CODEWITHSUNDEEP
javascriptamazon-web-servicesaws-lambdaaws-sdkamazon-cognito
Harsh
Harsh

Reputation: 91

AWS Cognito Admin created user temp password verify & reset

I am trying to verify an Admin created a user through password-reset-challenge using AWS Cognito generated a temporary password and I can't find the way or an example on how to use a temporary password and set new passwords for new users in javascript.

Upvotes: 6

Views: 7110

Answers (2)

Harsh
Harsh

Reputation: 91

I did go through the document you referred to. I do not understand what should be 'attributesData'. Below is what I have done till now.

var authenticationData = {
       Username : email,
       Password : temppassword,
   };
   var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
   cognitoUser.authenticateUser(authenticationDetails, {
       onSuccess: function (result) {
           console.log('access token + ' + result.getAccessToken().getJwtToken());
           console.log('idToken + ' + result.idToken.jwtToken);// User authentication was successful
       },

       onFailure: function(err) {
           alert(err);// User authentication was not successful
       },

       newPasswordRequired: function(userAttributes, requiredAttributes) {
           userAttributes: authenticationData; 
           requiredAttributes: email;
           var newPassword: password;
           // attributesData: object with key as attribute name and value that the user has given.
           cognitoUser.completeNewPasswordChallenge(newPassword, attributesData, this)
       }
   });

Upvotes: 0

Joe Lafiosca
Joe Lafiosca

Reputation: 1846

The Amazon Cognito developer guide provides an example of authenticating with a temporary password and handling the newPasswordRequired condition:

cognitoUser.authenticateUser(authenticationDetails, {
    onSuccess: [...],
    onFailure: [...],
    mfaRequired: [...],
    newPasswordRequired: function(userAttributes, requiredAttributes) {
        // User was signed up by an admin and must provide new 
        // password and required attributes, if any, to complete 
        // authentication.

        // userAttributes: object, which is the user's current profile. It will list all attributes that are associated with the user. 
        // Required attributes according to schema, which don’t have any values yet, will have blank values.
        // requiredAttributes: list of attributes that must be set by the user along with new password to complete the sign-in.


        // Get these details and call 
        // newPassword: password that user has given
        // attributesData: object with key as attribute name and value that the user has given.
        cognitoUser.completeNewPasswordChallenge(newPassword, attributesData, this)
    }
});

Excerpted from the guide here: https://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-identity-user-pools-javascript-example-authenticating-admin-created-user.html

Note that the third argument to completeNewPasswordChallenge in the example is this, i.e., the object with the handler functions. This is because completeNewPasswordChallenge requires onSuccess and onFailure handlers, and you can often use the same handlers as you would for the authenticateUser result.

Upvotes: 5

Related Questions