1 Resposta
- Mais recentes
- Mais votos
- Mais comentários
0
Hi,
You are right, this behavior is to protect Cognito customers from username enumeration risks. The behavior is highlighted in the managing error messages page and applied when prevent user existence error is enabled.
When you enable custom error responses, Amazon Cognito authentication APIs return a generic authentication failure response. The error response tells you the user name or password is incorrect. Amazon Cognito account confirmation and password recovery APIs return a response indicating a code was sent to a simulated delivery medium.
Conteúdo relevante
- AWS OFICIALAtualizada há um ano
- AWS OFICIALAtualizada há um ano
- AWS OFICIALAtualizada há um ano