Module Awso_cognito_idp.SetRiskConfigurationRequestSource

Configures threat protection for a user pool or app client. Sets configuration for the following. Responses to risks with adaptive authentication Responses to vulnerable passwords with compromised-credentials detection Notifications to users who have had risky activity detected IP-address denylist and allowlist To set the risk configuration for the user pool to defaults, send this request with only the UserPoolId parameter. To reset the threat protection settings of an app client to be inherited from the user pool, send UserPoolId and ClientId parameters only. To change threat protection to audit-only or off, update the value of UserPoolAddOns in an UpdateUserPool request. To activate this setting, your user pool must be on the Plus tier.

Sourcetype nonrec t = {
  1. userPoolId : UserPoolIdType.t;
    (*

    The ID of the user pool where you want to set a risk configuration. If you include UserPoolId in your request, don't include ClientId. When the client ID is null, the same risk configuration is applied to all the clients in the userPool. When you include both ClientId and UserPoolId, Amazon Cognito maps the configuration to the app client only.

    *)
  2. clientId : ClientIdType.t option;
    (*

    The ID of the app client where you want to set a risk configuration. If ClientId is null, then the risk configuration is mapped to UserPoolId. When the client ID is null, the same risk configuration is applied to all the clients in the userPool. When you include a ClientId parameter, Amazon Cognito maps the configuration to the app client. When you include both ClientId and UserPoolId, Amazon Cognito maps the configuration to the app client only.

    *)
  3. compromisedCredentialsRiskConfiguration : CompromisedCredentialsRiskConfigurationType.t option;
    (*

    The configuration of automated reactions to detected compromised credentials. Includes settings for blocking future sign-in requests and for the types of password-submission events you want to monitor.

    *)
  4. accountTakeoverRiskConfiguration : AccountTakeoverRiskConfigurationType.t option;
    (*

    The settings for automated responses and notification templates for adaptive authentication with threat protection.

    *)
  5. riskExceptionConfiguration : RiskExceptionConfigurationType.t option;
    (*

    A set of IP-address overrides to threat protection. You can set up IP-address always-block and always-allow lists.

    *)
}
Sourceval context_ : string
Sourceval make : ?clientId:??? -> ?compromisedCredentialsRiskConfiguration:??? -> ?accountTakeoverRiskConfiguration:??? -> ?riskExceptionConfiguration:??? -> userPoolId:UserPoolIdType.t -> unit -> t
Sourceval to_value : t -> [> `Structure of (string * [> `String of UserPoolIdType.t | `Structure of (string * [> `List of [> `Enum of string | `String of StringType.t ] list | `Structure of (string * [> `Enum of string | `String of StringType.t | `Structure of (string * [> `Boolean of AccountTakeoverActionNotifyType.t | `Enum of string | `String of EmailNotificationSubjectType.t ]) list ]) list ]) list ]) list ]
Sourceval to_query : t -> Awso.Client.Query.t
Sourceval of_xml : Awso.Xml.t -> t
Sourceval of_string : string -> t
Sourceval of_json : Yojson.Safe.t -> t
Sourceval to_json : t -> Yojson.Safe.t