cognitoidentityprovider/aws.sdk.kotlin.services.cognitoidentityprovider/CognitoIdentityProviderClient/setRiskConfiguration

setRiskConfiguration

abstract suspend fun setRiskConfiguration(input: SetRiskConfigurationRequest): SetRiskConfigurationResponse

Configures threat protection for a user pool or app client. Sets configuration for the following.

  • Responses to risks with adaptive authentication

  • Responses to vulnerable passwords with compromised-credentials detection

  • Notifications to users who have had risky activity detected

  • IP-address denylist and allowlist

To set the risk configuration for the user pool to defaults, send this request with only the UserPoolId parameter. To reset the threat protection settings of an app client to be inherited from the user pool, send UserPoolId and ClientId parameters only. To change threat protection to audit-only or off, update the value of UserPoolAddOns in an UpdateUserPool request. To activate this setting, your user pool must be on the Plus tier.

In secondary regions for user pools with multi-region replication, only the SourceARN and From attributes of NotifyConfiguration can be modified to configure region-specific SES integration. All other risk configuration settings must match the existing values to maintain consistency across replicas.

Generated by Dokka
© 2026, Amazon Web Services, Inc. or its affiliates. All rights reserved.