Want to use an AWS Cognito User Pool without putting a password(for an easier approach)

0 votes
I want to use a phone number as the username for my app and I want it to make it simple to sign up by just having to verify the phone number each time anyone want to login  (don't want to remember any huge passwords)

How to do I do this with AWS Cognito User Pool as its asking me to mandatorily configure a password for each an every user.

Then I used a dummy password for each user and configure mandatory user verification. Every time the user sign out I can "Unverify" the user so that next time they would automatically be asked to verify the phone number. Also, I would wire up my app to only "login" if the user is verified.

Please let me know if it's an appropriate approach.

Thanks !!
May 4, 2018 in AWS by Flying geek
• 3,150 points
1,195 views

1 answer to this question.

0 votes

Currently, AWS Cognito is not supporting passwordless authentication you need to put up some efforts with some random passwords which are stored externally.
You can implement the authentication flow as follows.

After user Signup -> Also ask for the mobile number and make it mandatory ->store the Mobile number -> Username and Password also in Dynamodb encrypted with AWS KMS for an added security

Use MFA with a mobile number for authentication 
If planning to implement the flow manually without using MFA to send the SMS & validation, you may use AWS SNS for that

Check the following code sample to understand the insight of MFA :


   

 var userData = { 
        Username : 'username',
        Pool : userPool
    };

    cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);

    var authenticationData = {
        Username : 'username',
        Password : 'password',
    };

    var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);

    cognitoUser.authenticateUser(authenticationDetails, {
        onSuccess: function (result) {
            alert('authentication successful!')
        },

        onFailure: function(err) {
            alert(err);
        },

        mfaRequired: function(codeDeliveryDetails) {
            var verificationCode = prompt('Please input verification code' ,'');
            cognitoUser.sendMFACode(verificationCode, this);
        }

    });





Note: Here the MFA with a mobile number is not used for the purpose of MFA but as a workaround to meet your requirement.

answered May 4, 2018 by Cloud gunner
• 4,260 points

Related Questions In AWS

0 votes
1 answer
0 votes
1 answer
0 votes
1 answer

How to Enable CORS for an AWS API Gateway Resource

Since you're using Lambda Proxy integration for ...READ MORE

answered Jul 10, 2018 in AWS by Hammer
• 360 points
458 views
+13 votes
2 answers
0 votes
1 answer