Send email OTP for users created from API - AWS IAM Identity Center (successor to AWS Single Sign-On)

Send email OTP for users created from API

When you create users with the CreateUser API operation, they do not have passwords. You can change this by electing to send users an email one-time password (OTP) when they're created with the API. Users receive the email OTP when they first attempt to sign in. After receiving the email OTP, when a user signs in, they must set a new password. If you don’t enable this setting, then you must generate and share OTP with the users that you create using the CreateUser API.

To send email OTP to users created with the CreateUser API
  1. Open the IAM Identity Center console.

  2. Choose Settings.

  3. On the Settings page, choose the Authentication tab.

  4. In the Standard authentication section, choose Configure.

  5. A dialog box appears. Check the box next to Send email OTP. Then, choose Save. The status updates from Disabled to Enabled.