AWS Cognito fails to resetPassword() for verified email
I'm having an issue with Cognito from AWS. After creating new identity and user pools for, and registering them for MFA (email), I cannot use the "resetPassword" functionality. It does not work even from the console, when I click onto the user and try to manually reset their password from the AWS GUI, I get this error message:
Cannot reset password for the user as there is no registered/verified email or phone_number
However, I've checked multiple times and the email is verified, I see this displayed in the console:
I also see email_verified: true when I query AWS directly with aws cognito-idp. I've also gone through the signIn process with this account, and encountered no errors. I can also receive MFA confirmation codes and they work. resetPassword is the one thing that does not seem to work.
However, no matter what I do I keep getting an error that there is no "registered/verified email or phone_number". phone_number isn't required anywhere in my user or identity pool.
For what it's worth, we use Amazon SES for delivering the MFA codes, and it's how I'd expect to receive an email containing "reset password" instructions.
Any help would be appreciated, thanks.
It turns out that the `phone_number` and `phone_number_verified` were both required by my user pool. From the AWS docs:
For example, users can’t set up email MFA when your recovery option is Email only. This is because you can't enable email MFA and set the recovery option to Email only in the same user pool. When you set this option to Email if available, otherwise SMS, email is the priority recovery option but your user pool can fall back to SMS message when a user isn't eligible for email-message recovery.
Ultimately the problem was that you cannot have MFA with email only and have it be the only recovery option. SMS is required in those cases.
Source: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html
- AWS AppSync Lambda authoriser always results in "Error: Request failed with status code 401"
- How to make CloudFront never cache index.html on S3 bucket
- AWS Cognito - How to force select account when signing in with Google
- aws_instance - changing volume_size
- couldn't get current server API group list: the server has asked for the client to provide credentials error: You must be logged in to the server
- aws s3 ls: An HTTP Client raised an unhandled exception: Invalid header value
- LocalStack TestContainer + AWS SQS + Spring Boot -> Unable to execute HTTP request
- Deleting cognito user & identity has no affect on user access
- I am trying to add a cloudfront behavior to my an origin and I am getting InvalidArgument: The parameter CachedMethods is required
- Zip multiple S3 files and stream the archive back to S3 using limited memory
- AWS public IPv4 address usage
- run scheduled task in AWS without cron
- Why can't I connect AWS RDS instance from EC2 instance in another VPC after peering
- Target Group Binding not getting created for an ALB
- How to rename MYSQL database in RDS?
- Why does Getting a record, modifying its primary key, and then Putting it back seem to overwrite the record if the primary keys are different?
- How do you add python packages in AWS Glue 3.0 Jupyter Notebook jobs?
- Running Jupyter Notebook on AWS Lambda
- Use AWS Lambda to execute a jupyter notebook on AWS Sagemaker
- Retrieve Amazon Reviews user emails through API
- How to link "aws_apigatewayv2_route" with "aws_apigatewayv2_integration"?
- Security group setup to restrict EC2 to VPC lambda
- Get files names in sub-directories in a directory in AWS3 by C#
- AWS EC2 Connection closed by when trying ssh into instance
- Selling Partner API Amazon 400 bad request
- AWS credentials from 'Single Sign On' expire too frequently - how can I get credentials with a longer lifetime?
- How to connect a lambda to a database accessible locally on Mac's localhost when using sam
- AWS EC2 Placement Groups: Partition vs Spread
- Can I trace every request using AWS X-Ray?
- Lambda cold start possible solution?