1

I am investigating the recently released migration trigger for cognito user pools. To enable the trigger you need to set the AuthFlow type in the InitiateAuthRequest to be "USER_PASSWORD_AUTH" see here: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-import-using-lambda.html

I want to use the custom auth flow so that I can return a challenge response for email verification is the users are not email verified from the existing user store. However if I set the AuthFlow type to "CUSTOM_AUTH" then the migration trigger is not fired.

Is there a way to get custom auth and migration working at the same time?

Example code:

var client = new AmazonCognitoIdentityProviderClient(Amazon.RegionEndpoint.APSoutheast2);

var authRequest = new InitiateAuthRequest
{
    ClientId = "*********",
    AuthFlow = "USER_PASSWORD_AUTH" // Or AuthFlow = "CUSTOM_AUTH"
};

authRequest.AuthParameters.Add("USERNAME", username);
authRequest.AuthParameters.Add("PASSWORD", password);

var response = await client.InitiateAuthAsync(authRequest);
dpix
  • 2,765
  • 2
  • 16
  • 25

1 Answers1

2

I am on the Cognito team and that is not possible at this point. I can however mention your use case within the team as a feature request.

Ionut Trestian
  • 5,473
  • 2
  • 20
  • 29
  • Thanks, is there a roadmap for features that might be coming out in Cognito? seems like there is a lot of feature requests like this across stackoverflow, github etc. – dpix Feb 27 '18 at 23:50
  • In general, we don't usually communicate on the availability of features or give out timelines for features. – Ionut Trestian Feb 28 '18 at 00:01
  • 1
    Seems like this is still not possible as of 01/2020. I guess batch import of all users beforehand is the only way to go. – Paya Jan 21 '20 at 11:29