I'm trying to reset the MFA (Multi-Factor Authentication) for an AWS Cognito user as an admin using the AWS SDK, but I'm encountering issues even though the API call itself seems to be working.
I've found this topic that mention it but it's starting to get old and the supposed workaround (my code is based on it) doesn't seem to work.
I find it very weird that a service like Cognito didn't think to implement this action..
const AWS = require('aws-sdk');
// Configuring AWS
AWS.config.update({ region: 'eu-west-3' }); // replace 'your region' with your actual region
// Specify the region
const credentials = new AWS.SharedIniFileCredentials({profile: 'xxx'});
AWS.config.credentials = credentials;
async function resetMfa(username, userPoolId) {
const cognito = new AWS.CognitoIdentityServiceProvider();
await cognito.adminSetUserMFAPreference({
UserPoolId: userPoolId,
Username: username,
SoftwareTokenMfaSettings: {
Enabled: false,
}
}).promise();
}
const username = "USERNAME";
const userPoolId = "eu-west-3_ID";
// Call function with the username and UserPoolId you want to reset MFA for
resetMfa(username, userPoolId)
.then(() => console.log('MFA reset successfully'))
.catch(err => console.error(err));
The issue I'm facing is that the code runs without any errors, but the MFA is not actually getting reset for the user. My goal is to reset the MFA as an admin for a user who has lost their device, for example.
Here are a few additional details:
I have confirmed that the profile 'Backupta-dev' is present in the AWS credentials file, and other AWS SDK operations using this profile work correctly. The AWS SDK version I'm using is 2.x. The AWS region is correctly configured in the code. I have the necessary permissions to perform the adminSetUserMFAPreference operation. Any suggestions or insights into what could be causing this issue would be greatly appreciated. Thank you in advance for your help!
