Change cognito user pool user status

Question

Is it possible to change with my android App, Cognito user pool user status from FORCE_CHANGE_PASSWORD to CONFIRMED? or from RESET_REQUIRED to CONFIRMED? If yes which API call can I use? In fact, I imported users to Cognito and I don't find a way or any example on how to turn them to CONFIRMED status using my App. Thanks

Using the adminSetUserPassword to set a temporary password on user in RESET_REQUIRED will change them to FORCE_CHANGE_PASSWORD. — tschumann, Commented Jul 19, 2021 at 5:09

Mahbubur Rahman · Accepted Answer · 2018-06-06 06:39:26Z

To change the cognito user pool user status from FORCE_CHANGE_PASSWORD to CONFIRMED-

1.with aws-cli:

get a session token with the temporary password

aws cognito-idp admin-initiate-auth --user-pool-id us-west-2_xxxxxxx --client-id xxxxxxx --auth-flow ADMIN_NO_SRP_AUTH --auth-parameters USERNAME=xxx,PASSWORD=xxx

set new password with the session token

aws cognito-idp admin-respond-to-auth-challenge --user-pool-id xxxx --client-id xxxx --challenge-name NEW_PASSWORD_REQUIRED --challenge-responses NEW_PASSWORD=xxx,USERNAME=xxx --session session_key_from_previous_token

2.with aws-sdk:

get a session token with the temporary password

cognitoidentityserviceprovider.adminInitiateAuth(
{ 
   AuthFlow: 'ADMIN_NO_SRP_AUTH', 
   ClientId: 'xxx', 
   UserPoolId: 'xxx', 
   AuthParameters: 
     { USERNAME: 'xxx', PASSWORD: 'temporary_password' } 
},  function(err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

set new password with the session token

var params = {
  ChallengeName: 'NEW_PASSWORD_REQUIRED', 
  ClientId: 'xxxx',
  ChallengeResponses: {
  USERNAME: 'xxx',
  NEW_PASSWORD: 'xxx'
},
Session: 'session_key_from_previous_token'
};

cognitoidentityserviceprovider.respondToAuthChallenge(params,   function(err, data) {
   if (err) console.log(err, err.stack); // an error occurred
   else     console.log(data);           // successful response
});

Note: If get an error about "Unable to verify secret hash for client", create another app client without a secret and use that.

I used the aws-cli method given here to move my test user from FORCE_PASSWORD_CHANGE to CONFIRMED. Thanks for the answer. I think the original poster should consider marking this answer correct. — mmachenry, Commented Sep 17, 2019 at 19:11

Yves M. · Accepted Answer · 2018-09-03 13:42:00Z

4

To change the status of the user you just need to go through the respective flows. To change FORCE_CHANGE_PASSWORD to CONFIRMED, you would need to use the one time password and login and change your password. For RESET_REQUIRED, you would need to use the Forgot Password flow and that will change the status to CONFIRMED.

edited Sep 3, 2018 at 13:42

Yves M.

30.6k23 gold badges109 silver badges148 bronze badges

answered Nov 2, 2016 at 17:10

Ionut Trestian

5,5812 gold badges21 silver badges30 bronze badges

Add a comment |

Collectives™ on Stack Overflow

Change cognito user pool user status

2 Answers 2

Not the answer you're looking for? Browse other questions tagged
amazon-web-services
amazon-cognito
or ask your own question.

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

Not the answer you're looking for? Browse other questions tagged amazon-web-servicesamazon-cognito or ask your own question.

Related

Not the answer you're looking for? Browse other questions tagged
amazon-web-services
amazon-cognito
or ask your own question.