Amazon-cognito-identity-js: Email Verification

Created on 7 Jul 2016  路  11Comments  路  Source: amazon-archives/amazon-cognito-identity-js

I understand that a user can be confirmed programmatically via a lambda trigger, but is it possible to verify an email address without necessitating the user to request / input a verification code? In looking at the cognito API I see AdminUpdateUserAttributes but I do not see an AdminVerifyUserAttribute.

The use case we have is that individuals are invited by their peers into the application. The invitations are delivered via email and contain a unique invitation code that gets passed in to resolve who is responding to an invitation. By virtue of the user receiving the email and submitting the appropriate verification code we are deeming that email verified - and would ideally not require them to request / input another data point that is superfluous in our example. We cannot disable email verification because we very much want to enforce verification for uninvited guests.

I would love to understand if this is presently possible, or if this is something on the roadmap. I suppose we could create separate user pools, to reflect invited and uninvited users - but that seems like a bit of a kludge.

Thanks in advance.

Most helpful comment

Any timeline on updating the docs?

All 11 comments

One more thing, we can not use forget password functions unless email is verified.
This says sort of "Use must verify their email address".

This is not possible at the moment as we don't expose an API for admins to verify user attributes. The use case sounds interesting and I will bring it up with the team.

Any update here?

We have similar problem.

We'd like to send custom email from our domain.
We're using autoConfirmUser: true for pre-signup lambda function and sending the users a custom email from lambda.
But since we cannot verify the user's email automatically, the users cannot reset their password.

Is there any workaround for it?

Custom Message isn't our option since

  • it only allows up to 2048 characters according to the doc.
  • it doesn't allow us to change the sender address.

Thank you for your help.

Actually we have recently added the ability to verify email and verify phone number in the presignup lambda as well. You basically need to set autoVerifyEmail and autoVerifyPhone in the lambda and they will get verified. You will get codes I guess when you try to verify attributes but the use case that you mentioned should be covered now.

Detailed documentation about autoVerifyEmail and autoVerifyPhone is missing from http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html

Thank you for mentioning, we are in the process of updating the documentation.

Any timeline on updating the docs?

Sweet, it appears the Docs have been updated: http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html#cognito-user-pools-lambda-trigger-syntax-pre-signup

Hi @itrestian,

When I set both autoConfirmUser and autoVerifyEmail to true, it simply marks the email address as verified without actually sending a code to the user.

Our use case is to allow users to sign up and log in without having to confirm their email, but we still want to let users explicitly confirm their email; we just don't want to force it on them right after signing up as that adds an extra inconvenience before they can start using the app.

Is there a way to trigger email verification? I tried the ResendConfirmationCode action, but it returns "Error: User is already confirmed."

I have the same problem.
From documentation:
"If a user signs up with both a phone number and an email address, and your user pool settings require verification of both attributes, a verification code is sent via SMS to the phone. The email address is not verified. Your app can call GetUser to see if an email address is awaiting verification. If it is, the app should call GetUserAttributeVerificationCode to initiate the email verification flow and then submit the verification code by calling VerifyUserAttribute."
How can I trigger the email confirmation from lambda?

@cahenyossi I'm just starting to run into that exact problem now. Were you able to make any progress with that?

I created a separate issue https://github.com/aws/amazon-cognito-identity-js/issues/680. Ideally we would leave the user as unconfirmed until both email and phone are verified otherwise you would need many extra API calls to check the email_verified field is true or not..

Was this page helpful?
0 / 5 - 0 ratings