AWS cli documentation change
Summary
Updated authentication challenge documentation with WebAuthn support, expanded MFA options, and restructured challenge response examples
Security assessment
Added documentation for WEB_AUTHN authentication method and expanded SELECT_MFA_TYPE options to include EMAIL_MFA. These changes document security features (WebAuthn/FIDO2 and additional MFA methods) but do not indicate a security vulnerability fix.
Diff
diff --git a/cli/latest/reference/cognito-idp/admin-list-user-auth-events.md b/cli/latest/reference/cognito-idp/admin-list-user-auth-events.md index af9275fb7..277afdae6 100644 --- a//cli/latest/reference/cognito-idp/admin-list-user-auth-events.md +++ b//cli/latest/reference/cognito-idp/admin-list-user-auth-events.md @@ -15 +15 @@ - * [AWS CLI 2.28.12 Command Reference](../../index.html) » + * [AWS CLI 2.28.15 Command Reference](../../index.html) » @@ -360 +360 @@ AuthEvents -> (list) ->>>> SMS_OTP +>>>> WEB_AUTHN @@ -364,0 +365,14 @@ AuthEvents -> (list) +>>>>> `"ChallengeName": "WEB_AUTHN", "ChallengeResponses": { "USERNAME": "[username]", "CREDENTIAL": "[AuthenticationResponseJSON]"}` +>>>> +>>>> See [AuthenticationResponseJSON](https://www.w3.org/TR/WebAuthn-3/#dictdef-authenticationresponsejson) . +>>>> +>>>>> > PASSWORD +>>>>> +>>>>> `"ChallengeName": "PASSWORD", "ChallengeResponses": { "USERNAME": "[username]", "PASSWORD": "[password]"}` +>>>>> +>>>>>> PASSWORD_SRP +>>>>> +>>>>> `"ChallengeName": "PASSWORD_SRP", "ChallengeResponses": { "USERNAME": "[username]", "SRP_A": "[SRP_A]"}` +>>>>> +>>>>>> SMS_OTP +>>>>> @@ -380,3 +394 @@ AuthEvents -> (list) ->>>> ->>>> Add `"DEVICE_KEY"` when you sign in with a remembered device. ->>>> +>>>>> @@ -386,3 +398 @@ AuthEvents -> (list) ->>>> ->>>> Add `"DEVICE_KEY"` when you sign in with a remembered device. ->>>> +>>>>> @@ -417 +427 @@ AuthEvents -> (list) ->>>> `"ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}` +>>>> `"ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]", "ANSWER": "[SMS_MFA|EMAIL_MFA|SOFTWARE_TOKEN_MFA]"}` @@ -483 +493 @@ NextToken -> (string) - * [AWS CLI 2.28.12 Command Reference](../../index.html) » + * [AWS CLI 2.28.15 Command Reference](../../index.html) »