS account. The keys for `SupportedLoginProviders` are as follows:
+ Facebook: `graph.facebook.com`
+ Google: `accounts.google.com`
+ Sign in With Apple: `appleid.apple.com`
+ Amazon: `www.amazon.com`
+ Twitter: `api.twitter.com`
+ Digits: `www.digits.com`
**Important**
If you don't provide a value for a parameter, Amazon Cognito sets it to its default value.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"AllowClassicFlow": boolean,
"AllowUnauthenticatedIdentities": boolean,
"CognitoIdentityProviders": [
{
"ClientId": "string",
"ProviderName": "string",
"ServerSideTokenCheck": boolean
}
],
"DeveloperProviderName": "string",
"IdentityPoolName": "string",
"IdentityPoolTags": {
"string" : "string"
},
"OpenIdConnectProviderARNs": [ "string" ],
"SamlProviderARNs": [ "string" ],
"SupportedLoginProviders": {
"string" : "string"
}
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [AllowClassicFlow](#API_CreateIdentityPool_RequestSyntax) **
Enables or disables the Basic (Classic) authentication flow. For more information, see [Identity Pools (Federated Identities) Authentication Flow](https://docs.aws.amazon.com/cognito/latest/developerguide/authentication-flow.html) in the *Amazon Cognito Developer Guide*.
Type: Boolean
Required: No
** [AllowUnauthenticatedIdentities](#API_CreateIdentityPool_RequestSyntax) **
TRUE if the identity pool supports unauthenticated logins.
Type: Boolean
Required: Yes
** [CognitoIdentityProviders](#API_CreateIdentityPool_RequestSyntax) **
An array of Amazon Cognito user pools and their client IDs.
Type: Array of [CognitoIdentityProvider](API_CognitoIdentityProvider.md) objects
Required: No
** [DeveloperProviderName](#API_CreateIdentityPool_RequestSyntax) **
The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider. For the `DeveloperProviderName`, you can use letters as well as period (`.`), underscore (`_`), and dash (`-`).
Once you have set a developer provider name, you cannot change it. Please take care in setting this parameter.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w._-]+`
Required: No
** [IdentityPoolName](#API_CreateIdentityPool_RequestSyntax) **
A string that you provide.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w\s+=,.@-]+`
Required: Yes
** [IdentityPoolTags](#API_CreateIdentityPool_RequestSyntax) **
Tags to assign to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 0. Maximum length of 256.
Required: No
** [OpenIdConnectProviderARNs](#API_CreateIdentityPool_RequestSyntax) **
The Amazon Resource Names (ARN) of the OpenID Connect providers.
Type: Array of strings
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: No
** [SamlProviderARNs](#API_CreateIdentityPool_RequestSyntax) **
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
Type: Array of strings
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: No
** [SupportedLoginProviders](#API_CreateIdentityPool_RequestSyntax) **
Optional key:value pairs mapping provider names to provider app IDs.
Type: String to string map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 128.
Value Pattern: `[\w.;_/-]+`
Required: No
## Response Syntax
```
{
"AllowClassicFlow": boolean,
"AllowUnauthenticatedIdentities": boolean,
"CognitoIdentityProviders": [
{
"ClientId": "string",
"ProviderName": "string",
"ServerSideTokenCheck": boolean
}
],
"DeveloperProviderName": "string",
"IdentityPoolId": "string",
"IdentityPoolName": "string",
"IdentityPoolTags": {
"string" : "string"
},
"OpenIdConnectProviderARNs": [ "string" ],
"SamlProviderARNs": [ "string" ],
"SupportedLoginProviders": {
"string" : "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [AllowClassicFlow](#API_CreateIdentityPool_ResponseSyntax) **
Enables or disables the Basic (Classic) authentication flow. For more information, see [Identity Pools (Federated Identities) Authentication Flow](https://docs.aws.amazon.com/cognito/latest/developerguide/authentication-flow.html) in the *Amazon Cognito Developer Guide*.
Type: Boolean
** [AllowUnauthenticatedIdentities](#API_CreateIdentityPool_ResponseSyntax) **
TRUE if the identity pool supports unauthenticated logins.
Type: Boolean
** [CognitoIdentityProviders](#API_CreateIdentityPool_ResponseSyntax) **
A list representing an Amazon Cognito user pool and its client ID.
Type: Array of [CognitoIdentityProvider](API_CognitoIdentityProvider.md) objects
** [DeveloperProviderName](#API_CreateIdentityPool_ResponseSyntax) **
The "domain" by which Cognito will refer to your users.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w._-]+`
** [IdentityPoolId](#API_CreateIdentityPool_ResponseSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [IdentityPoolName](#API_CreateIdentityPool_ResponseSyntax) **
A string that you provide.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w\s+=,.@-]+`
** [IdentityPoolTags](#API_CreateIdentityPool_ResponseSyntax) **
The tags that are assigned to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 0. Maximum length of 256.
** [OpenIdConnectProviderARNs](#API_CreateIdentityPool_ResponseSyntax) **
The ARNs of the OpenID Connect providers.
Type: Array of strings
Length Constraints: Minimum length of 20. Maximum length of 2048.
** [SamlProviderARNs](#API_CreateIdentityPool_ResponseSyntax) **
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
Type: Array of strings
Length Constraints: Minimum length of 20. Maximum length of 2048.
** [SupportedLoginProviders](#API_CreateIdentityPool_ResponseSyntax) **
Optional key:value pairs mapping provider names to provider app IDs.
Type: String to string map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 128.
Value Pattern: `[\w.;_/-]+`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** LimitExceededException **
Thrown when the total number of user pools has exceeded a preset limit.
** message **
The message returned by a LimitExceededException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## Examples
### CreateIdentityPool
The following examples show a request and response for `CreateIdentityPool`. The request and response bodies have been edited for readability and may not match the stated `Content-Length` values. Note: For the key "api.twitter.com" and "www.digits.com" the value to be set in the dictionary is a concatenation of the consumer key and consumer secret strings separated by a semicolon.
#### Sample Request
```
POST / HTTP/1.1
CONTENT-TYPE: application/json
CONTENT-LENGTH: 369
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.CreateIdentityPool
HOST:
X-AMZ-DATE: 20140804T205551Z
AUTHORIZATION: AWS4-HMAC-SHA256 Credential=, SignedHeaders=content-type;content-length;host;x-amz-date;x-amz-target, Signature=
{
"IdentityPoolName": "MyIdentityPool",
"AllowUnauthenticatedIdentities": true,
"SupportedLoginProviders":
{
"graph.facebook.com": "7346241598935555",
"accounts.google.com": "123456789012.apps.googleusercontent.com",
"www.amazon.com": "amzn1.application-oa2-client.188a56d827a7d6555a8b67a5d",
"api.twitter.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw",
"www.digits.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw"
}
}
```
#### Sample Response
```
1.1 200 OK
x-amzn-requestid: 15cc73a1-0780-460c-91e8-e12ef034e116
date: Mon, 04 Aug 2014 20:55:52 GMT
content-type: application/json
content-length: 1091
{
"AllowUnauthenticatedIdentities": true,
"IdentityPoolId": "us-east-1:1cf667a2-49a6-454b-9e45-23199EXAMPLE",
"IdentityPoolName": "MyIdentityPool",
"SupportedLoginProviders":
{
"accounts.google.com": "123456789012.apps.googleusercontent.com",
"graph.facebook.com": "7346241598935555",
"www.amazon.com": "amzn1.application-oa2-client.188a56d827a7d6555a8b67a5d",
"api.twitter.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw",
"www.digits.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw"
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/CreateIdentityPool)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/CreateIdentityPool)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/CreateIdentityPool)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/CreateIdentityPool)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/CreateIdentityPool)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/CreateIdentityPool)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/CreateIdentityPool)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/CreateIdentityPool)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/CreateIdentityPool)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/CreateIdentityPool)
# DeleteIdentities
Deletes identities from an identity pool. You can specify a list of 1-60 identities that you want to delete.
You must use AWS developer credentials to call this operation.
## Request Syntax
```
{
"IdentityIdsToDelete": [ "string" ]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityIdsToDelete](#API_DeleteIdentities_RequestSyntax) **
A list of 1-60 identities that you want to delete.
Type: Array of strings
Array Members: Minimum number of 1 item. Maximum number of 60 items.
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
## Response Syntax
```
{
"UnprocessedIdentityIds": [
{
"ErrorCode": "string",
"IdentityId": "string"
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [UnprocessedIdentityIds](#API_DeleteIdentities_ResponseSyntax) **
An array of UnprocessedIdentityId objects, each of which contains an ErrorCode and IdentityId.
Type: Array of [UnprocessedIdentityId](API_UnprocessedIdentityId.md) objects
Array Members: Maximum number of 60 items.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/DeleteIdentities)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/DeleteIdentities)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/DeleteIdentities)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/DeleteIdentities)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/DeleteIdentities)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/DeleteIdentities)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/DeleteIdentities)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/DeleteIdentities)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/DeleteIdentities)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/DeleteIdentities)
# DeleteIdentityPool
Deletes an identity pool. Once a pool is deleted, users will not be able to authenticate with the pool.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"IdentityPoolId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityPoolId](#API_DeleteIdentityPool_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
## Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## Examples
### DeleteIdentityPool
The following is an example of a `DeleteIdentityPool` request. The request body has been formatted for readability and may not match the `content-length` value.
#### Sample Request
```
POST / HTTP/1.1
CONTENT-TYPE: application/json
CONTENT-LENGTH: 222
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.DeleteIdentityPool
HOST:
X-AMZ-DATE: 20140804T214319Z
AUTHORIZATION: AWS4-HMAC-SHA256 Credential=, SignedHeaders=content-type;content-length;host;x-amz-date;x-amz-target, Signature=
{
"IdentityPoolId": "us-east-1:177a950c-2c08-43f0-9983-28727EXAMPLE"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/DeleteIdentityPool)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/DeleteIdentityPool)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/DeleteIdentityPool)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/DeleteIdentityPool)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/DeleteIdentityPool)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/DeleteIdentityPool)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/DeleteIdentityPool)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/DeleteIdentityPool)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/DeleteIdentityPool)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/DeleteIdentityPool)
# DescribeIdentity
Returns metadata related to the given identity, including when the identity was created and any associated linked logins.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"IdentityId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityId](#API_DescribeIdentity_RequestSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
## Response Syntax
```
{
"CreationDate": number,
"IdentityId": "string",
"LastModifiedDate": number,
"Logins": [ "string" ]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [CreationDate](#API_DescribeIdentity_ResponseSyntax) **
Date on which the identity was created.
Type: Timestamp
** [IdentityId](#API_DescribeIdentity_ResponseSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [LastModifiedDate](#API_DescribeIdentity_ResponseSyntax) **
Date on which the identity was last modified.
Type: Timestamp
** [Logins](#API_DescribeIdentity_ResponseSyntax) **
The provider names.
Type: Array of strings
Length Constraints: Minimum length of 1. Maximum length of 128.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/DescribeIdentity)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/DescribeIdentity)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/DescribeIdentity)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/DescribeIdentity)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/DescribeIdentity)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/DescribeIdentity)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/DescribeIdentity)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/DescribeIdentity)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/DescribeIdentity)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/DescribeIdentity)
# DescribeIdentityPool
Gets details about the requested identity pool, including pool name and ID, description, tags, and identity provviders.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"IdentityPoolId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityPoolId](#API_DescribeIdentityPool_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
## Response Syntax
```
{
"AllowClassicFlow": boolean,
"AllowUnauthenticatedIdentities": boolean,
"CognitoIdentityProviders": [
{
"ClientId": "string",
"ProviderName": "string",
"ServerSideTokenCheck": boolean
}
],
"DeveloperProviderName": "string",
"IdentityPoolId": "string",
"IdentityPoolName": "string",
"IdentityPoolTags": {
"string" : "string"
},
"OpenIdConnectProviderARNs": [ "string" ],
"SamlProviderARNs": [ "string" ],
"SupportedLoginProviders": {
"string" : "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [AllowClassicFlow](#API_DescribeIdentityPool_ResponseSyntax) **
Enables or disables the Basic (Classic) authentication flow. For more information, see [Identity Pools (Federated Identities) Authentication Flow](https://docs.aws.amazon.com/cognito/latest/developerguide/authentication-flow.html) in the *Amazon Cognito Developer Guide*.
Type: Boolean
** [AllowUnauthenticatedIdentities](#API_DescribeIdentityPool_ResponseSyntax) **
TRUE if the identity pool supports unauthenticated logins.
Type: Boolean
** [CognitoIdentityProviders](#API_DescribeIdentityPool_ResponseSyntax) **
A list representing an Amazon Cognito user pool and its client ID.
Type: Array of [CognitoIdentityProvider](API_CognitoIdentityProvider.md) objects
** [DeveloperProviderName](#API_DescribeIdentityPool_ResponseSyntax) **
The "domain" by which Cognito will refer to your users.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w._-]+`
** [IdentityPoolId](#API_DescribeIdentityPool_ResponseSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [IdentityPoolName](#API_DescribeIdentityPool_ResponseSyntax) **
A string that you provide.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w\s+=,.@-]+`
** [IdentityPoolTags](#API_DescribeIdentityPool_ResponseSyntax) **
The tags that are assigned to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 0. Maximum length of 256.
** [OpenIdConnectProviderARNs](#API_DescribeIdentityPool_ResponseSyntax) **
The ARNs of the OpenID Connect providers.
Type: Array of strings
Length Constraints: Minimum length of 20. Maximum length of 2048.
** [SamlProviderARNs](#API_DescribeIdentityPool_ResponseSyntax) **
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
Type: Array of strings
Length Constraints: Minimum length of 20. Maximum length of 2048.
** [SupportedLoginProviders](#API_DescribeIdentityPool_ResponseSyntax) **
Optional key:value pairs mapping provider names to provider app IDs.
Type: String to string map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 128.
Value Pattern: `[\w.;_/-]+`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## Examples
### DescribeIdentityPool
The following examples show a request and response for the `DescribeIdentityPool` operation. The request and response bodies have been edited for readability and may not match the stated `content-length` values.
#### Sample Request
```
POST / HTTP/1.1
CONTENT-TYPE: application/json
CONTENT-LENGTH: 224
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.DescribeIdentityPool
HOST:
X-AMZ-DATE: 20140804T203833Z
AUTHORIZATION: AWS4-HMAC-SHA256 Credential=, SignedHeaders=content-type;content-length;host;x-amz-date;x-amz-target, Signature=
{
"IdentityPoolId": "us-east-1:177a950c-2c08-43f0-9983-28727EXAMPLE"
}
```
#### Sample Response
```
1.1 200 OK
x-amzn-requestid: c5cc0ad5-c604-455a-87ee-cb830b22341a
date: Mon, 04 Aug 2014 20:38:33 GMT
content-type: application/json
content-length: 367
{
"AllowUnauthenticatedIdentities": true,
"IdentityPoolId": "us-east-1:177a950c-2c08-43f0-9983-28727EXAMPLE",
"IdentityPoolName": "MyIdentityPool",
"SupportedLoginProviders":
{
"accounts.google.com": "123456789012.apps.googleusercontent.com",
"graph.facebook.com": "7346241598935555",
"www.amazon.com": "amzn1.application-oa2-client.188a56d827a7d6555a8b67a5d"
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/DescribeIdentityPool)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/DescribeIdentityPool)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/DescribeIdentityPool)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/DescribeIdentityPool)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/DescribeIdentityPool)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/DescribeIdentityPool)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/DescribeIdentityPool)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/DescribeIdentityPool)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/DescribeIdentityPool)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/DescribeIdentityPool)
# GetCredentialsForIdentity
Returns credentials for the provided identity ID. Any provided logins will be validated against supported login providers. If the token is for `cognito-identity.amazonaws.com`, it will be passed through to AWS Security Token Service with the appropriate role for the token.
This is the final operation in the sequence for developer-authenticated identities and identities from external IdPs in the enhanced authentication flow. This operation issues credentials for the default authenticated role to developer-authenticated identities. For identities from external IdPs, this operation issues credentials for a role chosen from token role claims, the default role, or from claim-matching rules, depending on the configuration of the IdP.
**Note**
Amazon Cognito doesn't evaluate AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies.
## Request Syntax
```
{
"CustomRoleArn": "string",
"IdentityId": "string",
"Logins": {
"string" : "string"
}
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [CustomRoleArn](#API_GetCredentialsForIdentity_RequestSyntax) **
When the token or SAML assertion from your identity provider contains multiple IAM role claims, this optional parameter provides the ARN of the preferred role that you want to request for the current user.
Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: No
** [IdentityId](#API_GetCredentialsForIdentity_RequestSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [Logins](#API_GetCredentialsForIdentity_RequestSyntax) **
A set of optional name-value pairs that map provider names to provider tokens. The name-value pair will follow the syntax "provider\$1name": "provider\$1user\$1identifier".
Logins should not be specified when trying to get credentials for an unauthenticated identity.
The Logins parameter is required when using identities associated with external identity providers such as Facebook. For examples of `Logins` maps, see the code examples in the [External Identity Providers](https://docs.aws.amazon.com/cognito/latest/developerguide/external-identity-providers.html) section of the Amazon Cognito Developer Guide.
Type: String to string map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 50000.
Required: No
## Response Syntax
```
{
"Credentials": {
"AccessKeyId": "string",
"Expiration": number,
"SecretKey": "string",
"SessionToken": "string"
},
"IdentityId": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [Credentials](#API_GetCredentialsForIdentity_ResponseSyntax) **
Credentials for the provided identity ID.
Type: [Credentials](API_Credentials.md) object
** [IdentityId](#API_GetCredentialsForIdentity_ResponseSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ExternalServiceException **
An exception thrown when a dependent service such as Facebook or Twitter is not responding
** message **
The message returned by an ExternalServiceException
HTTP Status Code: 400
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidIdentityPoolConfigurationException **
If you provided authentication information in the request, the identity pool has no authenticated role configured, or AWS STS returned an error response to the request to assume the authenticated role from the identity pool. If you provided no authentication information in the request, the identity pool has no unauthenticated role configured, or AWS STS returned an error response to the request to assume the unauthenticated role from the identity pool.
Your role trust policy must grant `AssumeRoleWithWebIdentity` permissions to `cognito-identity.amazonaws.com`.
** message **
The message returned for an `InvalidIdentityPoolConfigurationException`
HTTP Status Code: 400
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## Examples
### GetCredentialsForIdentity
The following example shows a `GetCredentialsForIdentity` request.
#### Sample Request
```
POST / HTTP/1.1
CONTENT-TYPE: application/x-amz-json-1.1
CONTENT-LENGTH: 250
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.GetCredentialsForIdentity
HOST:
X-AMZ-DATE: 20151020T232759Z
{
"IdentityId":"us-east-1:88b5cc2c-c8c4-4932-a4e5-fc85EXAMPLE"
}
```
#### Sample Response
```
1.1 200 OK
content-length: 1168,
content-type: application/x-amz-json-1.1,
date: Mon, 21 Sep 2015 22:38:52 GMT,
x-amzn-requestid: 8906cbc7-60b1-11e5-9f63-1bfexample,
{
"Credentials":{
"SecretKey":"2gZ8QJQqkAHBzebQmghavFAfgmYpKWRqexample",
"SessionToken":"AQoDYXdzEMf//////////wEasAWDYyZbsv2CTPExziDyYEXAMPLE",
"Expiration":1442877512.0,
"AccessKeyId":"ASIAJIOA37R6EXAMPLE"
},
"IdentityId":"us-east-1:88b5cc2c-c8c4-4932-a4e5-fc85EXAMPLE"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/GetCredentialsForIdentity)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/GetCredentialsForIdentity)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/GetCredentialsForIdentity)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/GetCredentialsForIdentity)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/GetCredentialsForIdentity)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/GetCredentialsForIdentity)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/GetCredentialsForIdentity)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/GetCredentialsForIdentity)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/GetCredentialsForIdentity)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/GetCredentialsForIdentity)
# GetId
Generates (or retrieves) IdentityID. Supplying multiple logins will create an implicit linked account.
This is a public API. You do not need any credentials to call this API.
## Request Syntax
```
{
"AccountId": "string",
"IdentityPoolId": "string",
"Logins": {
"string" : "string"
}
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [AccountId](#API_GetId_RequestSyntax) **
A standard AWS account ID (9\$1 digits).
Type: String
Length Constraints: Minimum length of 1. Maximum length of 15.
Pattern: `\d+`
Required: No
** [IdentityPoolId](#API_GetId_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [Logins](#API_GetId_RequestSyntax) **
A set of optional name-value pairs that map provider names to provider tokens. The available provider names for `Logins` are as follows:
+ Facebook: `graph.facebook.com`
+ Amazon Cognito user pool: `cognito-idp..amazonaws.com/`, for example, `cognito-idp.us-east-1.amazonaws.com/us-east-1_123456789`.
+ Google: `accounts.google.com`
+ Amazon: `www.amazon.com`
+ Twitter: `api.twitter.com`
+ Digits: `www.digits.com`
Type: String to string map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 50000.
Required: No
## Response Syntax
```
{
"IdentityId": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [IdentityId](#API_GetId_ResponseSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ExternalServiceException **
An exception thrown when a dependent service such as Facebook or Twitter is not responding
** message **
The message returned by an ExternalServiceException
HTTP Status Code: 400
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** LimitExceededException **
Thrown when the total number of user pools has exceeded a preset limit.
** message **
The message returned by a LimitExceededException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## Examples
### GetId
The following example shows a `GetId` request for an unauthenticated identity. The request body has been edited for readability and may not match the stated `content-length`.
#### Sample Request
```
POST / HTTP/1.1
CONTENT-TYPE: application/x-amz-json-1.1
CONTENT-LENGTH: 252
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.GetId
HOST:
X-AMZ-DATE: 20140730T232759Z
{
"AccountId": "123456789012",
"IdentityPoolId": "us-east-1:177a950c-2c08-43f0-9983-28727EXAMPLE"
}
```
#### Sample Response
```
1.1 200 OK
x-amzn-requestid: ff1ca798-b930-4b81-9ef3-c02e770188af
date: Mon, 04 Aug 2014 22:03:36 GMT
CONTENT-TYPE: application/x-amz-json-1.1
content-length: 152
{
"IdentityId": "us-east-1:88859bc9-0149-4183-bf10-39e36EXAMPLE"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/GetId)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/GetId)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/GetId)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/GetId)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/GetId)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/GetId)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/GetId)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/GetId)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/GetId)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/GetId)
# GetIdentityPoolRoles
Gets the roles for an identity pool.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"IdentityPoolId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityPoolId](#API_GetIdentityPoolRoles_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
## Response Syntax
```
{
"IdentityPoolId": "string",
"RoleMappings": {
"string" : {
"AmbiguousRoleResolution": "string",
"RulesConfiguration": {
"Rules": [
{
"Claim": "string",
"MatchType": "string",
"RoleARN": "string",
"Value": "string"
}
]
},
"Type": "string"
}
},
"Roles": {
"string" : "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [IdentityPoolId](#API_GetIdentityPoolRoles_ResponseSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [RoleMappings](#API_GetIdentityPoolRoles_ResponseSyntax) **
How users for a specific identity provider are to mapped to roles. This is a String-to-[RoleMapping](API_RoleMapping.md) object map. The string identifies the identity provider, for example, `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id`.
Type: String to [RoleMapping](API_RoleMapping.md) object map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
** [Roles](#API_GetIdentityPoolRoles_ResponseSyntax) **
The map of roles associated with this pool. Currently only authenticated and unauthenticated roles are supported.
Type: String to string map
Map Entries: Maximum number of 2 items.
Key Pattern: `(un)?authenticated`
Value Length Constraints: Minimum length of 20. Maximum length of 2048.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/GetIdentityPoolRoles)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/GetIdentityPoolRoles)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/GetIdentityPoolRoles)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/GetIdentityPoolRoles)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/GetIdentityPoolRoles)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/GetIdentityPoolRoles)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/GetIdentityPoolRoles)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/GetIdentityPoolRoles)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/GetIdentityPoolRoles)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/GetIdentityPoolRoles)
# GetOpenIdToken
Gets an OpenID token, using a known Cognito ID. This known Cognito ID is returned by [GetId](API_GetId.md). You can optionally add additional logins for the identity. Supplying multiple logins creates an implicit link.
The OpenID token is valid for 10 minutes.
This is a public API. You do not need any credentials to call this API.
## Request Syntax
```
{
"IdentityId": "string",
"Logins": {
"string" : "string"
}
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityId](#API_GetOpenIdToken_RequestSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [Logins](#API_GetOpenIdToken_RequestSyntax) **
A set of optional name-value pairs that map provider names to provider tokens. When using graph.facebook.com and www.amazon.com, supply the access\$1token returned from the provider's authflow. For accounts.google.com, an Amazon Cognito user pool provider, or any other OpenID Connect provider, always include the `id_token`.
Type: String to string map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 50000.
Required: No
## Response Syntax
```
{
"IdentityId": "string",
"Token": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [IdentityId](#API_GetOpenIdToken_ResponseSyntax) **
A unique identifier in the format REGION:GUID. Note that the IdentityId returned may not match the one passed on input.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [Token](#API_GetOpenIdToken_ResponseSyntax) **
An OpenID token, valid for 10 minutes.
Type: String
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ExternalServiceException **
An exception thrown when a dependent service such as Facebook or Twitter is not responding
** message **
The message returned by an ExternalServiceException
HTTP Status Code: 400
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## Examples
### GetOpenIdToken
The following examples show a GetOpenIdToken request and response, without the optional login values.
#### Sample Request
```
POST / HTTP/1.1
CONTENT-TYPE: application/x-amz-json-1.1
CONTENT-LENGTH: 214
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.GetOpenIdToken
HOST:
X-AMZ-DATE: 20140804T220736Z
{
"IdentityId": "us-east-1:88859bc9-0149-4183-bf10-39e36EXAMPLE"
}
```
#### Sample Response
```
1.1 200 OK
x-amzn-requestid: 552b7593-5b83-47d5-ab25-65d3cd31d823
date: Mon, 04 Aug 2014 22:07:37 GMT
CONTENT-TYPE: application/x-amz-json-1.1
content-length: 892
{
"IdentityId": "us-east-1:88859bc9-0149-4183-bf10-39e36EXAMPLE",
"Token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXUyIsImtpZCI6InVzLWVhc3QtMTEifQ.eyJleHAiOjE0MDcxOTA2NTcsInN1YiI6InVzLWVhc3QtMTo4ODg1OWJjOS0wMTQ5LTQxODMtYmYxMC0zOWUzNjY5OTBiMmUiLCJhdWQiOiJ1cy1lYXN0LTE6MWNmNjY3YTItNDlhNi00NTRiLTllNDUtMjMxOTkwMzUxYTMxIiwiaXNzIjoiaHR0cHM6Ly9hd3MtY29nbml0by1pZGVudGl0eS1wdWJsaWMtcGR4LWJldGEuYW1hem9uLmNvbSIsImlhdCI6MTQwNzE5MDA1NywiYW1yIjpbInVuYXV0aGVudGljYXRlZCJdfQ.eYNoTEXndsGk5RAatIOEekNKM1JtL3-C9A6qWcnK2u5fvNsiiSDqWDLtziX6qnnoZXszBmwsIiklYs9J07I-2bCfcRA8PeW6g_br2I9lGuXB_nW_c-CnBNS1xnJhR9QGunQwZklXhDr-ifCCBQgcbMd5mIz_ulurTmmPyIfoJFRZIFNhPLPlOiUjnprDLISe34WkRBTDlsAqCE0VCi3FBXJijQ4D3yUQDxacEoBXMZnTBk_fjKS4GmGAD_GsDIM6PbQMc6xvDhltmcjv3ycBir2CPv2otNtboJvd9HnxcV6sxZrf2ATANaJbMJlu00kbzqkxFyDioIWJkyPEXAMPLE"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/GetOpenIdToken)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/GetOpenIdToken)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/GetOpenIdToken)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/GetOpenIdToken)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/GetOpenIdToken)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/GetOpenIdToken)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/GetOpenIdToken)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/GetOpenIdToken)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/GetOpenIdToken)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/GetOpenIdToken)
# GetOpenIdTokenForDeveloperIdentity
Registers (or retrieves) a Cognito `IdentityId` and an OpenID Connect token for a user authenticated by your backend authentication process. Supplying multiple logins will create an implicit linked account. You can only specify one developer provider as part of the `Logins` map, which is linked to the identity pool. The developer provider is the "domain" by which Cognito will refer to your users.
You can use `GetOpenIdTokenForDeveloperIdentity` to create a new identity and to link new logins (that is, user credentials issued by a public provider or developer provider) to an existing identity. When you want to create a new identity, the `IdentityId` should be null. When you want to associate a new login with an existing authenticated/unauthenticated identity, you can do so by providing the existing `IdentityId`. This API will create the identity in the specified `IdentityPoolId`.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"IdentityId": "string",
"IdentityPoolId": "string",
"Logins": {
"string" : "string"
},
"PrincipalTags": {
"string" : "string"
},
"TokenDuration": number
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityId](#API_GetOpenIdTokenForDeveloperIdentity_RequestSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: No
** [IdentityPoolId](#API_GetOpenIdTokenForDeveloperIdentity_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [Logins](#API_GetOpenIdTokenForDeveloperIdentity_RequestSyntax) **
A set of optional name-value pairs that map provider names to provider tokens. Each name-value pair represents a user from a public provider or developer provider. If the user is from a developer provider, the name-value pair will follow the syntax `"developer_provider_name": "developer_user_identifier"`. The developer provider is the "domain" by which Cognito will refer to your users; you provided this domain while creating/updating the identity pool. The developer user identifier is an identifier from your backend that uniquely identifies a user. When you create an identity pool, you can specify the supported logins.
Type: String to string map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 50000.
Required: Yes
** [PrincipalTags](#API_GetOpenIdTokenForDeveloperIdentity_RequestSyntax) **
This operation configures attribute mappings for custom providers.
Type: String to string map
Map Entries: Maximum number of 50 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 256.
Required: No
** [TokenDuration](#API_GetOpenIdTokenForDeveloperIdentity_RequestSyntax) **
The expiration time of the token, in seconds. You can specify a custom expiration time for the token so that you can cache it. If you don't provide an expiration time, the token is valid for 15 minutes. You can exchange the token with Amazon STS for temporary AWS credentials, which are valid for a maximum of one hour. The maximum token duration you can set is 24 hours. You should take care in setting the expiration time for a token, as there are significant security implications: an attacker could use a leaked token to access your AWS resources for the token's duration.
Please provide for a small grace period, usually no more than 5 minutes, to account for clock skew.
Type: Long
Valid Range: Minimum value of 1. Maximum value of 86400.
Required: No
## Response Syntax
```
{
"IdentityId": "string",
"Token": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [IdentityId](#API_GetOpenIdTokenForDeveloperIdentity_ResponseSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [Token](#API_GetOpenIdTokenForDeveloperIdentity_ResponseSyntax) **
An OpenID token.
Type: String
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** DeveloperUserAlreadyRegisteredException **
The provided developer user identifier is already registered with Cognito under a different identity ID.
** message **
This developer user identifier is already registered with Cognito.
HTTP Status Code: 400
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/GetOpenIdTokenForDeveloperIdentity)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/GetOpenIdTokenForDeveloperIdentity)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/GetOpenIdTokenForDeveloperIdentity)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/GetOpenIdTokenForDeveloperIdentity)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/GetOpenIdTokenForDeveloperIdentity)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/GetOpenIdTokenForDeveloperIdentity)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/GetOpenIdTokenForDeveloperIdentity)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/GetOpenIdTokenForDeveloperIdentity)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/GetOpenIdTokenForDeveloperIdentity)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/GetOpenIdTokenForDeveloperIdentity)
# GetPrincipalTagAttributeMap
Use `GetPrincipalTagAttributeMap` to list all mappings between `PrincipalTags` and user attributes.
## Request Syntax
```
{
"IdentityPoolId": "string",
"IdentityProviderName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityPoolId](#API_GetPrincipalTagAttributeMap_RequestSyntax) **
You can use this operation to get the ID of the Identity Pool you setup attribute mappings for.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [IdentityProviderName](#API_GetPrincipalTagAttributeMap_RequestSyntax) **
You can use this operation to get the provider name.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Required: Yes
## Response Syntax
```
{
"IdentityPoolId": "string",
"IdentityProviderName": "string",
"PrincipalTags": {
"string" : "string"
},
"UseDefaults": boolean
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [IdentityPoolId](#API_GetPrincipalTagAttributeMap_ResponseSyntax) **
You can use this operation to get the ID of the Identity Pool you setup attribute mappings for.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [IdentityProviderName](#API_GetPrincipalTagAttributeMap_ResponseSyntax) **
You can use this operation to get the provider name.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
** [PrincipalTags](#API_GetPrincipalTagAttributeMap_ResponseSyntax) **
You can use this operation to add principal tags. The `PrincipalTags`operation enables you to reference user attributes in your IAM permissions policy.
Type: String to string map
Map Entries: Maximum number of 50 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 256.
** [UseDefaults](#API_GetPrincipalTagAttributeMap_ResponseSyntax) **
You can use this operation to list
Type: Boolean
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/GetPrincipalTagAttributeMap)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/GetPrincipalTagAttributeMap)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/GetPrincipalTagAttributeMap)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/GetPrincipalTagAttributeMap)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/GetPrincipalTagAttributeMap)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/GetPrincipalTagAttributeMap)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/GetPrincipalTagAttributeMap)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/GetPrincipalTagAttributeMap)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/GetPrincipalTagAttributeMap)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/GetPrincipalTagAttributeMap)
# ListIdentities
Lists the identities in an identity pool.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"HideDisabled": boolean,
"IdentityPoolId": "string",
"MaxResults": number,
"NextToken": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [HideDisabled](#API_ListIdentities_RequestSyntax) **
An optional boolean parameter that allows you to hide disabled identities. If omitted, the ListIdentities API will include disabled identities in the response.
Type: Boolean
Required: No
** [IdentityPoolId](#API_ListIdentities_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [MaxResults](#API_ListIdentities_RequestSyntax) **
The maximum number of identities to return.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 60.
Required: Yes
** [NextToken](#API_ListIdentities_RequestSyntax) **
A pagination token.
Type: String
Length Constraints: Minimum length of 1.
Pattern: `[\S]+`
Required: No
## Response Syntax
```
{
"Identities": [
{
"CreationDate": number,
"IdentityId": "string",
"LastModifiedDate": number,
"Logins": [ "string" ]
}
],
"IdentityPoolId": "string",
"NextToken": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [Identities](#API_ListIdentities_ResponseSyntax) **
An object containing a set of identities and associated mappings.
Type: Array of [IdentityDescription](API_IdentityDescription.md) objects
** [IdentityPoolId](#API_ListIdentities_ResponseSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [NextToken](#API_ListIdentities_ResponseSyntax) **
A pagination token.
Type: String
Length Constraints: Minimum length of 1.
Pattern: `[\S]+`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## Examples
### ListIdentities
The following examples show a request and a response for the `ListIdentities` action. The request and response bodies have been formatted for readability and may not match the `content-length` value.
#### Sample Request
```
POST / HTTP/1.1
CONTENT-TYPE: application/json
CONTENT-LENGTH: 234
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.ListIdentities
HOST:
X-AMZ-DATE: 20140805T162253Z
AUTHORIZATION: AWS4-HMAC-SHA256 Credential=, SignedHeaders=content-type;content-length;host;x-amz-date;x-amz-target, Signature=
{
"IdentityPoolId": "us-east-1:509f9747-5b5d-484e-a2d7-74fcba108147",
"MaxResults": 10
}
```
#### Sample Response
```
1.1 200 OK
x-amzn-requestid: 75dbdfc0-29a2-4177-98e5-602c8f2c21eb
date: Tue, 05 Aug 2014 16:22:54 GMT
content-type: application/json
content-length: 353
{
"Identities": [
{
"IdentityId": "us-east-1:1eeb6443-3fbc-4d3f-a96c-28ff0EXAMPLE",
"Logins": null
},
{
"IdentityId": "us-east-1:6820d0d3-3c95-4d9f-8813-c4448EXAMPLE",
"Logins": null
}],
"IdentityPoolId": "us-east-1:509f9747-5b5d-484e-a2d7-74fcbEXAMPLE",
"NextToken": null
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/ListIdentities)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/ListIdentities)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/ListIdentities)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/ListIdentities)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/ListIdentities)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/ListIdentities)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/ListIdentities)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/ListIdentities)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/ListIdentities)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/ListIdentities)
# ListIdentityPools
Lists all of the Cognito identity pools registered for your account.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"MaxResults": number,
"NextToken": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [MaxResults](#API_ListIdentityPools_RequestSyntax) **
The maximum number of identities to return.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 60.
Required: Yes
** [NextToken](#API_ListIdentityPools_RequestSyntax) **
A pagination token.
Type: String
Length Constraints: Minimum length of 1.
Pattern: `[\S]+`
Required: No
## Response Syntax
```
{
"IdentityPools": [
{
"IdentityPoolId": "string",
"IdentityPoolName": "string"
}
],
"NextToken": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [IdentityPools](#API_ListIdentityPools_ResponseSyntax) **
The identity pools returned by the ListIdentityPools action.
Type: Array of [IdentityPoolShortDescription](API_IdentityPoolShortDescription.md) objects
** [NextToken](#API_ListIdentityPools_ResponseSyntax) **
A pagination token.
Type: String
Length Constraints: Minimum length of 1.
Pattern: `[\S]+`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## Examples
### ListIdentityPools
The following examples show a request and a response for a `ListIdentityPools` operation. The request and response bodies have been edited for readability and may not match the stated `content-length` values.
#### Sample Request
```
POST / HTTP/1.1
CONTENT-TYPE: application/json
CONTENT-LENGTH: 171
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.ListIdentityPools
HOST:
X-AMZ-DATE: 20140804T193802Z
AUTHORIZATION: AWS4-HMAC-SHA256 Credential=, SignedHeaders=content-type;content-length;host;x-amz-date;x-amz-target, Signature=
{
"MaxResults": 3
}
```
#### Sample Response
```
1.1 200 OK
x-amzn-requestid: 84423a7a-4db8-437f-9dfa-f60aacc0f85f
date: Mon, 04 Aug 2014 19:38:03 GMT
content-type: application/json
content-length: 521
{
"IdentityPools": [
{
"IdentityPoolId": "us-east-1:0248e249-21e7-495a-9dd5-b2444EXAMPLE",
"IdentityPoolName": "MyIdentityPool1"
},
{
"IdentityPoolId": "us-east-1:04507bc2-9e14-4d1b-8cbf-b6f51EXAMPLE",
"IdentityPoolName": "MyIdentityPool2"
},
{
"IdentityPoolId": "us-east-1:177a950c-2c08-43f0-9983-28727EXAMPLE",
"IdentityPoolName": "MyIdentityPool3"li
}],
"NextToken": "dXMtZWFzdC0xOjE3N2E5NTBjLTJjMDgtNDNmMC05OTgzLTI4NzI3YjQ0N2Y4MA=="
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/ListIdentityPools)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/ListIdentityPools)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/ListIdentityPools)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/ListIdentityPools)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/ListIdentityPools)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/ListIdentityPools)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/ListIdentityPools)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/ListIdentityPools)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/ListIdentityPools)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/ListIdentityPools)
# ListTagsForResource
Lists the tags that are assigned to an Amazon Cognito identity pool.
A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
You can use this action up to 10 times per second, per account.
## Request Syntax
```
{
"ResourceArn": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [ResourceArn](#API_ListTagsForResource_RequestSyntax) **
The Amazon Resource Name (ARN) of the identity pool that the tags are assigned to.
Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: Yes
## Response Syntax
```
{
"Tags": {
"string" : "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [Tags](#API_ListTagsForResource_ResponseSyntax) **
The tags that are assigned to the identity pool.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 0. Maximum length of 256.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/ListTagsForResource)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/ListTagsForResource)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/ListTagsForResource)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/ListTagsForResource)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/ListTagsForResource)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/ListTagsForResource)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/ListTagsForResource)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/ListTagsForResource)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/ListTagsForResource)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/ListTagsForResource)
# LookupDeveloperIdentity
Retrieves the `IdentityID` associated with a `DeveloperUserIdentifier` or the list of `DeveloperUserIdentifier` values associated with an `IdentityId` for an existing identity. Either `IdentityID` or `DeveloperUserIdentifier` must not be null. If you supply only one of these values, the other value will be searched in the database and returned as a part of the response. If you supply both, `DeveloperUserIdentifier` will be matched against `IdentityID`. If the values are verified against the database, the response returns both values and is the same as the request. Otherwise, a `ResourceConflictException` is thrown.
`LookupDeveloperIdentity` is intended for low-throughput control plane operations: for example, to enable customer service to locate an identity ID by username. If you are using it for higher-volume operations such as user authentication, your requests are likely to be throttled. [GetOpenIdTokenForDeveloperIdentity](API_GetOpenIdTokenForDeveloperIdentity.md) is a better option for higher-volume operations for user authentication.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"DeveloperUserIdentifier": "string",
"IdentityId": "string",
"IdentityPoolId": "string",
"MaxResults": number,
"NextToken": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [DeveloperUserIdentifier](#API_LookupDeveloperIdentity_RequestSyntax) **
A unique ID used by your backend authentication process to identify a user. Typically, a developer identity provider would issue many developer user identifiers, in keeping with the number of users.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 1024.
Required: No
** [IdentityId](#API_LookupDeveloperIdentity_RequestSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: No
** [IdentityPoolId](#API_LookupDeveloperIdentity_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [MaxResults](#API_LookupDeveloperIdentity_RequestSyntax) **
The maximum number of identities to return.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 60.
Required: No
** [NextToken](#API_LookupDeveloperIdentity_RequestSyntax) **
A pagination token. The first call you make will have `NextToken` set to null. After that the service will return `NextToken` values as needed. For example, let's say you make a request with `MaxResults` set to 10, and there are 20 matches in the database. The service will return a pagination token as a part of the response. This token can be used to call the API again and get results starting from the 11th match.
Type: String
Length Constraints: Minimum length of 1.
Pattern: `[\S]+`
Required: No
## Response Syntax
```
{
"DeveloperUserIdentifierList": [ "string" ],
"IdentityId": "string",
"NextToken": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [DeveloperUserIdentifierList](#API_LookupDeveloperIdentity_ResponseSyntax) **
This is the list of developer user identifiers associated with an identity ID. Cognito supports the association of multiple developer user identifiers with an identity ID.
Type: Array of strings
Length Constraints: Minimum length of 1. Maximum length of 1024.
** [IdentityId](#API_LookupDeveloperIdentity_ResponseSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [NextToken](#API_LookupDeveloperIdentity_ResponseSyntax) **
A pagination token. The first call you make will have `NextToken` set to null. After that the service will return `NextToken` values as needed. For example, let's say you make a request with `MaxResults` set to 10, and there are 20 matches in the database. The service will return a pagination token as a part of the response. This token can be used to call the API again and get results starting from the 11th match.
Type: String
Length Constraints: Minimum length of 1.
Pattern: `[\S]+`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/LookupDeveloperIdentity)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/LookupDeveloperIdentity)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/LookupDeveloperIdentity)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/LookupDeveloperIdentity)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/LookupDeveloperIdentity)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/LookupDeveloperIdentity)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/LookupDeveloperIdentity)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/LookupDeveloperIdentity)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/LookupDeveloperIdentity)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/LookupDeveloperIdentity)
# MergeDeveloperIdentities
Merges two users having different `IdentityId`s, existing in the same identity pool, and identified by the same developer provider. You can use this action to request that discrete users be merged and identified as a single user in the Cognito environment. Cognito associates the given source user (`SourceUserIdentifier`) with the `IdentityId` of the `DestinationUserIdentifier`. Only developer-authenticated users can be merged. If the users to be merged are associated with the same public provider, but as two different users, an exception will be thrown.
The number of linked logins is limited to 20. So, the number of linked logins for the source user, `SourceUserIdentifier`, and the destination user, `DestinationUserIdentifier`, together should not be larger than 20. Otherwise, an exception will be thrown.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"DestinationUserIdentifier": "string",
"DeveloperProviderName": "string",
"IdentityPoolId": "string",
"SourceUserIdentifier": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [DestinationUserIdentifier](#API_MergeDeveloperIdentities_RequestSyntax) **
User identifier for the destination user. The value should be a `DeveloperUserIdentifier`.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 1024.
Required: Yes
** [DeveloperProviderName](#API_MergeDeveloperIdentities_RequestSyntax) **
The "domain" by which Cognito will refer to your users. This is a (pseudo) domain name that you provide while creating an identity pool. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider. For the `DeveloperProviderName`, you can use letters as well as period (.), underscore (\$1), and dash (-).
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w._-]+`
Required: Yes
** [IdentityPoolId](#API_MergeDeveloperIdentities_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [SourceUserIdentifier](#API_MergeDeveloperIdentities_RequestSyntax) **
User identifier for the source user. The value should be a `DeveloperUserIdentifier`.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 1024.
Required: Yes
## Response Syntax
```
{
"IdentityId": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [IdentityId](#API_MergeDeveloperIdentities_ResponseSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/MergeDeveloperIdentities)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/MergeDeveloperIdentities)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/MergeDeveloperIdentities)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/MergeDeveloperIdentities)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/MergeDeveloperIdentities)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/MergeDeveloperIdentities)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/MergeDeveloperIdentities)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/MergeDeveloperIdentities)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/MergeDeveloperIdentities)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/MergeDeveloperIdentities)
# SetIdentityPoolRoles
Sets the roles for an identity pool. These roles are used when making calls to [GetCredentialsForIdentity](API_GetCredentialsForIdentity.md) action.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"IdentityPoolId": "string",
"RoleMappings": {
"string" : {
"AmbiguousRoleResolution": "string",
"RulesConfiguration": {
"Rules": [
{
"Claim": "string",
"MatchType": "string",
"RoleARN": "string",
"Value": "string"
}
]
},
"Type": "string"
}
},
"Roles": {
"string" : "string"
}
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityPoolId](#API_SetIdentityPoolRoles_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [RoleMappings](#API_SetIdentityPoolRoles_RequestSyntax) **
How users for a specific identity provider are to mapped to roles. This is a string to [RoleMapping](API_RoleMapping.md) object map. The string identifies the identity provider, for example, `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id`.
Up to 25 rules can be specified per identity provider.
Type: String to [RoleMapping](API_RoleMapping.md) object map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Required: No
** [Roles](#API_SetIdentityPoolRoles_RequestSyntax) **
The map of roles associated with this pool. For a given role, the key will be either "authenticated" or "unauthenticated" and the value will be the Role ARN.
Type: String to string map
Map Entries: Maximum number of 2 items.
Key Pattern: `(un)?authenticated`
Value Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: Yes
## Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ConcurrentModificationException **
Thrown if there are parallel requests to modify a resource.
** message **
The message returned by a ConcurrentModificationException.
HTTP Status Code: 400
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/SetIdentityPoolRoles)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/SetIdentityPoolRoles)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/SetIdentityPoolRoles)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/SetIdentityPoolRoles)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/SetIdentityPoolRoles)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/SetIdentityPoolRoles)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/SetIdentityPoolRoles)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/SetIdentityPoolRoles)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/SetIdentityPoolRoles)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/SetIdentityPoolRoles)
# SetPrincipalTagAttributeMap
You can use this operation to use default (username and clientID) attribute or custom attribute mappings.
## Request Syntax
```
{
"IdentityPoolId": "string",
"IdentityProviderName": "string",
"PrincipalTags": {
"string" : "string"
},
"UseDefaults": boolean
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityPoolId](#API_SetPrincipalTagAttributeMap_RequestSyntax) **
The ID of the Identity Pool you want to set attribute mappings for.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [IdentityProviderName](#API_SetPrincipalTagAttributeMap_RequestSyntax) **
The provider name you want to use for attribute mappings.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Required: Yes
** [PrincipalTags](#API_SetPrincipalTagAttributeMap_RequestSyntax) **
You can use this operation to add principal tags.
Type: String to string map
Map Entries: Maximum number of 50 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 256.
Required: No
** [UseDefaults](#API_SetPrincipalTagAttributeMap_RequestSyntax) **
You can use this operation to use default (username and clientID) attribute mappings.
Type: Boolean
Required: No
## Response Syntax
```
{
"IdentityPoolId": "string",
"IdentityProviderName": "string",
"PrincipalTags": {
"string" : "string"
},
"UseDefaults": boolean
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [IdentityPoolId](#API_SetPrincipalTagAttributeMap_ResponseSyntax) **
The ID of the Identity Pool you want to set attribute mappings for.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [IdentityProviderName](#API_SetPrincipalTagAttributeMap_ResponseSyntax) **
The provider name you want to use for attribute mappings.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
** [PrincipalTags](#API_SetPrincipalTagAttributeMap_ResponseSyntax) **
You can use this operation to add principal tags. The `PrincipalTags`operation enables you to reference user attributes in your IAM permissions policy.
Type: String to string map
Map Entries: Maximum number of 50 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 256.
** [UseDefaults](#API_SetPrincipalTagAttributeMap_ResponseSyntax) **
You can use this operation to select default (username and clientID) attribute mappings.
Type: Boolean
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/SetPrincipalTagAttributeMap)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/SetPrincipalTagAttributeMap)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/SetPrincipalTagAttributeMap)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/SetPrincipalTagAttributeMap)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/SetPrincipalTagAttributeMap)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/SetPrincipalTagAttributeMap)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/SetPrincipalTagAttributeMap)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/SetPrincipalTagAttributeMap)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/SetPrincipalTagAttributeMap)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/SetPrincipalTagAttributeMap)
# TagResource
Assigns a set of tags to the specified Amazon Cognito identity pool. A tag is a label that you can use to categorize and manage identity pools in different ways, such as by purpose, owner, environment, or other criteria.
Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of an identity pool, one for testing and another for production, you might assign an `Environment` tag key to both identity pools. The value of this key might be `Test` for one identity pool and `Production` for the other.
Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with your identity pools. In an IAM policy, you can constrain permissions for identity pools based on specific tags or tag values.
You can use this action up to 5 times per second, per account. An identity pool can have as many as 50 tags.
## Request Syntax
```
{
"ResourceArn": "string",
"Tags": {
"string" : "string"
}
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [ResourceArn](#API_TagResource_RequestSyntax) **
The Amazon Resource Name (ARN) of the identity pool.
Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: Yes
** [Tags](#API_TagResource_RequestSyntax) **
The tags to assign to the identity pool.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 0. Maximum length of 256.
Required: Yes
## Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/TagResource)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/TagResource)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/TagResource)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/TagResource)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/TagResource)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/TagResource)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/TagResource)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/TagResource)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/TagResource)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/TagResource)
# UnlinkDeveloperIdentity
Unlinks a `DeveloperUserIdentifier` from an existing identity. Unlinked developer users will be considered new identities next time they are seen. If, for a given Cognito identity, you remove all federated identities as well as the developer user identifier, the Cognito identity becomes inaccessible.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"DeveloperProviderName": "string",
"DeveloperUserIdentifier": "string",
"IdentityId": "string",
"IdentityPoolId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [DeveloperProviderName](#API_UnlinkDeveloperIdentity_RequestSyntax) **
The "domain" by which Cognito will refer to your users.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w._-]+`
Required: Yes
** [DeveloperUserIdentifier](#API_UnlinkDeveloperIdentity_RequestSyntax) **
A unique ID used by your backend authentication process to identify a user.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 1024.
Required: Yes
** [IdentityId](#API_UnlinkDeveloperIdentity_RequestSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [IdentityPoolId](#API_UnlinkDeveloperIdentity_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
## Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/UnlinkDeveloperIdentity)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/UnlinkDeveloperIdentity)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/UnlinkDeveloperIdentity)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/UnlinkDeveloperIdentity)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/UnlinkDeveloperIdentity)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/UnlinkDeveloperIdentity)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/UnlinkDeveloperIdentity)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/UnlinkDeveloperIdentity)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/UnlinkDeveloperIdentity)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/UnlinkDeveloperIdentity)
# UnlinkIdentity
Unlinks a federated identity from an existing account. Unlinked logins will be considered new identities next time they are seen. Removing the last linked login will make this identity inaccessible.
This is a public API. You do not need any credentials to call this API.
## Request Syntax
```
{
"IdentityId": "string",
"Logins": {
"string" : "string"
},
"LoginsToRemove": [ "string" ]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [IdentityId](#API_UnlinkIdentity_RequestSyntax) **
A unique identifier in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [Logins](#API_UnlinkIdentity_RequestSyntax) **
A set of optional name-value pairs that map provider names to provider tokens.
Type: String to string map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 50000.
Required: Yes
** [LoginsToRemove](#API_UnlinkIdentity_RequestSyntax) **
Provider names to unlink from this identity.
Type: Array of strings
Length Constraints: Minimum length of 1. Maximum length of 128.
Required: Yes
## Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ExternalServiceException **
An exception thrown when a dependent service such as Facebook or Twitter is not responding
** message **
The message returned by an ExternalServiceException
HTTP Status Code: 400
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## Examples
### UnlinkIdentity
The following example shows an `UnlinkIdentity` request. The request body has been formatted for readability and may not match the `content-length` value.
#### Sample Request
```
POST / HTTP/1.1
CONTENT-TYPE: application/json
CONTENT-LENGTH: 307
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.UnlinkIdentity
HOST:
X-AMZ-DATE: 20140805T164904Z
{
"IdentityId": "us-east-1:6820d0d3-3c95-4d9f-8813-c4448fca995f",
"Logins":
{
"accounts.google.com": ""
},
"LoginsToRemove": ["accounts.google.com"]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/UnlinkIdentity)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/UnlinkIdentity)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/UnlinkIdentity)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/UnlinkIdentity)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/UnlinkIdentity)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/UnlinkIdentity)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/UnlinkIdentity)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/UnlinkIdentity)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/UnlinkIdentity)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/UnlinkIdentity)
# UntagResource
Removes the specified tags from the specified Amazon Cognito identity pool. You can use this action up to 5 times per second, per account
## Request Syntax
```
{
"ResourceArn": "string",
"TagKeys": [ "string" ]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [ResourceArn](#API_UntagResource_RequestSyntax) **
The Amazon Resource Name (ARN) of the identity pool.
Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: Yes
** [TagKeys](#API_UntagResource_RequestSyntax) **
The keys of the tags to remove from the user pool.
Type: Array of strings
Length Constraints: Minimum length of 1. Maximum length of 128.
Required: Yes
## Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/UntagResource)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/UntagResource)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/UntagResource)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/UntagResource)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/UntagResource)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/UntagResource)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/UntagResource)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/UntagResource)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/UntagResource)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/UntagResource)
# UpdateIdentityPool
Updates the configuration of an identity pool.
**Important**
If you don't provide a value for a parameter, Amazon Cognito sets it to its default value.
**Note**
Amazon Cognito evaluates AWS Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
[Signing AWS API Requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
## Request Syntax
```
{
"AllowClassicFlow": boolean,
"AllowUnauthenticatedIdentities": boolean,
"CognitoIdentityProviders": [
{
"ClientId": "string",
"ProviderName": "string",
"ServerSideTokenCheck": boolean
}
],
"DeveloperProviderName": "string",
"IdentityPoolId": "string",
"IdentityPoolName": "string",
"IdentityPoolTags": {
"string" : "string"
},
"OpenIdConnectProviderARNs": [ "string" ],
"SamlProviderARNs": [ "string" ],
"SupportedLoginProviders": {
"string" : "string"
}
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [AllowClassicFlow](#API_UpdateIdentityPool_RequestSyntax) **
Enables or disables the Basic (Classic) authentication flow. For more information, see [Identity Pools (Federated Identities) Authentication Flow](https://docs.aws.amazon.com/cognito/latest/developerguide/authentication-flow.html) in the *Amazon Cognito Developer Guide*.
Type: Boolean
Required: No
** [AllowUnauthenticatedIdentities](#API_UpdateIdentityPool_RequestSyntax) **
TRUE if the identity pool supports unauthenticated logins.
Type: Boolean
Required: Yes
** [CognitoIdentityProviders](#API_UpdateIdentityPool_RequestSyntax) **
A list representing an Amazon Cognito user pool and its client ID.
Type: Array of [CognitoIdentityProvider](API_CognitoIdentityProvider.md) objects
Required: No
** [DeveloperProviderName](#API_UpdateIdentityPool_RequestSyntax) **
The "domain" by which Cognito will refer to your users.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w._-]+`
Required: No
** [IdentityPoolId](#API_UpdateIdentityPool_RequestSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
Required: Yes
** [IdentityPoolName](#API_UpdateIdentityPool_RequestSyntax) **
A string that you provide.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w\s+=,.@-]+`
Required: Yes
** [IdentityPoolTags](#API_UpdateIdentityPool_RequestSyntax) **
The tags that are assigned to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 0. Maximum length of 256.
Required: No
** [OpenIdConnectProviderARNs](#API_UpdateIdentityPool_RequestSyntax) **
The ARNs of the OpenID Connect providers.
Type: Array of strings
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: No
** [SamlProviderARNs](#API_UpdateIdentityPool_RequestSyntax) **
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
Type: Array of strings
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: No
** [SupportedLoginProviders](#API_UpdateIdentityPool_RequestSyntax) **
Optional key:value pairs mapping provider names to provider app IDs.
Type: String to string map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 128.
Value Pattern: `[\w.;_/-]+`
Required: No
## Response Syntax
```
{
"AllowClassicFlow": boolean,
"AllowUnauthenticatedIdentities": boolean,
"CognitoIdentityProviders": [
{
"ClientId": "string",
"ProviderName": "string",
"ServerSideTokenCheck": boolean
}
],
"DeveloperProviderName": "string",
"IdentityPoolId": "string",
"IdentityPoolName": "string",
"IdentityPoolTags": {
"string" : "string"
},
"OpenIdConnectProviderARNs": [ "string" ],
"SamlProviderARNs": [ "string" ],
"SupportedLoginProviders": {
"string" : "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [AllowClassicFlow](#API_UpdateIdentityPool_ResponseSyntax) **
Enables or disables the Basic (Classic) authentication flow. For more information, see [Identity Pools (Federated Identities) Authentication Flow](https://docs.aws.amazon.com/cognito/latest/developerguide/authentication-flow.html) in the *Amazon Cognito Developer Guide*.
Type: Boolean
** [AllowUnauthenticatedIdentities](#API_UpdateIdentityPool_ResponseSyntax) **
TRUE if the identity pool supports unauthenticated logins.
Type: Boolean
** [CognitoIdentityProviders](#API_UpdateIdentityPool_ResponseSyntax) **
A list representing an Amazon Cognito user pool and its client ID.
Type: Array of [CognitoIdentityProvider](API_CognitoIdentityProvider.md) objects
** [DeveloperProviderName](#API_UpdateIdentityPool_ResponseSyntax) **
The "domain" by which Cognito will refer to your users.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w._-]+`
** [IdentityPoolId](#API_UpdateIdentityPool_ResponseSyntax) **
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern: `[\w-]+:[0-9a-f-]+`
** [IdentityPoolName](#API_UpdateIdentityPool_ResponseSyntax) **
A string that you provide.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: `[\w\s+=,.@-]+`
** [IdentityPoolTags](#API_UpdateIdentityPool_ResponseSyntax) **
The tags that are assigned to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 0. Maximum length of 256.
** [OpenIdConnectProviderARNs](#API_UpdateIdentityPool_ResponseSyntax) **
The ARNs of the OpenID Connect providers.
Type: Array of strings
Length Constraints: Minimum length of 20. Maximum length of 2048.
** [SamlProviderARNs](#API_UpdateIdentityPool_ResponseSyntax) **
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.
Type: Array of strings
Length Constraints: Minimum length of 20. Maximum length of 2048.
** [SupportedLoginProviders](#API_UpdateIdentityPool_ResponseSyntax) **
Optional key:value pairs mapping provider names to provider app IDs.
Type: String to string map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 1. Maximum length of 128.
Value Pattern: `[\w.;_/-]+`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ConcurrentModificationException **
Thrown if there are parallel requests to modify a resource.
** message **
The message returned by a ConcurrentModificationException.
HTTP Status Code: 400
** InternalErrorException **
Thrown when the service encounters an error during processing the request.
** message **
The message returned by an InternalErrorException.
HTTP Status Code: 500
** InvalidParameterException **
Thrown for missing or bad input parameter(s).
** message **
The message returned by an InvalidParameterException.
HTTP Status Code: 400
** LimitExceededException **
Thrown when the total number of user pools has exceeded a preset limit.
** message **
The message returned by a LimitExceededException.
HTTP Status Code: 400
** NotAuthorizedException **
Thrown when a user is not authorized to access the requested resource.
** message **
The message returned by a NotAuthorizedException
HTTP Status Code: 400
** ResourceConflictException **
Thrown when a user tries to use a login which is already linked to another account.
** message **
The message returned by a ResourceConflictException.
HTTP Status Code: 400
** ResourceNotFoundException **
Thrown when the requested resource (for example, a dataset or record) does not exist.
** message **
The message returned by a ResourceNotFoundException.
HTTP Status Code: 400
** TooManyRequestsException **
Thrown when a request is throttled.
** message **
Message returned by a TooManyRequestsException
HTTP Status Code: 400
## Examples
### UpdateIdentityPool
The following examples show a request and response for the `UpdateIdentityPool` action. The request and response bodies have been formatted for readability and may not match the `content-length` value. Note: For the key "api.twitter.com" and "www.digits.com" the value to be set in the dictionary is a concatenation of the consumer key and consumer secret strings separated by a semicolon.
#### Sample Request
```
POST / HTTP/1.1
CONTENT-TYPE: application/json
CONTENT-LENGTH: 423
X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.UpdateIdentityPool
HOST:
X-AMZ-DATE: 20140804T232959Z
AUTHORIZATION: AWS4-HMAC-SHA256 Credential=, SignedHeaders=content-type;content-length;host;x-amz-date;x-amz-target, Signature=
{
"IdentityPoolId": "us-east-1:c1731993-c776-4ae2-86c6-554aeEXAMPLE",
"IdentityPoolName": "MyIdentityPool",
"AllowUnauthenticatedIdentities": true,
"SupportedLoginProviders":
{
"www.amazon.com": "amzn1.application-oa2-client.188a56d827a7d6555a8b67a5d",
"graph.facebook.com": "7346241598935555",
"accounts.google.com": "123456789012.apps.googleusercontent.com",
"api.twitter.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw",
"www.digits.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw"
}
}
```
#### Sample Response
```
1.1 200 OK
x-amzn-requestid: a1174234-ef05-4c60-bfcb-04176a6ba6a3
date: Mon, 04 Aug 2014 23:30:00 GMT
content-type: application/json
content-length: 356
{
"AllowUnauthenticatedIdentities": true,
"IdentityPoolId": "us-east-1:c1731993-c776-4ae2-86c6-554aeEXAMPLE",
"IdentityPoolName": "MyIdentityPool",
"SupportedLoginProviders":
{
"www.amazon.com": "amzn1.application-oa2-client.188a56d827a7d6555a8b67a5d",
"graph.facebook.com": "7346241598935555",
"accounts.google.com": "123456789012.apps.googleusercontent.com",
"api.twitter.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw",
"www.digits.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw"
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/cognito-identity-2014-06-30/UpdateIdentityPool)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/cognito-identity-2014-06-30/UpdateIdentityPool)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-identity-2014-06-30/UpdateIdentityPool)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/cognito-identity-2014-06-30/UpdateIdentityPool)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/cognito-identity-2014-06-30/UpdateIdentityPool)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/cognito-identity-2014-06-30/UpdateIdentityPool)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/cognito-identity-2014-06-30/UpdateIdentityPool)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/cognito-identity-2014-06-30/UpdateIdentityPool)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/cognito-identity-2014-06-30/UpdateIdentityPool)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/cognito-identity-2014-06-30/UpdateIdentityPool)