• First and foremost, let's set up the AWS SDK and create an instance of the Cognito Identity Service Provider, specifying the AWS region.
» Initialization
const AWS = require('aws-sdk');
const cognitoIdentityServiceProvider = new AWS.CognitoIdentityServiceProvider({ region: 'ap-southeast-1' });
• Use function named handler, which is the entry point for the Lambda function. The function takes an event parameter, which is typically passed when you invoke the Lambda function.
exports.handler = async (event) => {
• Next, use the adminGetUser method to attempt to fetch the user data. Then, check if the email_verified attribute is set to true, indicating that the email has already been verified.
try {
const userData = await cognitoIdentityServiceProvider.adminGetUser(getUserParams).promise();
const emailVerified = userData.UserAttributes.find(attr => attr.Name === 'email_verified').Value === 'true';
• Finally, leverage the resendConfirmationCode method to resend the confirmation code to the user's email address.
await cognitoIdentityServiceProvider.resendConfirmationCode(resendParams).promise();
return {
statusCode: 200,
body: JSON.stringify('Confirmation code resent successfully'),
};
Here is full code for resending confirmation code in Cognito.
const AWS = require('aws-sdk');
const cognitoIdentityServiceProvider = new AWS.CognitoIdentityServiceProvider({ region: 'ap-southeast-1' });
exports.handler = async (event) => {
if (event && event.email) {
const email = event.email;
const getUserParams = {
UserPoolId: 'ap-southeast-1_xxxxxx',
Username: email,
};
try {
const userData = await cognitoIdentityServiceProvider.adminGetUser(getUserParams).promise();
const emailVerified = userData.UserAttributes.find(attr => attr.Name === 'email_verified').Value === 'true';
if (emailVerified) {
return {
statusCode: 200,
body: JSON.stringify('Email address is already verified.'),
};
} else {
const resendParams = {
ClientId: 'xxxxxxxxxxxxxxxxxxx',
Username: email,
};
await cognitoIdentityServiceProvider.resendConfirmationCode(resendParams).promise();
return {
statusCode: 200,
body: JSON.stringify('Confirmation code resent successfully'),
};
}
} catch (error) {
return {
statusCode: 500,
body: JSON.stringify(`Failed to check or resend confirmation code. Furthermore, you can view ${error.message}`),
};
}
} else {
return {
statusCode: 400,
body: JSON.stringify('Missing or invalid email parameter in the request.'),
};
}
};
Note: To learn how to grant the necessary permissions to a service role for using the adminGetUser method, you can refer to the following article How to Set Up and Manage IAM Identity Center in AWS