MfaSecondFactor

class aws_cdk.aws_cognito.MfaSecondFactor(*, otp, sms)

Bases: object

The different ways in which a user pool can obtain their MFA token for sign in.

Parameters:

• otp (bool) – The MFA token is a time-based one time password that is generated by a hardware or software token. Default: false

• sms (bool) – The MFA token is sent to the user via SMS to their verified phone numbers. Default: true

See:

https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html

ExampleMetadata:

infused

Example:

cognito.UserPool(self, "myuserpool",
    # ...
    mfa=cognito.Mfa.REQUIRED,
    mfa_second_factor=cognito.MfaSecondFactor(
        sms=True,
        otp=True
    )
)

Attributes

otp

The MFA token is a time-based one time password that is generated by a hardware or software token.

Default:

false

See:

https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-totp.html

sms

The MFA token is sent to the user via SMS to their verified phone numbers.

Default:

true

See:

https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-sms-text-message.html