Want to use an AWS Cognito User Pool without putting a password for an easier approach

0 votes
I want to use a phone number as the username for my app and I want it to make it simple to sign up by just having to verify the phone number each time anyone want to login  (don't want to remember any huge passwords)

How to do I do this with AWS Cognito User Pool as its asking me to mandatorily configure a password for each an every user.

Then I used a dummy password for each user and configure mandatory user verification. Every time the user sign out I can "Unverify" the user so that next time they would automatically be asked to verify the phone number. Also, I would wire up my app to only "login" if the user is verified.

Please let me know if it's an appropriate approach.

Thanks !!
May 4, 2018 in AWS by Flying geek
• 3,280 points
5,505 views

1 answer to this question.

0 votes

Currently, AWS Cognito is not supporting passwordless authentication you need to put up some efforts with some random passwords which are stored externally.
You can implement the authentication flow as follows.

After user Signup -> Also ask for the mobile number and make it mandatory ->store the Mobile number -> Username and Password also in Dynamodb encrypted with AWS KMS for an added security

Use MFA with a mobile number for authentication 
If planning to implement the flow manually without using MFA to send the SMS & validation, you may use AWS SNS for that

Check the following code sample to understand the insight of MFA :


   

 var userData = { 
        Username : 'username',
        Pool : userPool
    };

    cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);

    var authenticationData = {
        Username : 'username',
        Password : 'password',
    };

    var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);

    cognitoUser.authenticateUser(authenticationDetails, {
        onSuccess: function (result) {
            alert('authentication successful!')
        },

        onFailure: function(err) {
            alert(err);
        },

        mfaRequired: function(codeDeliveryDetails) {
            var verificationCode = prompt('Please input verification code' ,'');
            cognitoUser.sendMFACode(verificationCode, this);
        }

    });





Note: Here the MFA with a mobile number is not used for the purpose of MFA but as a workaround to meet your requirement.

answered May 4, 2018 by Cloud gunner
• 4,670 points

Related Questions In AWS

0 votes
1 answer
0 votes
1 answer

How to create a password for an IAM user?

Hi@akhtar, You can create a password for the specified ...READ MORE

answered Nov 3, 2020 in AWS by MD
• 95,460 points
808 views
0 votes
1 answer
0 votes
1 answer
+15 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 27, 2018 in DevOps & Agile by DragonLord999
• 8,450 points
4,035 views
+2 votes
1 answer
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP