Ir para o conteúdo
Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post
sobre o re:Post

Cognito Managed Login has no recovery path for unconfirmed users

0

Amazon Cognito Managed Login has a UX gap in the sign-up confirmation flow that can leave users stranded.

Reproduction steps:

  1. User signs up via Managed Login
  2. User is prompted to enter an email confirmation code
  3. User closes the screen before entering the code
  4. Later, user tries to sign in

Current behavior:

  • The user sees "User is not confirmed"
  • There is no visible option to enter the confirmation code
  • There is no option to resend the confirmation code
  • The user cannot proceed without external support or custom implementation

Expected behavior:

  • From the "User is not confirmed" state, provide:
    • A way to enter the confirmation code
    • A way to resend the confirmation code

Impact: This creates a dead end for legitimate users and increases production support burden, as users cannot recover by themselves. It can also lead to lost user conversions in real-world applications.

This issue makes managed login unsuitable for fully self-service onboarding flows without additional custom implementation.

This is not just a UX improvement request, but a necessary recovery path for real-world usage.

Is there any official workaround for this using managed login only?

Current guidance (including community answers) often suggests deleting the user from the Cognito console as a workaround. However, this is not a viable solution in production, as it requires manual intervention and does not scale for real users.

Tópicos
Segurança, identidade e conformidade
Tags
Amazon Cognito
Idioma
English
feita há 2 meses45 visualizações
1 Resposta
1

How about using the ResendConfirmationCode API and ConfirmSignUp flow to allow the user to re-enter or request a new confirmation code:

https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ResendConfirmationCode.html

https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmSignUp.html

ESPECIALISTA
respondido há 2 meses
ESPECIALISTA
avaliado há 2 meses
  • Akey Skywalker
    há 2 meses

    Thanks for your response.

    The APIs you mentioned are indeed valid, but they require building a custom flow.

    My question specifically refers to the Managed Login experience without additional custom implementation.

    In its current form, Managed Login does not provide a recovery path for users in the "User is not confirmed" state, which creates a dead-end in a fully managed, self-service onboarding flow.

    The issue is not about whether it is technically possible to implement a workaround using APIs, but that this recovery path is missing from the managed login flow itself.

    Is there any built-in way to handle this scenario within Managed Login only?

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Conteúdo relevante