AWS Code Sample
Catalog

lambda-trigger-migrate-user.js

This example Lambda function migrates the user with an existing password and suppresses the welcome message from Amazon Cognito.

// Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. // // This file is licensed under the Apache License, Version 2.0 (the "License"). // You may not use this file except in compliance with the License. A copy of // the License is located at // // http://aws.amazon.com/apache2.0/ // // This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR // CONDITIONS OF ANY KIND, either express or implied. See the License for the // specific language governing permissions and limitations under the License. exports.handler = (event, context, callback) => { var user; if ( event.triggerSource == "UserMigration_Authentication" ) { // authenticate the user with your existing user directory service user = authenticateUser(event.userName, event.request.password); if ( user ) { event.response.userAttributes = { "email": user.emailAddress, "email_verified": "true" }; event.response.finalUserStatus = "CONFIRMED"; event.response.messageAction = "SUPPRESS"; context.succeed(event); } else { // Return error to Amazon Cognito callback("Bad password"); } } else if ( event.triggerSource == "UserMigration_ForgotPassword" ) { // Lookup the user in your existing user directory service user = lookupUser(event.userName); if ( user ) { event.response.userAttributes = { "email": user.emailAddress, // required to enable password-reset code to be sent to user "email_verified": "true" }; event.response.messageAction = "SUPPRESS"; context.succeed(event); } else { // Return error to Amazon Cognito callback("Bad password"); } } else { // Return error to Amazon Cognito callback("Bad triggerSource " + event.triggerSource); } };

Sample Details

Service: cognito-idp

Last tested: 2019-01-30

Author: AWS

Type: full-example

On this page: