Is there a way to implement "remember this device" with a CUSTOM_AUTH flow?

0

We use a CUSTOM_AUTH flow, in order to do an email-based MFA code. All of that works fine, users can enter their code and login.

We want to implement "remember this device", and it appears that this behavior is not supported unless you use SMS or TOTP MFA. If I call setRememberDevice(), it does seem to write cookies to my browser.

Is there a solution that allows me to detect if a user has set their RememberMe true, maybe something I can add to the DefineAuthChallenge Lambda that could detect this?

  • I can see that the UserPool stores the user's device properties with Remembered: Yes, can a Lambda access that setting on subsequent logins?

  • I can get the user's devices list from Cognito during the DefineAuthChallenge Lambda, but I cannot figure out how to get the current user's device key, in order to compare it with the remembered device stored on the Cognito user. If they match, I could choose to skip the email OTP code and just authenticate them.

preguntada hace un año528 visualizaciones
1 Respuesta
0

Hi,

Yes, you can follow this knowledge center document: https://repost.aws/knowledge-center/cognito-user-pool-remembered-devices

Jeff

AWS
respondido hace un año

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas