admin管理员组

文章数量:1335813

As per docs says .html If the user has not yet verified his email or phone number then 

Auth.forgotPassword(username)

should return some error message. as written in documentation

If neither a verified phone number nor a verified email exists, an InvalidParameterException is thrown.

but it's not raising an exception, instead, I receive a success response. 

"CodeDeliveryDetails":{"AttributeName":"email","DeliveryMedium":"EMAIL","Destination":"m***@g***"}}

I dont receive the email though.

what can be the reason ?

As per docs says https://docs.aws.amazon./cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html If the user has not yet verified his email or phone number then 

Auth.forgotPassword(username)

should return some error message. as written in documentation

If neither a verified phone number nor a verified email exists, an InvalidParameterException is thrown.

but it's not raising an exception, instead, I receive a success response. 

"CodeDeliveryDetails":{"AttributeName":"email","DeliveryMedium":"EMAIL","Destination":"m***@g***."}}

I dont receive the email though.

what can be the reason ?

  • javascript
  • reactjs
  • amazon-web-services
  • amazon-cognito
  • aws-amplify
Share Improve this question asked Apr 23, 2020 at 14:27 umerumer 1,3161 gold badge18 silver badges36 bronze badges 1
  • I've encountered the same issue and unfortunately have not found an answer yet. – Michael Birsak Commented May 12, 2020 at 21:47
Add a ment  | 

3 Answers 3

Reset to default 8

I was seeing the same issue. It turned out to the related to this:

Use the PreventUserExistenceErrors setting of a user pool app client to enable or disable user existence related errors.

mentioned here: https://docs.aws.amazon./cognito/latest/developerguide/cognito-user-pool-managing-errors.html:

After changing that setting on the user pool to 'Legacy' from 'Enabled' I started seeing a 400 response:

{
  "__type": "UserNotFoundException",
  "message": "Username/client id bination not found."
}

@ryan-hines Oh my god, thank you! I've been struggling with this for days.

We had a very similar issue:

  • User signs up via Google
  • User tries to reset password
  • We wanted to disallow this and tell them to use their social login (you'd think Cognito would handle this part, but no)
    • In order to solve this, we wrote a custom Migration lambda to handle "UserMigration_ForgotPassword"
    • Even though we were throwing an Error in the lambda, it was still showing a success message in the UI, but was not sending the email

In the newer Cognito UI, we had to go into:

  • App Integration
  • Click on app client
  • Click "Edit" in App client information section
  • At the bottom under "Advanced security configurations" uncheck "Prevent user existence errors"

Now the UI properly shows a failure when our lambda throws an error.

You need to make sure the email attribute for user is verified

本文标签:

版权声明:本文标题:javascript - AWS Coginto API , Forgot Password Action not raising InvalidParameterException even if neither a verified phone num 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742399895a2467676.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。