I have created user pool and adding users to the pool by logging in through the AWS console. When I add a user to the pool, the confirmation status set to "force change password". And an email is get sent to the user email address with a temporary password.
I have built a ReactJS application where I want the user to set their own password. And I intend to use the following workflow in setting their own password.
1.User is on the forgot password page --> 2.user enters the email address --> 3.if user exists, an email is sent to the email address with unique code --> 4.simultaneously user redirected to a page, where user can enter the code and new password.
In the 2 step, where user enters the email address, I have used the following to code to validate if the user exists in the user pool.
import UserPool from "./UserPool";
import { AdminGetUserCommand, CognitoIdentityProviderClient } from "@aws-sdk/client-cognito-identity-provider";
export const getUser = (email) => {
return new Promise( async (resolve, reject) => {
const input = {
UserPoolId: UserPool.getUserPoolId(),
Username: email
};
const client = new CognitoIdentityProviderClient({
region: region_name_here
});
const command = new AdminGetUserCommand(input);
const response = await client.send(command);
});
}
But this piece of code throughs an error. Specifically in the "CognitoIdentityProviderClient", which says "credentials are missing". Can someone let me know what I am doing wrong in here please ? And I need to know how I can use that temp password and set an own password for the users.
I am checking the user exists from the front end, as an example, when user of my application clicks on the forgot password link and enters the email, if the email address is there, an email is generated for that email address with some content on it. So having IAM user credentials is not possible, in my understanding
Please read our documentation and don't assume a behavior like "cause one API acts as X therefore all APIs act as X".
AWS IAM credetnials are needed for ListUsers as described at https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminGetUser.html and that is why you got an error message that says "credentials are missing".
When you use ForgetPassword, as stated in our documentation https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html, you don't need AWS IAM credentials.
Thanks Jeff, I have used the lambda functions, via API Gateway and achieved the same.