Is it possible to change with my android App, Cognito user pool user status from FORCE_CHANGE_PASSWORD to CONFIRMED? or from RESET_REQUIRED to CONFIRMED? If yes which API call can I use? In fact, I imported users to Cognito and I don't find a way or any example on how to turn them to CONFIRMED status using my App. Thanks
2 Answers
To change the cognito user pool user status from FORCE_CHANGE_PASSWORD to CONFIRMED-
1.with aws-cli:
get a session token with the temporary password
aws cognito-idp admin-initiate-auth --user-pool-id us-west-2_xxxxxxx --client-id xxxxxxx --auth-flow ADMIN_NO_SRP_AUTH --auth-parameters USERNAME=xxx,PASSWORD=xxx
set new password with the session token
aws cognito-idp admin-respond-to-auth-challenge --user-pool-id xxxx --client-id xxxx --challenge-name NEW_PASSWORD_REQUIRED --challenge-responses NEW_PASSWORD=xxx,USERNAME=xxx --session session_key_from_previous_token
2.with aws-sdk:
get a session token with the temporary password
cognitoidentityserviceprovider.adminInitiateAuth( { AuthFlow: 'ADMIN_NO_SRP_AUTH', ClientId: 'xxx', UserPoolId: 'xxx', AuthParameters: { USERNAME: 'xxx', PASSWORD: 'temporary_password' } }, function(err, data) { if (err) console.log(err, err.stack); // an error occurred else console.log(data); // successful response });
set new password with the session token
var params = { ChallengeName: 'NEW_PASSWORD_REQUIRED', ClientId: 'xxxx', ChallengeResponses: { USERNAME: 'xxx', NEW_PASSWORD: 'xxx' }, Session: 'session_key_from_previous_token' }; cognitoidentityserviceprovider.respondToAuthChallenge(params, function(err, data) { if (err) console.log(err, err.stack); // an error occurred else console.log(data); // successful response });
Note: If get an error about "Unable to verify secret hash for client", create another app client without a secret and use that.
-
1I used the aws-cli method given here to move my test user from FORCE_PASSWORD_CHANGE to CONFIRMED. Thanks for the answer. I think the original poster should consider marking this answer correct. Commented Sep 17, 2019 at 19:11
To change the status of the user you just need to go through the respective flows. To change FORCE_CHANGE_PASSWORD
to CONFIRMED
, you would need to use the one time password and login and change your password. For RESET_REQUIRED
, you would need to use the Forgot Password flow and that will change the status to CONFIRMED
.