cognitoidentityprovider_admin_create_user: Creates a new user in the specified user pool
In paws.security.identity: 'Amazon Web Services' Security, Identity, & Compliance Services
View source: R/cognitoidentityprovider_operations.R
cognitoidentityprovider_admin_create_user R Documentation
Creates a new user in the specified user pool
Description
Creates a new user in the specified user pool.
See https://www.paws-r-sdk.com/docs/cognitoidentityprovider_admin_create_user/ for full documentation.
Usage
cognitoidentityprovider_admin_create_user(
UserPoolId,
Username,
UserAttributes = NULL,
ValidationData = NULL,
TemporaryPassword = NULL,
ForceAliasCreation = NULL,
MessageAction = NULL,
DesiredDeliveryMediums = NULL,
ClientMetadata = NULL
)
Arguments
UserPoolId
[required] The ID of the user pool where you want to create a user.
Username
[required] The value that you want to set as the username sign-in attribute. The
following conditions apply to the username parameter.
The username can't be a duplicate of another username in the same
user pool.
You can't change the value of a username after you create it.
You can only provide a value if usernames are a valid sign-in
attribute for your user pool. If your user pool only supports phone
numbers or email addresses as sign-in attributes, Amazon Cognito
automatically generates a username value. For more information, see
Customizing sign-in attributes.
UserAttributes
An array of name-value pairs that contain user attributes and attribute
values to be set for the user to be created. You can create a user
without specifying any attributes other than Username. However, any
attributes that you specify as required (when creating a user pool or in
the Attributes tab of the console) either you should supply (in your
call to
admin_create_user) or the
user should supply (when they sign up in response to your welcome
message).
For custom attributes, you must prepend the custom: prefix to the
attribute name.
To send a message inviting the user to sign up, you must specify the
user's email address or phone number. You can do this in your call to
AdminCreateUser or in the Users tab of the Amazon Cognito console
for managing your user pools.
You must also provide an email address or phone number when you expect
the user to do passwordless sign-in with an email or SMS OTP. These
attributes must be provided when passwordless options are the only
available, or when you don't submit a TemporaryPassword.
In your call to
admin_create_user, you
can set the email_verified attribute to True, and you can set the
phone_number_verified attribute to True. You can also do this by
calling
admin_update_user_attributes.
-
email: The email address of the user to whom the message that
contains the code and username will be sent. Required if the
email_verified attribute is set to True, or if "EMAIL" is
specified in the DesiredDeliveryMediums parameter.
-
phone_number: The phone number of the user to whom the message
that contains the code and username will be sent. Required if the
phone_number_verified attribute is set to True, or if "SMS" is
specified in the DesiredDeliveryMediums parameter.
ValidationData
Temporary user attributes that contribute to the outcomes of your pre
sign-up Lambda trigger. This set of key-value pairs are for custom
validation of information that you collect from your users but don't
need to retain.
Your Lambda function can analyze this additional data and act on it.
Your function might perform external API operations like logging user
attributes and validation data to Amazon CloudWatch Logs. Validation
data might also affect the response that your function returns to Amazon
Cognito, like automatically confirming the user if they sign up from
within your network.
For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger.
TemporaryPassword
The user's temporary password. This password must conform to the
password policy that you specified when you created the user pool.
The exception to the requirement for a password is when your user pool
supports passwordless sign-in with email or SMS OTPs. To create a user
with no password, omit this parameter or submit a blank value. You can
only create a passwordless user when passwordless sign-in is available.
See the SignInPolicyType
property of
create_user_pool and
update_user_pool.
The temporary password is valid only once. To complete the Admin Create
User flow, the user must enter the temporary password in the sign-in
page, along with a new password to be used in all future sign-ins.
If you don't specify a value, Amazon Cognito generates one for you
unless you have passwordless options active for your user pool.
The temporary password can only be used until the user account
expiration limit that you set for your user pool. To reset the account
after that time limit, you must call
admin_create_user again
and specify RESEND for the MessageAction parameter.
ForceAliasCreation
This parameter is used only if the phone_number_verified or
email_verified attribute is set to True. Otherwise, it is ignored.
If this parameter is set to True and the phone number or email address
specified in the UserAttributes parameter already exists as an alias
with a different user, this request migrates the alias from the previous
user to the newly-created user. The previous user will no longer be able
to log in using that alias.
If this parameter is set to False, the API throws an
AliasExistsException error if the alias already exists. The default
value is False.
MessageAction
Set to RESEND to resend the invitation message to a user that already
exists, and to reset the temporary-password duration with a new
temporary password. Set to SUPPRESS to suppress sending the message.
You can specify only one value.
DesiredDeliveryMediums
Specify EMAIL if email will be used to send the welcome message.
Specify SMS if the phone number will be used. The default value is
SMS. You can specify more than one value.
ClientMetadata
A map of custom key-value pairs that you can provide as input for any
custom workflows that this action triggers.
You create custom workflows by assigning Lambda functions to user pool
triggers. When you use the AdminCreateUser API action, Amazon Cognito
invokes the function that is assigned to the pre sign-up trigger. When
Amazon Cognito invokes this function, it passes a JSON payload, which
the function receives as input. This payload contains a ClientMetadata
attribute, which provides the data that you assigned to the
ClientMetadata parameter in your AdminCreateUser request. In your
function code in Lambda, you can process the clientMetadata value to
enhance your workflow for your specific needs.
For more information, see Customizing user pool Workflows with Lambda Triggers
in the Amazon Cognito Developer Guide.
When you use the ClientMetadata parameter, note that Amazon Cognito
won't do the following:
Store the ClientMetadata value. This data is available only to
Lambda triggers that are assigned to a user pool to support custom
workflows. If your user pool configuration doesn't include triggers,
the ClientMetadata parameter serves no purpose.
Validate the ClientMetadata value.
Encrypt the ClientMetadata value. Don't send sensitive information
in this parameter.
paws.security.identity documentation built on April 3, 2025, 10:59 p.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
View source: R/cognitoidentityprovider_operations.R
| cognitoidentityprovider_admin_create_user | R Documentation |
Creates a new user in the specified user pool
Description
Creates a new user in the specified user pool.
See https://www.paws-r-sdk.com/docs/cognitoidentityprovider_admin_create_user/ for full documentation.
Usage
cognitoidentityprovider_admin_create_user(
UserPoolId,
Username,
UserAttributes = NULL,
ValidationData = NULL,
TemporaryPassword = NULL,
ForceAliasCreation = NULL,
MessageAction = NULL,
DesiredDeliveryMediums = NULL,
ClientMetadata = NULL
)
Arguments
UserPoolId |
[required] The ID of the user pool where you want to create a user. |
Username |
[required] The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.
|
UserAttributes |
An array of name-value pairs that contain user attributes and attribute
values to be set for the user to be created. You can create a user
without specifying any attributes other than For custom attributes, you must prepend the To send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the Users tab of the Amazon Cognito console for managing your user pools. You must also provide an email address or phone number when you expect
the user to do passwordless sign-in with an email or SMS OTP. These
attributes must be provided when passwordless options are the only
available, or when you don't submit a In your call to
|
ValidationData |
Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain. Your Lambda function can analyze this additional data and act on it. Your function might perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs. Validation data might also affect the response that your function returns to Amazon Cognito, like automatically confirming the user if they sign up from within your network. For more information about the pre sign-up Lambda trigger, see Pre sign-up Lambda trigger. |
TemporaryPassword |
The user's temporary password. This password must conform to the password policy that you specified when you created the user pool. The exception to the requirement for a password is when your user pool
supports passwordless sign-in with email or SMS OTPs. To create a user
with no password, omit this parameter or submit a blank value. You can
only create a passwordless user when passwordless sign-in is available.
See the SignInPolicyType
property of
The temporary password is valid only once. To complete the Admin Create User flow, the user must enter the temporary password in the sign-in page, along with a new password to be used in all future sign-ins. If you don't specify a value, Amazon Cognito generates one for you unless you have passwordless options active for your user pool. The temporary password can only be used until the user account
expiration limit that you set for your user pool. To reset the account
after that time limit, you must call
|
ForceAliasCreation |
This parameter is used only if the If this parameter is set to If this parameter is set to |
MessageAction |
Set to |
DesiredDeliveryMediums |
Specify |
ClientMetadata |
A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers. You create custom workflows by assigning Lambda functions to user pool
triggers. When you use the AdminCreateUser API action, Amazon Cognito
invokes the function that is assigned to the pre sign-up trigger. When
Amazon Cognito invokes this function, it passes a JSON payload, which
the function receives as input. This payload contains a For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide. When you use the
|
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.