Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional step to receive OTP just after SMS MFA enables (not for marking the phone number as verified). #14159

Open
2 tasks
UdithWijegunavardhana opened this issue Jan 23, 2025 · 1 comment
Open
2 tasks

Additional step to receive OTP just after SMS MFA enables (not for marking the phone number as verified). #14159

UdithWijegunavardhana opened this issue Jan 23, 2025 · 1 comment
Labels
Auth Related to Auth components/category feature-request Request a new feature

Comments

@UdithWijegunavardhana
Copy link

UdithWijegunavardhana commented Jan 23, 2025
edited
Loading

Is this related to a new or existing framework?

React, React Native

Is this related to a new or existing API?

Authentication

Is this related to another service?

Cognito MFA

Describe the feature you'd like to request

I'm working with MFA for couple of weeks and implemented the SMS MFA for the client application. There are some additional requirement form the client to add another step to receive and enter the OTP just after enabling MFA for better sense for the users.

The current flow of enabling MFA according to your documentations is just only enables MFA status by calling updateMFAPreference({ sms: 'ENABLED' }) , and it not provides such kind of step to receive the code. (Correct me if I'm wrong and if it has such kind of way)

To receive the code we need to sign-out the user and sign-in back by calling signIn({ username: values.email, password: values.password })

I tried various ways to trigger this and get the code by calling signIn({ username: values.email, password: values.password }) again, adding some post auth Lambda triggers as well. But I'm still unable to match the functionality with the requirement.

This is not just to be verified the phone number. The additional step is required by the client each and every time when user enabling MFA. It may be whether the phone number verified or not.

Describe the solution you'd like

We' would like and suggest you to have optional nextStep to updateMFAPreference method that can be managed according to the user needs to receive OTP code just after enabling MFA, just like doing in signIn method:
const { isSignedIn, nextStep } = await signIn({ username: values.email, password: values.password })

Describe alternatives you've considered

I tried various ways to trigger this and get the code by calling signIn({ username: values.email, password: values.password }) again, adding some post auth Lambda triggers as well.

Additional context

No response

Is this something that you'd be interested in working on?

  • 👋 I may be able to implement this feature request
  • ⚠️ This feature might incur a breaking change
@github-actions github-actions bot added pending-triage Issue is pending triage pending-maintainer-response Issue is pending a response from the Amplify team. labels Jan 23, 2025
@UdithWijegunavardhana UdithWijegunavardhana changed the title Additional step to receive OTP (not for marking the phone number as verified) just after SMS MFA enables. Additional step to receive OTP just after SMS MFA enables (not for marking the phone number as verified). Jan 23, 2025
@HuiSF HuiSF added the Auth Related to Auth components/category label Jan 24, 2025
@HuiSF
Copy link
Member

HuiSF commented Jan 24, 2025

Hi @UdithWijegunavardhana thank you very much for opening this request with detailed explanation, we will look into this.

@github-actions github-actions bot removed the pending-maintainer-response Issue is pending a response from the Amplify team. label Jan 24, 2025
@HuiSF HuiSF added feature-request Request a new feature pending-maintainer-response Issue is pending a response from the Amplify team. labels Jan 24, 2025
@github-actions github-actions bot removed the pending-triage Issue is pending triage label Jan 24, 2025
@HuiSF HuiSF removed the pending-maintainer-response Issue is pending a response from the Amplify team. label Jan 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Auth Related to Auth components/category feature-request Request a new feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@HuiSF @UdithWijegunavardhana