AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-04-23 · Documentation low

File: cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_AdminInitiateAuth_section.md

Summary

Added Swift SDK code example for AdminInitiateAuth API showing authentication flow implementation

Security assessment

While authentication is security-related, this change documents standard authentication implementation rather than addressing vulnerabilities. It demonstrates password-based auth flow handling but doesn't introduce new security features.

Diff

diff --git a/cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_AdminInitiateAuth_section.md b/cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_AdminInitiateAuth_section.md
index bfae47b16..cc88e46ec 100644
--- a//cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_AdminInitiateAuth_section.md
+++ b//cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_AdminInitiateAuth_section.md
@@ -348,0 +349,69 @@ There's more on GitHub. Find the complete example and learn how to set up and ru
+Swift
+    
+
+**SDK for Swift**
+    
+
+###### Note
+
+There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/cognito-identity-provider#code-examples). 
+    
+    
+    import AWSCognitoIdentityProvider
+    
+        /// Begin an authentication session.
+        ///
+        /// - Parameters:
+        ///   - cipClient: The `CongitoIdentityProviderClient` to use.
+        ///   - clientId: The app client ID to use.
+        ///   - userName: The username to check.
+        ///   - password: The user's password.
+        ///   - userPoolId: The user pool to use.
+        ///
+        /// - Returns: The session token associated with this authentication
+        ///   session.
+        func initiateAuth(cipClient: CognitoIdentityProviderClient, clientId: String,
+                             userName: String, password: String,
+                             userPoolId: String) async -> String? {
+            var authParams: [String: String] = [:]
+    
+            authParams["USERNAME"] = userName
+            authParams["PASSWORD"] = password
+    
+            do {
+                let output = try await cipClient.adminInitiateAuth(
+                    input: AdminInitiateAuthInput(
+                        authFlow: CognitoIdentityProviderClientTypes.AuthFlowType.adminUserPasswordAuth,
+                        authParameters: authParams,
+                        clientId: clientId,
+                        userPoolId: userPoolId
+                    )
+                )
+    
+                guard let challengeName = output.challengeName else {
+                    print("*** Invalid response from the auth service.")
+                    return nil
+                }
+    
+                print("=====> Response challenge is \(challengeName)")
+    
+                return output.session
+            } catch _ as UserNotFoundException {
+                print("*** The specified username, \(userName), doesn't exist.")
+                return nil
+            } catch _ as UserNotConfirmedException {
+                print("*** The user \(userName) has not been confirmed.")
+                return nil
+            } catch {
+                print("*** An unexpected error occurred.")
+                return nil
+            }
+        }
+    
+    
+
+  * For API details, see [AdminInitiateAuth](https://sdk.amazonaws.com/swift/api/awscognitoidentityprovider/latest/documentation/awscognitoidentityprovider/cognitoidentityproviderclient/admininitiateauth\(input:\)) in _AWS SDK for Swift API reference_. 
+
+
+
+