I am using AWS Cognito as my user management store for the application I am developing using ReactJS.
At the start an admin user logs into the AWS console and creates a user using an email address and a temporary password. And when the user is created, an automatic email gets sent to the email address with the temp password that admin set. And the user's confirmation status set to "force change password".
As I am new to the AWS Cognito, I want to know how the rest of the workflow works. Especially how can I use the temp password to first time logs into the system, what API call I need to call ?
UPDATE:
I have the following code to login user to the application, where it sends a request to the API. I have entered the email address and the temp password and try to authenticate the user, instead getting "{"__type":"NotAuthorizedException","message":"Incorrect username or password."}" error message.
import { AuthenticationDetails, CognitoUser, } from "amazon-cognito-identity-js";
import UserPool from "./UserPool";
export const authenticate = (email, password) => {
return new Promise( (resolve, reject) => {
const user = new CognitoUser({
Username: email,
Pool: UserPool
});
const authDetails = new AuthenticationDetails({
Username: email,
password
});
user.authenticateUser(authDetails, {
onSuccess: (result) => {
console.log('login successful');
resolve(result);
},
onFailure: (error) => {
console.log('login failed');
reject(error);
}
});
});
}
I was expecting some other error, such like, as an example, "user needs to change password". But instead got the above error.
UPDATE ON THE QUESTION
I have googled to see if there is a solution to send requests directly to Cognito user pool, thorough my ReactJS application. But I have not found any good solutions on how to do that. @Jeff Lombardo-AWS below suggested me to use the Amplify to achieve the same. But I was not interested in using Amplify for my application.
I have written the authentication logic in Python and put it into a lambda function and called the lambda function (through API Gateway) in my application. And I have successfully implemented the authentication flow.
Is there a way to do it without using Amplify ? I can not find the correct documentation (I am new to Cognito) where I can get the help on building the correct authentication flow using Cognito.
Amplify uses
amazon-cognito-identity-js
behind the scene so you can integrate this library directly and follow documentation at https://github.com/aws-amplify/amplify-js/tree/main/packages/amazon-cognito-identity-js