Can AWS Cognito allow SignIn with both email and phone number if only email is required for SignUp?

0

I am configuring an AWS Cognito user pool where I want users to be able to SignIn using either their email or phone number. However, I plan to set only the email as a required attribute for SignUp (not the phone number, because I want to add third party auth like Facebook).

My questions are:

1.If I configure SignIn to accept both email and phone number but require only the email attribute for SignUp, will users still be able to register and log in using either their phone number or email?

2.How will users be stored in the Cognito database in this case, especially if they register with a phone number? Will Cognito still properly associate the user accounts even though only the email is set as required?

I’m looking for guidance on whether this configuration will work correctly and how AWS Cognito handles these scenarios.

I tried adding Facebook as a third-party authentication provider in AWS Cognito. However, Facebook does not provide a phone number attribute, and as a result, I encountered an error during implementation. The error stated that Facebook authentication could not be set up because “PhoneNumber” is a required attribute for SignUp in Cognito.

I expected that by configuring Cognito to require only the email for SignUp, it would resolve the issue and still allow users to SignIn with either their email or phone number. However, I am unsure if this configuration will work as expected.

1 Answer
0

Great questions! Let's break down your scenario and address each point:

1. SignIn with Both Email and Phone Number

If you configure AWS Cognito to accept both email and phone number for SignIn but require only the email attribute for SignUp, users will still be able to register and log in using either their email or phone number. This is because Cognito allows flexibility in SignIn options, and you can configure it to accept multiple identifiers for authentication.

2. User Storage in Cognito Database

When users register, even if they only provide an email during SignUp, they can later add a phone number to their account. Cognito will store both attributes and associate them with the same user account. This means that users can log in using either their email or phone number, and Cognito will correctly identify and authenticate them.

Handling Third-Party Authentication

Regarding the issue with Facebook authentication, the error occurs because Cognito expects a phone number if it's set as a required attribute. By configuring Cognito to require only the email for SignUp, you should be able to integrate Facebook authentication without issues. This setup will allow users to SignIn with either their email or phone number, even if they initially registered using Facebook (which doesn't provide a phone number attribute).

profile picture
EXPERT
answered 5 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions