-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | Amazon Cognito Identity Provider SDK.
--   
--   The types from this library are intended to be used with
--   <a>amazonka</a>, which provides mechanisms for specifying AuthN/AuthZ
--   information, sending requests, and receiving responses.
--   
--   Lenses are used for constructing and manipulating types, due to the
--   depth of nesting of AWS types and transparency regarding
--   de/serialisation into more palatable Haskell values. The provided
--   lenses should be compatible with any of the major lens libraries such
--   as <a>lens</a> or <a>lens-family-core</a>.
--   
--   See <a>Network.AWS.CognitoIdentityProvider</a> or <a>the AWS
--   documentation</a> to get started.
@package amazonka-cognito-idp
@version 1.6.0


module Network.AWS.CognitoIdentityProvider.Types

-- | API version <tt>2016-04-18</tt> of the Amazon Cognito Identity
--   Provider SDK configuration.
cognitoIdentityProvider :: Service

-- | The request failed because the user is in an unsupported state.
_UnsupportedUserStateException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a password reset is required.
_PasswordResetRequiredException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service encounters an
--   invalid parameter.
_InvalidParameterException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service encounters an
--   invalid AWS Lambda response.
_InvalidLambdaResponseException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when Amazon Cognito is not allowed to use
--   your email identity. HTTP status code: 400.
_InvalidEmailRoleAccessPolicyException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the specified identifier is not
--   supported.
_UnsupportedIdentityProviderException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user is not found.
_UserNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service encounters an
--   unexpected exception with the AWS Lambda service.
_UnexpectedLambdaException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user is not authorized.
_NotAuthorizedException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when Amazon Cognito encounters an internal
--   error.
_InternalErrorException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the user pool configuration is invalid.
_InvalidUserPoolConfigurationException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is returned when the role provided for SMS
--   configuration does not have permission to publish using Amazon SNS.
_InvalidSmsRoleAccessPolicyException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the specified OAuth flow is invalid.
_InvalidOAuthFlowException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown if the provided code does not match what the
--   server was expecting.
_CodeMismatchException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when you are trying to modify a user pool
--   while a user import job is in progress for that pool.
_UserImportInProgressException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the trust relationship is invalid for
--   the role provided for SMS configuration. This can happen if you do not
--   trust <b>cognito-idp.amazonaws.com</b> or the external ID provided in
--   the role does not match what is provided in the SMS configuration for
--   the user pool.
_InvalidSmsRoleTrustRelationshipException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user pool tag cannot be set or
--   updated.
_UserPoolTaggingException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the software token TOTP multi-factor
--   authentication (MFA) is not enabled for the user pool.
_SoftwareTokenMFANotFoundException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the user has made too many requests for
--   a given operation.
_TooManyRequestsException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown if two or more modifications are happening
--   concurrently.
_ConcurrentModificationException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when user pool add-ons are not enabled.
_UserPoolAddOnNotEnabledException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service encounters a
--   user validation exception with the AWS Lambda service.
_UserLambdaValidationException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a precondition is not met.
_PreconditionNotMetException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown if a code has expired.
_ExpiredCodeException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the user has made too many failed
--   attempts for a given action (e.g., sign in).
_TooManyFailedAttemptsException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when there is a code mismatch and the service
--   fails to configure the software token TOTP multi-factor authentication
--   (MFA).
_EnableSoftwareTokenMFAException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user is not confirmed successfully.
_UserNotConfirmedException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when Amazon Cognito encounters a group that
--   already exists in the user pool.
_GroupExistsException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a verification code fails to deliver
--   successfully.
_CodeDeliveryFailureException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the specified scope does not exist.
_ScopeDoesNotExistException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service cannot find
--   the requested resource.
_ResourceNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when Amazon Cognito cannot find a
--   multi-factor authentication (MFA) method.
_MFAMethodNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user tries to confirm the account with
--   an email or phone number that has already been supplied as an alias
--   from a different account. This exception tells user that an account
--   with this email or phone already exists.
_AliasExistsException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the provider is already supported by the
--   user pool.
_DuplicateProviderException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user exceeds the limit for a requested
--   AWS resource.
_LimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service encounters an
--   invalid password.
_InvalidPasswordException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when Amazon Cognito encounters a user name
--   that already exists in the user pool.
_UsernameExistsException :: AsError a => Getting (First ServiceError) a ServiceError
data AccountTakeoverEventActionType
ATEATBlock :: AccountTakeoverEventActionType
ATEATMFAIfConfigured :: AccountTakeoverEventActionType
ATEATMFARequired :: AccountTakeoverEventActionType
ATEATNoAction :: AccountTakeoverEventActionType
data AdvancedSecurityModeType
Audit :: AdvancedSecurityModeType
Enforced :: AdvancedSecurityModeType
Off :: AdvancedSecurityModeType
data AliasAttributeType
AATEmail :: AliasAttributeType
AATPhoneNumber :: AliasAttributeType
AATPreferredUsername :: AliasAttributeType
data AttributeDataType
Boolean :: AttributeDataType
DateTime :: AttributeDataType
Number :: AttributeDataType
String :: AttributeDataType
data AuthFlowType
AdminNoSrpAuth :: AuthFlowType
CustomAuth :: AuthFlowType
RefreshToken :: AuthFlowType
RefreshTokenAuth :: AuthFlowType
UserPasswordAuth :: AuthFlowType
UserSrpAuth :: AuthFlowType
data ChallengeName
MFA :: ChallengeName
Password :: ChallengeName
data ChallengeNameType
CNTAdminNoSrpAuth :: ChallengeNameType
CNTCustomChallenge :: ChallengeNameType
CNTDevicePasswordVerifier :: ChallengeNameType
CNTDeviceSrpAuth :: ChallengeNameType
CNTMFASetup :: ChallengeNameType
CNTNewPasswordRequired :: ChallengeNameType
CNTPasswordVerifier :: ChallengeNameType
CNTSelectMFAType :: ChallengeNameType
CNTSmsMFA :: ChallengeNameType
CNTSoftwareTokenMFA :: ChallengeNameType
data ChallengeResponse
CFailure :: ChallengeResponse
CSuccess :: ChallengeResponse
data CompromisedCredentialsEventActionType
CCEATBlock :: CompromisedCredentialsEventActionType
CCEATNoAction :: CompromisedCredentialsEventActionType
data DefaultEmailOptionType
ConfirmWithCode :: DefaultEmailOptionType
ConfirmWithLink :: DefaultEmailOptionType
data DeliveryMediumType
DMTEmail :: DeliveryMediumType
DMTSms :: DeliveryMediumType
data DeviceRememberedStatusType
NotRemembered :: DeviceRememberedStatusType
Remembered :: DeviceRememberedStatusType
data DomainStatusType
DSTActive :: DomainStatusType
DSTCreating :: DomainStatusType
DSTDeleting :: DomainStatusType
DSTFailed :: DomainStatusType
DSTUpdating :: DomainStatusType
data EventFilterType
PasswordChange :: EventFilterType
SignIn :: EventFilterType
SignUp :: EventFilterType
data EventResponseType
Failure :: EventResponseType
Success :: EventResponseType
data EventType
ETForgotPassword :: EventType
ETSignIn :: EventType
ETSignUp :: EventType
data ExplicitAuthFlowsType
EAFTAdminNoSrpAuth :: ExplicitAuthFlowsType
EAFTCustomAuthFlowOnly :: ExplicitAuthFlowsType
EAFTUserPasswordAuth :: ExplicitAuthFlowsType
data FeedbackValueType
Invalid :: FeedbackValueType
Valid :: FeedbackValueType
data IdentityProviderTypeType
Facebook :: IdentityProviderTypeType
Google :: IdentityProviderTypeType
LoginWithAmazon :: IdentityProviderTypeType
Saml :: IdentityProviderTypeType
data MessageActionType
Resend :: MessageActionType
Suppress :: MessageActionType
data OAuthFlowType
ClientCredentials :: OAuthFlowType
Code :: OAuthFlowType
Implicit :: OAuthFlowType
data RiskDecisionType
AccountTakeover :: RiskDecisionType
Block :: RiskDecisionType
NoRisk :: RiskDecisionType
data RiskLevelType
High :: RiskLevelType
Low :: RiskLevelType
Medium :: RiskLevelType
data StatusType
Disabled :: StatusType
Enabled :: StatusType
data UserImportJobStatusType
Created :: UserImportJobStatusType
Expired :: UserImportJobStatusType
Failed :: UserImportJobStatusType
InProgress :: UserImportJobStatusType
Pending :: UserImportJobStatusType
Stopped :: UserImportJobStatusType
Stopping :: UserImportJobStatusType
Succeeded :: UserImportJobStatusType
data UserPoolMFAType
UPMTON :: UserPoolMFAType
UPMTOff :: UserPoolMFAType
UPMTOptional :: UserPoolMFAType
data UserStatusType
Archived :: UserStatusType
Compromised :: UserStatusType
Confirmed :: UserStatusType
ForceChangePassword :: UserStatusType
ResetRequired :: UserStatusType
Unconfirmed :: UserStatusType
Unknown :: UserStatusType
data UsernameAttributeType
UATEmail :: UsernameAttributeType
UATPhoneNumber :: UsernameAttributeType
data VerifiedAttributeType
Email :: VerifiedAttributeType
PhoneNumber :: VerifiedAttributeType
data VerifySoftwareTokenResponseType
VSTRTError' :: VerifySoftwareTokenResponseType
VSTRTSuccess :: VerifySoftwareTokenResponseType

-- | Account takeover action type.
--   
--   <i>See:</i> <a>accountTakeoverActionType</a> smart constructor.
data AccountTakeoverActionType

-- | Creates a value of <a>AccountTakeoverActionType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>atatNotify</a> - Flag specifying whether to send a
--   notification.</li>
--   <li><a>atatEventAction</a> - The event action. * <tt>BLOCK</tt>
--   Choosing this action will block the request. *
--   <tt>MFA_IF_CONFIGURED</tt> Throw MFA challenge if user has configured
--   it, else allow the request. * <tt>MFA_REQUIRED</tt> Throw MFA
--   challenge if user has configured it, else block the request. *
--   <tt>NO_ACTION</tt> Allow the user sign-in.</li>
--   </ul>
accountTakeoverActionType :: Bool -> AccountTakeoverEventActionType -> AccountTakeoverActionType

-- | Flag specifying whether to send a notification.
atatNotify :: Lens' AccountTakeoverActionType Bool

-- | The event action. * <tt>BLOCK</tt> Choosing this action will block the
--   request. * <tt>MFA_IF_CONFIGURED</tt> Throw MFA challenge if user has
--   configured it, else allow the request. * <tt>MFA_REQUIRED</tt> Throw
--   MFA challenge if user has configured it, else block the request. *
--   <tt>NO_ACTION</tt> Allow the user sign-in.
atatEventAction :: Lens' AccountTakeoverActionType AccountTakeoverEventActionType

-- | Account takeover actions type.
--   
--   <i>See:</i> <a>accountTakeoverActionsType</a> smart constructor.
data AccountTakeoverActionsType

-- | Creates a value of <a>AccountTakeoverActionsType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>atatLowAction</a> - Action to take for a low risk.</li>
--   <li><a>atatHighAction</a> - Action to take for a high risk.</li>
--   <li><a>atatMediumAction</a> - Action to take for a medium risk.</li>
--   </ul>
accountTakeoverActionsType :: AccountTakeoverActionsType

-- | Action to take for a low risk.
atatLowAction :: Lens' AccountTakeoverActionsType (Maybe AccountTakeoverActionType)

-- | Action to take for a high risk.
atatHighAction :: Lens' AccountTakeoverActionsType (Maybe AccountTakeoverActionType)

-- | Action to take for a medium risk.
atatMediumAction :: Lens' AccountTakeoverActionsType (Maybe AccountTakeoverActionType)

-- | Configuration for mitigation actions and notification for different
--   levels of risk detected for a potential account takeover.
--   
--   <i>See:</i> <a>accountTakeoverRiskConfigurationType</a> smart
--   constructor.
data AccountTakeoverRiskConfigurationType

-- | Creates a value of <a>AccountTakeoverRiskConfigurationType</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>atrctNotifyConfiguration</a> - The notify configuration used to
--   construct email notifications.</li>
--   <li><a>atrctActions</a> - Account takeover risk configuration
--   actions</li>
--   </ul>
accountTakeoverRiskConfigurationType :: AccountTakeoverActionsType -> AccountTakeoverRiskConfigurationType

-- | The notify configuration used to construct email notifications.
atrctNotifyConfiguration :: Lens' AccountTakeoverRiskConfigurationType (Maybe NotifyConfigurationType)

-- | Account takeover risk configuration actions
atrctActions :: Lens' AccountTakeoverRiskConfigurationType AccountTakeoverActionsType

-- | The configuration for creating a new user profile.
--   
--   <i>See:</i> <a>adminCreateUserConfigType</a> smart constructor.
data AdminCreateUserConfigType

-- | Creates a value of <a>AdminCreateUserConfigType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>acuctAllowAdminCreateUserOnly</a> - Set to <tt>True</tt> if
--   only the administrator is allowed to create user profiles. Set to
--   <tt>False</tt> if users can sign themselves up via an app.</li>
--   <li><a>acuctUnusedAccountValidityDays</a> - The user account
--   expiration limit, in days, after which the account is no longer
--   usable. To reset the account after that time limit, you must call
--   <tt>AdminCreateUser</tt> again, specifying <tt><a>RESEND</a></tt> for
--   the <tt>MessageAction</tt> parameter. The default value for this
--   parameter is 7.</li>
--   <li><a>acuctInviteMessageTemplate</a> - The message template to be
--   used for the welcome message to new users. See also <a>Customizing
--   User Invitation Messages</a> .</li>
--   </ul>
adminCreateUserConfigType :: AdminCreateUserConfigType

-- | Set to <tt>True</tt> if only the administrator is allowed to create
--   user profiles. Set to <tt>False</tt> if users can sign themselves up
--   via an app.
acuctAllowAdminCreateUserOnly :: Lens' AdminCreateUserConfigType (Maybe Bool)

-- | The user account expiration limit, in days, after which the account is
--   no longer usable. To reset the account after that time limit, you must
--   call <tt>AdminCreateUser</tt> again, specifying <tt><a>RESEND</a></tt>
--   for the <tt>MessageAction</tt> parameter. The default value for this
--   parameter is 7.
acuctUnusedAccountValidityDays :: Lens' AdminCreateUserConfigType (Maybe Natural)

-- | The message template to be used for the welcome message to new users.
--   See also <a>Customizing User Invitation Messages</a> .
acuctInviteMessageTemplate :: Lens' AdminCreateUserConfigType (Maybe MessageTemplateType)

-- | The Amazon Pinpoint analytics configuration for collecting metrics for
--   a user pool.
--   
--   <i>See:</i> <a>analyticsConfigurationType</a> smart constructor.
data AnalyticsConfigurationType

-- | Creates a value of <a>AnalyticsConfigurationType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>actUserDataShared</a> - If <tt>UserDataShared</tt> is
--   <tt>true</tt> , Amazon Cognito will include user data in the events it
--   publishes to Amazon Pinpoint analytics.</li>
--   <li><a>actApplicationId</a> - The application ID for an Amazon
--   Pinpoint application.</li>
--   <li><a>actRoleARN</a> - The ARN of an IAM role that authorizes Amazon
--   Cognito to publish events to Amazon Pinpoint analytics.</li>
--   <li><a>actExternalId</a> - The external ID.</li>
--   </ul>
analyticsConfigurationType :: Text -> Text -> Text -> AnalyticsConfigurationType

-- | If <tt>UserDataShared</tt> is <tt>true</tt> , Amazon Cognito will
--   include user data in the events it publishes to Amazon Pinpoint
--   analytics.
actUserDataShared :: Lens' AnalyticsConfigurationType (Maybe Bool)

-- | The application ID for an Amazon Pinpoint application.
actApplicationId :: Lens' AnalyticsConfigurationType Text

-- | The ARN of an IAM role that authorizes Amazon Cognito to publish
--   events to Amazon Pinpoint analytics.
actRoleARN :: Lens' AnalyticsConfigurationType Text

-- | The external ID.
actExternalId :: Lens' AnalyticsConfigurationType Text

-- | An Amazon Pinpoint analytics endpoint.
--   
--   An endpoint uniquely identifies a mobile device, email address, or
--   phone number that can receive messages from Amazon Pinpoint analytics.
--   
--   <i>See:</i> <a>analyticsMetadataType</a> smart constructor.
data AnalyticsMetadataType

-- | Creates a value of <a>AnalyticsMetadataType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>amtAnalyticsEndpointId</a> - The endpoint ID.</li>
--   </ul>
analyticsMetadataType :: AnalyticsMetadataType

-- | The endpoint ID.
amtAnalyticsEndpointId :: Lens' AnalyticsMetadataType (Maybe Text)

-- | Specifies whether the attribute is standard or custom.
--   
--   <i>See:</i> <a>attributeType</a> smart constructor.
data AttributeType

-- | Creates a value of <a>AttributeType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>atValue</a> - The value of the attribute.</li>
--   <li><a>atName</a> - The name of the attribute.</li>
--   </ul>
attributeType :: Text -> AttributeType

-- | The value of the attribute.
atValue :: Lens' AttributeType (Maybe Text)

-- | The name of the attribute.
atName :: Lens' AttributeType Text

-- | The authentication event type.
--   
--   <i>See:</i> <a>authEventType</a> smart constructor.
data AuthEventType

-- | Creates a value of <a>AuthEventType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aetEventRisk</a> - The event risk.</li>
--   <li><a>aetEventResponse</a> - The event response.</li>
--   <li><a>aetEventContextData</a> - The user context data captured at the
--   time of an event request. It provides additional information about the
--   client from which event the request is received.</li>
--   <li><a>aetChallengeResponses</a> - The challenge responses.</li>
--   <li><a>aetEventType</a> - The event type.</li>
--   <li><a>aetCreationDate</a> - The creation date</li>
--   <li><a>aetEventFeedback</a> - A flag specifying the user feedback
--   captured at the time of an event request is good or bad.</li>
--   <li><a>aetEventId</a> - The event ID.</li>
--   </ul>
authEventType :: AuthEventType

-- | The event risk.
aetEventRisk :: Lens' AuthEventType (Maybe EventRiskType)

-- | The event response.
aetEventResponse :: Lens' AuthEventType (Maybe EventResponseType)

-- | The user context data captured at the time of an event request. It
--   provides additional information about the client from which event the
--   request is received.
aetEventContextData :: Lens' AuthEventType (Maybe EventContextDataType)

-- | The challenge responses.
aetChallengeResponses :: Lens' AuthEventType [ChallengeResponseType]

-- | The event type.
aetEventType :: Lens' AuthEventType (Maybe EventType)

-- | The creation date
aetCreationDate :: Lens' AuthEventType (Maybe UTCTime)

-- | A flag specifying the user feedback captured at the time of an event
--   request is good or bad.
aetEventFeedback :: Lens' AuthEventType (Maybe EventFeedbackType)

-- | The event ID.
aetEventId :: Lens' AuthEventType (Maybe Text)

-- | The authentication result.
--   
--   <i>See:</i> <a>authenticationResultType</a> smart constructor.
data AuthenticationResultType

-- | Creates a value of <a>AuthenticationResultType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>artAccessToken</a> - The access token.</li>
--   <li><a>artRefreshToken</a> - The refresh token.</li>
--   <li><a>artNewDeviceMetadata</a> - The new device metadata from an
--   authentication result.</li>
--   <li><a>artExpiresIn</a> - The expiration period of the authentication
--   result.</li>
--   <li><a>artTokenType</a> - The token type.</li>
--   <li><a>artIdToken</a> - The ID token.</li>
--   </ul>
authenticationResultType :: AuthenticationResultType

-- | The access token.
artAccessToken :: Lens' AuthenticationResultType (Maybe Text)

-- | The refresh token.
artRefreshToken :: Lens' AuthenticationResultType (Maybe Text)

-- | The new device metadata from an authentication result.
artNewDeviceMetadata :: Lens' AuthenticationResultType (Maybe NewDeviceMetadataType)

-- | The expiration period of the authentication result.
artExpiresIn :: Lens' AuthenticationResultType (Maybe Int)

-- | The token type.
artTokenType :: Lens' AuthenticationResultType (Maybe Text)

-- | The ID token.
artIdToken :: Lens' AuthenticationResultType (Maybe Text)

-- | The challenge response type.
--   
--   <i>See:</i> <a>challengeResponseType</a> smart constructor.
data ChallengeResponseType

-- | Creates a value of <a>ChallengeResponseType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>crtChallengeName</a> - The challenge name</li>
--   <li><a>crtChallengeResponse</a> - The challenge response.</li>
--   </ul>
challengeResponseType :: ChallengeResponseType

-- | The challenge name
crtChallengeName :: Lens' ChallengeResponseType (Maybe ChallengeName)

-- | The challenge response.
crtChallengeResponse :: Lens' ChallengeResponseType (Maybe ChallengeResponse)

-- | The code delivery details being returned from the server.
--   
--   <i>See:</i> <a>codeDeliveryDetailsType</a> smart constructor.
data CodeDeliveryDetailsType

-- | Creates a value of <a>CodeDeliveryDetailsType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cddtDestination</a> - The destination for the code delivery
--   details.</li>
--   <li><a>cddtDeliveryMedium</a> - The delivery medium (email message or
--   phone number).</li>
--   <li><a>cddtAttributeName</a> - The attribute name.</li>
--   </ul>
codeDeliveryDetailsType :: CodeDeliveryDetailsType

-- | The destination for the code delivery details.
cddtDestination :: Lens' CodeDeliveryDetailsType (Maybe Text)

-- | The delivery medium (email message or phone number).
cddtDeliveryMedium :: Lens' CodeDeliveryDetailsType (Maybe DeliveryMediumType)

-- | The attribute name.
cddtAttributeName :: Lens' CodeDeliveryDetailsType (Maybe Text)

-- | The compromised credentials actions type
--   
--   <i>See:</i> <a>compromisedCredentialsActionsType</a> smart
--   constructor.
data CompromisedCredentialsActionsType

-- | Creates a value of <a>CompromisedCredentialsActionsType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ccatEventAction</a> - The event action.</li>
--   </ul>
compromisedCredentialsActionsType :: CompromisedCredentialsEventActionType -> CompromisedCredentialsActionsType

-- | The event action.
ccatEventAction :: Lens' CompromisedCredentialsActionsType CompromisedCredentialsEventActionType

-- | The compromised credentials risk configuration type.
--   
--   <i>See:</i> <a>compromisedCredentialsRiskConfigurationType</a> smart
--   constructor.
data CompromisedCredentialsRiskConfigurationType

-- | Creates a value of <a>CompromisedCredentialsRiskConfigurationType</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ccrctEventFilter</a> - Perform the action for these events. The
--   default is to perform all events if no event filter is specified.</li>
--   <li><a>ccrctActions</a> - The compromised credentials risk
--   configuration actions.</li>
--   </ul>
compromisedCredentialsRiskConfigurationType :: CompromisedCredentialsActionsType -> CompromisedCredentialsRiskConfigurationType

-- | Perform the action for these events. The default is to perform all
--   events if no event filter is specified.
ccrctEventFilter :: Lens' CompromisedCredentialsRiskConfigurationType [EventFilterType]

-- | The compromised credentials risk configuration actions.
ccrctActions :: Lens' CompromisedCredentialsRiskConfigurationType CompromisedCredentialsActionsType

-- | Contextual user data type used for evaluating the risk of an
--   unexpected event by Amazon Cognito advanced security.
--   
--   <i>See:</i> <a>contextDataType</a> smart constructor.
data ContextDataType

-- | Creates a value of <a>ContextDataType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cdtEncodedData</a> - Encoded data containing device
--   fingerprinting details, collected using the Amazon Cognito context
--   data collection library.</li>
--   <li><a>cdtIPAddress</a> - Source IP address of your user.</li>
--   <li><a>cdtServerName</a> - Your server endpoint where this API is
--   invoked.</li>
--   <li><a>cdtServerPath</a> - Your server path where this API is
--   invoked.</li>
--   <li><a>cdtHTTPHeaders</a> - HttpHeaders received on your server in
--   same order.</li>
--   </ul>
contextDataType :: Text -> Text -> Text -> ContextDataType

-- | Encoded data containing device fingerprinting details, collected using
--   the Amazon Cognito context data collection library.
cdtEncodedData :: Lens' ContextDataType (Maybe Text)

-- | Source IP address of your user.
cdtIPAddress :: Lens' ContextDataType Text

-- | Your server endpoint where this API is invoked.
cdtServerName :: Lens' ContextDataType Text

-- | Your server path where this API is invoked.
cdtServerPath :: Lens' ContextDataType Text

-- | HttpHeaders received on your server in same order.
cdtHTTPHeaders :: Lens' ContextDataType [HTTPHeader]

-- | The configuration for the user pool's device tracking.
--   
--   <i>See:</i> <a>deviceConfigurationType</a> smart constructor.
data DeviceConfigurationType

-- | Creates a value of <a>DeviceConfigurationType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dctChallengeRequiredOnNewDevice</a> - Indicates whether a
--   challenge is required on a new device. Only applicable to a new
--   device.</li>
--   <li><a>dctDeviceOnlyRememberedOnUserPrompt</a> - If true, a device is
--   only remembered on user prompt.</li>
--   </ul>
deviceConfigurationType :: DeviceConfigurationType

-- | Indicates whether a challenge is required on a new device. Only
--   applicable to a new device.
dctChallengeRequiredOnNewDevice :: Lens' DeviceConfigurationType (Maybe Bool)

-- | If true, a device is only remembered on user prompt.
dctDeviceOnlyRememberedOnUserPrompt :: Lens' DeviceConfigurationType (Maybe Bool)

-- | The device verifier against which it will be authenticated.
--   
--   <i>See:</i> <a>deviceSecretVerifierConfigType</a> smart constructor.
data DeviceSecretVerifierConfigType

-- | Creates a value of <a>DeviceSecretVerifierConfigType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dsvctPasswordVerifier</a> - The password verifier.</li>
--   <li><a>dsvctSalt</a> - The salt.</li>
--   </ul>
deviceSecretVerifierConfigType :: DeviceSecretVerifierConfigType

-- | The password verifier.
dsvctPasswordVerifier :: Lens' DeviceSecretVerifierConfigType (Maybe Text)

-- | The salt.
dsvctSalt :: Lens' DeviceSecretVerifierConfigType (Maybe Text)

-- | The device type.
--   
--   <i>See:</i> <a>deviceType</a> smart constructor.
data DeviceType

-- | Creates a value of <a>DeviceType</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dtDeviceLastModifiedDate</a> - The last modified date of the
--   device.</li>
--   <li><a>dtDeviceCreateDate</a> - The creation date of the device.</li>
--   <li><a>dtDeviceAttributes</a> - The device attributes.</li>
--   <li><a>dtDeviceKey</a> - The device key.</li>
--   <li><a>dtDeviceLastAuthenticatedDate</a> - The date in which the
--   device was last authenticated.</li>
--   </ul>
deviceType :: DeviceType

-- | The last modified date of the device.
dtDeviceLastModifiedDate :: Lens' DeviceType (Maybe UTCTime)

-- | The creation date of the device.
dtDeviceCreateDate :: Lens' DeviceType (Maybe UTCTime)

-- | The device attributes.
dtDeviceAttributes :: Lens' DeviceType [AttributeType]

-- | The device key.
dtDeviceKey :: Lens' DeviceType (Maybe Text)

-- | The date in which the device was last authenticated.
dtDeviceLastAuthenticatedDate :: Lens' DeviceType (Maybe UTCTime)

-- | A container for information about a domain.
--   
--   <i>See:</i> <a>domainDescriptionType</a> smart constructor.
data DomainDescriptionType

-- | Creates a value of <a>DomainDescriptionType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ddtStatus</a> - The domain status.</li>
--   <li><a>ddtCloudFrontDistribution</a> - The ARN of the CloudFront
--   distribution.</li>
--   <li><a>ddtUserPoolId</a> - The user pool ID.</li>
--   <li><a>ddtDomain</a> - The domain string.</li>
--   <li><a>ddtAWSAccountId</a> - The AWS account ID for the user pool
--   owner.</li>
--   <li><a>ddtVersion</a> - The app version.</li>
--   <li><a>ddtS3Bucket</a> - The S3 bucket where the static files for this
--   domain are stored.</li>
--   </ul>
domainDescriptionType :: DomainDescriptionType

-- | The domain status.
ddtStatus :: Lens' DomainDescriptionType (Maybe DomainStatusType)

-- | The ARN of the CloudFront distribution.
ddtCloudFrontDistribution :: Lens' DomainDescriptionType (Maybe Text)

-- | The user pool ID.
ddtUserPoolId :: Lens' DomainDescriptionType (Maybe Text)

-- | The domain string.
ddtDomain :: Lens' DomainDescriptionType (Maybe Text)

-- | The AWS account ID for the user pool owner.
ddtAWSAccountId :: Lens' DomainDescriptionType (Maybe Text)

-- | The app version.
ddtVersion :: Lens' DomainDescriptionType (Maybe Text)

-- | The S3 bucket where the static files for this domain are stored.
ddtS3Bucket :: Lens' DomainDescriptionType (Maybe Text)

-- | The email configuration type.
--   
--   <i>See:</i> <a>emailConfigurationType</a> smart constructor.
data EmailConfigurationType

-- | Creates a value of <a>EmailConfigurationType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ectSourceARN</a> - The Amazon Resource Name (ARN) of the email
--   source.</li>
--   <li><a>ectReplyToEmailAddress</a> - The destination to which the
--   receiver of the email should reply to.</li>
--   </ul>
emailConfigurationType :: EmailConfigurationType

-- | The Amazon Resource Name (ARN) of the email source.
ectSourceARN :: Lens' EmailConfigurationType (Maybe Text)

-- | The destination to which the receiver of the email should reply to.
ectReplyToEmailAddress :: Lens' EmailConfigurationType (Maybe Text)

-- | Specifies the user context data captured at the time of an event
--   request.
--   
--   <i>See:</i> <a>eventContextDataType</a> smart constructor.
data EventContextDataType

-- | Creates a value of <a>EventContextDataType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ecdtIPAddress</a> - The user's IP address.</li>
--   <li><a>ecdtCountry</a> - The user's country.</li>
--   <li><a>ecdtCity</a> - The user's city.</li>
--   <li><a>ecdtDeviceName</a> - The user's device name.</li>
--   <li><a>ecdtTimezone</a> - The user's time zone.</li>
--   </ul>
eventContextDataType :: EventContextDataType

-- | The user's IP address.
ecdtIPAddress :: Lens' EventContextDataType (Maybe Text)

-- | The user's country.
ecdtCountry :: Lens' EventContextDataType (Maybe Text)

-- | The user's city.
ecdtCity :: Lens' EventContextDataType (Maybe Text)

-- | The user's device name.
ecdtDeviceName :: Lens' EventContextDataType (Maybe Text)

-- | The user's time zone.
ecdtTimezone :: Lens' EventContextDataType (Maybe Text)

-- | Specifies the event feedback type.
--   
--   <i>See:</i> <a>eventFeedbackType</a> smart constructor.
data EventFeedbackType

-- | Creates a value of <a>EventFeedbackType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>eftFeedbackDate</a> - The event feedback date.</li>
--   <li><a>eftFeedbackValue</a> - The event feedback value.</li>
--   <li><a>eftProvider</a> - The provider.</li>
--   </ul>
eventFeedbackType :: FeedbackValueType -> Text -> EventFeedbackType

-- | The event feedback date.
eftFeedbackDate :: Lens' EventFeedbackType (Maybe UTCTime)

-- | The event feedback value.
eftFeedbackValue :: Lens' EventFeedbackType FeedbackValueType

-- | The provider.
eftProvider :: Lens' EventFeedbackType Text

-- | The event risk type.
--   
--   <i>See:</i> <a>eventRiskType</a> smart constructor.
data EventRiskType

-- | Creates a value of <a>EventRiskType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ertRiskLevel</a> - The risk level.</li>
--   <li><a>ertRiskDecision</a> - The risk decision.</li>
--   </ul>
eventRiskType :: EventRiskType

-- | The risk level.
ertRiskLevel :: Lens' EventRiskType (Maybe RiskLevelType)

-- | The risk decision.
ertRiskDecision :: Lens' EventRiskType (Maybe RiskDecisionType)

-- | The group type.
--   
--   <i>See:</i> <a>groupType</a> smart constructor.
data GroupType

-- | Creates a value of <a>GroupType</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gtLastModifiedDate</a> - The date the group was last
--   modified.</li>
--   <li><a>gtUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>gtCreationDate</a> - The date the group was created.</li>
--   <li><a>gtPrecedence</a> - A nonnegative integer value that specifies
--   the precedence of this group relative to the other groups that a user
--   can belong to in the user pool. If a user belongs to two or more
--   groups, it is the group with the highest precedence whose role ARN
--   will be used in the <tt>cognito:roles</tt> and
--   <tt>cognito:preferred_role</tt> claims in the user's tokens. Groups
--   with higher <tt>Precedence</tt> values take precedence over groups
--   with lower <tt>Precedence</tt> values or with null <tt>Precedence</tt>
--   values. Two groups can have the same <tt>Precedence</tt> value. If
--   this happens, neither group takes precedence over the other. If two
--   groups with the same <tt>Precedence</tt> have the same role ARN, that
--   role is used in the <tt>cognito:preferred_role</tt> claim in tokens
--   for users in each group. If the two groups have different role ARNs,
--   the <tt>cognito:preferred_role</tt> claim is not set in users' tokens.
--   The default <tt>Precedence</tt> value is null.</li>
--   <li><a>gtGroupName</a> - The name of the group.</li>
--   <li><a>gtDescription</a> - A string containing the description of the
--   group.</li>
--   <li><a>gtRoleARN</a> - The role ARN for the group.</li>
--   </ul>
groupType :: GroupType

-- | The date the group was last modified.
gtLastModifiedDate :: Lens' GroupType (Maybe UTCTime)

-- | The user pool ID for the user pool.
gtUserPoolId :: Lens' GroupType (Maybe Text)

-- | The date the group was created.
gtCreationDate :: Lens' GroupType (Maybe UTCTime)

-- | A nonnegative integer value that specifies the precedence of this
--   group relative to the other groups that a user can belong to in the
--   user pool. If a user belongs to two or more groups, it is the group
--   with the highest precedence whose role ARN will be used in the
--   <tt>cognito:roles</tt> and <tt>cognito:preferred_role</tt> claims in
--   the user's tokens. Groups with higher <tt>Precedence</tt> values take
--   precedence over groups with lower <tt>Precedence</tt> values or with
--   null <tt>Precedence</tt> values. Two groups can have the same
--   <tt>Precedence</tt> value. If this happens, neither group takes
--   precedence over the other. If two groups with the same
--   <tt>Precedence</tt> have the same role ARN, that role is used in the
--   <tt>cognito:preferred_role</tt> claim in tokens for users in each
--   group. If the two groups have different role ARNs, the
--   <tt>cognito:preferred_role</tt> claim is not set in users' tokens. The
--   default <tt>Precedence</tt> value is null.
gtPrecedence :: Lens' GroupType (Maybe Natural)

-- | The name of the group.
gtGroupName :: Lens' GroupType (Maybe Text)

-- | A string containing the description of the group.
gtDescription :: Lens' GroupType (Maybe Text)

-- | The role ARN for the group.
gtRoleARN :: Lens' GroupType (Maybe Text)

-- | The HTTP header.
--   
--   <i>See:</i> <a>hTTPHeader</a> smart constructor.
data HTTPHeader

-- | Creates a value of <a>HTTPHeader</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>httphHeaderValue</a> - The header value.</li>
--   <li><a>httphHeaderName</a> - The header name</li>
--   </ul>
hTTPHeader :: HTTPHeader

-- | The header value.
httphHeaderValue :: Lens' HTTPHeader (Maybe Text)

-- | The header name
httphHeaderName :: Lens' HTTPHeader (Maybe Text)

-- | A container for information about an identity provider.
--   
--   <i>See:</i> <a>identityProviderType</a> smart constructor.
data IdentityProviderType

-- | Creates a value of <a>IdentityProviderType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>iptLastModifiedDate</a> - The date the identity provider was
--   last modified.</li>
--   <li><a>iptUserPoolId</a> - The user pool ID.</li>
--   <li><a>iptProviderType</a> - The identity provider type.</li>
--   <li><a>iptCreationDate</a> - The date the identity provider was
--   created.</li>
--   <li><a>iptIdpIdentifiers</a> - A list of identity provider
--   identifiers.</li>
--   <li><a>iptAttributeMapping</a> - A mapping of identity provider
--   attributes to standard and custom user pool attributes.</li>
--   <li><a>iptProviderDetails</a> - The identity provider details, such as
--   <tt>MetadataURL</tt> and <tt>MetadataFile</tt> .</li>
--   <li><a>iptProviderName</a> - The identity provider name.</li>
--   </ul>
identityProviderType :: IdentityProviderType

-- | The date the identity provider was last modified.
iptLastModifiedDate :: Lens' IdentityProviderType (Maybe UTCTime)

-- | The user pool ID.
iptUserPoolId :: Lens' IdentityProviderType (Maybe Text)

-- | The identity provider type.
iptProviderType :: Lens' IdentityProviderType (Maybe IdentityProviderTypeType)

-- | The date the identity provider was created.
iptCreationDate :: Lens' IdentityProviderType (Maybe UTCTime)

-- | A list of identity provider identifiers.
iptIdpIdentifiers :: Lens' IdentityProviderType [Text]

-- | A mapping of identity provider attributes to standard and custom user
--   pool attributes.
iptAttributeMapping :: Lens' IdentityProviderType (HashMap Text Text)

-- | The identity provider details, such as <tt>MetadataURL</tt> and
--   <tt>MetadataFile</tt> .
iptProviderDetails :: Lens' IdentityProviderType (HashMap Text Text)

-- | The identity provider name.
iptProviderName :: Lens' IdentityProviderType (Maybe Text)

-- | Specifies the configuration for AWS Lambda triggers.
--   
--   <i>See:</i> <a>lambdaConfigType</a> smart constructor.
data LambdaConfigType

-- | Creates a value of <a>LambdaConfigType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lctPreAuthentication</a> - A pre-authentication AWS Lambda
--   trigger.</li>
--   <li><a>lctCreateAuthChallenge</a> - Creates an authentication
--   challenge.</li>
--   <li><a>lctVerifyAuthChallengeResponse</a> - Verifies the
--   authentication challenge response.</li>
--   <li><a>lctPostAuthentication</a> - A post-authentication AWS Lambda
--   trigger.</li>
--   <li><a>lctCustomMessage</a> - A custom Message AWS Lambda
--   trigger.</li>
--   <li><a>lctDefineAuthChallenge</a> - Defines the authentication
--   challenge.</li>
--   <li><a>lctPostConfirmation</a> - A post-confirmation AWS Lambda
--   trigger.</li>
--   <li><a>lctPreTokenGeneration</a> - A Lambda trigger that is invoked
--   before token generation.</li>
--   <li><a>lctUserMigration</a> - The user migration Lambda config
--   type.</li>
--   <li><a>lctPreSignUp</a> - A pre-registration AWS Lambda trigger.</li>
--   </ul>
lambdaConfigType :: LambdaConfigType

-- | A pre-authentication AWS Lambda trigger.
lctPreAuthentication :: Lens' LambdaConfigType (Maybe Text)

-- | Creates an authentication challenge.
lctCreateAuthChallenge :: Lens' LambdaConfigType (Maybe Text)

-- | Verifies the authentication challenge response.
lctVerifyAuthChallengeResponse :: Lens' LambdaConfigType (Maybe Text)

-- | A post-authentication AWS Lambda trigger.
lctPostAuthentication :: Lens' LambdaConfigType (Maybe Text)

-- | A custom Message AWS Lambda trigger.
lctCustomMessage :: Lens' LambdaConfigType (Maybe Text)

-- | Defines the authentication challenge.
lctDefineAuthChallenge :: Lens' LambdaConfigType (Maybe Text)

-- | A post-confirmation AWS Lambda trigger.
lctPostConfirmation :: Lens' LambdaConfigType (Maybe Text)

-- | A Lambda trigger that is invoked before token generation.
lctPreTokenGeneration :: Lens' LambdaConfigType (Maybe Text)

-- | The user migration Lambda config type.
lctUserMigration :: Lens' LambdaConfigType (Maybe Text)

-- | A pre-registration AWS Lambda trigger.
lctPreSignUp :: Lens' LambdaConfigType (Maybe Text)

-- | Specifies the different settings for multi-factor authentication
--   (MFA).
--   
--   <i>See:</i> <a>mfaOptionType</a> smart constructor.
data MFAOptionType

-- | Creates a value of <a>MFAOptionType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>motDeliveryMedium</a> - The delivery medium (email message or
--   SMS message) to send the MFA code.</li>
--   <li><a>motAttributeName</a> - The attribute name of the MFA option
--   type.</li>
--   </ul>
mfaOptionType :: MFAOptionType

-- | The delivery medium (email message or SMS message) to send the MFA
--   code.
motDeliveryMedium :: Lens' MFAOptionType (Maybe DeliveryMediumType)

-- | The attribute name of the MFA option type.
motAttributeName :: Lens' MFAOptionType (Maybe Text)

-- | The message template structure.
--   
--   <i>See:</i> <a>messageTemplateType</a> smart constructor.
data MessageTemplateType

-- | Creates a value of <a>MessageTemplateType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>mttEmailSubject</a> - The subject line for email messages.</li>
--   <li><a>mttSMSMessage</a> - The message template for SMS messages.</li>
--   <li><a>mttEmailMessage</a> - The message template for email
--   messages.</li>
--   </ul>
messageTemplateType :: MessageTemplateType

-- | The subject line for email messages.
mttEmailSubject :: Lens' MessageTemplateType (Maybe Text)

-- | The message template for SMS messages.
mttSMSMessage :: Lens' MessageTemplateType (Maybe Text)

-- | The message template for email messages.
mttEmailMessage :: Lens' MessageTemplateType (Maybe Text)

-- | The new device metadata type.
--   
--   <i>See:</i> <a>newDeviceMetadataType</a> smart constructor.
data NewDeviceMetadataType

-- | Creates a value of <a>NewDeviceMetadataType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ndmtDeviceGroupKey</a> - The device group key.</li>
--   <li><a>ndmtDeviceKey</a> - The device key.</li>
--   </ul>
newDeviceMetadataType :: NewDeviceMetadataType

-- | The device group key.
ndmtDeviceGroupKey :: Lens' NewDeviceMetadataType (Maybe Text)

-- | The device key.
ndmtDeviceKey :: Lens' NewDeviceMetadataType (Maybe Text)

-- | The notify configuration type.
--   
--   <i>See:</i> <a>notifyConfigurationType</a> smart constructor.
data NotifyConfigurationType

-- | Creates a value of <a>NotifyConfigurationType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>nctNoActionEmail</a> - The email template used when a detected
--   risk event is allowed.</li>
--   <li><a>nctFrom</a> - The email address that is sending the email. It
--   must be either individually verified with Amazon SES, or from a domain
--   that has been verified with Amazon SES.</li>
--   <li><a>nctReplyTo</a> - The destination to which the receiver of an
--   email should reply to.</li>
--   <li><a>nctBlockEmail</a> - Email template used when a detected risk
--   event is blocked.</li>
--   <li><a>nctMFAEmail</a> - The MFA email template used when MFA is
--   challenged as part of a detected risk.</li>
--   <li><a>nctSourceARN</a> - The Amazon Resource Name (ARN) of the
--   identity that is associated with the sending authorization policy. It
--   permits Amazon Cognito to send for the email address specified in the
--   <tt>From</tt> parameter.</li>
--   </ul>
notifyConfigurationType :: Text -> NotifyConfigurationType

-- | The email template used when a detected risk event is allowed.
nctNoActionEmail :: Lens' NotifyConfigurationType (Maybe NotifyEmailType)

-- | The email address that is sending the email. It must be either
--   individually verified with Amazon SES, or from a domain that has been
--   verified with Amazon SES.
nctFrom :: Lens' NotifyConfigurationType (Maybe Text)

-- | The destination to which the receiver of an email should reply to.
nctReplyTo :: Lens' NotifyConfigurationType (Maybe Text)

-- | Email template used when a detected risk event is blocked.
nctBlockEmail :: Lens' NotifyConfigurationType (Maybe NotifyEmailType)

-- | The MFA email template used when MFA is challenged as part of a
--   detected risk.
nctMFAEmail :: Lens' NotifyConfigurationType (Maybe NotifyEmailType)

-- | The Amazon Resource Name (ARN) of the identity that is associated with
--   the sending authorization policy. It permits Amazon Cognito to send
--   for the email address specified in the <tt>From</tt> parameter.
nctSourceARN :: Lens' NotifyConfigurationType Text

-- | The notify email type.
--   
--   <i>See:</i> <a>notifyEmailType</a> smart constructor.
data NotifyEmailType

-- | Creates a value of <a>NotifyEmailType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>netTextBody</a> - The text body.</li>
--   <li><a>netHTMLBody</a> - The HTML body.</li>
--   <li><a>netSubject</a> - The subject.</li>
--   </ul>
notifyEmailType :: Text -> NotifyEmailType

-- | The text body.
netTextBody :: Lens' NotifyEmailType (Maybe Text)

-- | The HTML body.
netHTMLBody :: Lens' NotifyEmailType (Maybe Text)

-- | The subject.
netSubject :: Lens' NotifyEmailType Text

-- | The minimum and maximum value of an attribute that is of the number
--   data type.
--   
--   <i>See:</i> <a>numberAttributeConstraintsType</a> smart constructor.
data NumberAttributeConstraintsType

-- | Creates a value of <a>NumberAttributeConstraintsType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>nactMaxValue</a> - The maximum value of an attribute that is of
--   the number data type.</li>
--   <li><a>nactMinValue</a> - The minimum value of an attribute that is of
--   the number data type.</li>
--   </ul>
numberAttributeConstraintsType :: NumberAttributeConstraintsType

-- | The maximum value of an attribute that is of the number data type.
nactMaxValue :: Lens' NumberAttributeConstraintsType (Maybe Text)

-- | The minimum value of an attribute that is of the number data type.
nactMinValue :: Lens' NumberAttributeConstraintsType (Maybe Text)

-- | The password policy type.
--   
--   <i>See:</i> <a>passwordPolicyType</a> smart constructor.
data PasswordPolicyType

-- | Creates a value of <a>PasswordPolicyType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pptRequireNumbers</a> - In the password policy that you have
--   set, refers to whether you have required users to use at least one
--   number in their password.</li>
--   <li><a>pptRequireUppercase</a> - In the password policy that you have
--   set, refers to whether you have required users to use at least one
--   uppercase letter in their password.</li>
--   <li><a>pptRequireLowercase</a> - In the password policy that you have
--   set, refers to whether you have required users to use at least one
--   lowercase letter in their password.</li>
--   <li><a>pptMinimumLength</a> - The minimum length of the password
--   policy that you have set. Cannot be less than 6.</li>
--   <li><a>pptRequireSymbols</a> - In the password policy that you have
--   set, refers to whether you have required users to use at least one
--   symbol in their password.</li>
--   </ul>
passwordPolicyType :: PasswordPolicyType

-- | In the password policy that you have set, refers to whether you have
--   required users to use at least one number in their password.
pptRequireNumbers :: Lens' PasswordPolicyType (Maybe Bool)

-- | In the password policy that you have set, refers to whether you have
--   required users to use at least one uppercase letter in their password.
pptRequireUppercase :: Lens' PasswordPolicyType (Maybe Bool)

-- | In the password policy that you have set, refers to whether you have
--   required users to use at least one lowercase letter in their password.
pptRequireLowercase :: Lens' PasswordPolicyType (Maybe Bool)

-- | The minimum length of the password policy that you have set. Cannot be
--   less than 6.
pptMinimumLength :: Lens' PasswordPolicyType (Maybe Natural)

-- | In the password policy that you have set, refers to whether you have
--   required users to use at least one symbol in their password.
pptRequireSymbols :: Lens' PasswordPolicyType (Maybe Bool)

-- | A container for identity provider details.
--   
--   <i>See:</i> <a>providerDescription</a> smart constructor.
data ProviderDescription

-- | Creates a value of <a>ProviderDescription</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pdLastModifiedDate</a> - The date the provider was last
--   modified.</li>
--   <li><a>pdProviderType</a> - The identity provider type.</li>
--   <li><a>pdCreationDate</a> - The date the provider was added to the
--   user pool.</li>
--   <li><a>pdProviderName</a> - The identity provider name.</li>
--   </ul>
providerDescription :: ProviderDescription

-- | The date the provider was last modified.
pdLastModifiedDate :: Lens' ProviderDescription (Maybe UTCTime)

-- | The identity provider type.
pdProviderType :: Lens' ProviderDescription (Maybe IdentityProviderTypeType)

-- | The date the provider was added to the user pool.
pdCreationDate :: Lens' ProviderDescription (Maybe UTCTime)

-- | The identity provider name.
pdProviderName :: Lens' ProviderDescription (Maybe Text)

-- | A container for information about an identity provider for a user
--   pool.
--   
--   <i>See:</i> <a>providerUserIdentifierType</a> smart constructor.
data ProviderUserIdentifierType

-- | Creates a value of <a>ProviderUserIdentifierType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>puitProviderAttributeValue</a> - The value of the provider
--   attribute to link to, for example, <tt>xxxxx_account</tt> .</li>
--   <li><a>puitProviderAttributeName</a> - The name of the provider
--   attribute to link to, for example, <tt>NameID</tt> .</li>
--   <li><a>puitProviderName</a> - The name of the provider, for example,
--   Facebook, Google, or Login with Amazon.</li>
--   </ul>
providerUserIdentifierType :: ProviderUserIdentifierType

-- | The value of the provider attribute to link to, for example,
--   <tt>xxxxx_account</tt> .
puitProviderAttributeValue :: Lens' ProviderUserIdentifierType (Maybe Text)

-- | The name of the provider attribute to link to, for example,
--   <tt>NameID</tt> .
puitProviderAttributeName :: Lens' ProviderUserIdentifierType (Maybe Text)

-- | The name of the provider, for example, Facebook, Google, or Login with
--   Amazon.
puitProviderName :: Lens' ProviderUserIdentifierType (Maybe Text)

-- | A resource server scope.
--   
--   <i>See:</i> <a>resourceServerScopeType</a> smart constructor.
data ResourceServerScopeType

-- | Creates a value of <a>ResourceServerScopeType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rsstScopeName</a> - The name of the scope.</li>
--   <li><a>rsstScopeDescription</a> - A description of the scope.</li>
--   </ul>
resourceServerScopeType :: Text -> Text -> ResourceServerScopeType

-- | The name of the scope.
rsstScopeName :: Lens' ResourceServerScopeType Text

-- | A description of the scope.
rsstScopeDescription :: Lens' ResourceServerScopeType Text

-- | A container for information about a resource server for a user pool.
--   
--   <i>See:</i> <a>resourceServerType</a> smart constructor.
data ResourceServerType

-- | Creates a value of <a>ResourceServerType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rstUserPoolId</a> - The user pool ID for the user pool that
--   hosts the resource server.</li>
--   <li><a>rstIdentifier</a> - The identifier for the resource
--   server.</li>
--   <li><a>rstScopes</a> - A list of scopes that are defined for the
--   resource server.</li>
--   <li><a>rstName</a> - The name of the resource server.</li>
--   </ul>
resourceServerType :: ResourceServerType

-- | The user pool ID for the user pool that hosts the resource server.
rstUserPoolId :: Lens' ResourceServerType (Maybe Text)

-- | The identifier for the resource server.
rstIdentifier :: Lens' ResourceServerType (Maybe Text)

-- | A list of scopes that are defined for the resource server.
rstScopes :: Lens' ResourceServerType [ResourceServerScopeType]

-- | The name of the resource server.
rstName :: Lens' ResourceServerType (Maybe Text)

-- | The risk configuration type.
--   
--   <i>See:</i> <a>riskConfigurationType</a> smart constructor.
data RiskConfigurationType

-- | Creates a value of <a>RiskConfigurationType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rctRiskExceptionConfiguration</a> - The configuration to
--   override the risk decision.</li>
--   <li><a>rctClientId</a> - The app client ID.</li>
--   <li><a>rctAccountTakeoverRiskConfiguration</a> - The account takeover
--   risk configuration object including the <tt>NotifyConfiguration</tt>
--   object and <tt>Actions</tt> to take in the case of an account
--   takeover.</li>
--   <li><a>rctLastModifiedDate</a> - The last modified date.</li>
--   <li><a>rctUserPoolId</a> - The user pool ID.</li>
--   <li><a>rctCompromisedCredentialsRiskConfiguration</a> - The
--   compromised credentials risk configuration object including the
--   <tt>EventFilter</tt> and the <tt>EventAction</tt></li>
--   </ul>
riskConfigurationType :: RiskConfigurationType

-- | The configuration to override the risk decision.
rctRiskExceptionConfiguration :: Lens' RiskConfigurationType (Maybe RiskExceptionConfigurationType)

-- | The app client ID.
rctClientId :: Lens' RiskConfigurationType (Maybe Text)

-- | The account takeover risk configuration object including the
--   <tt>NotifyConfiguration</tt> object and <tt>Actions</tt> to take in
--   the case of an account takeover.
rctAccountTakeoverRiskConfiguration :: Lens' RiskConfigurationType (Maybe AccountTakeoverRiskConfigurationType)

-- | The last modified date.
rctLastModifiedDate :: Lens' RiskConfigurationType (Maybe UTCTime)

-- | The user pool ID.
rctUserPoolId :: Lens' RiskConfigurationType (Maybe Text)

-- | The compromised credentials risk configuration object including the
--   <tt>EventFilter</tt> and the <tt>EventAction</tt>
rctCompromisedCredentialsRiskConfiguration :: Lens' RiskConfigurationType (Maybe CompromisedCredentialsRiskConfigurationType)

-- | The type of the configuration to override the risk decision.
--   
--   <i>See:</i> <a>riskExceptionConfigurationType</a> smart constructor.
data RiskExceptionConfigurationType

-- | Creates a value of <a>RiskExceptionConfigurationType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rectSkippedIPRangeList</a> - Risk detection is not performed on
--   the IP addresses in the range list. The IP range is in CIDR
--   notation.</li>
--   <li><a>rectBlockedIPRangeList</a> - Overrides the risk decision to
--   always block the pre-authentication requests. The IP range is in CIDR
--   notation: a compact representation of an IP address and its associated
--   routing prefix.</li>
--   </ul>
riskExceptionConfigurationType :: RiskExceptionConfigurationType

-- | Risk detection is not performed on the IP addresses in the range list.
--   The IP range is in CIDR notation.
rectSkippedIPRangeList :: Lens' RiskExceptionConfigurationType [Text]

-- | Overrides the risk decision to always block the pre-authentication
--   requests. The IP range is in CIDR notation: a compact representation
--   of an IP address and its associated routing prefix.
rectBlockedIPRangeList :: Lens' RiskExceptionConfigurationType [Text]

-- | The SMS multi-factor authentication (MFA) settings type.
--   
--   <i>See:</i> <a>sMSMFASettingsType</a> smart constructor.
data SMSMFASettingsType

-- | Creates a value of <a>SMSMFASettingsType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>smsmstEnabled</a> - Specifies whether SMS text message MFA is
--   enabled.</li>
--   <li><a>smsmstPreferredMFA</a> - The preferred MFA method.</li>
--   </ul>
sMSMFASettingsType :: SMSMFASettingsType

-- | Specifies whether SMS text message MFA is enabled.
smsmstEnabled :: Lens' SMSMFASettingsType (Maybe Bool)

-- | The preferred MFA method.
smsmstPreferredMFA :: Lens' SMSMFASettingsType (Maybe Bool)

-- | Contains information about the schema attribute.
--   
--   <i>See:</i> <a>schemaAttributeType</a> smart constructor.
data SchemaAttributeType

-- | Creates a value of <a>SchemaAttributeType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>satNumberAttributeConstraints</a> - Specifies the constraints
--   for an attribute of the number type.</li>
--   <li><a>satRequired</a> - Specifies whether a user pool attribute is
--   required. If the attribute is required and the user does not provide a
--   value, registration or sign-in will fail.</li>
--   <li><a>satAttributeDataType</a> - The attribute data type.</li>
--   <li><a>satStringAttributeConstraints</a> - Specifies the constraints
--   for an attribute of the string type.</li>
--   <li><a>satName</a> - A schema attribute of the name type.</li>
--   <li><a>satDeveloperOnlyAttribute</a> - Specifies whether the attribute
--   type is developer only.</li>
--   <li><a>satMutable</a> - Specifies whether the attribute can be changed
--   once it has been created.</li>
--   </ul>
schemaAttributeType :: SchemaAttributeType

-- | Specifies the constraints for an attribute of the number type.
satNumberAttributeConstraints :: Lens' SchemaAttributeType (Maybe NumberAttributeConstraintsType)

-- | Specifies whether a user pool attribute is required. If the attribute
--   is required and the user does not provide a value, registration or
--   sign-in will fail.
satRequired :: Lens' SchemaAttributeType (Maybe Bool)

-- | The attribute data type.
satAttributeDataType :: Lens' SchemaAttributeType (Maybe AttributeDataType)

-- | Specifies the constraints for an attribute of the string type.
satStringAttributeConstraints :: Lens' SchemaAttributeType (Maybe StringAttributeConstraintsType)

-- | A schema attribute of the name type.
satName :: Lens' SchemaAttributeType (Maybe Text)

-- | Specifies whether the attribute type is developer only.
satDeveloperOnlyAttribute :: Lens' SchemaAttributeType (Maybe Bool)

-- | Specifies whether the attribute can be changed once it has been
--   created.
satMutable :: Lens' SchemaAttributeType (Maybe Bool)

-- | The SMS configuration type.
--   
--   <i>See:</i> <a>smsConfigurationType</a> smart constructor.
data SmsConfigurationType

-- | Creates a value of <a>SmsConfigurationType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sctExternalId</a> - The external ID.</li>
--   <li><a>sctSNSCallerARN</a> - The Amazon Resource Name (ARN) of the
--   Amazon Simple Notification Service (SNS) caller.</li>
--   </ul>
smsConfigurationType :: Text -> SmsConfigurationType

-- | The external ID.
sctExternalId :: Lens' SmsConfigurationType (Maybe Text)

-- | The Amazon Resource Name (ARN) of the Amazon Simple Notification
--   Service (SNS) caller.
sctSNSCallerARN :: Lens' SmsConfigurationType Text

-- | The SMS text message multi-factor authentication (MFA) configuration
--   type.
--   
--   <i>See:</i> <a>smsMFAConfigType</a> smart constructor.
data SmsMFAConfigType

-- | Creates a value of <a>SmsMFAConfigType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>smctSmsAuthenticationMessage</a> - The SMS authentication
--   message.</li>
--   <li><a>smctSmsConfiguration</a> - The SMS configuration.</li>
--   </ul>
smsMFAConfigType :: SmsMFAConfigType

-- | The SMS authentication message.
smctSmsAuthenticationMessage :: Lens' SmsMFAConfigType (Maybe Text)

-- | The SMS configuration.
smctSmsConfiguration :: Lens' SmsMFAConfigType (Maybe SmsConfigurationType)

-- | The type used for enabling software token MFA at the user pool level.
--   
--   <i>See:</i> <a>softwareTokenMFAConfigType</a> smart constructor.
data SoftwareTokenMFAConfigType

-- | Creates a value of <a>SoftwareTokenMFAConfigType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>stmctEnabled</a> - Specifies whether software token MFA is
--   enabled.</li>
--   </ul>
softwareTokenMFAConfigType :: SoftwareTokenMFAConfigType

-- | Specifies whether software token MFA is enabled.
stmctEnabled :: Lens' SoftwareTokenMFAConfigType (Maybe Bool)

-- | The type used for enabling software token MFA at the user level.
--   
--   <i>See:</i> <a>softwareTokenMFASettingsType</a> smart constructor.
data SoftwareTokenMFASettingsType

-- | Creates a value of <a>SoftwareTokenMFASettingsType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>stmstEnabled</a> - Specifies whether software token MFA is
--   enabled.</li>
--   <li><a>stmstPreferredMFA</a> - The preferred MFA method.</li>
--   </ul>
softwareTokenMFASettingsType :: SoftwareTokenMFASettingsType

-- | Specifies whether software token MFA is enabled.
stmstEnabled :: Lens' SoftwareTokenMFASettingsType (Maybe Bool)

-- | The preferred MFA method.
stmstPreferredMFA :: Lens' SoftwareTokenMFASettingsType (Maybe Bool)

-- | The constraints associated with a string attribute.
--   
--   <i>See:</i> <a>stringAttributeConstraintsType</a> smart constructor.
data StringAttributeConstraintsType

-- | Creates a value of <a>StringAttributeConstraintsType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sactMaxLength</a> - The maximum length.</li>
--   <li><a>sactMinLength</a> - The minimum length.</li>
--   </ul>
stringAttributeConstraintsType :: StringAttributeConstraintsType

-- | The maximum length.
sactMaxLength :: Lens' StringAttributeConstraintsType (Maybe Text)

-- | The minimum length.
sactMinLength :: Lens' StringAttributeConstraintsType (Maybe Text)

-- | A container for the UI customization information for a user pool's
--   built-in app UI.
--   
--   <i>See:</i> <a>uICustomizationType</a> smart constructor.
data UICustomizationType

-- | Creates a value of <a>UICustomizationType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uictClientId</a> - The client ID for the client app.</li>
--   <li><a>uictLastModifiedDate</a> - The last-modified date for the UI
--   customization.</li>
--   <li><a>uictUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>uictCSS</a> - The CSS values in the UI customization.</li>
--   <li><a>uictCSSVersion</a> - The CSS version number.</li>
--   <li><a>uictImageURL</a> - The logo image for the UI
--   customization.</li>
--   <li><a>uictCreationDate</a> - The creation date for the UI
--   customization.</li>
--   </ul>
uICustomizationType :: UICustomizationType

-- | The client ID for the client app.
uictClientId :: Lens' UICustomizationType (Maybe Text)

-- | The last-modified date for the UI customization.
uictLastModifiedDate :: Lens' UICustomizationType (Maybe UTCTime)

-- | The user pool ID for the user pool.
uictUserPoolId :: Lens' UICustomizationType (Maybe Text)

-- | The CSS values in the UI customization.
uictCSS :: Lens' UICustomizationType (Maybe Text)

-- | The CSS version number.
uictCSSVersion :: Lens' UICustomizationType (Maybe Text)

-- | The logo image for the UI customization.
uictImageURL :: Lens' UICustomizationType (Maybe Text)

-- | The creation date for the UI customization.
uictCreationDate :: Lens' UICustomizationType (Maybe UTCTime)

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
--   
--   <i>See:</i> <a>userContextDataType</a> smart constructor.
data UserContextDataType

-- | Creates a value of <a>UserContextDataType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ucdtEncodedData</a> - Contextual data such as the user's device
--   fingerprint, IP address, or location used for evaluating the risk of
--   an unexpected event by Amazon Cognito advanced security.</li>
--   </ul>
userContextDataType :: UserContextDataType

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
ucdtEncodedData :: Lens' UserContextDataType (Maybe Text)

-- | The user import job type.
--   
--   <i>See:</i> <a>userImportJobType</a> smart constructor.
data UserImportJobType

-- | Creates a value of <a>UserImportJobType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uijtStatus</a> - The status of the user import job. One of the
--   following: * <tt>Created</tt> - The job was created but not started. *
--   <tt>Pending</tt> - A transition state. You have started the job, but
--   it has not begun importing users yet. * <tt>InProgress</tt> - The job
--   has started, and users are being imported. * <tt>Stopping</tt> - You
--   have stopped the job, but the job has not stopped importing users yet.
--   * <tt>Stopped</tt> - You have stopped the job, and the job has stopped
--   importing users. * <tt>Succeeded</tt> - The job has completed
--   successfully. * <tt>Failed</tt> - The job has stopped due to an error.
--   * <tt>Expired</tt> - You created a job, but did not start the job
--   within 24-48 hours. All data associated with the job was deleted, and
--   the job cannot be started.</li>
--   <li><a>uijtSkippedUsers</a> - The number of users that were
--   skipped.</li>
--   <li><a>uijtJobId</a> - The job ID for the user import job.</li>
--   <li><a>uijtUserPoolId</a> - The user pool ID for the user pool that
--   the users are being imported into.</li>
--   <li><a>uijtJobName</a> - The job name for the user import job.</li>
--   <li><a>uijtPreSignedURL</a> - The pre-signed URL to be used to upload
--   the <tt>.csv</tt> file.</li>
--   <li><a>uijtFailedUsers</a> - The number of users that could not be
--   imported.</li>
--   <li><a>uijtStartDate</a> - The date when the user import job was
--   started.</li>
--   <li><a>uijtCompletionMessage</a> - The message returned when the user
--   import job is completed.</li>
--   <li><a>uijtCreationDate</a> - The date the user import job was
--   created.</li>
--   <li><a>uijtCompletionDate</a> - The date when the user import job was
--   completed.</li>
--   <li><a>uijtCloudWatchLogsRoleARN</a> - The role ARN for the Amazon
--   CloudWatch Logging role for the user import job. For more information,
--   see "Creating the CloudWatch Logs IAM Role" in the Amazon Cognito
--   Developer Guide.</li>
--   <li><a>uijtImportedUsers</a> - The number of users that were
--   successfully imported.</li>
--   </ul>
userImportJobType :: UserImportJobType

-- | The status of the user import job. One of the following: *
--   <tt>Created</tt> - The job was created but not started. *
--   <tt>Pending</tt> - A transition state. You have started the job, but
--   it has not begun importing users yet. * <tt>InProgress</tt> - The job
--   has started, and users are being imported. * <tt>Stopping</tt> - You
--   have stopped the job, but the job has not stopped importing users yet.
--   * <tt>Stopped</tt> - You have stopped the job, and the job has stopped
--   importing users. * <tt>Succeeded</tt> - The job has completed
--   successfully. * <tt>Failed</tt> - The job has stopped due to an error.
--   * <tt>Expired</tt> - You created a job, but did not start the job
--   within 24-48 hours. All data associated with the job was deleted, and
--   the job cannot be started.
uijtStatus :: Lens' UserImportJobType (Maybe UserImportJobStatusType)

-- | The number of users that were skipped.
uijtSkippedUsers :: Lens' UserImportJobType (Maybe Integer)

-- | The job ID for the user import job.
uijtJobId :: Lens' UserImportJobType (Maybe Text)

-- | The user pool ID for the user pool that the users are being imported
--   into.
uijtUserPoolId :: Lens' UserImportJobType (Maybe Text)

-- | The job name for the user import job.
uijtJobName :: Lens' UserImportJobType (Maybe Text)

-- | The pre-signed URL to be used to upload the <tt>.csv</tt> file.
uijtPreSignedURL :: Lens' UserImportJobType (Maybe Text)

-- | The number of users that could not be imported.
uijtFailedUsers :: Lens' UserImportJobType (Maybe Integer)

-- | The date when the user import job was started.
uijtStartDate :: Lens' UserImportJobType (Maybe UTCTime)

-- | The message returned when the user import job is completed.
uijtCompletionMessage :: Lens' UserImportJobType (Maybe Text)

-- | The date the user import job was created.
uijtCreationDate :: Lens' UserImportJobType (Maybe UTCTime)

-- | The date when the user import job was completed.
uijtCompletionDate :: Lens' UserImportJobType (Maybe UTCTime)

-- | The role ARN for the Amazon CloudWatch Logging role for the user
--   import job. For more information, see "Creating the CloudWatch Logs
--   IAM Role" in the Amazon Cognito Developer Guide.
uijtCloudWatchLogsRoleARN :: Lens' UserImportJobType (Maybe Text)

-- | The number of users that were successfully imported.
uijtImportedUsers :: Lens' UserImportJobType (Maybe Integer)

-- | The user pool add-ons type.
--   
--   <i>See:</i> <a>userPoolAddOnsType</a> smart constructor.
data UserPoolAddOnsType

-- | Creates a value of <a>UserPoolAddOnsType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>upaotAdvancedSecurityMode</a> - The advanced security
--   mode.</li>
--   </ul>
userPoolAddOnsType :: AdvancedSecurityModeType -> UserPoolAddOnsType

-- | The advanced security mode.
upaotAdvancedSecurityMode :: Lens' UserPoolAddOnsType AdvancedSecurityModeType

-- | The description of the user pool client.
--   
--   <i>See:</i> <a>userPoolClientDescription</a> smart constructor.
data UserPoolClientDescription

-- | Creates a value of <a>UserPoolClientDescription</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>upcdClientId</a> - The ID of the client associated with the
--   user pool.</li>
--   <li><a>upcdUserPoolId</a> - The user pool ID for the user pool where
--   you want to describe the user pool client.</li>
--   <li><a>upcdClientName</a> - The client name from the user pool client
--   description.</li>
--   </ul>
userPoolClientDescription :: UserPoolClientDescription

-- | The ID of the client associated with the user pool.
upcdClientId :: Lens' UserPoolClientDescription (Maybe Text)

-- | The user pool ID for the user pool where you want to describe the user
--   pool client.
upcdUserPoolId :: Lens' UserPoolClientDescription (Maybe Text)

-- | The client name from the user pool client description.
upcdClientName :: Lens' UserPoolClientDescription (Maybe Text)

-- | Contains information about a user pool client.
--   
--   <i>See:</i> <a>userPoolClientType</a> smart constructor.
data UserPoolClientType

-- | Creates a value of <a>UserPoolClientType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>upctRefreshTokenValidity</a> - The time limit, in days, after
--   which the refresh token is no longer valid and cannot be used.</li>
--   <li><a>upctClientId</a> - The ID of the client associated with the
--   user pool.</li>
--   <li><a>upctExplicitAuthFlows</a> - The explicit authentication
--   flows.</li>
--   <li><a>upctClientSecret</a> - The client secret from the user pool
--   request of the client type.</li>
--   <li><a>upctLastModifiedDate</a> - The date the user pool client was
--   last modified.</li>
--   <li><a>upctSupportedIdentityProviders</a> - A list of provider names
--   for the identity providers that are supported on this client.</li>
--   <li><a>upctLogoutURLs</a> - A list of allowed logout URLs for the
--   identity providers.</li>
--   <li><a>upctAllowedOAuthFlowsUserPoolClient</a> - Set to TRUE if the
--   client is allowed to follow the OAuth protocol when interacting with
--   Cognito user pools.</li>
--   <li><a>upctUserPoolId</a> - The user pool ID for the user pool
--   client.</li>
--   <li><a>upctDefaultRedirectURI</a> - The default redirect URI. Must be
--   in the <tt>CallbackURLs</tt> list.</li>
--   <li><a>upctWriteAttributes</a> - The writeable attributes.</li>
--   <li><a>upctCreationDate</a> - The date the user pool client was
--   created.</li>
--   <li><a>upctReadAttributes</a> - The Read-only attributes.</li>
--   <li><a>upctAllowedOAuthScopes</a> - A list of allowed <tt>OAuth</tt>
--   scopes. Currently supported values are <tt>"phone"</tt> ,
--   <tt>"email"</tt> , <tt>"openid"</tt> , and <tt><a>Cognito</a></tt>
--   .</li>
--   <li><a>upctAllowedOAuthFlows</a> - Set to <tt>code</tt> to initiate a
--   code grant flow, which provides an authorization code as the response.
--   This code can be exchanged for access tokens with the token endpoint.
--   Set to <tt>token</tt> to specify that the client should get the access
--   token (and, optionally, ID token, based on scopes) directly.</li>
--   <li><a>upctAnalyticsConfiguration</a> - The Amazon Pinpoint analytics
--   configuration for the user pool client.</li>
--   <li><a>upctClientName</a> - The client name from the user pool request
--   of the client type.</li>
--   <li><a>upctCallbackURLs</a> - A list of allowed callback URLs for the
--   identity providers.</li>
--   </ul>
userPoolClientType :: UserPoolClientType

-- | The time limit, in days, after which the refresh token is no longer
--   valid and cannot be used.
upctRefreshTokenValidity :: Lens' UserPoolClientType (Maybe Natural)

-- | The ID of the client associated with the user pool.
upctClientId :: Lens' UserPoolClientType (Maybe Text)

-- | The explicit authentication flows.
upctExplicitAuthFlows :: Lens' UserPoolClientType [ExplicitAuthFlowsType]

-- | The client secret from the user pool request of the client type.
upctClientSecret :: Lens' UserPoolClientType (Maybe Text)

-- | The date the user pool client was last modified.
upctLastModifiedDate :: Lens' UserPoolClientType (Maybe UTCTime)

-- | A list of provider names for the identity providers that are supported
--   on this client.
upctSupportedIdentityProviders :: Lens' UserPoolClientType [Text]

-- | A list of allowed logout URLs for the identity providers.
upctLogoutURLs :: Lens' UserPoolClientType [Text]

-- | Set to TRUE if the client is allowed to follow the OAuth protocol when
--   interacting with Cognito user pools.
upctAllowedOAuthFlowsUserPoolClient :: Lens' UserPoolClientType (Maybe Bool)

-- | The user pool ID for the user pool client.
upctUserPoolId :: Lens' UserPoolClientType (Maybe Text)

-- | The default redirect URI. Must be in the <tt>CallbackURLs</tt> list.
upctDefaultRedirectURI :: Lens' UserPoolClientType (Maybe Text)

-- | The writeable attributes.
upctWriteAttributes :: Lens' UserPoolClientType [Text]

-- | The date the user pool client was created.
upctCreationDate :: Lens' UserPoolClientType (Maybe UTCTime)

-- | The Read-only attributes.
upctReadAttributes :: Lens' UserPoolClientType [Text]

-- | A list of allowed <tt>OAuth</tt> scopes. Currently supported values
--   are <tt>"phone"</tt> , <tt>"email"</tt> , <tt>"openid"</tt> , and
--   <tt><a>Cognito</a></tt> .
upctAllowedOAuthScopes :: Lens' UserPoolClientType [Text]

-- | Set to <tt>code</tt> to initiate a code grant flow, which provides an
--   authorization code as the response. This code can be exchanged for
--   access tokens with the token endpoint. Set to <tt>token</tt> to
--   specify that the client should get the access token (and, optionally,
--   ID token, based on scopes) directly.
upctAllowedOAuthFlows :: Lens' UserPoolClientType [OAuthFlowType]

-- | The Amazon Pinpoint analytics configuration for the user pool client.
upctAnalyticsConfiguration :: Lens' UserPoolClientType (Maybe AnalyticsConfigurationType)

-- | The client name from the user pool request of the client type.
upctClientName :: Lens' UserPoolClientType (Maybe Text)

-- | A list of allowed callback URLs for the identity providers.
upctCallbackURLs :: Lens' UserPoolClientType [Text]

-- | A user pool description.
--   
--   <i>See:</i> <a>userPoolDescriptionType</a> smart constructor.
data UserPoolDescriptionType

-- | Creates a value of <a>UserPoolDescriptionType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>updtStatus</a> - The user pool status in a user pool
--   description.</li>
--   <li><a>updtLastModifiedDate</a> - The date the user pool description
--   was last modified.</li>
--   <li><a>updtName</a> - The name in a user pool description.</li>
--   <li><a>updtId</a> - The ID in a user pool description.</li>
--   <li><a>updtCreationDate</a> - The date the user pool description was
--   created.</li>
--   <li><a>updtLambdaConfig</a> - The AWS Lambda configuration information
--   in a user pool description.</li>
--   </ul>
userPoolDescriptionType :: UserPoolDescriptionType

-- | The user pool status in a user pool description.
updtStatus :: Lens' UserPoolDescriptionType (Maybe StatusType)

-- | The date the user pool description was last modified.
updtLastModifiedDate :: Lens' UserPoolDescriptionType (Maybe UTCTime)

-- | The name in a user pool description.
updtName :: Lens' UserPoolDescriptionType (Maybe Text)

-- | The ID in a user pool description.
updtId :: Lens' UserPoolDescriptionType (Maybe Text)

-- | The date the user pool description was created.
updtCreationDate :: Lens' UserPoolDescriptionType (Maybe UTCTime)

-- | The AWS Lambda configuration information in a user pool description.
updtLambdaConfig :: Lens' UserPoolDescriptionType (Maybe LambdaConfigType)

-- | The policy associated with a user pool.
--   
--   <i>See:</i> <a>userPoolPolicyType</a> smart constructor.
data UserPoolPolicyType

-- | Creates a value of <a>UserPoolPolicyType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>upptPasswordPolicy</a> - The password policy.</li>
--   </ul>
userPoolPolicyType :: UserPoolPolicyType

-- | The password policy.
upptPasswordPolicy :: Lens' UserPoolPolicyType (Maybe PasswordPolicyType)

-- | A container for information about the user pool.
--   
--   <i>See:</i> <a>userPoolType</a> smart constructor.
data UserPoolType

-- | Creates a value of <a>UserPoolType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uptStatus</a> - The status of a user pool.</li>
--   <li><a>uptUserPoolTags</a> - The cost allocation tags for the user
--   pool. For more information, see <a>Adding Cost Allocation Tags to Your
--   User Pool</a></li>
--   <li><a>uptEmailConfigurationFailure</a> - The reason why the email
--   configuration cannot send the messages to your users.</li>
--   <li><a>uptLastModifiedDate</a> - The date the user pool was last
--   modified.</li>
--   <li><a>uptVerificationMessageTemplate</a> - The template for
--   verification messages.</li>
--   <li><a>uptEstimatedNumberOfUsers</a> - A number estimating the size of
--   the user pool.</li>
--   <li><a>uptDomain</a> - Holds the domain prefix if the user pool has a
--   domain associated with it.</li>
--   <li><a>uptEmailVerificationMessage</a> - The contents of the email
--   verification message.</li>
--   <li><a>uptSmsAuthenticationMessage</a> - The contents of the SMS
--   authentication message.</li>
--   <li><a>uptUserPoolAddOns</a> - The user pool add-ons.</li>
--   <li><a>uptSchemaAttributes</a> - A container with the schema
--   attributes of a user pool.</li>
--   <li><a>uptEmailVerificationSubject</a> - The subject of the email
--   verification message.</li>
--   <li><a>uptUsernameAttributes</a> - Specifies whether email addresses
--   or phone numbers can be specified as usernames when a user signs
--   up.</li>
--   <li><a>uptAliasAttributes</a> - Specifies the attributes that are
--   aliased in a user pool.</li>
--   <li><a>uptEmailConfiguration</a> - The email configuration.</li>
--   <li><a>uptSmsVerificationMessage</a> - The contents of the SMS
--   verification message.</li>
--   <li><a>uptName</a> - The name of the user pool.</li>
--   <li><a>uptMFAConfiguration</a> - Can be one of the following values: *
--   <tt>OFF</tt> - MFA tokens are not required and cannot be specified
--   during user registration. * <tt>ON</tt> - MFA tokens are required for
--   all user registrations. You can only specify required when you are
--   initially creating a user pool. * <tt>OPTIONAL</tt> - Users have the
--   option when registering to create an MFA token.</li>
--   <li><a>uptId</a> - The ID of the user pool.</li>
--   <li><a>uptSmsConfigurationFailure</a> - The reason why the SMS
--   configuration cannot send the messages to your users.</li>
--   <li><a>uptCreationDate</a> - The date the user pool was created.</li>
--   <li><a>uptLambdaConfig</a> - The AWS Lambda triggers associated with
--   tue user pool.</li>
--   <li><a>uptSmsConfiguration</a> - The SMS configuration.</li>
--   <li><a>uptAdminCreateUserConfig</a> - The configuration for
--   <tt>AdminCreateUser</tt> requests.</li>
--   <li><a>uptDeviceConfiguration</a> - The device configuration.</li>
--   <li><a>uptAutoVerifiedAttributes</a> - Specifies the attributes that
--   are auto-verified in a user pool.</li>
--   <li><a>uptPolicies</a> - The policies associated with the user
--   pool.</li>
--   </ul>
userPoolType :: UserPoolType

-- | The status of a user pool.
uptStatus :: Lens' UserPoolType (Maybe StatusType)

-- | The cost allocation tags for the user pool. For more information, see
--   <a>Adding Cost Allocation Tags to Your User Pool</a>
uptUserPoolTags :: Lens' UserPoolType (HashMap Text Text)

-- | The reason why the email configuration cannot send the messages to
--   your users.
uptEmailConfigurationFailure :: Lens' UserPoolType (Maybe Text)

-- | The date the user pool was last modified.
uptLastModifiedDate :: Lens' UserPoolType (Maybe UTCTime)

-- | The template for verification messages.
uptVerificationMessageTemplate :: Lens' UserPoolType (Maybe VerificationMessageTemplateType)

-- | A number estimating the size of the user pool.
uptEstimatedNumberOfUsers :: Lens' UserPoolType (Maybe Int)

-- | Holds the domain prefix if the user pool has a domain associated with
--   it.
uptDomain :: Lens' UserPoolType (Maybe Text)

-- | The contents of the email verification message.
uptEmailVerificationMessage :: Lens' UserPoolType (Maybe Text)

-- | The contents of the SMS authentication message.
uptSmsAuthenticationMessage :: Lens' UserPoolType (Maybe Text)

-- | The user pool add-ons.
uptUserPoolAddOns :: Lens' UserPoolType (Maybe UserPoolAddOnsType)

-- | A container with the schema attributes of a user pool.
uptSchemaAttributes :: Lens' UserPoolType (Maybe (NonEmpty SchemaAttributeType))

-- | The subject of the email verification message.
uptEmailVerificationSubject :: Lens' UserPoolType (Maybe Text)

-- | Specifies whether email addresses or phone numbers can be specified as
--   usernames when a user signs up.
uptUsernameAttributes :: Lens' UserPoolType [UsernameAttributeType]

-- | Specifies the attributes that are aliased in a user pool.
uptAliasAttributes :: Lens' UserPoolType [AliasAttributeType]

-- | The email configuration.
uptEmailConfiguration :: Lens' UserPoolType (Maybe EmailConfigurationType)

-- | The contents of the SMS verification message.
uptSmsVerificationMessage :: Lens' UserPoolType (Maybe Text)

-- | The name of the user pool.
uptName :: Lens' UserPoolType (Maybe Text)

-- | Can be one of the following values: * <tt>OFF</tt> - MFA tokens are
--   not required and cannot be specified during user registration. *
--   <tt>ON</tt> - MFA tokens are required for all user registrations. You
--   can only specify required when you are initially creating a user pool.
--   * <tt>OPTIONAL</tt> - Users have the option when registering to create
--   an MFA token.
uptMFAConfiguration :: Lens' UserPoolType (Maybe UserPoolMFAType)

-- | The ID of the user pool.
uptId :: Lens' UserPoolType (Maybe Text)

-- | The reason why the SMS configuration cannot send the messages to your
--   users.
uptSmsConfigurationFailure :: Lens' UserPoolType (Maybe Text)

-- | The date the user pool was created.
uptCreationDate :: Lens' UserPoolType (Maybe UTCTime)

-- | The AWS Lambda triggers associated with tue user pool.
uptLambdaConfig :: Lens' UserPoolType (Maybe LambdaConfigType)

-- | The SMS configuration.
uptSmsConfiguration :: Lens' UserPoolType (Maybe SmsConfigurationType)

-- | The configuration for <tt>AdminCreateUser</tt> requests.
uptAdminCreateUserConfig :: Lens' UserPoolType (Maybe AdminCreateUserConfigType)

-- | The device configuration.
uptDeviceConfiguration :: Lens' UserPoolType (Maybe DeviceConfigurationType)

-- | Specifies the attributes that are auto-verified in a user pool.
uptAutoVerifiedAttributes :: Lens' UserPoolType [VerifiedAttributeType]

-- | The policies associated with the user pool.
uptPolicies :: Lens' UserPoolType (Maybe UserPoolPolicyType)

-- | The user type.
--   
--   <i>See:</i> <a>userType</a> smart constructor.
data UserType

-- | Creates a value of <a>UserType</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>utEnabled</a> - Specifies whether the user is enabled.</li>
--   <li><a>utUserStatus</a> - The user status. Can be one of the
--   following: * UNCONFIRMED - User has been created but not confirmed. *
--   CONFIRMED - User has been confirmed. * ARCHIVED - User is no longer
--   active. * COMPROMISED - User is disabled due to a potential security
--   threat. * UNKNOWN - User status is not known.</li>
--   <li><a>utUsername</a> - The user name of the user you wish to
--   describe.</li>
--   <li><a>utUserCreateDate</a> - The creation date of the user.</li>
--   <li><a>utAttributes</a> - A container with information about the user
--   type attributes.</li>
--   <li><a>utMFAOptions</a> - The MFA options for the user.</li>
--   <li><a>utUserLastModifiedDate</a> - The last modified date of the
--   user.</li>
--   </ul>
userType :: UserType

-- | Specifies whether the user is enabled.
utEnabled :: Lens' UserType (Maybe Bool)

-- | The user status. Can be one of the following: * UNCONFIRMED - User has
--   been created but not confirmed. * CONFIRMED - User has been confirmed.
--   * ARCHIVED - User is no longer active. * COMPROMISED - User is
--   disabled due to a potential security threat. * UNKNOWN - User status
--   is not known.
utUserStatus :: Lens' UserType (Maybe UserStatusType)

-- | The user name of the user you wish to describe.
utUsername :: Lens' UserType (Maybe Text)

-- | The creation date of the user.
utUserCreateDate :: Lens' UserType (Maybe UTCTime)

-- | A container with information about the user type attributes.
utAttributes :: Lens' UserType [AttributeType]

-- | The MFA options for the user.
utMFAOptions :: Lens' UserType [MFAOptionType]

-- | The last modified date of the user.
utUserLastModifiedDate :: Lens' UserType (Maybe UTCTime)

-- | The template for verification messages.
--   
--   <i>See:</i> <a>verificationMessageTemplateType</a> smart constructor.
data VerificationMessageTemplateType

-- | Creates a value of <a>VerificationMessageTemplateType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>vmttDefaultEmailOption</a> - The default email option.</li>
--   <li><a>vmttEmailSubject</a> - The subject line for the email message
--   template.</li>
--   <li><a>vmttEmailSubjectByLink</a> - The subject line for the email
--   message template for sending a confirmation link to the user.</li>
--   <li><a>vmttSmsMessage</a> - The SMS message template.</li>
--   <li><a>vmttEmailMessageByLink</a> - The email message template for
--   sending a confirmation link to the user.</li>
--   <li><a>vmttEmailMessage</a> - The email message template.</li>
--   </ul>
verificationMessageTemplateType :: VerificationMessageTemplateType

-- | The default email option.
vmttDefaultEmailOption :: Lens' VerificationMessageTemplateType (Maybe DefaultEmailOptionType)

-- | The subject line for the email message template.
vmttEmailSubject :: Lens' VerificationMessageTemplateType (Maybe Text)

-- | The subject line for the email message template for sending a
--   confirmation link to the user.
vmttEmailSubjectByLink :: Lens' VerificationMessageTemplateType (Maybe Text)

-- | The SMS message template.
vmttSmsMessage :: Lens' VerificationMessageTemplateType (Maybe Text)

-- | The email message template for sending a confirmation link to the
--   user.
vmttEmailMessageByLink :: Lens' VerificationMessageTemplateType (Maybe Text)

-- | The email message template.
vmttEmailMessage :: Lens' VerificationMessageTemplateType (Maybe Text)


-- | Stops the user import job.
module Network.AWS.CognitoIdentityProvider.StopUserImportJob

-- | Creates a value of <a>StopUserImportJob</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sUserPoolId</a> - The user pool ID for the user pool that the
--   users are being imported into.</li>
--   <li><a>sJobId</a> - The job ID for the user import job.</li>
--   </ul>
stopUserImportJob :: Text -> Text -> StopUserImportJob

-- | Represents the request to stop the user import job.
--   
--   <i>See:</i> <a>stopUserImportJob</a> smart constructor.
data StopUserImportJob

-- | The user pool ID for the user pool that the users are being imported
--   into.
sUserPoolId :: Lens' StopUserImportJob Text

-- | The job ID for the user import job.
sJobId :: Lens' StopUserImportJob Text

-- | Creates a value of <a>StopUserImportJobResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>srsUserImportJob</a> - The job object that represents the user
--   import job.</li>
--   <li><a>srsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
stopUserImportJobResponse :: Int -> StopUserImportJobResponse

-- | Represents the response from the server to the request to stop the
--   user import job.
--   
--   <i>See:</i> <a>stopUserImportJobResponse</a> smart constructor.
data StopUserImportJobResponse

-- | The job object that represents the user import job.
srsUserImportJob :: Lens' StopUserImportJobResponse (Maybe UserImportJobType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
srsResponseStatus :: Lens' StopUserImportJobResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJobResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJobResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJobResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJobResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJobResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJobResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.StopUserImportJob.StopUserImportJob


-- | Starts the user import.
module Network.AWS.CognitoIdentityProvider.StartUserImportJob

-- | Creates a value of <a>StartUserImportJob</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>suijUserPoolId</a> - The user pool ID for the user pool that
--   the users are being imported into.</li>
--   <li><a>suijJobId</a> - The job ID for the user import job.</li>
--   </ul>
startUserImportJob :: Text -> Text -> StartUserImportJob

-- | Represents the request to start the user import job.
--   
--   <i>See:</i> <a>startUserImportJob</a> smart constructor.
data StartUserImportJob

-- | The user pool ID for the user pool that the users are being imported
--   into.
suijUserPoolId :: Lens' StartUserImportJob Text

-- | The job ID for the user import job.
suijJobId :: Lens' StartUserImportJob Text

-- | Creates a value of <a>StartUserImportJobResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>suijrsUserImportJob</a> - The job object that represents the
--   user import job.</li>
--   <li><a>suijrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
startUserImportJobResponse :: Int -> StartUserImportJobResponse

-- | Represents the response from the server to the request to start the
--   user import job.
--   
--   <i>See:</i> <a>startUserImportJobResponse</a> smart constructor.
data StartUserImportJobResponse

-- | The job object that represents the user import job.
suijrsUserImportJob :: Lens' StartUserImportJobResponse (Maybe UserImportJobType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
suijrsResponseStatus :: Lens' StartUserImportJobResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJobResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJobResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJobResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJobResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJobResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJobResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.StartUserImportJob.StartUserImportJob


-- | Registers the user in the specified user pool and creates a user name,
--   password, and user attributes.
module Network.AWS.CognitoIdentityProvider.SignUp

-- | Creates a value of <a>SignUp</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>suAnalyticsMetadata</a> - The Amazon Pinpoint analytics
--   metadata for collecting metrics for <tt>SignUp</tt> calls.</li>
--   <li><a>suUserContextData</a> - Contextual data such as the user's
--   device fingerprint, IP address, or location used for evaluating the
--   risk of an unexpected event by Amazon Cognito advanced security.</li>
--   <li><a>suUserAttributes</a> - An array of name-value pairs
--   representing user attributes. For custom attributes, you must prepend
--   the <tt>custom:</tt> prefix to the attribute name.</li>
--   <li><a>suSecretHash</a> - A keyed-hash message authentication code
--   (HMAC) calculated using the secret key of a user pool client and
--   username plus the client ID in the message.</li>
--   <li><a>suValidationData</a> - The validation data in the request to
--   register a user.</li>
--   <li><a>suClientId</a> - The ID of the client associated with the user
--   pool.</li>
--   <li><a>suUsername</a> - The user name of the user you wish to
--   register.</li>
--   <li><a>suPassword</a> - The password of the user you wish to
--   register.</li>
--   </ul>
signUp :: Text -> Text -> Text -> SignUp

-- | Represents the request to register a user.
--   
--   <i>See:</i> <a>signUp</a> smart constructor.
data SignUp

-- | The Amazon Pinpoint analytics metadata for collecting metrics for
--   <tt>SignUp</tt> calls.
suAnalyticsMetadata :: Lens' SignUp (Maybe AnalyticsMetadataType)

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
suUserContextData :: Lens' SignUp (Maybe UserContextDataType)

-- | An array of name-value pairs representing user attributes. For custom
--   attributes, you must prepend the <tt>custom:</tt> prefix to the
--   attribute name.
suUserAttributes :: Lens' SignUp [AttributeType]

-- | A keyed-hash message authentication code (HMAC) calculated using the
--   secret key of a user pool client and username plus the client ID in
--   the message.
suSecretHash :: Lens' SignUp (Maybe Text)

-- | The validation data in the request to register a user.
suValidationData :: Lens' SignUp [AttributeType]

-- | The ID of the client associated with the user pool.
suClientId :: Lens' SignUp Text

-- | The user name of the user you wish to register.
suUsername :: Lens' SignUp Text

-- | The password of the user you wish to register.
suPassword :: Lens' SignUp Text

-- | Creates a value of <a>SignUpResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sursCodeDeliveryDetails</a> - The code delivery details
--   returned by the server response to the user registration request.</li>
--   <li><a>sursResponseStatus</a> - -- | The response status code.</li>
--   <li><a>sursUserConfirmed</a> - A response from the server indicating
--   that a user registration has been confirmed.</li>
--   <li><a>sursUserSub</a> - The UUID of the authenticated user. This is
--   not the same as <tt>username</tt> .</li>
--   </ul>
signUpResponse :: Int -> Bool -> Text -> SignUpResponse

-- | The response from the server for a registration request.
--   
--   <i>See:</i> <a>signUpResponse</a> smart constructor.
data SignUpResponse

-- | The code delivery details returned by the server response to the user
--   registration request.
sursCodeDeliveryDetails :: Lens' SignUpResponse (Maybe CodeDeliveryDetailsType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
sursResponseStatus :: Lens' SignUpResponse Int

-- | A response from the server indicating that a user registration has
--   been confirmed.
sursUserConfirmed :: Lens' SignUpResponse Bool

-- | The UUID of the authenticated user. This is not the same as
--   <tt>username</tt> .
sursUserSub :: Lens' SignUpResponse Text
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SignUp.SignUpResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SignUp.SignUpResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SignUp.SignUpResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.SignUp.SignUpResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SignUp.SignUpResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SignUp.SignUp
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SignUp.SignUp
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SignUp.SignUp
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SignUp.SignUp
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.SignUp.SignUp
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SignUp.SignUpResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.SignUp.SignUp
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SignUp.SignUp
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.SignUp.SignUp
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.SignUp.SignUp
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.SignUp.SignUp
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.SignUp.SignUp


-- | Sets the user settings like multi-factor authentication (MFA). If MFA
--   is to be removed for a particular attribute pass the attribute with
--   code delivery as null. If null list is passed, all MFA options are
--   removed.
module Network.AWS.CognitoIdentityProvider.SetUserSettings

-- | Creates a value of <a>SetUserSettings</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>susAccessToken</a> - The access token for the set user settings
--   request.</li>
--   <li><a>susMFAOptions</a> - Specifies the options for MFA (e.g., email
--   or phone number).</li>
--   </ul>
setUserSettings :: Text -> SetUserSettings

-- | Represents the request to set user settings.
--   
--   <i>See:</i> <a>setUserSettings</a> smart constructor.
data SetUserSettings

-- | The access token for the set user settings request.
susAccessToken :: Lens' SetUserSettings Text

-- | Specifies the options for MFA (e.g., email or phone number).
susMFAOptions :: Lens' SetUserSettings [MFAOptionType]

-- | Creates a value of <a>SetUserSettingsResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>susrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
setUserSettingsResponse :: Int -> SetUserSettingsResponse

-- | The response from the server for a set user settings request.
--   
--   <i>See:</i> <a>setUserSettingsResponse</a> smart constructor.
data SetUserSettingsResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
susrsResponseStatus :: Lens' SetUserSettingsResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettingsResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettingsResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettingsResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettingsResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettingsResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettingsResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.SetUserSettings.SetUserSettings


-- | Set the user pool MFA configuration.
module Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig

-- | Creates a value of <a>SetUserPoolMFAConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>supmcSmsMFAConfiguration</a> - The SMS text message MFA
--   configuration.</li>
--   <li><a>supmcSoftwareTokenMFAConfiguration</a> - The software token MFA
--   configuration.</li>
--   <li><a>supmcMFAConfiguration</a> - The MFA configuration.</li>
--   <li><a>supmcUserPoolId</a> - The user pool ID.</li>
--   </ul>
setUserPoolMFAConfig :: Text -> SetUserPoolMFAConfig

-- | <i>See:</i> <a>setUserPoolMFAConfig</a> smart constructor.
data SetUserPoolMFAConfig

-- | The SMS text message MFA configuration.
supmcSmsMFAConfiguration :: Lens' SetUserPoolMFAConfig (Maybe SmsMFAConfigType)

-- | The software token MFA configuration.
supmcSoftwareTokenMFAConfiguration :: Lens' SetUserPoolMFAConfig (Maybe SoftwareTokenMFAConfigType)

-- | The MFA configuration.
supmcMFAConfiguration :: Lens' SetUserPoolMFAConfig (Maybe UserPoolMFAType)

-- | The user pool ID.
supmcUserPoolId :: Lens' SetUserPoolMFAConfig Text

-- | Creates a value of <a>SetUserPoolMFAConfigResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>supmcrsSmsMFAConfiguration</a> - The SMS text message MFA
--   configuration.</li>
--   <li><a>supmcrsSoftwareTokenMFAConfiguration</a> - The software token
--   MFA configuration.</li>
--   <li><a>supmcrsMFAConfiguration</a> - The MFA configuration.</li>
--   <li><a>supmcrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
setUserPoolMFAConfigResponse :: Int -> SetUserPoolMFAConfigResponse

-- | <i>See:</i> <a>setUserPoolMFAConfigResponse</a> smart constructor.
data SetUserPoolMFAConfigResponse

-- | The SMS text message MFA configuration.
supmcrsSmsMFAConfiguration :: Lens' SetUserPoolMFAConfigResponse (Maybe SmsMFAConfigType)

-- | The software token MFA configuration.
supmcrsSoftwareTokenMFAConfiguration :: Lens' SetUserPoolMFAConfigResponse (Maybe SoftwareTokenMFAConfigType)

-- | The MFA configuration.
supmcrsMFAConfiguration :: Lens' SetUserPoolMFAConfigResponse (Maybe UserPoolMFAType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
supmcrsResponseStatus :: Lens' SetUserPoolMFAConfigResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfigResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfigResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfigResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfigResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfigResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.SetUserPoolMFAConfig.SetUserPoolMFAConfig


-- | Set the user's multi-factor authentication (MFA) method preference.
module Network.AWS.CognitoIdentityProvider.SetUserMFAPreference

-- | Creates a value of <a>SetUserMFAPreference</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sumpSMSMFASettings</a> - The SMS text message multi-factor
--   authentication (MFA) settings.</li>
--   <li><a>sumpSoftwareTokenMFASettings</a> - The time-based one-time
--   password software token MFA settings.</li>
--   <li><a>sumpAccessToken</a> - The access token.</li>
--   </ul>
setUserMFAPreference :: Text -> SetUserMFAPreference

-- | <i>See:</i> <a>setUserMFAPreference</a> smart constructor.
data SetUserMFAPreference

-- | The SMS text message multi-factor authentication (MFA) settings.
sumpSMSMFASettings :: Lens' SetUserMFAPreference (Maybe SMSMFASettingsType)

-- | The time-based one-time password software token MFA settings.
sumpSoftwareTokenMFASettings :: Lens' SetUserMFAPreference (Maybe SoftwareTokenMFASettingsType)

-- | The access token.
sumpAccessToken :: Lens' SetUserMFAPreference Text

-- | Creates a value of <a>SetUserMFAPreferenceResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sumprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
setUserMFAPreferenceResponse :: Int -> SetUserMFAPreferenceResponse

-- | <i>See:</i> <a>setUserMFAPreferenceResponse</a> smart constructor.
data SetUserMFAPreferenceResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
sumprsResponseStatus :: Lens' SetUserMFAPreferenceResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreferenceResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreferenceResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreferenceResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreferenceResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreferenceResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreferenceResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.SetUserMFAPreference.SetUserMFAPreference


-- | Sets the UI customization information for a user pool's built-in app
--   UI.
--   
--   You can specify app UI customization settings for a single client
--   (with a specific <tt>clientId</tt> ) or for all clients (by setting
--   the <tt>clientId</tt> to <tt>ALL</tt> ). If you specify <tt>ALL</tt> ,
--   the default configuration will be used for every client that has no UI
--   customization set previously. If you specify UI customization settings
--   for a particular client, it will no longer fall back to the
--   <tt>ALL</tt> configuration.
module Network.AWS.CognitoIdentityProvider.SetUICustomization

-- | Creates a value of <a>SetUICustomization</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>suicClientId</a> - The client ID for the client app.</li>
--   <li><a>suicCSS</a> - The CSS values in the UI customization.</li>
--   <li><a>suicImageFile</a> - The uploaded logo image for the UI
--   customization.-- <i>Note:</i> This <tt>Lens</tt> automatically encodes
--   and decodes Base64 data. The underlying isomorphism will encode to
--   Base64 representation during serialisation, and decode from Base64
--   representation during deserialisation. This <tt>Lens</tt> accepts and
--   returns only raw unencoded data.</li>
--   <li><a>suicUserPoolId</a> - The user pool ID for the user pool.</li>
--   </ul>
setUICustomization :: Text -> SetUICustomization

-- | <i>See:</i> <a>setUICustomization</a> smart constructor.
data SetUICustomization

-- | The client ID for the client app.
suicClientId :: Lens' SetUICustomization (Maybe Text)

-- | The CSS values in the UI customization.
suicCSS :: Lens' SetUICustomization (Maybe Text)

-- | The uploaded logo image for the UI customization.-- <i>Note:</i> This
--   <tt>Lens</tt> automatically encodes and decodes Base64 data. The
--   underlying isomorphism will encode to Base64 representation during
--   serialisation, and decode from Base64 representation during
--   deserialisation. This <tt>Lens</tt> accepts and returns only raw
--   unencoded data.
suicImageFile :: Lens' SetUICustomization (Maybe ByteString)

-- | The user pool ID for the user pool.
suicUserPoolId :: Lens' SetUICustomization Text

-- | Creates a value of <a>SetUICustomizationResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>suicrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>suicrsUICustomization</a> - The UI customization
--   information.</li>
--   </ul>
setUICustomizationResponse :: Int -> UICustomizationType -> SetUICustomizationResponse

-- | <i>See:</i> <a>setUICustomizationResponse</a> smart constructor.
data SetUICustomizationResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
suicrsResponseStatus :: Lens' SetUICustomizationResponse Int

-- | The UI customization information.
suicrsUICustomization :: Lens' SetUICustomizationResponse UICustomizationType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomizationResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomizationResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomizationResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomizationResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomizationResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.SetUICustomization.SetUICustomization


-- | Configures actions on detected risks. To delete the risk configuration
--   for <tt>UserPoolId</tt> or <tt>ClientId</tt> , pass null values for
--   all four configuration types.
--   
--   To enable Amazon Cognito advanced security features, update the user
--   pool to include the <tt>UserPoolAddOns</tt>
--   key<tt>AdvancedSecurityMode</tt> .
--   
--   See .
module Network.AWS.CognitoIdentityProvider.SetRiskConfiguration

-- | Creates a value of <a>SetRiskConfiguration</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>srcRiskExceptionConfiguration</a> - The configuration to
--   override the risk decision.</li>
--   <li><a>srcClientId</a> - The app client ID. If <tt>ClientId</tt> is
--   null, then the risk configuration is mapped to <tt>userPoolId</tt> .
--   When the client ID is null, the same risk configuration is applied to
--   all the clients in the userPool. Otherwise, <tt>ClientId</tt> is
--   mapped to the client. When the client ID is not null, the user pool
--   configuration is overridden and the risk configuration for the client
--   is used instead.</li>
--   <li><a>srcAccountTakeoverRiskConfiguration</a> - The account takeover
--   risk configuration.</li>
--   <li><a>srcCompromisedCredentialsRiskConfiguration</a> - The
--   compromised credentials risk configuration.</li>
--   <li><a>srcUserPoolId</a> - The user pool ID.</li>
--   </ul>
setRiskConfiguration :: Text -> SetRiskConfiguration

-- | <i>See:</i> <a>setRiskConfiguration</a> smart constructor.
data SetRiskConfiguration

-- | The configuration to override the risk decision.
srcRiskExceptionConfiguration :: Lens' SetRiskConfiguration (Maybe RiskExceptionConfigurationType)

-- | The app client ID. If <tt>ClientId</tt> is null, then the risk
--   configuration is mapped to <tt>userPoolId</tt> . When the client ID is
--   null, the same risk configuration is applied to all the clients in the
--   userPool. Otherwise, <tt>ClientId</tt> is mapped to the client. When
--   the client ID is not null, the user pool configuration is overridden
--   and the risk configuration for the client is used instead.
srcClientId :: Lens' SetRiskConfiguration (Maybe Text)

-- | The account takeover risk configuration.
srcAccountTakeoverRiskConfiguration :: Lens' SetRiskConfiguration (Maybe AccountTakeoverRiskConfigurationType)

-- | The compromised credentials risk configuration.
srcCompromisedCredentialsRiskConfiguration :: Lens' SetRiskConfiguration (Maybe CompromisedCredentialsRiskConfigurationType)

-- | The user pool ID.
srcUserPoolId :: Lens' SetRiskConfiguration Text

-- | Creates a value of <a>SetRiskConfigurationResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>srcrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>srcrsRiskConfiguration</a> - The risk configuration.</li>
--   </ul>
setRiskConfigurationResponse :: Int -> RiskConfigurationType -> SetRiskConfigurationResponse

-- | <i>See:</i> <a>setRiskConfigurationResponse</a> smart constructor.
data SetRiskConfigurationResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
srcrsResponseStatus :: Lens' SetRiskConfigurationResponse Int

-- | The risk configuration.
srcrsRiskConfiguration :: Lens' SetRiskConfigurationResponse RiskConfigurationType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfigurationResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfigurationResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfigurationResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfigurationResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfigurationResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.SetRiskConfiguration.SetRiskConfiguration


-- | Responds to the authentication challenge.
module Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge

-- | Creates a value of <a>RespondToAuthChallenge</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rtacAnalyticsMetadata</a> - The Amazon Pinpoint analytics
--   metadata for collecting metrics for <tt>RespondToAuthChallenge</tt>
--   calls.</li>
--   <li><a>rtacChallengeResponses</a> - The challenge responses. These are
--   inputs corresponding to the value of <tt>ChallengeName</tt> , for
--   example: * <tt>SMS_MFA</tt> : <tt>SMS_MFA_CODE</tt> ,
--   <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is configured
--   with client secret). * <tt>PASSWORD_VERIFIER</tt> :
--   <tt>PASSWORD_CLAIM_SIGNATURE</tt> ,
--   <tt>PASSWORD_CLAIM_SECRET_BLOCK</tt> , <tt>TIMESTAMP</tt> ,
--   <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is configured
--   with client secret). * <tt>NEW_PASSWORD_REQUIRED</tt> :
--   <tt>NEW_PASSWORD</tt> , any other required attributes,
--   <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is configured
--   with client secret).</li>
--   <li><a>rtacUserContextData</a> - Contextual data such as the user's
--   device fingerprint, IP address, or location used for evaluating the
--   risk of an unexpected event by Amazon Cognito advanced security.</li>
--   <li><a>rtacSession</a> - The session which should be passed both ways
--   in challenge-response calls to the service. If <tt>InitiateAuth</tt>
--   or <tt>RespondToAuthChallenge</tt> API call determines that the caller
--   needs to go through another challenge, they return a session with
--   other challenge parameters. This session should be passed as it is to
--   the next <tt>RespondToAuthChallenge</tt> API call.</li>
--   <li><a>rtacClientId</a> - The app client ID.</li>
--   <li><a>rtacChallengeName</a> - The challenge name. For more
--   information, see . <tt>ADMIN_NO_SRP_AUTH</tt> is not a valid
--   value.</li>
--   </ul>
respondToAuthChallenge :: Text -> ChallengeNameType -> RespondToAuthChallenge

-- | The request to respond to an authentication challenge.
--   
--   <i>See:</i> <a>respondToAuthChallenge</a> smart constructor.
data RespondToAuthChallenge

-- | The Amazon Pinpoint analytics metadata for collecting metrics for
--   <tt>RespondToAuthChallenge</tt> calls.
rtacAnalyticsMetadata :: Lens' RespondToAuthChallenge (Maybe AnalyticsMetadataType)

-- | The challenge responses. These are inputs corresponding to the value
--   of <tt>ChallengeName</tt> , for example: * <tt>SMS_MFA</tt> :
--   <tt>SMS_MFA_CODE</tt> , <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if
--   app client is configured with client secret). *
--   <tt>PASSWORD_VERIFIER</tt> : <tt>PASSWORD_CLAIM_SIGNATURE</tt> ,
--   <tt>PASSWORD_CLAIM_SECRET_BLOCK</tt> , <tt>TIMESTAMP</tt> ,
--   <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is configured
--   with client secret). * <tt>NEW_PASSWORD_REQUIRED</tt> :
--   <tt>NEW_PASSWORD</tt> , any other required attributes,
--   <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is configured
--   with client secret).
rtacChallengeResponses :: Lens' RespondToAuthChallenge (HashMap Text Text)

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
rtacUserContextData :: Lens' RespondToAuthChallenge (Maybe UserContextDataType)

-- | The session which should be passed both ways in challenge-response
--   calls to the service. If <tt>InitiateAuth</tt> or
--   <tt>RespondToAuthChallenge</tt> API call determines that the caller
--   needs to go through another challenge, they return a session with
--   other challenge parameters. This session should be passed as it is to
--   the next <tt>RespondToAuthChallenge</tt> API call.
rtacSession :: Lens' RespondToAuthChallenge (Maybe Text)

-- | The app client ID.
rtacClientId :: Lens' RespondToAuthChallenge Text

-- | The challenge name. For more information, see .
--   <tt>ADMIN_NO_SRP_AUTH</tt> is not a valid value.
rtacChallengeName :: Lens' RespondToAuthChallenge ChallengeNameType

-- | Creates a value of <a>RespondToAuthChallengeResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rtacrsChallengeName</a> - The challenge name. For more
--   information, see .</li>
--   <li><a>rtacrsChallengeParameters</a> - The challenge parameters. For
--   more information, see .</li>
--   <li><a>rtacrsAuthenticationResult</a> - The result returned by the
--   server in response to the request to respond to the authentication
--   challenge.</li>
--   <li><a>rtacrsSession</a> - The session which should be passed both
--   ways in challenge-response calls to the service. If the or API call
--   determines that the caller needs to go through another challenge, they
--   return a session with other challenge parameters. This session should
--   be passed as it is to the next <tt>RespondToAuthChallenge</tt> API
--   call.</li>
--   <li><a>rtacrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
respondToAuthChallengeResponse :: Int -> RespondToAuthChallengeResponse

-- | The response to respond to the authentication challenge.
--   
--   <i>See:</i> <a>respondToAuthChallengeResponse</a> smart constructor.
data RespondToAuthChallengeResponse

-- | The challenge name. For more information, see .
rtacrsChallengeName :: Lens' RespondToAuthChallengeResponse (Maybe ChallengeNameType)

-- | The challenge parameters. For more information, see .
rtacrsChallengeParameters :: Lens' RespondToAuthChallengeResponse (HashMap Text Text)

-- | The result returned by the server in response to the request to
--   respond to the authentication challenge.
rtacrsAuthenticationResult :: Lens' RespondToAuthChallengeResponse (Maybe AuthenticationResultType)

-- | The session which should be passed both ways in challenge-response
--   calls to the service. If the or API call determines that the caller
--   needs to go through another challenge, they return a session with
--   other challenge parameters. This session should be passed as it is to
--   the next <tt>RespondToAuthChallenge</tt> API call.
rtacrsSession :: Lens' RespondToAuthChallengeResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
rtacrsResponseStatus :: Lens' RespondToAuthChallengeResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallengeResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallengeResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallengeResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallengeResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallengeResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.RespondToAuthChallenge.RespondToAuthChallenge


-- | Resends the confirmation (for confirmation of registration) to a
--   specific user in the user pool.
module Network.AWS.CognitoIdentityProvider.ResendConfirmationCode

-- | Creates a value of <a>ResendConfirmationCode</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rccAnalyticsMetadata</a> - The Amazon Pinpoint analytics
--   metadata for collecting metrics for <tt>ResendConfirmationCode</tt>
--   calls.</li>
--   <li><a>rccUserContextData</a> - Contextual data such as the user's
--   device fingerprint, IP address, or location used for evaluating the
--   risk of an unexpected event by Amazon Cognito advanced security.</li>
--   <li><a>rccSecretHash</a> - A keyed-hash message authentication code
--   (HMAC) calculated using the secret key of a user pool client and
--   username plus the client ID in the message.</li>
--   <li><a>rccClientId</a> - The ID of the client associated with the user
--   pool.</li>
--   <li><a>rccUsername</a> - The user name of the user to whom you wish to
--   resend a confirmation code.</li>
--   </ul>
resendConfirmationCode :: Text -> Text -> ResendConfirmationCode

-- | Represents the request to resend the confirmation code.
--   
--   <i>See:</i> <a>resendConfirmationCode</a> smart constructor.
data ResendConfirmationCode

-- | The Amazon Pinpoint analytics metadata for collecting metrics for
--   <tt>ResendConfirmationCode</tt> calls.
rccAnalyticsMetadata :: Lens' ResendConfirmationCode (Maybe AnalyticsMetadataType)

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
rccUserContextData :: Lens' ResendConfirmationCode (Maybe UserContextDataType)

-- | A keyed-hash message authentication code (HMAC) calculated using the
--   secret key of a user pool client and username plus the client ID in
--   the message.
rccSecretHash :: Lens' ResendConfirmationCode (Maybe Text)

-- | The ID of the client associated with the user pool.
rccClientId :: Lens' ResendConfirmationCode Text

-- | The user name of the user to whom you wish to resend a confirmation
--   code.
rccUsername :: Lens' ResendConfirmationCode Text

-- | Creates a value of <a>ResendConfirmationCodeResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rccrsCodeDeliveryDetails</a> - The code delivery details
--   returned by the server in response to the request to resend the
--   confirmation code.</li>
--   <li><a>rccrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
resendConfirmationCodeResponse :: Int -> ResendConfirmationCodeResponse

-- | The response from the server when the Amazon Cognito Your User Pools
--   service makes the request to resend a confirmation code.
--   
--   <i>See:</i> <a>resendConfirmationCodeResponse</a> smart constructor.
data ResendConfirmationCodeResponse

-- | The code delivery details returned by the server in response to the
--   request to resend the confirmation code.
rccrsCodeDeliveryDetails :: Lens' ResendConfirmationCodeResponse (Maybe CodeDeliveryDetailsType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
rccrsResponseStatus :: Lens' ResendConfirmationCodeResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCodeResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCodeResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCodeResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCodeResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCodeResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCodeResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ResendConfirmationCode.ResendConfirmationCode


-- | Lists the users in the specified group.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.ListUsersInGroup

-- | Creates a value of <a>ListUsersInGroup</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>luigNextToken</a> - An identifier that was returned from the
--   previous call to this operation, which can be used to return the next
--   set of items in the list.</li>
--   <li><a>luigLimit</a> - The limit of the request to list users.</li>
--   <li><a>luigUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>luigGroupName</a> - The name of the group.</li>
--   </ul>
listUsersInGroup :: Text -> Text -> ListUsersInGroup

-- | <i>See:</i> <a>listUsersInGroup</a> smart constructor.
data ListUsersInGroup

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
luigNextToken :: Lens' ListUsersInGroup (Maybe Text)

-- | The limit of the request to list users.
luigLimit :: Lens' ListUsersInGroup (Maybe Natural)

-- | The user pool ID for the user pool.
luigUserPoolId :: Lens' ListUsersInGroup Text

-- | The name of the group.
luigGroupName :: Lens' ListUsersInGroup Text

-- | Creates a value of <a>ListUsersInGroupResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>luigrsUsers</a> - The users returned in the request to list
--   users.</li>
--   <li><a>luigrsNextToken</a> - An identifier that was returned from the
--   previous call to this operation, which can be used to return the next
--   set of items in the list.</li>
--   <li><a>luigrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
listUsersInGroupResponse :: Int -> ListUsersInGroupResponse

-- | <i>See:</i> <a>listUsersInGroupResponse</a> smart constructor.
data ListUsersInGroupResponse

-- | The users returned in the request to list users.
luigrsUsers :: Lens' ListUsersInGroupResponse [UserType]

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
luigrsNextToken :: Lens' ListUsersInGroupResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
luigrsResponseStatus :: Lens' ListUsersInGroupResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroupResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroupResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroupResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroupResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroupResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ListUsersInGroup.ListUsersInGroup


-- | Lists the users in the Amazon Cognito user pool.
module Network.AWS.CognitoIdentityProvider.ListUsers

-- | Creates a value of <a>ListUsers</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>luPaginationToken</a> - An identifier that was returned from
--   the previous call to this operation, which can be used to return the
--   next set of items in the list.</li>
--   <li><a>luAttributesToGet</a> - An array of strings, where each string
--   is the name of a user attribute to be returned for each user in the
--   search results. If the array is null, all attributes are
--   returned.</li>
--   <li><a>luLimit</a> - Maximum number of users to be returned.</li>
--   <li><a>luFilter</a> - A filter string of the form
--   "<i>AttributeName</i> <i>Filter-Type</i> "<i>AttributeValue</i> "".
--   Quotation marks within the filter string must be escaped using the
--   backslash () character. For example, "<tt>family_name</tt> = "Reddy"".
--   * <i>AttributeName</i> : The name of the attribute to search for. You
--   can only search for one attribute at a time. * <i>Filter-Type</i> :
--   For an exact match, use =, for example, "<tt>given_name</tt> = "Jon"".
--   For a prefix ("starts with") match, use ^=, for example,
--   "<tt>given_name</tt> ^= "Jon"". * <i>AttributeValue</i> : The
--   attribute value that must be matched for each user. If the filter
--   string is empty, <tt>ListUsers</tt> returns all users in the user
--   pool. You can only search for the following standard attributes: *
--   <tt>username</tt> (case-sensitive) * <tt>email</tt> *
--   <tt>phone_number</tt> * <tt>name</tt> * <tt>given_name</tt> *
--   <tt>family_name</tt> * <tt>preferred_username</tt> *
--   <tt>cognito:user_status</tt> (called <b>Enabled</b> in the Console)
--   (case-sensitive) * <tt>status</tt> (case-insensitive) * <tt>sub</tt>
--   Custom attributes are not searchable. For more information, see
--   <a>Searching for Users Using the ListUsers API</a> and <a>Examples of
--   Using the ListUsers API</a> in the <i>Amazon Cognito Developer
--   Guide</i> .</li>
--   <li><a>luUserPoolId</a> - The user pool ID for the user pool on which
--   the search should be performed.</li>
--   </ul>
listUsers :: Text -> ListUsers

-- | Represents the request to list users.
--   
--   <i>See:</i> <a>listUsers</a> smart constructor.
data ListUsers

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
luPaginationToken :: Lens' ListUsers (Maybe Text)

-- | An array of strings, where each string is the name of a user attribute
--   to be returned for each user in the search results. If the array is
--   null, all attributes are returned.
luAttributesToGet :: Lens' ListUsers [Text]

-- | Maximum number of users to be returned.
luLimit :: Lens' ListUsers (Maybe Natural)

-- | A filter string of the form "<i>AttributeName</i> <i>Filter-Type</i>
--   "<i>AttributeValue</i> "". Quotation marks within the filter string
--   must be escaped using the backslash () character. For example,
--   "<tt>family_name</tt> = "Reddy"". * <i>AttributeName</i> : The name of
--   the attribute to search for. You can only search for one attribute at
--   a time. * <i>Filter-Type</i> : For an exact match, use =, for example,
--   "<tt>given_name</tt> = "Jon"". For a prefix ("starts with") match, use
--   ^=, for example, "<tt>given_name</tt> ^= "Jon"". *
--   <i>AttributeValue</i> : The attribute value that must be matched for
--   each user. If the filter string is empty, <tt>ListUsers</tt> returns
--   all users in the user pool. You can only search for the following
--   standard attributes: * <tt>username</tt> (case-sensitive) *
--   <tt>email</tt> * <tt>phone_number</tt> * <tt>name</tt> *
--   <tt>given_name</tt> * <tt>family_name</tt> *
--   <tt>preferred_username</tt> * <tt>cognito:user_status</tt> (called
--   <b>Enabled</b> in the Console) (case-sensitive) * <tt>status</tt>
--   (case-insensitive) * <tt>sub</tt> Custom attributes are not
--   searchable. For more information, see <a>Searching for Users Using the
--   ListUsers API</a> and <a>Examples of Using the ListUsers API</a> in
--   the <i>Amazon Cognito Developer Guide</i> .
luFilter :: Lens' ListUsers (Maybe Text)

-- | The user pool ID for the user pool on which the search should be
--   performed.
luUserPoolId :: Lens' ListUsers Text

-- | Creates a value of <a>ListUsersResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lursPaginationToken</a> - An identifier that was returned from
--   the previous call to this operation, which can be used to return the
--   next set of items in the list.</li>
--   <li><a>lursUsers</a> - The users returned in the request to list
--   users.</li>
--   <li><a>lursResponseStatus</a> - -- | The response status code.</li>
--   </ul>
listUsersResponse :: Int -> ListUsersResponse

-- | The response from the request to list users.
--   
--   <i>See:</i> <a>listUsersResponse</a> smart constructor.
data ListUsersResponse

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
lursPaginationToken :: Lens' ListUsersResponse (Maybe Text)

-- | The users returned in the request to list users.
lursUsers :: Lens' ListUsersResponse [UserType]

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
lursResponseStatus :: Lens' ListUsersResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListUsers.ListUsersResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListUsers.ListUsersResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListUsers.ListUsersResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListUsers.ListUsersResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListUsers.ListUsersResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ListUsers.ListUsers


-- | Lists the user pools associated with an AWS account.
module Network.AWS.CognitoIdentityProvider.ListUserPools

-- | Creates a value of <a>ListUserPools</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lupNextToken</a> - An identifier that was returned from the
--   previous call to this operation, which can be used to return the next
--   set of items in the list.</li>
--   <li><a>lupMaxResults</a> - The maximum number of results you want the
--   request to return when listing the user pools.</li>
--   </ul>
listUserPools :: Natural -> ListUserPools

-- | Represents the request to list user pools.
--   
--   <i>See:</i> <a>listUserPools</a> smart constructor.
data ListUserPools

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
lupNextToken :: Lens' ListUserPools (Maybe Text)

-- | The maximum number of results you want the request to return when
--   listing the user pools.
lupMaxResults :: Lens' ListUserPools Natural

-- | Creates a value of <a>ListUserPoolsResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>luprsUserPools</a> - The user pools from the response to list
--   users.</li>
--   <li><a>luprsNextToken</a> - An identifier that was returned from the
--   previous call to this operation, which can be used to return the next
--   set of items in the list.</li>
--   <li><a>luprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
listUserPoolsResponse :: Int -> ListUserPoolsResponse

-- | Represents the response to list user pools.
--   
--   <i>See:</i> <a>listUserPoolsResponse</a> smart constructor.
data ListUserPoolsResponse

-- | The user pools from the response to list users.
luprsUserPools :: Lens' ListUserPoolsResponse [UserPoolDescriptionType]

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
luprsNextToken :: Lens' ListUserPoolsResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
luprsResponseStatus :: Lens' ListUserPoolsResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPoolsResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPoolsResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPoolsResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPoolsResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPoolsResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPoolsResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ListUserPools.ListUserPools


-- | Lists the clients that have been created for the specified user pool.
module Network.AWS.CognitoIdentityProvider.ListUserPoolClients

-- | Creates a value of <a>ListUserPoolClients</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lupcNextToken</a> - An identifier that was returned from the
--   previous call to this operation, which can be used to return the next
--   set of items in the list.</li>
--   <li><a>lupcMaxResults</a> - The maximum number of results you want the
--   request to return when listing the user pool clients.</li>
--   <li><a>lupcUserPoolId</a> - The user pool ID for the user pool where
--   you want to list user pool clients.</li>
--   </ul>
listUserPoolClients :: Text -> ListUserPoolClients

-- | Represents the request to list the user pool clients.
--   
--   <i>See:</i> <a>listUserPoolClients</a> smart constructor.
data ListUserPoolClients

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
lupcNextToken :: Lens' ListUserPoolClients (Maybe Text)

-- | The maximum number of results you want the request to return when
--   listing the user pool clients.
lupcMaxResults :: Lens' ListUserPoolClients (Maybe Natural)

-- | The user pool ID for the user pool where you want to list user pool
--   clients.
lupcUserPoolId :: Lens' ListUserPoolClients Text

-- | Creates a value of <a>ListUserPoolClientsResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lupcrsNextToken</a> - An identifier that was returned from the
--   previous call to this operation, which can be used to return the next
--   set of items in the list.</li>
--   <li><a>lupcrsUserPoolClients</a> - The user pool clients in the
--   response that lists user pool clients.</li>
--   <li><a>lupcrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
listUserPoolClientsResponse :: Int -> ListUserPoolClientsResponse

-- | Represents the response from the server that lists user pool clients.
--   
--   <i>See:</i> <a>listUserPoolClientsResponse</a> smart constructor.
data ListUserPoolClientsResponse

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
lupcrsNextToken :: Lens' ListUserPoolClientsResponse (Maybe Text)

-- | The user pool clients in the response that lists user pool clients.
lupcrsUserPoolClients :: Lens' ListUserPoolClientsResponse [UserPoolClientDescription]

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
lupcrsResponseStatus :: Lens' ListUserPoolClientsResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClientsResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClientsResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClientsResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClientsResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClientsResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ListUserPoolClients.ListUserPoolClients


-- | Lists the user import jobs.
module Network.AWS.CognitoIdentityProvider.ListUserImportJobs

-- | Creates a value of <a>ListUserImportJobs</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>luijPaginationToken</a> - An identifier that was returned from
--   the previous call to <tt>ListUserImportJobs</tt> , which can be used
--   to return the next set of import jobs in the list.</li>
--   <li><a>luijUserPoolId</a> - The user pool ID for the user pool that
--   the users are being imported into.</li>
--   <li><a>luijMaxResults</a> - The maximum number of import jobs you want
--   the request to return.</li>
--   </ul>
listUserImportJobs :: Text -> Natural -> ListUserImportJobs

-- | Represents the request to list the user import jobs.
--   
--   <i>See:</i> <a>listUserImportJobs</a> smart constructor.
data ListUserImportJobs

-- | An identifier that was returned from the previous call to
--   <tt>ListUserImportJobs</tt> , which can be used to return the next set
--   of import jobs in the list.
luijPaginationToken :: Lens' ListUserImportJobs (Maybe Text)

-- | The user pool ID for the user pool that the users are being imported
--   into.
luijUserPoolId :: Lens' ListUserImportJobs Text

-- | The maximum number of import jobs you want the request to return.
luijMaxResults :: Lens' ListUserImportJobs Natural

-- | Creates a value of <a>ListUserImportJobsResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>luijrsPaginationToken</a> - An identifier that can be used to
--   return the next set of user import jobs in the list.</li>
--   <li><a>luijrsUserImportJobs</a> - The user import jobs.</li>
--   <li><a>luijrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
listUserImportJobsResponse :: Int -> ListUserImportJobsResponse

-- | Represents the response from the server to the request to list the
--   user import jobs.
--   
--   <i>See:</i> <a>listUserImportJobsResponse</a> smart constructor.
data ListUserImportJobsResponse

-- | An identifier that can be used to return the next set of user import
--   jobs in the list.
luijrsPaginationToken :: Lens' ListUserImportJobsResponse (Maybe Text)

-- | The user import jobs.
luijrsUserImportJobs :: Lens' ListUserImportJobsResponse (Maybe (NonEmpty UserImportJobType))

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
luijrsResponseStatus :: Lens' ListUserImportJobsResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobsResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobsResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobsResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobsResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobsResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobsResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ListUserImportJobs.ListUserImportJobs


-- | Lists the resource servers for a user pool.
module Network.AWS.CognitoIdentityProvider.ListResourceServers

-- | Creates a value of <a>ListResourceServers</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lrsNextToken</a> - A pagination token.</li>
--   <li><a>lrsMaxResults</a> - The maximum number of resource servers to
--   return.</li>
--   <li><a>lrsUserPoolId</a> - The user pool ID for the user pool.</li>
--   </ul>
listResourceServers :: Text -> ListResourceServers

-- | <i>See:</i> <a>listResourceServers</a> smart constructor.
data ListResourceServers

-- | A pagination token.
lrsNextToken :: Lens' ListResourceServers (Maybe Text)

-- | The maximum number of resource servers to return.
lrsMaxResults :: Lens' ListResourceServers (Maybe Natural)

-- | The user pool ID for the user pool.
lrsUserPoolId :: Lens' ListResourceServers Text

-- | Creates a value of <a>ListResourceServersResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lrsrsNextToken</a> - A pagination token.</li>
--   <li><a>lrsrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>lrsrsResourceServers</a> - The resource servers.</li>
--   </ul>
listResourceServersResponse :: Int -> ListResourceServersResponse

-- | <i>See:</i> <a>listResourceServersResponse</a> smart constructor.
data ListResourceServersResponse

-- | A pagination token.
lrsrsNextToken :: Lens' ListResourceServersResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
lrsrsResponseStatus :: Lens' ListResourceServersResponse Int

-- | The resource servers.
lrsrsResourceServers :: Lens' ListResourceServersResponse [ResourceServerType]
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServersResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServersResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServersResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServersResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServersResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServersResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ListResourceServers.ListResourceServers


-- | Lists information about all identity providers for a user pool.
module Network.AWS.CognitoIdentityProvider.ListIdentityProviders

-- | Creates a value of <a>ListIdentityProviders</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lipNextToken</a> - A pagination token.</li>
--   <li><a>lipMaxResults</a> - The maximum number of identity providers to
--   return.</li>
--   <li><a>lipUserPoolId</a> - The user pool ID.</li>
--   </ul>
listIdentityProviders :: Text -> ListIdentityProviders

-- | <i>See:</i> <a>listIdentityProviders</a> smart constructor.
data ListIdentityProviders

-- | A pagination token.
lipNextToken :: Lens' ListIdentityProviders (Maybe Text)

-- | The maximum number of identity providers to return.
lipMaxResults :: Lens' ListIdentityProviders (Maybe Natural)

-- | The user pool ID.
lipUserPoolId :: Lens' ListIdentityProviders Text

-- | Creates a value of <a>ListIdentityProvidersResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>liprsNextToken</a> - A pagination token.</li>
--   <li><a>liprsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>liprsProviders</a> - A list of identity provider objects.</li>
--   </ul>
listIdentityProvidersResponse :: Int -> ListIdentityProvidersResponse

-- | <i>See:</i> <a>listIdentityProvidersResponse</a> smart constructor.
data ListIdentityProvidersResponse

-- | A pagination token.
liprsNextToken :: Lens' ListIdentityProvidersResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
liprsResponseStatus :: Lens' ListIdentityProvidersResponse Int

-- | A list of identity provider objects.
liprsProviders :: Lens' ListIdentityProvidersResponse [ProviderDescription]
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProvidersResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProvidersResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProvidersResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProvidersResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProvidersResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProvidersResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ListIdentityProviders.ListIdentityProviders


-- | Lists the groups associated with a user pool.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.ListGroups

-- | Creates a value of <a>ListGroups</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lgNextToken</a> - An identifier that was returned from the
--   previous call to this operation, which can be used to return the next
--   set of items in the list.</li>
--   <li><a>lgLimit</a> - The limit of the request to list groups.</li>
--   <li><a>lgUserPoolId</a> - The user pool ID for the user pool.</li>
--   </ul>
listGroups :: Text -> ListGroups

-- | <i>See:</i> <a>listGroups</a> smart constructor.
data ListGroups

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
lgNextToken :: Lens' ListGroups (Maybe Text)

-- | The limit of the request to list groups.
lgLimit :: Lens' ListGroups (Maybe Natural)

-- | The user pool ID for the user pool.
lgUserPoolId :: Lens' ListGroups Text

-- | Creates a value of <a>ListGroupsResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lgrsGroups</a> - The group objects for the groups.</li>
--   <li><a>lgrsNextToken</a> - An identifier that was returned from the
--   previous call to this operation, which can be used to return the next
--   set of items in the list.</li>
--   <li><a>lgrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
listGroupsResponse :: Int -> ListGroupsResponse

-- | <i>See:</i> <a>listGroupsResponse</a> smart constructor.
data ListGroupsResponse

-- | The group objects for the groups.
lgrsGroups :: Lens' ListGroupsResponse [GroupType]

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
lgrsNextToken :: Lens' ListGroupsResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
lgrsResponseStatus :: Lens' ListGroupsResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListGroups.ListGroupsResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListGroups.ListGroupsResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListGroups.ListGroupsResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListGroups.ListGroupsResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListGroups.ListGroupsResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListGroups.ListGroupsResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ListGroups.ListGroups


-- | Lists the devices.
module Network.AWS.CognitoIdentityProvider.ListDevices

-- | Creates a value of <a>ListDevices</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ldPaginationToken</a> - The pagination token for the list
--   request.</li>
--   <li><a>ldLimit</a> - The limit of the device request.</li>
--   <li><a>ldAccessToken</a> - The access tokens for the request to list
--   devices.</li>
--   </ul>
listDevices :: Text -> ListDevices

-- | Represents the request to list the devices.
--   
--   <i>See:</i> <a>listDevices</a> smart constructor.
data ListDevices

-- | The pagination token for the list request.
ldPaginationToken :: Lens' ListDevices (Maybe Text)

-- | The limit of the device request.
ldLimit :: Lens' ListDevices (Maybe Natural)

-- | The access tokens for the request to list devices.
ldAccessToken :: Lens' ListDevices Text

-- | Creates a value of <a>ListDevicesResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ldrsPaginationToken</a> - The pagination token for the list
--   device response.</li>
--   <li><a>ldrsDevices</a> - The devices returned in the list devices
--   response.</li>
--   <li><a>ldrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
listDevicesResponse :: Int -> ListDevicesResponse

-- | Represents the response to list devices.
--   
--   <i>See:</i> <a>listDevicesResponse</a> smart constructor.
data ListDevicesResponse

-- | The pagination token for the list device response.
ldrsPaginationToken :: Lens' ListDevicesResponse (Maybe Text)

-- | The devices returned in the list devices response.
ldrsDevices :: Lens' ListDevicesResponse [DeviceType]

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ldrsResponseStatus :: Lens' ListDevicesResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListDevices.ListDevicesResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListDevices.ListDevicesResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListDevices.ListDevicesResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListDevices.ListDevicesResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListDevices.ListDevicesResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ListDevices.ListDevices


-- | Initiates the authentication flow.
module Network.AWS.CognitoIdentityProvider.InitiateAuth

-- | Creates a value of <a>InitiateAuth</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>iaClientMetadata</a> - This is a random key-value pair map
--   which can contain any key and will be passed to your PreAuthentication
--   Lambda trigger as-is. It can be used to implement additional
--   validations around authentication.</li>
--   <li><a>iaAnalyticsMetadata</a> - The Amazon Pinpoint analytics
--   metadata for collecting metrics for <tt>InitiateAuth</tt> calls.</li>
--   <li><a>iaUserContextData</a> - Contextual data such as the user's
--   device fingerprint, IP address, or location used for evaluating the
--   risk of an unexpected event by Amazon Cognito advanced security.</li>
--   <li><a>iaAuthParameters</a> - The authentication parameters. These are
--   inputs corresponding to the <tt>AuthFlow</tt> that you are invoking.
--   The required values depend on the value of <tt>AuthFlow</tt> : * For
--   <tt>USER_SRP_AUTH</tt> : <tt>USERNAME</tt> (required), <tt>SRP_A</tt>
--   (required), <tt>SECRET_HASH</tt> (required if the app client is
--   configured with a client secret), <tt>DEVICE_KEY</tt> * For
--   <tt>REFRESH_TOKEN_AUTH/REFRESH_TOKEN</tt> : <tt>REFRESH_TOKEN</tt>
--   (required), <tt>SECRET_HASH</tt> (required if the app client is
--   configured with a client secret), <tt>DEVICE_KEY</tt> * For
--   <tt>CUSTOM_AUTH</tt> : <tt>USERNAME</tt> (required),
--   <tt>SECRET_HASH</tt> (if app client is configured with client secret),
--   <tt>DEVICE_KEY</tt></li>
--   <li><a>iaAuthFlow</a> - The authentication flow for this call to
--   execute. The API action will depend on this value. For example: *
--   <tt>REFRESH_TOKEN_AUTH</tt> will take in a valid refresh token and
--   return new tokens. * <tt>USER_SRP_AUTH</tt> will take in
--   <tt>USERNAME</tt> and <tt>SRP_A</tt> and return the SRP variables to
--   be used for next challenge execution. * <tt>USER_PASSWORD_AUTH</tt>
--   will take in <tt>USERNAME</tt> and <tt>PASSWORD</tt> and return the
--   next challenge or tokens. Valid values include: *
--   <tt>USER_SRP_AUTH</tt> : Authentication flow for the Secure Remote
--   Password (SRP) protocol. * <tt>REFRESH_TOKEN_AUTH</tt>
--   /<tt>REFRESH_TOKEN</tt> : Authentication flow for refreshing the
--   access token and ID token by supplying a valid refresh token. *
--   <tt>CUSTOM_AUTH</tt> : Custom authentication flow. *
--   <tt>USER_PASSWORD_AUTH</tt> : Non-SRP authentication flow; USERNAME
--   and PASSWORD are passed directly. If a user migration Lambda trigger
--   is set, this flow will invoke the user migration Lambda if the
--   USERNAME is not found in the user pool. <tt>ADMIN_NO_SRP_AUTH</tt> is
--   not a valid value.</li>
--   <li><a>iaClientId</a> - The app client ID.</li>
--   </ul>
initiateAuth :: AuthFlowType -> Text -> InitiateAuth

-- | Initiates the authentication request.
--   
--   <i>See:</i> <a>initiateAuth</a> smart constructor.
data InitiateAuth

-- | This is a random key-value pair map which can contain any key and will
--   be passed to your PreAuthentication Lambda trigger as-is. It can be
--   used to implement additional validations around authentication.
iaClientMetadata :: Lens' InitiateAuth (HashMap Text Text)

-- | The Amazon Pinpoint analytics metadata for collecting metrics for
--   <tt>InitiateAuth</tt> calls.
iaAnalyticsMetadata :: Lens' InitiateAuth (Maybe AnalyticsMetadataType)

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
iaUserContextData :: Lens' InitiateAuth (Maybe UserContextDataType)

-- | The authentication parameters. These are inputs corresponding to the
--   <tt>AuthFlow</tt> that you are invoking. The required values depend on
--   the value of <tt>AuthFlow</tt> : * For <tt>USER_SRP_AUTH</tt> :
--   <tt>USERNAME</tt> (required), <tt>SRP_A</tt> (required),
--   <tt>SECRET_HASH</tt> (required if the app client is configured with a
--   client secret), <tt>DEVICE_KEY</tt> * For
--   <tt>REFRESH_TOKEN_AUTH/REFRESH_TOKEN</tt> : <tt>REFRESH_TOKEN</tt>
--   (required), <tt>SECRET_HASH</tt> (required if the app client is
--   configured with a client secret), <tt>DEVICE_KEY</tt> * For
--   <tt>CUSTOM_AUTH</tt> : <tt>USERNAME</tt> (required),
--   <tt>SECRET_HASH</tt> (if app client is configured with client secret),
--   <tt>DEVICE_KEY</tt>
iaAuthParameters :: Lens' InitiateAuth (HashMap Text Text)

-- | The authentication flow for this call to execute. The API action will
--   depend on this value. For example: * <tt>REFRESH_TOKEN_AUTH</tt> will
--   take in a valid refresh token and return new tokens. *
--   <tt>USER_SRP_AUTH</tt> will take in <tt>USERNAME</tt> and
--   <tt>SRP_A</tt> and return the SRP variables to be used for next
--   challenge execution. * <tt>USER_PASSWORD_AUTH</tt> will take in
--   <tt>USERNAME</tt> and <tt>PASSWORD</tt> and return the next challenge
--   or tokens. Valid values include: * <tt>USER_SRP_AUTH</tt> :
--   Authentication flow for the Secure Remote Password (SRP) protocol. *
--   <tt>REFRESH_TOKEN_AUTH</tt> /<tt>REFRESH_TOKEN</tt> : Authentication
--   flow for refreshing the access token and ID token by supplying a valid
--   refresh token. * <tt>CUSTOM_AUTH</tt> : Custom authentication flow. *
--   <tt>USER_PASSWORD_AUTH</tt> : Non-SRP authentication flow; USERNAME
--   and PASSWORD are passed directly. If a user migration Lambda trigger
--   is set, this flow will invoke the user migration Lambda if the
--   USERNAME is not found in the user pool. <tt>ADMIN_NO_SRP_AUTH</tt> is
--   not a valid value.
iaAuthFlow :: Lens' InitiateAuth AuthFlowType

-- | The app client ID.
iaClientId :: Lens' InitiateAuth Text

-- | Creates a value of <a>InitiateAuthResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>iarsChallengeName</a> - The name of the challenge which you are
--   responding to with this call. This is returned to you in the
--   <tt>AdminInitiateAuth</tt> response if you need to pass another
--   challenge. Valid values include the following. Note that all of these
--   challenges require <tt>USERNAME</tt> and <tt>SECRET_HASH</tt> (if
--   applicable) in the parameters. * <tt>SMS_MFA</tt> : Next challenge is
--   to supply an <tt>SMS_MFA_CODE</tt> , delivered via SMS. *
--   <tt>PASSWORD_VERIFIER</tt> : Next challenge is to supply
--   <tt>PASSWORD_CLAIM_SIGNATURE</tt> ,
--   <tt>PASSWORD_CLAIM_SECRET_BLOCK</tt> , and <tt>TIMESTAMP</tt> after
--   the client-side SRP calculations. * <tt>CUSTOM_CHALLENGE</tt> : This
--   is returned if your custom authentication flow determines that the
--   user should pass another challenge before tokens are issued. *
--   <tt>DEVICE_SRP_AUTH</tt> : If device tracking was enabled on your user
--   pool and the previous challenges were passed, this challenge is
--   returned so that Amazon Cognito can start tracking this device. *
--   <tt>DEVICE_PASSWORD_VERIFIER</tt> : Similar to
--   <tt>PASSWORD_VERIFIER</tt> , but for devices only. *
--   <tt>NEW_PASSWORD_REQUIRED</tt> : For users which are required to
--   change their passwords after successful first login. This challenge
--   should be passed with <tt>NEW_PASSWORD</tt> and any other required
--   attributes.</li>
--   <li><a>iarsChallengeParameters</a> - The challenge parameters. These
--   are returned to you in the <tt>InitiateAuth</tt> response if you need
--   to pass another challenge. The responses in this parameter should be
--   used to compute inputs to the next call
--   (<tt>RespondToAuthChallenge</tt> ). All challenges require
--   <tt>USERNAME</tt> and <tt>SECRET_HASH</tt> (if applicable).</li>
--   <li><a>iarsAuthenticationResult</a> - The result of the authentication
--   response. This is only returned if the caller does not need to pass
--   another challenge. If the caller does need to pass another challenge
--   before it gets tokens, <tt>ChallengeName</tt> ,
--   <tt>ChallengeParameters</tt> , and <tt>Session</tt> are returned.</li>
--   <li><a>iarsSession</a> - The session which should be passed both ways
--   in challenge-response calls to the service. If the or API call
--   determines that the caller needs to go through another challenge, they
--   return a session with other challenge parameters. This session should
--   be passed as it is to the next <tt>RespondToAuthChallenge</tt> API
--   call.</li>
--   <li><a>iarsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
initiateAuthResponse :: Int -> InitiateAuthResponse

-- | Initiates the authentication response.
--   
--   <i>See:</i> <a>initiateAuthResponse</a> smart constructor.
data InitiateAuthResponse

-- | The name of the challenge which you are responding to with this call.
--   This is returned to you in the <tt>AdminInitiateAuth</tt> response if
--   you need to pass another challenge. Valid values include the
--   following. Note that all of these challenges require <tt>USERNAME</tt>
--   and <tt>SECRET_HASH</tt> (if applicable) in the parameters. *
--   <tt>SMS_MFA</tt> : Next challenge is to supply an
--   <tt>SMS_MFA_CODE</tt> , delivered via SMS. *
--   <tt>PASSWORD_VERIFIER</tt> : Next challenge is to supply
--   <tt>PASSWORD_CLAIM_SIGNATURE</tt> ,
--   <tt>PASSWORD_CLAIM_SECRET_BLOCK</tt> , and <tt>TIMESTAMP</tt> after
--   the client-side SRP calculations. * <tt>CUSTOM_CHALLENGE</tt> : This
--   is returned if your custom authentication flow determines that the
--   user should pass another challenge before tokens are issued. *
--   <tt>DEVICE_SRP_AUTH</tt> : If device tracking was enabled on your user
--   pool and the previous challenges were passed, this challenge is
--   returned so that Amazon Cognito can start tracking this device. *
--   <tt>DEVICE_PASSWORD_VERIFIER</tt> : Similar to
--   <tt>PASSWORD_VERIFIER</tt> , but for devices only. *
--   <tt>NEW_PASSWORD_REQUIRED</tt> : For users which are required to
--   change their passwords after successful first login. This challenge
--   should be passed with <tt>NEW_PASSWORD</tt> and any other required
--   attributes.
iarsChallengeName :: Lens' InitiateAuthResponse (Maybe ChallengeNameType)

-- | The challenge parameters. These are returned to you in the
--   <tt>InitiateAuth</tt> response if you need to pass another challenge.
--   The responses in this parameter should be used to compute inputs to
--   the next call (<tt>RespondToAuthChallenge</tt> ). All challenges
--   require <tt>USERNAME</tt> and <tt>SECRET_HASH</tt> (if applicable).
iarsChallengeParameters :: Lens' InitiateAuthResponse (HashMap Text Text)

-- | The result of the authentication response. This is only returned if
--   the caller does not need to pass another challenge. If the caller does
--   need to pass another challenge before it gets tokens,
--   <tt>ChallengeName</tt> , <tt>ChallengeParameters</tt> , and
--   <tt>Session</tt> are returned.
iarsAuthenticationResult :: Lens' InitiateAuthResponse (Maybe AuthenticationResultType)

-- | The session which should be passed both ways in challenge-response
--   calls to the service. If the or API call determines that the caller
--   needs to go through another challenge, they return a session with
--   other challenge parameters. This session should be passed as it is to
--   the next <tt>RespondToAuthChallenge</tt> API call.
iarsSession :: Lens' InitiateAuthResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
iarsResponseStatus :: Lens' InitiateAuthResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuthResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuthResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuthResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuthResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuthResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.InitiateAuth.InitiateAuth


-- | Signs out users from all devices.
module Network.AWS.CognitoIdentityProvider.GlobalSignOut

-- | Creates a value of <a>GlobalSignOut</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gsoAccessToken</a> - The access token.</li>
--   </ul>
globalSignOut :: Text -> GlobalSignOut

-- | Represents the request to sign out all devices.
--   
--   <i>See:</i> <a>globalSignOut</a> smart constructor.
data GlobalSignOut

-- | The access token.
gsoAccessToken :: Lens' GlobalSignOut Text

-- | Creates a value of <a>GlobalSignOutResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gsorsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
globalSignOutResponse :: Int -> GlobalSignOutResponse

-- | The response to the request to sign out all devices.
--   
--   <i>See:</i> <a>globalSignOutResponse</a> smart constructor.
data GlobalSignOutResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gsorsResponseStatus :: Lens' GlobalSignOutResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOutResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOutResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOutResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOutResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOutResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOutResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.GlobalSignOut.GlobalSignOut


-- | Gets the user pool multi-factor authentication (MFA) configuration.
module Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig

-- | Creates a value of <a>GetUserPoolMFAConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gupmcUserPoolId</a> - The user pool ID.</li>
--   </ul>
getUserPoolMFAConfig :: Text -> GetUserPoolMFAConfig

-- | <i>See:</i> <a>getUserPoolMFAConfig</a> smart constructor.
data GetUserPoolMFAConfig

-- | The user pool ID.
gupmcUserPoolId :: Lens' GetUserPoolMFAConfig Text

-- | Creates a value of <a>GetUserPoolMFAConfigResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gupmcrsSmsMFAConfiguration</a> - The SMS text message
--   multi-factor (MFA) configuration.</li>
--   <li><a>gupmcrsSoftwareTokenMFAConfiguration</a> - The software token
--   multi-factor (MFA) configuration.</li>
--   <li><a>gupmcrsMFAConfiguration</a> - The multi-factor (MFA)
--   configuration.</li>
--   <li><a>gupmcrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getUserPoolMFAConfigResponse :: Int -> GetUserPoolMFAConfigResponse

-- | <i>See:</i> <a>getUserPoolMFAConfigResponse</a> smart constructor.
data GetUserPoolMFAConfigResponse

-- | The SMS text message multi-factor (MFA) configuration.
gupmcrsSmsMFAConfiguration :: Lens' GetUserPoolMFAConfigResponse (Maybe SmsMFAConfigType)

-- | The software token multi-factor (MFA) configuration.
gupmcrsSoftwareTokenMFAConfiguration :: Lens' GetUserPoolMFAConfigResponse (Maybe SoftwareTokenMFAConfigType)

-- | The multi-factor (MFA) configuration.
gupmcrsMFAConfiguration :: Lens' GetUserPoolMFAConfigResponse (Maybe UserPoolMFAType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gupmcrsResponseStatus :: Lens' GetUserPoolMFAConfigResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfigResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfigResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfigResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfigResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfigResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.GetUserPoolMFAConfig.GetUserPoolMFAConfig


-- | Gets the user attribute verification code for the specified attribute
--   name.
module Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode

-- | Creates a value of <a>GetUserAttributeVerificationCode</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>guavcAccessToken</a> - The access token returned by the server
--   response to get the user attribute verification code.</li>
--   <li><a>guavcAttributeName</a> - The attribute name returned by the
--   server response to get the user attribute verification code.</li>
--   </ul>
getUserAttributeVerificationCode :: Text -> Text -> GetUserAttributeVerificationCode

-- | Represents the request to get user attribute verification.
--   
--   <i>See:</i> <a>getUserAttributeVerificationCode</a> smart constructor.
data GetUserAttributeVerificationCode

-- | The access token returned by the server response to get the user
--   attribute verification code.
guavcAccessToken :: Lens' GetUserAttributeVerificationCode Text

-- | The attribute name returned by the server response to get the user
--   attribute verification code.
guavcAttributeName :: Lens' GetUserAttributeVerificationCode Text

-- | Creates a value of <a>GetUserAttributeVerificationCodeResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>guavcrsCodeDeliveryDetails</a> - The code delivery details
--   returned by the server in response to the request to get the user
--   attribute verification code.</li>
--   <li><a>guavcrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getUserAttributeVerificationCodeResponse :: Int -> GetUserAttributeVerificationCodeResponse

-- | The verification code response returned by the server response to get
--   the user attribute verification code.
--   
--   <i>See:</i> <a>getUserAttributeVerificationCodeResponse</a> smart
--   constructor.
data GetUserAttributeVerificationCodeResponse

-- | The code delivery details returned by the server in response to the
--   request to get the user attribute verification code.
guavcrsCodeDeliveryDetails :: Lens' GetUserAttributeVerificationCodeResponse (Maybe CodeDeliveryDetailsType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
guavcrsResponseStatus :: Lens' GetUserAttributeVerificationCodeResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCodeResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCodeResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCodeResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCodeResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCodeResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCodeResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.GetUserAttributeVerificationCode.GetUserAttributeVerificationCode


-- | Gets the user attributes and metadata for a user.
module Network.AWS.CognitoIdentityProvider.GetUser

-- | Creates a value of <a>GetUser</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>guAccessToken</a> - The access token returned by the server
--   response to get information about the user.</li>
--   </ul>
getUser :: Text -> GetUser

-- | Represents the request to get information about the user.
--   
--   <i>See:</i> <a>getUser</a> smart constructor.
data GetUser

-- | The access token returned by the server response to get information
--   about the user.
guAccessToken :: Lens' GetUser Text

-- | Creates a value of <a>GetUserResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gursUserMFASettingList</a> - The list of the user's MFA
--   settings.</li>
--   <li><a>gursMFAOptions</a> - Specifies the options for MFA (e.g., email
--   or phone number).</li>
--   <li><a>gursPreferredMFASetting</a> - The user's preferred MFA
--   setting.</li>
--   <li><a>gursResponseStatus</a> - -- | The response status code.</li>
--   <li><a>gursUsername</a> - The user name of the user you wish to
--   retrieve from the get user request.</li>
--   <li><a>gursUserAttributes</a> - An array of name-value pairs
--   representing user attributes. For custom attributes, you must prepend
--   the <tt>custom:</tt> prefix to the attribute name.</li>
--   </ul>
getUserResponse :: Int -> Text -> GetUserResponse

-- | Represents the response from the server from the request to get
--   information about the user.
--   
--   <i>See:</i> <a>getUserResponse</a> smart constructor.
data GetUserResponse

-- | The list of the user's MFA settings.
gursUserMFASettingList :: Lens' GetUserResponse [Text]

-- | Specifies the options for MFA (e.g., email or phone number).
gursMFAOptions :: Lens' GetUserResponse [MFAOptionType]

-- | The user's preferred MFA setting.
gursPreferredMFASetting :: Lens' GetUserResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gursResponseStatus :: Lens' GetUserResponse Int

-- | The user name of the user you wish to retrieve from the get user
--   request.
gursUsername :: Lens' GetUserResponse Text

-- | An array of name-value pairs representing user attributes. For custom
--   attributes, you must prepend the <tt>custom:</tt> prefix to the
--   attribute name.
gursUserAttributes :: Lens' GetUserResponse [AttributeType]
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetUser.GetUserResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetUser.GetUserResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetUser.GetUserResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetUser.GetUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetUser.GetUser
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetUser.GetUser
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetUser.GetUser
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetUser.GetUser
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.GetUser.GetUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetUser.GetUserResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.GetUser.GetUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetUser.GetUser
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.GetUser.GetUser
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.GetUser.GetUser
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.GetUser.GetUser
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.GetUser.GetUser


-- | Gets the UI Customization information for a particular app client's
--   app UI, if there is something set. If nothing is set for the
--   particular client, but there is an existing pool level customization
--   (app <tt>clientId</tt> will be <tt>ALL</tt> ), then that is returned.
--   If nothing is present, then an empty shape is returned.
module Network.AWS.CognitoIdentityProvider.GetUICustomization

-- | Creates a value of <a>GetUICustomization</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>guicClientId</a> - The client ID for the client app.</li>
--   <li><a>guicUserPoolId</a> - The user pool ID for the user pool.</li>
--   </ul>
getUICustomization :: Text -> GetUICustomization

-- | <i>See:</i> <a>getUICustomization</a> smart constructor.
data GetUICustomization

-- | The client ID for the client app.
guicClientId :: Lens' GetUICustomization (Maybe Text)

-- | The user pool ID for the user pool.
guicUserPoolId :: Lens' GetUICustomization Text

-- | Creates a value of <a>GetUICustomizationResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>guicrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>guicrsUICustomization</a> - The UI customization
--   information.</li>
--   </ul>
getUICustomizationResponse :: Int -> UICustomizationType -> GetUICustomizationResponse

-- | <i>See:</i> <a>getUICustomizationResponse</a> smart constructor.
data GetUICustomizationResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
guicrsResponseStatus :: Lens' GetUICustomizationResponse Int

-- | The UI customization information.
guicrsUICustomization :: Lens' GetUICustomizationResponse UICustomizationType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomizationResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomizationResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomizationResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomizationResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomizationResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.GetUICustomization.GetUICustomization


-- | This method takes a user pool ID, and returns the signing certificate.
module Network.AWS.CognitoIdentityProvider.GetSigningCertificate

-- | Creates a value of <a>GetSigningCertificate</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gscUserPoolId</a> - The user pool ID.</li>
--   </ul>
getSigningCertificate :: Text -> GetSigningCertificate

-- | Request to get a signing certificate from Cognito.
--   
--   <i>See:</i> <a>getSigningCertificate</a> smart constructor.
data GetSigningCertificate

-- | The user pool ID.
gscUserPoolId :: Lens' GetSigningCertificate Text

-- | Creates a value of <a>GetSigningCertificateResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gscrsCertificate</a> - The signing certificate.</li>
--   <li><a>gscrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getSigningCertificateResponse :: Int -> GetSigningCertificateResponse

-- | Response from Cognito for a signing certificate request.
--   
--   <i>See:</i> <a>getSigningCertificateResponse</a> smart constructor.
data GetSigningCertificateResponse

-- | The signing certificate.
gscrsCertificate :: Lens' GetSigningCertificateResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gscrsResponseStatus :: Lens' GetSigningCertificateResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificateResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificateResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificateResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificateResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificateResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificateResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.GetSigningCertificate.GetSigningCertificate


-- | Gets the specified identity provider.
module Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier

-- | Creates a value of <a>GetIdentityProviderByIdentifier</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gipbiUserPoolId</a> - The user pool ID.</li>
--   <li><a>gipbiIdpIdentifier</a> - The identity provider ID.</li>
--   </ul>
getIdentityProviderByIdentifier :: Text -> Text -> GetIdentityProviderByIdentifier

-- | <i>See:</i> <a>getIdentityProviderByIdentifier</a> smart constructor.
data GetIdentityProviderByIdentifier

-- | The user pool ID.
gipbiUserPoolId :: Lens' GetIdentityProviderByIdentifier Text

-- | The identity provider ID.
gipbiIdpIdentifier :: Lens' GetIdentityProviderByIdentifier Text

-- | Creates a value of <a>GetIdentityProviderByIdentifierResponse</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gipbirsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>gipbirsIdentityProvider</a> - The identity provider
--   object.</li>
--   </ul>
getIdentityProviderByIdentifierResponse :: Int -> IdentityProviderType -> GetIdentityProviderByIdentifierResponse

-- | <i>See:</i> <a>getIdentityProviderByIdentifierResponse</a> smart
--   constructor.
data GetIdentityProviderByIdentifierResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gipbirsResponseStatus :: Lens' GetIdentityProviderByIdentifierResponse Int

-- | The identity provider object.
gipbirsIdentityProvider :: Lens' GetIdentityProviderByIdentifierResponse IdentityProviderType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifierResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifierResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifierResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifierResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifierResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifierResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.GetIdentityProviderByIdentifier.GetIdentityProviderByIdentifier


-- | Gets a group.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.GetGroup

-- | Creates a value of <a>GetGroup</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ggGroupName</a> - The name of the group.</li>
--   <li><a>ggUserPoolId</a> - The user pool ID for the user pool.</li>
--   </ul>
getGroup :: Text -> Text -> GetGroup

-- | <i>See:</i> <a>getGroup</a> smart constructor.
data GetGroup

-- | The name of the group.
ggGroupName :: Lens' GetGroup Text

-- | The user pool ID for the user pool.
ggUserPoolId :: Lens' GetGroup Text

-- | Creates a value of <a>GetGroupResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ggrsGroup</a> - The group object for the group.</li>
--   <li><a>ggrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getGroupResponse :: Int -> GetGroupResponse

-- | <i>See:</i> <a>getGroupResponse</a> smart constructor.
data GetGroupResponse

-- | The group object for the group.
ggrsGroup :: Lens' GetGroupResponse (Maybe GroupType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ggrsResponseStatus :: Lens' GetGroupResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetGroup.GetGroupResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetGroup.GetGroupResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetGroup.GetGroupResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetGroup.GetGroupResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetGroup.GetGroupResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetGroup.GetGroupResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.GetGroup.GetGroup


-- | Gets the device.
module Network.AWS.CognitoIdentityProvider.GetDevice

-- | Creates a value of <a>GetDevice</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gdAccessToken</a> - The access token.</li>
--   <li><a>gdDeviceKey</a> - The device key.</li>
--   </ul>
getDevice :: Text -> GetDevice

-- | Represents the request to get the device.
--   
--   <i>See:</i> <a>getDevice</a> smart constructor.
data GetDevice

-- | The access token.
gdAccessToken :: Lens' GetDevice (Maybe Text)

-- | The device key.
gdDeviceKey :: Lens' GetDevice Text

-- | Creates a value of <a>GetDeviceResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gdrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>gdrsDevice</a> - The device.</li>
--   </ul>
getDeviceResponse :: Int -> DeviceType -> GetDeviceResponse

-- | Gets the device response.
--   
--   <i>See:</i> <a>getDeviceResponse</a> smart constructor.
data GetDeviceResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gdrsResponseStatus :: Lens' GetDeviceResponse Int

-- | The device.
gdrsDevice :: Lens' GetDeviceResponse DeviceType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetDevice.GetDeviceResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetDevice.GetDeviceResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetDevice.GetDeviceResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetDevice.GetDeviceResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetDevice.GetDeviceResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.GetDevice.GetDevice


-- | Gets the header information for the .csv file to be used as input for
--   the user import job.
module Network.AWS.CognitoIdentityProvider.GetCSVHeader

-- | Creates a value of <a>GetCSVHeader</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gchUserPoolId</a> - The user pool ID for the user pool that the
--   users are to be imported into.</li>
--   </ul>
getCSVHeader :: Text -> GetCSVHeader

-- | Represents the request to get the header information for the .csv file
--   for the user import job.
--   
--   <i>See:</i> <a>getCSVHeader</a> smart constructor.
data GetCSVHeader

-- | The user pool ID for the user pool that the users are to be imported
--   into.
gchUserPoolId :: Lens' GetCSVHeader Text

-- | Creates a value of <a>GetCSVHeaderResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gchrsUserPoolId</a> - The user pool ID for the user pool that
--   the users are to be imported into.</li>
--   <li><a>gchrsCSVHeader</a> - The header information for the .csv file
--   for the user import job.</li>
--   <li><a>gchrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getCSVHeaderResponse :: Int -> GetCSVHeaderResponse

-- | Represents the response from the server to the request to get the
--   header information for the .csv file for the user import job.
--   
--   <i>See:</i> <a>getCSVHeaderResponse</a> smart constructor.
data GetCSVHeaderResponse

-- | The user pool ID for the user pool that the users are to be imported
--   into.
gchrsUserPoolId :: Lens' GetCSVHeaderResponse (Maybe Text)

-- | The header information for the .csv file for the user import job.
gchrsCSVHeader :: Lens' GetCSVHeaderResponse [Text]

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gchrsResponseStatus :: Lens' GetCSVHeaderResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeaderResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeaderResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeaderResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeaderResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeaderResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeaderResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.GetCSVHeader.GetCSVHeader


-- | Calling this API causes a message to be sent to the end user with a
--   confirmation code that is required to change the user's password. For
--   the <tt>Username</tt> parameter, you can use the username or user
--   alias. If a verified phone number exists for the user, the
--   confirmation code is sent to the phone number. Otherwise, if a
--   verified email exists, the confirmation code is sent to the email. If
--   neither a verified phone number nor a verified email exists,
--   <tt>InvalidParameterException</tt> is thrown. To use the confirmation
--   code for resetting the password, call .
module Network.AWS.CognitoIdentityProvider.ForgotPassword

-- | Creates a value of <a>ForgotPassword</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fpAnalyticsMetadata</a> - The Amazon Pinpoint analytics
--   metadata for collecting metrics for <tt>ForgotPassword</tt>
--   calls.</li>
--   <li><a>fpUserContextData</a> - Contextual data such as the user's
--   device fingerprint, IP address, or location used for evaluating the
--   risk of an unexpected event by Amazon Cognito advanced security.</li>
--   <li><a>fpSecretHash</a> - A keyed-hash message authentication code
--   (HMAC) calculated using the secret key of a user pool client and
--   username plus the client ID in the message.</li>
--   <li><a>fpClientId</a> - The ID of the client associated with the user
--   pool.</li>
--   <li><a>fpUsername</a> - The user name of the user for whom you want to
--   enter a code to reset a forgotten password.</li>
--   </ul>
forgotPassword :: Text -> Text -> ForgotPassword

-- | Represents the request to reset a user's password.
--   
--   <i>See:</i> <a>forgotPassword</a> smart constructor.
data ForgotPassword

-- | The Amazon Pinpoint analytics metadata for collecting metrics for
--   <tt>ForgotPassword</tt> calls.
fpAnalyticsMetadata :: Lens' ForgotPassword (Maybe AnalyticsMetadataType)

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
fpUserContextData :: Lens' ForgotPassword (Maybe UserContextDataType)

-- | A keyed-hash message authentication code (HMAC) calculated using the
--   secret key of a user pool client and username plus the client ID in
--   the message.
fpSecretHash :: Lens' ForgotPassword (Maybe Text)

-- | The ID of the client associated with the user pool.
fpClientId :: Lens' ForgotPassword Text

-- | The user name of the user for whom you want to enter a code to reset a
--   forgotten password.
fpUsername :: Lens' ForgotPassword Text

-- | Creates a value of <a>ForgotPasswordResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fprsCodeDeliveryDetails</a> - The code delivery details
--   returned by the server in response to the request to reset a
--   password.</li>
--   <li><a>fprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
forgotPasswordResponse :: Int -> ForgotPasswordResponse

-- | Respresents the response from the server regarding the request to
--   reset a password.
--   
--   <i>See:</i> <a>forgotPasswordResponse</a> smart constructor.
data ForgotPasswordResponse

-- | The code delivery details returned by the server in response to the
--   request to reset a password.
fprsCodeDeliveryDetails :: Lens' ForgotPasswordResponse (Maybe CodeDeliveryDetailsType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
fprsResponseStatus :: Lens' ForgotPasswordResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPasswordResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPasswordResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPasswordResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPasswordResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPasswordResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPasswordResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ForgotPassword.ForgotPassword


-- | Forgets the specified device.
module Network.AWS.CognitoIdentityProvider.ForgetDevice

-- | Creates a value of <a>ForgetDevice</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fdAccessToken</a> - The access token for the forgotten device
--   request.</li>
--   <li><a>fdDeviceKey</a> - The device key.</li>
--   </ul>
forgetDevice :: Text -> ForgetDevice

-- | Represents the request to forget the device.
--   
--   <i>See:</i> <a>forgetDevice</a> smart constructor.
data ForgetDevice

-- | The access token for the forgotten device request.
fdAccessToken :: Lens' ForgetDevice (Maybe Text)

-- | The device key.
fdDeviceKey :: Lens' ForgetDevice Text

-- | Creates a value of <a>ForgetDeviceResponse</a> with the minimum fields
--   required to make a request.
forgetDeviceResponse :: ForgetDeviceResponse

-- | <i>See:</i> <a>forgetDeviceResponse</a> smart constructor.
data ForgetDeviceResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDeviceResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDeviceResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDeviceResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDeviceResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDeviceResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDeviceResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ForgetDevice.ForgetDevice


-- | Gets information about a domain.
module Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain

-- | Creates a value of <a>DescribeUserPoolDomain</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dDomain</a> - The domain string.</li>
--   </ul>
describeUserPoolDomain :: Text -> DescribeUserPoolDomain

-- | <i>See:</i> <a>describeUserPoolDomain</a> smart constructor.
data DescribeUserPoolDomain

-- | The domain string.
dDomain :: Lens' DescribeUserPoolDomain Text

-- | Creates a value of <a>DescribeUserPoolDomainResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>drsDomainDescription</a> - A domain description object
--   containing information about the domain.</li>
--   <li><a>drsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
describeUserPoolDomainResponse :: Int -> DescribeUserPoolDomainResponse

-- | <i>See:</i> <a>describeUserPoolDomainResponse</a> smart constructor.
data DescribeUserPoolDomainResponse

-- | A domain description object containing information about the domain.
drsDomainDescription :: Lens' DescribeUserPoolDomainResponse (Maybe DomainDescriptionType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
drsResponseStatus :: Lens' DescribeUserPoolDomainResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomainResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomainResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomainResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomainResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomainResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomainResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DescribeUserPoolDomain.DescribeUserPoolDomain


-- | Client method for returning the configuration information and metadata
--   of the specified user pool client.
module Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient

-- | Creates a value of <a>DescribeUserPoolClient</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dupcuUserPoolId</a> - The user pool ID for the user pool you
--   want to describe.</li>
--   <li><a>dupcuClientId</a> - The app client ID of the app associated
--   with the user pool.</li>
--   </ul>
describeUserPoolClient :: Text -> Text -> DescribeUserPoolClient

-- | Represents the request to describe a user pool client.
--   
--   <i>See:</i> <a>describeUserPoolClient</a> smart constructor.
data DescribeUserPoolClient

-- | The user pool ID for the user pool you want to describe.
dupcuUserPoolId :: Lens' DescribeUserPoolClient Text

-- | The app client ID of the app associated with the user pool.
dupcuClientId :: Lens' DescribeUserPoolClient Text

-- | Creates a value of <a>DescribeUserPoolClientResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dupcrsUserPoolClient</a> - The user pool client from a server
--   response to describe the user pool client.</li>
--   <li><a>dupcrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
describeUserPoolClientResponse :: Int -> DescribeUserPoolClientResponse

-- | Represents the response from the server from a request to describe the
--   user pool client.
--   
--   <i>See:</i> <a>describeUserPoolClientResponse</a> smart constructor.
data DescribeUserPoolClientResponse

-- | The user pool client from a server response to describe the user pool
--   client.
dupcrsUserPoolClient :: Lens' DescribeUserPoolClientResponse (Maybe UserPoolClientType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
dupcrsResponseStatus :: Lens' DescribeUserPoolClientResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClientResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClientResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClientResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClientResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClientResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DescribeUserPoolClient.DescribeUserPoolClient


-- | Returns the configuration information and metadata of the specified
--   user pool.
module Network.AWS.CognitoIdentityProvider.DescribeUserPool

-- | Creates a value of <a>DescribeUserPool</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dUserPoolId</a> - The user pool ID for the user pool you want
--   to describe.</li>
--   </ul>
describeUserPool :: Text -> DescribeUserPool

-- | Represents the request to describe the user pool.
--   
--   <i>See:</i> <a>describeUserPool</a> smart constructor.
data DescribeUserPool

-- | The user pool ID for the user pool you want to describe.
dUserPoolId :: Lens' DescribeUserPool Text

-- | Creates a value of <a>DescribeUserPoolResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>duprsUserPool</a> - The container of metadata returned by the
--   server to describe the pool.</li>
--   <li><a>duprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
describeUserPoolResponse :: Int -> DescribeUserPoolResponse

-- | Represents the response to describe the user pool.
--   
--   <i>See:</i> <a>describeUserPoolResponse</a> smart constructor.
data DescribeUserPoolResponse

-- | The container of metadata returned by the server to describe the pool.
duprsUserPool :: Lens' DescribeUserPoolResponse (Maybe UserPoolType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
duprsResponseStatus :: Lens' DescribeUserPoolResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPoolResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPoolResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPoolResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPoolResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPoolResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPoolResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DescribeUserPool.DescribeUserPool


-- | Describes the user import job.
module Network.AWS.CognitoIdentityProvider.DescribeUserImportJob

-- | Creates a value of <a>DescribeUserImportJob</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>duijUserPoolId</a> - The user pool ID for the user pool that
--   the users are being imported into.</li>
--   <li><a>duijJobId</a> - The job ID for the user import job.</li>
--   </ul>
describeUserImportJob :: Text -> Text -> DescribeUserImportJob

-- | Represents the request to describe the user import job.
--   
--   <i>See:</i> <a>describeUserImportJob</a> smart constructor.
data DescribeUserImportJob

-- | The user pool ID for the user pool that the users are being imported
--   into.
duijUserPoolId :: Lens' DescribeUserImportJob Text

-- | The job ID for the user import job.
duijJobId :: Lens' DescribeUserImportJob Text

-- | Creates a value of <a>DescribeUserImportJobResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>duijrsUserImportJob</a> - The job object that represents the
--   user import job.</li>
--   <li><a>duijrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
describeUserImportJobResponse :: Int -> DescribeUserImportJobResponse

-- | Represents the response from the server to the request to describe the
--   user import job.
--   
--   <i>See:</i> <a>describeUserImportJobResponse</a> smart constructor.
data DescribeUserImportJobResponse

-- | The job object that represents the user import job.
duijrsUserImportJob :: Lens' DescribeUserImportJobResponse (Maybe UserImportJobType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
duijrsResponseStatus :: Lens' DescribeUserImportJobResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJobResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJobResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJobResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJobResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJobResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJobResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DescribeUserImportJob.DescribeUserImportJob


-- | Describes the risk configuration.
module Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration

-- | Creates a value of <a>DescribeRiskConfiguration</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>drcClientId</a> - The app client ID.</li>
--   <li><a>drcUserPoolId</a> - The user pool ID.</li>
--   </ul>
describeRiskConfiguration :: Text -> DescribeRiskConfiguration

-- | <i>See:</i> <a>describeRiskConfiguration</a> smart constructor.
data DescribeRiskConfiguration

-- | The app client ID.
drcClientId :: Lens' DescribeRiskConfiguration (Maybe Text)

-- | The user pool ID.
drcUserPoolId :: Lens' DescribeRiskConfiguration Text

-- | Creates a value of <a>DescribeRiskConfigurationResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>drcrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>drcrsRiskConfiguration</a> - The risk configuration.</li>
--   </ul>
describeRiskConfigurationResponse :: Int -> RiskConfigurationType -> DescribeRiskConfigurationResponse

-- | <i>See:</i> <a>describeRiskConfigurationResponse</a> smart
--   constructor.
data DescribeRiskConfigurationResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
drcrsResponseStatus :: Lens' DescribeRiskConfigurationResponse Int

-- | The risk configuration.
drcrsRiskConfiguration :: Lens' DescribeRiskConfigurationResponse RiskConfigurationType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfigurationResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfigurationResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfigurationResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfigurationResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfigurationResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DescribeRiskConfiguration.DescribeRiskConfiguration


-- | Describes a resource server.
module Network.AWS.CognitoIdentityProvider.DescribeResourceServer

-- | Creates a value of <a>DescribeResourceServer</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>desUserPoolId</a> - The user pool ID for the user pool that
--   hosts the resource server.</li>
--   <li><a>desIdentifier</a> - The identifier for the resource server</li>
--   </ul>
describeResourceServer :: Text -> Text -> DescribeResourceServer

-- | <i>See:</i> <a>describeResourceServer</a> smart constructor.
data DescribeResourceServer

-- | The user pool ID for the user pool that hosts the resource server.
desUserPoolId :: Lens' DescribeResourceServer Text

-- | The identifier for the resource server
desIdentifier :: Lens' DescribeResourceServer Text

-- | Creates a value of <a>DescribeResourceServerResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>drsrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>drsrsResourceServer</a> - The resource server.</li>
--   </ul>
describeResourceServerResponse :: Int -> ResourceServerType -> DescribeResourceServerResponse

-- | <i>See:</i> <a>describeResourceServerResponse</a> smart constructor.
data DescribeResourceServerResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
drsrsResponseStatus :: Lens' DescribeResourceServerResponse Int

-- | The resource server.
drsrsResourceServer :: Lens' DescribeResourceServerResponse ResourceServerType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServerResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServerResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServerResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServerResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServerResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServerResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DescribeResourceServer.DescribeResourceServer


-- | Gets information about a specific identity provider.
module Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider

-- | Creates a value of <a>DescribeIdentityProvider</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dipUserPoolId</a> - The user pool ID.</li>
--   <li><a>dipProviderName</a> - The identity provider name.</li>
--   </ul>
describeIdentityProvider :: Text -> Text -> DescribeIdentityProvider

-- | <i>See:</i> <a>describeIdentityProvider</a> smart constructor.
data DescribeIdentityProvider

-- | The user pool ID.
dipUserPoolId :: Lens' DescribeIdentityProvider Text

-- | The identity provider name.
dipProviderName :: Lens' DescribeIdentityProvider Text

-- | Creates a value of <a>DescribeIdentityProviderResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>diprsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>diprsIdentityProvider</a> - The identity provider that was
--   deleted.</li>
--   </ul>
describeIdentityProviderResponse :: Int -> IdentityProviderType -> DescribeIdentityProviderResponse

-- | <i>See:</i> <a>describeIdentityProviderResponse</a> smart constructor.
data DescribeIdentityProviderResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
diprsResponseStatus :: Lens' DescribeIdentityProviderResponse Int

-- | The identity provider that was deleted.
diprsIdentityProvider :: Lens' DescribeIdentityProviderResponse IdentityProviderType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProviderResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProviderResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProviderResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProviderResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProviderResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProviderResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DescribeIdentityProvider.DescribeIdentityProvider


-- | Deletes a domain for a user pool.
module Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain

-- | Creates a value of <a>DeleteUserPoolDomain</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dupdDomain</a> - The domain string.</li>
--   <li><a>dupdUserPoolId</a> - The user pool ID.</li>
--   </ul>
deleteUserPoolDomain :: Text -> Text -> DeleteUserPoolDomain

-- | <i>See:</i> <a>deleteUserPoolDomain</a> smart constructor.
data DeleteUserPoolDomain

-- | The domain string.
dupdDomain :: Lens' DeleteUserPoolDomain Text

-- | The user pool ID.
dupdUserPoolId :: Lens' DeleteUserPoolDomain Text

-- | Creates a value of <a>DeleteUserPoolDomainResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dupdrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
deleteUserPoolDomainResponse :: Int -> DeleteUserPoolDomainResponse

-- | <i>See:</i> <a>deleteUserPoolDomainResponse</a> smart constructor.
data DeleteUserPoolDomainResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
dupdrsResponseStatus :: Lens' DeleteUserPoolDomainResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomainResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomainResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomainResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomainResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomainResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomainResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DeleteUserPoolDomain.DeleteUserPoolDomain


-- | Allows the developer to delete the user pool client.
module Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient

-- | Creates a value of <a>DeleteUserPoolClient</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dupcUserPoolId</a> - The user pool ID for the user pool where
--   you want to delete the client.</li>
--   <li><a>dupcClientId</a> - The app client ID of the app associated with
--   the user pool.</li>
--   </ul>
deleteUserPoolClient :: Text -> Text -> DeleteUserPoolClient

-- | Represents the request to delete a user pool client.
--   
--   <i>See:</i> <a>deleteUserPoolClient</a> smart constructor.
data DeleteUserPoolClient

-- | The user pool ID for the user pool where you want to delete the
--   client.
dupcUserPoolId :: Lens' DeleteUserPoolClient Text

-- | The app client ID of the app associated with the user pool.
dupcClientId :: Lens' DeleteUserPoolClient Text

-- | Creates a value of <a>DeleteUserPoolClientResponse</a> with the
--   minimum fields required to make a request.
deleteUserPoolClientResponse :: DeleteUserPoolClientResponse

-- | <i>See:</i> <a>deleteUserPoolClientResponse</a> smart constructor.
data DeleteUserPoolClientResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClientResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClientResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClientResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClientResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClientResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClientResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DeleteUserPoolClient.DeleteUserPoolClient


-- | Deletes the specified Amazon Cognito user pool.
module Network.AWS.CognitoIdentityProvider.DeleteUserPool

-- | Creates a value of <a>DeleteUserPool</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dupUserPoolId</a> - The user pool ID for the user pool you want
--   to delete.</li>
--   </ul>
deleteUserPool :: Text -> DeleteUserPool

-- | Represents the request to delete a user pool.
--   
--   <i>See:</i> <a>deleteUserPool</a> smart constructor.
data DeleteUserPool

-- | The user pool ID for the user pool you want to delete.
dupUserPoolId :: Lens' DeleteUserPool Text

-- | Creates a value of <a>DeleteUserPoolResponse</a> with the minimum
--   fields required to make a request.
deleteUserPoolResponse :: DeleteUserPoolResponse

-- | <i>See:</i> <a>deleteUserPoolResponse</a> smart constructor.
data DeleteUserPoolResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPoolResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPoolResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPoolResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPoolResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPoolResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPoolResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DeleteUserPool.DeleteUserPool


-- | Deletes the attributes for a user.
module Network.AWS.CognitoIdentityProvider.DeleteUserAttributes

-- | Creates a value of <a>DeleteUserAttributes</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>duaUserAttributeNames</a> - An array of strings representing
--   the user attribute names you wish to delete. For custom attributes,
--   you must prepend the <tt>custom:</tt> prefix to the attribute
--   name.</li>
--   <li><a>duaAccessToken</a> - The access token used in the request to
--   delete user attributes.</li>
--   </ul>
deleteUserAttributes :: Text -> DeleteUserAttributes

-- | Represents the request to delete user attributes.
--   
--   <i>See:</i> <a>deleteUserAttributes</a> smart constructor.
data DeleteUserAttributes

-- | An array of strings representing the user attribute names you wish to
--   delete. For custom attributes, you must prepend the <tt>custom:</tt>
--   prefix to the attribute name.
duaUserAttributeNames :: Lens' DeleteUserAttributes [Text]

-- | The access token used in the request to delete user attributes.
duaAccessToken :: Lens' DeleteUserAttributes Text

-- | Creates a value of <a>DeleteUserAttributesResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>duarsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
deleteUserAttributesResponse :: Int -> DeleteUserAttributesResponse

-- | Represents the response from the server to delete user attributes.
--   
--   <i>See:</i> <a>deleteUserAttributesResponse</a> smart constructor.
data DeleteUserAttributesResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
duarsResponseStatus :: Lens' DeleteUserAttributesResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributesResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributesResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributesResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributesResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributesResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributesResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DeleteUserAttributes.DeleteUserAttributes


-- | Allows a user to delete himself or herself.
module Network.AWS.CognitoIdentityProvider.DeleteUser

-- | Creates a value of <a>DeleteUser</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>duAccessToken</a> - The access token from a request to delete a
--   user.</li>
--   </ul>
deleteUser :: Text -> DeleteUser

-- | Represents the request to delete a user.
--   
--   <i>See:</i> <a>deleteUser</a> smart constructor.
data DeleteUser

-- | The access token from a request to delete a user.
duAccessToken :: Lens' DeleteUser Text

-- | Creates a value of <a>DeleteUserResponse</a> with the minimum fields
--   required to make a request.
deleteUserResponse :: DeleteUserResponse

-- | <i>See:</i> <a>deleteUserResponse</a> smart constructor.
data DeleteUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUserResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUserResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUserResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUserResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUserResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DeleteUser.DeleteUser


-- | Deletes a resource server.
module Network.AWS.CognitoIdentityProvider.DeleteResourceServer

-- | Creates a value of <a>DeleteResourceServer</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>drsUserPoolId</a> - The user pool ID for the user pool that
--   hosts the resource server.</li>
--   <li><a>drsIdentifier</a> - The identifier for the resource
--   server.</li>
--   </ul>
deleteResourceServer :: Text -> Text -> DeleteResourceServer

-- | <i>See:</i> <a>deleteResourceServer</a> smart constructor.
data DeleteResourceServer

-- | The user pool ID for the user pool that hosts the resource server.
drsUserPoolId :: Lens' DeleteResourceServer Text

-- | The identifier for the resource server.
drsIdentifier :: Lens' DeleteResourceServer Text

-- | Creates a value of <a>DeleteResourceServerResponse</a> with the
--   minimum fields required to make a request.
deleteResourceServerResponse :: DeleteResourceServerResponse

-- | <i>See:</i> <a>deleteResourceServerResponse</a> smart constructor.
data DeleteResourceServerResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServerResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServerResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServerResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServerResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServerResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServerResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DeleteResourceServer.DeleteResourceServer


-- | Deletes an identity provider for a user pool.
module Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider

-- | Creates a value of <a>DeleteIdentityProvider</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>delUserPoolId</a> - The user pool ID.</li>
--   <li><a>delProviderName</a> - The identity provider name.</li>
--   </ul>
deleteIdentityProvider :: Text -> Text -> DeleteIdentityProvider

-- | <i>See:</i> <a>deleteIdentityProvider</a> smart constructor.
data DeleteIdentityProvider

-- | The user pool ID.
delUserPoolId :: Lens' DeleteIdentityProvider Text

-- | The identity provider name.
delProviderName :: Lens' DeleteIdentityProvider Text

-- | Creates a value of <a>DeleteIdentityProviderResponse</a> with the
--   minimum fields required to make a request.
deleteIdentityProviderResponse :: DeleteIdentityProviderResponse

-- | <i>See:</i> <a>deleteIdentityProviderResponse</a> smart constructor.
data DeleteIdentityProviderResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProviderResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProviderResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProviderResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProviderResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProviderResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProviderResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DeleteIdentityProvider.DeleteIdentityProvider


-- | Deletes a group. Currently only groups with no members can be deleted.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.DeleteGroup

-- | Creates a value of <a>DeleteGroup</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dgGroupName</a> - The name of the group.</li>
--   <li><a>dgUserPoolId</a> - The user pool ID for the user pool.</li>
--   </ul>
deleteGroup :: Text -> Text -> DeleteGroup

-- | <i>See:</i> <a>deleteGroup</a> smart constructor.
data DeleteGroup

-- | The name of the group.
dgGroupName :: Lens' DeleteGroup Text

-- | The user pool ID for the user pool.
dgUserPoolId :: Lens' DeleteGroup Text

-- | Creates a value of <a>DeleteGroupResponse</a> with the minimum fields
--   required to make a request.
deleteGroupResponse :: DeleteGroupResponse

-- | <i>See:</i> <a>deleteGroupResponse</a> smart constructor.
data DeleteGroupResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroupResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroupResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroupResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroupResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroupResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroupResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.DeleteGroup.DeleteGroup


-- | Creates a new domain for a user pool.
module Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain

-- | Creates a value of <a>CreateUserPoolDomain</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cupdDomain</a> - The domain string.</li>
--   <li><a>cupdUserPoolId</a> - The user pool ID.</li>
--   </ul>
createUserPoolDomain :: Text -> Text -> CreateUserPoolDomain

-- | <i>See:</i> <a>createUserPoolDomain</a> smart constructor.
data CreateUserPoolDomain

-- | The domain string.
cupdDomain :: Lens' CreateUserPoolDomain Text

-- | The user pool ID.
cupdUserPoolId :: Lens' CreateUserPoolDomain Text

-- | Creates a value of <a>CreateUserPoolDomainResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cupdrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createUserPoolDomainResponse :: Int -> CreateUserPoolDomainResponse

-- | <i>See:</i> <a>createUserPoolDomainResponse</a> smart constructor.
data CreateUserPoolDomainResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cupdrsResponseStatus :: Lens' CreateUserPoolDomainResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomainResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomainResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomainResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomainResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomainResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomainResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.CreateUserPoolDomain.CreateUserPoolDomain


-- | Creates the user pool client.
module Network.AWS.CognitoIdentityProvider.CreateUserPoolClient

-- | Creates a value of <a>CreateUserPoolClient</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cupcRefreshTokenValidity</a> - The time limit, in days, after
--   which the refresh token is no longer valid and cannot be used.</li>
--   <li><a>cupcExplicitAuthFlows</a> - The explicit authentication
--   flows.</li>
--   <li><a>cupcSupportedIdentityProviders</a> - A list of provider names
--   for the identity providers that are supported on this client.</li>
--   <li><a>cupcLogoutURLs</a> - A list of allowed logout URLs for the
--   identity providers.</li>
--   <li><a>cupcAllowedOAuthFlowsUserPoolClient</a> - Set to <tt>True</tt>
--   if the client is allowed to follow the OAuth protocol when interacting
--   with Cognito user pools.</li>
--   <li><a>cupcGenerateSecret</a> - Boolean to specify whether you want to
--   generate a secret for the user pool client being created.</li>
--   <li><a>cupcDefaultRedirectURI</a> - The default redirect URI. Must be
--   in the <tt>CallbackURLs</tt> list.</li>
--   <li><a>cupcWriteAttributes</a> - The write attributes.</li>
--   <li><a>cupcReadAttributes</a> - The read attributes.</li>
--   <li><a>cupcAllowedOAuthScopes</a> - A list of allowed <tt>OAuth</tt>
--   scopes. Currently supported values are <tt>"phone"</tt> ,
--   <tt>"email"</tt> , <tt>"openid"</tt> , and <tt><a>Cognito</a></tt>
--   .</li>
--   <li><a>cupcAllowedOAuthFlows</a> - Set to <tt>code</tt> to initiate a
--   code grant flow, which provides an authorization code as the response.
--   This code can be exchanged for access tokens with the token endpoint.
--   Set to <tt>token</tt> to specify that the client should get the access
--   token (and, optionally, ID token, based on scopes) directly.</li>
--   <li><a>cupcAnalyticsConfiguration</a> - The Amazon Pinpoint analytics
--   configuration for collecting metrics for this user pool.</li>
--   <li><a>cupcCallbackURLs</a> - A list of allowed callback URLs for the
--   identity providers.</li>
--   <li><a>cupcUserPoolId</a> - The user pool ID for the user pool where
--   you want to create a user pool client.</li>
--   <li><a>cupcClientName</a> - The client name for the user pool client
--   you would like to create.</li>
--   </ul>
createUserPoolClient :: Text -> Text -> CreateUserPoolClient

-- | Represents the request to create a user pool client.
--   
--   <i>See:</i> <a>createUserPoolClient</a> smart constructor.
data CreateUserPoolClient

-- | The time limit, in days, after which the refresh token is no longer
--   valid and cannot be used.
cupcRefreshTokenValidity :: Lens' CreateUserPoolClient (Maybe Natural)

-- | The explicit authentication flows.
cupcExplicitAuthFlows :: Lens' CreateUserPoolClient [ExplicitAuthFlowsType]

-- | A list of provider names for the identity providers that are supported
--   on this client.
cupcSupportedIdentityProviders :: Lens' CreateUserPoolClient [Text]

-- | A list of allowed logout URLs for the identity providers.
cupcLogoutURLs :: Lens' CreateUserPoolClient [Text]

-- | Set to <tt>True</tt> if the client is allowed to follow the OAuth
--   protocol when interacting with Cognito user pools.
cupcAllowedOAuthFlowsUserPoolClient :: Lens' CreateUserPoolClient (Maybe Bool)

-- | Boolean to specify whether you want to generate a secret for the user
--   pool client being created.
cupcGenerateSecret :: Lens' CreateUserPoolClient (Maybe Bool)

-- | The default redirect URI. Must be in the <tt>CallbackURLs</tt> list.
cupcDefaultRedirectURI :: Lens' CreateUserPoolClient (Maybe Text)

-- | The write attributes.
cupcWriteAttributes :: Lens' CreateUserPoolClient [Text]

-- | The read attributes.
cupcReadAttributes :: Lens' CreateUserPoolClient [Text]

-- | A list of allowed <tt>OAuth</tt> scopes. Currently supported values
--   are <tt>"phone"</tt> , <tt>"email"</tt> , <tt>"openid"</tt> , and
--   <tt><a>Cognito</a></tt> .
cupcAllowedOAuthScopes :: Lens' CreateUserPoolClient [Text]

-- | Set to <tt>code</tt> to initiate a code grant flow, which provides an
--   authorization code as the response. This code can be exchanged for
--   access tokens with the token endpoint. Set to <tt>token</tt> to
--   specify that the client should get the access token (and, optionally,
--   ID token, based on scopes) directly.
cupcAllowedOAuthFlows :: Lens' CreateUserPoolClient [OAuthFlowType]

-- | The Amazon Pinpoint analytics configuration for collecting metrics for
--   this user pool.
cupcAnalyticsConfiguration :: Lens' CreateUserPoolClient (Maybe AnalyticsConfigurationType)

-- | A list of allowed callback URLs for the identity providers.
cupcCallbackURLs :: Lens' CreateUserPoolClient [Text]

-- | The user pool ID for the user pool where you want to create a user
--   pool client.
cupcUserPoolId :: Lens' CreateUserPoolClient Text

-- | The client name for the user pool client you would like to create.
cupcClientName :: Lens' CreateUserPoolClient Text

-- | Creates a value of <a>CreateUserPoolClientResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cupcrsUserPoolClient</a> - The user pool client that was just
--   created.</li>
--   <li><a>cupcrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createUserPoolClientResponse :: Int -> CreateUserPoolClientResponse

-- | Represents the response from the server to create a user pool client.
--   
--   <i>See:</i> <a>createUserPoolClientResponse</a> smart constructor.
data CreateUserPoolClientResponse

-- | The user pool client that was just created.
cupcrsUserPoolClient :: Lens' CreateUserPoolClientResponse (Maybe UserPoolClientType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cupcrsResponseStatus :: Lens' CreateUserPoolClientResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClientResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClientResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClientResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClientResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClientResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.CreateUserPoolClient.CreateUserPoolClient


-- | Creates a new Amazon Cognito user pool and sets the password policy
--   for the pool.
module Network.AWS.CognitoIdentityProvider.CreateUserPool

-- | Creates a value of <a>CreateUserPool</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cupUserPoolTags</a> - The cost allocation tags for the user
--   pool. For more information, see <a>Adding Cost Allocation Tags to Your
--   User Pool</a></li>
--   <li><a>cupVerificationMessageTemplate</a> - The template for the
--   verification message that the user sees when the app requests
--   permission to access the user's information.</li>
--   <li><a>cupEmailVerificationMessage</a> - A string representing the
--   email verification message.</li>
--   <li><a>cupSmsAuthenticationMessage</a> - A string representing the SMS
--   authentication message.</li>
--   <li><a>cupUserPoolAddOns</a> - Used to enable advanced security risk
--   detection. Set the key <tt>AdvancedSecurityMode</tt> to the value
--   <a>AUDIT</a>.</li>
--   <li><a>cupEmailVerificationSubject</a> - A string representing the
--   email verification subject.</li>
--   <li><a>cupUsernameAttributes</a> - Specifies whether email addresses
--   or phone numbers can be specified as usernames when a user signs
--   up.</li>
--   <li><a>cupAliasAttributes</a> - Attributes supported as an alias for
--   this user pool. Possible values: <b>phone_number</b> , <b>email</b> ,
--   or <b>preferred_username</b> .</li>
--   <li><a>cupSchema</a> - An array of schema attributes for the new user
--   pool. These attributes can be standard or custom attributes.</li>
--   <li><a>cupEmailConfiguration</a> - The email configuration.</li>
--   <li><a>cupSmsVerificationMessage</a> - A string representing the SMS
--   verification message.</li>
--   <li><a>cupMFAConfiguration</a> - Specifies MFA configuration
--   details.</li>
--   <li><a>cupLambdaConfig</a> - The Lambda trigger configuration
--   information for the new user pool.</li>
--   <li><a>cupSmsConfiguration</a> - The SMS configuration.</li>
--   <li><a>cupAdminCreateUserConfig</a> - The configuration for
--   <tt>AdminCreateUser</tt> requests.</li>
--   <li><a>cupDeviceConfiguration</a> - The device configuration.</li>
--   <li><a>cupAutoVerifiedAttributes</a> - The attributes to be
--   auto-verified. Possible values: <b>email</b> , <b>phone_number</b>
--   .</li>
--   <li><a>cupPolicies</a> - The policies associated with the new user
--   pool.</li>
--   <li><a>cupPoolName</a> - A string used to name the user pool.</li>
--   </ul>
createUserPool :: Text -> CreateUserPool

-- | Represents the request to create a user pool.
--   
--   <i>See:</i> <a>createUserPool</a> smart constructor.
data CreateUserPool

-- | The cost allocation tags for the user pool. For more information, see
--   <a>Adding Cost Allocation Tags to Your User Pool</a>
cupUserPoolTags :: Lens' CreateUserPool (HashMap Text Text)

-- | The template for the verification message that the user sees when the
--   app requests permission to access the user's information.
cupVerificationMessageTemplate :: Lens' CreateUserPool (Maybe VerificationMessageTemplateType)

-- | A string representing the email verification message.
cupEmailVerificationMessage :: Lens' CreateUserPool (Maybe Text)

-- | A string representing the SMS authentication message.
cupSmsAuthenticationMessage :: Lens' CreateUserPool (Maybe Text)

-- | Used to enable advanced security risk detection. Set the key
--   <tt>AdvancedSecurityMode</tt> to the value <a>AUDIT</a>.
cupUserPoolAddOns :: Lens' CreateUserPool (Maybe UserPoolAddOnsType)

-- | A string representing the email verification subject.
cupEmailVerificationSubject :: Lens' CreateUserPool (Maybe Text)

-- | Specifies whether email addresses or phone numbers can be specified as
--   usernames when a user signs up.
cupUsernameAttributes :: Lens' CreateUserPool [UsernameAttributeType]

-- | Attributes supported as an alias for this user pool. Possible values:
--   <b>phone_number</b> , <b>email</b> , or <b>preferred_username</b> .
cupAliasAttributes :: Lens' CreateUserPool [AliasAttributeType]

-- | An array of schema attributes for the new user pool. These attributes
--   can be standard or custom attributes.
cupSchema :: Lens' CreateUserPool (Maybe (NonEmpty SchemaAttributeType))

-- | The email configuration.
cupEmailConfiguration :: Lens' CreateUserPool (Maybe EmailConfigurationType)

-- | A string representing the SMS verification message.
cupSmsVerificationMessage :: Lens' CreateUserPool (Maybe Text)

-- | Specifies MFA configuration details.
cupMFAConfiguration :: Lens' CreateUserPool (Maybe UserPoolMFAType)

-- | The Lambda trigger configuration information for the new user pool.
cupLambdaConfig :: Lens' CreateUserPool (Maybe LambdaConfigType)

-- | The SMS configuration.
cupSmsConfiguration :: Lens' CreateUserPool (Maybe SmsConfigurationType)

-- | The configuration for <tt>AdminCreateUser</tt> requests.
cupAdminCreateUserConfig :: Lens' CreateUserPool (Maybe AdminCreateUserConfigType)

-- | The device configuration.
cupDeviceConfiguration :: Lens' CreateUserPool (Maybe DeviceConfigurationType)

-- | The attributes to be auto-verified. Possible values: <b>email</b> ,
--   <b>phone_number</b> .
cupAutoVerifiedAttributes :: Lens' CreateUserPool [VerifiedAttributeType]

-- | The policies associated with the new user pool.
cupPolicies :: Lens' CreateUserPool (Maybe UserPoolPolicyType)

-- | A string used to name the user pool.
cupPoolName :: Lens' CreateUserPool Text

-- | Creates a value of <a>CreateUserPoolResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cuprsUserPool</a> - A container for the user pool details.</li>
--   <li><a>cuprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createUserPoolResponse :: Int -> CreateUserPoolResponse

-- | Represents the response from the server for the request to create a
--   user pool.
--   
--   <i>See:</i> <a>createUserPoolResponse</a> smart constructor.
data CreateUserPoolResponse

-- | A container for the user pool details.
cuprsUserPool :: Lens' CreateUserPoolResponse (Maybe UserPoolType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cuprsResponseStatus :: Lens' CreateUserPoolResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPoolResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPoolResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPoolResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPoolResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPoolResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPoolResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.CreateUserPool.CreateUserPool


-- | Creates the user import job.
module Network.AWS.CognitoIdentityProvider.CreateUserImportJob

-- | Creates a value of <a>CreateUserImportJob</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cuijJobName</a> - The job name for the user import job.</li>
--   <li><a>cuijUserPoolId</a> - The user pool ID for the user pool that
--   the users are being imported into.</li>
--   <li><a>cuijCloudWatchLogsRoleARN</a> - The role ARN for the Amazon
--   CloudWatch Logging role for the user import job.</li>
--   </ul>
createUserImportJob :: Text -> Text -> Text -> CreateUserImportJob

-- | Represents the request to create the user import job.
--   
--   <i>See:</i> <a>createUserImportJob</a> smart constructor.
data CreateUserImportJob

-- | The job name for the user import job.
cuijJobName :: Lens' CreateUserImportJob Text

-- | The user pool ID for the user pool that the users are being imported
--   into.
cuijUserPoolId :: Lens' CreateUserImportJob Text

-- | The role ARN for the Amazon CloudWatch Logging role for the user
--   import job.
cuijCloudWatchLogsRoleARN :: Lens' CreateUserImportJob Text

-- | Creates a value of <a>CreateUserImportJobResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cuijrsUserImportJob</a> - The job object that represents the
--   user import job.</li>
--   <li><a>cuijrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createUserImportJobResponse :: Int -> CreateUserImportJobResponse

-- | Represents the response from the server to the request to create the
--   user import job.
--   
--   <i>See:</i> <a>createUserImportJobResponse</a> smart constructor.
data CreateUserImportJobResponse

-- | The job object that represents the user import job.
cuijrsUserImportJob :: Lens' CreateUserImportJobResponse (Maybe UserImportJobType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cuijrsResponseStatus :: Lens' CreateUserImportJobResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJobResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJobResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJobResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJobResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJobResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJobResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.CreateUserImportJob.CreateUserImportJob


-- | Creates a new OAuth2.0 resource server and defines custom scopes in
--   it.
module Network.AWS.CognitoIdentityProvider.CreateResourceServer

-- | Creates a value of <a>CreateResourceServer</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>crsScopes</a> - A list of scopes. Each scope is map, where the
--   keys are <tt>name</tt> and <tt>description</tt> .</li>
--   <li><a>crsUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>crsIdentifier</a> - A unique resource server identifier for the
--   resource server. This could be an HTTPS endpoint where the resource
--   server is located. For example,
--   <tt><a>https://my-weather-api.example.com</a></tt> .</li>
--   <li><a>crsName</a> - A friendly name for the resource server.</li>
--   </ul>
createResourceServer :: Text -> Text -> Text -> CreateResourceServer

-- | <i>See:</i> <a>createResourceServer</a> smart constructor.
data CreateResourceServer

-- | A list of scopes. Each scope is map, where the keys are <tt>name</tt>
--   and <tt>description</tt> .
crsScopes :: Lens' CreateResourceServer [ResourceServerScopeType]

-- | The user pool ID for the user pool.
crsUserPoolId :: Lens' CreateResourceServer Text

-- | A unique resource server identifier for the resource server. This
--   could be an HTTPS endpoint where the resource server is located. For
--   example, <tt><a>https://my-weather-api.example.com</a></tt> .
crsIdentifier :: Lens' CreateResourceServer Text

-- | A friendly name for the resource server.
crsName :: Lens' CreateResourceServer Text

-- | Creates a value of <a>CreateResourceServerResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>crsrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>crsrsResourceServer</a> - The newly created resource
--   server.</li>
--   </ul>
createResourceServerResponse :: Int -> ResourceServerType -> CreateResourceServerResponse

-- | <i>See:</i> <a>createResourceServerResponse</a> smart constructor.
data CreateResourceServerResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
crsrsResponseStatus :: Lens' CreateResourceServerResponse Int

-- | The newly created resource server.
crsrsResourceServer :: Lens' CreateResourceServerResponse ResourceServerType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServerResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServerResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServerResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServerResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServerResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServerResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.CreateResourceServer.CreateResourceServer


-- | Creates an identity provider for a user pool.
module Network.AWS.CognitoIdentityProvider.CreateIdentityProvider

-- | Creates a value of <a>CreateIdentityProvider</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cipIdpIdentifiers</a> - A list of identity provider
--   identifiers.</li>
--   <li><a>cipAttributeMapping</a> - A mapping of identity provider
--   attributes to standard and custom user pool attributes.</li>
--   <li><a>cipUserPoolId</a> - The user pool ID.</li>
--   <li><a>cipProviderName</a> - The identity provider name.</li>
--   <li><a>cipProviderType</a> - The identity provider type.</li>
--   <li><a>cipProviderDetails</a> - The identity provider details, such as
--   <tt>MetadataURL</tt> and <tt>MetadataFile</tt> .</li>
--   </ul>
createIdentityProvider :: Text -> Text -> IdentityProviderTypeType -> CreateIdentityProvider

-- | <i>See:</i> <a>createIdentityProvider</a> smart constructor.
data CreateIdentityProvider

-- | A list of identity provider identifiers.
cipIdpIdentifiers :: Lens' CreateIdentityProvider [Text]

-- | A mapping of identity provider attributes to standard and custom user
--   pool attributes.
cipAttributeMapping :: Lens' CreateIdentityProvider (HashMap Text Text)

-- | The user pool ID.
cipUserPoolId :: Lens' CreateIdentityProvider Text

-- | The identity provider name.
cipProviderName :: Lens' CreateIdentityProvider Text

-- | The identity provider type.
cipProviderType :: Lens' CreateIdentityProvider IdentityProviderTypeType

-- | The identity provider details, such as <tt>MetadataURL</tt> and
--   <tt>MetadataFile</tt> .
cipProviderDetails :: Lens' CreateIdentityProvider (HashMap Text Text)

-- | Creates a value of <a>CreateIdentityProviderResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ciprsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>ciprsIdentityProvider</a> - The newly created identity provider
--   object.</li>
--   </ul>
createIdentityProviderResponse :: Int -> IdentityProviderType -> CreateIdentityProviderResponse

-- | <i>See:</i> <a>createIdentityProviderResponse</a> smart constructor.
data CreateIdentityProviderResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ciprsResponseStatus :: Lens' CreateIdentityProviderResponse Int

-- | The newly created identity provider object.
ciprsIdentityProvider :: Lens' CreateIdentityProviderResponse IdentityProviderType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProviderResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProviderResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProviderResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProviderResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProviderResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProviderResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.CreateIdentityProvider.CreateIdentityProvider


-- | Creates a new group in the specified user pool.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.CreateGroup

-- | Creates a value of <a>CreateGroup</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cgPrecedence</a> - A nonnegative integer value that specifies
--   the precedence of this group relative to the other groups that a user
--   can belong to in the user pool. Zero is the highest precedence value.
--   Groups with lower <tt>Precedence</tt> values take precedence over
--   groups with higher or null <tt>Precedence</tt> values. If a user
--   belongs to two or more groups, it is the group with the lowest
--   precedence value whose role ARN will be used in the
--   <tt>cognito:roles</tt> and <tt>cognito:preferred_role</tt> claims in
--   the user's tokens. Two groups can have the same <tt>Precedence</tt>
--   value. If this happens, neither group takes precedence over the other.
--   If two groups with the same <tt>Precedence</tt> have the same role
--   ARN, that role is used in the <tt>cognito:preferred_role</tt> claim in
--   tokens for users in each group. If the two groups have different role
--   ARNs, the <tt>cognito:preferred_role</tt> claim is not set in users'
--   tokens. The default <tt>Precedence</tt> value is null.</li>
--   <li><a>cgDescription</a> - A string containing the description of the
--   group.</li>
--   <li><a>cgRoleARN</a> - The role ARN for the group.</li>
--   <li><a>cgGroupName</a> - The name of the group. Must be unique.</li>
--   <li><a>cgUserPoolId</a> - The user pool ID for the user pool.</li>
--   </ul>
createGroup :: Text -> Text -> CreateGroup

-- | <i>See:</i> <a>createGroup</a> smart constructor.
data CreateGroup

-- | A nonnegative integer value that specifies the precedence of this
--   group relative to the other groups that a user can belong to in the
--   user pool. Zero is the highest precedence value. Groups with lower
--   <tt>Precedence</tt> values take precedence over groups with higher or
--   null <tt>Precedence</tt> values. If a user belongs to two or more
--   groups, it is the group with the lowest precedence value whose role
--   ARN will be used in the <tt>cognito:roles</tt> and
--   <tt>cognito:preferred_role</tt> claims in the user's tokens. Two
--   groups can have the same <tt>Precedence</tt> value. If this happens,
--   neither group takes precedence over the other. If two groups with the
--   same <tt>Precedence</tt> have the same role ARN, that role is used in
--   the <tt>cognito:preferred_role</tt> claim in tokens for users in each
--   group. If the two groups have different role ARNs, the
--   <tt>cognito:preferred_role</tt> claim is not set in users' tokens. The
--   default <tt>Precedence</tt> value is null.
cgPrecedence :: Lens' CreateGroup (Maybe Natural)

-- | A string containing the description of the group.
cgDescription :: Lens' CreateGroup (Maybe Text)

-- | The role ARN for the group.
cgRoleARN :: Lens' CreateGroup (Maybe Text)

-- | The name of the group. Must be unique.
cgGroupName :: Lens' CreateGroup Text

-- | The user pool ID for the user pool.
cgUserPoolId :: Lens' CreateGroup Text

-- | Creates a value of <a>CreateGroupResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cgrsGroup</a> - The group object for the group.</li>
--   <li><a>cgrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createGroupResponse :: Int -> CreateGroupResponse

-- | <i>See:</i> <a>createGroupResponse</a> smart constructor.
data CreateGroupResponse

-- | The group object for the group.
cgrsGroup :: Lens' CreateGroupResponse (Maybe GroupType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cgrsResponseStatus :: Lens' CreateGroupResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroupResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroupResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroupResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroupResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroupResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroupResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.CreateGroup.CreateGroup


-- | Confirms registration of a user and handles the existing alias from a
--   previous user.
module Network.AWS.CognitoIdentityProvider.ConfirmSignUp

-- | Creates a value of <a>ConfirmSignUp</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>csuForceAliasCreation</a> - Boolean to be specified to force
--   user confirmation irrespective of existing alias. By default set to
--   <tt>False</tt> . If this parameter is set to <tt>True</tt> and the
--   phone number/email used for sign up confirmation already exists as an
--   alias with a different user, the API call will migrate the alias from
--   the previous user to the newly created user being confirmed. If set to
--   <tt>False</tt> , the API will throw an <b>AliasExistsException</b>
--   error.</li>
--   <li><a>csuAnalyticsMetadata</a> - The Amazon Pinpoint analytics
--   metadata for collecting metrics for <tt>ConfirmSignUp</tt> calls.</li>
--   <li><a>csuUserContextData</a> - Contextual data such as the user's
--   device fingerprint, IP address, or location used for evaluating the
--   risk of an unexpected event by Amazon Cognito advanced security.</li>
--   <li><a>csuSecretHash</a> - A keyed-hash message authentication code
--   (HMAC) calculated using the secret key of a user pool client and
--   username plus the client ID in the message.</li>
--   <li><a>csuClientId</a> - The ID of the app client associated with the
--   user pool.</li>
--   <li><a>csuUsername</a> - The user name of the user whose registration
--   you wish to confirm.</li>
--   <li><a>csuConfirmationCode</a> - The confirmation code sent by a
--   user's request to confirm registration.</li>
--   </ul>
confirmSignUp :: Text -> Text -> Text -> ConfirmSignUp

-- | Represents the request to confirm registration of a user.
--   
--   <i>See:</i> <a>confirmSignUp</a> smart constructor.
data ConfirmSignUp

-- | Boolean to be specified to force user confirmation irrespective of
--   existing alias. By default set to <tt>False</tt> . If this parameter
--   is set to <tt>True</tt> and the phone number/email used for sign up
--   confirmation already exists as an alias with a different user, the API
--   call will migrate the alias from the previous user to the newly
--   created user being confirmed. If set to <tt>False</tt> , the API will
--   throw an <b>AliasExistsException</b> error.
csuForceAliasCreation :: Lens' ConfirmSignUp (Maybe Bool)

-- | The Amazon Pinpoint analytics metadata for collecting metrics for
--   <tt>ConfirmSignUp</tt> calls.
csuAnalyticsMetadata :: Lens' ConfirmSignUp (Maybe AnalyticsMetadataType)

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
csuUserContextData :: Lens' ConfirmSignUp (Maybe UserContextDataType)

-- | A keyed-hash message authentication code (HMAC) calculated using the
--   secret key of a user pool client and username plus the client ID in
--   the message.
csuSecretHash :: Lens' ConfirmSignUp (Maybe Text)

-- | The ID of the app client associated with the user pool.
csuClientId :: Lens' ConfirmSignUp Text

-- | The user name of the user whose registration you wish to confirm.
csuUsername :: Lens' ConfirmSignUp Text

-- | The confirmation code sent by a user's request to confirm
--   registration.
csuConfirmationCode :: Lens' ConfirmSignUp Text

-- | Creates a value of <a>ConfirmSignUpResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>csursResponseStatus</a> - -- | The response status code.</li>
--   </ul>
confirmSignUpResponse :: Int -> ConfirmSignUpResponse

-- | Represents the response from the server for the registration
--   confirmation.
--   
--   <i>See:</i> <a>confirmSignUpResponse</a> smart constructor.
data ConfirmSignUpResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
csursResponseStatus :: Lens' ConfirmSignUpResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUpResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUpResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUpResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUpResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUpResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUpResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ConfirmSignUp.ConfirmSignUp


-- | Allows a user to enter a confirmation code to reset a forgotten
--   password.
module Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword

-- | Creates a value of <a>ConfirmForgotPassword</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfpAnalyticsMetadata</a> - The Amazon Pinpoint analytics
--   metadata for collecting metrics for <tt>ConfirmForgotPassword</tt>
--   calls.</li>
--   <li><a>cfpUserContextData</a> - Contextual data such as the user's
--   device fingerprint, IP address, or location used for evaluating the
--   risk of an unexpected event by Amazon Cognito advanced security.</li>
--   <li><a>cfpSecretHash</a> - A keyed-hash message authentication code
--   (HMAC) calculated using the secret key of a user pool client and
--   username plus the client ID in the message.</li>
--   <li><a>cfpClientId</a> - The app client ID of the app associated with
--   the user pool.</li>
--   <li><a>cfpUsername</a> - The user name of the user for whom you want
--   to enter a code to retrieve a forgotten password.</li>
--   <li><a>cfpConfirmationCode</a> - The confirmation code sent by a
--   user's request to retrieve a forgotten password. For more information,
--   see</li>
--   <li><a>cfpPassword</a> - The password sent by a user's request to
--   retrieve a forgotten password.</li>
--   </ul>
confirmForgotPassword :: Text -> Text -> Text -> Text -> ConfirmForgotPassword

-- | The request representing the confirmation for a password reset.
--   
--   <i>See:</i> <a>confirmForgotPassword</a> smart constructor.
data ConfirmForgotPassword

-- | The Amazon Pinpoint analytics metadata for collecting metrics for
--   <tt>ConfirmForgotPassword</tt> calls.
cfpAnalyticsMetadata :: Lens' ConfirmForgotPassword (Maybe AnalyticsMetadataType)

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
cfpUserContextData :: Lens' ConfirmForgotPassword (Maybe UserContextDataType)

-- | A keyed-hash message authentication code (HMAC) calculated using the
--   secret key of a user pool client and username plus the client ID in
--   the message.
cfpSecretHash :: Lens' ConfirmForgotPassword (Maybe Text)

-- | The app client ID of the app associated with the user pool.
cfpClientId :: Lens' ConfirmForgotPassword Text

-- | The user name of the user for whom you want to enter a code to
--   retrieve a forgotten password.
cfpUsername :: Lens' ConfirmForgotPassword Text

-- | The confirmation code sent by a user's request to retrieve a forgotten
--   password. For more information, see
cfpConfirmationCode :: Lens' ConfirmForgotPassword Text

-- | The password sent by a user's request to retrieve a forgotten
--   password.
cfpPassword :: Lens' ConfirmForgotPassword Text

-- | Creates a value of <a>ConfirmForgotPasswordResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
confirmForgotPasswordResponse :: Int -> ConfirmForgotPasswordResponse

-- | The response from the server that results from a user's request to
--   retrieve a forgotten password.
--   
--   <i>See:</i> <a>confirmForgotPasswordResponse</a> smart constructor.
data ConfirmForgotPasswordResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cfprsResponseStatus :: Lens' ConfirmForgotPasswordResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPasswordResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPasswordResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPasswordResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPasswordResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPasswordResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPasswordResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ConfirmForgotPassword.ConfirmForgotPassword


-- | Confirms tracking of the device. This API call is the call that begins
--   device tracking.
module Network.AWS.CognitoIdentityProvider.ConfirmDevice

-- | Creates a value of <a>ConfirmDevice</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cdDeviceSecretVerifierConfig</a> - The configuration of the
--   device secret verifier.</li>
--   <li><a>cdDeviceName</a> - The device name.</li>
--   <li><a>cdAccessToken</a> - The access token.</li>
--   <li><a>cdDeviceKey</a> - The device key.</li>
--   </ul>
confirmDevice :: Text -> Text -> ConfirmDevice

-- | Confirms the device request.
--   
--   <i>See:</i> <a>confirmDevice</a> smart constructor.
data ConfirmDevice

-- | The configuration of the device secret verifier.
cdDeviceSecretVerifierConfig :: Lens' ConfirmDevice (Maybe DeviceSecretVerifierConfigType)

-- | The device name.
cdDeviceName :: Lens' ConfirmDevice (Maybe Text)

-- | The access token.
cdAccessToken :: Lens' ConfirmDevice Text

-- | The device key.
cdDeviceKey :: Lens' ConfirmDevice Text

-- | Creates a value of <a>ConfirmDeviceResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cdrsUserConfirmationNecessary</a> - Indicates whether the user
--   confirmation is necessary to confirm the device response.</li>
--   <li><a>cdrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
confirmDeviceResponse :: Int -> ConfirmDeviceResponse

-- | Confirms the device response.
--   
--   <i>See:</i> <a>confirmDeviceResponse</a> smart constructor.
data ConfirmDeviceResponse

-- | Indicates whether the user confirmation is necessary to confirm the
--   device response.
cdrsUserConfirmationNecessary :: Lens' ConfirmDeviceResponse (Maybe Bool)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cdrsResponseStatus :: Lens' ConfirmDeviceResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDeviceResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDeviceResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDeviceResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDeviceResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDeviceResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDeviceResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ConfirmDevice.ConfirmDevice


-- | Changes the password for a specified user in a user pool.
module Network.AWS.CognitoIdentityProvider.ChangePassword

-- | Creates a value of <a>ChangePassword</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cpPreviousPassword</a> - The old password.</li>
--   <li><a>cpProposedPassword</a> - The new password.</li>
--   <li><a>cpAccessToken</a> - The access token.</li>
--   </ul>
changePassword :: Text -> Text -> Text -> ChangePassword

-- | Represents the request to change a user password.
--   
--   <i>See:</i> <a>changePassword</a> smart constructor.
data ChangePassword

-- | The old password.
cpPreviousPassword :: Lens' ChangePassword Text

-- | The new password.
cpProposedPassword :: Lens' ChangePassword Text

-- | The access token.
cpAccessToken :: Lens' ChangePassword Text

-- | Creates a value of <a>ChangePasswordResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
changePasswordResponse :: Int -> ChangePasswordResponse

-- | The response from the server to the change password request.
--   
--   <i>See:</i> <a>changePasswordResponse</a> smart constructor.
data ChangePasswordResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cprsResponseStatus :: Lens' ChangePasswordResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePasswordResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePasswordResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePasswordResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePasswordResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePasswordResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePasswordResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.ChangePassword.ChangePassword


-- | Returns a unique generated shared secret key code for the user
--   account. The request takes an access token or a session string, but
--   not both.
module Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken

-- | Creates a value of <a>AssociateSoftwareToken</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>astAccessToken</a> - The access token.</li>
--   <li><a>astSession</a> - The session which should be passed both ways
--   in challenge-response calls to the service. This allows authentication
--   of the user as part of the MFA setup process.</li>
--   </ul>
associateSoftwareToken :: AssociateSoftwareToken

-- | <i>See:</i> <a>associateSoftwareToken</a> smart constructor.
data AssociateSoftwareToken

-- | The access token.
astAccessToken :: Lens' AssociateSoftwareToken (Maybe Text)

-- | The session which should be passed both ways in challenge-response
--   calls to the service. This allows authentication of the user as part
--   of the MFA setup process.
astSession :: Lens' AssociateSoftwareToken (Maybe Text)

-- | Creates a value of <a>AssociateSoftwareTokenResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>astrsSecretCode</a> - A unique generated shared secret code
--   that is used in the TOTP algorithm to generate a one time code.</li>
--   <li><a>astrsSession</a> - The session which should be passed both ways
--   in challenge-response calls to the service. This allows authentication
--   of the user as part of the MFA setup process.</li>
--   <li><a>astrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
associateSoftwareTokenResponse :: Int -> AssociateSoftwareTokenResponse

-- | <i>See:</i> <a>associateSoftwareTokenResponse</a> smart constructor.
data AssociateSoftwareTokenResponse

-- | A unique generated shared secret code that is used in the TOTP
--   algorithm to generate a one time code.
astrsSecretCode :: Lens' AssociateSoftwareTokenResponse (Maybe Text)

-- | The session which should be passed both ways in challenge-response
--   calls to the service. This allows authentication of the user as part
--   of the MFA setup process.
astrsSession :: Lens' AssociateSoftwareTokenResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
astrsResponseStatus :: Lens' AssociateSoftwareTokenResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareTokenResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareTokenResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareTokenResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareTokenResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareTokenResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AssociateSoftwareToken.AssociateSoftwareToken


-- | Signs out users from all devices, as an administrator.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut

-- | Creates a value of <a>AdminUserGlobalSignOut</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>augsoUserPoolId</a> - The user pool ID.</li>
--   <li><a>augsoUsername</a> - The user name.</li>
--   </ul>
adminUserGlobalSignOut :: Text -> Text -> AdminUserGlobalSignOut

-- | The request to sign out of all devices, as an administrator.
--   
--   <i>See:</i> <a>adminUserGlobalSignOut</a> smart constructor.
data AdminUserGlobalSignOut

-- | The user pool ID.
augsoUserPoolId :: Lens' AdminUserGlobalSignOut Text

-- | The user name.
augsoUsername :: Lens' AdminUserGlobalSignOut Text

-- | Creates a value of <a>AdminUserGlobalSignOutResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>augsorsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminUserGlobalSignOutResponse :: Int -> AdminUserGlobalSignOutResponse

-- | The global sign-out response, as an administrator.
--   
--   <i>See:</i> <a>adminUserGlobalSignOutResponse</a> smart constructor.
data AdminUserGlobalSignOutResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
augsorsResponseStatus :: Lens' AdminUserGlobalSignOutResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOutResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOutResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOutResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOutResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOutResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOutResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminUserGlobalSignOut.AdminUserGlobalSignOut


-- | Updates the specified user's attributes, including developer
--   attributes, as an administrator. Works on any user.
--   
--   For custom attributes, you must prepend the <tt>custom:</tt> prefix to
--   the attribute name.
--   
--   In addition to updating user attributes, this API can also be used to
--   mark phone and email as verified.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes

-- | Creates a value of <a>AdminUpdateUserAttributes</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>auuaUserPoolId</a> - The user pool ID for the user pool where
--   you want to update user attributes.</li>
--   <li><a>auuaUsername</a> - The user name of the user for whom you want
--   to update user attributes.</li>
--   <li><a>auuaUserAttributes</a> - An array of name-value pairs
--   representing user attributes. For custom attributes, you must prepend
--   the <tt>custom:</tt> prefix to the attribute name.</li>
--   </ul>
adminUpdateUserAttributes :: Text -> Text -> AdminUpdateUserAttributes

-- | Represents the request to update the user's attributes as an
--   administrator.
--   
--   <i>See:</i> <a>adminUpdateUserAttributes</a> smart constructor.
data AdminUpdateUserAttributes

-- | The user pool ID for the user pool where you want to update user
--   attributes.
auuaUserPoolId :: Lens' AdminUpdateUserAttributes Text

-- | The user name of the user for whom you want to update user attributes.
auuaUsername :: Lens' AdminUpdateUserAttributes Text

-- | An array of name-value pairs representing user attributes. For custom
--   attributes, you must prepend the <tt>custom:</tt> prefix to the
--   attribute name.
auuaUserAttributes :: Lens' AdminUpdateUserAttributes [AttributeType]

-- | Creates a value of <a>AdminUpdateUserAttributesResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>auuarsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminUpdateUserAttributesResponse :: Int -> AdminUpdateUserAttributesResponse

-- | Represents the response from the server for the request to update user
--   attributes as an administrator.
--   
--   <i>See:</i> <a>adminUpdateUserAttributesResponse</a> smart
--   constructor.
data AdminUpdateUserAttributesResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
auuarsResponseStatus :: Lens' AdminUpdateUserAttributesResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributesResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributesResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributesResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributesResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributesResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributesResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminUpdateUserAttributes.AdminUpdateUserAttributes


-- | Updates the device status as an administrator.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus

-- | Creates a value of <a>AdminUpdateDeviceStatus</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>audsDeviceRememberedStatus</a> - The status indicating whether
--   a device has been remembered or not.</li>
--   <li><a>audsUserPoolId</a> - The user pool ID.</li>
--   <li><a>audsUsername</a> - The user name.</li>
--   <li><a>audsDeviceKey</a> - The device key.</li>
--   </ul>
adminUpdateDeviceStatus :: Text -> Text -> Text -> AdminUpdateDeviceStatus

-- | The request to update the device status, as an administrator.
--   
--   <i>See:</i> <a>adminUpdateDeviceStatus</a> smart constructor.
data AdminUpdateDeviceStatus

-- | The status indicating whether a device has been remembered or not.
audsDeviceRememberedStatus :: Lens' AdminUpdateDeviceStatus (Maybe DeviceRememberedStatusType)

-- | The user pool ID.
audsUserPoolId :: Lens' AdminUpdateDeviceStatus Text

-- | The user name.
audsUsername :: Lens' AdminUpdateDeviceStatus Text

-- | The device key.
audsDeviceKey :: Lens' AdminUpdateDeviceStatus Text

-- | Creates a value of <a>AdminUpdateDeviceStatusResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>audsrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminUpdateDeviceStatusResponse :: Int -> AdminUpdateDeviceStatusResponse

-- | The status response from the request to update the device, as an
--   administrator.
--   
--   <i>See:</i> <a>adminUpdateDeviceStatusResponse</a> smart constructor.
data AdminUpdateDeviceStatusResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
audsrsResponseStatus :: Lens' AdminUpdateDeviceStatusResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatusResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatusResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatusResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatusResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatusResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatusResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminUpdateDeviceStatus.AdminUpdateDeviceStatus


-- | Provides feedback for an authentication event as to whether it was
--   from a valid user. This feedback is used for improving the risk
--   evaluation decision for the user pool as part of Amazon Cognito
--   advanced security.
module Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback

-- | Creates a value of <a>AdminUpdateAuthEventFeedback</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>auaefUserPoolId</a> - The user pool ID.</li>
--   <li><a>auaefUsername</a> - The user pool username.</li>
--   <li><a>auaefEventId</a> - The authentication event ID.</li>
--   <li><a>auaefFeedbackValue</a> - The authentication event feedback
--   value.</li>
--   </ul>
adminUpdateAuthEventFeedback :: Text -> Text -> Text -> FeedbackValueType -> AdminUpdateAuthEventFeedback

-- | <i>See:</i> <a>adminUpdateAuthEventFeedback</a> smart constructor.
data AdminUpdateAuthEventFeedback

-- | The user pool ID.
auaefUserPoolId :: Lens' AdminUpdateAuthEventFeedback Text

-- | The user pool username.
auaefUsername :: Lens' AdminUpdateAuthEventFeedback Text

-- | The authentication event ID.
auaefEventId :: Lens' AdminUpdateAuthEventFeedback Text

-- | The authentication event feedback value.
auaefFeedbackValue :: Lens' AdminUpdateAuthEventFeedback FeedbackValueType

-- | Creates a value of <a>AdminUpdateAuthEventFeedbackResponse</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>auaefrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminUpdateAuthEventFeedbackResponse :: Int -> AdminUpdateAuthEventFeedbackResponse

-- | <i>See:</i> <a>adminUpdateAuthEventFeedbackResponse</a> smart
--   constructor.
data AdminUpdateAuthEventFeedbackResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
auaefrsResponseStatus :: Lens' AdminUpdateAuthEventFeedbackResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedbackResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedbackResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedbackResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedbackResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedbackResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedbackResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminUpdateAuthEventFeedback.AdminUpdateAuthEventFeedback


-- | Sets all the user settings for a specified user name. Works on any
--   user.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminSetUserSettings

-- | Creates a value of <a>AdminSetUserSettings</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>asusUserPoolId</a> - The user pool ID for the user pool where
--   you want to set the user's settings, such as MFA options.</li>
--   <li><a>asusUsername</a> - The user name of the user for whom you wish
--   to set user settings.</li>
--   <li><a>asusMFAOptions</a> - Specifies the options for MFA (e.g., email
--   or phone number).</li>
--   </ul>
adminSetUserSettings :: Text -> Text -> AdminSetUserSettings

-- | Represents the request to set user settings as an administrator.
--   
--   <i>See:</i> <a>adminSetUserSettings</a> smart constructor.
data AdminSetUserSettings

-- | The user pool ID for the user pool where you want to set the user's
--   settings, such as MFA options.
asusUserPoolId :: Lens' AdminSetUserSettings Text

-- | The user name of the user for whom you wish to set user settings.
asusUsername :: Lens' AdminSetUserSettings Text

-- | Specifies the options for MFA (e.g., email or phone number).
asusMFAOptions :: Lens' AdminSetUserSettings [MFAOptionType]

-- | Creates a value of <a>AdminSetUserSettingsResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>asusrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminSetUserSettingsResponse :: Int -> AdminSetUserSettingsResponse

-- | Represents the response from the server to set user settings as an
--   administrator.
--   
--   <i>See:</i> <a>adminSetUserSettingsResponse</a> smart constructor.
data AdminSetUserSettingsResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
asusrsResponseStatus :: Lens' AdminSetUserSettingsResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettingsResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettingsResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettingsResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettingsResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettingsResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettingsResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminSetUserSettings.AdminSetUserSettings


-- | Sets the user's multi-factor authentication (MFA) preference.
module Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference

-- | Creates a value of <a>AdminSetUserMFAPreference</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>asumpSMSMFASettings</a> - The SMS text message MFA
--   settings.</li>
--   <li><a>asumpSoftwareTokenMFASettings</a> - The time-based one-time
--   password software token MFA settings.</li>
--   <li><a>asumpUsername</a> - The user pool username or alias.</li>
--   <li><a>asumpUserPoolId</a> - The user pool ID.</li>
--   </ul>
adminSetUserMFAPreference :: Text -> Text -> AdminSetUserMFAPreference

-- | <i>See:</i> <a>adminSetUserMFAPreference</a> smart constructor.
data AdminSetUserMFAPreference

-- | The SMS text message MFA settings.
asumpSMSMFASettings :: Lens' AdminSetUserMFAPreference (Maybe SMSMFASettingsType)

-- | The time-based one-time password software token MFA settings.
asumpSoftwareTokenMFASettings :: Lens' AdminSetUserMFAPreference (Maybe SoftwareTokenMFASettingsType)

-- | The user pool username or alias.
asumpUsername :: Lens' AdminSetUserMFAPreference Text

-- | The user pool ID.
asumpUserPoolId :: Lens' AdminSetUserMFAPreference Text

-- | Creates a value of <a>AdminSetUserMFAPreferenceResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>asumprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminSetUserMFAPreferenceResponse :: Int -> AdminSetUserMFAPreferenceResponse

-- | <i>See:</i> <a>adminSetUserMFAPreferenceResponse</a> smart
--   constructor.
data AdminSetUserMFAPreferenceResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
asumprsResponseStatus :: Lens' AdminSetUserMFAPreferenceResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreferenceResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreferenceResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreferenceResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreferenceResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreferenceResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreferenceResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminSetUserMFAPreference.AdminSetUserMFAPreference


-- | Responds to an authentication challenge, as an administrator.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge

-- | Creates a value of <a>AdminRespondToAuthChallenge</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>artacContextData</a> - Contextual data such as the user's
--   device fingerprint, IP address, or location used for evaluating the
--   risk of an unexpected event by Amazon Cognito advanced security.</li>
--   <li><a>artacAnalyticsMetadata</a> - The analytics metadata for
--   collecting Amazon Pinpoint metrics for
--   <tt>AdminRespondToAuthChallenge</tt> calls.</li>
--   <li><a>artacChallengeResponses</a> - The challenge responses. These
--   are inputs corresponding to the value of <tt>ChallengeName</tt> , for
--   example: * <tt>SMS_MFA</tt> : <tt>SMS_MFA_CODE</tt> ,
--   <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is configured
--   with client secret). * <tt>PASSWORD_VERIFIER</tt> :
--   <tt>PASSWORD_CLAIM_SIGNATURE</tt> ,
--   <tt>PASSWORD_CLAIM_SECRET_BLOCK</tt> , <tt>TIMESTAMP</tt> ,
--   <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is configured
--   with client secret). * <tt>ADMIN_NO_SRP_AUTH</tt> : <tt>PASSWORD</tt>
--   , <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is
--   configured with client secret). * <tt>NEW_PASSWORD_REQUIRED</tt> :
--   <tt>NEW_PASSWORD</tt> , any other required attributes,
--   <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is configured
--   with client secret). The value of the <tt>USERNAME</tt> attribute must
--   be the user's actual username, not an alias (such as email address or
--   phone number). To make this easier, the <tt>AdminInitiateAuth</tt>
--   response includes the actual username value in the
--   <tt>USERNAMEUSER_ID_FOR_SRP</tt> attribute, even if you specified an
--   alias in your call to <tt>AdminInitiateAuth</tt> .</li>
--   <li><a>artacSession</a> - The session which should be passed both ways
--   in challenge-response calls to the service. If <tt>InitiateAuth</tt>
--   or <tt>RespondToAuthChallenge</tt> API call determines that the caller
--   needs to go through another challenge, they return a session with
--   other challenge parameters. This session should be passed as it is to
--   the next <tt>RespondToAuthChallenge</tt> API call.</li>
--   <li><a>artacUserPoolId</a> - The ID of the Amazon Cognito user
--   pool.</li>
--   <li><a>artacClientId</a> - The app client ID.</li>
--   <li><a>artacChallengeName</a> - The challenge name. For more
--   information, see .</li>
--   </ul>
adminRespondToAuthChallenge :: Text -> Text -> ChallengeNameType -> AdminRespondToAuthChallenge

-- | The request to respond to the authentication challenge, as an
--   administrator.
--   
--   <i>See:</i> <a>adminRespondToAuthChallenge</a> smart constructor.
data AdminRespondToAuthChallenge

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
artacContextData :: Lens' AdminRespondToAuthChallenge (Maybe ContextDataType)

-- | The analytics metadata for collecting Amazon Pinpoint metrics for
--   <tt>AdminRespondToAuthChallenge</tt> calls.
artacAnalyticsMetadata :: Lens' AdminRespondToAuthChallenge (Maybe AnalyticsMetadataType)

-- | The challenge responses. These are inputs corresponding to the value
--   of <tt>ChallengeName</tt> , for example: * <tt>SMS_MFA</tt> :
--   <tt>SMS_MFA_CODE</tt> , <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if
--   app client is configured with client secret). *
--   <tt>PASSWORD_VERIFIER</tt> : <tt>PASSWORD_CLAIM_SIGNATURE</tt> ,
--   <tt>PASSWORD_CLAIM_SECRET_BLOCK</tt> , <tt>TIMESTAMP</tt> ,
--   <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is configured
--   with client secret). * <tt>ADMIN_NO_SRP_AUTH</tt> : <tt>PASSWORD</tt>
--   , <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is
--   configured with client secret). * <tt>NEW_PASSWORD_REQUIRED</tt> :
--   <tt>NEW_PASSWORD</tt> , any other required attributes,
--   <tt>USERNAME</tt> , <tt>SECRET_HASH</tt> (if app client is configured
--   with client secret). The value of the <tt>USERNAME</tt> attribute must
--   be the user's actual username, not an alias (such as email address or
--   phone number). To make this easier, the <tt>AdminInitiateAuth</tt>
--   response includes the actual username value in the
--   <tt>USERNAMEUSER_ID_FOR_SRP</tt> attribute, even if you specified an
--   alias in your call to <tt>AdminInitiateAuth</tt> .
artacChallengeResponses :: Lens' AdminRespondToAuthChallenge (HashMap Text Text)

-- | The session which should be passed both ways in challenge-response
--   calls to the service. If <tt>InitiateAuth</tt> or
--   <tt>RespondToAuthChallenge</tt> API call determines that the caller
--   needs to go through another challenge, they return a session with
--   other challenge parameters. This session should be passed as it is to
--   the next <tt>RespondToAuthChallenge</tt> API call.
artacSession :: Lens' AdminRespondToAuthChallenge (Maybe Text)

-- | The ID of the Amazon Cognito user pool.
artacUserPoolId :: Lens' AdminRespondToAuthChallenge Text

-- | The app client ID.
artacClientId :: Lens' AdminRespondToAuthChallenge Text

-- | The challenge name. For more information, see .
artacChallengeName :: Lens' AdminRespondToAuthChallenge ChallengeNameType

-- | Creates a value of <a>AdminRespondToAuthChallengeResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>artacrsChallengeName</a> - The name of the challenge. For more
--   information, see .</li>
--   <li><a>artacrsChallengeParameters</a> - The challenge parameters. For
--   more information, see .</li>
--   <li><a>artacrsAuthenticationResult</a> - The result returned by the
--   server in response to the authentication request.</li>
--   <li><a>artacrsSession</a> - The session which should be passed both
--   ways in challenge-response calls to the service. If the or API call
--   determines that the caller needs to go through another challenge, they
--   return a session with other challenge parameters. This session should
--   be passed as it is to the next <tt>RespondToAuthChallenge</tt> API
--   call.</li>
--   <li><a>artacrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminRespondToAuthChallengeResponse :: Int -> AdminRespondToAuthChallengeResponse

-- | Responds to the authentication challenge, as an administrator.
--   
--   <i>See:</i> <a>adminRespondToAuthChallengeResponse</a> smart
--   constructor.
data AdminRespondToAuthChallengeResponse

-- | The name of the challenge. For more information, see .
artacrsChallengeName :: Lens' AdminRespondToAuthChallengeResponse (Maybe ChallengeNameType)

-- | The challenge parameters. For more information, see .
artacrsChallengeParameters :: Lens' AdminRespondToAuthChallengeResponse (HashMap Text Text)

-- | The result returned by the server in response to the authentication
--   request.
artacrsAuthenticationResult :: Lens' AdminRespondToAuthChallengeResponse (Maybe AuthenticationResultType)

-- | The session which should be passed both ways in challenge-response
--   calls to the service. If the or API call determines that the caller
--   needs to go through another challenge, they return a session with
--   other challenge parameters. This session should be passed as it is to
--   the next <tt>RespondToAuthChallenge</tt> API call.
artacrsSession :: Lens' AdminRespondToAuthChallengeResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
artacrsResponseStatus :: Lens' AdminRespondToAuthChallengeResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallengeResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallengeResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallengeResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallengeResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallengeResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminRespondToAuthChallenge.AdminRespondToAuthChallenge


-- | Resets the specified user's password in a user pool as an
--   administrator. Works on any user.
--   
--   When a developer calls this API, the current password is invalidated,
--   so it must be changed. If a user tries to sign in after the API is
--   called, the app will get a PasswordResetRequiredException exception
--   back and should direct the user down the flow to reset the password,
--   which is the same as the forgot password flow. In addition, if the
--   user pool has phone verification selected and a verified phone number
--   exists for the user, or if email verification is selected and a
--   verified email exists for the user, calling this API will also result
--   in sending a message to the end user with the code to change their
--   password.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminResetUserPassword

-- | Creates a value of <a>AdminResetUserPassword</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>arupUserPoolId</a> - The user pool ID for the user pool where
--   you want to reset the user's password.</li>
--   <li><a>arupUsername</a> - The user name of the user whose password you
--   wish to reset.</li>
--   </ul>
adminResetUserPassword :: Text -> Text -> AdminResetUserPassword

-- | Represents the request to reset a user's password as an administrator.
--   
--   <i>See:</i> <a>adminResetUserPassword</a> smart constructor.
data AdminResetUserPassword

-- | The user pool ID for the user pool where you want to reset the user's
--   password.
arupUserPoolId :: Lens' AdminResetUserPassword Text

-- | The user name of the user whose password you wish to reset.
arupUsername :: Lens' AdminResetUserPassword Text

-- | Creates a value of <a>AdminResetUserPasswordResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aruprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminResetUserPasswordResponse :: Int -> AdminResetUserPasswordResponse

-- | Represents the response from the server to reset a user password as an
--   administrator.
--   
--   <i>See:</i> <a>adminResetUserPasswordResponse</a> smart constructor.
data AdminResetUserPasswordResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
aruprsResponseStatus :: Lens' AdminResetUserPasswordResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPasswordResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPasswordResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPasswordResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPasswordResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPasswordResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPasswordResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminResetUserPassword.AdminResetUserPassword


-- | Removes the specified user from the specified group.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup

-- | Creates a value of <a>AdminRemoveUserFromGroup</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>arufgUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>arufgUsername</a> - The username for the user.</li>
--   <li><a>arufgGroupName</a> - The group name.</li>
--   </ul>
adminRemoveUserFromGroup :: Text -> Text -> Text -> AdminRemoveUserFromGroup

-- | <i>See:</i> <a>adminRemoveUserFromGroup</a> smart constructor.
data AdminRemoveUserFromGroup

-- | The user pool ID for the user pool.
arufgUserPoolId :: Lens' AdminRemoveUserFromGroup Text

-- | The username for the user.
arufgUsername :: Lens' AdminRemoveUserFromGroup Text

-- | The group name.
arufgGroupName :: Lens' AdminRemoveUserFromGroup Text

-- | Creates a value of <a>AdminRemoveUserFromGroupResponse</a> with the
--   minimum fields required to make a request.
adminRemoveUserFromGroupResponse :: AdminRemoveUserFromGroupResponse

-- | <i>See:</i> <a>adminRemoveUserFromGroupResponse</a> smart constructor.
data AdminRemoveUserFromGroupResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroupResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroupResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroupResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroupResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroupResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroupResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminRemoveUserFromGroup.AdminRemoveUserFromGroup


-- | Lists a history of user activity and any risks detected as part of
--   Amazon Cognito advanced security.
module Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents

-- | Creates a value of <a>AdminListUserAuthEvents</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aluaeNextToken</a> - A pagination token.</li>
--   <li><a>aluaeMaxResults</a> - The maximum number of authentication
--   events to return.</li>
--   <li><a>aluaeUserPoolId</a> - The user pool ID.</li>
--   <li><a>aluaeUsername</a> - The user pool username or an alias.</li>
--   </ul>
adminListUserAuthEvents :: Text -> Text -> AdminListUserAuthEvents

-- | <i>See:</i> <a>adminListUserAuthEvents</a> smart constructor.
data AdminListUserAuthEvents

-- | A pagination token.
aluaeNextToken :: Lens' AdminListUserAuthEvents (Maybe Text)

-- | The maximum number of authentication events to return.
aluaeMaxResults :: Lens' AdminListUserAuthEvents (Maybe Natural)

-- | The user pool ID.
aluaeUserPoolId :: Lens' AdminListUserAuthEvents Text

-- | The user pool username or an alias.
aluaeUsername :: Lens' AdminListUserAuthEvents Text

-- | Creates a value of <a>AdminListUserAuthEventsResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aluaersNextToken</a> - A pagination token.</li>
--   <li><a>aluaersAuthEvents</a> - The response object. It includes the
--   <tt>EventID</tt> , <tt>EventType</tt> , <tt>CreationDate</tt> ,
--   <tt>EventRisk</tt> , and <tt>EventResponse</tt> .</li>
--   <li><a>aluaersResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminListUserAuthEventsResponse :: Int -> AdminListUserAuthEventsResponse

-- | <i>See:</i> <a>adminListUserAuthEventsResponse</a> smart constructor.
data AdminListUserAuthEventsResponse

-- | A pagination token.
aluaersNextToken :: Lens' AdminListUserAuthEventsResponse (Maybe Text)

-- | The response object. It includes the <tt>EventID</tt> ,
--   <tt>EventType</tt> , <tt>CreationDate</tt> , <tt>EventRisk</tt> , and
--   <tt>EventResponse</tt> .
aluaersAuthEvents :: Lens' AdminListUserAuthEventsResponse [AuthEventType]

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
aluaersResponseStatus :: Lens' AdminListUserAuthEventsResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEventsResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEventsResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEventsResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEventsResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEventsResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEventsResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminListUserAuthEvents.AdminListUserAuthEvents


-- | Lists the groups that the user belongs to.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser

-- | Creates a value of <a>AdminListGroupsForUser</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>algfuNextToken</a> - An identifier that was returned from the
--   previous call to this operation, which can be used to return the next
--   set of items in the list.</li>
--   <li><a>algfuLimit</a> - The limit of the request to list groups.</li>
--   <li><a>algfuUsername</a> - The username for the user.</li>
--   <li><a>algfuUserPoolId</a> - The user pool ID for the user pool.</li>
--   </ul>
adminListGroupsForUser :: Text -> Text -> AdminListGroupsForUser

-- | <i>See:</i> <a>adminListGroupsForUser</a> smart constructor.
data AdminListGroupsForUser

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
algfuNextToken :: Lens' AdminListGroupsForUser (Maybe Text)

-- | The limit of the request to list groups.
algfuLimit :: Lens' AdminListGroupsForUser (Maybe Natural)

-- | The username for the user.
algfuUsername :: Lens' AdminListGroupsForUser Text

-- | The user pool ID for the user pool.
algfuUserPoolId :: Lens' AdminListGroupsForUser Text

-- | Creates a value of <a>AdminListGroupsForUserResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>algfursGroups</a> - The groups that the user belongs to.</li>
--   <li><a>algfursNextToken</a> - An identifier that was returned from the
--   previous call to this operation, which can be used to return the next
--   set of items in the list.</li>
--   <li><a>algfursResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminListGroupsForUserResponse :: Int -> AdminListGroupsForUserResponse

-- | <i>See:</i> <a>adminListGroupsForUserResponse</a> smart constructor.
data AdminListGroupsForUserResponse

-- | The groups that the user belongs to.
algfursGroups :: Lens' AdminListGroupsForUserResponse [GroupType]

-- | An identifier that was returned from the previous call to this
--   operation, which can be used to return the next set of items in the
--   list.
algfursNextToken :: Lens' AdminListGroupsForUserResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
algfursResponseStatus :: Lens' AdminListGroupsForUserResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUserResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUserResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUserResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUserResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUserResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminListGroupsForUser.AdminListGroupsForUser


-- | Lists devices, as an administrator.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminListDevices

-- | Creates a value of <a>AdminListDevices</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aldPaginationToken</a> - The pagination token.</li>
--   <li><a>aldLimit</a> - The limit of the devices request.</li>
--   <li><a>aldUserPoolId</a> - The user pool ID.</li>
--   <li><a>aldUsername</a> - The user name.</li>
--   </ul>
adminListDevices :: Text -> Text -> AdminListDevices

-- | Represents the request to list devices, as an administrator.
--   
--   <i>See:</i> <a>adminListDevices</a> smart constructor.
data AdminListDevices

-- | The pagination token.
aldPaginationToken :: Lens' AdminListDevices (Maybe Text)

-- | The limit of the devices request.
aldLimit :: Lens' AdminListDevices (Maybe Natural)

-- | The user pool ID.
aldUserPoolId :: Lens' AdminListDevices Text

-- | The user name.
aldUsername :: Lens' AdminListDevices Text

-- | Creates a value of <a>AdminListDevicesResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aldrsPaginationToken</a> - The pagination token.</li>
--   <li><a>aldrsDevices</a> - The devices in the list of devices
--   response.</li>
--   <li><a>aldrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminListDevicesResponse :: Int -> AdminListDevicesResponse

-- | Lists the device's response, as an administrator.
--   
--   <i>See:</i> <a>adminListDevicesResponse</a> smart constructor.
data AdminListDevicesResponse

-- | The pagination token.
aldrsPaginationToken :: Lens' AdminListDevicesResponse (Maybe Text)

-- | The devices in the list of devices response.
aldrsDevices :: Lens' AdminListDevicesResponse [DeviceType]

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
aldrsResponseStatus :: Lens' AdminListDevicesResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevicesResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevicesResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevicesResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevicesResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevicesResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminListDevices.AdminListDevices


-- | Links an existing user account in a user pool
--   (<tt>DestinationUser</tt> ) to an identity from an external identity
--   provider (<tt>SourceUser</tt> ) based on a specified attribute name
--   and value from the external identity provider. This allows you to
--   create a link from the existing user account to an external federated
--   user identity that has not yet been used to sign in, so that the
--   federated user identity can be used to sign in as the existing user
--   account.
--   
--   For example, if there is an existing user with a username and
--   password, this API links that user to a federated user identity, so
--   that when the federated user identity is used, the user signs in as
--   the existing user account.
--   
--   <i>Important:</i> Because this API allows a user with an external
--   federated identity to sign in as an existing user in the user pool, it
--   is critical that it only be used with external identity providers and
--   provider attributes that have been trusted by the application owner.
--   
--   See also .
--   
--   This action is enabled only for admin access and requires developer
--   credentials.
module Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser

-- | Creates a value of <a>AdminLinkProviderForUser</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>alpfuUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>alpfuDestinationUser</a> - The existing user in the user pool
--   to be linked to the external identity provider user account. Can be a
--   native (Username + Password) Cognito User Pools user or a federated
--   user (for example, a SAML or Facebook user). If the user doesn't
--   exist, an exception is thrown. This is the user that is returned when
--   the new user (with the linked identity provider attribute) signs in.
--   For a native username + password user, the
--   <tt>ProviderAttributeValue</tt> for the <tt>DestinationUser</tt>
--   should be the username in the user pool. For a federated user, it
--   should be the provider-specific <tt>user_id</tt> . The
--   <tt>ProviderAttributeName</tt> of the <tt>DestinationUser</tt> is
--   ignored. The <tt>ProviderName</tt> should be set to <tt>Cognito</tt>
--   for users in Cognito user pools.</li>
--   <li><a>alpfuSourceUser</a> - An external identity provider account for
--   a user who does not currently exist yet in the user pool. This user
--   must be a federated user (for example, a SAML or Facebook user), not
--   another native user. If the <tt>SourceUser</tt> is a federated social
--   identity provider user (Facebook, Google, or Login with Amazon), you
--   must set the <tt>ProviderAttributeName</tt> to
--   <tt>Cognito_Subject</tt> . For social identity providers, the
--   <tt>ProviderName</tt> will be <tt>Facebook</tt> , <tt>Google</tt> , or
--   <tt>LoginWithAmazon</tt> , and Cognito will automatically parse the
--   Facebook, Google, and Login with Amazon tokens for <tt>id</tt> ,
--   <tt>sub</tt> , and <tt>user_id</tt> , respectively. The
--   <tt>ProviderAttributeValue</tt> for the user must be the same value as
--   the <tt>id</tt> , <tt>sub</tt> , or <tt>user_id</tt> value found in
--   the social identity provider token. For SAML, the
--   <tt>ProviderAttributeName</tt> can be any value that matches a claim
--   in the SAML assertion. If you wish to link SAML users based on the
--   subject of the SAML assertion, you should map the subject to a claim
--   through the SAML identity provider and submit that claim name as the
--   <tt>ProviderAttributeName</tt> . If you set
--   <tt>ProviderAttributeName</tt> to <tt>Cognito_Subject</tt> , Cognito
--   will automatically parse the default unique identifier found in the
--   subject from the SAML token.</li>
--   </ul>
adminLinkProviderForUser :: Text -> ProviderUserIdentifierType -> ProviderUserIdentifierType -> AdminLinkProviderForUser

-- | <i>See:</i> <a>adminLinkProviderForUser</a> smart constructor.
data AdminLinkProviderForUser

-- | The user pool ID for the user pool.
alpfuUserPoolId :: Lens' AdminLinkProviderForUser Text

-- | The existing user in the user pool to be linked to the external
--   identity provider user account. Can be a native (Username + Password)
--   Cognito User Pools user or a federated user (for example, a SAML or
--   Facebook user). If the user doesn't exist, an exception is thrown.
--   This is the user that is returned when the new user (with the linked
--   identity provider attribute) signs in. For a native username +
--   password user, the <tt>ProviderAttributeValue</tt> for the
--   <tt>DestinationUser</tt> should be the username in the user pool. For
--   a federated user, it should be the provider-specific <tt>user_id</tt>
--   . The <tt>ProviderAttributeName</tt> of the <tt>DestinationUser</tt>
--   is ignored. The <tt>ProviderName</tt> should be set to
--   <tt>Cognito</tt> for users in Cognito user pools.
alpfuDestinationUser :: Lens' AdminLinkProviderForUser ProviderUserIdentifierType

-- | An external identity provider account for a user who does not
--   currently exist yet in the user pool. This user must be a federated
--   user (for example, a SAML or Facebook user), not another native user.
--   If the <tt>SourceUser</tt> is a federated social identity provider
--   user (Facebook, Google, or Login with Amazon), you must set the
--   <tt>ProviderAttributeName</tt> to <tt>Cognito_Subject</tt> . For
--   social identity providers, the <tt>ProviderName</tt> will be
--   <tt>Facebook</tt> , <tt>Google</tt> , or <tt>LoginWithAmazon</tt> ,
--   and Cognito will automatically parse the Facebook, Google, and Login
--   with Amazon tokens for <tt>id</tt> , <tt>sub</tt> , and
--   <tt>user_id</tt> , respectively. The <tt>ProviderAttributeValue</tt>
--   for the user must be the same value as the <tt>id</tt> , <tt>sub</tt>
--   , or <tt>user_id</tt> value found in the social identity provider
--   token. For SAML, the <tt>ProviderAttributeName</tt> can be any value
--   that matches a claim in the SAML assertion. If you wish to link SAML
--   users based on the subject of the SAML assertion, you should map the
--   subject to a claim through the SAML identity provider and submit that
--   claim name as the <tt>ProviderAttributeName</tt> . If you set
--   <tt>ProviderAttributeName</tt> to <tt>Cognito_Subject</tt> , Cognito
--   will automatically parse the default unique identifier found in the
--   subject from the SAML token.
alpfuSourceUser :: Lens' AdminLinkProviderForUser ProviderUserIdentifierType

-- | Creates a value of <a>AdminLinkProviderForUserResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>alpfursResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminLinkProviderForUserResponse :: Int -> AdminLinkProviderForUserResponse

-- | <i>See:</i> <a>adminLinkProviderForUserResponse</a> smart constructor.
data AdminLinkProviderForUserResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
alpfursResponseStatus :: Lens' AdminLinkProviderForUserResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUserResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUserResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUserResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUserResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUserResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminLinkProviderForUser.AdminLinkProviderForUser


-- | Initiates the authentication flow, as an administrator.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminInitiateAuth

-- | Creates a value of <a>AdminInitiateAuth</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aiaClientMetadata</a> - This is a random key-value pair map
--   which can contain any key and will be passed to your PreAuthentication
--   Lambda trigger as-is. It can be used to implement additional
--   validations around authentication.</li>
--   <li><a>aiaContextData</a> - Contextual data such as the user's device
--   fingerprint, IP address, or location used for evaluating the risk of
--   an unexpected event by Amazon Cognito advanced security.</li>
--   <li><a>aiaAnalyticsMetadata</a> - The analytics metadata for
--   collecting Amazon Pinpoint metrics for <tt>AdminInitiateAuth</tt>
--   calls.</li>
--   <li><a>aiaAuthParameters</a> - The authentication parameters. These
--   are inputs corresponding to the <tt>AuthFlow</tt> that you are
--   invoking. The required values depend on the value of <tt>AuthFlow</tt>
--   : * For <tt>USER_SRP_AUTH</tt> : <tt>USERNAME</tt> (required),
--   <tt>SRP_A</tt> (required), <tt>SECRET_HASH</tt> (required if the app
--   client is configured with a client secret), <tt>DEVICE_KEY</tt> * For
--   <tt>REFRESH_TOKEN_AUTH/REFRESH_TOKEN</tt> : <tt>REFRESH_TOKEN</tt>
--   (required), <tt>SECRET_HASH</tt> (required if the app client is
--   configured with a client secret), <tt>DEVICE_KEY</tt> * For
--   <tt>ADMIN_NO_SRP_AUTH</tt> : <tt>USERNAME</tt> (required),
--   <tt>SECRET_HASH</tt> (if app client is configured with client secret),
--   <tt>PASSWORD</tt> (required), <tt>DEVICE_KEY</tt> * For
--   <tt>CUSTOM_AUTH</tt> : <tt>USERNAME</tt> (required),
--   <tt>SECRET_HASH</tt> (if app client is configured with client secret),
--   <tt>DEVICE_KEY</tt></li>
--   <li><a>aiaUserPoolId</a> - The ID of the Amazon Cognito user
--   pool.</li>
--   <li><a>aiaClientId</a> - The app client ID.</li>
--   <li><a>aiaAuthFlow</a> - The authentication flow for this call to
--   execute. The API action will depend on this value. For example: *
--   <tt>REFRESH_TOKEN_AUTH</tt> will take in a valid refresh token and
--   return new tokens. * <tt>USER_SRP_AUTH</tt> will take in
--   <tt>USERNAME</tt> and <tt>SRP_A</tt> and return the SRP variables to
--   be used for next challenge execution. * <tt>USER_PASSWORD_AUTH</tt>
--   will take in <tt>USERNAME</tt> and <tt>PASSWORD</tt> and return the
--   next challenge or tokens. Valid values include: *
--   <tt>USER_SRP_AUTH</tt> : Authentication flow for the Secure Remote
--   Password (SRP) protocol. * <tt>REFRESH_TOKEN_AUTH</tt>
--   /<tt>REFRESH_TOKEN</tt> : Authentication flow for refreshing the
--   access token and ID token by supplying a valid refresh token. *
--   <tt>CUSTOM_AUTH</tt> : Custom authentication flow. *
--   <tt>ADMIN_NO_SRP_AUTH</tt> : Non-SRP authentication flow; you can pass
--   in the USERNAME and PASSWORD directly if the flow is enabled for
--   calling the app client. * <tt>USER_PASSWORD_AUTH</tt> : Non-SRP
--   authentication flow; USERNAME and PASSWORD are passed directly. If a
--   user migration Lambda trigger is set, this flow will invoke the user
--   migration Lambda if the USERNAME is not found in the user pool.</li>
--   </ul>
adminInitiateAuth :: Text -> Text -> AuthFlowType -> AdminInitiateAuth

-- | Initiates the authorization request, as an administrator.
--   
--   <i>See:</i> <a>adminInitiateAuth</a> smart constructor.
data AdminInitiateAuth

-- | This is a random key-value pair map which can contain any key and will
--   be passed to your PreAuthentication Lambda trigger as-is. It can be
--   used to implement additional validations around authentication.
aiaClientMetadata :: Lens' AdminInitiateAuth (HashMap Text Text)

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
aiaContextData :: Lens' AdminInitiateAuth (Maybe ContextDataType)

-- | The analytics metadata for collecting Amazon Pinpoint metrics for
--   <tt>AdminInitiateAuth</tt> calls.
aiaAnalyticsMetadata :: Lens' AdminInitiateAuth (Maybe AnalyticsMetadataType)

-- | The authentication parameters. These are inputs corresponding to the
--   <tt>AuthFlow</tt> that you are invoking. The required values depend on
--   the value of <tt>AuthFlow</tt> : * For <tt>USER_SRP_AUTH</tt> :
--   <tt>USERNAME</tt> (required), <tt>SRP_A</tt> (required),
--   <tt>SECRET_HASH</tt> (required if the app client is configured with a
--   client secret), <tt>DEVICE_KEY</tt> * For
--   <tt>REFRESH_TOKEN_AUTH/REFRESH_TOKEN</tt> : <tt>REFRESH_TOKEN</tt>
--   (required), <tt>SECRET_HASH</tt> (required if the app client is
--   configured with a client secret), <tt>DEVICE_KEY</tt> * For
--   <tt>ADMIN_NO_SRP_AUTH</tt> : <tt>USERNAME</tt> (required),
--   <tt>SECRET_HASH</tt> (if app client is configured with client secret),
--   <tt>PASSWORD</tt> (required), <tt>DEVICE_KEY</tt> * For
--   <tt>CUSTOM_AUTH</tt> : <tt>USERNAME</tt> (required),
--   <tt>SECRET_HASH</tt> (if app client is configured with client secret),
--   <tt>DEVICE_KEY</tt>
aiaAuthParameters :: Lens' AdminInitiateAuth (HashMap Text Text)

-- | The ID of the Amazon Cognito user pool.
aiaUserPoolId :: Lens' AdminInitiateAuth Text

-- | The app client ID.
aiaClientId :: Lens' AdminInitiateAuth Text

-- | The authentication flow for this call to execute. The API action will
--   depend on this value. For example: * <tt>REFRESH_TOKEN_AUTH</tt> will
--   take in a valid refresh token and return new tokens. *
--   <tt>USER_SRP_AUTH</tt> will take in <tt>USERNAME</tt> and
--   <tt>SRP_A</tt> and return the SRP variables to be used for next
--   challenge execution. * <tt>USER_PASSWORD_AUTH</tt> will take in
--   <tt>USERNAME</tt> and <tt>PASSWORD</tt> and return the next challenge
--   or tokens. Valid values include: * <tt>USER_SRP_AUTH</tt> :
--   Authentication flow for the Secure Remote Password (SRP) protocol. *
--   <tt>REFRESH_TOKEN_AUTH</tt> /<tt>REFRESH_TOKEN</tt> : Authentication
--   flow for refreshing the access token and ID token by supplying a valid
--   refresh token. * <tt>CUSTOM_AUTH</tt> : Custom authentication flow. *
--   <tt>ADMIN_NO_SRP_AUTH</tt> : Non-SRP authentication flow; you can pass
--   in the USERNAME and PASSWORD directly if the flow is enabled for
--   calling the app client. * <tt>USER_PASSWORD_AUTH</tt> : Non-SRP
--   authentication flow; USERNAME and PASSWORD are passed directly. If a
--   user migration Lambda trigger is set, this flow will invoke the user
--   migration Lambda if the USERNAME is not found in the user pool.
aiaAuthFlow :: Lens' AdminInitiateAuth AuthFlowType

-- | Creates a value of <a>AdminInitiateAuthResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aiarsChallengeName</a> - The name of the challenge which you
--   are responding to with this call. This is returned to you in the
--   <tt>AdminInitiateAuth</tt> response if you need to pass another
--   challenge. * <tt>SMS_MFA</tt> : Next challenge is to supply an
--   <tt>SMS_MFA_CODE</tt> , delivered via SMS. *
--   <tt>PASSWORD_VERIFIER</tt> : Next challenge is to supply
--   <tt>PASSWORD_CLAIM_SIGNATURE</tt> ,
--   <tt>PASSWORD_CLAIM_SECRET_BLOCK</tt> , and <tt>TIMESTAMP</tt> after
--   the client-side SRP calculations. * <tt>CUSTOM_CHALLENGE</tt> : This
--   is returned if your custom authentication flow determines that the
--   user should pass another challenge before tokens are issued. *
--   <tt>DEVICE_SRP_AUTH</tt> : If device tracking was enabled on your user
--   pool and the previous challenges were passed, this challenge is
--   returned so that Amazon Cognito can start tracking this device. *
--   <tt>DEVICE_PASSWORD_VERIFIER</tt> : Similar to
--   <tt>PASSWORD_VERIFIER</tt> , but for devices only. *
--   <tt>ADMIN_NO_SRP_AUTH</tt> : This is returned if you need to
--   authenticate with <tt>USERNAME</tt> and <tt>PASSWORD</tt> directly. An
--   app client must be enabled to use this flow. *
--   <tt>NEW_PASSWORD_REQUIRED</tt> : For users which are required to
--   change their passwords after successful first login. This challenge
--   should be passed with <tt>NEW_PASSWORD</tt> and any other required
--   attributes.</li>
--   <li><a>aiarsChallengeParameters</a> - The challenge parameters. These
--   are returned to you in the <tt>AdminInitiateAuth</tt> response if you
--   need to pass another challenge. The responses in this parameter should
--   be used to compute inputs to the next call
--   (<tt>AdminRespondToAuthChallenge</tt> ). All challenges require
--   <tt>USERNAME</tt> and <tt>SECRET_HASH</tt> (if applicable). The value
--   of the <tt>USER_ID_FOR_SRP</tt> attribute will be the user's actual
--   username, not an alias (such as email address or phone number), even
--   if you specified an alias in your call to <tt>AdminInitiateAuth</tt> .
--   This is because, in the <tt>AdminRespondToAuthChallenge</tt> API
--   <tt>ChallengeResponses</tt> , the <tt>USERNAME</tt> attribute cannot
--   be an alias.</li>
--   <li><a>aiarsAuthenticationResult</a> - The result of the
--   authentication response. This is only returned if the caller does not
--   need to pass another challenge. If the caller does need to pass
--   another challenge before it gets tokens, <tt>ChallengeName</tt> ,
--   <tt>ChallengeParameters</tt> , and <tt>Session</tt> are returned.</li>
--   <li><a>aiarsSession</a> - The session which should be passed both ways
--   in challenge-response calls to the service. If
--   <tt>AdminInitiateAuth</tt> or <tt>AdminRespondToAuthChallenge</tt> API
--   call determines that the caller needs to go through another challenge,
--   they return a session with other challenge parameters. This session
--   should be passed as it is to the next
--   <tt>AdminRespondToAuthChallenge</tt> API call.</li>
--   <li><a>aiarsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminInitiateAuthResponse :: Int -> AdminInitiateAuthResponse

-- | Initiates the authentication response, as an administrator.
--   
--   <i>See:</i> <a>adminInitiateAuthResponse</a> smart constructor.
data AdminInitiateAuthResponse

-- | The name of the challenge which you are responding to with this call.
--   This is returned to you in the <tt>AdminInitiateAuth</tt> response if
--   you need to pass another challenge. * <tt>SMS_MFA</tt> : Next
--   challenge is to supply an <tt>SMS_MFA_CODE</tt> , delivered via SMS. *
--   <tt>PASSWORD_VERIFIER</tt> : Next challenge is to supply
--   <tt>PASSWORD_CLAIM_SIGNATURE</tt> ,
--   <tt>PASSWORD_CLAIM_SECRET_BLOCK</tt> , and <tt>TIMESTAMP</tt> after
--   the client-side SRP calculations. * <tt>CUSTOM_CHALLENGE</tt> : This
--   is returned if your custom authentication flow determines that the
--   user should pass another challenge before tokens are issued. *
--   <tt>DEVICE_SRP_AUTH</tt> : If device tracking was enabled on your user
--   pool and the previous challenges were passed, this challenge is
--   returned so that Amazon Cognito can start tracking this device. *
--   <tt>DEVICE_PASSWORD_VERIFIER</tt> : Similar to
--   <tt>PASSWORD_VERIFIER</tt> , but for devices only. *
--   <tt>ADMIN_NO_SRP_AUTH</tt> : This is returned if you need to
--   authenticate with <tt>USERNAME</tt> and <tt>PASSWORD</tt> directly. An
--   app client must be enabled to use this flow. *
--   <tt>NEW_PASSWORD_REQUIRED</tt> : For users which are required to
--   change their passwords after successful first login. This challenge
--   should be passed with <tt>NEW_PASSWORD</tt> and any other required
--   attributes.
aiarsChallengeName :: Lens' AdminInitiateAuthResponse (Maybe ChallengeNameType)

-- | The challenge parameters. These are returned to you in the
--   <tt>AdminInitiateAuth</tt> response if you need to pass another
--   challenge. The responses in this parameter should be used to compute
--   inputs to the next call (<tt>AdminRespondToAuthChallenge</tt> ). All
--   challenges require <tt>USERNAME</tt> and <tt>SECRET_HASH</tt> (if
--   applicable). The value of the <tt>USER_ID_FOR_SRP</tt> attribute will
--   be the user's actual username, not an alias (such as email address or
--   phone number), even if you specified an alias in your call to
--   <tt>AdminInitiateAuth</tt> . This is because, in the
--   <tt>AdminRespondToAuthChallenge</tt> API <tt>ChallengeResponses</tt> ,
--   the <tt>USERNAME</tt> attribute cannot be an alias.
aiarsChallengeParameters :: Lens' AdminInitiateAuthResponse (HashMap Text Text)

-- | The result of the authentication response. This is only returned if
--   the caller does not need to pass another challenge. If the caller does
--   need to pass another challenge before it gets tokens,
--   <tt>ChallengeName</tt> , <tt>ChallengeParameters</tt> , and
--   <tt>Session</tt> are returned.
aiarsAuthenticationResult :: Lens' AdminInitiateAuthResponse (Maybe AuthenticationResultType)

-- | The session which should be passed both ways in challenge-response
--   calls to the service. If <tt>AdminInitiateAuth</tt> or
--   <tt>AdminRespondToAuthChallenge</tt> API call determines that the
--   caller needs to go through another challenge, they return a session
--   with other challenge parameters. This session should be passed as it
--   is to the next <tt>AdminRespondToAuthChallenge</tt> API call.
aiarsSession :: Lens' AdminInitiateAuthResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
aiarsResponseStatus :: Lens' AdminInitiateAuthResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuthResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuthResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuthResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuthResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuthResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminInitiateAuth.AdminInitiateAuth


-- | Gets the specified user by user name in a user pool as an
--   administrator. Works on any user.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminGetUser

-- | Creates a value of <a>AdminGetUser</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aguUserPoolId</a> - The user pool ID for the user pool where
--   you want to get information about the user.</li>
--   <li><a>aguUsername</a> - The user name of the user you wish to
--   retrieve.</li>
--   </ul>
adminGetUser :: Text -> Text -> AdminGetUser

-- | Represents the request to get the specified user as an administrator.
--   
--   <i>See:</i> <a>adminGetUser</a> smart constructor.
data AdminGetUser

-- | The user pool ID for the user pool where you want to get information
--   about the user.
aguUserPoolId :: Lens' AdminGetUser Text

-- | The user name of the user you wish to retrieve.
aguUsername :: Lens' AdminGetUser Text

-- | Creates a value of <a>AdminGetUserResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>agursEnabled</a> - Indicates that the status is enabled.</li>
--   <li><a>agursUserStatus</a> - The user status. Can be one of the
--   following: * UNCONFIRMED - User has been created but not confirmed. *
--   CONFIRMED - User has been confirmed. * ARCHIVED - User is no longer
--   active. * COMPROMISED - User is disabled due to a potential security
--   threat. * UNKNOWN - User status is not known.</li>
--   <li><a>agursUserAttributes</a> - An array of name-value pairs
--   representing user attributes.</li>
--   <li><a>agursUserCreateDate</a> - The date the user was created.</li>
--   <li><a>agursUserMFASettingList</a> - The list of the user's MFA
--   settings.</li>
--   <li><a>agursMFAOptions</a> - Specifies the options for MFA (e.g.,
--   email or phone number).</li>
--   <li><a>agursUserLastModifiedDate</a> - The date the user was last
--   modified.</li>
--   <li><a>agursPreferredMFASetting</a> - The user's preferred MFA
--   setting.</li>
--   <li><a>agursResponseStatus</a> - -- | The response status code.</li>
--   <li><a>agursUsername</a> - The user name of the user about whom you
--   are receiving information.</li>
--   </ul>
adminGetUserResponse :: Int -> Text -> AdminGetUserResponse

-- | Represents the response from the server from the request to get the
--   specified user as an administrator.
--   
--   <i>See:</i> <a>adminGetUserResponse</a> smart constructor.
data AdminGetUserResponse

-- | Indicates that the status is enabled.
agursEnabled :: Lens' AdminGetUserResponse (Maybe Bool)

-- | The user status. Can be one of the following: * UNCONFIRMED - User has
--   been created but not confirmed. * CONFIRMED - User has been confirmed.
--   * ARCHIVED - User is no longer active. * COMPROMISED - User is
--   disabled due to a potential security threat. * UNKNOWN - User status
--   is not known.
agursUserStatus :: Lens' AdminGetUserResponse (Maybe UserStatusType)

-- | An array of name-value pairs representing user attributes.
agursUserAttributes :: Lens' AdminGetUserResponse [AttributeType]

-- | The date the user was created.
agursUserCreateDate :: Lens' AdminGetUserResponse (Maybe UTCTime)

-- | The list of the user's MFA settings.
agursUserMFASettingList :: Lens' AdminGetUserResponse [Text]

-- | Specifies the options for MFA (e.g., email or phone number).
agursMFAOptions :: Lens' AdminGetUserResponse [MFAOptionType]

-- | The date the user was last modified.
agursUserLastModifiedDate :: Lens' AdminGetUserResponse (Maybe UTCTime)

-- | The user's preferred MFA setting.
agursPreferredMFASetting :: Lens' AdminGetUserResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
agursResponseStatus :: Lens' AdminGetUserResponse Int

-- | The user name of the user about whom you are receiving information.
agursUsername :: Lens' AdminGetUserResponse Text
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUserResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUserResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUserResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUserResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminGetUser.AdminGetUser


-- | Gets the device, as an administrator.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminGetDevice

-- | Creates a value of <a>AdminGetDevice</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>agdDeviceKey</a> - The device key.</li>
--   <li><a>agdUserPoolId</a> - The user pool ID.</li>
--   <li><a>agdUsername</a> - The user name.</li>
--   </ul>
adminGetDevice :: Text -> Text -> Text -> AdminGetDevice

-- | Represents the request to get the device, as an administrator.
--   
--   <i>See:</i> <a>adminGetDevice</a> smart constructor.
data AdminGetDevice

-- | The device key.
agdDeviceKey :: Lens' AdminGetDevice Text

-- | The user pool ID.
agdUserPoolId :: Lens' AdminGetDevice Text

-- | The user name.
agdUsername :: Lens' AdminGetDevice Text

-- | Creates a value of <a>AdminGetDeviceResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>agdrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>agdrsDevice</a> - The device.</li>
--   </ul>
adminGetDeviceResponse :: Int -> DeviceType -> AdminGetDeviceResponse

-- | Gets the device response, as an administrator.
--   
--   <i>See:</i> <a>adminGetDeviceResponse</a> smart constructor.
data AdminGetDeviceResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
agdrsResponseStatus :: Lens' AdminGetDeviceResponse Int

-- | The device.
agdrsDevice :: Lens' AdminGetDeviceResponse DeviceType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDeviceResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDeviceResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDeviceResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDeviceResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDeviceResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminGetDevice.AdminGetDevice


-- | Forgets the device, as an administrator.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminForgetDevice

-- | Creates a value of <a>AdminForgetDevice</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>afdUserPoolId</a> - The user pool ID.</li>
--   <li><a>afdUsername</a> - The user name.</li>
--   <li><a>afdDeviceKey</a> - The device key.</li>
--   </ul>
adminForgetDevice :: Text -> Text -> Text -> AdminForgetDevice

-- | Sends the forgot device request, as an administrator.
--   
--   <i>See:</i> <a>adminForgetDevice</a> smart constructor.
data AdminForgetDevice

-- | The user pool ID.
afdUserPoolId :: Lens' AdminForgetDevice Text

-- | The user name.
afdUsername :: Lens' AdminForgetDevice Text

-- | The device key.
afdDeviceKey :: Lens' AdminForgetDevice Text

-- | Creates a value of <a>AdminForgetDeviceResponse</a> with the minimum
--   fields required to make a request.
adminForgetDeviceResponse :: AdminForgetDeviceResponse

-- | <i>See:</i> <a>adminForgetDeviceResponse</a> smart constructor.
data AdminForgetDeviceResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDeviceResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDeviceResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDeviceResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDeviceResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDeviceResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDeviceResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminForgetDevice.AdminForgetDevice


-- | Enables the specified user as an administrator. Works on any user.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminEnableUser

-- | Creates a value of <a>AdminEnableUser</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aeuUserPoolId</a> - The user pool ID for the user pool where
--   you want to enable the user.</li>
--   <li><a>aeuUsername</a> - The user name of the user you wish to
--   enable.</li>
--   </ul>
adminEnableUser :: Text -> Text -> AdminEnableUser

-- | Represents the request that enables the user as an administrator.
--   
--   <i>See:</i> <a>adminEnableUser</a> smart constructor.
data AdminEnableUser

-- | The user pool ID for the user pool where you want to enable the user.
aeuUserPoolId :: Lens' AdminEnableUser Text

-- | The user name of the user you wish to enable.
aeuUsername :: Lens' AdminEnableUser Text

-- | Creates a value of <a>AdminEnableUserResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aeursResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminEnableUserResponse :: Int -> AdminEnableUserResponse

-- | Represents the response from the server for the request to enable a
--   user as an administrator.
--   
--   <i>See:</i> <a>adminEnableUserResponse</a> smart constructor.
data AdminEnableUserResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
aeursResponseStatus :: Lens' AdminEnableUserResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUserResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUserResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUserResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUserResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUserResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminEnableUser.AdminEnableUser


-- | Disables the specified user as an administrator. Works on any user.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminDisableUser

-- | Creates a value of <a>AdminDisableUser</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aduUserPoolId</a> - The user pool ID for the user pool where
--   you want to disable the user.</li>
--   <li><a>aduUsername</a> - The user name of the user you wish to
--   disable.</li>
--   </ul>
adminDisableUser :: Text -> Text -> AdminDisableUser

-- | Represents the request to disable any user as an administrator.
--   
--   <i>See:</i> <a>adminDisableUser</a> smart constructor.
data AdminDisableUser

-- | The user pool ID for the user pool where you want to disable the user.
aduUserPoolId :: Lens' AdminDisableUser Text

-- | The user name of the user you wish to disable.
aduUsername :: Lens' AdminDisableUser Text

-- | Creates a value of <a>AdminDisableUserResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>adursResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminDisableUserResponse :: Int -> AdminDisableUserResponse

-- | Represents the response received from the server to disable the user
--   as an administrator.
--   
--   <i>See:</i> <a>adminDisableUserResponse</a> smart constructor.
data AdminDisableUserResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
adursResponseStatus :: Lens' AdminDisableUserResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUserResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUserResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUserResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUserResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUserResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminDisableUser.AdminDisableUser


-- | Disables the user from signing in with the specified external (SAML or
--   social) identity provider. If the user to disable is a Cognito User
--   Pools native username + password user, they are not permitted to use
--   their password to sign-in. If the user to disable is a linked external
--   IdP user, any link between that user and an existing user is removed.
--   The next time the external user (no longer attached to the previously
--   linked <tt>DestinationUser</tt> ) signs in, they must create a new
--   user account. See .
--   
--   This action is enabled only for admin access and requires developer
--   credentials.
--   
--   The <tt>ProviderName</tt> must match the value specified when creating
--   an IdP for the pool.
--   
--   To disable a native username + password user, the
--   <tt>ProviderName</tt> value must be <tt>Cognito</tt> and the
--   <tt>ProviderAttributeName</tt> must be <tt>Cognito_Subject</tt> , with
--   the <tt>ProviderAttributeValue</tt> being the name that is used in the
--   user pool for the user.
--   
--   The <tt>ProviderAttributeName</tt> must always be
--   <tt>Cognito_Subject</tt> for social identity providers. The
--   <tt>ProviderAttributeValue</tt> must always be the exact subject that
--   was used when the user was originally linked as a source user.
--   
--   For de-linking a SAML identity, there are two scenarios. If the linked
--   identity has not yet been used to sign-in, the
--   <tt>ProviderAttributeName</tt> and <tt>ProviderAttributeValue</tt>
--   must be the same values that were used for the <tt>SourceUser</tt>
--   when the identities were originally linked in the call. (If the
--   linking was done with <tt>ProviderAttributeName</tt> set to
--   <tt>Cognito_Subject</tt> , the same applies here). However, if the
--   user has already signed in, the <tt>ProviderAttributeName</tt> must be
--   <tt>Cognito_Subject</tt> and <tt>ProviderAttributeValue</tt> must be
--   the subject of the SAML assertion.
module Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser

-- | Creates a value of <a>AdminDisableProviderForUser</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>adpfuUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>adpfuUser</a> - The user to be disabled.</li>
--   </ul>
adminDisableProviderForUser :: Text -> ProviderUserIdentifierType -> AdminDisableProviderForUser

-- | <i>See:</i> <a>adminDisableProviderForUser</a> smart constructor.
data AdminDisableProviderForUser

-- | The user pool ID for the user pool.
adpfuUserPoolId :: Lens' AdminDisableProviderForUser Text

-- | The user to be disabled.
adpfuUser :: Lens' AdminDisableProviderForUser ProviderUserIdentifierType

-- | Creates a value of <a>AdminDisableProviderForUserResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>adpfursResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminDisableProviderForUserResponse :: Int -> AdminDisableProviderForUserResponse

-- | <i>See:</i> <a>adminDisableProviderForUserResponse</a> smart
--   constructor.
data AdminDisableProviderForUserResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
adpfursResponseStatus :: Lens' AdminDisableProviderForUserResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUserResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUserResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUserResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUserResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUserResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminDisableProviderForUser.AdminDisableProviderForUser


-- | Deletes the user attributes in a user pool as an administrator. Works
--   on any user.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes

-- | Creates a value of <a>AdminDeleteUserAttributes</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aduaUserPoolId</a> - The user pool ID for the user pool where
--   you want to delete user attributes.</li>
--   <li><a>aduaUsername</a> - The user name of the user from which you
--   would like to delete attributes.</li>
--   <li><a>aduaUserAttributeNames</a> - An array of strings representing
--   the user attribute names you wish to delete. For custom attributes,
--   you must prepend the <tt>custom:</tt> prefix to the attribute
--   name.</li>
--   </ul>
adminDeleteUserAttributes :: Text -> Text -> AdminDeleteUserAttributes

-- | Represents the request to delete user attributes as an administrator.
--   
--   <i>See:</i> <a>adminDeleteUserAttributes</a> smart constructor.
data AdminDeleteUserAttributes

-- | The user pool ID for the user pool where you want to delete user
--   attributes.
aduaUserPoolId :: Lens' AdminDeleteUserAttributes Text

-- | The user name of the user from which you would like to delete
--   attributes.
aduaUsername :: Lens' AdminDeleteUserAttributes Text

-- | An array of strings representing the user attribute names you wish to
--   delete. For custom attributes, you must prepend the <tt>custom:</tt>
--   prefix to the attribute name.
aduaUserAttributeNames :: Lens' AdminDeleteUserAttributes [Text]

-- | Creates a value of <a>AdminDeleteUserAttributesResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aduarsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminDeleteUserAttributesResponse :: Int -> AdminDeleteUserAttributesResponse

-- | Represents the response received from the server for a request to
--   delete user attributes.
--   
--   <i>See:</i> <a>adminDeleteUserAttributesResponse</a> smart
--   constructor.
data AdminDeleteUserAttributesResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
aduarsResponseStatus :: Lens' AdminDeleteUserAttributesResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributesResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributesResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributesResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributesResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributesResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributesResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminDeleteUserAttributes.AdminDeleteUserAttributes


-- | Deletes a user as an administrator. Works on any user.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminDeleteUser

-- | Creates a value of <a>AdminDeleteUser</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aUserPoolId</a> - The user pool ID for the user pool where you
--   want to delete the user.</li>
--   <li><a>aUsername</a> - The user name of the user you wish to
--   delete.</li>
--   </ul>
adminDeleteUser :: Text -> Text -> AdminDeleteUser

-- | Represents the request to delete a user as an administrator.
--   
--   <i>See:</i> <a>adminDeleteUser</a> smart constructor.
data AdminDeleteUser

-- | The user pool ID for the user pool where you want to delete the user.
aUserPoolId :: Lens' AdminDeleteUser Text

-- | The user name of the user you wish to delete.
aUsername :: Lens' AdminDeleteUser Text

-- | Creates a value of <a>AdminDeleteUserResponse</a> with the minimum
--   fields required to make a request.
adminDeleteUserResponse :: AdminDeleteUserResponse

-- | <i>See:</i> <a>adminDeleteUserResponse</a> smart constructor.
data AdminDeleteUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUserResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUserResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUserResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUserResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUserResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminDeleteUser.AdminDeleteUser


-- | Creates a new user in the specified user pool.
--   
--   If <tt>MessageAction</tt> is not set, the default is to send a welcome
--   message via email or phone (SMS).
--   
--   Alternatively, you can call AdminCreateUser with “SUPPRESS” for the
--   <tt>MessageAction</tt> parameter, and Amazon Cognito will not send any
--   email.
--   
--   In either case, the user will be in the <tt>FORCE_CHANGE_PASSWORD</tt>
--   state until they sign in and change their password.
--   
--   AdminCreateUser requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminCreateUser

-- | Creates a value of <a>AdminCreateUser</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>acuTemporaryPassword</a> - The user's temporary password. This
--   password must conform to the password policy that you specified when
--   you created the user pool. The temporary password is valid only once.
--   To complete the Admin Create User flow, the user must enter the
--   temporary password in the sign-in page along with a new password to be
--   used in all future sign-ins. This parameter is not required. If you do
--   not specify a value, Amazon Cognito generates one for you. The
--   temporary password can only be used until the user account expiration
--   limit that you specified when you created the user pool. To reset the
--   account after that time limit, you must call <tt>AdminCreateUser</tt>
--   again, specifying <tt><a>RESEND</a></tt> for the
--   <tt>MessageAction</tt> parameter.</li>
--   <li><a>acuForceAliasCreation</a> - This parameter is only used if the
--   <tt>phone_number_verified</tt> or <tt>email_verified</tt> attribute is
--   set to <tt>True</tt> . Otherwise, it is ignored. If this parameter is
--   set to <tt>True</tt> and the phone number or email address specified
--   in the UserAttributes parameter already exists as an alias with a
--   different user, the API call will migrate the alias from the previous
--   user to the newly created user. The previous user will no longer be
--   able to log in using that alias. If this parameter is set to
--   <tt>False</tt> , the API throws an <tt>AliasExistsException</tt> error
--   if the alias already exists. The default value is <tt>False</tt>
--   .</li>
--   <li><a>acuDesiredDeliveryMediums</a> - Specify <tt><a>EMAIL</a></tt>
--   if email will be used to send the welcome message. Specify
--   <tt><a>SMS</a></tt> if the phone number will be used. The default
--   value is <tt><a>SMS</a></tt> . More than one value can be
--   specified.</li>
--   <li><a>acuMessageAction</a> - Set to <tt><a>RESEND</a></tt> to resend
--   the invitation message to a user that already exists and reset the
--   expiration limit on the user's account. Set to
--   <tt><a>SUPPRESS</a></tt> to suppress sending the message. Only one
--   value can be specified.</li>
--   <li><a>acuUserAttributes</a> - An array of name-value pairs that
--   contain user attributes and attribute values to be set for the user to
--   be created. You can create a user without specifying any attributes
--   other than <tt>Username</tt> . However, any attributes that you
--   specify as required (in or in the <b>Attributes</b> tab of the
--   console) must be supplied either by you (in your call to
--   <tt>AdminCreateUser</tt> ) or by the user (when he or she signs up in
--   response to your welcome message). For custom attributes, you must
--   prepend the <tt>custom:</tt> prefix to the attribute name. To send a
--   message inviting the user to sign up, you must specify the user's
--   email address or phone number. This can be done in your call to
--   AdminCreateUser or in the <b>Users</b> tab of the Amazon Cognito
--   console for managing your user pools. In your call to
--   <tt>AdminCreateUser</tt> , you can set the <tt>email_verified</tt>
--   attribute to <tt>True</tt> , and you can set the
--   <tt>phone_number_verified</tt> attribute to <tt>True</tt> . (You can
--   also do this by calling .) * <b>email</b> : The email address of the
--   user to whom the message that contains the code and username will be
--   sent. Required if the <tt>email_verified</tt> attribute is set to
--   <tt>True</tt> , or if <tt><a>EMAIL</a></tt> is specified in the
--   <tt>DesiredDeliveryMediums</tt> parameter. * <b>phone_number</b> : The
--   phone number of the user to whom the message that contains the code
--   and username will be sent. Required if the
--   <tt>phone_number_verified</tt> attribute is set to <tt>True</tt> , or
--   if <tt><a>SMS</a></tt> is specified in the
--   <tt>DesiredDeliveryMediums</tt> parameter.</li>
--   <li><a>acuValidationData</a> - The user's validation data. This is an
--   array of name-value pairs that contain user attributes and attribute
--   values that you can use for custom validation, such as restricting the
--   types of user accounts that can be registered. For example, you might
--   choose to allow or disallow user sign-up based on the user's domain.
--   To configure custom validation, you must create a Pre Sign-up Lambda
--   trigger for the user pool as described in the Amazon Cognito Developer
--   Guide. The Lambda trigger receives the validation data and uses it in
--   the validation process. The user's validation data is not
--   persisted.</li>
--   <li><a>acuUserPoolId</a> - The user pool ID for the user pool where
--   the user will be created.</li>
--   <li><a>acuUsername</a> - The username for the user. Must be unique
--   within the user pool. Must be a UTF-8 string between 1 and 128
--   characters. After the user is created, the username cannot be
--   changed.</li>
--   </ul>
adminCreateUser :: Text -> Text -> AdminCreateUser

-- | Represents the request to create a user in the specified user pool.
--   
--   <i>See:</i> <a>adminCreateUser</a> smart constructor.
data AdminCreateUser

-- | The user's temporary password. This password must conform to the
--   password policy that you specified when you created the user pool. The
--   temporary password is valid only once. To complete the Admin Create
--   User flow, the user must enter the temporary password in the sign-in
--   page along with a new password to be used in all future sign-ins. This
--   parameter is not required. If you do not specify a value, Amazon
--   Cognito generates one for you. The temporary password can only be used
--   until the user account expiration limit that you specified when you
--   created the user pool. To reset the account after that time limit, you
--   must call <tt>AdminCreateUser</tt> again, specifying
--   <tt><a>RESEND</a></tt> for the <tt>MessageAction</tt> parameter.
acuTemporaryPassword :: Lens' AdminCreateUser (Maybe Text)

-- | This parameter is only used if the <tt>phone_number_verified</tt> or
--   <tt>email_verified</tt> attribute is set to <tt>True</tt> . Otherwise,
--   it is ignored. If this parameter is set to <tt>True</tt> and the phone
--   number or email address specified in the UserAttributes parameter
--   already exists as an alias with a different user, the API call will
--   migrate the alias from the previous user to the newly created user.
--   The previous user will no longer be able to log in using that alias.
--   If this parameter is set to <tt>False</tt> , the API throws an
--   <tt>AliasExistsException</tt> error if the alias already exists. The
--   default value is <tt>False</tt> .
acuForceAliasCreation :: Lens' AdminCreateUser (Maybe Bool)

-- | Specify <tt><a>EMAIL</a></tt> if email will be used to send the
--   welcome message. Specify <tt><a>SMS</a></tt> if the phone number will
--   be used. The default value is <tt><a>SMS</a></tt> . More than one
--   value can be specified.
acuDesiredDeliveryMediums :: Lens' AdminCreateUser [DeliveryMediumType]

-- | Set to <tt><a>RESEND</a></tt> to resend the invitation message to a
--   user that already exists and reset the expiration limit on the user's
--   account. Set to <tt><a>SUPPRESS</a></tt> to suppress sending the
--   message. Only one value can be specified.
acuMessageAction :: Lens' AdminCreateUser (Maybe MessageActionType)

-- | An array of name-value pairs that contain user attributes and
--   attribute values to be set for the user to be created. You can create
--   a user without specifying any attributes other than <tt>Username</tt>
--   . However, any attributes that you specify as required (in or in the
--   <b>Attributes</b> tab of the console) must be supplied either by you
--   (in your call to <tt>AdminCreateUser</tt> ) or by the user (when he or
--   she signs up in response to your welcome message). For custom
--   attributes, you must prepend the <tt>custom:</tt> prefix to the
--   attribute name. To send a message inviting the user to sign up, you
--   must specify the user's email address or phone number. This can be
--   done in your call to AdminCreateUser or in the <b>Users</b> tab of the
--   Amazon Cognito console for managing your user pools. In your call to
--   <tt>AdminCreateUser</tt> , you can set the <tt>email_verified</tt>
--   attribute to <tt>True</tt> , and you can set the
--   <tt>phone_number_verified</tt> attribute to <tt>True</tt> . (You can
--   also do this by calling .) * <b>email</b> : The email address of the
--   user to whom the message that contains the code and username will be
--   sent. Required if the <tt>email_verified</tt> attribute is set to
--   <tt>True</tt> , or if <tt><a>EMAIL</a></tt> is specified in the
--   <tt>DesiredDeliveryMediums</tt> parameter. * <b>phone_number</b> : The
--   phone number of the user to whom the message that contains the code
--   and username will be sent. Required if the
--   <tt>phone_number_verified</tt> attribute is set to <tt>True</tt> , or
--   if <tt><a>SMS</a></tt> is specified in the
--   <tt>DesiredDeliveryMediums</tt> parameter.
acuUserAttributes :: Lens' AdminCreateUser [AttributeType]

-- | The user's validation data. This is an array of name-value pairs that
--   contain user attributes and attribute values that you can use for
--   custom validation, such as restricting the types of user accounts that
--   can be registered. For example, you might choose to allow or disallow
--   user sign-up based on the user's domain. To configure custom
--   validation, you must create a Pre Sign-up Lambda trigger for the user
--   pool as described in the Amazon Cognito Developer Guide. The Lambda
--   trigger receives the validation data and uses it in the validation
--   process. The user's validation data is not persisted.
acuValidationData :: Lens' AdminCreateUser [AttributeType]

-- | The user pool ID for the user pool where the user will be created.
acuUserPoolId :: Lens' AdminCreateUser Text

-- | The username for the user. Must be unique within the user pool. Must
--   be a UTF-8 string between 1 and 128 characters. After the user is
--   created, the username cannot be changed.
acuUsername :: Lens' AdminCreateUser Text

-- | Creates a value of <a>AdminCreateUserResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>acursUser</a> - The newly created user.</li>
--   <li><a>acursResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminCreateUserResponse :: Int -> AdminCreateUserResponse

-- | Represents the response from the server to the request to create the
--   user.
--   
--   <i>See:</i> <a>adminCreateUserResponse</a> smart constructor.
data AdminCreateUserResponse

-- | The newly created user.
acursUser :: Lens' AdminCreateUserResponse (Maybe UserType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
acursResponseStatus :: Lens' AdminCreateUserResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUserResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUserResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUserResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUserResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUserResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminCreateUser.AdminCreateUser


-- | Confirms user registration as an admin without using a confirmation
--   code. Works on any user.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp

-- | Creates a value of <a>AdminConfirmSignUp</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>acsuUserPoolId</a> - The user pool ID for which you want to
--   confirm user registration.</li>
--   <li><a>acsuUsername</a> - The user name for which you want to confirm
--   user registration.</li>
--   </ul>
adminConfirmSignUp :: Text -> Text -> AdminConfirmSignUp

-- | Represents the request to confirm user registration.
--   
--   <i>See:</i> <a>adminConfirmSignUp</a> smart constructor.
data AdminConfirmSignUp

-- | The user pool ID for which you want to confirm user registration.
acsuUserPoolId :: Lens' AdminConfirmSignUp Text

-- | The user name for which you want to confirm user registration.
acsuUsername :: Lens' AdminConfirmSignUp Text

-- | Creates a value of <a>AdminConfirmSignUpResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>acsursResponseStatus</a> - -- | The response status code.</li>
--   </ul>
adminConfirmSignUpResponse :: Int -> AdminConfirmSignUpResponse

-- | Represents the response from the server for the request to confirm
--   registration.
--   
--   <i>See:</i> <a>adminConfirmSignUpResponse</a> smart constructor.
data AdminConfirmSignUpResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
acsursResponseStatus :: Lens' AdminConfirmSignUpResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUpResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUpResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUpResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUpResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUpResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUpResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminConfirmSignUp.AdminConfirmSignUp


-- | Adds the specified user to the specified group.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup

-- | Creates a value of <a>AdminAddUserToGroup</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aautgUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>aautgUsername</a> - The username for the user.</li>
--   <li><a>aautgGroupName</a> - The group name.</li>
--   </ul>
adminAddUserToGroup :: Text -> Text -> Text -> AdminAddUserToGroup

-- | <i>See:</i> <a>adminAddUserToGroup</a> smart constructor.
data AdminAddUserToGroup

-- | The user pool ID for the user pool.
aautgUserPoolId :: Lens' AdminAddUserToGroup Text

-- | The username for the user.
aautgUsername :: Lens' AdminAddUserToGroup Text

-- | The group name.
aautgGroupName :: Lens' AdminAddUserToGroup Text

-- | Creates a value of <a>AdminAddUserToGroupResponse</a> with the minimum
--   fields required to make a request.
adminAddUserToGroupResponse :: AdminAddUserToGroupResponse

-- | <i>See:</i> <a>adminAddUserToGroupResponse</a> smart constructor.
data AdminAddUserToGroupResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroupResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroupResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroupResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroupResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroupResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroupResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AdminAddUserToGroup.AdminAddUserToGroup


-- | Adds additional user attributes to the user pool schema.
module Network.AWS.CognitoIdentityProvider.AddCustomAttributes

-- | Creates a value of <a>AddCustomAttributes</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>acaUserPoolId</a> - The user pool ID for the user pool where
--   you want to add custom attributes.</li>
--   <li><a>acaCustomAttributes</a> - An array of custom attributes, such
--   as Mutable and Name.</li>
--   </ul>
addCustomAttributes :: Text -> NonEmpty SchemaAttributeType -> AddCustomAttributes

-- | Represents the request to add custom attributes.
--   
--   <i>See:</i> <a>addCustomAttributes</a> smart constructor.
data AddCustomAttributes

-- | The user pool ID for the user pool where you want to add custom
--   attributes.
acaUserPoolId :: Lens' AddCustomAttributes Text

-- | An array of custom attributes, such as Mutable and Name.
acaCustomAttributes :: Lens' AddCustomAttributes (NonEmpty SchemaAttributeType)

-- | Creates a value of <a>AddCustomAttributesResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>acarsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
addCustomAttributesResponse :: Int -> AddCustomAttributesResponse

-- | Represents the response from the server for the request to add custom
--   attributes.
--   
--   <i>See:</i> <a>addCustomAttributesResponse</a> smart constructor.
data AddCustomAttributesResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
acarsResponseStatus :: Lens' AddCustomAttributesResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributesResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributesResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributesResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributesResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributesResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributesResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.AddCustomAttributes.AddCustomAttributes


-- | Provides the feedback for an authentication event whether it was from
--   a valid user or not. This feedback is used for improving the risk
--   evaluation decision for the user pool as part of Amazon Cognito
--   advanced security.
module Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback

-- | Creates a value of <a>UpdateAuthEventFeedback</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uaefUserPoolId</a> - The user pool ID.</li>
--   <li><a>uaefUsername</a> - The user pool username.</li>
--   <li><a>uaefEventId</a> - The event ID.</li>
--   <li><a>uaefFeedbackToken</a> - The feedback token.</li>
--   <li><a>uaefFeedbackValue</a> - The authentication event feedback
--   value.</li>
--   </ul>
updateAuthEventFeedback :: Text -> Text -> Text -> Text -> FeedbackValueType -> UpdateAuthEventFeedback

-- | <i>See:</i> <a>updateAuthEventFeedback</a> smart constructor.
data UpdateAuthEventFeedback

-- | The user pool ID.
uaefUserPoolId :: Lens' UpdateAuthEventFeedback Text

-- | The user pool username.
uaefUsername :: Lens' UpdateAuthEventFeedback Text

-- | The event ID.
uaefEventId :: Lens' UpdateAuthEventFeedback Text

-- | The feedback token.
uaefFeedbackToken :: Lens' UpdateAuthEventFeedback Text

-- | The authentication event feedback value.
uaefFeedbackValue :: Lens' UpdateAuthEventFeedback FeedbackValueType

-- | Creates a value of <a>UpdateAuthEventFeedbackResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uaefrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updateAuthEventFeedbackResponse :: Int -> UpdateAuthEventFeedbackResponse

-- | <i>See:</i> <a>updateAuthEventFeedbackResponse</a> smart constructor.
data UpdateAuthEventFeedbackResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
uaefrsResponseStatus :: Lens' UpdateAuthEventFeedbackResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedbackResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedbackResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedbackResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedbackResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedbackResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedbackResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.UpdateAuthEventFeedback.UpdateAuthEventFeedback


-- | Updates the device status.
module Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus

-- | Creates a value of <a>UpdateDeviceStatus</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>udsDeviceRememberedStatus</a> - The status of whether a device
--   is remembered.</li>
--   <li><a>udsAccessToken</a> - The access token.</li>
--   <li><a>udsDeviceKey</a> - The device key.</li>
--   </ul>
updateDeviceStatus :: Text -> Text -> UpdateDeviceStatus

-- | Represents the request to update the device status.
--   
--   <i>See:</i> <a>updateDeviceStatus</a> smart constructor.
data UpdateDeviceStatus

-- | The status of whether a device is remembered.
udsDeviceRememberedStatus :: Lens' UpdateDeviceStatus (Maybe DeviceRememberedStatusType)

-- | The access token.
udsAccessToken :: Lens' UpdateDeviceStatus Text

-- | The device key.
udsDeviceKey :: Lens' UpdateDeviceStatus Text

-- | Creates a value of <a>UpdateDeviceStatusResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>udsrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updateDeviceStatusResponse :: Int -> UpdateDeviceStatusResponse

-- | The response to the request to update the device status.
--   
--   <i>See:</i> <a>updateDeviceStatusResponse</a> smart constructor.
data UpdateDeviceStatusResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
udsrsResponseStatus :: Lens' UpdateDeviceStatusResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatusResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatusResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatusResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatusResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatusResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatusResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.UpdateDeviceStatus.UpdateDeviceStatus


-- | Updates the specified group with the specified attributes.
--   
--   Requires developer credentials.
module Network.AWS.CognitoIdentityProvider.UpdateGroup

-- | Creates a value of <a>UpdateGroup</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ugPrecedence</a> - The new precedence value for the group. For
--   more information about this parameter, see .</li>
--   <li><a>ugDescription</a> - A string containing the new description of
--   the group.</li>
--   <li><a>ugRoleARN</a> - The new role ARN for the group. This is used
--   for setting the <tt>cognito:roles</tt> and
--   <tt>cognito:preferred_role</tt> claims in the token.</li>
--   <li><a>ugGroupName</a> - The name of the group.</li>
--   <li><a>ugUserPoolId</a> - The user pool ID for the user pool.</li>
--   </ul>
updateGroup :: Text -> Text -> UpdateGroup

-- | <i>See:</i> <a>updateGroup</a> smart constructor.
data UpdateGroup

-- | The new precedence value for the group. For more information about
--   this parameter, see .
ugPrecedence :: Lens' UpdateGroup (Maybe Natural)

-- | A string containing the new description of the group.
ugDescription :: Lens' UpdateGroup (Maybe Text)

-- | The new role ARN for the group. This is used for setting the
--   <tt>cognito:roles</tt> and <tt>cognito:preferred_role</tt> claims in
--   the token.
ugRoleARN :: Lens' UpdateGroup (Maybe Text)

-- | The name of the group.
ugGroupName :: Lens' UpdateGroup Text

-- | The user pool ID for the user pool.
ugUserPoolId :: Lens' UpdateGroup Text

-- | Creates a value of <a>UpdateGroupResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ugrsGroup</a> - The group object for the group.</li>
--   <li><a>ugrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updateGroupResponse :: Int -> UpdateGroupResponse

-- | <i>See:</i> <a>updateGroupResponse</a> smart constructor.
data UpdateGroupResponse

-- | The group object for the group.
ugrsGroup :: Lens' UpdateGroupResponse (Maybe GroupType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ugrsResponseStatus :: Lens' UpdateGroupResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroupResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroupResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroupResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroupResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroupResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroupResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.UpdateGroup.UpdateGroup


-- | Updates identity provider information for a user pool.
module Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider

-- | Creates a value of <a>UpdateIdentityProvider</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uipIdpIdentifiers</a> - A list of identity provider
--   identifiers.</li>
--   <li><a>uipAttributeMapping</a> - The identity provider attribute
--   mapping to be changed.</li>
--   <li><a>uipProviderDetails</a> - The identity provider details to be
--   updated, such as <tt>MetadataURL</tt> and <tt>MetadataFile</tt> .</li>
--   <li><a>uipUserPoolId</a> - The user pool ID.</li>
--   <li><a>uipProviderName</a> - The identity provider name.</li>
--   </ul>
updateIdentityProvider :: Text -> Text -> UpdateIdentityProvider

-- | <i>See:</i> <a>updateIdentityProvider</a> smart constructor.
data UpdateIdentityProvider

-- | A list of identity provider identifiers.
uipIdpIdentifiers :: Lens' UpdateIdentityProvider [Text]

-- | The identity provider attribute mapping to be changed.
uipAttributeMapping :: Lens' UpdateIdentityProvider (HashMap Text Text)

-- | The identity provider details to be updated, such as
--   <tt>MetadataURL</tt> and <tt>MetadataFile</tt> .
uipProviderDetails :: Lens' UpdateIdentityProvider (HashMap Text Text)

-- | The user pool ID.
uipUserPoolId :: Lens' UpdateIdentityProvider Text

-- | The identity provider name.
uipProviderName :: Lens' UpdateIdentityProvider Text

-- | Creates a value of <a>UpdateIdentityProviderResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uiprsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>uiprsIdentityProvider</a> - The identity provider object.</li>
--   </ul>
updateIdentityProviderResponse :: Int -> IdentityProviderType -> UpdateIdentityProviderResponse

-- | <i>See:</i> <a>updateIdentityProviderResponse</a> smart constructor.
data UpdateIdentityProviderResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
uiprsResponseStatus :: Lens' UpdateIdentityProviderResponse Int

-- | The identity provider object.
uiprsIdentityProvider :: Lens' UpdateIdentityProviderResponse IdentityProviderType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProviderResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProviderResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProviderResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProviderResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProviderResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProviderResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.UpdateIdentityProvider.UpdateIdentityProvider


-- | Updates the name and scopes of resource server. All other fields are
--   read-only.
module Network.AWS.CognitoIdentityProvider.UpdateResourceServer

-- | Creates a value of <a>UpdateResourceServer</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ursScopes</a> - The scope values to be set for the resource
--   server.</li>
--   <li><a>ursUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>ursIdentifier</a> - The identifier for the resource
--   server.</li>
--   <li><a>ursName</a> - The name of the resource server.</li>
--   </ul>
updateResourceServer :: Text -> Text -> Text -> UpdateResourceServer

-- | <i>See:</i> <a>updateResourceServer</a> smart constructor.
data UpdateResourceServer

-- | The scope values to be set for the resource server.
ursScopes :: Lens' UpdateResourceServer [ResourceServerScopeType]

-- | The user pool ID for the user pool.
ursUserPoolId :: Lens' UpdateResourceServer Text

-- | The identifier for the resource server.
ursIdentifier :: Lens' UpdateResourceServer Text

-- | The name of the resource server.
ursName :: Lens' UpdateResourceServer Text

-- | Creates a value of <a>UpdateResourceServerResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ursrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>ursrsResourceServer</a> - The resource server.</li>
--   </ul>
updateResourceServerResponse :: Int -> ResourceServerType -> UpdateResourceServerResponse

-- | <i>See:</i> <a>updateResourceServerResponse</a> smart constructor.
data UpdateResourceServerResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ursrsResponseStatus :: Lens' UpdateResourceServerResponse Int

-- | The resource server.
ursrsResourceServer :: Lens' UpdateResourceServerResponse ResourceServerType
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServerResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServerResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServerResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServerResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServerResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServerResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.UpdateResourceServer.UpdateResourceServer


-- | Allows a user to update a specific attribute (one at a time).
module Network.AWS.CognitoIdentityProvider.UpdateUserAttributes

-- | Creates a value of <a>UpdateUserAttributes</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uuaUserAttributes</a> - An array of name-value pairs
--   representing user attributes. For custom attributes, you must prepend
--   the <tt>custom:</tt> prefix to the attribute name.</li>
--   <li><a>uuaAccessToken</a> - The access token for the request to update
--   user attributes.</li>
--   </ul>
updateUserAttributes :: Text -> UpdateUserAttributes

-- | Represents the request to update user attributes.
--   
--   <i>See:</i> <a>updateUserAttributes</a> smart constructor.
data UpdateUserAttributes

-- | An array of name-value pairs representing user attributes. For custom
--   attributes, you must prepend the <tt>custom:</tt> prefix to the
--   attribute name.
uuaUserAttributes :: Lens' UpdateUserAttributes [AttributeType]

-- | The access token for the request to update user attributes.
uuaAccessToken :: Lens' UpdateUserAttributes Text

-- | Creates a value of <a>UpdateUserAttributesResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uuarsCodeDeliveryDetailsList</a> - The code delivery details
--   list from the server for the request to update user attributes.</li>
--   <li><a>uuarsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updateUserAttributesResponse :: Int -> UpdateUserAttributesResponse

-- | Represents the response from the server for the request to update user
--   attributes.
--   
--   <i>See:</i> <a>updateUserAttributesResponse</a> smart constructor.
data UpdateUserAttributesResponse

-- | The code delivery details list from the server for the request to
--   update user attributes.
uuarsCodeDeliveryDetailsList :: Lens' UpdateUserAttributesResponse [CodeDeliveryDetailsType]

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
uuarsResponseStatus :: Lens' UpdateUserAttributesResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributesResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributesResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributesResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributesResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributesResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributesResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.UpdateUserAttributes.UpdateUserAttributes


-- | Updates the specified user pool with the specified attributes.
module Network.AWS.CognitoIdentityProvider.UpdateUserPool

-- | Creates a value of <a>UpdateUserPool</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uupUserPoolTags</a> - The cost allocation tags for the user
--   pool. For more information, see <a>Adding Cost Allocation Tags to Your
--   User Pool</a></li>
--   <li><a>uupVerificationMessageTemplate</a> - The template for
--   verification messages.</li>
--   <li><a>uupEmailVerificationMessage</a> - The contents of the email
--   verification message.</li>
--   <li><a>uupSmsAuthenticationMessage</a> - The contents of the SMS
--   authentication message.</li>
--   <li><a>uupUserPoolAddOns</a> - Used to enable advanced security risk
--   detection. Set the key <tt>AdvancedSecurityMode</tt> to the value
--   <a>AUDIT</a>.</li>
--   <li><a>uupEmailVerificationSubject</a> - The subject of the email
--   verification message.</li>
--   <li><a>uupEmailConfiguration</a> - Email configuration.</li>
--   <li><a>uupSmsVerificationMessage</a> - A container with information
--   about the SMS verification message.</li>
--   <li><a>uupMFAConfiguration</a> - Can be one of the following values: *
--   <tt>OFF</tt> - MFA tokens are not required and cannot be specified
--   during user registration. * <tt>ON</tt> - MFA tokens are required for
--   all user registrations. You can only specify required when you are
--   initially creating a user pool. * <tt>OPTIONAL</tt> - Users have the
--   option when registering to create an MFA token.</li>
--   <li><a>uupLambdaConfig</a> - The AWS Lambda configuration information
--   from the request to update the user pool.</li>
--   <li><a>uupSmsConfiguration</a> - SMS configuration.</li>
--   <li><a>uupAdminCreateUserConfig</a> - The configuration for
--   <tt>AdminCreateUser</tt> requests.</li>
--   <li><a>uupDeviceConfiguration</a> - Device configuration.</li>
--   <li><a>uupAutoVerifiedAttributes</a> - The attributes that are
--   automatically verified when the Amazon Cognito service makes a request
--   to update user pools.</li>
--   <li><a>uupPolicies</a> - A container with the policies you wish to
--   update in a user pool.</li>
--   <li><a>uupUserPoolId</a> - The user pool ID for the user pool you want
--   to update.</li>
--   </ul>
updateUserPool :: Text -> UpdateUserPool

-- | Represents the request to update the user pool.
--   
--   <i>See:</i> <a>updateUserPool</a> smart constructor.
data UpdateUserPool

-- | The cost allocation tags for the user pool. For more information, see
--   <a>Adding Cost Allocation Tags to Your User Pool</a>
uupUserPoolTags :: Lens' UpdateUserPool (HashMap Text Text)

-- | The template for verification messages.
uupVerificationMessageTemplate :: Lens' UpdateUserPool (Maybe VerificationMessageTemplateType)

-- | The contents of the email verification message.
uupEmailVerificationMessage :: Lens' UpdateUserPool (Maybe Text)

-- | The contents of the SMS authentication message.
uupSmsAuthenticationMessage :: Lens' UpdateUserPool (Maybe Text)

-- | Used to enable advanced security risk detection. Set the key
--   <tt>AdvancedSecurityMode</tt> to the value <a>AUDIT</a>.
uupUserPoolAddOns :: Lens' UpdateUserPool (Maybe UserPoolAddOnsType)

-- | The subject of the email verification message.
uupEmailVerificationSubject :: Lens' UpdateUserPool (Maybe Text)

-- | Email configuration.
uupEmailConfiguration :: Lens' UpdateUserPool (Maybe EmailConfigurationType)

-- | A container with information about the SMS verification message.
uupSmsVerificationMessage :: Lens' UpdateUserPool (Maybe Text)

-- | Can be one of the following values: * <tt>OFF</tt> - MFA tokens are
--   not required and cannot be specified during user registration. *
--   <tt>ON</tt> - MFA tokens are required for all user registrations. You
--   can only specify required when you are initially creating a user pool.
--   * <tt>OPTIONAL</tt> - Users have the option when registering to create
--   an MFA token.
uupMFAConfiguration :: Lens' UpdateUserPool (Maybe UserPoolMFAType)

-- | The AWS Lambda configuration information from the request to update
--   the user pool.
uupLambdaConfig :: Lens' UpdateUserPool (Maybe LambdaConfigType)

-- | SMS configuration.
uupSmsConfiguration :: Lens' UpdateUserPool (Maybe SmsConfigurationType)

-- | The configuration for <tt>AdminCreateUser</tt> requests.
uupAdminCreateUserConfig :: Lens' UpdateUserPool (Maybe AdminCreateUserConfigType)

-- | Device configuration.
uupDeviceConfiguration :: Lens' UpdateUserPool (Maybe DeviceConfigurationType)

-- | The attributes that are automatically verified when the Amazon Cognito
--   service makes a request to update user pools.
uupAutoVerifiedAttributes :: Lens' UpdateUserPool [VerifiedAttributeType]

-- | A container with the policies you wish to update in a user pool.
uupPolicies :: Lens' UpdateUserPool (Maybe UserPoolPolicyType)

-- | The user pool ID for the user pool you want to update.
uupUserPoolId :: Lens' UpdateUserPool Text

-- | Creates a value of <a>UpdateUserPoolResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uuprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updateUserPoolResponse :: Int -> UpdateUserPoolResponse

-- | Represents the response from the server when you make a request to
--   update the user pool.
--   
--   <i>See:</i> <a>updateUserPoolResponse</a> smart constructor.
data UpdateUserPoolResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
uuprsResponseStatus :: Lens' UpdateUserPoolResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPoolResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPoolResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPoolResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPoolResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPoolResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPoolResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.UpdateUserPool.UpdateUserPool


-- | Allows the developer to update the specified user pool client and
--   password policy.
module Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient

-- | Creates a value of <a>UpdateUserPoolClient</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uupcRefreshTokenValidity</a> - The time limit, in days, after
--   which the refresh token is no longer valid and cannot be used.</li>
--   <li><a>uupcExplicitAuthFlows</a> - Explicit authentication flows.</li>
--   <li><a>uupcSupportedIdentityProviders</a> - A list of provider names
--   for the identity providers that are supported on this client.</li>
--   <li><a>uupcLogoutURLs</a> - A list of allowed logout URLs for the
--   identity providers.</li>
--   <li><a>uupcAllowedOAuthFlowsUserPoolClient</a> - Set to TRUE if the
--   client is allowed to follow the OAuth protocol when interacting with
--   Cognito user pools.</li>
--   <li><a>uupcDefaultRedirectURI</a> - The default redirect URI. Must be
--   in the <tt>CallbackURLs</tt> list.</li>
--   <li><a>uupcWriteAttributes</a> - The writeable attributes of the user
--   pool.</li>
--   <li><a>uupcReadAttributes</a> - The read-only attributes of the user
--   pool.</li>
--   <li><a>uupcAllowedOAuthScopes</a> - A list of allowed <tt>OAuth</tt>
--   scopes. Currently supported values are <tt>"phone"</tt> ,
--   <tt>"email"</tt> , <tt>"openid"</tt> , and <tt><a>Cognito</a></tt>
--   .</li>
--   <li><a>uupcAllowedOAuthFlows</a> - Set to <tt>code</tt> to initiate a
--   code grant flow, which provides an authorization code as the response.
--   This code can be exchanged for access tokens with the token endpoint.
--   Set to <tt>token</tt> to specify that the client should get the access
--   token (and, optionally, ID token, based on scopes) directly.</li>
--   <li><a>uupcAnalyticsConfiguration</a> - The Amazon Pinpoint analytics
--   configuration for collecting metrics for this user pool.</li>
--   <li><a>uupcClientName</a> - The client name from the update user pool
--   client request.</li>
--   <li><a>uupcCallbackURLs</a> - A list of allowed callback URLs for the
--   identity providers.</li>
--   <li><a>uupcUserPoolId</a> - The user pool ID for the user pool where
--   you want to update the user pool client.</li>
--   <li><a>uupcClientId</a> - The ID of the client associated with the
--   user pool.</li>
--   </ul>
updateUserPoolClient :: Text -> Text -> UpdateUserPoolClient

-- | Represents the request to update the user pool client.
--   
--   <i>See:</i> <a>updateUserPoolClient</a> smart constructor.
data UpdateUserPoolClient

-- | The time limit, in days, after which the refresh token is no longer
--   valid and cannot be used.
uupcRefreshTokenValidity :: Lens' UpdateUserPoolClient (Maybe Natural)

-- | Explicit authentication flows.
uupcExplicitAuthFlows :: Lens' UpdateUserPoolClient [ExplicitAuthFlowsType]

-- | A list of provider names for the identity providers that are supported
--   on this client.
uupcSupportedIdentityProviders :: Lens' UpdateUserPoolClient [Text]

-- | A list of allowed logout URLs for the identity providers.
uupcLogoutURLs :: Lens' UpdateUserPoolClient [Text]

-- | Set to TRUE if the client is allowed to follow the OAuth protocol when
--   interacting with Cognito user pools.
uupcAllowedOAuthFlowsUserPoolClient :: Lens' UpdateUserPoolClient (Maybe Bool)

-- | The default redirect URI. Must be in the <tt>CallbackURLs</tt> list.
uupcDefaultRedirectURI :: Lens' UpdateUserPoolClient (Maybe Text)

-- | The writeable attributes of the user pool.
uupcWriteAttributes :: Lens' UpdateUserPoolClient [Text]

-- | The read-only attributes of the user pool.
uupcReadAttributes :: Lens' UpdateUserPoolClient [Text]

-- | A list of allowed <tt>OAuth</tt> scopes. Currently supported values
--   are <tt>"phone"</tt> , <tt>"email"</tt> , <tt>"openid"</tt> , and
--   <tt><a>Cognito</a></tt> .
uupcAllowedOAuthScopes :: Lens' UpdateUserPoolClient [Text]

-- | Set to <tt>code</tt> to initiate a code grant flow, which provides an
--   authorization code as the response. This code can be exchanged for
--   access tokens with the token endpoint. Set to <tt>token</tt> to
--   specify that the client should get the access token (and, optionally,
--   ID token, based on scopes) directly.
uupcAllowedOAuthFlows :: Lens' UpdateUserPoolClient [OAuthFlowType]

-- | The Amazon Pinpoint analytics configuration for collecting metrics for
--   this user pool.
uupcAnalyticsConfiguration :: Lens' UpdateUserPoolClient (Maybe AnalyticsConfigurationType)

-- | The client name from the update user pool client request.
uupcClientName :: Lens' UpdateUserPoolClient (Maybe Text)

-- | A list of allowed callback URLs for the identity providers.
uupcCallbackURLs :: Lens' UpdateUserPoolClient [Text]

-- | The user pool ID for the user pool where you want to update the user
--   pool client.
uupcUserPoolId :: Lens' UpdateUserPoolClient Text

-- | The ID of the client associated with the user pool.
uupcClientId :: Lens' UpdateUserPoolClient Text

-- | Creates a value of <a>UpdateUserPoolClientResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uupcrsUserPoolClient</a> - The user pool client value from the
--   response from the server when an update user pool client request is
--   made.</li>
--   <li><a>uupcrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updateUserPoolClientResponse :: Int -> UpdateUserPoolClientResponse

-- | Represents the response from the server to the request to update the
--   user pool client.
--   
--   <i>See:</i> <a>updateUserPoolClientResponse</a> smart constructor.
data UpdateUserPoolClientResponse

-- | The user pool client value from the response from the server when an
--   update user pool client request is made.
uupcrsUserPoolClient :: Lens' UpdateUserPoolClientResponse (Maybe UserPoolClientType)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
uupcrsResponseStatus :: Lens' UpdateUserPoolClientResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClientResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClientResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClientResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClientResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClientResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.UpdateUserPoolClient.UpdateUserPoolClient


-- | Use this API to register a user's entered TOTP code and mark the
--   user's software token MFA status as "verified" if successful,
module Network.AWS.CognitoIdentityProvider.VerifySoftwareToken

-- | Creates a value of <a>VerifySoftwareToken</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>vstAccessToken</a> - The access token.</li>
--   <li><a>vstFriendlyDeviceName</a> - The friendly device name.</li>
--   <li><a>vstSession</a> - The session which should be passed both ways
--   in challenge-response calls to the service.</li>
--   <li><a>vstUserCode</a> - The one time password computed using the
--   secret code returned by</li>
--   </ul>
verifySoftwareToken :: Text -> VerifySoftwareToken

-- | <i>See:</i> <a>verifySoftwareToken</a> smart constructor.
data VerifySoftwareToken

-- | The access token.
vstAccessToken :: Lens' VerifySoftwareToken (Maybe Text)

-- | The friendly device name.
vstFriendlyDeviceName :: Lens' VerifySoftwareToken (Maybe Text)

-- | The session which should be passed both ways in challenge-response
--   calls to the service.
vstSession :: Lens' VerifySoftwareToken (Maybe Text)

-- | The one time password computed using the secret code returned by
vstUserCode :: Lens' VerifySoftwareToken Text

-- | Creates a value of <a>VerifySoftwareTokenResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>vstrsStatus</a> - The status of the verify software token.</li>
--   <li><a>vstrsSession</a> - The session which should be passed both ways
--   in challenge-response calls to the service.</li>
--   <li><a>vstrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
verifySoftwareTokenResponse :: Int -> VerifySoftwareTokenResponse

-- | <i>See:</i> <a>verifySoftwareTokenResponse</a> smart constructor.
data VerifySoftwareTokenResponse

-- | The status of the verify software token.
vstrsStatus :: Lens' VerifySoftwareTokenResponse (Maybe VerifySoftwareTokenResponseType)

-- | The session which should be passed both ways in challenge-response
--   calls to the service.
vstrsSession :: Lens' VerifySoftwareTokenResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
vstrsResponseStatus :: Lens' VerifySoftwareTokenResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareTokenResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareTokenResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareTokenResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareTokenResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareTokenResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareTokenResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.VerifySoftwareToken.VerifySoftwareToken


-- | Verifies the specified user attributes in the user pool.
module Network.AWS.CognitoIdentityProvider.VerifyUserAttribute

-- | Creates a value of <a>VerifyUserAttribute</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>vuaAccessToken</a> - Represents the access token of the request
--   to verify user attributes.</li>
--   <li><a>vuaAttributeName</a> - The attribute name in the request to
--   verify user attributes.</li>
--   <li><a>vuaCode</a> - The verification code in the request to verify
--   user attributes.</li>
--   </ul>
verifyUserAttribute :: Text -> Text -> Text -> VerifyUserAttribute

-- | Represents the request to verify user attributes.
--   
--   <i>See:</i> <a>verifyUserAttribute</a> smart constructor.
data VerifyUserAttribute

-- | Represents the access token of the request to verify user attributes.
vuaAccessToken :: Lens' VerifyUserAttribute Text

-- | The attribute name in the request to verify user attributes.
vuaAttributeName :: Lens' VerifyUserAttribute Text

-- | The verification code in the request to verify user attributes.
vuaCode :: Lens' VerifyUserAttribute Text

-- | Creates a value of <a>VerifyUserAttributeResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>vuarsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
verifyUserAttributeResponse :: Int -> VerifyUserAttributeResponse

-- | A container representing the response from the server from the request
--   to verify user attributes.
--   
--   <i>See:</i> <a>verifyUserAttributeResponse</a> smart constructor.
data VerifyUserAttributeResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
vuarsResponseStatus :: Lens' VerifyUserAttributeResponse Int
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttributeResponse
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttributeResponse
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttributeResponse
instance GHC.Read.Read Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttributeResponse
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttributeResponse
instance GHC.Generics.Generic Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute
instance Data.Data.Data Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute
instance GHC.Show.Show Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute
instance GHC.Classes.Eq Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute
instance Network.AWS.Types.AWSRequest Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttributeResponse
instance Data.Hashable.Class.Hashable Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute
instance Control.DeepSeq.NFData Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute
instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute
instance Network.AWS.Data.Path.ToPath Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute
instance Network.AWS.Data.Query.ToQuery Network.AWS.CognitoIdentityProvider.VerifyUserAttribute.VerifyUserAttribute


module Network.AWS.CognitoIdentityProvider.Waiters


-- | Using the Amazon Cognito User Pools API, you can create a user pool to
--   manage directories and users. You can authenticate a user to obtain
--   tokens related to user identity and access policies.
--   
--   This API reference provides information about user pools in Amazon
--   Cognito User Pools.
--   
--   For more information, see the Amazon Cognito Documentation.
module Network.AWS.CognitoIdentityProvider

-- | API version <tt>2016-04-18</tt> of the Amazon Cognito Identity
--   Provider SDK configuration.
cognitoIdentityProvider :: Service

-- | The request failed because the user is in an unsupported state.
_UnsupportedUserStateException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a password reset is required.
_PasswordResetRequiredException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service encounters an
--   invalid parameter.
_InvalidParameterException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service encounters an
--   invalid AWS Lambda response.
_InvalidLambdaResponseException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when Amazon Cognito is not allowed to use
--   your email identity. HTTP status code: 400.
_InvalidEmailRoleAccessPolicyException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the specified identifier is not
--   supported.
_UnsupportedIdentityProviderException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user is not found.
_UserNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service encounters an
--   unexpected exception with the AWS Lambda service.
_UnexpectedLambdaException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user is not authorized.
_NotAuthorizedException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when Amazon Cognito encounters an internal
--   error.
_InternalErrorException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the user pool configuration is invalid.
_InvalidUserPoolConfigurationException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is returned when the role provided for SMS
--   configuration does not have permission to publish using Amazon SNS.
_InvalidSmsRoleAccessPolicyException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the specified OAuth flow is invalid.
_InvalidOAuthFlowException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown if the provided code does not match what the
--   server was expecting.
_CodeMismatchException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when you are trying to modify a user pool
--   while a user import job is in progress for that pool.
_UserImportInProgressException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the trust relationship is invalid for
--   the role provided for SMS configuration. This can happen if you do not
--   trust <b>cognito-idp.amazonaws.com</b> or the external ID provided in
--   the role does not match what is provided in the SMS configuration for
--   the user pool.
_InvalidSmsRoleTrustRelationshipException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user pool tag cannot be set or
--   updated.
_UserPoolTaggingException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the software token TOTP multi-factor
--   authentication (MFA) is not enabled for the user pool.
_SoftwareTokenMFANotFoundException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the user has made too many requests for
--   a given operation.
_TooManyRequestsException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown if two or more modifications are happening
--   concurrently.
_ConcurrentModificationException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when user pool add-ons are not enabled.
_UserPoolAddOnNotEnabledException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service encounters a
--   user validation exception with the AWS Lambda service.
_UserLambdaValidationException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a precondition is not met.
_PreconditionNotMetException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown if a code has expired.
_ExpiredCodeException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the user has made too many failed
--   attempts for a given action (e.g., sign in).
_TooManyFailedAttemptsException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when there is a code mismatch and the service
--   fails to configure the software token TOTP multi-factor authentication
--   (MFA).
_EnableSoftwareTokenMFAException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user is not confirmed successfully.
_UserNotConfirmedException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when Amazon Cognito encounters a group that
--   already exists in the user pool.
_GroupExistsException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a verification code fails to deliver
--   successfully.
_CodeDeliveryFailureException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the specified scope does not exist.
_ScopeDoesNotExistException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service cannot find
--   the requested resource.
_ResourceNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when Amazon Cognito cannot find a
--   multi-factor authentication (MFA) method.
_MFAMethodNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user tries to confirm the account with
--   an email or phone number that has already been supplied as an alias
--   from a different account. This exception tells user that an account
--   with this email or phone already exists.
_AliasExistsException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the provider is already supported by the
--   user pool.
_DuplicateProviderException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when a user exceeds the limit for a requested
--   AWS resource.
_LimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when the Amazon Cognito service encounters an
--   invalid password.
_InvalidPasswordException :: AsError a => Getting (First ServiceError) a ServiceError

-- | This exception is thrown when Amazon Cognito encounters a user name
--   that already exists in the user pool.
_UsernameExistsException :: AsError a => Getting (First ServiceError) a ServiceError
data AccountTakeoverEventActionType
ATEATBlock :: AccountTakeoverEventActionType
ATEATMFAIfConfigured :: AccountTakeoverEventActionType
ATEATMFARequired :: AccountTakeoverEventActionType
ATEATNoAction :: AccountTakeoverEventActionType
data AdvancedSecurityModeType
Audit :: AdvancedSecurityModeType
Enforced :: AdvancedSecurityModeType
Off :: AdvancedSecurityModeType
data AliasAttributeType
AATEmail :: AliasAttributeType
AATPhoneNumber :: AliasAttributeType
AATPreferredUsername :: AliasAttributeType
data AttributeDataType
Boolean :: AttributeDataType
DateTime :: AttributeDataType
Number :: AttributeDataType
String :: AttributeDataType
data AuthFlowType
AdminNoSrpAuth :: AuthFlowType
CustomAuth :: AuthFlowType
RefreshToken :: AuthFlowType
RefreshTokenAuth :: AuthFlowType
UserPasswordAuth :: AuthFlowType
UserSrpAuth :: AuthFlowType
data ChallengeName
MFA :: ChallengeName
Password :: ChallengeName
data ChallengeNameType
CNTAdminNoSrpAuth :: ChallengeNameType
CNTCustomChallenge :: ChallengeNameType
CNTDevicePasswordVerifier :: ChallengeNameType
CNTDeviceSrpAuth :: ChallengeNameType
CNTMFASetup :: ChallengeNameType
CNTNewPasswordRequired :: ChallengeNameType
CNTPasswordVerifier :: ChallengeNameType
CNTSelectMFAType :: ChallengeNameType
CNTSmsMFA :: ChallengeNameType
CNTSoftwareTokenMFA :: ChallengeNameType
data ChallengeResponse
CFailure :: ChallengeResponse
CSuccess :: ChallengeResponse
data CompromisedCredentialsEventActionType
CCEATBlock :: CompromisedCredentialsEventActionType
CCEATNoAction :: CompromisedCredentialsEventActionType
data DefaultEmailOptionType
ConfirmWithCode :: DefaultEmailOptionType
ConfirmWithLink :: DefaultEmailOptionType
data DeliveryMediumType
DMTEmail :: DeliveryMediumType
DMTSms :: DeliveryMediumType
data DeviceRememberedStatusType
NotRemembered :: DeviceRememberedStatusType
Remembered :: DeviceRememberedStatusType
data DomainStatusType
DSTActive :: DomainStatusType
DSTCreating :: DomainStatusType
DSTDeleting :: DomainStatusType
DSTFailed :: DomainStatusType
DSTUpdating :: DomainStatusType
data EventFilterType
PasswordChange :: EventFilterType
SignIn :: EventFilterType
SignUp :: EventFilterType
data EventResponseType
Failure :: EventResponseType
Success :: EventResponseType
data EventType
ETForgotPassword :: EventType
ETSignIn :: EventType
ETSignUp :: EventType
data ExplicitAuthFlowsType
EAFTAdminNoSrpAuth :: ExplicitAuthFlowsType
EAFTCustomAuthFlowOnly :: ExplicitAuthFlowsType
EAFTUserPasswordAuth :: ExplicitAuthFlowsType
data FeedbackValueType
Invalid :: FeedbackValueType
Valid :: FeedbackValueType
data IdentityProviderTypeType
Facebook :: IdentityProviderTypeType
Google :: IdentityProviderTypeType
LoginWithAmazon :: IdentityProviderTypeType
Saml :: IdentityProviderTypeType
data MessageActionType
Resend :: MessageActionType
Suppress :: MessageActionType
data OAuthFlowType
ClientCredentials :: OAuthFlowType
Code :: OAuthFlowType
Implicit :: OAuthFlowType
data RiskDecisionType
AccountTakeover :: RiskDecisionType
Block :: RiskDecisionType
NoRisk :: RiskDecisionType
data RiskLevelType
High :: RiskLevelType
Low :: RiskLevelType
Medium :: RiskLevelType
data StatusType
Disabled :: StatusType
Enabled :: StatusType
data UserImportJobStatusType
Created :: UserImportJobStatusType
Expired :: UserImportJobStatusType
Failed :: UserImportJobStatusType
InProgress :: UserImportJobStatusType
Pending :: UserImportJobStatusType
Stopped :: UserImportJobStatusType
Stopping :: UserImportJobStatusType
Succeeded :: UserImportJobStatusType
data UserPoolMFAType
UPMTON :: UserPoolMFAType
UPMTOff :: UserPoolMFAType
UPMTOptional :: UserPoolMFAType
data UserStatusType
Archived :: UserStatusType
Compromised :: UserStatusType
Confirmed :: UserStatusType
ForceChangePassword :: UserStatusType
ResetRequired :: UserStatusType
Unconfirmed :: UserStatusType
Unknown :: UserStatusType
data UsernameAttributeType
UATEmail :: UsernameAttributeType
UATPhoneNumber :: UsernameAttributeType
data VerifiedAttributeType
Email :: VerifiedAttributeType
PhoneNumber :: VerifiedAttributeType
data VerifySoftwareTokenResponseType
VSTRTError' :: VerifySoftwareTokenResponseType
VSTRTSuccess :: VerifySoftwareTokenResponseType

-- | Account takeover action type.
--   
--   <i>See:</i> <a>accountTakeoverActionType</a> smart constructor.
data AccountTakeoverActionType

-- | Creates a value of <a>AccountTakeoverActionType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>atatNotify</a> - Flag specifying whether to send a
--   notification.</li>
--   <li><a>atatEventAction</a> - The event action. * <tt>BLOCK</tt>
--   Choosing this action will block the request. *
--   <tt>MFA_IF_CONFIGURED</tt> Throw MFA challenge if user has configured
--   it, else allow the request. * <tt>MFA_REQUIRED</tt> Throw MFA
--   challenge if user has configured it, else block the request. *
--   <tt>NO_ACTION</tt> Allow the user sign-in.</li>
--   </ul>
accountTakeoverActionType :: Bool -> AccountTakeoverEventActionType -> AccountTakeoverActionType

-- | Flag specifying whether to send a notification.
atatNotify :: Lens' AccountTakeoverActionType Bool

-- | The event action. * <tt>BLOCK</tt> Choosing this action will block the
--   request. * <tt>MFA_IF_CONFIGURED</tt> Throw MFA challenge if user has
--   configured it, else allow the request. * <tt>MFA_REQUIRED</tt> Throw
--   MFA challenge if user has configured it, else block the request. *
--   <tt>NO_ACTION</tt> Allow the user sign-in.
atatEventAction :: Lens' AccountTakeoverActionType AccountTakeoverEventActionType

-- | Account takeover actions type.
--   
--   <i>See:</i> <a>accountTakeoverActionsType</a> smart constructor.
data AccountTakeoverActionsType

-- | Creates a value of <a>AccountTakeoverActionsType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>atatLowAction</a> - Action to take for a low risk.</li>
--   <li><a>atatHighAction</a> - Action to take for a high risk.</li>
--   <li><a>atatMediumAction</a> - Action to take for a medium risk.</li>
--   </ul>
accountTakeoverActionsType :: AccountTakeoverActionsType

-- | Action to take for a low risk.
atatLowAction :: Lens' AccountTakeoverActionsType (Maybe AccountTakeoverActionType)

-- | Action to take for a high risk.
atatHighAction :: Lens' AccountTakeoverActionsType (Maybe AccountTakeoverActionType)

-- | Action to take for a medium risk.
atatMediumAction :: Lens' AccountTakeoverActionsType (Maybe AccountTakeoverActionType)

-- | Configuration for mitigation actions and notification for different
--   levels of risk detected for a potential account takeover.
--   
--   <i>See:</i> <a>accountTakeoverRiskConfigurationType</a> smart
--   constructor.
data AccountTakeoverRiskConfigurationType

-- | Creates a value of <a>AccountTakeoverRiskConfigurationType</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>atrctNotifyConfiguration</a> - The notify configuration used to
--   construct email notifications.</li>
--   <li><a>atrctActions</a> - Account takeover risk configuration
--   actions</li>
--   </ul>
accountTakeoverRiskConfigurationType :: AccountTakeoverActionsType -> AccountTakeoverRiskConfigurationType

-- | The notify configuration used to construct email notifications.
atrctNotifyConfiguration :: Lens' AccountTakeoverRiskConfigurationType (Maybe NotifyConfigurationType)

-- | Account takeover risk configuration actions
atrctActions :: Lens' AccountTakeoverRiskConfigurationType AccountTakeoverActionsType

-- | The configuration for creating a new user profile.
--   
--   <i>See:</i> <a>adminCreateUserConfigType</a> smart constructor.
data AdminCreateUserConfigType

-- | Creates a value of <a>AdminCreateUserConfigType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>acuctAllowAdminCreateUserOnly</a> - Set to <tt>True</tt> if
--   only the administrator is allowed to create user profiles. Set to
--   <tt>False</tt> if users can sign themselves up via an app.</li>
--   <li><a>acuctUnusedAccountValidityDays</a> - The user account
--   expiration limit, in days, after which the account is no longer
--   usable. To reset the account after that time limit, you must call
--   <tt>AdminCreateUser</tt> again, specifying <tt><a>RESEND</a></tt> for
--   the <tt>MessageAction</tt> parameter. The default value for this
--   parameter is 7.</li>
--   <li><a>acuctInviteMessageTemplate</a> - The message template to be
--   used for the welcome message to new users. See also <a>Customizing
--   User Invitation Messages</a> .</li>
--   </ul>
adminCreateUserConfigType :: AdminCreateUserConfigType

-- | Set to <tt>True</tt> if only the administrator is allowed to create
--   user profiles. Set to <tt>False</tt> if users can sign themselves up
--   via an app.
acuctAllowAdminCreateUserOnly :: Lens' AdminCreateUserConfigType (Maybe Bool)

-- | The user account expiration limit, in days, after which the account is
--   no longer usable. To reset the account after that time limit, you must
--   call <tt>AdminCreateUser</tt> again, specifying <tt><a>RESEND</a></tt>
--   for the <tt>MessageAction</tt> parameter. The default value for this
--   parameter is 7.
acuctUnusedAccountValidityDays :: Lens' AdminCreateUserConfigType (Maybe Natural)

-- | The message template to be used for the welcome message to new users.
--   See also <a>Customizing User Invitation Messages</a> .
acuctInviteMessageTemplate :: Lens' AdminCreateUserConfigType (Maybe MessageTemplateType)

-- | The Amazon Pinpoint analytics configuration for collecting metrics for
--   a user pool.
--   
--   <i>See:</i> <a>analyticsConfigurationType</a> smart constructor.
data AnalyticsConfigurationType

-- | Creates a value of <a>AnalyticsConfigurationType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>actUserDataShared</a> - If <tt>UserDataShared</tt> is
--   <tt>true</tt> , Amazon Cognito will include user data in the events it
--   publishes to Amazon Pinpoint analytics.</li>
--   <li><a>actApplicationId</a> - The application ID for an Amazon
--   Pinpoint application.</li>
--   <li><a>actRoleARN</a> - The ARN of an IAM role that authorizes Amazon
--   Cognito to publish events to Amazon Pinpoint analytics.</li>
--   <li><a>actExternalId</a> - The external ID.</li>
--   </ul>
analyticsConfigurationType :: Text -> Text -> Text -> AnalyticsConfigurationType

-- | If <tt>UserDataShared</tt> is <tt>true</tt> , Amazon Cognito will
--   include user data in the events it publishes to Amazon Pinpoint
--   analytics.
actUserDataShared :: Lens' AnalyticsConfigurationType (Maybe Bool)

-- | The application ID for an Amazon Pinpoint application.
actApplicationId :: Lens' AnalyticsConfigurationType Text

-- | The ARN of an IAM role that authorizes Amazon Cognito to publish
--   events to Amazon Pinpoint analytics.
actRoleARN :: Lens' AnalyticsConfigurationType Text

-- | The external ID.
actExternalId :: Lens' AnalyticsConfigurationType Text

-- | An Amazon Pinpoint analytics endpoint.
--   
--   An endpoint uniquely identifies a mobile device, email address, or
--   phone number that can receive messages from Amazon Pinpoint analytics.
--   
--   <i>See:</i> <a>analyticsMetadataType</a> smart constructor.
data AnalyticsMetadataType

-- | Creates a value of <a>AnalyticsMetadataType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>amtAnalyticsEndpointId</a> - The endpoint ID.</li>
--   </ul>
analyticsMetadataType :: AnalyticsMetadataType

-- | The endpoint ID.
amtAnalyticsEndpointId :: Lens' AnalyticsMetadataType (Maybe Text)

-- | Specifies whether the attribute is standard or custom.
--   
--   <i>See:</i> <a>attributeType</a> smart constructor.
data AttributeType

-- | Creates a value of <a>AttributeType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>atValue</a> - The value of the attribute.</li>
--   <li><a>atName</a> - The name of the attribute.</li>
--   </ul>
attributeType :: Text -> AttributeType

-- | The value of the attribute.
atValue :: Lens' AttributeType (Maybe Text)

-- | The name of the attribute.
atName :: Lens' AttributeType Text

-- | The authentication event type.
--   
--   <i>See:</i> <a>authEventType</a> smart constructor.
data AuthEventType

-- | Creates a value of <a>AuthEventType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aetEventRisk</a> - The event risk.</li>
--   <li><a>aetEventResponse</a> - The event response.</li>
--   <li><a>aetEventContextData</a> - The user context data captured at the
--   time of an event request. It provides additional information about the
--   client from which event the request is received.</li>
--   <li><a>aetChallengeResponses</a> - The challenge responses.</li>
--   <li><a>aetEventType</a> - The event type.</li>
--   <li><a>aetCreationDate</a> - The creation date</li>
--   <li><a>aetEventFeedback</a> - A flag specifying the user feedback
--   captured at the time of an event request is good or bad.</li>
--   <li><a>aetEventId</a> - The event ID.</li>
--   </ul>
authEventType :: AuthEventType

-- | The event risk.
aetEventRisk :: Lens' AuthEventType (Maybe EventRiskType)

-- | The event response.
aetEventResponse :: Lens' AuthEventType (Maybe EventResponseType)

-- | The user context data captured at the time of an event request. It
--   provides additional information about the client from which event the
--   request is received.
aetEventContextData :: Lens' AuthEventType (Maybe EventContextDataType)

-- | The challenge responses.
aetChallengeResponses :: Lens' AuthEventType [ChallengeResponseType]

-- | The event type.
aetEventType :: Lens' AuthEventType (Maybe EventType)

-- | The creation date
aetCreationDate :: Lens' AuthEventType (Maybe UTCTime)

-- | A flag specifying the user feedback captured at the time of an event
--   request is good or bad.
aetEventFeedback :: Lens' AuthEventType (Maybe EventFeedbackType)

-- | The event ID.
aetEventId :: Lens' AuthEventType (Maybe Text)

-- | The authentication result.
--   
--   <i>See:</i> <a>authenticationResultType</a> smart constructor.
data AuthenticationResultType

-- | Creates a value of <a>AuthenticationResultType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>artAccessToken</a> - The access token.</li>
--   <li><a>artRefreshToken</a> - The refresh token.</li>
--   <li><a>artNewDeviceMetadata</a> - The new device metadata from an
--   authentication result.</li>
--   <li><a>artExpiresIn</a> - The expiration period of the authentication
--   result.</li>
--   <li><a>artTokenType</a> - The token type.</li>
--   <li><a>artIdToken</a> - The ID token.</li>
--   </ul>
authenticationResultType :: AuthenticationResultType

-- | The access token.
artAccessToken :: Lens' AuthenticationResultType (Maybe Text)

-- | The refresh token.
artRefreshToken :: Lens' AuthenticationResultType (Maybe Text)

-- | The new device metadata from an authentication result.
artNewDeviceMetadata :: Lens' AuthenticationResultType (Maybe NewDeviceMetadataType)

-- | The expiration period of the authentication result.
artExpiresIn :: Lens' AuthenticationResultType (Maybe Int)

-- | The token type.
artTokenType :: Lens' AuthenticationResultType (Maybe Text)

-- | The ID token.
artIdToken :: Lens' AuthenticationResultType (Maybe Text)

-- | The challenge response type.
--   
--   <i>See:</i> <a>challengeResponseType</a> smart constructor.
data ChallengeResponseType

-- | Creates a value of <a>ChallengeResponseType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>crtChallengeName</a> - The challenge name</li>
--   <li><a>crtChallengeResponse</a> - The challenge response.</li>
--   </ul>
challengeResponseType :: ChallengeResponseType

-- | The challenge name
crtChallengeName :: Lens' ChallengeResponseType (Maybe ChallengeName)

-- | The challenge response.
crtChallengeResponse :: Lens' ChallengeResponseType (Maybe ChallengeResponse)

-- | The code delivery details being returned from the server.
--   
--   <i>See:</i> <a>codeDeliveryDetailsType</a> smart constructor.
data CodeDeliveryDetailsType

-- | Creates a value of <a>CodeDeliveryDetailsType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cddtDestination</a> - The destination for the code delivery
--   details.</li>
--   <li><a>cddtDeliveryMedium</a> - The delivery medium (email message or
--   phone number).</li>
--   <li><a>cddtAttributeName</a> - The attribute name.</li>
--   </ul>
codeDeliveryDetailsType :: CodeDeliveryDetailsType

-- | The destination for the code delivery details.
cddtDestination :: Lens' CodeDeliveryDetailsType (Maybe Text)

-- | The delivery medium (email message or phone number).
cddtDeliveryMedium :: Lens' CodeDeliveryDetailsType (Maybe DeliveryMediumType)

-- | The attribute name.
cddtAttributeName :: Lens' CodeDeliveryDetailsType (Maybe Text)

-- | The compromised credentials actions type
--   
--   <i>See:</i> <a>compromisedCredentialsActionsType</a> smart
--   constructor.
data CompromisedCredentialsActionsType

-- | Creates a value of <a>CompromisedCredentialsActionsType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ccatEventAction</a> - The event action.</li>
--   </ul>
compromisedCredentialsActionsType :: CompromisedCredentialsEventActionType -> CompromisedCredentialsActionsType

-- | The event action.
ccatEventAction :: Lens' CompromisedCredentialsActionsType CompromisedCredentialsEventActionType

-- | The compromised credentials risk configuration type.
--   
--   <i>See:</i> <a>compromisedCredentialsRiskConfigurationType</a> smart
--   constructor.
data CompromisedCredentialsRiskConfigurationType

-- | Creates a value of <a>CompromisedCredentialsRiskConfigurationType</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ccrctEventFilter</a> - Perform the action for these events. The
--   default is to perform all events if no event filter is specified.</li>
--   <li><a>ccrctActions</a> - The compromised credentials risk
--   configuration actions.</li>
--   </ul>
compromisedCredentialsRiskConfigurationType :: CompromisedCredentialsActionsType -> CompromisedCredentialsRiskConfigurationType

-- | Perform the action for these events. The default is to perform all
--   events if no event filter is specified.
ccrctEventFilter :: Lens' CompromisedCredentialsRiskConfigurationType [EventFilterType]

-- | The compromised credentials risk configuration actions.
ccrctActions :: Lens' CompromisedCredentialsRiskConfigurationType CompromisedCredentialsActionsType

-- | Contextual user data type used for evaluating the risk of an
--   unexpected event by Amazon Cognito advanced security.
--   
--   <i>See:</i> <a>contextDataType</a> smart constructor.
data ContextDataType

-- | Creates a value of <a>ContextDataType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cdtEncodedData</a> - Encoded data containing device
--   fingerprinting details, collected using the Amazon Cognito context
--   data collection library.</li>
--   <li><a>cdtIPAddress</a> - Source IP address of your user.</li>
--   <li><a>cdtServerName</a> - Your server endpoint where this API is
--   invoked.</li>
--   <li><a>cdtServerPath</a> - Your server path where this API is
--   invoked.</li>
--   <li><a>cdtHTTPHeaders</a> - HttpHeaders received on your server in
--   same order.</li>
--   </ul>
contextDataType :: Text -> Text -> Text -> ContextDataType

-- | Encoded data containing device fingerprinting details, collected using
--   the Amazon Cognito context data collection library.
cdtEncodedData :: Lens' ContextDataType (Maybe Text)

-- | Source IP address of your user.
cdtIPAddress :: Lens' ContextDataType Text

-- | Your server endpoint where this API is invoked.
cdtServerName :: Lens' ContextDataType Text

-- | Your server path where this API is invoked.
cdtServerPath :: Lens' ContextDataType Text

-- | HttpHeaders received on your server in same order.
cdtHTTPHeaders :: Lens' ContextDataType [HTTPHeader]

-- | The configuration for the user pool's device tracking.
--   
--   <i>See:</i> <a>deviceConfigurationType</a> smart constructor.
data DeviceConfigurationType

-- | Creates a value of <a>DeviceConfigurationType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dctChallengeRequiredOnNewDevice</a> - Indicates whether a
--   challenge is required on a new device. Only applicable to a new
--   device.</li>
--   <li><a>dctDeviceOnlyRememberedOnUserPrompt</a> - If true, a device is
--   only remembered on user prompt.</li>
--   </ul>
deviceConfigurationType :: DeviceConfigurationType

-- | Indicates whether a challenge is required on a new device. Only
--   applicable to a new device.
dctChallengeRequiredOnNewDevice :: Lens' DeviceConfigurationType (Maybe Bool)

-- | If true, a device is only remembered on user prompt.
dctDeviceOnlyRememberedOnUserPrompt :: Lens' DeviceConfigurationType (Maybe Bool)

-- | The device verifier against which it will be authenticated.
--   
--   <i>See:</i> <a>deviceSecretVerifierConfigType</a> smart constructor.
data DeviceSecretVerifierConfigType

-- | Creates a value of <a>DeviceSecretVerifierConfigType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dsvctPasswordVerifier</a> - The password verifier.</li>
--   <li><a>dsvctSalt</a> - The salt.</li>
--   </ul>
deviceSecretVerifierConfigType :: DeviceSecretVerifierConfigType

-- | The password verifier.
dsvctPasswordVerifier :: Lens' DeviceSecretVerifierConfigType (Maybe Text)

-- | The salt.
dsvctSalt :: Lens' DeviceSecretVerifierConfigType (Maybe Text)

-- | The device type.
--   
--   <i>See:</i> <a>deviceType</a> smart constructor.
data DeviceType

-- | Creates a value of <a>DeviceType</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dtDeviceLastModifiedDate</a> - The last modified date of the
--   device.</li>
--   <li><a>dtDeviceCreateDate</a> - The creation date of the device.</li>
--   <li><a>dtDeviceAttributes</a> - The device attributes.</li>
--   <li><a>dtDeviceKey</a> - The device key.</li>
--   <li><a>dtDeviceLastAuthenticatedDate</a> - The date in which the
--   device was last authenticated.</li>
--   </ul>
deviceType :: DeviceType

-- | The last modified date of the device.
dtDeviceLastModifiedDate :: Lens' DeviceType (Maybe UTCTime)

-- | The creation date of the device.
dtDeviceCreateDate :: Lens' DeviceType (Maybe UTCTime)

-- | The device attributes.
dtDeviceAttributes :: Lens' DeviceType [AttributeType]

-- | The device key.
dtDeviceKey :: Lens' DeviceType (Maybe Text)

-- | The date in which the device was last authenticated.
dtDeviceLastAuthenticatedDate :: Lens' DeviceType (Maybe UTCTime)

-- | A container for information about a domain.
--   
--   <i>See:</i> <a>domainDescriptionType</a> smart constructor.
data DomainDescriptionType

-- | Creates a value of <a>DomainDescriptionType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ddtStatus</a> - The domain status.</li>
--   <li><a>ddtCloudFrontDistribution</a> - The ARN of the CloudFront
--   distribution.</li>
--   <li><a>ddtUserPoolId</a> - The user pool ID.</li>
--   <li><a>ddtDomain</a> - The domain string.</li>
--   <li><a>ddtAWSAccountId</a> - The AWS account ID for the user pool
--   owner.</li>
--   <li><a>ddtVersion</a> - The app version.</li>
--   <li><a>ddtS3Bucket</a> - The S3 bucket where the static files for this
--   domain are stored.</li>
--   </ul>
domainDescriptionType :: DomainDescriptionType

-- | The domain status.
ddtStatus :: Lens' DomainDescriptionType (Maybe DomainStatusType)

-- | The ARN of the CloudFront distribution.
ddtCloudFrontDistribution :: Lens' DomainDescriptionType (Maybe Text)

-- | The user pool ID.
ddtUserPoolId :: Lens' DomainDescriptionType (Maybe Text)

-- | The domain string.
ddtDomain :: Lens' DomainDescriptionType (Maybe Text)

-- | The AWS account ID for the user pool owner.
ddtAWSAccountId :: Lens' DomainDescriptionType (Maybe Text)

-- | The app version.
ddtVersion :: Lens' DomainDescriptionType (Maybe Text)

-- | The S3 bucket where the static files for this domain are stored.
ddtS3Bucket :: Lens' DomainDescriptionType (Maybe Text)

-- | The email configuration type.
--   
--   <i>See:</i> <a>emailConfigurationType</a> smart constructor.
data EmailConfigurationType

-- | Creates a value of <a>EmailConfigurationType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ectSourceARN</a> - The Amazon Resource Name (ARN) of the email
--   source.</li>
--   <li><a>ectReplyToEmailAddress</a> - The destination to which the
--   receiver of the email should reply to.</li>
--   </ul>
emailConfigurationType :: EmailConfigurationType

-- | The Amazon Resource Name (ARN) of the email source.
ectSourceARN :: Lens' EmailConfigurationType (Maybe Text)

-- | The destination to which the receiver of the email should reply to.
ectReplyToEmailAddress :: Lens' EmailConfigurationType (Maybe Text)

-- | Specifies the user context data captured at the time of an event
--   request.
--   
--   <i>See:</i> <a>eventContextDataType</a> smart constructor.
data EventContextDataType

-- | Creates a value of <a>EventContextDataType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ecdtIPAddress</a> - The user's IP address.</li>
--   <li><a>ecdtCountry</a> - The user's country.</li>
--   <li><a>ecdtCity</a> - The user's city.</li>
--   <li><a>ecdtDeviceName</a> - The user's device name.</li>
--   <li><a>ecdtTimezone</a> - The user's time zone.</li>
--   </ul>
eventContextDataType :: EventContextDataType

-- | The user's IP address.
ecdtIPAddress :: Lens' EventContextDataType (Maybe Text)

-- | The user's country.
ecdtCountry :: Lens' EventContextDataType (Maybe Text)

-- | The user's city.
ecdtCity :: Lens' EventContextDataType (Maybe Text)

-- | The user's device name.
ecdtDeviceName :: Lens' EventContextDataType (Maybe Text)

-- | The user's time zone.
ecdtTimezone :: Lens' EventContextDataType (Maybe Text)

-- | Specifies the event feedback type.
--   
--   <i>See:</i> <a>eventFeedbackType</a> smart constructor.
data EventFeedbackType

-- | Creates a value of <a>EventFeedbackType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>eftFeedbackDate</a> - The event feedback date.</li>
--   <li><a>eftFeedbackValue</a> - The event feedback value.</li>
--   <li><a>eftProvider</a> - The provider.</li>
--   </ul>
eventFeedbackType :: FeedbackValueType -> Text -> EventFeedbackType

-- | The event feedback date.
eftFeedbackDate :: Lens' EventFeedbackType (Maybe UTCTime)

-- | The event feedback value.
eftFeedbackValue :: Lens' EventFeedbackType FeedbackValueType

-- | The provider.
eftProvider :: Lens' EventFeedbackType Text

-- | The event risk type.
--   
--   <i>See:</i> <a>eventRiskType</a> smart constructor.
data EventRiskType

-- | Creates a value of <a>EventRiskType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ertRiskLevel</a> - The risk level.</li>
--   <li><a>ertRiskDecision</a> - The risk decision.</li>
--   </ul>
eventRiskType :: EventRiskType

-- | The risk level.
ertRiskLevel :: Lens' EventRiskType (Maybe RiskLevelType)

-- | The risk decision.
ertRiskDecision :: Lens' EventRiskType (Maybe RiskDecisionType)

-- | The group type.
--   
--   <i>See:</i> <a>groupType</a> smart constructor.
data GroupType

-- | Creates a value of <a>GroupType</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gtLastModifiedDate</a> - The date the group was last
--   modified.</li>
--   <li><a>gtUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>gtCreationDate</a> - The date the group was created.</li>
--   <li><a>gtPrecedence</a> - A nonnegative integer value that specifies
--   the precedence of this group relative to the other groups that a user
--   can belong to in the user pool. If a user belongs to two or more
--   groups, it is the group with the highest precedence whose role ARN
--   will be used in the <tt>cognito:roles</tt> and
--   <tt>cognito:preferred_role</tt> claims in the user's tokens. Groups
--   with higher <tt>Precedence</tt> values take precedence over groups
--   with lower <tt>Precedence</tt> values or with null <tt>Precedence</tt>
--   values. Two groups can have the same <tt>Precedence</tt> value. If
--   this happens, neither group takes precedence over the other. If two
--   groups with the same <tt>Precedence</tt> have the same role ARN, that
--   role is used in the <tt>cognito:preferred_role</tt> claim in tokens
--   for users in each group. If the two groups have different role ARNs,
--   the <tt>cognito:preferred_role</tt> claim is not set in users' tokens.
--   The default <tt>Precedence</tt> value is null.</li>
--   <li><a>gtGroupName</a> - The name of the group.</li>
--   <li><a>gtDescription</a> - A string containing the description of the
--   group.</li>
--   <li><a>gtRoleARN</a> - The role ARN for the group.</li>
--   </ul>
groupType :: GroupType

-- | The date the group was last modified.
gtLastModifiedDate :: Lens' GroupType (Maybe UTCTime)

-- | The user pool ID for the user pool.
gtUserPoolId :: Lens' GroupType (Maybe Text)

-- | The date the group was created.
gtCreationDate :: Lens' GroupType (Maybe UTCTime)

-- | A nonnegative integer value that specifies the precedence of this
--   group relative to the other groups that a user can belong to in the
--   user pool. If a user belongs to two or more groups, it is the group
--   with the highest precedence whose role ARN will be used in the
--   <tt>cognito:roles</tt> and <tt>cognito:preferred_role</tt> claims in
--   the user's tokens. Groups with higher <tt>Precedence</tt> values take
--   precedence over groups with lower <tt>Precedence</tt> values or with
--   null <tt>Precedence</tt> values. Two groups can have the same
--   <tt>Precedence</tt> value. If this happens, neither group takes
--   precedence over the other. If two groups with the same
--   <tt>Precedence</tt> have the same role ARN, that role is used in the
--   <tt>cognito:preferred_role</tt> claim in tokens for users in each
--   group. If the two groups have different role ARNs, the
--   <tt>cognito:preferred_role</tt> claim is not set in users' tokens. The
--   default <tt>Precedence</tt> value is null.
gtPrecedence :: Lens' GroupType (Maybe Natural)

-- | The name of the group.
gtGroupName :: Lens' GroupType (Maybe Text)

-- | A string containing the description of the group.
gtDescription :: Lens' GroupType (Maybe Text)

-- | The role ARN for the group.
gtRoleARN :: Lens' GroupType (Maybe Text)

-- | The HTTP header.
--   
--   <i>See:</i> <a>hTTPHeader</a> smart constructor.
data HTTPHeader

-- | Creates a value of <a>HTTPHeader</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>httphHeaderValue</a> - The header value.</li>
--   <li><a>httphHeaderName</a> - The header name</li>
--   </ul>
hTTPHeader :: HTTPHeader

-- | The header value.
httphHeaderValue :: Lens' HTTPHeader (Maybe Text)

-- | The header name
httphHeaderName :: Lens' HTTPHeader (Maybe Text)

-- | A container for information about an identity provider.
--   
--   <i>See:</i> <a>identityProviderType</a> smart constructor.
data IdentityProviderType

-- | Creates a value of <a>IdentityProviderType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>iptLastModifiedDate</a> - The date the identity provider was
--   last modified.</li>
--   <li><a>iptUserPoolId</a> - The user pool ID.</li>
--   <li><a>iptProviderType</a> - The identity provider type.</li>
--   <li><a>iptCreationDate</a> - The date the identity provider was
--   created.</li>
--   <li><a>iptIdpIdentifiers</a> - A list of identity provider
--   identifiers.</li>
--   <li><a>iptAttributeMapping</a> - A mapping of identity provider
--   attributes to standard and custom user pool attributes.</li>
--   <li><a>iptProviderDetails</a> - The identity provider details, such as
--   <tt>MetadataURL</tt> and <tt>MetadataFile</tt> .</li>
--   <li><a>iptProviderName</a> - The identity provider name.</li>
--   </ul>
identityProviderType :: IdentityProviderType

-- | The date the identity provider was last modified.
iptLastModifiedDate :: Lens' IdentityProviderType (Maybe UTCTime)

-- | The user pool ID.
iptUserPoolId :: Lens' IdentityProviderType (Maybe Text)

-- | The identity provider type.
iptProviderType :: Lens' IdentityProviderType (Maybe IdentityProviderTypeType)

-- | The date the identity provider was created.
iptCreationDate :: Lens' IdentityProviderType (Maybe UTCTime)

-- | A list of identity provider identifiers.
iptIdpIdentifiers :: Lens' IdentityProviderType [Text]

-- | A mapping of identity provider attributes to standard and custom user
--   pool attributes.
iptAttributeMapping :: Lens' IdentityProviderType (HashMap Text Text)

-- | The identity provider details, such as <tt>MetadataURL</tt> and
--   <tt>MetadataFile</tt> .
iptProviderDetails :: Lens' IdentityProviderType (HashMap Text Text)

-- | The identity provider name.
iptProviderName :: Lens' IdentityProviderType (Maybe Text)

-- | Specifies the configuration for AWS Lambda triggers.
--   
--   <i>See:</i> <a>lambdaConfigType</a> smart constructor.
data LambdaConfigType

-- | Creates a value of <a>LambdaConfigType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lctPreAuthentication</a> - A pre-authentication AWS Lambda
--   trigger.</li>
--   <li><a>lctCreateAuthChallenge</a> - Creates an authentication
--   challenge.</li>
--   <li><a>lctVerifyAuthChallengeResponse</a> - Verifies the
--   authentication challenge response.</li>
--   <li><a>lctPostAuthentication</a> - A post-authentication AWS Lambda
--   trigger.</li>
--   <li><a>lctCustomMessage</a> - A custom Message AWS Lambda
--   trigger.</li>
--   <li><a>lctDefineAuthChallenge</a> - Defines the authentication
--   challenge.</li>
--   <li><a>lctPostConfirmation</a> - A post-confirmation AWS Lambda
--   trigger.</li>
--   <li><a>lctPreTokenGeneration</a> - A Lambda trigger that is invoked
--   before token generation.</li>
--   <li><a>lctUserMigration</a> - The user migration Lambda config
--   type.</li>
--   <li><a>lctPreSignUp</a> - A pre-registration AWS Lambda trigger.</li>
--   </ul>
lambdaConfigType :: LambdaConfigType

-- | A pre-authentication AWS Lambda trigger.
lctPreAuthentication :: Lens' LambdaConfigType (Maybe Text)

-- | Creates an authentication challenge.
lctCreateAuthChallenge :: Lens' LambdaConfigType (Maybe Text)

-- | Verifies the authentication challenge response.
lctVerifyAuthChallengeResponse :: Lens' LambdaConfigType (Maybe Text)

-- | A post-authentication AWS Lambda trigger.
lctPostAuthentication :: Lens' LambdaConfigType (Maybe Text)

-- | A custom Message AWS Lambda trigger.
lctCustomMessage :: Lens' LambdaConfigType (Maybe Text)

-- | Defines the authentication challenge.
lctDefineAuthChallenge :: Lens' LambdaConfigType (Maybe Text)

-- | A post-confirmation AWS Lambda trigger.
lctPostConfirmation :: Lens' LambdaConfigType (Maybe Text)

-- | A Lambda trigger that is invoked before token generation.
lctPreTokenGeneration :: Lens' LambdaConfigType (Maybe Text)

-- | The user migration Lambda config type.
lctUserMigration :: Lens' LambdaConfigType (Maybe Text)

-- | A pre-registration AWS Lambda trigger.
lctPreSignUp :: Lens' LambdaConfigType (Maybe Text)

-- | Specifies the different settings for multi-factor authentication
--   (MFA).
--   
--   <i>See:</i> <a>mfaOptionType</a> smart constructor.
data MFAOptionType

-- | Creates a value of <a>MFAOptionType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>motDeliveryMedium</a> - The delivery medium (email message or
--   SMS message) to send the MFA code.</li>
--   <li><a>motAttributeName</a> - The attribute name of the MFA option
--   type.</li>
--   </ul>
mfaOptionType :: MFAOptionType

-- | The delivery medium (email message or SMS message) to send the MFA
--   code.
motDeliveryMedium :: Lens' MFAOptionType (Maybe DeliveryMediumType)

-- | The attribute name of the MFA option type.
motAttributeName :: Lens' MFAOptionType (Maybe Text)

-- | The message template structure.
--   
--   <i>See:</i> <a>messageTemplateType</a> smart constructor.
data MessageTemplateType

-- | Creates a value of <a>MessageTemplateType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>mttEmailSubject</a> - The subject line for email messages.</li>
--   <li><a>mttSMSMessage</a> - The message template for SMS messages.</li>
--   <li><a>mttEmailMessage</a> - The message template for email
--   messages.</li>
--   </ul>
messageTemplateType :: MessageTemplateType

-- | The subject line for email messages.
mttEmailSubject :: Lens' MessageTemplateType (Maybe Text)

-- | The message template for SMS messages.
mttSMSMessage :: Lens' MessageTemplateType (Maybe Text)

-- | The message template for email messages.
mttEmailMessage :: Lens' MessageTemplateType (Maybe Text)

-- | The new device metadata type.
--   
--   <i>See:</i> <a>newDeviceMetadataType</a> smart constructor.
data NewDeviceMetadataType

-- | Creates a value of <a>NewDeviceMetadataType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ndmtDeviceGroupKey</a> - The device group key.</li>
--   <li><a>ndmtDeviceKey</a> - The device key.</li>
--   </ul>
newDeviceMetadataType :: NewDeviceMetadataType

-- | The device group key.
ndmtDeviceGroupKey :: Lens' NewDeviceMetadataType (Maybe Text)

-- | The device key.
ndmtDeviceKey :: Lens' NewDeviceMetadataType (Maybe Text)

-- | The notify configuration type.
--   
--   <i>See:</i> <a>notifyConfigurationType</a> smart constructor.
data NotifyConfigurationType

-- | Creates a value of <a>NotifyConfigurationType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>nctNoActionEmail</a> - The email template used when a detected
--   risk event is allowed.</li>
--   <li><a>nctFrom</a> - The email address that is sending the email. It
--   must be either individually verified with Amazon SES, or from a domain
--   that has been verified with Amazon SES.</li>
--   <li><a>nctReplyTo</a> - The destination to which the receiver of an
--   email should reply to.</li>
--   <li><a>nctBlockEmail</a> - Email template used when a detected risk
--   event is blocked.</li>
--   <li><a>nctMFAEmail</a> - The MFA email template used when MFA is
--   challenged as part of a detected risk.</li>
--   <li><a>nctSourceARN</a> - The Amazon Resource Name (ARN) of the
--   identity that is associated with the sending authorization policy. It
--   permits Amazon Cognito to send for the email address specified in the
--   <tt>From</tt> parameter.</li>
--   </ul>
notifyConfigurationType :: Text -> NotifyConfigurationType

-- | The email template used when a detected risk event is allowed.
nctNoActionEmail :: Lens' NotifyConfigurationType (Maybe NotifyEmailType)

-- | The email address that is sending the email. It must be either
--   individually verified with Amazon SES, or from a domain that has been
--   verified with Amazon SES.
nctFrom :: Lens' NotifyConfigurationType (Maybe Text)

-- | The destination to which the receiver of an email should reply to.
nctReplyTo :: Lens' NotifyConfigurationType (Maybe Text)

-- | Email template used when a detected risk event is blocked.
nctBlockEmail :: Lens' NotifyConfigurationType (Maybe NotifyEmailType)

-- | The MFA email template used when MFA is challenged as part of a
--   detected risk.
nctMFAEmail :: Lens' NotifyConfigurationType (Maybe NotifyEmailType)

-- | The Amazon Resource Name (ARN) of the identity that is associated with
--   the sending authorization policy. It permits Amazon Cognito to send
--   for the email address specified in the <tt>From</tt> parameter.
nctSourceARN :: Lens' NotifyConfigurationType Text

-- | The notify email type.
--   
--   <i>See:</i> <a>notifyEmailType</a> smart constructor.
data NotifyEmailType

-- | Creates a value of <a>NotifyEmailType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>netTextBody</a> - The text body.</li>
--   <li><a>netHTMLBody</a> - The HTML body.</li>
--   <li><a>netSubject</a> - The subject.</li>
--   </ul>
notifyEmailType :: Text -> NotifyEmailType

-- | The text body.
netTextBody :: Lens' NotifyEmailType (Maybe Text)

-- | The HTML body.
netHTMLBody :: Lens' NotifyEmailType (Maybe Text)

-- | The subject.
netSubject :: Lens' NotifyEmailType Text

-- | The minimum and maximum value of an attribute that is of the number
--   data type.
--   
--   <i>See:</i> <a>numberAttributeConstraintsType</a> smart constructor.
data NumberAttributeConstraintsType

-- | Creates a value of <a>NumberAttributeConstraintsType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>nactMaxValue</a> - The maximum value of an attribute that is of
--   the number data type.</li>
--   <li><a>nactMinValue</a> - The minimum value of an attribute that is of
--   the number data type.</li>
--   </ul>
numberAttributeConstraintsType :: NumberAttributeConstraintsType

-- | The maximum value of an attribute that is of the number data type.
nactMaxValue :: Lens' NumberAttributeConstraintsType (Maybe Text)

-- | The minimum value of an attribute that is of the number data type.
nactMinValue :: Lens' NumberAttributeConstraintsType (Maybe Text)

-- | The password policy type.
--   
--   <i>See:</i> <a>passwordPolicyType</a> smart constructor.
data PasswordPolicyType

-- | Creates a value of <a>PasswordPolicyType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pptRequireNumbers</a> - In the password policy that you have
--   set, refers to whether you have required users to use at least one
--   number in their password.</li>
--   <li><a>pptRequireUppercase</a> - In the password policy that you have
--   set, refers to whether you have required users to use at least one
--   uppercase letter in their password.</li>
--   <li><a>pptRequireLowercase</a> - In the password policy that you have
--   set, refers to whether you have required users to use at least one
--   lowercase letter in their password.</li>
--   <li><a>pptMinimumLength</a> - The minimum length of the password
--   policy that you have set. Cannot be less than 6.</li>
--   <li><a>pptRequireSymbols</a> - In the password policy that you have
--   set, refers to whether you have required users to use at least one
--   symbol in their password.</li>
--   </ul>
passwordPolicyType :: PasswordPolicyType

-- | In the password policy that you have set, refers to whether you have
--   required users to use at least one number in their password.
pptRequireNumbers :: Lens' PasswordPolicyType (Maybe Bool)

-- | In the password policy that you have set, refers to whether you have
--   required users to use at least one uppercase letter in their password.
pptRequireUppercase :: Lens' PasswordPolicyType (Maybe Bool)

-- | In the password policy that you have set, refers to whether you have
--   required users to use at least one lowercase letter in their password.
pptRequireLowercase :: Lens' PasswordPolicyType (Maybe Bool)

-- | The minimum length of the password policy that you have set. Cannot be
--   less than 6.
pptMinimumLength :: Lens' PasswordPolicyType (Maybe Natural)

-- | In the password policy that you have set, refers to whether you have
--   required users to use at least one symbol in their password.
pptRequireSymbols :: Lens' PasswordPolicyType (Maybe Bool)

-- | A container for identity provider details.
--   
--   <i>See:</i> <a>providerDescription</a> smart constructor.
data ProviderDescription

-- | Creates a value of <a>ProviderDescription</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pdLastModifiedDate</a> - The date the provider was last
--   modified.</li>
--   <li><a>pdProviderType</a> - The identity provider type.</li>
--   <li><a>pdCreationDate</a> - The date the provider was added to the
--   user pool.</li>
--   <li><a>pdProviderName</a> - The identity provider name.</li>
--   </ul>
providerDescription :: ProviderDescription

-- | The date the provider was last modified.
pdLastModifiedDate :: Lens' ProviderDescription (Maybe UTCTime)

-- | The identity provider type.
pdProviderType :: Lens' ProviderDescription (Maybe IdentityProviderTypeType)

-- | The date the provider was added to the user pool.
pdCreationDate :: Lens' ProviderDescription (Maybe UTCTime)

-- | The identity provider name.
pdProviderName :: Lens' ProviderDescription (Maybe Text)

-- | A container for information about an identity provider for a user
--   pool.
--   
--   <i>See:</i> <a>providerUserIdentifierType</a> smart constructor.
data ProviderUserIdentifierType

-- | Creates a value of <a>ProviderUserIdentifierType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>puitProviderAttributeValue</a> - The value of the provider
--   attribute to link to, for example, <tt>xxxxx_account</tt> .</li>
--   <li><a>puitProviderAttributeName</a> - The name of the provider
--   attribute to link to, for example, <tt>NameID</tt> .</li>
--   <li><a>puitProviderName</a> - The name of the provider, for example,
--   Facebook, Google, or Login with Amazon.</li>
--   </ul>
providerUserIdentifierType :: ProviderUserIdentifierType

-- | The value of the provider attribute to link to, for example,
--   <tt>xxxxx_account</tt> .
puitProviderAttributeValue :: Lens' ProviderUserIdentifierType (Maybe Text)

-- | The name of the provider attribute to link to, for example,
--   <tt>NameID</tt> .
puitProviderAttributeName :: Lens' ProviderUserIdentifierType (Maybe Text)

-- | The name of the provider, for example, Facebook, Google, or Login with
--   Amazon.
puitProviderName :: Lens' ProviderUserIdentifierType (Maybe Text)

-- | A resource server scope.
--   
--   <i>See:</i> <a>resourceServerScopeType</a> smart constructor.
data ResourceServerScopeType

-- | Creates a value of <a>ResourceServerScopeType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rsstScopeName</a> - The name of the scope.</li>
--   <li><a>rsstScopeDescription</a> - A description of the scope.</li>
--   </ul>
resourceServerScopeType :: Text -> Text -> ResourceServerScopeType

-- | The name of the scope.
rsstScopeName :: Lens' ResourceServerScopeType Text

-- | A description of the scope.
rsstScopeDescription :: Lens' ResourceServerScopeType Text

-- | A container for information about a resource server for a user pool.
--   
--   <i>See:</i> <a>resourceServerType</a> smart constructor.
data ResourceServerType

-- | Creates a value of <a>ResourceServerType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rstUserPoolId</a> - The user pool ID for the user pool that
--   hosts the resource server.</li>
--   <li><a>rstIdentifier</a> - The identifier for the resource
--   server.</li>
--   <li><a>rstScopes</a> - A list of scopes that are defined for the
--   resource server.</li>
--   <li><a>rstName</a> - The name of the resource server.</li>
--   </ul>
resourceServerType :: ResourceServerType

-- | The user pool ID for the user pool that hosts the resource server.
rstUserPoolId :: Lens' ResourceServerType (Maybe Text)

-- | The identifier for the resource server.
rstIdentifier :: Lens' ResourceServerType (Maybe Text)

-- | A list of scopes that are defined for the resource server.
rstScopes :: Lens' ResourceServerType [ResourceServerScopeType]

-- | The name of the resource server.
rstName :: Lens' ResourceServerType (Maybe Text)

-- | The risk configuration type.
--   
--   <i>See:</i> <a>riskConfigurationType</a> smart constructor.
data RiskConfigurationType

-- | Creates a value of <a>RiskConfigurationType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rctRiskExceptionConfiguration</a> - The configuration to
--   override the risk decision.</li>
--   <li><a>rctClientId</a> - The app client ID.</li>
--   <li><a>rctAccountTakeoverRiskConfiguration</a> - The account takeover
--   risk configuration object including the <tt>NotifyConfiguration</tt>
--   object and <tt>Actions</tt> to take in the case of an account
--   takeover.</li>
--   <li><a>rctLastModifiedDate</a> - The last modified date.</li>
--   <li><a>rctUserPoolId</a> - The user pool ID.</li>
--   <li><a>rctCompromisedCredentialsRiskConfiguration</a> - The
--   compromised credentials risk configuration object including the
--   <tt>EventFilter</tt> and the <tt>EventAction</tt></li>
--   </ul>
riskConfigurationType :: RiskConfigurationType

-- | The configuration to override the risk decision.
rctRiskExceptionConfiguration :: Lens' RiskConfigurationType (Maybe RiskExceptionConfigurationType)

-- | The app client ID.
rctClientId :: Lens' RiskConfigurationType (Maybe Text)

-- | The account takeover risk configuration object including the
--   <tt>NotifyConfiguration</tt> object and <tt>Actions</tt> to take in
--   the case of an account takeover.
rctAccountTakeoverRiskConfiguration :: Lens' RiskConfigurationType (Maybe AccountTakeoverRiskConfigurationType)

-- | The last modified date.
rctLastModifiedDate :: Lens' RiskConfigurationType (Maybe UTCTime)

-- | The user pool ID.
rctUserPoolId :: Lens' RiskConfigurationType (Maybe Text)

-- | The compromised credentials risk configuration object including the
--   <tt>EventFilter</tt> and the <tt>EventAction</tt>
rctCompromisedCredentialsRiskConfiguration :: Lens' RiskConfigurationType (Maybe CompromisedCredentialsRiskConfigurationType)

-- | The type of the configuration to override the risk decision.
--   
--   <i>See:</i> <a>riskExceptionConfigurationType</a> smart constructor.
data RiskExceptionConfigurationType

-- | Creates a value of <a>RiskExceptionConfigurationType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rectSkippedIPRangeList</a> - Risk detection is not performed on
--   the IP addresses in the range list. The IP range is in CIDR
--   notation.</li>
--   <li><a>rectBlockedIPRangeList</a> - Overrides the risk decision to
--   always block the pre-authentication requests. The IP range is in CIDR
--   notation: a compact representation of an IP address and its associated
--   routing prefix.</li>
--   </ul>
riskExceptionConfigurationType :: RiskExceptionConfigurationType

-- | Risk detection is not performed on the IP addresses in the range list.
--   The IP range is in CIDR notation.
rectSkippedIPRangeList :: Lens' RiskExceptionConfigurationType [Text]

-- | Overrides the risk decision to always block the pre-authentication
--   requests. The IP range is in CIDR notation: a compact representation
--   of an IP address and its associated routing prefix.
rectBlockedIPRangeList :: Lens' RiskExceptionConfigurationType [Text]

-- | The SMS multi-factor authentication (MFA) settings type.
--   
--   <i>See:</i> <a>sMSMFASettingsType</a> smart constructor.
data SMSMFASettingsType

-- | Creates a value of <a>SMSMFASettingsType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>smsmstEnabled</a> - Specifies whether SMS text message MFA is
--   enabled.</li>
--   <li><a>smsmstPreferredMFA</a> - The preferred MFA method.</li>
--   </ul>
sMSMFASettingsType :: SMSMFASettingsType

-- | Specifies whether SMS text message MFA is enabled.
smsmstEnabled :: Lens' SMSMFASettingsType (Maybe Bool)

-- | The preferred MFA method.
smsmstPreferredMFA :: Lens' SMSMFASettingsType (Maybe Bool)

-- | Contains information about the schema attribute.
--   
--   <i>See:</i> <a>schemaAttributeType</a> smart constructor.
data SchemaAttributeType

-- | Creates a value of <a>SchemaAttributeType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>satNumberAttributeConstraints</a> - Specifies the constraints
--   for an attribute of the number type.</li>
--   <li><a>satRequired</a> - Specifies whether a user pool attribute is
--   required. If the attribute is required and the user does not provide a
--   value, registration or sign-in will fail.</li>
--   <li><a>satAttributeDataType</a> - The attribute data type.</li>
--   <li><a>satStringAttributeConstraints</a> - Specifies the constraints
--   for an attribute of the string type.</li>
--   <li><a>satName</a> - A schema attribute of the name type.</li>
--   <li><a>satDeveloperOnlyAttribute</a> - Specifies whether the attribute
--   type is developer only.</li>
--   <li><a>satMutable</a> - Specifies whether the attribute can be changed
--   once it has been created.</li>
--   </ul>
schemaAttributeType :: SchemaAttributeType

-- | Specifies the constraints for an attribute of the number type.
satNumberAttributeConstraints :: Lens' SchemaAttributeType (Maybe NumberAttributeConstraintsType)

-- | Specifies whether a user pool attribute is required. If the attribute
--   is required and the user does not provide a value, registration or
--   sign-in will fail.
satRequired :: Lens' SchemaAttributeType (Maybe Bool)

-- | The attribute data type.
satAttributeDataType :: Lens' SchemaAttributeType (Maybe AttributeDataType)

-- | Specifies the constraints for an attribute of the string type.
satStringAttributeConstraints :: Lens' SchemaAttributeType (Maybe StringAttributeConstraintsType)

-- | A schema attribute of the name type.
satName :: Lens' SchemaAttributeType (Maybe Text)

-- | Specifies whether the attribute type is developer only.
satDeveloperOnlyAttribute :: Lens' SchemaAttributeType (Maybe Bool)

-- | Specifies whether the attribute can be changed once it has been
--   created.
satMutable :: Lens' SchemaAttributeType (Maybe Bool)

-- | The SMS configuration type.
--   
--   <i>See:</i> <a>smsConfigurationType</a> smart constructor.
data SmsConfigurationType

-- | Creates a value of <a>SmsConfigurationType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sctExternalId</a> - The external ID.</li>
--   <li><a>sctSNSCallerARN</a> - The Amazon Resource Name (ARN) of the
--   Amazon Simple Notification Service (SNS) caller.</li>
--   </ul>
smsConfigurationType :: Text -> SmsConfigurationType

-- | The external ID.
sctExternalId :: Lens' SmsConfigurationType (Maybe Text)

-- | The Amazon Resource Name (ARN) of the Amazon Simple Notification
--   Service (SNS) caller.
sctSNSCallerARN :: Lens' SmsConfigurationType Text

-- | The SMS text message multi-factor authentication (MFA) configuration
--   type.
--   
--   <i>See:</i> <a>smsMFAConfigType</a> smart constructor.
data SmsMFAConfigType

-- | Creates a value of <a>SmsMFAConfigType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>smctSmsAuthenticationMessage</a> - The SMS authentication
--   message.</li>
--   <li><a>smctSmsConfiguration</a> - The SMS configuration.</li>
--   </ul>
smsMFAConfigType :: SmsMFAConfigType

-- | The SMS authentication message.
smctSmsAuthenticationMessage :: Lens' SmsMFAConfigType (Maybe Text)

-- | The SMS configuration.
smctSmsConfiguration :: Lens' SmsMFAConfigType (Maybe SmsConfigurationType)

-- | The type used for enabling software token MFA at the user pool level.
--   
--   <i>See:</i> <a>softwareTokenMFAConfigType</a> smart constructor.
data SoftwareTokenMFAConfigType

-- | Creates a value of <a>SoftwareTokenMFAConfigType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>stmctEnabled</a> - Specifies whether software token MFA is
--   enabled.</li>
--   </ul>
softwareTokenMFAConfigType :: SoftwareTokenMFAConfigType

-- | Specifies whether software token MFA is enabled.
stmctEnabled :: Lens' SoftwareTokenMFAConfigType (Maybe Bool)

-- | The type used for enabling software token MFA at the user level.
--   
--   <i>See:</i> <a>softwareTokenMFASettingsType</a> smart constructor.
data SoftwareTokenMFASettingsType

-- | Creates a value of <a>SoftwareTokenMFASettingsType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>stmstEnabled</a> - Specifies whether software token MFA is
--   enabled.</li>
--   <li><a>stmstPreferredMFA</a> - The preferred MFA method.</li>
--   </ul>
softwareTokenMFASettingsType :: SoftwareTokenMFASettingsType

-- | Specifies whether software token MFA is enabled.
stmstEnabled :: Lens' SoftwareTokenMFASettingsType (Maybe Bool)

-- | The preferred MFA method.
stmstPreferredMFA :: Lens' SoftwareTokenMFASettingsType (Maybe Bool)

-- | The constraints associated with a string attribute.
--   
--   <i>See:</i> <a>stringAttributeConstraintsType</a> smart constructor.
data StringAttributeConstraintsType

-- | Creates a value of <a>StringAttributeConstraintsType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sactMaxLength</a> - The maximum length.</li>
--   <li><a>sactMinLength</a> - The minimum length.</li>
--   </ul>
stringAttributeConstraintsType :: StringAttributeConstraintsType

-- | The maximum length.
sactMaxLength :: Lens' StringAttributeConstraintsType (Maybe Text)

-- | The minimum length.
sactMinLength :: Lens' StringAttributeConstraintsType (Maybe Text)

-- | A container for the UI customization information for a user pool's
--   built-in app UI.
--   
--   <i>See:</i> <a>uICustomizationType</a> smart constructor.
data UICustomizationType

-- | Creates a value of <a>UICustomizationType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uictClientId</a> - The client ID for the client app.</li>
--   <li><a>uictLastModifiedDate</a> - The last-modified date for the UI
--   customization.</li>
--   <li><a>uictUserPoolId</a> - The user pool ID for the user pool.</li>
--   <li><a>uictCSS</a> - The CSS values in the UI customization.</li>
--   <li><a>uictCSSVersion</a> - The CSS version number.</li>
--   <li><a>uictImageURL</a> - The logo image for the UI
--   customization.</li>
--   <li><a>uictCreationDate</a> - The creation date for the UI
--   customization.</li>
--   </ul>
uICustomizationType :: UICustomizationType

-- | The client ID for the client app.
uictClientId :: Lens' UICustomizationType (Maybe Text)

-- | The last-modified date for the UI customization.
uictLastModifiedDate :: Lens' UICustomizationType (Maybe UTCTime)

-- | The user pool ID for the user pool.
uictUserPoolId :: Lens' UICustomizationType (Maybe Text)

-- | The CSS values in the UI customization.
uictCSS :: Lens' UICustomizationType (Maybe Text)

-- | The CSS version number.
uictCSSVersion :: Lens' UICustomizationType (Maybe Text)

-- | The logo image for the UI customization.
uictImageURL :: Lens' UICustomizationType (Maybe Text)

-- | The creation date for the UI customization.
uictCreationDate :: Lens' UICustomizationType (Maybe UTCTime)

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
--   
--   <i>See:</i> <a>userContextDataType</a> smart constructor.
data UserContextDataType

-- | Creates a value of <a>UserContextDataType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ucdtEncodedData</a> - Contextual data such as the user's device
--   fingerprint, IP address, or location used for evaluating the risk of
--   an unexpected event by Amazon Cognito advanced security.</li>
--   </ul>
userContextDataType :: UserContextDataType

-- | Contextual data such as the user's device fingerprint, IP address, or
--   location used for evaluating the risk of an unexpected event by Amazon
--   Cognito advanced security.
ucdtEncodedData :: Lens' UserContextDataType (Maybe Text)

-- | The user import job type.
--   
--   <i>See:</i> <a>userImportJobType</a> smart constructor.
data UserImportJobType

-- | Creates a value of <a>UserImportJobType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uijtStatus</a> - The status of the user import job. One of the
--   following: * <tt>Created</tt> - The job was created but not started. *
--   <tt>Pending</tt> - A transition state. You have started the job, but
--   it has not begun importing users yet. * <tt>InProgress</tt> - The job
--   has started, and users are being imported. * <tt>Stopping</tt> - You
--   have stopped the job, but the job has not stopped importing users yet.
--   * <tt>Stopped</tt> - You have stopped the job, and the job has stopped
--   importing users. * <tt>Succeeded</tt> - The job has completed
--   successfully. * <tt>Failed</tt> - The job has stopped due to an error.
--   * <tt>Expired</tt> - You created a job, but did not start the job
--   within 24-48 hours. All data associated with the job was deleted, and
--   the job cannot be started.</li>
--   <li><a>uijtSkippedUsers</a> - The number of users that were
--   skipped.</li>
--   <li><a>uijtJobId</a> - The job ID for the user import job.</li>
--   <li><a>uijtUserPoolId</a> - The user pool ID for the user pool that
--   the users are being imported into.</li>
--   <li><a>uijtJobName</a> - The job name for the user import job.</li>
--   <li><a>uijtPreSignedURL</a> - The pre-signed URL to be used to upload
--   the <tt>.csv</tt> file.</li>
--   <li><a>uijtFailedUsers</a> - The number of users that could not be
--   imported.</li>
--   <li><a>uijtStartDate</a> - The date when the user import job was
--   started.</li>
--   <li><a>uijtCompletionMessage</a> - The message returned when the user
--   import job is completed.</li>
--   <li><a>uijtCreationDate</a> - The date the user import job was
--   created.</li>
--   <li><a>uijtCompletionDate</a> - The date when the user import job was
--   completed.</li>
--   <li><a>uijtCloudWatchLogsRoleARN</a> - The role ARN for the Amazon
--   CloudWatch Logging role for the user import job. For more information,
--   see "Creating the CloudWatch Logs IAM Role" in the Amazon Cognito
--   Developer Guide.</li>
--   <li><a>uijtImportedUsers</a> - The number of users that were
--   successfully imported.</li>
--   </ul>
userImportJobType :: UserImportJobType

-- | The status of the user import job. One of the following: *
--   <tt>Created</tt> - The job was created but not started. *
--   <tt>Pending</tt> - A transition state. You have started the job, but
--   it has not begun importing users yet. * <tt>InProgress</tt> - The job
--   has started, and users are being imported. * <tt>Stopping</tt> - You
--   have stopped the job, but the job has not stopped importing users yet.
--   * <tt>Stopped</tt> - You have stopped the job, and the job has stopped
--   importing users. * <tt>Succeeded</tt> - The job has completed
--   successfully. * <tt>Failed</tt> - The job has stopped due to an error.
--   * <tt>Expired</tt> - You created a job, but did not start the job
--   within 24-48 hours. All data associated with the job was deleted, and
--   the job cannot be started.
uijtStatus :: Lens' UserImportJobType (Maybe UserImportJobStatusType)

-- | The number of users that were skipped.
uijtSkippedUsers :: Lens' UserImportJobType (Maybe Integer)

-- | The job ID for the user import job.
uijtJobId :: Lens' UserImportJobType (Maybe Text)

-- | The user pool ID for the user pool that the users are being imported
--   into.
uijtUserPoolId :: Lens' UserImportJobType (Maybe Text)

-- | The job name for the user import job.
uijtJobName :: Lens' UserImportJobType (Maybe Text)

-- | The pre-signed URL to be used to upload the <tt>.csv</tt> file.
uijtPreSignedURL :: Lens' UserImportJobType (Maybe Text)

-- | The number of users that could not be imported.
uijtFailedUsers :: Lens' UserImportJobType (Maybe Integer)

-- | The date when the user import job was started.
uijtStartDate :: Lens' UserImportJobType (Maybe UTCTime)

-- | The message returned when the user import job is completed.
uijtCompletionMessage :: Lens' UserImportJobType (Maybe Text)

-- | The date the user import job was created.
uijtCreationDate :: Lens' UserImportJobType (Maybe UTCTime)

-- | The date when the user import job was completed.
uijtCompletionDate :: Lens' UserImportJobType (Maybe UTCTime)

-- | The role ARN for the Amazon CloudWatch Logging role for the user
--   import job. For more information, see "Creating the CloudWatch Logs
--   IAM Role" in the Amazon Cognito Developer Guide.
uijtCloudWatchLogsRoleARN :: Lens' UserImportJobType (Maybe Text)

-- | The number of users that were successfully imported.
uijtImportedUsers :: Lens' UserImportJobType (Maybe Integer)

-- | The user pool add-ons type.
--   
--   <i>See:</i> <a>userPoolAddOnsType</a> smart constructor.
data UserPoolAddOnsType

-- | Creates a value of <a>UserPoolAddOnsType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>upaotAdvancedSecurityMode</a> - The advanced security
--   mode.</li>
--   </ul>
userPoolAddOnsType :: AdvancedSecurityModeType -> UserPoolAddOnsType

-- | The advanced security mode.
upaotAdvancedSecurityMode :: Lens' UserPoolAddOnsType AdvancedSecurityModeType

-- | The description of the user pool client.
--   
--   <i>See:</i> <a>userPoolClientDescription</a> smart constructor.
data UserPoolClientDescription

-- | Creates a value of <a>UserPoolClientDescription</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>upcdClientId</a> - The ID of the client associated with the
--   user pool.</li>
--   <li><a>upcdUserPoolId</a> - The user pool ID for the user pool where
--   you want to describe the user pool client.</li>
--   <li><a>upcdClientName</a> - The client name from the user pool client
--   description.</li>
--   </ul>
userPoolClientDescription :: UserPoolClientDescription

-- | The ID of the client associated with the user pool.
upcdClientId :: Lens' UserPoolClientDescription (Maybe Text)

-- | The user pool ID for the user pool where you want to describe the user
--   pool client.
upcdUserPoolId :: Lens' UserPoolClientDescription (Maybe Text)

-- | The client name from the user pool client description.
upcdClientName :: Lens' UserPoolClientDescription (Maybe Text)

-- | Contains information about a user pool client.
--   
--   <i>See:</i> <a>userPoolClientType</a> smart constructor.
data UserPoolClientType

-- | Creates a value of <a>UserPoolClientType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>upctRefreshTokenValidity</a> - The time limit, in days, after
--   which the refresh token is no longer valid and cannot be used.</li>
--   <li><a>upctClientId</a> - The ID of the client associated with the
--   user pool.</li>
--   <li><a>upctExplicitAuthFlows</a> - The explicit authentication
--   flows.</li>
--   <li><a>upctClientSecret</a> - The client secret from the user pool
--   request of the client type.</li>
--   <li><a>upctLastModifiedDate</a> - The date the user pool client was
--   last modified.</li>
--   <li><a>upctSupportedIdentityProviders</a> - A list of provider names
--   for the identity providers that are supported on this client.</li>
--   <li><a>upctLogoutURLs</a> - A list of allowed logout URLs for the
--   identity providers.</li>
--   <li><a>upctAllowedOAuthFlowsUserPoolClient</a> - Set to TRUE if the
--   client is allowed to follow the OAuth protocol when interacting with
--   Cognito user pools.</li>
--   <li><a>upctUserPoolId</a> - The user pool ID for the user pool
--   client.</li>
--   <li><a>upctDefaultRedirectURI</a> - The default redirect URI. Must be
--   in the <tt>CallbackURLs</tt> list.</li>
--   <li><a>upctWriteAttributes</a> - The writeable attributes.</li>
--   <li><a>upctCreationDate</a> - The date the user pool client was
--   created.</li>
--   <li><a>upctReadAttributes</a> - The Read-only attributes.</li>
--   <li><a>upctAllowedOAuthScopes</a> - A list of allowed <tt>OAuth</tt>
--   scopes. Currently supported values are <tt>"phone"</tt> ,
--   <tt>"email"</tt> , <tt>"openid"</tt> , and <tt><a>Cognito</a></tt>
--   .</li>
--   <li><a>upctAllowedOAuthFlows</a> - Set to <tt>code</tt> to initiate a
--   code grant flow, which provides an authorization code as the response.
--   This code can be exchanged for access tokens with the token endpoint.
--   Set to <tt>token</tt> to specify that the client should get the access
--   token (and, optionally, ID token, based on scopes) directly.</li>
--   <li><a>upctAnalyticsConfiguration</a> - The Amazon Pinpoint analytics
--   configuration for the user pool client.</li>
--   <li><a>upctClientName</a> - The client name from the user pool request
--   of the client type.</li>
--   <li><a>upctCallbackURLs</a> - A list of allowed callback URLs for the
--   identity providers.</li>
--   </ul>
userPoolClientType :: UserPoolClientType

-- | The time limit, in days, after which the refresh token is no longer
--   valid and cannot be used.
upctRefreshTokenValidity :: Lens' UserPoolClientType (Maybe Natural)

-- | The ID of the client associated with the user pool.
upctClientId :: Lens' UserPoolClientType (Maybe Text)

-- | The explicit authentication flows.
upctExplicitAuthFlows :: Lens' UserPoolClientType [ExplicitAuthFlowsType]

-- | The client secret from the user pool request of the client type.
upctClientSecret :: Lens' UserPoolClientType (Maybe Text)

-- | The date the user pool client was last modified.
upctLastModifiedDate :: Lens' UserPoolClientType (Maybe UTCTime)

-- | A list of provider names for the identity providers that are supported
--   on this client.
upctSupportedIdentityProviders :: Lens' UserPoolClientType [Text]

-- | A list of allowed logout URLs for the identity providers.
upctLogoutURLs :: Lens' UserPoolClientType [Text]

-- | Set to TRUE if the client is allowed to follow the OAuth protocol when
--   interacting with Cognito user pools.
upctAllowedOAuthFlowsUserPoolClient :: Lens' UserPoolClientType (Maybe Bool)

-- | The user pool ID for the user pool client.
upctUserPoolId :: Lens' UserPoolClientType (Maybe Text)

-- | The default redirect URI. Must be in the <tt>CallbackURLs</tt> list.
upctDefaultRedirectURI :: Lens' UserPoolClientType (Maybe Text)

-- | The writeable attributes.
upctWriteAttributes :: Lens' UserPoolClientType [Text]

-- | The date the user pool client was created.
upctCreationDate :: Lens' UserPoolClientType (Maybe UTCTime)

-- | The Read-only attributes.
upctReadAttributes :: Lens' UserPoolClientType [Text]

-- | A list of allowed <tt>OAuth</tt> scopes. Currently supported values
--   are <tt>"phone"</tt> , <tt>"email"</tt> , <tt>"openid"</tt> , and
--   <tt><a>Cognito</a></tt> .
upctAllowedOAuthScopes :: Lens' UserPoolClientType [Text]

-- | Set to <tt>code</tt> to initiate a code grant flow, which provides an
--   authorization code as the response. This code can be exchanged for
--   access tokens with the token endpoint. Set to <tt>token</tt> to
--   specify that the client should get the access token (and, optionally,
--   ID token, based on scopes) directly.
upctAllowedOAuthFlows :: Lens' UserPoolClientType [OAuthFlowType]

-- | The Amazon Pinpoint analytics configuration for the user pool client.
upctAnalyticsConfiguration :: Lens' UserPoolClientType (Maybe AnalyticsConfigurationType)

-- | The client name from the user pool request of the client type.
upctClientName :: Lens' UserPoolClientType (Maybe Text)

-- | A list of allowed callback URLs for the identity providers.
upctCallbackURLs :: Lens' UserPoolClientType [Text]

-- | A user pool description.
--   
--   <i>See:</i> <a>userPoolDescriptionType</a> smart constructor.
data UserPoolDescriptionType

-- | Creates a value of <a>UserPoolDescriptionType</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>updtStatus</a> - The user pool status in a user pool
--   description.</li>
--   <li><a>updtLastModifiedDate</a> - The date the user pool description
--   was last modified.</li>
--   <li><a>updtName</a> - The name in a user pool description.</li>
--   <li><a>updtId</a> - The ID in a user pool description.</li>
--   <li><a>updtCreationDate</a> - The date the user pool description was
--   created.</li>
--   <li><a>updtLambdaConfig</a> - The AWS Lambda configuration information
--   in a user pool description.</li>
--   </ul>
userPoolDescriptionType :: UserPoolDescriptionType

-- | The user pool status in a user pool description.
updtStatus :: Lens' UserPoolDescriptionType (Maybe StatusType)

-- | The date the user pool description was last modified.
updtLastModifiedDate :: Lens' UserPoolDescriptionType (Maybe UTCTime)

-- | The name in a user pool description.
updtName :: Lens' UserPoolDescriptionType (Maybe Text)

-- | The ID in a user pool description.
updtId :: Lens' UserPoolDescriptionType (Maybe Text)

-- | The date the user pool description was created.
updtCreationDate :: Lens' UserPoolDescriptionType (Maybe UTCTime)

-- | The AWS Lambda configuration information in a user pool description.
updtLambdaConfig :: Lens' UserPoolDescriptionType (Maybe LambdaConfigType)

-- | The policy associated with a user pool.
--   
--   <i>See:</i> <a>userPoolPolicyType</a> smart constructor.
data UserPoolPolicyType

-- | Creates a value of <a>UserPoolPolicyType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>upptPasswordPolicy</a> - The password policy.</li>
--   </ul>
userPoolPolicyType :: UserPoolPolicyType

-- | The password policy.
upptPasswordPolicy :: Lens' UserPoolPolicyType (Maybe PasswordPolicyType)

-- | A container for information about the user pool.
--   
--   <i>See:</i> <a>userPoolType</a> smart constructor.
data UserPoolType

-- | Creates a value of <a>UserPoolType</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uptStatus</a> - The status of a user pool.</li>
--   <li><a>uptUserPoolTags</a> - The cost allocation tags for the user
--   pool. For more information, see <a>Adding Cost Allocation Tags to Your
--   User Pool</a></li>
--   <li><a>uptEmailConfigurationFailure</a> - The reason why the email
--   configuration cannot send the messages to your users.</li>
--   <li><a>uptLastModifiedDate</a> - The date the user pool was last
--   modified.</li>
--   <li><a>uptVerificationMessageTemplate</a> - The template for
--   verification messages.</li>
--   <li><a>uptEstimatedNumberOfUsers</a> - A number estimating the size of
--   the user pool.</li>
--   <li><a>uptDomain</a> - Holds the domain prefix if the user pool has a
--   domain associated with it.</li>
--   <li><a>uptEmailVerificationMessage</a> - The contents of the email
--   verification message.</li>
--   <li><a>uptSmsAuthenticationMessage</a> - The contents of the SMS
--   authentication message.</li>
--   <li><a>uptUserPoolAddOns</a> - The user pool add-ons.</li>
--   <li><a>uptSchemaAttributes</a> - A container with the schema
--   attributes of a user pool.</li>
--   <li><a>uptEmailVerificationSubject</a> - The subject of the email
--   verification message.</li>
--   <li><a>uptUsernameAttributes</a> - Specifies whether email addresses
--   or phone numbers can be specified as usernames when a user signs
--   up.</li>
--   <li><a>uptAliasAttributes</a> - Specifies the attributes that are
--   aliased in a user pool.</li>
--   <li><a>uptEmailConfiguration</a> - The email configuration.</li>
--   <li><a>uptSmsVerificationMessage</a> - The contents of the SMS
--   verification message.</li>
--   <li><a>uptName</a> - The name of the user pool.</li>
--   <li><a>uptMFAConfiguration</a> - Can be one of the following values: *
--   <tt>OFF</tt> - MFA tokens are not required and cannot be specified
--   during user registration. * <tt>ON</tt> - MFA tokens are required for
--   all user registrations. You can only specify required when you are
--   initially creating a user pool. * <tt>OPTIONAL</tt> - Users have the
--   option when registering to create an MFA token.</li>
--   <li><a>uptId</a> - The ID of the user pool.</li>
--   <li><a>uptSmsConfigurationFailure</a> - The reason why the SMS
--   configuration cannot send the messages to your users.</li>
--   <li><a>uptCreationDate</a> - The date the user pool was created.</li>
--   <li><a>uptLambdaConfig</a> - The AWS Lambda triggers associated with
--   tue user pool.</li>
--   <li><a>uptSmsConfiguration</a> - The SMS configuration.</li>
--   <li><a>uptAdminCreateUserConfig</a> - The configuration for
--   <tt>AdminCreateUser</tt> requests.</li>
--   <li><a>uptDeviceConfiguration</a> - The device configuration.</li>
--   <li><a>uptAutoVerifiedAttributes</a> - Specifies the attributes that
--   are auto-verified in a user pool.</li>
--   <li><a>uptPolicies</a> - The policies associated with the user
--   pool.</li>
--   </ul>
userPoolType :: UserPoolType

-- | The status of a user pool.
uptStatus :: Lens' UserPoolType (Maybe StatusType)

-- | The cost allocation tags for the user pool. For more information, see
--   <a>Adding Cost Allocation Tags to Your User Pool</a>
uptUserPoolTags :: Lens' UserPoolType (HashMap Text Text)

-- | The reason why the email configuration cannot send the messages to
--   your users.
uptEmailConfigurationFailure :: Lens' UserPoolType (Maybe Text)

-- | The date the user pool was last modified.
uptLastModifiedDate :: Lens' UserPoolType (Maybe UTCTime)

-- | The template for verification messages.
uptVerificationMessageTemplate :: Lens' UserPoolType (Maybe VerificationMessageTemplateType)

-- | A number estimating the size of the user pool.
uptEstimatedNumberOfUsers :: Lens' UserPoolType (Maybe Int)

-- | Holds the domain prefix if the user pool has a domain associated with
--   it.
uptDomain :: Lens' UserPoolType (Maybe Text)

-- | The contents of the email verification message.
uptEmailVerificationMessage :: Lens' UserPoolType (Maybe Text)

-- | The contents of the SMS authentication message.
uptSmsAuthenticationMessage :: Lens' UserPoolType (Maybe Text)

-- | The user pool add-ons.
uptUserPoolAddOns :: Lens' UserPoolType (Maybe UserPoolAddOnsType)

-- | A container with the schema attributes of a user pool.
uptSchemaAttributes :: Lens' UserPoolType (Maybe (NonEmpty SchemaAttributeType))

-- | The subject of the email verification message.
uptEmailVerificationSubject :: Lens' UserPoolType (Maybe Text)

-- | Specifies whether email addresses or phone numbers can be specified as
--   usernames when a user signs up.
uptUsernameAttributes :: Lens' UserPoolType [UsernameAttributeType]

-- | Specifies the attributes that are aliased in a user pool.
uptAliasAttributes :: Lens' UserPoolType [AliasAttributeType]

-- | The email configuration.
uptEmailConfiguration :: Lens' UserPoolType (Maybe EmailConfigurationType)

-- | The contents of the SMS verification message.
uptSmsVerificationMessage :: Lens' UserPoolType (Maybe Text)

-- | The name of the user pool.
uptName :: Lens' UserPoolType (Maybe Text)

-- | Can be one of the following values: * <tt>OFF</tt> - MFA tokens are
--   not required and cannot be specified during user registration. *
--   <tt>ON</tt> - MFA tokens are required for all user registrations. You
--   can only specify required when you are initially creating a user pool.
--   * <tt>OPTIONAL</tt> - Users have the option when registering to create
--   an MFA token.
uptMFAConfiguration :: Lens' UserPoolType (Maybe UserPoolMFAType)

-- | The ID of the user pool.
uptId :: Lens' UserPoolType (Maybe Text)

-- | The reason why the SMS configuration cannot send the messages to your
--   users.
uptSmsConfigurationFailure :: Lens' UserPoolType (Maybe Text)

-- | The date the user pool was created.
uptCreationDate :: Lens' UserPoolType (Maybe UTCTime)

-- | The AWS Lambda triggers associated with tue user pool.
uptLambdaConfig :: Lens' UserPoolType (Maybe LambdaConfigType)

-- | The SMS configuration.
uptSmsConfiguration :: Lens' UserPoolType (Maybe SmsConfigurationType)

-- | The configuration for <tt>AdminCreateUser</tt> requests.
uptAdminCreateUserConfig :: Lens' UserPoolType (Maybe AdminCreateUserConfigType)

-- | The device configuration.
uptDeviceConfiguration :: Lens' UserPoolType (Maybe DeviceConfigurationType)

-- | Specifies the attributes that are auto-verified in a user pool.
uptAutoVerifiedAttributes :: Lens' UserPoolType [VerifiedAttributeType]

-- | The policies associated with the user pool.
uptPolicies :: Lens' UserPoolType (Maybe UserPoolPolicyType)

-- | The user type.
--   
--   <i>See:</i> <a>userType</a> smart constructor.
data UserType

-- | Creates a value of <a>UserType</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>utEnabled</a> - Specifies whether the user is enabled.</li>
--   <li><a>utUserStatus</a> - The user status. Can be one of the
--   following: * UNCONFIRMED - User has been created but not confirmed. *
--   CONFIRMED - User has been confirmed. * ARCHIVED - User is no longer
--   active. * COMPROMISED - User is disabled due to a potential security
--   threat. * UNKNOWN - User status is not known.</li>
--   <li><a>utUsername</a> - The user name of the user you wish to
--   describe.</li>
--   <li><a>utUserCreateDate</a> - The creation date of the user.</li>
--   <li><a>utAttributes</a> - A container with information about the user
--   type attributes.</li>
--   <li><a>utMFAOptions</a> - The MFA options for the user.</li>
--   <li><a>utUserLastModifiedDate</a> - The last modified date of the
--   user.</li>
--   </ul>
userType :: UserType

-- | Specifies whether the user is enabled.
utEnabled :: Lens' UserType (Maybe Bool)

-- | The user status. Can be one of the following: * UNCONFIRMED - User has
--   been created but not confirmed. * CONFIRMED - User has been confirmed.
--   * ARCHIVED - User is no longer active. * COMPROMISED - User is
--   disabled due to a potential security threat. * UNKNOWN - User status
--   is not known.
utUserStatus :: Lens' UserType (Maybe UserStatusType)

-- | The user name of the user you wish to describe.
utUsername :: Lens' UserType (Maybe Text)

-- | The creation date of the user.
utUserCreateDate :: Lens' UserType (Maybe UTCTime)

-- | A container with information about the user type attributes.
utAttributes :: Lens' UserType [AttributeType]

-- | The MFA options for the user.
utMFAOptions :: Lens' UserType [MFAOptionType]

-- | The last modified date of the user.
utUserLastModifiedDate :: Lens' UserType (Maybe UTCTime)

-- | The template for verification messages.
--   
--   <i>See:</i> <a>verificationMessageTemplateType</a> smart constructor.
data VerificationMessageTemplateType

-- | Creates a value of <a>VerificationMessageTemplateType</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>vmttDefaultEmailOption</a> - The default email option.</li>
--   <li><a>vmttEmailSubject</a> - The subject line for the email message
--   template.</li>
--   <li><a>vmttEmailSubjectByLink</a> - The subject line for the email
--   message template for sending a confirmation link to the user.</li>
--   <li><a>vmttSmsMessage</a> - The SMS message template.</li>
--   <li><a>vmttEmailMessageByLink</a> - The email message template for
--   sending a confirmation link to the user.</li>
--   <li><a>vmttEmailMessage</a> - The email message template.</li>
--   </ul>
verificationMessageTemplateType :: VerificationMessageTemplateType

-- | The default email option.
vmttDefaultEmailOption :: Lens' VerificationMessageTemplateType (Maybe DefaultEmailOptionType)

-- | The subject line for the email message template.
vmttEmailSubject :: Lens' VerificationMessageTemplateType (Maybe Text)

-- | The subject line for the email message template for sending a
--   confirmation link to the user.
vmttEmailSubjectByLink :: Lens' VerificationMessageTemplateType (Maybe Text)

-- | The SMS message template.
vmttSmsMessage :: Lens' VerificationMessageTemplateType (Maybe Text)

-- | The email message template for sending a confirmation link to the
--   user.
vmttEmailMessageByLink :: Lens' VerificationMessageTemplateType (Maybe Text)

-- | The email message template.
vmttEmailMessage :: Lens' VerificationMessageTemplateType (Maybe Text)
