MfaSecondFactor¶

class aws_cdk.aws_cognito.MfaSecondFactor(*, otp, sms)¶

Bases: object

The different ways in which a user pool can obtain their MFA token for sign in.

Parameters

otp (bool) – The MFA token is a time-based one time password that is generated by a hardware or software token. Default: false
sms (bool) – The MFA token is sent to the user via SMS to their verified phone numbers. Default: true

See

https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html

ExampleMetadata

infused

Example:

cognito.UserPool(self, "myuserpool",
    # ...
    mfa=cognito.Mfa.REQUIRED,
    mfa_second_factor=cognito.MfaSecondFactor(
        sms=True,
        otp=True
    )
)

Attributes

otp¶

The MFA token is a time-based one time password that is generated by a hardware or software token.

Default: false
See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-totp.html
Return type: bool

sms¶

The MFA token is sent to the user via SMS to their verified phone numbers.

Default: true
See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-sms-text-message.html
Return type: bool