AccountRecovery¶
-
class
aws_cdk.aws_cognito.
AccountRecovery
(value)¶ Bases:
enum.Enum
How will a user be able to recover their account?
When a user forgets their password, they can have a code sent to their verified email or verified phone to recover their account. You can choose the preferred way to send codes below. We recommend not allowing phone to be used for both password resets and multi-factor authentication (MFA).
- See
https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html
- ExampleMetadata
infused
Example:
cognito.UserPool(self, "UserPool", # ... account_recovery=cognito.AccountRecovery.EMAIL_ONLY )
Attributes
-
EMAIL_AND_PHONE_WITHOUT_MFA
¶ Email if available, otherwise phone, but don’t allow a user to reset their password via phone if they are also using it for MFA.
-
EMAIL_ONLY
¶ Email only.
-
NONE
¶ None – users will have to contact an administrator to reset their passwords.
-
PHONE_AND_EMAIL
¶ (Not Recommended) Phone if available, otherwise email, and do allow a user to reset their password via phone if they are also using it for MFA.
-
PHONE_ONLY_WITHOUT_MFA
¶ Phone only, but don’t allow a user to reset their password via phone if they are also using it for MFA.
-
PHONE_WITHOUT_MFA_AND_EMAIL
¶ Phone if available, otherwise email, but don’t allow a user to reset their password via phone if they are also using it for MFA.