Class: Aws::CognitoIdentityProvider::Types::WebAuthnConfigurationType

Inherits:

Struct

• Object
• Struct
• Aws::CognitoIdentityProvider::Types::WebAuthnConfigurationType

Includes:

Structure

Defined in:

lib/aws-sdk-cognitoidentityprovider/types.rb

Overview

Settings for authentication (MFA) with passkey, or webauthN, biometric and security-key devices in a user pool. Configures the following:

• Configuration for requiring user-verification support in passkeys.

• The user pool relying-party ID. This is the domain, typically your user pool domain, that user’s passkey providers should trust as a receiver of passkey authentication.

• The providers that you want to allow as origins for passkey authentication.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #factor_configuration ⇒ String

  Sets whether passkeys can be used as multi-factor authentication (MFA).

• #relying_party_id ⇒ String

  Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.

• #user_verification ⇒ String

  When ‘required`, users can only register and sign in users with passkeys that are capable of [user verification].

Instance Attribute Details

#factor_configuration ⇒ String

Sets whether passkeys can be used as multi-factor authentication (MFA). When set to ‘MULTI_FACTOR_WITH_USER_VERIFICATION`, passkey authentication with user verification satisfies MFA requirements. When set to `SINGLE_FACTOR` or not set, passkeys are a single authentication factor. To activate this setting, your user pool must be in the [ Essentials tier] or higher.

[1]: docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html

Returns:

• (String)

# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 14318

class WebAuthnConfigurationType < Struct.new(
  :relying_party_id,
  :user_verification,
  :factor_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#relying_party_id ⇒ String

Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.

Under the following conditions, the passkey relying party ID must be the fully-qualified domain name of your custom domain:

• The user pool is configured for passkey authentication.

• The user pool has a custom domain, whether or not it also has a prefix domain.

• Your application performs authentication with managed login or the classic hosted UI.

Returns:

• (String)

# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 14318

class WebAuthnConfigurationType < Struct.new(
  :relying_party_id,
  :user_verification,
  :factor_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#user_verification ⇒ String

When ‘required`, users can only register and sign in users with passkeys that are capable of [user verification]. When `preferred`, your user pool doesn’t require the use of authenticators with user verification but encourages it.

[1]: www.w3.org/TR/webauthn-2/#enum-userVerificationRequirement

Returns:

• (String)

# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 14318

class WebAuthnConfigurationType < Struct.new(
  :relying_party_id,
  :user_verification,
  :factor_configuration)
  SENSITIVE = []
  include Aws::Structure
end