쿠키 기본 설정 선택

당사는 사이트와 서비스를 제공하는 데 필요한 필수 쿠키 및 유사한 도구를 사용합니다. 고객이 사이트를 어떻게 사용하는지 파악하고 개선할 수 있도록 성능 쿠키를 사용해 익명의 통계를 수집합니다. 필수 쿠키는 비활성화할 수 없지만 '사용자 지정' 또는 ‘거부’를 클릭하여 성능 쿠키를 거부할 수 있습니다.

사용자가 동의하는 경우 AWS와 승인된 제3자도 쿠키를 사용하여 유용한 사이트 기능을 제공하고, 사용자의 기본 설정을 기억하고, 관련 광고를 비롯한 관련 콘텐츠를 표시합니다. 필수가 아닌 모든 쿠키를 수락하거나 거부하려면 ‘수락’ 또는 ‘거부’를 클릭하세요. 더 자세한 내용을 선택하려면 ‘사용자 정의’를 클릭하세요.

CreateIdentityPool - Amazon Cognito Federated Identities
이 페이지는 귀하의 언어로 번역되지 않았습니다. 번역 요청

CreateIdentityPool

Creates a new identity pool. The identity pool is a store of user identity information that is specific to your AWS account. The keys for SupportedLoginProviders are as follows:

  • Facebook: graph.facebook.com

  • Google: accounts.google.com

  • Sign in With Apple: appleid.apple.com

  • Amazon: www.amazon.com

  • Twitter: api.twitter.com

  • Digits: www.digits.com

Important

If you don't provide a value for a parameter, Amazon Cognito sets it to its default value.

You must use AWS developer credentials to call this operation.

Request Syntax

{ "AllowClassicFlow": boolean, "AllowUnauthenticatedIdentities": boolean, "CognitoIdentityProviders": [ { "ClientId": "string", "ProviderName": "string", "ServerSideTokenCheck": boolean } ], "DeveloperProviderName": "string", "IdentityPoolName": "string", "IdentityPoolTags": { "string" : "string" }, "OpenIdConnectProviderARNs": [ "string" ], "SamlProviderARNs": [ "string" ], "SupportedLoginProviders": { "string" : "string" } }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

AllowClassicFlow

Enables or disables the Basic (Classic) authentication flow. For more information, see Identity Pools (Federated Identities) Authentication Flow in the Amazon Cognito Developer Guide.

Type: Boolean

Required: No

AllowUnauthenticatedIdentities

TRUE if the identity pool supports unauthenticated logins.

Type: Boolean

Required: Yes

CognitoIdentityProviders

An array of Amazon Cognito user pools and their client IDs.

Type: Array of CognitoIdentityProvider objects

Required: No

DeveloperProviderName

The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider. For the DeveloperProviderName, you can use letters as well as period (.), underscore (_), and dash (-).

Once you have set a developer provider name, you cannot change it. Please take care in setting this parameter.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w._-]+

Required: No

IdentityPoolName

A string that you provide.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w\s+=,.@-]+

Required: Yes

IdentityPoolTags

Tags to assign to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

Type: String to string map

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Value Length Constraints: Minimum length of 0. Maximum length of 256.

Required: No

OpenIdConnectProviderARNs

The Amazon Resource Names (ARN) of the OpenID Connect providers.

Type: Array of strings

Length Constraints: Minimum length of 20. Maximum length of 2048.

Required: No

SamlProviderARNs

An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.

Type: Array of strings

Length Constraints: Minimum length of 20. Maximum length of 2048.

Required: No

SupportedLoginProviders

Optional key:value pairs mapping provider names to provider app IDs.

Type: String to string map

Map Entries: Maximum number of 10 items.

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Value Length Constraints: Minimum length of 1. Maximum length of 128.

Value Pattern: [\w.;_/-]+

Required: No

Response Syntax

{ "AllowClassicFlow": boolean, "AllowUnauthenticatedIdentities": boolean, "CognitoIdentityProviders": [ { "ClientId": "string", "ProviderName": "string", "ServerSideTokenCheck": boolean } ], "DeveloperProviderName": "string", "IdentityPoolId": "string", "IdentityPoolName": "string", "IdentityPoolTags": { "string" : "string" }, "OpenIdConnectProviderARNs": [ "string" ], "SamlProviderARNs": [ "string" ], "SupportedLoginProviders": { "string" : "string" } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

AllowClassicFlow

Enables or disables the Basic (Classic) authentication flow. For more information, see Identity Pools (Federated Identities) Authentication Flow in the Amazon Cognito Developer Guide.

Type: Boolean

AllowUnauthenticatedIdentities

TRUE if the identity pool supports unauthenticated logins.

Type: Boolean

CognitoIdentityProviders

A list representing an Amazon Cognito user pool and its client ID.

Type: Array of CognitoIdentityProvider objects

DeveloperProviderName

The "domain" by which Cognito will refer to your users.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w._-]+

IdentityPoolId

An identity pool ID in the format REGION:GUID.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 55.

Pattern: [\w-]+:[0-9a-f-]+

IdentityPoolName

A string that you provide.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w\s+=,.@-]+

IdentityPoolTags

The tags that are assigned to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.

Type: String to string map

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Value Length Constraints: Minimum length of 0. Maximum length of 256.

OpenIdConnectProviderARNs

The ARNs of the OpenID Connect providers.

Type: Array of strings

Length Constraints: Minimum length of 20. Maximum length of 2048.

SamlProviderARNs

An array of Amazon Resource Names (ARNs) of the SAML provider for your identity pool.

Type: Array of strings

Length Constraints: Minimum length of 20. Maximum length of 2048.

SupportedLoginProviders

Optional key:value pairs mapping provider names to provider app IDs.

Type: String to string map

Map Entries: Maximum number of 10 items.

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Value Length Constraints: Minimum length of 1. Maximum length of 128.

Value Pattern: [\w.;_/-]+

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalErrorException

Thrown when the service encounters an error during processing the request.

HTTP Status Code: 500

InvalidParameterException

Thrown for missing or bad input parameter(s).

HTTP Status Code: 400

LimitExceededException

Thrown when the total number of user pools has exceeded a preset limit.

HTTP Status Code: 400

NotAuthorizedException

Thrown when a user is not authorized to access the requested resource.

HTTP Status Code: 400

ResourceConflictException

Thrown when a user tries to use a login which is already linked to another account.

HTTP Status Code: 400

TooManyRequestsException

Thrown when a request is throttled.

HTTP Status Code: 400

Examples

CreateIdentityPool

The following examples show a request and response for CreateIdentityPool. The request and response bodies have been edited for readability and may not match the stated Content-Length values. Note: For the key "api.twitter.com" and "www.digits.com" the value to be set in the dictionary is a concatenation of the consumer key and consumer secret strings separated by a semicolon.

Sample Request

POST / HTTP/1.1 CONTENT-TYPE: application/json CONTENT-LENGTH: 369 X-AMZ-TARGET: com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.CreateIdentityPool HOST: <endpoint> X-AMZ-DATE: 20140804T205551Z AUTHORIZATION: AWS4-HMAC-SHA256 Credential=<credential>, SignedHeaders=content-type;content-length;host;x-amz-date;x-amz-target, Signature=<signature> { "IdentityPoolName": "MyIdentityPool", "AllowUnauthenticatedIdentities": true, "SupportedLoginProviders": { "graph.facebook.com": "7346241598935555", "accounts.google.com": "123456789012.apps.googleusercontent.com", "www.amazon.com": "amzn1.application-oa2-client.188a56d827a7d6555a8b67a5d", "api.twitter.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw", "www.digits.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw" } }

Sample Response

1.1 200 OK x-amzn-requestid: 15cc73a1-0780-460c-91e8-e12ef034e116 date: Mon, 04 Aug 2014 20:55:52 GMT content-type: application/json content-length: 1091 { "AllowUnauthenticatedIdentities": true, "IdentityPoolId": "us-east-1:1cf667a2-49a6-454b-9e45-23199EXAMPLE", "IdentityPoolName": "MyIdentityPool", "SupportedLoginProviders": { "accounts.google.com": "123456789012.apps.googleusercontent.com", "graph.facebook.com": "7346241598935555", "www.amazon.com": "amzn1.application-oa2-client.188a56d827a7d6555a8b67a5d", "api.twitter.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw", "www.digits.com": "xvz1evFS4wEEPTGEFPHBog;kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw" } }

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

프라이버시사이트 이용 약관쿠키 기본 설정
© 2025, Amazon Web Services, Inc. 또는 계열사. All rights reserved.