The following steps describe how to set up user sign-up with self-confirmation:
- Use the sign-up sub-command to initiate the sign-up flow, providing your username and password:
aws cognito-idp sign-up
--client-id 4s69op0v8es2cojl5ncjql2v4g
--username testuser4
--password Passw0rd$
--user-attributes Name=email,[email protected]
Replace [email protected] with your email address.
If this is successful, you should get the following response:
You will also receive an email with the confirmation code, as shown in the following screenshot:
The preceding message format was configured while creating the user pool. You can also use the email configuration section in the input CLI JSON, or within the CloudFormation template, to make additional customizations, such as a reply email address.
- Confirm the user sign-up with the code received, as follows:
aws cognito-idp confirm-sign-up
--client-id 4s69op0v8es2cojl5ncjql2v4g
--username testuser4
--confirmation-code 156202
If it is successful, you should see no errors in the response.
- Now, try to sign-in with your username and password, as follows:
aws cognito-idp initiate-auth
--client-id 4s69op0v8es2cojl5ncjql2v4g
--auth-flow USER_PASSWORD_AUTH
--auth-parameters USERNAME=testuser4,PASSWORD=Passw0rd$
If it is successful, you will get a response with the AccessToken, RefreshToken, and IdToken:
- Use the access token to delete the user, as follows:
aws cognito-idp delete-user
--access-token <access token>
Replace the AccessToken with the access token received in the previous command response. If it is successful, you should see no response.
- Verify that the user was actually deleted by trying to initiate the authentication flow again. This time, you should get an error that the user does not exist.