Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AWS Cognito Admin created user temp password verify & reset

I am trying to verify an Admin created a user through password-reset-challenge using AWS Cognito generated a temporary password and I can't find the way or an example on how to use a temporary password and set new passwords for new users in javascript.

like image 817
Harsh Avatar asked Oct 17 '22 21:10

Harsh


1 Answers

The Amazon Cognito developer guide provides an example of authenticating with a temporary password and handling the newPasswordRequired condition:

cognitoUser.authenticateUser(authenticationDetails, {
    onSuccess: [...],
    onFailure: [...],
    mfaRequired: [...],
    newPasswordRequired: function(userAttributes, requiredAttributes) {
        // User was signed up by an admin and must provide new 
        // password and required attributes, if any, to complete 
        // authentication.

        // userAttributes: object, which is the user's current profile. It will list all attributes that are associated with the user. 
        // Required attributes according to schema, which don’t have any values yet, will have blank values.
        // requiredAttributes: list of attributes that must be set by the user along with new password to complete the sign-in.


        // Get these details and call 
        // newPassword: password that user has given
        // attributesData: object with key as attribute name and value that the user has given.
        cognitoUser.completeNewPasswordChallenge(newPassword, attributesData, this)
    }
});

Excerpted from the guide here: https://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-identity-user-pools-javascript-example-authenticating-admin-created-user.html

Note that the third argument to completeNewPasswordChallenge in the example is this, i.e., the object with the handler functions. This is because completeNewPasswordChallenge requires onSuccess and onFailure handlers, and you can often use the same handlers as you would for the authenticateUser result.

like image 72
Joe Lafiosca Avatar answered Nov 11 '22 18:11

Joe Lafiosca