0

I have my own Users page in my application where user Admin can create a new user. I do not want to let the user sign up by himself, but have the admin of the system add this user.

What do you think the flow for that should be ?

I thought about:

  1. create a new user with username and temp password in the users page.
  2. The user gets an email and presses a link to confirm the email.
  3. The user goes to the login screen of my application and inserts the username and temp password.
  4. the login page changes to Change password so the user will insert the password and confirm the password for him.
  5. when pressing login the user logins to the system.

I cannot find a best practice for adding a new user from a built-in users page in the app. Do you think my flow is reasonable? Do you have any code that I can use for that?

Id1010
  • 3
  • 1

1 Answers1

0

This is pretty close to the flow which Cognito has for admin-created users by default when using the Amplify UI Authenticator component. The only difference is that the temporary password is sent to the user via email, so the admin never needs to see it.

To achieve this, you need to use the AdminCreateUser action. The way you do this will vary depending on the library you're using to communicate with Cognito. If it's Python, you can use boto3. If it's JS, you can use the AWS JS SDK. (Sample code in this GitHub comment.)

It's not required to use Amplify UI, you could write all the pages yourself. But it works well with very little effort and looks quite professional. So it should be the first thing you try. Here's another answer providing sample code for React.

Nick K9
  • 3,885
  • 1
  • 29
  • 62