interface AllowedFirstAuthFactors
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Cognito.AllowedFirstAuthFactors |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awscognito#AllowedFirstAuthFactors |
 Java | software.amazon.awscdk.services.cognito.AllowedFirstAuthFactors |
 Python | aws_cdk.aws_cognito.AllowedFirstAuthFactors |
 TypeScript (source) | aws-cdk-lib » aws_cognito » AllowedFirstAuthFactors |
The types of authentication that you want to allow for users' first authentication prompt.
Example
new cognito.UserPool(this, 'myuserpool', {
signInPolicy: {
allowedFirstAuthFactors: { password: true, passkey: true },
},
passkeyRelyingPartyId: 'auth.example.com',
passkeyUserVerification: cognito.PasskeyUserVerification.REQUIRED,
});
Properties
| Name | Type | Description |
|---|---|---|
| password | boolean | Whether the password authentication is allowed. |
| email | boolean | Whether the email message one-time password is allowed. |
| passkey? | boolean | Whether the Passkey (WebAuthn) is allowed. |
| sms | boolean | Whether the SMS message one-time password is allowed. |
password
Type:
boolean
Whether the password authentication is allowed.
This must be true.
emailOtp?
Type:
boolean
(optional, default: false)
Whether the email message one-time password is allowed.
passkey?
Type:
boolean
(optional, default: false)
Whether the Passkey (WebAuthn) is allowed.
smsOtp?
Type:
boolean
(optional, default: false)
Whether the SMS message one-time password is allowed.