User sign-up with SMS and MFA verification

First, we will set up a user pool client for SMS verification; then, we will do user sign-up with SMS verification:

  1. Create a user pool client, as follows:
aws cognito-idp create-user-pool-client 
    --user-pool-id us-east-1_n5USdCHNf 
    --explicit-auth-flows USER_PASSWORD_AUTH 
    --client-name user-pool-client-signup 
    --profile admin

You can use describe-user-pool-client to get the details of the user pool client.

  1. Do user sign-up with a phone number as the username, as follows:
aws cognito-idp sign-up 
    --client-id 6amm4ins1md8fo5tvhtmel183h 
    --username +917411174114 
    --password Passw0rd$

You will need to start the phone number with a +, followed by the country code (for example, +44 for the United Kingdom and +91 for India).

If this is successful, you should get the following response:

You will now get a confirmation code SMS at the phone number you specified.

If you do not receive a confirmation authentication code after waiting for some time, or if the one that you received expires, you can use the resend-confirmation-code command, as follows:

aws cognito-idp resend-confirmation-code 
    --client-id 6amm4ins1md8fo5tvhtmel183h 
    --username +917411174114
  1. Confirm the user sign-up with the confirmation authentication code that was received in the previous step:
aws cognito-idp confirm-sign-up 
    --client-id 6amm4ins1md8fo5tvhtmel183h 
    --username +917411174114 
    --confirmation-code 432348
  1. Initiate the authentication flow, as follows:
aws cognito-idp initiate-auth 
    --client-id 6amm4ins1md8fo5tvhtmel183h 
    --auth-flow USER_PASSWORD_AUTH 
    --auth-parameters USERNAME=+917411174114,PASSWORD=Passw0rd$

As we have enabled MFA, you should get back an authentication challenge in the response, as shown in the following screenshot:

You will now receive an SMS with an authentication code.

  1. Respond to the authentication challenge with the authentication code that you received in an SMS and the session value that you received in the previous step:
aws cognito-idp respond-to-auth-challenge 
    --client-id 6amm4ins1md8fo5tvhtmel183h 
    --challenge-name SMS_MFA 
    --challenge-responses USERNAME=+917411174114,SMS_MFA_CODE=650598 
    --session <session>

If this is successful, you should get a response with the AccessToken, RefreshToken, and IdToken. You can use these for further operations, including deleting the user.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.128.204.5