authParameters

The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking.

The required values are specific to the InitiateAuthRequest$AuthFlow.

The following are some authentication flows and their parameters. Add a SECRET_HASH parameter if your app client has a client secret.

  • USER_AUTH: USERNAME (required), PREFERRED_CHALLENGE. If you don't provide a value for PREFERRED_CHALLENGE, Amazon Cognito responds with the AvailableChallenges parameter that specifies the available sign-in methods.

  • USER_SRP_AUTH: USERNAME (required), SRP_A (required), DEVICE_KEY.

  • USER_PASSWORD_AUTH: USERNAME (required), PASSWORD (required), DEVICE_KEY.

  • REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), DEVICE_KEY.

  • CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), DEVICE_KEY. To start the authentication flow with password verification, include ChallengeName: SRP_A and SRP_A: (The SRP_A Value).

For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.