clientMetadata

A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.

You create custom workflows by assigning Lambda functions to user pool triggers. When you send an InitiateAuth request, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers.

• Pre sign-up

• Pre authentication

• User migration

When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload as input to the function. This payload contains a validationData attribute with the data that you assigned to the ClientMetadata parameter in your InitiateAuth request. In your function, validationData can contribute to operations that require data that isn't in the default payload.

InitiateAuth requests invokes the following triggers without ClientMetadata as input.

• Post authentication

• Custom message

• Pre token generation

• Create auth challenge

• Define auth challenge

• Custom email sender

• Custom SMS sender

For more information, see Using Lambda triggers in the Amazon Cognito Developer Guide.

When you use the ClientMetadata parameter, note that Amazon Cognito won't do the following:

• Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.

• Validate the ClientMetadata value.

• Encrypt the ClientMetadata value. Don't send sensitive information in this parameter.