Backend appId Auth - AWS Amplify Admin UI

Backend appId Auth

The authentication and authorization settings from your Amplify project.

URI

/prod/backend/appId/auth

HTTP methods

POST

Operation ID: CreateBackendAuth

Creates a new backend authentication resource.

Path parameters
NameTypeRequiredDescription
appIdStringTrue

The app ID.

Responses
Status codeResponse modelDescription
200BackendAuthRespObj

200 response

400BadRequestException

400 response

404NotFoundException

404 response

429LimitExceededException

429 response

504InternalServiceException

504 response

OPTIONS

Enables CORS by returning the correct headers.

Path parameters
NameTypeRequiredDescription
appIdStringTrue

The app ID.

Responses
Status codeResponse modelDescription
200None

200 response

Schemas

Request bodies

{ "resourceConfig": { "userPoolConfigs": { "userPoolName": "string", "forgotPassword": { "smsSettings": { "smsMessage": "string" }, "deliveryMethod": enum, "emailSettings": { "emailMessage": "string", "emailSubject": "string" } }, "passwordPolicy": { "minimumLength": number, "additionalConstraints": [ enum ] }, "requiredSignUpAttributes": [ enum ], "mfa": { "MFAMode": enum, "settings": { } }, "verificationMessage": { "smsSettings": { "smsMessage": "string" }, "deliveryMethod": enum, "emailSettings": { "emailMessage": "string", "emailSubject": "string" } }, "oAuth": { "redirectSignOutURIs": [ "string" ], "domainPrefix": "string", "redirectSignInURIs": [ "string" ], "oAuthScopes": [ enum ], "socialProviderSettings": { }, "oAuthGrantType": enum }, "signInMethod": enum }, "authResources": enum, "service": enum, "identityPoolConfigs": { "identityPoolName": "string", "unauthenticatedLogin": boolean } }, "resourceName": "string", "backendEnvironmentName": "string" }

Response bodies

{ "jobId": "string", "appId": "string", "error": "string", "operation": "string", "backendEnvironmentName": "string", "status": "string" }
{ "message": "string" }
{ "message": "string", "resourceType": "string" }
{ "message": "string", "limitType": "string" }
{ "message": "string" }

Properties

BackendAuthRespObj

The response object for this operation.

PropertyTypeRequiredDescription
appId

string

True

The app ID.

backendEnvironmentName

string

True

The name of the backend environment.

error

string

False

If the request fails, this error is returned.

jobId

string

False

The ID for the job.

operation

string

False

The name of the operation.

status

string

False

The current status of the request.

BadRequestException

An error returned if a request is not formed properly.

PropertyTypeRequiredDescription
message

string

False

An error message to inform that the request failed.

CreateBackendAuthForgotPasswordConfig

(DEPRECATED) Describes the forgot password policy for authenticating into the Amplify app.

PropertyTypeRequiredDescription
deliveryMethod

DeliveryMethod

True

(DEPRECATED) Describes which mode to use (either SMS or email) to deliver messages to app users who want to recover their password.

emailSettings

EmailSettings

False

(DEPRECATED) The configuration for the email sent when an app user forgets their password.

smsSettings

SmsSettings

False

(DEPRECATED) The configuration for the SMS message sent when an app user forgets their password.

CreateBackendAuthIdentityPoolConfig

Describes authorization configurations for the auth resources, configured as a part of your Amplify project.

PropertyTypeRequiredDescription
identityPoolName

string

True

Name of the Amazon Cognito identity pool used for authorization.

unauthenticatedLogin

boolean

True

Set to true or false based on whether you want to enable guest authorization to your Amplify app.

CreateBackendAuthMFAConfig

Describes whether to apply multi-factor authentication policies for your Amazon Cognito user pool configured as a part of your Amplify project.

PropertyTypeRequiredDescription
MFAMode

string

Values: ON | OFF | OPTIONAL

True

Describes whether MFA should be [ON, OFF, or OPTIONAL] for authentication in your Amplify project.

settings

object

False

Describes the configuration settings and methods for your Amplify app users to use MFA.

CreateBackendAuthOAuthConfig

Creates the OAuth configuration for your Amplify project.

PropertyTypeRequiredDescription
domainPrefix

string

False

The domain prefix for your Amplify app.

oAuthGrantType

string

Values: CODE | IMPLICIT

True

The OAuth grant type that you use to allow app users to authenticate from your Amplify app.

oAuthScopes

Array of type string

Values: PHONE | EMAIL | OPENID | PROFILE | AWS_COGNITO_SIGNIN_USER_ADMIN

True

List of OAuth-related flows used to allow your app users to authenticate from your Amplify app.

redirectSignInURIs

Array of type string

True

The redirected URI for signing in to your Amplify app.

redirectSignOutURIs

Array of type string

True

Redirect URLs that OAuth uses when a user signs out of an Amplify app.

socialProviderSettings

object

False

The settings for using social providers to access your Amplify app.

CreateBackendAuthPasswordPolicyConfig

The password policy configuration for the backend to your Amplify project.

PropertyTypeRequiredDescription
additionalConstraints

Array of type string

Values: REQUIRE_DIGIT | REQUIRE_LOWERCASE | REQUIRE_SYMBOL | REQUIRE_UPPERCASE

False

Additional constraints for the password used to access the backend of your Amplify project.

minimumLength

number

True

The minimum length of the password used to access the backend of your Amplify project.

CreateBackendAuthReqObj

The request object for this operation.

PropertyTypeRequiredDescription
backendEnvironmentName

string

True

The name of the backend environment.

resourceConfig

CreateBackendAuthResourceConfig

True

The resource configuration for this request object.

resourceName

string

True

The name of this resource.

CreateBackendAuthResourceConfig

Defines the resource configuration when creating an auth resource in your Amplify project.

PropertyTypeRequiredDescription
authResources

string

Values: USER_POOL_ONLY | IDENTITY_POOL_AND_USER_POOL

True

Defines whether you want to configure only authentication or both authentication and authorization settings.

identityPoolConfigs

CreateBackendAuthIdentityPoolConfig

False

Describes the authorization configuration for the Amazon Cognito identity pool, provisioned as a part of your auth resource in the Amplify project.

service

string

Values: COGNITO

True

Defines the service name to use when configuring an authentication resource in your Amplify project.

userPoolConfigs

CreateBackendAuthUserPoolConfig

True

Describes authentication configuration for the Amazon Cognito user pool, provisioned as a part of your auth resource in the Amplify project.

CreateBackendAuthUserPoolConfig

Describes the Amazon Cognito user pool configuration for the auth resource to be configured for your Amplify project.

PropertyTypeRequiredDescription
forgotPassword

CreateBackendAuthForgotPasswordConfig

False

(DEPRECATED) Describes the forgotten password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.

mfa

CreateBackendAuthMFAConfig

False

Describes whether to apply multi-factor authentication policies for your Amazon Cognito user pool configured as a part of your Amplify project.

oAuth

CreateBackendAuthOAuthConfig

False

Describes the OAuth policy and rules for your Amazon Cognito user pool, configured as a part of your Amplify project.

passwordPolicy

CreateBackendAuthPasswordPolicyConfig

False

Describes the password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.

requiredSignUpAttributes

Array of type string

Values: ADDRESS | BIRTHDATE | EMAIL | FAMILY_NAME | GENDER | GIVEN_NAME | LOCALE | MIDDLE_NAME | NAME | NICKNAME | PHONE_NUMBER | PICTURE | PREFERRED_USERNAME | PROFILE | UPDATED_AT | WEBSITE | ZONE_INFO

True

The required attributes to sign up new users in the user pool.

signInMethod

string

Values: EMAIL | EMAIL_AND_PHONE_NUMBER | PHONE_NUMBER | USERNAME

True

Describes the sign-in methods that your Amplify app users use to log in using the Amazon Cognito user pool, configured as a part of your Amplify project.

userPoolName

string

True

The Amazon Cognito user pool name.

verificationMessage

CreateBackendAuthVerificationMessageConfig

False

Describes the email or SMS verification message for your Amazon Cognito user pool, configured as a part of your Amplify project.

CreateBackendAuthVerificationMessageConfig

Creates an email or SMS verification message for the auth resource configured for your Amplify project.

PropertyTypeRequiredDescription
deliveryMethod

DeliveryMethod

True

The type of verification message to send.

emailSettings

EmailSettings

False

The settings for the email message.

smsSettings

SmsSettings

False

The settings for the SMS message.

DeliveryMethod

The type of verification message to send.

  • EMAIL

  • SMS

EmailSettings

The settings for the email message.

PropertyTypeRequiredDescription
emailMessage

string

False

The contents of the email message.

emailSubject

string

False

The contents of the subject line of the email message.

InternalServiceException

An error returned if there's a temporary issue with the service.

PropertyTypeRequiredDescription
message

string

False

An error message to inform that the request failed.

LimitExceededException

An error that is returned when a limit of a specific type has been exceeded.

PropertyTypeRequiredDescription
limitType

string

False

The type of limit that was exceeded.

message

string

False

An error message to inform that the request has failed.

NotFoundException

An error returned when a specific resource type is not found.

PropertyTypeRequiredDescription
message

string

False

An error message to inform that the request has failed.

resourceType

string

False

The type of resource that is not found.

SmsSettings

The settings for the SMS message.

PropertyTypeRequiredDescription
smsMessage

string

False

The contents of the SMS message.

See also

For more information about using this API in one of the language-specific AWS SDKs and references, see the following:

CreateBackendAuth