Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share
menu search
person
Welcome To Ask or Share your Answers For Others

Categories

I have user pool set up to use email as user identifier (also configured to require email verification). Every main action / flow (login, signup, change password, reset password) seem to work fine and as expected.

The one important thing which does not work as one would expect is change email flow:

When email change is requested, Cognito sends verification code to the new email as expected, but it also updates email to the new value before verification.

This causes a problem when f.ex.: new email was mistyped (so verification code never arrives) and user forgets its password. There seem to be no way to recover from it. Am I missing, misconfigured or abuse something? There is a minimum user pool customisation I did (except case-insensitivity maybe).

What would be the reason that AWS allows to change email before verifying it (even if Cognito actually requires verification during signup, before account is created)?

Is there some user pool configuration settings (or lamba) or local SDK settings I am missing?

BTW: I am using AWSMobileClient from iOS SDK as a client but this probably does not matter(?).

question from:https://stackoverflow.com/questions/65918340/aws-cognito-change-email-require-verification-before-update

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
1.4k views
Welcome To Ask or Share your Answers For Others

1 Answer

Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share
...