PasswordPolicyType
The password policy settings for a user pool, including complexity, history, and length requirements.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
Contents
- MinimumLength
-
The minimum length of the password in the policy that you have set. This value can't be less than 6.
Type: Integer
Valid Range: Minimum value of 6. Maximum value of 99.
Required: No
- PasswordHistorySize
-
The number of previous passwords that you want Amazon Cognito to restrict each user from reusing. Users can't set a password that matches any of
n
previous passwords, wheren
is the value ofPasswordHistorySize
.Password history isn't enforced and isn't displayed in DescribeUserPool responses when you set this value to
0
or don't provide it. To activate this setting, your user pool must be in the Essentials tier or higher.Type: Integer
Valid Range: Minimum value of 0. Maximum value of 24.
Required: No
- RequireLowercase
-
The requirement in a password policy that users must include at least one lowercase letter in their password.
Type: Boolean
Required: No
- RequireNumbers
-
The requirement in a password policy that users must include at least one number in their password.
Type: Boolean
Required: No
- RequireSymbols
-
The requirement in a password policy that users must include at least one symbol in their password.
Type: Boolean
Required: No
- RequireUppercase
-
The requirement in a password policy that users must include at least one uppercase letter in their password.
Type: Boolean
Required: No
- TemporaryPasswordValidityDays
-
The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to
7
. If you submit a value of0
, Amazon Cognito treats it as a null value and setsTemporaryPasswordValidityDays
to its default value.Note
When you set
TemporaryPasswordValidityDays
for a user pool, you can no longer set a value for the legacyUnusedAccountValidityDays
parameter in that user pool.Type: Integer
Valid Range: Minimum value of 0. Maximum value of 365.
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: