PasswordPolicyType - Amazon Cognito User Pools
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

PasswordPolicyType

The password policy settings for a user pool, including complexity, history, and length requirements.

This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.

Contents

MinimumLength

The minimum length of the password in the policy that you have set. This value can't be less than 6.

Type: Integer

Valid Range: Minimum value of 6. Maximum value of 99.

Required: No

PasswordHistorySize

The number of previous passwords that you want Amazon Cognito to restrict each user from reusing. Users can't set a password that matches any of n previous passwords, where n is the value of PasswordHistorySize.

Password history isn't enforced and isn't displayed in DescribeUserPool responses when you set this value to 0 or don't provide it. To activate this setting, your user pool must be in the Essentials tier or higher.

Type: Integer

Valid Range: Minimum value of 0. Maximum value of 24.

Required: No

RequireLowercase

The requirement in a password policy that users must include at least one lowercase letter in their password.

Type: Boolean

Required: No

RequireNumbers

The requirement in a password policy that users must include at least one number in their password.

Type: Boolean

Required: No

RequireSymbols

The requirement in a password policy that users must include at least one symbol in their password.

Type: Boolean

Required: No

RequireUppercase

The requirement in a password policy that users must include at least one uppercase letter in their password.

Type: Boolean

Required: No

TemporaryPasswordValidityDays

The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to 7. If you submit a value of 0, Amazon Cognito treats it as a null value and sets TemporaryPasswordValidityDays to its default value.

Note

When you set TemporaryPasswordValidityDays for a user pool, you can no longer set a value for the legacy UnusedAccountValidityDays parameter in that user pool.

Type: Integer

Valid Range: Minimum value of 0. Maximum value of 365.

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: