Is it possible to validate only password for AWS Cognito user with MFA enabled?

Asked Mar 12 '19 at 09:14

Active Mar 12 '19 at 09:30

Viewed 264 times

I have a scenario that requires extra password validation for mission critical parts of an application. i.e. when user performs very sensitive action ze should enter the password in order to confirm the action.

I've tried ADMIN_NO_SRP_AUTH and it would work for users with no MFA enabled. But when SMS_MFA is enabled for a user, even though I validated a password, SMS message is sent. SMS message with no reason confuses user.

Is there a way to skip SMS_MFA for some cases?

edited Mar 12 '19 at 09:30

asked Mar 12 '19 at 09:14

DmytroM

Struggling with the same problem... Have you found the solution yet? – Lusha Li Jun 07 '19 at 18:39
Me too. Any new solutions? – Filip Suk Feb 25 '20 at 09:28
So far (per support) it seems to be impossible. – DmytroM Feb 26 '20 at 11:54
Any update with this? I also require this functionality. Did AWS update this? – U4EA Feb 16 '23 at 15:48

Is it possible to validate only password for AWS Cognito user with MFA enabled?

0 Answers0