I m the first time on use the AWS Cognito Auth.
here is my code for ForgotPassword in JAVA:
ForgotPasswordRequest request = ForgotPasswordRequest.builder()
.clientId(GetUserPoolClientId(companyCode))
.username(userEmail)
.build();
ForgotPasswordResponse response = cognitoClient.forgotPassword(request);
the response give me ***@gmail.com, but I do not receive any emails.
If a user signs up with both a phone number and an email address, and your user pool settings require verification of both attributes, Amazon Cognito sends a verification code to the phone number through SMS message.
It is not possible to get a user password from AWS Cognito. Cognito just lets the user reset his password but it has got no API call to perform password retrieval and it's not meant to do that for security reasons.
I've been struggling with this for a couple of days now but finally found an answer. It seems that we can't send forgotPassword email to a user that doesn't have the email verified, and that can happen when you use the AdminCreateUser API since user only receives the email for temporary password and not for email verification.
Verification of a phone or email is necessary to automatically confirm users and enable recovery from forgotten passwords.
https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html?icmpid=docs_cognito_console
Solution:
When you call the AdminCreateUser method you can actually pass the email verified flag as another attribute:
{
//AminCreateUser request ...
"UserAttributes": [
// other user attributes ...
{
"Name": "email_verified",
"Value": "true"
}
],
}
It should also be possible to update the email_verified status with the AdminUpdateUserAttributes API.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With