Menu
Cognito's User Pool takes an email config that needs an ARN of a verified email. Can I use any email on a verified domain instead of a single verified email?
https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html I am looking at this documentation, but I am not sure how to make a User pool with anything other than a "verified email" which is not automatable. the alternative that i would like is to automate the verification of a domain and then use any address from that that domain.
600
With a user pool, your app users can sign in through the user pool or federate through a third-party identity provider (IdP). Identity pools are for authorization (access control). You can use identity pools to create unique identities for users and give them access to other AWS services.
Amazon Cognito identity pools support both authenticated and unauthenticated identities. Authenticated identities belong to users who are authenticated by any supported identity provider. Unauthenticated identities typically belong to guest users.
AWS Cognito User Pool will send verification code by email or sms and the user enters the code to get verified with the User Pool. User enters username and password and logs in with Cognito User Pool in which case a token will be provided by Cognito upon successful login.
We were able to accomplish this via the CLI. First, go to your verified domain in SES and add an Identity Policy.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Action": [
"SES:SendRawEmail",
"SES:SendEmail"
],
"Resource": "arn:aws:ses:us-east-1:YOUR_ACCOUNT_ID:identity/MYCUSTOM.DOMAIN.COM" <- arn of your SES domain
}
]
}
Then create a json file on your local machine.
{
"SourceArn": "arn:aws:ses:us-east-1:"accountid":identity/MYCUSTOM.DOMAIN.COM",
"ReplyToEmailAddress": "[email protected]",
"EmailSendingAccount": "DEVELOPER",
"From": "[email protected]"
}
Finally run the cli command
aws cognito-idp update-user-pool --user-pool-id 'us-xxxx-X_XXXXXX' --region 'xx-xxxx-x' --email-configuration file://email.json
When this is done in the AWS console for your cognito pool you should see the ARN of the SES domain under the From email address ARN and you can specify whatever email you want in the from address field.
Note: You this is an existing pool in prod you may want to run the following command to get the email config to make sure you don't override any settings as noted in the update documentation https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html.
aws cognito-idp describe-user-pool --user-pool-id 'USER_POOL_ID' --region us-east-1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
