- Newest
- Most votes
- Most comments
Resolved it following https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html article. My requirement was that users should be able to sign in with email or phone number. once they create account, they should be able to sign-in with either of these options to the same account. Also change the email/phone in future for the same account.
-
Created user pool with Multiple (Alias) sign in options.
-
From UI side, during signUp, ensured to pass in forceAliasCreation: true in amplify call.
const res = await Auth.confirmSignUp(username, code, {
forceAliasCreation: true
});
With the above configuration, I was able to log in using email/phone. In addition, If another user attempted to use the same email, Cognito ensured to mark only of the user account's email status as Verified. So only one verified email can sign-in at any time.
The behaviour you're experiencing is an expected behaviour. In this case, you may have configured "username" to be submitted as contact number or email ID. If you check the sub-value of both users, it's different. Let's see below scenario:
User signed up with username as "contact number" and then submits email & password. For two different contact numbers as username, even if you use the same email ID, the user would be created without any exception as you have configured that "Users can use an email address or phone number as their "username" to sign up and sign in" and in this case for both signup's the username(contact number) is different.
Same logic goes if you select "Username - Users can use a username and optionally multiple alternatives to sign up and sign in" option. A user which has unique username, can signup two times with the same email ID, and it would be considered as separate user entity.
Here, if you want that no user should be able to use email ID again to signup as a new user, you may select the option "Email address or phone number - Users can use an email address or phone number as their "username" to sign up and sign in"
and then "Allow email addresses"
.
With respect to the new console, you may select option "Send email message, verify email address"
for "Attribute verification and user account confirmation".
Have a read at below AWS document to understand the process in depth: Signing up and confirming user accounts
Relevant content
- asked 2 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
I could not understand the above suggestion but another article helped me address my query.