AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Is there a way to implement "remember this device" with a CUSTOM_AUTH flow?

0

We use a CUSTOM_AUTH flow, in order to do an email-based MFA code. All of that works fine, users can enter their code and login.

We want to implement "remember this device", and it appears that this behavior is not supported unless you use SMS or TOTP MFA. If I call setRememberDevice(), it does seem to write cookies to my browser.

Is there a solution that allows me to detect if a user has set their RememberMe true, maybe something I can add to the DefineAuthChallenge Lambda that could detect this?

  • Andy Makely
    10달 전

    I can see that the UserPool stores the user's device properties with Remembered: Yes, can a Lambda access that setting on subsequent logins?

  • Andy Makely
    10달 전

    I can get the user's devices list from Cognito during the DefineAuthChallenge Lambda, but I cannot figure out how to get the current user's device key, in order to compare it with the remembered device stored on the Cognito user. If they match, I could choose to skip the email OTP code and just authenticate them.

주제
보안, 신원 및 규정 준수
태그
다단계 인증아마존 코그니토 사용자 풀
언어
English
Andy Makely
질문됨 10달 전398회 조회
1개 답변
0

Hi,

Yes, you can follow this knowledge center document: https://repost.aws/knowledge-center/cognito-user-pool-remembered-devices

Jeff

AWS
Jeff Lombardo-AWS
답변함 10달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠