Class: Aws::CognitoIdentityProvider::Types::WebAuthnConfigurationType

Inherits:

Struct

• Object
• Struct
• Aws::CognitoIdentityProvider::Types::WebAuthnConfigurationType

Includes:

Structure

Defined in:

lib/aws-sdk-cognitoidentityprovider/types.rb

Overview

Settings for multi-factor authentication (MFA) with passkey, or webauthN, biometric and security-key devices in a user pool. Configures the following:

• Configuration at the user-pool level for whether you want to require passkey configuration as an MFA factor, or include it as a choice.

• The user pool relying-party ID. This is the user pool domain that user’s passkey providers should trust as a receiver of passkey authentication.

• The providers that you want to allow as origins for passkey authentication.

This data type is a request parameter of [SetUserPoolMfaConfig] and a response parameter of [GetUserPoolMfaConfig].

[1]: docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html [2]: docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUserPoolMfaConfig.html

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #relying_party_id ⇒ String

  Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.

• #user_verification ⇒ String

  When ‘required`, users can only register and sign in users with passkeys that are capable of [user verification].

Instance Attribute Details

#relying_party_id ⇒ String

Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.

Under the following conditions, the passkey relying party ID must be the fully-qualified domain name of your custom domain:

• The user pool is configured for passkey authentication.

• The user pool has a custom domain, whether or not it also has a prefix domain.

• Your application performs authentication with managed login or the classic hosted UI.

Returns:

• (String)

# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 13604

class WebAuthnConfigurationType < Struct.new(
  :relying_party_id,
  :user_verification)
  SENSITIVE = []
  include Aws::Structure
end

#user_verification ⇒ String

When ‘required`, users can only register and sign in users with passkeys that are capable of [user verification]. When `preferred`, your user pool doesn’t require the use of authenticators with user verification but encourages it.

[1]: www.w3.org/TR/webauthn-2/#enum-userVerificationRequirement

Returns:

• (String)

# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 13604

class WebAuthnConfigurationType < Struct.new(
  :relying_party_id,
  :user_verification)
  SENSITIVE = []
  include Aws::Structure
end