Resend Confirmation Code in Cognito

resend confirmation code in Cognito Cognito

• First and foremost, let's set up the AWS SDK and create an instance of the Cognito Identity Service Provider, specifying the AWS region.

» Initialization

const AWS = require('aws-sdk');
const cognitoIdentityServiceProvider = new AWS.CognitoIdentityServiceProvider({ region: 'ap-southeast-1' });

• Use function named handler, which is the entry point for the Lambda function. The function takes an event parameter, which is typically passed when you invoke the Lambda function.

exports.handler = async (event) => {

• Next, use the adminGetUser method to attempt to fetch the user data. Then, check if the email_verified attribute is set to true, indicating that the email has already been verified.

try {
  const userData = await cognitoIdentityServiceProvider.adminGetUser(getUserParams).promise();
  const emailVerified = userData.UserAttributes.find(attr => attr.Name === 'email_verified').Value === 'true';

• Finally, leverage the resendConfirmationCode method to resend the confirmation code to the user's email address.

await cognitoIdentityServiceProvider.resendConfirmationCode(resendParams).promise();
return {
  statusCode: 200,
  body: JSON.stringify('Confirmation code resent successfully'),
};

Here is full code for resending confirmation code in Cognito.

const AWS = require('aws-sdk');
const cognitoIdentityServiceProvider = new AWS.CognitoIdentityServiceProvider({ region: 'ap-southeast-1' });

exports.handler = async (event) => {
  if (event && event.email) {
    const email = event.email;

    const getUserParams = {
      UserPoolId: 'ap-southeast-1_xxxxxx',
      Username: email,
    };

    try {
      const userData = await cognitoIdentityServiceProvider.adminGetUser(getUserParams).promise();
      const emailVerified = userData.UserAttributes.find(attr => attr.Name === 'email_verified').Value === 'true';

      if (emailVerified) {
        return {
          statusCode: 200,
          body: JSON.stringify('Email address is already verified.'),
        };
      } else {
        const resendParams = {
          ClientId: 'xxxxxxxxxxxxxxxxxxx',
          Username: email,
        };

        await cognitoIdentityServiceProvider.resendConfirmationCode(resendParams).promise();

        return {
          statusCode: 200,
          body: JSON.stringify('Confirmation code resent successfully'),
        };
      }
    } catch (error) {
      return {
        statusCode: 500,
        body: JSON.stringify(`Failed to check or resend confirmation code. Furthermore, you can view ${error.message}`),
      };
    }
  } else {
    return {
      statusCode: 400,
      body: JSON.stringify('Missing or invalid email parameter in the request.'),
    };
  }
};

Note: To learn how to grant the necessary permissions to a service role for using the adminGetUser method, you can refer to the following article How to Set Up and Manage IAM Identity Center in AWS

get specified user by email cognito admin change password cognito list user pool cognito disable MFA using AWS CLI cognito get client id from user pool id cognito

You need to login to do this manipulation!