Why is cognito user action password reset, confirm account and delete user disabled in AWS console UI



After creating a user pool and adding a new user using AWS Console UI. Enter image description here

with simply creating a user without confirmation and password Enter image description here

i verified/activated the user through Cognito API call

but why are user options below disabled? : Enter image description here

all actions can be taken trough API, but what is required to have the options available in AWS Console? FYI: giving myself full access trough IAM did not seem to change anything.

Kind regards,


1 Answer


You cannot delete a user if the user is not disabled first. As of now the user is Account status -> Enbabled. Please first, cick on Disable user access and you will see that the Delete useroption will become activated.

You cannot confirm a user that has already the Confirmation status set to Confirmed.

For the Reset Password being greyed out... I cannot say from the data you provide here. But the fact that you mistaken the user for the screenshot as you said the 'user has created with no confirmation' and the Confirmation status is set to Confirmed, I would ask you to redo the check on your side and provide additional details if the problem is still there by providing a larger screen capture of the user profile to see the password status for this user.


answered a year ago
  • I have an account that is not confirmed, it is marked as "force password change" or something, and I can't confirm it either.... The option is always disabled for all users I try. I tried with users I manually created on the user pool (added user name and email, marked email as NOT verified, added a fixed password, tried with random generated password as well. All cases the option is always greyed out. Is there any way to activate the user or resend the invitation email through the console without having to use the AWS Cli everytime? Or is there any documentation regarding these features that can clarify it more?

  • Hi there,

    So to answer my own question. When creating a user pool you are offered to what methods are allowed to be used for login. username, email and something else.

    In this case wanted to just manage users and only use a username. Where the admin would manually reset passwords as requested. In this configuration, all options for password reset and confirmation will be disabled. In order for it not to be disabled, the user had to have an email associated with it.

    since it was still in development fase, recreated the user pool with sign in for username and email. then when creating a user i used a predefined self generated password and disabled the check send invite.

    we can continue and mark user as verified. The only thing that could not be done was to the mandatory password reset. For this in the login flow the same password was send back to verify it.

    Kind regards,


You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions