To summarize, we did the following in this recipe:
- Created a role with an inline policy that allowed Cognito to use SMS to send (publish) messages
- Created a Cognito user pool to support using a phone_number as the username, SMS verification, and MFA
- Performed user sign-up with a phone_number as the username
- SMS verification
- Multi-factor authentication (MFA)
Multi-factor authentication (MFA) is an authentication done in addition to the standard authentication. In our case MFA is done by sending a code through SMS and we send back that code in the response. In this recipe, I used both SMS verification and MFA; however, within the code files, I have also provided the CLI commands for scenarios where we perform sign-up and sign-in without MFA. You can disable MFA support while creating the user pool, by setting the MfaConfiguration parameter to false.