Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Prevents the user from signing in with the specified external (SAML or
social) identity provider (IdP). If the user that you want to deactivate
is a Amazon Cognito user pools native username + password user, they
can't use their password to sign in. If the user to deactivate is a
linked external IdP user, any link between that user and an existing
user is removed. When the external user signs in again, and the user is
no longer attached to the previously linked DestinationUser
, the user
must create a new user account. See
AdminLinkProviderForUser.
This action is enabled only for admin access and requires developer credentials.
The ProviderName
must match the value specified when creating an IdP
for the pool.
To deactivate a native username + password user, the ProviderName
value must be Cognito
and the ProviderAttributeName
must be
Cognito_Subject
. The ProviderAttributeValue
must be the name that is
used in the user pool for the user.
The ProviderAttributeName
must always be Cognito_Subject
for social
IdPs. The ProviderAttributeValue
must always be the exact subject that
was used when the user was originally linked as a source user.
For de-linking a SAML identity, there are two scenarios. If the linked
identity has not yet been used to sign in, the ProviderAttributeName
and ProviderAttributeValue
must be the same values that were used for
the SourceUser
when the identities were originally linked using
AdminLinkProviderForUser
call. (If the linking was done with
ProviderAttributeName
set to Cognito_Subject
, the same applies
here). However, if the user has already signed in, the
ProviderAttributeName
must be Cognito_Subject
and
ProviderAttributeValue
must be the subject of the SAML assertion.
Synopsis
- data AdminDisableProviderForUser = AdminDisableProviderForUser' {}
- newAdminDisableProviderForUser :: Text -> ProviderUserIdentifierType -> AdminDisableProviderForUser
- adminDisableProviderForUser_userPoolId :: Lens' AdminDisableProviderForUser Text
- adminDisableProviderForUser_user :: Lens' AdminDisableProviderForUser ProviderUserIdentifierType
- data AdminDisableProviderForUserResponse = AdminDisableProviderForUserResponse' {
- httpStatus :: Int
- newAdminDisableProviderForUserResponse :: Int -> AdminDisableProviderForUserResponse
- adminDisableProviderForUserResponse_httpStatus :: Lens' AdminDisableProviderForUserResponse Int
Creating a Request
data AdminDisableProviderForUser Source #
See: newAdminDisableProviderForUser
smart constructor.
AdminDisableProviderForUser' | |
|
Instances
newAdminDisableProviderForUser Source #
Create a value of AdminDisableProviderForUser
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
AdminDisableProviderForUser
, adminDisableProviderForUser_userPoolId
- The user pool ID for the user pool.
$sel:user:AdminDisableProviderForUser'
, adminDisableProviderForUser_user
- The user to be disabled.
Request Lenses
adminDisableProviderForUser_userPoolId :: Lens' AdminDisableProviderForUser Text Source #
The user pool ID for the user pool.
adminDisableProviderForUser_user :: Lens' AdminDisableProviderForUser ProviderUserIdentifierType Source #
The user to be disabled.
Destructuring the Response
data AdminDisableProviderForUserResponse Source #
See: newAdminDisableProviderForUserResponse
smart constructor.
AdminDisableProviderForUserResponse' | |
|
Instances
Generic AdminDisableProviderForUserResponse Source # | |
Defined in Amazonka.CognitoIdentityProvider.AdminDisableProviderForUser type Rep AdminDisableProviderForUserResponse :: Type -> Type # | |
Read AdminDisableProviderForUserResponse Source # | |
Show AdminDisableProviderForUserResponse Source # | |
NFData AdminDisableProviderForUserResponse Source # | |
Eq AdminDisableProviderForUserResponse Source # | |
type Rep AdminDisableProviderForUserResponse Source # | |
Defined in Amazonka.CognitoIdentityProvider.AdminDisableProviderForUser type Rep AdminDisableProviderForUserResponse = D1 ('MetaData "AdminDisableProviderForUserResponse" "Amazonka.CognitoIdentityProvider.AdminDisableProviderForUser" "amazonka-cognito-idp-2.0-D1ERgMvEVPG9z8cOLXdU2" 'False) (C1 ('MetaCons "AdminDisableProviderForUserResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int))) |
newAdminDisableProviderForUserResponse Source #
Create a value of AdminDisableProviderForUserResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:AdminDisableProviderForUserResponse'
, adminDisableProviderForUserResponse_httpStatus
- The response's http status code.
Response Lenses
adminDisableProviderForUserResponse_httpStatus :: Lens' AdminDisableProviderForUserResponse Int Source #
The response's http status code.