When I create my user pool, in Multi-factor authentication , MFA enforcement I can choose:
- Require MFA - Recommended
- Optional MFA
- No MFA
The Require MFA works fine in its way.
Optional MFA does not work at all, either during authentication or Update MFA configuration.
Could someone tell me if this is fixable or it is just impossible to use Optional MFA ?
What behaviour are you seeing for optional ? According to
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/cognito-idp.html#CognitoIdentityProvider.Client.create_user_pool
OPTIONAL - Users have the option when registering to create an MFA token.
The correct behaviour should be that we can enable MFA token during Optional MFA. Which we cannot at all during Optional MFA.