Cognito：Are users with unconfirmed status also considered MAU?

If a user registers via email, but this user gives up the registration halfway through. In the user table of Cognito, the Confirmation status remains "Unconfirm". At the end of the month, Cognito will be paid by the number of MAU. Shoud I pay for the users only with unconfirmed status?

Topics

Front-End Web & Mobile Security, Identity, & Compliance Cloud Financial Management

Tags

AWS Amplify Amazon Cognito AWS Billing DDOS Protection

Language

English

jjshen

asked a month ago181 views

1 Answer

Newest
Most votes
Most comments

Accepted Answer

According to https://docs.aws.amazon.com/cognito/latest/developerguide/quotas.html

A user is counted as a MAU if, within a calendar month, there is an identity operation related to that user. The activities that make a user active include the following.

Sign-up or administrative creation of a user Sign-in User account confirmation or attribute verification Password reset Change user attributes, group membership, or MFA preferences Query detailed attributes of a user User activation, deactivation or deletion

So in your case even if unconfirmed, if that user executed any of the above, it will be counted

EXPERT

Antonio_Lagrotteria

answered a month ago

EXPERT

Mikel Del Tio

reviewed a month ago

EXPERT

Adeleke Adebowale J

reviewed a month ago

jjshen
a month ago
Hi, Thank you for your reply. So I think an unconfirmed user will be regarded as a MAU because he executed the signup operation.

According to the graph in https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html If a user signs up in my user pool's client app, there will become an unconfirmed state record in my cognito user pool even if they have not verified via phone or email. In my opinion, this mechanism will make SMS verification meaningless, as A hacker can easily infiltrate your user pool by adding an unconfirmed user, resulting in significant financial loss.
Ibrahim Cesar
a month ago
To address this concern, enable WAF for User Pools: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html for better protection.
jjshen
a month ago
Hi Ibrahim, Thank you for your reply. My website currently has users under 50000, which is in the range of AWS Free tier. So I want to move the user table from my RDS to Cognito to lighten the burden of the database. If I enable WAF for user pools, it seems I need to pay for WAF and this betrays my original intention. The price for WAF can used for a better RDS instance. But anyway, thank you very much for giving me advice. Maybe Cognito is not suitable for my website. I will try to find another way to improve the performance.

Relevant content

dose cognito guest user also count on MAU for cognito billing?
Accepted Answer
Debnath
asked 18 days ago
Cognito unable to signin or signup users that have unconfirmed status
trax
asked 7 months ago
How can I get MAU's for a Cognito user pool?
rePost-User-7824604
asked 2 years ago
Remove all unconfirmed users in a cognito user pool from the console?
Accepted Answer
AWS-User-3551753
asked 2 years ago
I dropped a user from an Amazon Redshift database, but the user still appears in the pg_class table
AWS OFFICIALUpdated 2 years ago
How do I confirm a user account in Amazon Cognito?
AWS OFFICIALUpdated a year ago
How do I automatically confirm users in Amazon Cognito?
AWS OFFICIALUpdated a year ago
What are the effects of turning on the Prevent User Existence Errors setting in Amazon Cognito?
AWS OFFICIALUpdated a year ago
Amazon WorkSpaces End User Computing (EUC) Deployment Change Management Plan
EXPERT
Dzung_N
published 2 years ago
Optimizing Levenshtein User-Defined Function in Amazon Redshift
EXPERT
Harshida Patel
published 8 months ago