I have 2 Cognito user-pools.
First one I have created on August 20, 2021. The following is the configuration:
{
"UserPool": {
"Id": "us-east-2_************",
"Name": "dev-mobileapp-users",
"Policies": {
"PasswordPolicy": {
"MinimumLength": 8,
"RequireUppercase": true,
"RequireLowercase": true,
"RequireNumbers": true,
"RequireSymbols": true,
"TemporaryPasswordValidityDays": 7
}
},
"DeletionProtection": "INACTIVE",
"LambdaConfig": {
"PreSignUp": "arn:aws:lambda:us-east-2:123456789009:function:dev-mobileapp-users-presignup-trigger"
},
"LastModifiedDate": "2024-02-16T11:13:49.777000+05:30",
"CreationDate": "2021-08-20T10:59:47.932000+05:30",
"SchemaAttributes": [
{
"Name": "sub",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": false,
"Required": true,
"StringAttributeConstraints": {
"MinLength": "1",
"MaxLength": "2048"
}
},
{
"Name": "name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "given_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "family_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "middle_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "nickname",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "preferred_username",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "profile",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "picture",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "website",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "email",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": true,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "email_verified",
"AttributeDataType": "Boolean",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false
},
{
"Name": "gender",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "birthdate",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "10",
"MaxLength": "10"
}
},
{
"Name": "zoneinfo",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "locale",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "phone_number",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": true,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "phone_number_verified",
"AttributeDataType": "Boolean",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false
},
{
"Name": "address",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "updated_at",
"AttributeDataType": "Number",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"NumberAttributeConstraints": {
"MinValue": "0"
}
}
],
"AutoVerifiedAttributes": [
"email"
],
"UsernameAttributes": [
"email"
],
"SmsVerificationMessage": "Your verification code is {####}. ",
"EmailVerificationMessage": "Please enter this verification code to verify your identity:\n{####}\n\nIf you did not make this request, please email [email protected].\n\nThanks,\nThe Abc Team",
"EmailVerificationSubject": "Your verification code",
"VerificationMessageTemplate": {
"SmsMessage": "Your verification code is {####}. ",
"EmailMessage": "Please enter this verification code to verify your identity:\n{####}\n\nIf you did not make this request, please email [email protected].\n\nThanks,\nThe Abc Team",
"EmailSubject": "Your verification code",
"DefaultEmailOption": "CONFIRM_WITH_CODE"
},
"SmsAuthenticationMessage": "Your verification code is {####}. ",
"UserAttributeUpdateSettings": {
"AttributesRequireVerificationBeforeUpdate": []
},
"MfaConfiguration": "OPTIONAL",
"DeviceConfiguration": {
"ChallengeRequiredOnNewDevice": true,
"DeviceOnlyRememberedOnUserPrompt": true
},
"EstimatedNumberOfUsers": 689,
"EmailConfiguration": {
"SourceArn": "arn:aws:ses:us-east-1:123456789009:identity/[email protected]",
"EmailSendingAccount": "COGNITO_DEFAULT"
},
"SmsConfiguration": {
"SnsCallerArn": "arn:aws:iam::123456789009:role/service-role/devmobileappusers-SMS-Role",
"ExternalId": "8d37769d-08cd-44e7-987a-******************",
"SnsRegion": "us-east-1"
},
"UserPoolTags": {},
"Domain": "devmobileappusers",
"AdminCreateUserConfig": {
"AllowAdminCreateUserOnly": false,
"UnusedAccountValidityDays": 7,
"InviteMessageTemplate": {
"SMSMessage": "Your username is {username} and temporary password is {####}. ",
"EmailMessage": "Your username is {username} and temporary password is {####}. ",
"EmailSubject": "Your temporary password"
}
},
"UsernameConfiguration": {
"CaseSensitive": false
},
"Arn": "arn:aws:cognito-idp:us-east-2:123456789009:userpool/us-east-2_*********",
"AccountRecoverySetting": {
"RecoveryMechanisms": [
{
"Priority": 1,
"Name": "verified_email"
}
]
}
}
}
Second one I have created on August 23, 2023. The following is the configuration:
{
"UserPool": {
"Id": "us-east-2_***********",
"Name": "devint-mobileapp-users",
"Policies": {
"PasswordPolicy": {
"MinimumLength": 8,
"RequireUppercase": true,
"RequireLowercase": true,
"RequireNumbers": true,
"RequireSymbols": true,
"TemporaryPasswordValidityDays": 7
}
},
"DeletionProtection": "ACTIVE",
"LambdaConfig": {
"PreSignUp": "arn:aws:lambda:us-east-2:123456789098:function:dev-mobileapp-users-presignup-trigger"
},
"LastModifiedDate": "2024-02-15T10:30:19.365000+05:30",
"CreationDate": "2023-08-23T16:00:18.471000+05:30",
"SchemaAttributes": [
{
"Name": "sub",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": false,
"Required": true,
"StringAttributeConstraints": {
"MinLength": "1",
"MaxLength": "2048"
}
},
{
"Name": "name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "given_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "family_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "middle_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "nickname",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "preferred_username",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "profile",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "picture",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "website",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "email",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": true,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "email_verified",
"AttributeDataType": "Boolean",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false
},
{
"Name": "gender",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "birthdate",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "10",
"MaxLength": "10"
}
},
{
"Name": "zoneinfo",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "locale",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "phone_number",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": true,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "phone_number_verified",
"AttributeDataType": "Boolean",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false
},
{
"Name": "address",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "updated_at",
"AttributeDataType": "Number",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"NumberAttributeConstraints": {
"MinValue": "0"
}
},
{
"Name": "custom:internal-token",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "5"
}
},
{
"Name": "custom:user_token",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "1"
}
}
],
"AutoVerifiedAttributes": [
"email"
],
"UsernameAttributes": [
"email"
],
"VerificationMessageTemplate": {
"DefaultEmailOption": "CONFIRM_WITH_CODE"
},
"UserAttributeUpdateSettings": {
"AttributesRequireVerificationBeforeUpdate": []
},
"MfaConfiguration": "OPTIONAL",
"DeviceConfiguration": {
"ChallengeRequiredOnNewDevice": true,
"DeviceOnlyRememberedOnUserPrompt": true
},
"EstimatedNumberOfUsers": 577,
"EmailConfiguration": {
"SourceArn": "arn:aws:ses:us-east-2:123456789098:identity/[email protected]",
"EmailSendingAccount": "COGNITO_DEFAULT"
},
"SmsConfiguration": {
"SnsCallerArn": "arn:aws:iam::123456789098:role/service-role/stagingmobileappusers-SMS-Role",
"ExternalId": "3f0cc307-d5dd-44be-96ff-************",
"SnsRegion": "us-east-1"
},
"UserPoolTags": {},
"Domain": "devint-appusers",
"AdminCreateUserConfig": {
"AllowAdminCreateUserOnly": false,
"UnusedAccountValidityDays": 7
},
"UsernameConfiguration": {
"CaseSensitive": false
},
"Arn": "arn:aws:cognito-idp:us-east-2:123456789098:userpool/us-east-2_********",
"AccountRecoverySetting": {
"RecoveryMechanisms": [
{
"Priority": 1,
"Name": "verified_email"
}
]
}
}
}
The following is the sample code for my MFA with SMS setup:
import Amplify, { Auth } from 'aws-amplify';
Amplify.configure({
Auth: {
region: 'us-east-2',
userPoolId: 'us-east-2_FSabCdeff',
userPoolWebClientId: '2lehdjcn73nnfmmjfnvgg53'
}
});
var globalUser = null
async function signIn(event) {
try {
event.preventDefault();
console.log('event::',event)
const username = event.currentTarget.elements.usernameInput.value;
const password = event.currentTarget.elements.passwordInput.value
const user = await Auth.signIn(username, password);
globalUser = user
console.log('user: ', user);
} catch (error) {
console.log('error signing in', error);
}
}
async function verify2FA(event) {
try {
event.preventDefault();
const otpCode = event.currentTarget.elements.otpField.value;
const loggedUser = await Auth.confirmSignIn( globalUser, otpCode, 'SMS_MFA' );
console.log('user: ', loggedUser);
const result = await Auth.rememberDevice();
console.log('Remember:',result);
} catch (error) {
console.log('error verifying otp', error);
}
}
function App() {
return (
<div className="App">
______________________________________________
<h2>Sign in</h2>
<form onSubmit={signIn}>
<div>
<label htmlFor="usernameInput">Username:</label>
<input id="usernameInput" type="text" />
</div>
<div>
<label htmlFor="passwordInput">Password:</label>
<input id="passwordInput" type="text" />
</div>
<button type="submit">Submit</button>
</form>
______________________________________________
______________________________________________
<h2>MFA - SMS</h2>
<form onSubmit={verify2FA}>
<div>
<label htmlFor="otpField">OTP:</label>
<input id="otpField" type="text" />
</div>
<button type="submit">Submit</button>
</form>
______________________________________________
</div>
);
}
export default App;
Remember device and suppress MFA for subsequent logins are working fine for dev-mobileapp-users user pool. But for the other user-pool, it is always prompting for MFA. When I compare the configurations, everything looks the same. I am not getting why this issue is happening. Is this some problem with Cognito or any configuration mismatch from my end. I don't know.
But one point I have noticed is that, for dev-mobileapp-users in the Device tracking log section, I can see the device I used to login as Remembered = YES with a full Name of the device.
At the same time for the other user-pool, the Device tracking log section is showing my device as Remembered = YES, but Name is showing as empty (-).
I am wondering why the same code is behaving differently on 2 user-pools though the configurations are the same.
Any thoughts on this problem?