In my Android app, I want my users to be able to change their email addresses (that they use to connect to their accounts), without getting any verification code by email.
So far, I manage to change the email address, and thanks to a lambda, set email_verified
to true
automatically. But unfortunately, an email is still sent with a verification code...
Here is what I did in my Android app:
public void onClickChangeEmail(View view)
{
CognitoUserAttributes attributes = new CognitoUserAttributes();
attributes.getAttributes().put("email", "[email protected]");
CognitoSettings
.getCognitoUserPool(MainActivity.this)
.getCurrentUser()
.updateAttributesInBackground(attributes, new UpdateAttributesHandler()
{
@Override
public void onSuccess(List<CognitoUserCodeDeliveryDetails> attributesVerificationList)
{
Log.i("tag", "Email updated!");
}
@Override
public void onFailure(Exception e)
{
e.printStackTrace();
}
});
}
And in my AWS console, I added a trigger in Cognito on Custom message, and here is my lambda function, which is triggered everytime a user updates his email:
const AWS = require('aws-sdk')
AWS.config.update({region: 'eu-central-1'});
exports.handler = (event, context, callback) => {
if (event.triggerSource === 'CustomMessage_UpdateUserAttribute')
{
const params = {
UserAttributes: [
{
Name: 'email_verified',
Value: 'true',
},
],
UserPoolId: event.userPoolId,
Username: event.userName,
};
var cognitoIdServiceProvider = new AWS.CognitoIdentityServiceProvider();
cognitoIdServiceProvider.adminUpdateUserAttributes(params, function(err, data) {
if (err) context.done(err, event); // an error occurred
else context.done(null, event); // successful response
});
}
else
{
context.done(null, event);
}
};
The only workaround I found is to throw an error instead of context.done(null, event);
, but it doesn't look like a clean solution.
Is there a better and cleaner way to prevent Cognito from sending a verification email?
Thanks for your help.
To update your account email address:In your Cognito Forms account, find your name at the top right corner and select My Account. Select the Email Address option and enter your new email address along with your password. If you cannot remember your password, use the Reset Password link to create a new one. Hit Save.
Amazon Cognito can automatically verify email addresses or phone numbers. To do this verification, Amazon Cognito sends a verification code or a verification link. For email addresses, Amazon Cognito can send a code or a link in an email message. For phone numbers, Amazon Cognito sends a code in an SMS text message.
The Amazon Cognito service receives the sign-up request from the app. After verifying that the request contains all attributes required for sign-up, the service completes the sign-up process and sends a confirmation code to the user's phone (in an SMS message) or email. The code is valid for 24 hours.
2.1.Go to AWS Cognito service and click “Manage Identity Pools”. 2. Enter “Identity pool name”, expand the “Authentication providers” section and select “Cognito” tab. This is where the Cognito authentication provider will be registered with the Identity pool.
I am calling the Cognito API in my Springboot Service and I am able to update a user's email without getting a verification code. In my adminUpdateUserAttributes() method, I am passing in:
Name: 'email_verified', Value: 'true'
together with the email field that needs to be updated and it updates successfully without sending an email. Maybe the labda doesn't work correctly or they have fixed the bug since this is an old question.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With