Unconfirmed email in cognito userpool


I'm filtering email in pre-signup lambda function those emails are in cognito userpool can't be used again for sign up, but there is a situation if user leaves an email unconfirmed and latter user uses that mail for signup then pre-signup function will not allow. Tell me should I filter email in lambda or remove the lambda and allow duplicate entries?Enter image description here

1 Answer
Accepted Answer

I would suggest you 2 approaches:

  • I would suggest to enforce “Allow Cognito to automatically send messages to verify and confirm - Recommended”**, this will avoid having spoof email users duplicated, as the email will require confirmation for account creation, mitigating duplicates with unverified emails. Cognito UserPooll Configuration
  • The second option is to have a scheduled Lambda to check and verify emails against unverified and clean up accounts that are not necessary; this is not a best practice as you may run into issues Lambda Timing out after 15 min (depending of the size/users inside of the UserPool), you may want to use this to clean the UserPool, but I would suggest you to look into a different Sign-up flow.
answered a year ago
profile picture
reviewed 5 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions