Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

How do you get out of the SES sandbox to send registration emails with Cognito

-1

Need some assistance from anyone on how to get AWS to let you out of the SES Sandbox. I'm setting up a new account with a small app. The app uses Cognito for user authentication. I would like the app to send Cognito messages such as validation emails forgot password using the domain that we have set up for the app. I asked AWS support to Release Me from the sandbox but they denied my request even though I told them the purpose of the application in the use of SES was interface with Cognito and that there were no plans at this time to use SES for marketing emails. I don't think we will ever be using SES for anything more than AWS functions but I still got denied.

I just need guidance from somebody that got their account out of sandbox mode because I would prefer to send Cognito messages using the domain name.

If anyone is here listening from AWS the Support Case Id is 177741722400433.

This is a startup and niche application if we are lucky has 10,000 users.

Topics
Front-End Web & MobileBusiness ApplicationsSecurity, Identity, & Compliance
Tags
Amazon Simple Email ServiceAmazon Cognito
Language
English
asked 17 days ago52 views
1 Answer
0

To move out of the Amazon SES sandbox, you need to submit a request through the AWS Support Center by opening an SES Sending Limits Increase case. When submitting your request, you'll need to provide specific account details including your mail type, website URL, a detailed use case description, and additional contact addresses.

For your Cognito integration specifically, when describing your use case, focus on explaining that you're using SES for transactional emails (user verification, password resets, and authentication-related messages) rather than marketing purposes. Be clear about your expected sending volume and patterns - mention your projected user base and that emails will be triggered by user actions like registration and password recovery.

The AWS Support team reviews each request to ensure it aligns with their policies and typically responds within 24 hours. If your initial request was denied, you can resubmit with more detailed information about:

  • The transactional nature of your emails (authentication and verification)
  • Your expected sending volume based on user registrations
  • How you'll handle bounces and complaints
  • Your process for ensuring you're only sending to users who have requested accounts

Once approved and out of the sandbox, you'll be able to send emails to any recipient using your verified domain, though you'll still need to verify all identities used as "From," "Source," "Sender," or "Return-Path" addresses. This will allow Amazon Cognito to send messages to your users' email addresses without the sandbox restrictions that currently limit you to verified addresses only.

Consider providing more specific technical details about your application's email flow and emphasizing the low-volume, user-initiated nature of the communications in your next request.
Sources
Email settings for Amazon Cognito user pools - Amazon Cognito
Moving out of the Amazon SES sandbox - Amazon Simple Email Service
Amazon SES Quick start - Amazon Simple Email Service

answered 17 days ago
EXPERT
reviewed 17 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content