Amazon Cognito
Developer Guide

Requiring Imported Users to Reset Their Passwords

The first time each imported user signs in, he or she is required to enter a new password as follows:

Requiring imported users to reset their passwords

  1. The user attempts to sign in, providing username and password (via GetAuthenticationDetails or InitiateAuth).

  2. Amazon Cognito returns PasswordResetRequiredException.

  3. The app should direct the user into the ForgotPassword flow as outlined in the following procedure:

    1. The app calls ForgotPassword(username).

    2. Amazon Cognito sends a code to the verified email or phone number (depending on what you have provided in the .csv file for that user) and indicates to the app where the code was sent in the response to the ForgotPassword request.


      For sending reset password codes, it is important that your user pool has phone number or email verification turned on.

    3. The app indicates to the user that a code was sent and where the code was sent, and the app provides a UI to enter the code and a new password.

    4. The user enters the code and new password in the app.

    5. The app calls ConfirmForgotPassword(code, password), which, if successful, sets the new password.

    6. The app should now direct the user to a sign-in page.