By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cognito Migration user lambda with 2FA email

0

Is it possible to have migration user lambda trigger and a 2 factor auth with email in cognito on sig-in?

I need to migrate users to a cognito user pool each time they login. Migration lambda works fine and users are migrated without a problem.

I also need to have a 2FA with email where i send a code. I've defined all 3 lambdas/challenges (define, create, verify) for a custom auth flow. Using this guide.

Is it possible to invoke the 2FA after the migration lambda? And how?

Topics
Security, Identity, & Compliance.NET on AWS
Tags
Amazon Cognito.NET on AWS
Language
English
AWS - AlexNRO - TD
asked 6 months ago234 views
1 Answer
0
Accepted Answer

I have researched on your use-case internally and on a deep dive with regards to invoke 2FA with email after calling the lambda migration trigger is currently not possible. The only available 2FA methods at present are via TOTP or SMS.

Please accept my sincere apologies for the service limitation and any inconvenience caused due to this. As a workaround, I recommend you to develop custom workflow in their application which asks for MFA after user migration is complete and user logs in.

AWS
SUPPORT ENGINEER
Sanath_M
answered 5 months ago
  • AWS - AlexNRO - TD
    5 months ago

    Thanks for looking into this and thanks for the suggesting a workaround.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content