Steps to validate user after Force change password

Question

Hi team,

I created a new user in my Cognito user pool with `AdminCreateUser` AP call, the user is added with sates `Force change password`

then the user will be prompted with an angular front-end page to enter a new password.

I'm confused about which method I can use to confirm the user: `adminConfirmSignUp, initiateAuth, adminInitiateAuth, AdminRespondToAuthChallenge or adminSetUserPassword`

do the user need the temporary password received by email to signup? or only his new password? i don't see any SDK API that takes the 2 arguments:

1 -  temporary password generated b Cognito

2 - the user chooses the new password

my goal is to give the user access, move away from `Force change password` status, and have a confirmed user who can log in and have an access token.

what are the API calls to do after the user receives the invitation message with a temporary password and gives his new password?

Thank you team for clarification

appreciate any example that helps me continue the process after `AdminCreateUser` and `Force change password`

Thank you!!

AWS-Wole · Answer

Hello,

When the user authenticates (InitiateAuth) using the temporary password, Cognito will respond with a ChallengeName=NEW_PASSWORD_REQUIRED. You then need to use RespondToAuthChallenge to respond to the challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned in the requiredAttributes parameter.

Please see the ChallengeName Response Elements of InitiateAuth here [1].

[1] https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html#API_InitiateAuth_ResponseElements

Steps to validate user after Force change password

Add your answer

Relevant content