We use the cognito-idp create-user-pool-client sub-command to create a user pool client, as follows:
aws cognito-idp create-user-pool-client
--user-pool-id us-east-1_fYsb1Gyec
--client-name my-user-pool-client
--explicit-auth-flows USER_PASSWORD_AUTH
--profile admin
Here, I have specified USER_PASSWORD_AUTH as an explicit auth flow.
ADMIN_NO_SRP_AUTH is only supported with the admin-initiated authentication used in the server-side authentication flow. Both ADMIN_NO_SRP_AUTH and USER_PASSWORD_AUTH allow us to pass our username and password without SRP, but USER_PASSWORD_AUTH also supports user migration from legacy applications.