MfaSecondFactor
- class aws_cdk.aws_cognito.MfaSecondFactor(*, otp, sms, email=None)
Bases:
object
The different ways in which a user pool can obtain their MFA token for sign in.
- Parameters:
otp (
bool
) – The MFA token is a time-based one time password that is generated by a hardware or software token. Default: falsesms (
bool
) – The MFA token is sent to the user via SMS to their verified phone numbers. Default: trueemail (
Optional
[bool
]) – The MFA token is sent to the user via EMAIL. To enable email-based MFA, setemail
property to the Amazon SES email-sending configuration and setfeturePlan
toFeaturePlan.ESSENTIALS
orFeaturePlan.PLUS
Default: false
- See:
https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html
- ExampleMetadata:
infused
Example:
cognito.UserPool(self, "myuserpool", # ... mfa=cognito.Mfa.REQUIRED, mfa_second_factor=cognito.MfaSecondFactor( sms=True, otp=True, email=False ) )
Attributes
- email
The MFA token is sent to the user via EMAIL.
To enable email-based MFA, set
email
property to the Amazon SES email-sending configuration and setfeturePlan
toFeaturePlan.ESSENTIALS
orFeaturePlan.PLUS
- otp
The MFA token is a time-based one time password that is generated by a hardware or software token.
- sms
The MFA token is sent to the user via SMS to their verified phone numbers.