Pre Sign-up Lambda Trigger
The pre sign-up Lambda function is triggered just before Amazon Cognito signs up a new user. It allows you to perform custom validation to accept or deny the registration request as part of the sign-up process.
Topics
Pre Sign-up Lambda Flows
Client Sign-up Flow

Server Sign-up Flow

The request includes validation data from the client which comes from the
ValidationData
values passed to the user pool SignUp and
AdminCreateUser API methods.
Pre Sign-up Lambda Trigger Parameters
These are the parameters required by this Lambda function in addition to the common parameters.
Pre Sign-up Request Parameters
- userAttributes
-
One or more name-value pairs representing user attributes. The attribute names are the keys.
- validationData
-
One or more name-value pairs containing the validation data in the request to register a user. The validation data is set and then passed from the client in the request to register a user. You can pass this data to your Lambda function by using the ClientMetadata parameter in the InitiateAuth and AdminInitiateAuth API actions.
- clientMetadata
-
One or more key-value pairs that you can provide as custom input to the Lambda function that you specify for the pre sign-up trigger. You can pass this data to your Lambda function by using the ClientMetadata parameter in the following API actions: AdminCreateUser, AdminRespondToAuthChallenge, ForgotPassword, and SignUp.
Pre Sign-up Response Parameters
In the response, you can set autoConfirmUser
to true
if
you want to auto-confirm the user. You can set autoVerifyEmail
to
true
to auto-verify the user's email. You can set
autoVerifyPhone
to true
to auto-verify the user's
phone number.
- autoConfirmUser
-
Set to
true
to auto-confirm the user, orfalse
otherwise. - autoVerifyEmail
-
Set to
true
to set as verified the email of a user who is signing up, orfalse
otherwise. IfautoVerifyEmail
is set totrue
, theemail
attribute must have a valid, non-null value. Otherwise an error will occur and the user will not be able to complete sign-up.If the
email
attribute is selected as an alias, an alias will be created for the user's email whenautoVerifyEmail
is set. If an alias with that email already exists, the alias will be moved to the new user and the previous user's email will be marked as unverified. For more information, see Overview of Aliases. - autoVerifyPhone
-
Set to
true
to set as verified the phone number of a user who is signing up, orfalse
otherwise. IfautoVerifyPhone
is set totrue
, thephone_number
attribute must have a valid, non-null value. Otherwise an error will occur and the user will not be able to complete sign-up.If the
phone_number
attribute is selected as an alias, an alias will be created for the user's phone number whenautoVerifyPhone
is set. If an alias with that phone number already exists, the alias will be moved to the new user and the previous user's phone number will be marked as unverified. For more information, see Overview of Aliases.
Sign-up Tutorials
The pre sign-up Lambda function is triggered before user sign-up. See these Amazon Cognito sign-up tutorials for JavaScript, Android, and iOS.
Platform | Tutorial |
---|---|
JavaScript Identity SDK | Sign up users with JavaScript |
Android Identity SDK | Sign up users with Android |
iOS Identity SDK | Sign up users with iOS |
Pre Sign-up Example: Auto-Confirm Users from a Registered Domain
With the pre sign-up Lambda trigger, You can add custom logic to validate new users signing up for your user pool. This is a sample JavaScript program that demonstrates how to sign up a new user. It will invoke a pre sign-up Lambda trigger as part of the authentication.
This is a sample Lambda trigger called just before sign-up with the user pool pre sign-up Lambda trigger. It uses a custom attribute custom:domain to automatically confirm new users from a particular email domain. Any new users not in the custom domain will be added to the user pool, but not automatically confirmed.
Amazon Cognito passes event information to your Lambda function. The function then returns the same event object back to Amazon Cognito, with any changes in the response. In the Lambda console, you can set up a test event with data that’s relevant to your Lambda trigger. The following is a test event for this code sample:
Pre Sign-up Example: Auto-Confirm and Auto-Verify all Users
This example confirms all users and sets the user's email
and
phone_number
attributes to verified if the attribute is present. Also,
if aliasing is enabled, aliases will be created for phone_number
and
email
when auto-verify is set.
If an alias with the same phone number already exists, the alias will be moved to
the new user, and the previous user's phone_number
will be marked as
unverified. The same is true for email addresses. To prevent this from happening,
you can use the user pools ListUsers API to see if there is an existing user who is already using
the new user's phone number or email address as an alias.
Amazon Cognito passes event information to your Lambda function. The function then returns the same event object back to Amazon Cognito, with any changes in the response. In the Lambda console, you can set up a test event with data that’s relevant to your Lambda trigger. The following is a test event for this code sample: