cognitoidentityprovider/aws.sdk.kotlin.services.cognitoidentityprovider/adminLinkProviderForUser

adminLinkProviderForUser

inline suspend fun CognitoIdentityProviderClient.adminLinkProviderForUser(crossinline block: AdminLinkProviderForUserRequest.Builder.() -> Unit): AdminLinkProviderForUserResponse

Links an existing user account in a user pool, or DestinationUser, to an identity from an external IdP, or SourceUser, based on a specified attribute name and value from the external IdP.

This operation connects a local user profile with a user identity who hasn't yet signed in from their third-party IdP. When the user signs in with their IdP, they get access-control configuration from the local user profile. Linked local users can also sign in with SDK-based API operations like InitiateAuth after they sign in at least once through their IdP. For more information, see Linking federated users.

The maximum number of federated identities linked to a user is five.

Because this API allows a user with an external federated identity to sign in as a local user, it is critical that it only be used with external IdPs and linked attributes that you trust.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved. Generated by dokka